-
公开(公告)号:US20160180087A1
公开(公告)日:2016-06-23
申请号:US14580784
申请日:2014-12-23
申请人: Jonathan L. Edwards , Joel R. Spurlock , Aditya Kapoor , James Bean , Cedric Cochin , Craig D. Schmugar
发明人: Jonathan L. Edwards , Joel R. Spurlock , Aditya Kapoor , James Bean , Cedric Cochin , Craig D. Schmugar
IPC分类号: G06F21/56
CPC分类号: G06F21/566 , G06F21/568 , H04L63/1416 , H04L63/145 , H04L63/1491
摘要: Provided in some embodiments are systems and methods for remediating malware. Embodiments include receiving (from a process) a request to access data, determining that the process is an unknown process, providing the process with access to one or more data tokens in response to determining that the process is an unknown process, determining whether the process is engaging in suspicious activity with the one or more data tokens, and inhibiting execution of the process in response to determining that the process is engaging in suspicious activity with the one or more data tokens.
摘要翻译: 在一些实施例中提供了用于修复恶意软件的系统和方法。 实施例包括:(从处理)接收访问数据的请求,确定该进程是未知进程,响应于确定该进程是未知进程,向该进程提供对一个或多个数据令牌的访问,确定进程 正在与一个或多个数据令牌进行可疑活动,并且响应于确定该进程与一个或多个数据令牌进行可疑活动而禁止该进程的执行。
-
公开(公告)号:US20160179706A1
公开(公告)日:2016-06-23
申请号:US14579689
申请日:2014-12-22
申请人: Cedric Cochin , Jonathan Edwards , Aditya Kapoor
发明人: Cedric Cochin , Jonathan Edwards , Aditya Kapoor
CPC分类号: G06F13/126 , G06F9/4411 , G06F13/385 , G06F21/35 , G06F21/44 , G06F21/445 , G06F21/53 , G06F21/566 , G06F21/85 , H04W12/04 , H04W12/06
摘要: Certain embodiments herein relate to pairing an external device and a computer using a random user action. The random user action may be generated based on the type of device. After an external device is connected to the computer, the external device is segregated from one or more resources of the computer. A random user action based on the device type, and to be received from the external device, is generated and requested. If the random user action is received, the external device is paired with the computer and provided access to the one or more resources of the computer.
摘要翻译: 本文中的某些实施例涉及使用随机用户动作来配对外部设备和计算机。 可以基于设备的类型来生成随机用户动作。 外部设备连接到计算机后,外部设备与计算机的一个或多个资源隔离。 生成并请求基于设备类型并从外部设备接收的随机用户动作。 如果接收到随机用户操作,则外部设备与计算机配对,并提供对计算机的一个或多个资源的访问。
-
公开(公告)号:US20140115652A1
公开(公告)日:2014-04-24
申请号:US13656436
申请日:2012-10-19
IPC分类号: G06F21/00
CPC分类号: H04L63/20 , G06F21/554 , G06F21/566 , G06F21/567 , H04L63/10 , H04L63/1416
摘要: Technologies for securing an electronic device include trapping an attempt to access a secured system resource of the electronic device, determining a module associated with the attempt, determining a subsection of the module associated with the attempt, the subsection including a memory location associated with the attempt, accessing a security rule to determine whether to allow the attempted access based on the determination of the module and the determination of the subsection, and handling the attempt based on the security rule. The module includes a plurality of distinct subsections.
摘要翻译: 用于保护电子设备的技术包括捕获访问电子设备的安全系统资源的尝试,确定与该尝试相关联的模块,确定与该尝试相关联的模块的子部分,该子部分包括与该尝试相关联的存储器位置 访问安全规则以确定是否允许基于模块的确定和子部分的确定来允许尝试的访问,以及基于安全规则来处理尝试。 该模块包括多个不同的子部分。
-
公开(公告)号:US20130312099A1
公开(公告)日:2013-11-21
申请号:US13476881
申请日:2012-05-21
申请人: Jonathan L. Edwards , Aditya Kapoor
发明人: Jonathan L. Edwards , Aditya Kapoor
IPC分类号: G06F21/00
CPC分类号: G06F21/56 , G06F21/554
摘要: A method for detecting malware includes determining one or more object-oriented components of an electronic device, trapping at a level below all of the operating systems of the electronic device an attempt to access an object-oriented component of the electronic device, determining an entity causing the attempt, accessing one or more security rules, and, based on the security rules, the entity causing the attempt, and the object-oriented component, determining whether the attempted access is indicative of malware.
摘要翻译: 一种用于检测恶意软件的方法包括确定电子设备的一个或多个面向对象的组件,在电子设备的所有操作系统的所有操作系统以下的级别捕获尝试访问电子设备的面向对象的组件,确定实体 导致尝试,访问一个或多个安全规则,并且基于安全规则,导致尝试的实体和面向对象的组件,确定尝试的访问是否指示恶意软件。
-
公开(公告)号:US20130312095A1
公开(公告)日:2013-11-21
申请号:US13476898
申请日:2012-05-21
IPC分类号: G06F21/00
CPC分类号: G06F21/566
摘要: A method for monitoring for malware includes, during a boot process on an electronic device, determining a portion of memory, determining that the portion of memory is reserved for exclusive access by an entity on the electronic device, and, based on the determination that a portion of memory is reserved for exclusive access during the boot process, determining that the reservation is indicative of malware.
摘要翻译: 用于监视恶意软件的方法包括在电子设备上的引导过程期间确定存储器的一部分,确定存储器的该部分被保留用于电子设备上的实体的独占访问,并且基于确定 在启动过程中,部分内存被保留用于独占访问,确定该预留是恶意软件的指示。
-
公开(公告)号:US09317687B2
公开(公告)日:2016-04-19
申请号:US13476898
申请日:2012-05-21
CPC分类号: G06F21/566
摘要: A method for monitoring for malware includes, during a boot process on an electronic device, determining a portion of memory, determining that the portion of memory is reserved for exclusive access by an entity on the electronic device, and, based on the determination that a portion of memory is reserved for exclusive access during the boot process, determining that the reservation is indicative of malware.
摘要翻译: 用于监视恶意软件的方法包括在电子设备上的引导过程期间确定存储器的一部分,确定存储器的该部分被保留用于电子设备上的实体的独占访问,并且基于确定 在启动过程中,部分内存被保留用于独占访问,确定该预留是恶意软件的指示。
-
7.发明申请SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT FOR IDENTIFYING HIDDEN OR MODIFIED DATA OBJECTS 审中-公开用于识别隐藏或修改的数据对象的系统,方法和计算机程序产品公开(公告)号:US20130247182A1
公开(公告)日:2013-09-19
申请号:US12427463
申请日:2009-04-21
IPC分类号: G06F21/00 , G06F17/30 , G06F15/177 , G06F12/14 , H04L29/06
CPC分类号: H04L63/1416 , G06F21/55 , G06F21/554 , G06F21/56
摘要: A system, method, and computer program product are provided for detecting hidden or modified data objects. In use, a first set of data objects stored in a device is enumerated, where the enumeration of the first set of data objects is performed within an operating system of the device. Additionally, a second set of data objects stored in the device is enumerated, where the enumeration of the second set of data objects is performed outside of the operating system of the device. Further, the first set of data objects and the second set of data objects are compared for identifying hidden or modified data objects.
摘要翻译: 提供了一种用于检测隐藏或修改的数据对象的系统,方法和计算机程序产品。 在使用中,枚举存储在设备中的第一组数据对象,其中在设备的操作系统内执行第一组数据对象的枚举。 此外,枚举存储在设备中的第二组数据对象,其中第二组数据对象的枚举在设备的操作系统之外执行。 此外,比较第一组数据对象和第二组数据对象以识别隐藏或修改的数据对象。
-
公开(公告)号:US08370941B1
公开(公告)日:2013-02-05
申请号:US12116063
申请日:2008-05-06
IPC分类号: G06F11/00
CPC分类号: G06F21/56
摘要: A rootkit scanning system, method, and computer program product are provided. In use, at least one hook is traversed. Further, code is identified based on the traversal of the at least one hook. In addition, the code is scanned for at least one rootkit.
摘要翻译: 提供了一个rootkit扫描系统,方法和计算机程序产品。 在使用中,至少有一个钩子被穿过。 此外,基于至少一个钩的遍历来识别代码。 此外,代码扫描至少一个rootkit。
-
公开(公告)号:US20120054153A1
公开(公告)日:2012-03-01
申请号:US12870672
申请日:2010-08-27
IPC分类号: G06F17/30
CPC分类号: G06F17/30575
摘要: Systems and methods to provide a generic framework for application specific data exchange are shown. In example embodiments a data container is received. The data container includes data saved to a master data system. The data container is buffered. At least one backup data system is determined based on attributes of the data container. A determination is made as to whether the at least one backup data system is available. When the at least one backup data system is available, the data container is forwarded to the at least one backup data system.
摘要翻译: 显示了为应用程序特定数据交换提供通用框架的系统和方法。 在示例实施例中,接收数据容器。 数据容器包括保存到主数据系统的数据。 数据容器被缓冲。 至少一个备份数据系统是基于数据容器的属性来确定的。 确定至少一个备份数据系统是否可用。 当至少一个备份数据系统可用时,数据容器被转发到至少一个备份数据系统。
-
公开(公告)号:US20070168401A1
公开(公告)日:2007-07-19
申请号:US11326079
申请日:2006-01-05
申请人: Aditya Kapoor , Wenlu Ma , Craig Duncan
发明人: Aditya Kapoor , Wenlu Ma , Craig Duncan
IPC分类号: G06F17/30
CPC分类号: G06F11/1451 , G06F11/1469 , G06F2201/80
摘要: This disclosure concerns systems and methods for restoring data. In one example, a method for piecemeal restoration of a database involves a computer system having a user interface and a selection device. The method begins when a query is sent to a database server application requesting a list of all offline filegroups for the database. Next, the list of all offline filegroups is received from the database server application. Then, the list of all offline filegroups is automatically presented on the user interface. Next, a list selection signal is received, indicative of the selection device designating one or more of the filegroups from the list. Finally, in response to the receipt of the list selection signal, a command is automatically formulated to bring the designated one or more filegroups online.
摘要翻译: 本公开涉及恢复数据的系统和方法。 在一个示例中,用于零碎地恢复数据库的方法涉及具有用户界面和选择装置的计算机系统。 当查询发送到请求数据库的所有脱机文件组的列表的数据库服务器应用程序时,该方法开始。 接下来,从数据库服务器应用程序接收到所有脱机文件组的列表。 然后,所有脱机文件组的列表将自动显示在用户界面上。 接下来,接收列表选择信号,指示选择装置从列表中指定一个或多个文件组。 最后,响应于接收到列表选择信号,自动地制定一个命令以使指定的一个或多个文件组联机。
-
-
-
-
-
-
-
-
-
搜索结果
35 条记录 (耗时 0.037 秒)
