利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

6 条记录 (耗时 0.012 秒)

    Strongly isolated malware scanning using secure virtual containers
    1.
    发明授权
    Strongly isolated malware scanning using secure virtual containers 有权
    使用安全虚拟容器强行隔离的恶意软件扫描

    公开(公告)号:US09117081B2

    公开(公告)日:2015-08-25

    申请号:US14135902

    申请日:2013-12-20

    申请人: Bitdefender IPR Management Ltd.

    发明人: Sandor Lukacs Cristian B. Sirb Dan H. Lutas Adrian V. Colesa

    IPC分类号: G06F9/45 G06F21/56 G06F9/46

    CPC分类号: G06F9/461 G06F21/53 G06F21/566

    摘要: Described systems and methods allow protecting a host system, such as a computer or smartphone, from malware. In some embodiments, an anti-malware application installs a hypervisor, which displaces an operating system executing on the host system to a guest virtual machine (VM). The hypervisor further creates a set of virtual containers (VC), by setting up a memory domain for each VC, isolated from the memory domain of the guest VM. The hypervisor then maps a memory image of a malware scanner to each VC. When a target object is selected for scanning, the anti-malware application launches the malware scanner. Upon intercepting the launch, the hypervisor switches the memory context of the malware scanner to the memory domain of a selected VC, for the duration of the scan. Thus, malware scanning is performed within an isolated environment.

    摘要翻译: 描述的系统和方法允许保护诸如计算机或智能电话的主机系统免于恶意软件。 在一些实施例中,反恶意软件应用程序安装管理程序,其将在主机系统上执行的操作系统移动到来宾虚拟机(VM)。 管理程序进一步创建一组虚拟容器(VC),通过为访客虚拟机的内存域隔离设置每个VC的内存域。 管理程序然后将恶意软件扫描程序的内存映像映射到每个VC。 选择目标对象进行扫描时,反恶意软件应用程序会启动恶意软件扫描程序。 在拦截启动时,管理程序在扫描期间将恶意软件扫描程序的内存上下文切换到所选VC的内存域。 因此,在孤立的环境中执行恶意软件扫描。

    Bare-metal computer security appliance
    3.
    发明授权
    Bare-metal computer security appliance 有权
    裸机电脑安全电器

    公开(公告)号:US09383934B1

    公开(公告)日:2016-07-05

    申请号:US14661423

    申请日:2015-03-18

    申请人: Bitdefender IPR Management Ltd.

    发明人: Sandor Lukacs Adrian V. Colesa

    IPC分类号: G06F12/14 G06F3/06

    CPC分类号: G06F21/567 G06F3/0619 G06F3/0622 G06F3/0634 G06F3/065 G06F3/067 G06F3/0673 G06F12/1433 G06F13/24 G06F21/562 G06F21/566 G06F2212/1052 G06F2221/034 G06F2221/2105

    摘要: Described systems and methods allow conducting computer security operations, such as detecting malware and spyware, in a bare-metal computer system. In some embodiments, a first processor of a computer system executes the code samples under assessment, whereas a second, distinct processor is used to carry out the assessment and to control various hardware components involved in the assessment. Such hardware components include, among others, a memory shadower configured to detect changes to a memory connected to the first processor, and a storage shadower configured to detect an attempt to write to a non-volatile storage device of the computer system.

    摘要翻译: 描述的系统和方法允许在裸机计算机系统中进行计算机安全操作,例如检测恶意软件和间谍软件。 在一些实施例中,计算机系统的第一处理器执行待评估的代码样本,而第二个不同的处理器用于执行评估并控制评估中涉及的各种硬件组件。 这样的硬件组件包括被配置为检测连接到第一处理器的存储器的变化的存储器shadower,以及被配置为检测写入计算机系统的非易失性存储设备的尝试的存储shadower。

    Below-OS security solution for distributed network endpoints
    4.
    发明授权
    Below-OS security solution for distributed network endpoints 有权
    分布式网络端点的以下操作系统安全解决方案

    公开(公告)号:US09319380B2

    公开(公告)日:2016-04-19

    申请号:US14221158

    申请日:2014-03-20

    申请人: Bitdefender IPR Management Ltd.

    发明人: Sandor Lukacs Adrian V. Colesa

    IPC分类号: H04L29/06 G06F9/44 G06F21/57

    CPC分类号: H04L63/0209 G06F9/4406 G06F21/57 G06F21/575 H04L63/14

    摘要: Described systems and methods allow protecting a client system, such as a computer system or smartphone, from malware. In some embodiments, a network regulator device is used to distribute a bootable image of a hypervisor, on demand, to each of a set of client systems connected to a network. After booting on a client system, the hypervisor loads the local OS and applications into a virtual machine. Integrity measurements of the hypervisor and/or OS are sent to the network regulator for verification. When the network regulator determines that software executing on a client system, such as the hypervisor and/or the OS, are not in a trusted state, the network regulator may block access of the respective client system to the network.

    摘要翻译: 描述的系统和方法允许保护诸如计算机系统或智能电话的客户端系统免于恶意软件。 在一些实施例中,网络调节器设备用于根据需要将管理程序的可启动映像分发到连接到网络的一组客户端系统中的每一个。 在客户机系统启动后,虚拟机管理程序将本地操作系统和应用程序加载到虚拟机中。 管理程序和/或OS的完整性测量被发送到网络调节器进行验证。 当网络调节器确定在诸如虚拟机管理程序和/或OS的客户端系统上执行的软件不处于可信状态时,网络调节器可以阻止相应客户端系统到网络的访问。

    Enabling a secure environment through operating system switching
    6.
    发明授权
    Enabling a secure environment through operating system switching 有权
    通过操作系统切换启用安全环境

    公开(公告)号:US09563457B2

    公开(公告)日:2017-02-07

    申请号:US14082478

    申请日:2013-11-18

    申请人: Bitdefender IPR Management Ltd.

    发明人: Sandor Lukacs Radu I. Ciocas Vlad I. Topan Adrian V. Colesa Raul V. Tosa

    IPC分类号: G06F9/455 G06F9/48

    CPC分类号: G06F9/45558 G06F9/4843 G06F2009/45587

    摘要: Described systems and methods allow a host system, such as a computer or a smartphone, to enable a secure environment, which can be used to carry out secure communications with a remote service provider, for applications such as online banking, e-commerce, private messaging, and online gaming, among others. A hypervisor oversees a switch between an insecure environment and the secure environment, in response to a user input, or in response to an event such as receiving a telephone call. Switching from the insecure to the secure environment comprises transitioning the insecure environment to a sleeping state and loading the secure environment from a memory image (snapshot) saved to disk, after checking the integrity of the snapshot. Switching from the secure to the insecure environment comprises transitioning the secure environment into a sleeping state and waking up the insecure environment.

    摘要翻译: 描述的系统和方法允许诸如计算机或智能电话的主机系统实现可用于与远程服务提供商进行安全通信的安全环境,用于诸如网络银行,电子商务,私人的应用 消息传递和在线游戏等。 管理程序监视不安全环境和安全环境之间的切换,响应于用户输入,或响应于诸如接收电话呼叫的事件。 从不安全切换到安全环境包括在检查快照的完整性后,将不安全环境转换到睡眠状态,并将安全环境从保存到磁盘的存储器映像(快照)加载。 从安全环境转移到不安全的环境包括将安全环境转变为睡眠状态并唤醒不安全的环境。