公开(公告)号：US12141314B2

公开(公告)日：2024-11-12

申请号：US17462939

申请日：2021-08-31

Applicant: Google LLC

Inventor： Phillip Marvin Tischler ,  Seth Joseph Vargo ,  Timothy Dylan Peacock ,  Colin Man ,  Scott Tyler Ellis

IPC: G06F21/62 ,  G06F16/22 ,  G06F16/2455 ,  G06F16/28 ,  G06F16/93

Abstract: Aspects of the disclosure provide for an end-to-end system for detecting and responding to known secrets leaked on a computing platform. By securely retrieving secret data from a repository of known secrets, the platform can detect whether potential secrets are leaked in digital documents generated by applications or services of the platform, and compare the potential secrets with known secrets in the repository. The system deterministically and accurately identifies whether secrets were leaked in a digital document, and can also identify both the source of the leakage and the affected users, devices, or groups of users and devices on the platform.

公开(公告)号：US12242605B2

公开(公告)日：2025-03-04

申请号：US17880793

申请日：2022-08-04

Applicant: Google LLC

Inventor： Merrielle Therese Spain ,  Timothy Dylan Peacock ,  John Edward Davis

IPC: G06F21/56 ,  G06N3/08

Abstract: Aspects of the disclosure are directed to a system for classifying software as malicious or benign based on predicting the effect the software has on the platform before the software is actually deployed. A system as described herein can operate in close to real-time to receive, isolate, and classify software as benign or malicious. Aspects of the disclosure provide for accurate classification of malicious programs or scripts even if ostensibly the program appears benign, and vice versa, based on the effect predicted by a machine learning model trained as described herein. The system can also be implemented to isolate and verify incoming scripts or software to the platform, to provide a predicted classification while not substantially impacting processing pipelines involving platform resources or the user experience with the platform in general.

公开(公告)号：US20230063214A1

公开(公告)日：2023-03-02

申请号：US17462939

申请日：2021-08-31

Applicant: Google LLC

Inventor： Phillip Marvin Tischler ,  Seth Joseph Vargo ,  Timothy Dylan Peacock ,  Colin Man ,  Scott Tyler Ellis

IPC: G06F21/62 ,  G06F16/2455 ,  G06F16/93 ,  G06F16/22 ,  G06F16/28

Abstract: Aspects of the disclosure provide for an end-to-end system for detecting and responding to known secrets leaked on a computing platform. By securely retrieving secret data from a repository of known secrets, the platform can detect whether potential secrets are leaked in digital documents generated by applications or services of the platform, and compare the potential secrets with known secrets in the repository. The system deterministically and accurately identifies whether secrets were leaked in a digital document, and can also identify both the source of the leakage and the affected users, devices, or groups of users and devices on the platform.

公开(公告)号：US20230053322A1

公开(公告)日：2023-02-16

申请号：US17880793

申请日：2022-08-04

Applicant: Google LLC

Inventor： Merrielle Therese Spain ,  Timothy Dylan Peacock ,  John Edward Davis

IPC: G06F21/56 ,  G06N3/08

Abstract: Aspects of the disclosure are directed to a system for classifying software as malicious or benign based on predicting the effect the software has on the platform before the software is actually deployed. A system as described herein can operate in close to real-time to receive, isolate, and classify software as benign or malicious. Aspects of the disclosure provide for accurate classification of malicious programs or scripts even if ostensibly the program appears benign, and vice versa, based on the effect predicted by a machine learning model trained as described herein. The system can also be implemented to isolate and verify incoming scripts or software to the platform, to provide a predicted classification while not substantially impacting processing pipelines involving platform resources or the user experience with the platform in general.

公开(公告)号：US20230236868A1

公开(公告)日：2023-07-27

申请号：US18157379

申请日：2023-01-20

Applicant: Google LLC

Inventor： Hao Zhou ,  Mahesh Pisal ,  Kenneth L. Hofsass ,  Timothy Dylan Peacock

IPC: G06F9/455

CPC classification number: G06F9/45558 ,  G06F2009/45583 ,  G06F2009/4557 ,  G06F2009/45587

Abstract: A virtual machine malware detection service caches contents that correspond to operating system registries. By caching the content of important registers, the malware detector is able to efficiently traverse virtual machine memory contents to identify important operating system properties. Examples of such operating system properties include a list of running processes. The malware detector replaces agent-based threat detection for compute endpoints. The malware detector detects cryptocurrency miners and malware by scanning guest virtual machine (VM) memories. The guest VM memory may be scanned according to the guest physical address. According to some examples, the memories of guest user processes may be scanned one by one, using the page table address for each guest process to efficiently locate its memory.