中科微点-全球专利检索

  1. Login
  2. Sign Up

Search Results

26 records (took 0.122 seconds)

    Zero day malware scanner
    1.
    发明授权
    Zero day malware scanner 有权
    零天恶意软件扫描仪

    公开(公告)号:US08375450B1

    公开(公告)日:2013-02-12

    申请号:US12573300

    申请日:2009-10-05

    Applicant: Jonathan James Oliver Cheng-Lin Hou Lili Diao YiFun Liang Jennifer Rihn

    Inventor: Jonathan James Oliver Cheng-Lin Hou Lili Diao YiFun Liang Jennifer Rihn

    IPC: G06F21/00

    CPC classification number: H04L63/1416 G06F21/564 G06F21/565 G06F21/567

    Abstract: A training model for malware detection is developed using common substrings extracted from known malware samples. The probability of each substring occurring within a malware family is determined and a decision tree is constructed using the substrings. An enterprise server receives indications from client machines that a particular file is suspected of being malware. The suspect file is retrieved and the decision tree is walked using the suspect file. A leaf node is reached that identifies a particular common substring, a byte offset within the suspect file at which it is likely that the common substring begins, and a probability distribution that the common substring appears in a number of malware families. A hash value of the common substring is compared (exact or approximate) against the corresponding substring in the suspect file. If positive, a result is returned to the enterprise server indicating the probability that the suspect file is a member of a particular malware family.

    Abstract translation: 使用从已知恶意软件样本中提取的常见子串开发恶意软件检测的培训模型。 确定在恶意软件系列内发生每个子串的概率,并使用该子串构建一个决策树。 企业服务器从客户机接收到特定文件被怀疑是恶意软件的指示。 检索可疑文件,并使用可疑文件行进决策树。 到达一个叶节点,标识一个特定的共同子串,可疑文件中可能是公共子串开始的字节偏移量,以及常见子字符串出现在多个恶意软件系列中的概率分布。 将公共子串的哈希值与可疑文件中的相应子字符串进行比较(精确或近似)。 如果为肯定,则返回给企业服务器的结果,指示可疑文件是特定恶意软件系列成员的概率。

    Apparatus and methods for in-the-cloud identification of spam and/or malware
    2.
    发明授权
    Apparatus and methods for in-the-cloud identification of spam and/or malware 有权
    用于云端识别垃圾邮件和/或恶意软件的设备和方法

    公开(公告)号:US08925087B1

    公开(公告)日:2014-12-30

    申请号:US12487959

    申请日:2009-06-19

    Applicant: Jonathan James Oliver Yifun Liang

    Inventor: Jonathan James Oliver Yifun Liang

    IPC: G06F11/30 G06F12/14 H04L29/06 H04L12/58 H04L29/12 H04L9/06

    CPC classification number: H04L63/1416 H04L9/0643 H04L51/12 H04L61/1511 H04L63/145

    Abstract: One embodiment relates to an apparatus for in-the-cloud identification of spam and/or malware. The apparatus includes computer-readable code configured to be executed by the processor so as to receive queries, the queries including hash values embedded therein. The apparatus further includes computer-readable code configured to be executed by the processor so as to detect a group of hash codes which are similar and to identify the group as corresponding to an undesirable network outbreak. Another embodiment relates to an apparatus for in-the-cloud detection of spam and/or malware. The apparatus includes computer-readable code configured to be executed by the processor so as to receive an electronic message, calculate a locality-sensitive hash based on the message, embed the locality-sensitive hash into a query, and send the query to a central analysis system via a network interface. Other embodiments, aspects and features are also disclosed.

    Abstract translation: 一个实施例涉及用于在云中识别垃圾邮件和/或恶意软件的装置。 该装置包括被配置为由处理器执行以便接收查询的计算机可读代码,该查询包括嵌入其中的哈希值。 该装置还包括被配置为由处理器执行的计算机可读代码,以便检测类似的一组散列码,并将该组识别为对应于不期望的网络爆发。 另一个实施例涉及用于在云中检测垃圾邮件和/或恶意软件的装置。 该装置包括被配置为由处理器执行以接收电子消息的计算机可读代码,基于该消息计算位置敏感散列,将该区域敏感散列嵌入到查询中,并将查询发送到中央 分析系统通过网络接口。 还公开了其它实施例,方面和特征。

    Apparatus and methods for remote classification of unknown malware
    3.
    发明授权
    Apparatus and methods for remote classification of unknown malware 有权
    用于远程分类未知恶意软件的设备和方法

    公开(公告)号:US08769683B1

    公开(公告)日:2014-07-01

    申请号:US12498901

    申请日:2009-07-07

    Applicant: Jonathan James Oliver

    Inventor: Jonathan James Oliver

    IPC: G06F21/00 G06F21/56 H04L29/06 G06F21/64

    CPC classification number: G06F21/561 G06F21/56 G06F21/564 G06F21/64 H04L63/145

    Abstract: One embodiment relates to an apparatus for remote classification of malware. Computer-readable code is configured to be executed by the processor so as to receive a locality-sensitive hash (LSH) value associated with a file from a host computer via the network interface, determine whether the LSH value associated with the file is similar to a LSH value in an entry in an LSH data structure, and indicate that the file is a variant of known malware associated with the entry if the LSH value associated with the file is similar to the LSH value in the entry. Another embodiment relates to a method for remote classification of malware. Another embodiment relates to an apparatus configured to determine whether a file includes malware. Another embodiment relates to a method for detecting malware within an institutional network. Other embodiments, aspects and features are also disclosed.

    Abstract translation: 一个实施例涉及用于远程分类恶意软件的装置。 计算机可读代码被配置为由处理器执行以便经由网络接口​​从主计算机接收与文件相关联的位置敏感散列(LSH)值,确定与该文件相关联的LSH值是否类似于 LSH数据结构中的条目中的LSH值,并且如果与该文件相关联的LSH值类似于条目中的LSH值,则表示该文件是与条目相关联的已知恶意软件的变体。 另一实施例涉及用于远程分类恶意软件的方法。 另一个实施例涉及一种被配置为确定文件是否包括恶意软件的装置。 另一实施例涉及用于检测机构网络内的恶意软件的方法。 还公开了其它实施例,方面和特征。

    METHODS FOR MATCHING IMAGE-BASED TEXUAL INFORMATION WITH REGULAR EXPRESSIONS
    6.
    发明申请
    METHODS FOR MATCHING IMAGE-BASED TEXUAL INFORMATION WITH REGULAR EXPRESSIONS 失效
    用于匹配具有常规表达形式的基于图像的文本信息的方法

    公开(公告)号:US20100074534A1

    公开(公告)日:2010-03-25

    申请号:US12235543

    申请日:2008-09-22

    Applicant: Jonathan James Oliver Lili Diao

    Inventor: Jonathan James Oliver Lili Diao

    IPC: G06K9/62

    CPC classification number: G06K9/6885 G06K9/6296 G06K9/72 G06K2209/01

    Abstract: A method for matching an image-form textual string in an image to a regular expression is disclosed. The method includes constructing a representation of the regular expression and generating a candidate string of characters from the image-form textual string. The method further includes ascertaining whether there exists a match between the image-form textual string and the regular expression, the match is deemed achieved if a probability value associated with the match is above a predetermined matching threshold.

    Abstract translation: 公开了将图像中的图像形式的文本字符串与正则表达式进行匹配的方法。 该方法包括构建正则表达式的表示,并从图像形式的文本字符串生成候选字符串。 该方法还包括确定在图像形式文本串和正则表达式之间是否存在匹配,如果与匹配相关联的概率值高于预定匹配阈值,则认为匹配。

    System and method for adaptive text recommendation
    8.
    发明授权
    System and method for adaptive text recommendation 有权
    自适应文本推荐的系统和方法

    公开(公告)号:US08645389B2

    公开(公告)日:2014-02-04

    申请号:US11003920

    申请日:2004-12-03

    Applicant: Jonathan James Oliver Wray Lindsay Buntine George Roumeliotis

    Inventor: Jonathan James Oliver Wray Lindsay Buntine George Roumeliotis

    IPC: G06F17/30

    CPC classification number: G06F17/30598 G06F17/3053 G06F17/30675 G06F17/3071 G06F17/30867 H04L51/18 H04L67/02 Y10S707/99935

    Abstract: Network system provides a real-time adaptive recommendation set of documents with a high statistical measure of relevancy to the requestor device. The recommendation set is optimized based on analyzing the text of documents of the interest set, categorizing these documents into clusters, extracting keywords representing the themes or concepts of documents in the clusters, and filtering a population of eligible documents accessible to the system utilizing site and or Internet-wide search engines. The system is either automatically or manually invoked and it develops and presents the recommendation set in real-time; for example, upon logging onto a web site or as the client views additional documents or pages of a website. The recommendation set may be presented as a greeting, notification, alert, HTML fragment, fax, voicemail, or automatic classification or routing of customer e-mail, personal e-mail, job postings, and offers for sale or exchange.

    Abstract translation: 网络系统提供具有与请求者设备的相关性的高统计度量的文档的实时自适应推荐集合。 通过分析利益集合文件的文本,将这些文档分类为集群,提取代表群集中文档主题或概念的关键字,并对系统利用站点可访问的合格文档进行过滤,优化了推荐集, 或互联网范围的搜索引擎。 系统自动或手动调用,并实时开发和呈现推荐集; 例如,登录到网站或客户端查看网站的其他文档或页面时。 推荐集可以呈现为问候,通知,警报,HTML片段,传真,语音邮件,或客户电子邮件,个人电子邮件,职位发布和出售或交换的报价的自动分类或路由。

    Pure adversarial approach for identifying text content in images
    9.
    发明授权
    Pure adversarial approach for identifying text content in images 有权
    用于识别图像中的文本内容的纯对抗方法

    公开(公告)号:US08045808B2

    公开(公告)日:2011-10-25

    申请号:US11893921

    申请日:2007-08-16

    Applicant: Jonathan James Oliver

    Inventor: Jonathan James Oliver

    IPC: G06K9/72

    CPC classification number: H04L51/12 G06K9/00463 G06K9/344 G06K2209/01

    Abstract: A pure adversarial optical character recognition (OCR) approach in identifying text content in images. An image and a search term are input to a pure adversarial OCR module, which searches the image for presence of the search term. The image may be extracted from an email by an email processing engine. The OCR module may split the image into several character-blocks that each has a reasonable probability of containing a character (e.g., an ASCII character). The OCR module may form a sequence of blocks that represent a candidate match to the search term and calculate the similarity of the candidate sequence to the search term. The OCR module may be configured to output whether or not the search term is found in the image and, if applicable, the location of the search term in the image.

    Abstract translation: 纯粹的对抗光学字符识别(OCR)方法来识别图像中的文本内容。 图像和搜索项被​​输入到纯对抗OCR模块,该OCR模块搜索图像中是否存在搜索项。 可以通过电子邮件处理引擎从电子邮件中提取图像。 OCR模块可以将图像分割成几个字符块,每个字符块具有包含字符(例如,ASCII字符)的合理概率。 OCR模块可以形成表示与搜索项的候选匹配的块序列,并计算候选序列与搜索项的相似性。 OCR模块可以被配置为输出在图像中是否找到搜索项,并且如果适用,则输出搜索项在图像中的位置。

Patent Agency Ranking