-
公开(公告)号:US20080104703A1
公开(公告)日:2008-05-01
申请号:US11927438
申请日:2007-10-29
申请人: Jennifer Rihn , Jonathan Oliver
发明人: Jennifer Rihn , Jonathan Oliver
IPC分类号: G06F21/00
CPC分类号: H04L63/1416 , G06F21/56 , G06N7/005 , H04L63/0245 , H04L63/14 , H04L63/1408 , H04L63/1425 , H04L63/145
摘要: Detecting infectious messages comprises performing an individual characteristic analysis of a message to determine whether the message is suspicious, determining whether a similar message has been noted previously in the event that the message is determined to be suspicious, classifying the message according to its individual characteristics and its similarity to the noted message in the event that a similar message has been noted previously.
摘要翻译: 检测感染性消息包括执行消息的单独特征分析以确定消息是否是可疑的,确定在消息被确定为可疑的情况下是否先前已经记录了类似的消息,根据其个体特征对该消息进行分类,以及 在之前已经注意到类似的消息的情况下,其与所述消息的相似性。
-
公开(公告)号:US20070294765A1
公开(公告)日:2007-12-20
申请号:US11895519
申请日:2007-08-24
申请人: Jennifer Rihn , Jonathan Oliver
发明人: Jennifer Rihn , Jonathan Oliver
IPC分类号: G06F11/30
CPC分类号: H04L63/1416 , G06F21/56 , G06F21/562 , H04L51/12 , H04L63/145
摘要: Systems and methods for managing forwarded infectious messages are provided. Managing electronic message comprises receiving a message, forwarding the message, determining that the forwarded message is infectious after the message has been forwarded and preventing the infectious forwarded message from spreading.
摘要翻译: 提供了用于管理转发的传染性消息的系统和方法。 管理电子消息包括接收消息,转发消息,在消息被转发之后确定转发的消息是传染性的,并且防止传染性转发消息扩散。
-
公开(公告)号:US08850566B2
公开(公告)日:2014-09-30
申请号:US11927438
申请日:2007-10-29
申请人: Jennifer Rihn , Jonathan J. Oliver
发明人: Jennifer Rihn , Jonathan J. Oliver
CPC分类号: H04L63/1416 , G06F21/56 , G06N7/005 , H04L63/0245 , H04L63/14 , H04L63/1408 , H04L63/1425 , H04L63/145
摘要: Detecting infectious messages comprises performing an individual characteristic analysis of a message to determine whether the message is suspicious, determining whether a similar message has been noted previously in the event that the message is determined to be suspicious, classifying the message according to its individual characteristics and its similarity to the noted message in the event that a similar message has been noted previously.
摘要翻译: 检测感染性消息包括执行消息的单独特征分析以确定消息是否是可疑的,确定在消息被确定为可疑的情况下是否先前已经记录了类似的消息,根据其个体特征对该消息进行分类,以及 在之前已经注意到类似的消息的情况下,其与所述消息的相似性。
-
公开(公告)号:US07343624B1
公开(公告)日:2008-03-11
申请号:US11156373
申请日:2005-06-16
申请人: Jennifer Rihn , Jonathan J. Oliver
发明人: Jennifer Rihn , Jonathan J. Oliver
CPC分类号: H04L63/1416 , G06F21/56 , G06F21/562 , H04L51/12 , H04L63/145
摘要: Managing electronic messages comprises receiving a message, forwarding the message, determining that the forwarded message is infectious after the message has been forwarded and preventing the infectious forwarded message from spreading.
摘要翻译: 管理电子消息包括接收消息,转发消息,在消息已被转发之后确定转发的消息是感染的,并且防止传染性转发消息扩散。
-
公开(公告)号:US08955106B2
公开(公告)日:2015-02-10
申请号:US11895519
申请日:2007-08-24
申请人: Jennifer Rihn , Jonathan J. Oliver
发明人: Jennifer Rihn , Jonathan J. Oliver
CPC分类号: H04L63/1416 , G06F21/56 , G06F21/562 , H04L51/12 , H04L63/145
摘要: Systems and methods for managing forwarded infectious messages are provided. Managing electronic message comprises receiving a message, forwarding the message, determining that the forwarded message is infectious after the message has been forwarded and preventing the infectious forwarded message from spreading.
摘要翻译: 提供了用于管理转发的传染性消息的系统和方法。 管理电子消息包括接收消息,转发消息,在消息被转发之后确定转发的消息是传染性的,并且防止传染性转发消息扩散。
-
公开(公告)号:US09154511B1
公开(公告)日:2015-10-06
申请号:US11156372
申请日:2005-06-16
申请人: Jennifer Rihn , Jonathan J. Oliver
发明人: Jennifer Rihn , Jonathan J. Oliver
CPC分类号: H04L63/1416 , G06F21/56 , G06N7/005 , H04L63/0245 , H04L63/14 , H04L63/1408 , H04L63/1425 , H04L63/145
摘要: Detecting infectious messages comprises performing an individual characteristic analysis of a message to determine whether the message is suspicious, determining whether a similar message has been noted previously in the event that the message is determined to be suspicious, classifying the message according to its individual characteristics and its similarity to the noted message in the event that a similar message has been noted previously.
摘要翻译: 检测感染性消息包括执行消息的单独特征分析以确定消息是否是可疑的,确定在消息被确定为可疑的情况下是否先前已经记录了类似的消息,根据其个体特征对该消息进行分类,以及 在之前已经注意到类似的消息的情况下,其与所述消息的相似性。
-
公开(公告)号:US20080134336A1
公开(公告)日:2008-06-05
申请号:US11927424
申请日:2007-10-29
申请人: Jennifer Rihn , Jonathan J. Oliver
发明人: Jennifer Rihn , Jonathan J. Oliver
IPC分类号: G06F21/00
CPC分类号: H04L63/1416 , G06F21/56 , G06F21/562 , H04L51/12 , H04L63/145
摘要: Managing electronic messages comprises receiving a message, forwarding the message, determining that the forwarded message is infectious after the message has been forwarded and preventing the infectious forwarded message from spreading.
摘要翻译: 管理电子消息包括接收消息,转发消息,在消息已被转发之后确定转发的消息是感染的,并且防止传染性转发消息扩散。
-
公开(公告)号:US08955136B2
公开(公告)日:2015-02-10
申请号:US13400548
申请日:2012-02-20
申请人: Jennifer Rihn , Jonathan J. Oliver
发明人: Jennifer Rihn , Jonathan J. Oliver
IPC分类号: G06F15/173 , G06F21/56 , H04L29/06 , H04L12/58
CPC分类号: H04L63/1416 , G06F21/56 , G06F21/562 , H04L51/12 , H04L63/145
摘要: Managing electronic messages comprises receiving a message, forwarding the message, determining that the forwarded message is infectious after the message has been forwarded and preventing the infectious forwarded message from spreading.
摘要翻译: 管理电子消息包括接收消息,转发消息,在消息已被转发之后确定转发的消息是感染的,并且防止传染性转发消息扩散。
-
公开(公告)号:US08375450B1
公开(公告)日:2013-02-12
申请号:US12573300
申请日:2009-10-05
申请人: Jonathan James Oliver , Cheng-Lin Hou , Lili Diao , YiFun Liang , Jennifer Rihn
发明人: Jonathan James Oliver , Cheng-Lin Hou , Lili Diao , YiFun Liang , Jennifer Rihn
IPC分类号: G06F21/00
CPC分类号: H04L63/1416 , G06F21/564 , G06F21/565 , G06F21/567
摘要: A training model for malware detection is developed using common substrings extracted from known malware samples. The probability of each substring occurring within a malware family is determined and a decision tree is constructed using the substrings. An enterprise server receives indications from client machines that a particular file is suspected of being malware. The suspect file is retrieved and the decision tree is walked using the suspect file. A leaf node is reached that identifies a particular common substring, a byte offset within the suspect file at which it is likely that the common substring begins, and a probability distribution that the common substring appears in a number of malware families. A hash value of the common substring is compared (exact or approximate) against the corresponding substring in the suspect file. If positive, a result is returned to the enterprise server indicating the probability that the suspect file is a member of a particular malware family.
摘要翻译: 使用从已知恶意软件样本中提取的常见子串开发恶意软件检测的培训模型。 确定在恶意软件系列内发生每个子串的概率,并使用该子串构建一个决策树。 企业服务器从客户机接收到特定文件被怀疑是恶意软件的指示。 检索可疑文件,并使用可疑文件行进决策树。 到达一个叶节点,标识一个特定的共同子串,可疑文件中可能是公共子串开始的字节偏移量,以及常见子字符串出现在多个恶意软件系列中的概率分布。 将公共子串的哈希值与可疑文件中的相应子字符串进行比较(精确或近似)。 如果为肯定,则返回给企业服务器的结果,指示可疑文件是特定恶意软件系列成员的概率。
-
公开(公告)号:US20120151590A1
公开(公告)日:2012-06-14
申请号:US13400548
申请日:2012-02-20
申请人: Jennifer Rihn , Jonathan J. Oliver
发明人: Jennifer Rihn , Jonathan J. Oliver
IPC分类号: G06F21/00
CPC分类号: H04L63/1416 , G06F21/56 , G06F21/562 , H04L51/12 , H04L63/145
摘要: Managing electronic messages comprises receiving a message, forwarding the message, determining that the forwarded message is infectious after the message has been forwarded and preventing the infectious forwarded message from spreading.
摘要翻译: 管理电子消息包括接收消息,转发消息,在消息已被转发之后确定转发的消息是感染的,并且防止传染性转发消息扩散。
-
-
-
-
-
-
-
-
-