公开(公告)号：US08286258B2

公开(公告)日：2012-10-09

申请号：US12631546

申请日：2009-12-04

申请人： Chin-Wei Tien ,  Yao-Ting Chung ,  Chih-Hung Lin ,  Jain-Shing Wu

发明人： Chin-Wei Tien ,  Yao-Ting Chung ,  Chih-Hung Lin ,  Jain-Shing Wu

IPC分类号： H04L29/06

CPC分类号： G06F21/554 ,  G06F21/6263

摘要： A monitor method and a monitor apparatus for monitoring a data of hardware are provided. The data has private information, identification information and at least one first network transmission address. The monitor apparatus comprises a storage unit and a processing unit. The data is stored in the storage unit according to the identification information. The processing unit is configured to record the identification information and the at least one first network transmission address of the data in a mark information table. In response to a sending system call, when a transmission is arranged to transmit the private information of the data to a second network transmission address which is different from the at least one first network transmission address, the processing unit will output a signal to cease the transmission.

摘要翻译： 提供了一种用于监视硬件数据的监视方法和监视装置。 数据具有私人信息，识别信息和至少一个第一网络传输地址。 监视器装置包括存储单元和处理单元。 数据根据识别信息存储在存储单元中。 处理单元被配置为将标识信息和数据的至少一个第一网络传输地址记录在标记信息表中。 响应于发送系统呼叫，当发送被设置为将数据的私有信息发送到与至少一个第一网络发送地址不同的第二网络发送地址时，处理单元将输出信号以停止 传输。

公开(公告)号：US08490192B2

公开(公告)日：2013-07-16

申请号：US12571447

申请日：2009-10-01

申请人： Shih-Yao Dai ,  Yu-Chen Chang ,  Jain-Shing Wu ,  Chih-Hung Lin ,  Yen-Nun Huang ,  Sy-Yen Kuo

发明人： Shih-Yao Dai ,  Yu-Chen Chang ,  Jain-Shing Wu ,  Chih-Hung Lin ,  Yen-Nun Huang ,  Sy-Yen Kuo

IPC分类号： G06F12/14

CPC分类号： G06F21/56 ,  G06F21/568

摘要： A method and a system for cleaning malicious software (malware), a computer program product, and a storage medium are provided. A relation graph is established to associate processes in an operating system and related elements. A node marking action is performed on the relation graph when a predetermined condition is satisfied. The node corresponding to a malicious process and its related nodes are marked with a first label. The nodes of other normal processes and their related nodes are marked with a second label. Then, those nodes marked with both the first label and the second label are screened, so that each of the nodes is marked with only the first label or the second label. Finally, the processes and elements corresponding to the nodes marked with the first label are removed.

摘要翻译： 提供了一种用于清洁恶意软件（恶意软件），计算机程序产品和存储介质的方法和系统。 建立关系图以将操作系统中的过程和相关元素相关联。 当满足预定条件时，在关系图上执行节点标记动作。 对应于恶意进程的节点及其相关节点标有第一个标签。 其他正常进程的节点及其相关节点标有第二个标签。 然后，屏蔽标记有第一标签和第二标签的节点，使得每个节点仅标记第一标签或第二标签。 最后，删除与标记有第一个标签的节点对应的进程和元素。

公开(公告)号：US20110023120A1

公开(公告)日：2011-01-27

申请号：US12571447

申请日：2009-10-01

申请人： Shih-Yao Dai ,  Yu-Chen Chang ,  Jain-Shing Wu ,  Chih-Hung Lin ,  Yen-Nun Huang ,  Sy-Yen Kuo

发明人： Shih-Yao Dai ,  Yu-Chen Chang ,  Jain-Shing Wu ,  Chih-Hung Lin ,  Yen-Nun Huang ,  Sy-Yen Kuo

IPC分类号： G06F12/14

CPC分类号： G06F21/56 ,  G06F21/568

摘要： A method and a system for cleaning malicious software (malware), a computer program product, and a storage medium are provided. A relation graph is established to associate processes in an operating system and related elements. A node marking action is performed on the relation graph when a predetermined condition is satisfied. The node corresponding to a malicious process and its related nodes are marked with a first label. The nodes of other normal processes and their related nodes are marked with a second label. Then, those nodes marked with both the first label and the second label are screened, so that each of the nodes is marked with only the first label or the second label. Finally, the processes and elements corresponding to the nodes marked with the first label are removed.

摘要翻译： 提供了一种用于清洁恶意软件（恶意软件），计算机程序产品和存储介质的方法和系统。 建立关系图以将操作系统中的过程和相关元素相关联。 当满足预定条件时，在关系图上执行节点标记动作。 对应于恶意进程的节点及其相关节点标有第一个标签。 其他正常进程的节点及其相关节点标有第二个标签。 然后，屏蔽标记有第一标签和第二标签的节点，使得每个节点仅标记第一标签或第二标签。 最后，删除与标记有第一个标签的节点对应的进程和元素。

公开(公告)号：US08516581B2

公开(公告)日：2013-08-20

申请号：US13323863

申请日：2011-12-13

申请人： Fu-Hau Hsu ,  Shih-Jen Chen ,  Chien-Ting Kuo ,  Jain-Shing Wu ,  Chuan-Sheng Wang

发明人： Fu-Hau Hsu ,  Shih-Jen Chen ,  Chien-Ting Kuo ,  Jain-Shing Wu ,  Chuan-Sheng Wang

IPC分类号： G06F11/00 ,  G06F11/30 ,  H04L29/06

CPC分类号： H04L67/02 ,  H04L51/12 ,  H04L51/32 ,  H04L63/1483

摘要： A phishing processing method includes: an information input web page comprising an information input interface, through which information is transmitted to an information receiving address, is received. Determine if the information input web page is a phishing web page. If it is determined that the information input web page is the phishing web page, fake input information is transmitted to the information receiving address. When information for verification is received from an information transmitting address, if the received information for verification is the fake input information is determined. If the received information for verification is the fake input information, it is determined that the information transmitting address is a malicious address.

摘要翻译： 网络钓鱼处理方法包括：接收信息输入网页，其包括信息输入接口，通过该信息输入接口向信息接收地址发送信息。 确定信息输入网页是否是网络钓鱼网页。 如果确定信息输入网页是网络钓鱼网页，则将假输入信息发送到信息接收地址。 当从信息发送地址接收到用于验证的信息时，如果所接收的用于验证的信息是假输入信息被确定。 如果接收到的用于验证的信息是假输入信息，则确定信息发送地址是恶意地址。

公开(公告)号：US20120131675A1

公开(公告)日：2012-05-24

申请号：US12968735

申请日：2010-12-15

申请人： Shih-Yao DAI ,  Yu-Chen Chang ,  Jain-Shing Wu ,  Jui-Fa Chen ,  Sy-Yen Kuo

发明人： Shih-Yao DAI ,  Yu-Chen Chang ,  Jain-Shing Wu ,  Jui-Fa Chen ,  Sy-Yen Kuo

IPC分类号： G06F21/00

CPC分类号： G06F21/577 ,  G06F21/56

摘要： A server, a user device, and a malware detection method thereof are provided. The server connects with the user device via a network, and records execution records of the user device. Based on the history of the execution records of the user device, the server can detect whether the user device has malwares or not accordingly.

摘要翻译： 提供了服务器，用户设备和恶意软件检测方法。 服务器通过网络与用户设备连接，记录用户设备的执行记录。 基于用户设备的执行记录的历史，服务器可以相应地检测用户设备是否具有恶意软件。

公开(公告)号：US07185291B2

公开(公告)日：2007-02-27

申请号：US10377652

申请日：2003-03-04

申请人： Chin-Wang Wu ,  Jain-Shing Wu

发明人： Chin-Wang Wu ,  Jain-Shing Wu

IPC分类号： G06F17/00 ,  G09G5/00

CPC分类号： G06F17/24 ,  G06F3/04883

摘要： The present invention relates to a computer with a touch screen, and the user can execute one of “undo”, “cut”, “copy” and “paste” editing commands by a continuous stroke movement to increase the input operational efficiency. For example, after marking an area on the screen, if the subsequent stroke is moved downwards, the “cut” operation is performed, and if the subsequent stroke is moved upwards, the “copy” operation is performed. Furthermore, when the user stops the stroke at a predetermined position, if the subsequent stroke is moved towards the right, the “paste” operation is performed, and if the subsequent stroke is moved towards the left, the “undo” operation is performed.

摘要翻译： 本发明涉及具有触摸屏的计算机，并且用户可以通过连续的行程移动执行“撤消”，“剪切”，“复制”和“粘贴”编辑命令中的一个以增加输入操作效率。 例如，在屏幕上标记区域之后，如果随后的行程向下移动，则执行“切割”操作，并且如果随后的行程向上移动，则执行“复制”操作。 此外，当用户在预定位置停止行程时，如果随后的行程向右移动，则执行“粘贴”操作，并且如果随后的行程向左移动，则执行“撤销”操作。

公开(公告)号：US20120117647A1

公开(公告)日：2012-05-10

申请号：US12961605

申请日：2010-12-07

申请人： Shih-Jen Chen ,  Jain-Shing Wu ,  Fu-Hau Hsu ,  Chia-Jun Lin

发明人： Shih-Jen Chen ,  Jain-Shing Wu ,  Fu-Hau Hsu ,  Chia-Jun Lin

IPC分类号： G06F11/00

CPC分类号： G06F21/568

摘要： A computer worm curing system includes a string receiving module, a string generating module and a string replying module. The string receiving module receives an infected string, which is generated by a computer worm, from an infected host, which is infected by the computer worm, through a network. The infected string includes a shellcode, and the shellcode is executed utilizing a vulnerable process. The string generating module generates a curing code for curing the computer worm, and replaces the shellcode in the infected string with the curing code to generate a curing string, such that the curing string can be executed utilizing the vulnerable process. The string replying module replies the curing string to the infected host, such that the curing code of the curing string can be executed utilizing the vulnerable process of the infected host to cure the infected host of the computer worm.

摘要翻译： 计算机蠕虫固化系统包括串接收模块，字符串生成模块和字符串应答模块。 字符串接收模块通过网络从受感染的主机（由计算机蠕虫感染）接收由计算机蠕虫产生的感染字符串。 受感染的字符串包括一个shellcode，并且shellcode是使用一个易受攻击的进程执行的。 字符串生成模块生成用于固化计算机蠕虫的固化代码，并用固化代码替换感染字符串中的shellcode以生成固化串，使得可以使用易受攻击的过程来执行固化串。 字符串回复模块将固化字符串回复到感染的主机，使得可以利用受感染主机的易受攻击的程序来执行固化字符串的固化代码，以治愈受感染的计算机蠕虫主机。

公开(公告)号：US08832838B2

公开(公告)日：2014-09-09

申请号：US12961605

申请日：2010-12-07

申请人： Shih-Jen Chen ,  Jain-Shing Wu ,  Fu-Hau Hsu ,  Chia-Jun Lin

发明人： Shih-Jen Chen ,  Jain-Shing Wu ,  Fu-Hau Hsu ,  Chia-Jun Lin

IPC分类号： H04L21/00 ,  G06F21/56

CPC分类号： G06F21/568

摘要： A computer worm curing system includes a string receiving module, a string generating module and a string replying module. The string receiving module receives an infected string, which is generated by a computer worm, from an infected host, which is infected by the computer worm, through a network. The infected string includes a shellcode, and the shellcode is executed utilizing a vulnerable process. The string generating module generates a curing code for curing the computer worm, and replaces the shellcode in the infected string with the curing code to generate a curing string, such that the curing string can be executed utilizing the vulnerable process. The string replying module replies the curing string to the infected host, such that the curing code of the curing string can be executed utilizing the vulnerable process of the infected host to cure the infected host of the computer worm.

摘要翻译： 计算机蠕虫固化系统包括串接收模块，字符串生成模块和字符串应答模块。 字符串接收模块通过网络从受感染的主机（由计算机蠕虫感染）接收由计算机蠕虫产生的感染字符串。 受感染的字符串包括一个shellcode，并且shellcode是使用一个易受攻击的进程执行的。 字符串生成模块生成用于固化计算机蠕虫的固化代码，并用固化代码替换感染字符串中的shellcode以生成固化串，使得可以使用易受攻击的过程来执行固化串。 字符串回复模块将固化字符串回复到感染的主机，使得可以利用受感染主机的易受攻击的程序来执行固化字符串的固化代码，以治愈受感染的计算机蠕虫主机。

公开(公告)号：US20130145462A1

公开(公告)日：2013-06-06

申请号：US13323863

申请日：2011-12-13

申请人： Fu-Hau Hsu ,  Shih-Jen Chen ,  Chien-Ting Kuo ,  Jain-Shing Wu ,  Chuan-Sheng Wang

发明人： Fu-Hau Hsu ,  Shih-Jen Chen ,  Chien-Ting Kuo ,  Jain-Shing Wu ,  Chuan-Sheng Wang

IPC分类号： G06F21/00

CPC分类号： H04L67/02 ,  H04L51/12 ,  H04L51/32 ,  H04L63/1483

摘要： A phishing processing method includes: an information input web page comprising an information input interface, through which information is transmitted to an information receiving address, is received. Determine if the information input web page is a phishing web page. If it is determined that the information input web page is the phishing web page, fake input information is transmitted to the information receiving address. When information for verification is received from an information transmitting address, if the received information for verification is the fake input information is determined. If the received information for verification is the fake input information, it is determined that the information transmitting address is a malicious address.

摘要翻译： 网络钓鱼处理方法包括：接收信息输入网页，其包括信息输入接口，通过该信息输入接口向信息接收地址发送信息。 确定信息输入网页是否是网络钓鱼网页。 如果确定信息输入网页是网络钓鱼网页，则将假输入信息发送到信息接收地址。 当从信息发送地址接收到用于验证的信息时，如果所接收的用于验证的信息是假输入信息被确定。 如果接收到的用于验证的信息是假输入信息，则确定信息发送地址是恶意地址。

公开(公告)号：US08453244B2

公开(公告)日：2013-05-28

申请号：US12968735

申请日：2010-12-15

申请人： Shih-Yao Dai ,  Yu-Chen Chang ,  Jain-Shing Wu ,  Jui-Fa Chen ,  Sy-Yen Kuo

发明人： Shih-Yao Dai ,  Yu-Chen Chang ,  Jain-Shing Wu ,  Jui-Fa Chen ,  Sy-Yen Kuo

IPC分类号： G06F11/00 ,  G06F11/30

CPC分类号： G06F21/577 ,  G06F21/56

摘要： A server, a user device, and a malware detection method thereof are provided. The server connects with the user device via a network, and records execution records of the user device. Based on the history of the execution records of the user device, the server can detect whether the user device has malwares or not accordingly.

摘要翻译： 提供了服务器，用户设备和恶意软件检测方法。 服务器通过网络与用户设备连接，记录用户设备的执行记录。 基于用户设备的执行记录的历史，服务器可以相应地检测用户设备是否具有恶意软件。