-
公开(公告)号:US09043903B2
公开(公告)日:2015-05-26
申请号:US13492672
申请日:2012-06-08
CPC分类号: G06F21/566 , G06F9/46 , G06F21/554 , G06F21/56 , G06F21/567 , G06F21/568 , G06F2221/034 , G06N5/04 , H04L41/0803 , H04L63/0245 , H04L63/1441
摘要: A kernel-level security agent is described herein. The kernel-level security agent is configured to observe events, filter the observed events using configurable filters, route the filtered events to one or more event consumers, and utilize the one or more event consumers to take action based at least on one of the filtered events. In some implementations, the kernel-level security agent detects a first action associated with malicious code, gathers data about the malicious code, and in response to detecting subsequent action(s) of the malicious code, performs a preventative action. The kernel-level security agent may also deceive an adversary associated with malicious code. Further, the kernel-level security agent may utilize a model representing chains of execution activities and may take action based on those chains of execution activities.
摘要翻译: 本文描述了内核级安全性代理。 内核级安全性代理被配置为观察事件,使用可配置的过滤器过滤观察到的事件,将过滤的事件路由到一个或多个事件消费者,并且利用一个或多个事件消费者至少基于一个被过滤的事件消费者采取行动 事件 在一些实现中,内核级安全代理检测与恶意代码相关联的第一动作,收集关于恶意代码的数据,并且响应于检测到后续的恶意代码动作,执行预防措施。 内核级安全代理也可能欺骗与恶意代码相关联的对手。 此外,内核级安全代理可以使用表示执行活动链的模型,并且可以基于执行活动链执行动作。
-
公开(公告)号:US20130333040A1
公开(公告)日:2013-12-12
申请号:US13492672
申请日:2012-06-08
IPC分类号: G06F21/00
CPC分类号: G06F21/566 , G06F9/46 , G06F21/554 , G06F21/56 , G06F21/567 , G06F21/568 , G06F2221/034 , G06N5/04 , H04L41/0803 , H04L63/0245 , H04L63/1441
摘要: A kernel-level security agent is described herein. The kernel-level security agent is configured to observe events, filter the observed events using configurable filters, route the filtered events to one or more event consumers, and utilize the one or more event consumers to take action based at least on one of the filtered events. In some implementations, the kernel-level security agent detects a first action associated with malicious code, gathers data about the malicious code, and in response to detecting subsequent action(s) of the malicious code, performs a preventative action. The kernel-level security agent may also deceive an adversary associated with malicious code. Further, the kernel-level security agent may utilize a model representing chains of execution activities and may take action based on those chains of execution activities.
-
公开(公告)号:US09292881B2
公开(公告)日:2016-03-22
申请号:US13538439
申请日:2012-06-29
CPC分类号: G06Q50/01 , G06Q10/00 , H04L63/104 , H04L63/107 , H04L63/14 , H04L63/1441 , H04L63/20
摘要: Techniques for social sharing security information between client entities forming a group are described herein. The group of client entities is formed as a result of a security server providing one or more secure mechanisms for forming a group among client entities, the client entities each belonging to a different organization. The security service then automatically shares security information of a client entity in the group with one or more other client entities in the group.
摘要翻译: 本文描述了形成组的客户实体之间的用于社交共享安全信息的技术。 客户端实体组由安全服务器的结果形成,该安全服务器提供一个或多个安全机制,用于在客户端实体之间形成组,每个属于不同组织的客户实体。 然后,安全服务自动与组中的一个或多个其他客户端实体共享组中的客户端实体的安全信息。
-
公开(公告)号:US20140007190A1
公开(公告)日:2014-01-02
申请号:US13538439
申请日:2012-06-29
IPC分类号: G06F21/00
CPC分类号: G06Q50/01 , G06Q10/00 , H04L63/104 , H04L63/107 , H04L63/14 , H04L63/1441 , H04L63/20
摘要: Techniques for social sharing security information between client entities forming a group are described herein. The group of client entities is formed as a result of a security server providing one or more secure mechanisms for forming a group among client entities, the client entities each belonging to a different organization. The security service then automatically shares security information of a client entity in the group with one or more other client entities in the group.
摘要翻译: 本文描述了形成组的客户实体之间的用于社交共享安全信息的技术。 客户端实体组由安全服务器的结果形成,该安全服务器提供一个或多个安全机制,用于在客户端实体之间形成组,每个属于不同组织的客户实体。 然后,安全服务自动与组中的一个或多个其他客户端实体共享组中的客户端实体的安全信息。
-
-
-
搜索结果
4 条记录 (耗时 0.023 秒)
