-
1.发明授权System and method for protecting integrity of alterable ROM using digital signatures 失效使用数字签名保护可变ROM的完整性的系统和方法
公开(公告)号:US5802592A
公开(公告)日:1998-09-01
申请号:US656626
申请日:1996-05-31
CPC分类号: G06F11/1004 , G06F21/572 , G06F21/64 , G06F9/4401 , G06F2201/83 , G06F2211/008 , G06F2211/1097
摘要: A system and method for verifying the integrity of a computer system's BIOS programs stored in alterable read only memory (such as FLASH ROM), and preventing malicious alteration thereof. The system and method regularly check the contents of the alterable read only memory using a digital signature encrypted by means of an asymmetrical key cryptosystem.
摘要翻译: 一种用于验证存储在可更改的只读存储器(例如FLASH ROM)中的计算机系统的BIOS程序的完整性并防止其恶意改变的系统和方法。 系统和方法使用通过非对称密钥密码系统加密的数字签名来定期检查可更改的只读存储器的内容。
-
2.发明授权Autonomous system for recognition of patterns formed by stored data during computer memory scrubbing 失效用于识别在计算机存储器擦洗期间由存储数据形成的图案的自动系统公开(公告)号:US06279128B1
公开(公告)日:2001-08-21
申请号:US08366281
申请日:1994-12-29
申请人: William Carlisle Arnold , Jehoshua Bruck , Jeffrey Owen Kephart , Gregory Bret Sorkin , Steve Richard White , David Michael Chess , Charles Edwin Cox , Myron Dale Flickner
发明人: William Carlisle Arnold , Jehoshua Bruck , Jeffrey Owen Kephart , Gregory Bret Sorkin , Steve Richard White , David Michael Chess , Charles Edwin Cox , Myron Dale Flickner
IPC分类号: H02H305
CPC分类号: G06F21/567 , G06F11/106
摘要: A system for continuous monitoring and autonomous detection of patterns in the main memory subsystem of a computer system. The invention can be embodied as an extension to existing memory scrubbing hardware to permit stored code pattern analysis and identification during the autonomous transparent memory scrubbing process. A library of stored target signatures is provided to which code signatures are compared during analysis. Code signatures may be derived directly from the memory subsystem data pattern or may be indirectly and more efficiently derived from the error correction code (ECC) string associated with the stored data pattern. This invention is directly applicable to computer virus detection and neutralization systems.
摘要翻译: 一种用于连续监测和自动检测计算机系统的主存储子系统中的模式的系统。 本发明可以被实现为对现有存储器擦除硬件的扩展,以允许在自主透明存储器擦除过程期间存储的代码模式分析和识别。 提供存储的目标签名库,以便在分析期间对代码签名进行比较。 代码签名可以直接从存储器子系统数据模式导出,或者可以间接且更有效地从与所存储的数据模式相关联的纠错码(ECC)字符串中导出。 本发明直接适用于计算机病毒检测和中和系统。
-
公开(公告)号:US07054798B2
公开(公告)日:2006-05-30
申请号:US09907753
申请日:2001-07-19
申请人: Gregory Bret Sorkin
发明人: Gregory Bret Sorkin
IPC分类号: G06F17/10
CPC分类号: G05B19/188 , G05B2219/34112 , G05B2219/36301 , G05B2219/45204 , H05K3/005
摘要: A method of optimizing a manufacturing operation includes receiving as input data a description of a plurality of desired results of the operation, receiving as input data capabilities of a machine to accomplish the operation, determining an operation space including of a set of operations sufficient to accomplish all of the plurality of desired results using the machine capabilities, categorizing the operation space into groups, each group corresponding to one of the plurality of desired results, wherein any operation in the group sufficing to accomplish the corresponding one result, selecting a subset of the operation space, the subset comprising at least one representative from each of the groups, thereby making it sufficient to accomplish all of the plurality of desired results, and determining a short way to sequence the operations from the selected subset.
-
公开(公告)号:US5907834A
公开(公告)日:1999-05-25
申请号:US619866
申请日:1996-03-18
CPC分类号: G06F21/564
摘要: A data string is a sequence of atomic units of data that represent information. In the context of computer data, examples of data strings include executable programs, data files, and boot records consisting of sequences of bytes, or text files consisting of sequences of bytes or characters. The invention solves the problem of automatically constructing a classifier of data strings, i.e., constructing a classifier which, given a string, determines which of two or more class labels should be assigned to it. From a set of (string, class-label) pairs, this invention provides an automated technique for extracting features of data strings that are relevant to the classification decision, and an automated technique for developing a classifier which uses those features to classify correctly the data strings in the original examples and, with high accuracy, classify correctly novel data strings not contained in the example set. The classifier is developed using "adaptive" or "learning" techniques from the domain of statistical regression and classification, such as, e.g., multi-layer neural networks. As an example, the technique can be applied to the task of distinguishing files or boot records that are infected by computer viruses from files or boot records that are not infected.
摘要翻译: 数据串是表示信息的数据的原子单元的序列。 在计算机数据的上下文中,数据串的示例包括由字节序列组成的可执行程序,数据文件和引导记录,或由字节或字符序列组成的文本文件。 本发明解决了自动构建数据串分类器的问题,即,构建一个分类器,给定一个字符串,确定应该分配两个或多个类标签中的哪一个。 本发明从一组(串,类标签)对提供了一种用于提取与分类决定相关的数据串的特征的自动化技术,以及用于开发分类器的自动化技术,其使用这些特征来正确地分类数据 原始示例中的字符串,并且具有高精度,正确地分类示例集中未包含的新颖数据字符串。 分类器是使用“自适应”或“学习”技术从统计回归和分类领域开发的,例如多层神经网络。 例如,该技术可以应用于区分受计算机病毒感染的文件或引导记录的文件或未被感染的引导记录的任务。
-
5.发明授权
公开(公告)号:US5675711A
公开(公告)日:1997-10-07
申请号:US242757
申请日:1994-05-13
CPC分类号: G06F21/564
摘要: A data string is a sequence of atomic units of data that represent information. In the context of computer data, examples of data strings include executable programs, data files, and boot records consisting of sequences of bytes, or text files consisting of sequences of bytes or characters. The invention solves the problem of automatically constructing a classifier of data strings, i.e., constructing a classifier which, given a string, determines which of two or more class labels should be assigned to it. From a set of (string, class-label) pairs, this invention provides an automated technique for extracting features of data strings that are relevant to the classification decision, and an automated technique for developing a classifier which uses those features to classify correctly the data strings in the original examples and, with high accuracy, classify correctly novel data strings not contained in the example set. The classifier is developed using "adaptive" or "learning" techniques from the domain of statistical regression and classification, such as, e.g., multi-layer neural networks. As an example, the technique can be applied to the task of distinguishing files or boot records that are infected by computer viruses from files or boot records that are not infected.
摘要翻译: 数据串是表示信息的数据的原子单元的序列。 在计算机数据的上下文中,数据串的示例包括由字节序列组成的可执行程序,数据文件和引导记录,或由字节或字符序列组成的文本文件。 本发明解决了自动构建数据串分类器的问题,即,构建一个分类器,给定一个字符串,确定应该分配两个或多个类标签中的哪一个。 本发明从一组(串,类标签)对提供了一种用于提取与分类决定相关的数据串的特征的自动化技术,以及用于开发分类器的自动化技术,其使用这些特征来正确地分类数据 原始示例中的字符串,并且具有高精度,正确地分类示例集中未包含的新颖数据字符串。 分类器是使用“自适应”或“学习”技术从统计回归和分类领域开发的,例如多层神经网络。 例如,该技术可以应用于区分受计算机病毒感染的文件或引导记录的文件或未被感染的引导记录的任务。
-
6.发明授权Method of constructing data classifiers and classifiers constructed according to the method 有权根据该方法构建数据分类器和分类器的方法公开(公告)号:US06622134B1
公开(公告)日:2003-09-16
申请号:US09225801
申请日:1999-01-05
申请人: Gregory Bret Sorkin
发明人: Gregory Bret Sorkin
IPC分类号: G06F1518
CPC分类号: G06F21/56 , G06F21/562 , G06K9/6256 , G06N3/08
摘要: A method of constructing data classifiers in cases where the number of features is much larger than the number of training examples and it is critical to avoid overtraining, is particularly useful in recognizing computer objects containing or likely to contain a computer virus. The method provides a novel way of tolerating imperfectly classifiable data, of learning in time polynomial in the size of the input data, and of avoiding overtraining. Training is performed by constructing and solving a linear program (LP) or integer program (IP).
摘要翻译: 在特征数量远大于训练样本数量的情况下构建数据分类器的方法,并且避免过度训练是至关重要的,在识别包含或可能包含计算机病毒的计算机对象时特别有用。 该方法提供了一种新颖的方式来容忍不完全可分类的数据,在时间多项式中学习输入数据的大小以及避免过度训练。 通过构建和求解线性程序(LP)或整数程序(IP)来执行训练。
-
公开(公告)号:US06178536B1
公开(公告)日:2001-01-23
申请号:US08911126
申请日:1997-08-14
申请人: Gregory Bret Sorkin
发明人: Gregory Bret Sorkin
IPC分类号: G11C2900
CPC分类号: G06F11/1004 , G06F11/1076 , G06F21/565
摘要: The present invention concerns a method and system for protection against corruption of data. In order to backup files to be stored in a storage medium, a set of redundant parity symbols is computed by encoding cross-sections across said files using a systematic code. These parity symbols and the files are then stored for later retrieval. If some of these files are erased, corrupted, damaged or infected by a virus, they are reconstructed by decoding the surviving files and the parity symbols.
摘要翻译: 本发明涉及一种用于防止数据损坏的方法和系统。 为了备份要存储在存储介质中的文件,通过使用系统代码对所述文件之间的横截面进行编码来计算一组冗余奇偶校验符号。 然后存储这些奇偶校验符号和文件供以后检索。 如果这些文件中的一些被病毒清除,损坏,损坏或感染,则通过对幸存文件和奇偶校验符号进行解码来重建它们。
-
公开(公告)号:US6016546A
公开(公告)日:2000-01-18
申请号:US890013
申请日:1997-07-10
CPC分类号: G06F21/564
摘要: The present invention provides a method of reducing the amount of memory required to scan a given data string for the presence of computer viruses or other data traits of interest including the steps of 1) loading into a memory of a computer a set of generic features that are functionally similar to standard computer virus signatures, but tend to be less specific to particular viruses, 2) locating occurrences of the generic features within the data string, 3) applying a first mapping from the occurrences located during step 2) to obtain a subset of standard signatures, 4) loading the subset of standard signatures into a memory of said computer, 5) locating occurrences within the data string of all signatures from the subset of standard signatures, and 6) applying a second mapping from the occurrences located during step 5) to identify a set of computer viruses that are likely to be present in the data string.
摘要翻译: 本发明提供一种减少扫描给定数据串所需的存储器量的方法,用于存在感兴趣的计算机病毒或其他数据特征,包括以下步骤:1)将一组通用特征加载到计算机的存储器中, 在功能上类似于标准计算机病毒签名,但往往对特定病毒具有较少的特异性,2)定位数据串中的通用特征的出现,3)应用来自位于步骤2)期间出现的第一个映射,以获得子集 的标准签名,4)将标准签名的子集加载到所述计算机的存储器中,5)从标准签名的子集中定位所有签名的数据字符串内的事件,以及6)应用在步骤期间发生的出现的第二映射 5)识别可能存在于数据串中的一组计算机病毒。
-
-
-
-
-
-
-
搜索结果
8 条记录 (耗时 0.026 秒)
