公开(公告)号：US07634812B2

公开(公告)日：2009-12-15

申请号：US11095287

申请日：2005-03-30

申请人： Manuel Costa ,  Miguel Castro ,  Antony Rowstron ,  Jon Crowcroft

发明人： Manuel Costa ,  Miguel Castro ,  Antony Rowstron ,  Jon Crowcroft

IPC分类号： G06F12/14

CPC分类号： G06F21/57 ,  G06F21/552

摘要： A containment system may include a protection system which may protect the computing device from future attacks. For example, a patch may be automatically generated which resolves a detected vulnerability in a program. IN another example, a filter may be automatically generated which filters actions and/or messages which take advantage of a detected vulnerability in a program.

摘要翻译： 遏制系统可以包括可以保护计算设备免受未来攻击的保护系统。 例如，可以自动生成修补程序，以解决程序中检测到的漏洞。 在另一示例中，可以自动生成过滤器，其过滤利用程序中检测到的漏洞的动作和/或消息。

公开(公告)号：US20070006314A1

公开(公告)日：2007-01-04

申请号：US11095291

申请日：2005-03-30

申请人： Manuel Costa ,  Miguel Castro ,  Antony Rowstron ,  Jon Crowcroft

发明人： Manuel Costa ,  Miguel Castro ,  Antony Rowstron ,  Jon Crowcroft

IPC分类号： G06F11/00

CPC分类号： H04L63/1433 ,  G06F21/554 ,  G06F21/577 ,  H04L63/1416

摘要： A containment system may include generating and/or sending an alert as the basis for safely sharing knowledge about detected worms. An alert may contain information that proves that a given program has a vulnerability. The alert may be self-certifying such that its authenticity may be independently verified by a computing system.

摘要翻译： 遏制系统可以包括生成和/或发送警报作为安全地分享关于检测到的蠕虫的知识的基础。 警报可能包含证明给定程序有漏洞的信息。 警报可以是自我认证的，使得其真实性可以由计算系统独立地验证。

公开(公告)号：US07634813B2

公开(公告)日：2009-12-15

申请号：US11095291

申请日：2005-03-30

申请人： Manuel Costa ,  Miguel Castro ,  Antony Rowstron ,  Jon Crowcroft

发明人： Manuel Costa ,  Miguel Castro ,  Antony Rowstron ,  Jon Crowcroft

IPC分类号： G06F12/14

CPC分类号： H04L63/1433 ,  G06F21/554 ,  G06F21/577 ,  H04L63/1416

摘要： A containment system may include generating and/or sending an alert as the basis for safely sharing knowledge about detected worms. An alert may contain information that proves that a given program has a vulnerability. The alert may be self-certifying such that its authenticity may be independently verified by a computing system.

摘要翻译： 遏制系统可以包括生成和/或发送警报作为安全地分享关于检测到的蠕虫的知识的基础。 警报可能包含证明给定程序有漏洞的信息。 警报可以是自我认证的，使得其真实性可以由计算系统独立地验证。

公开(公告)号：US07603715B2

公开(公告)日：2009-10-13

申请号：US11096054

申请日：2005-03-30

申请人： Manuel Costa ,  Miguel Castro ,  Antony Rowstron ,  Jon Crowcroft

发明人： Manuel Costa ,  Miguel Castro ,  Antony Rowstron ,  Jon Crowcroft

IPC分类号： G06F12/14

CPC分类号： G06F21/566 ,  H04L63/1416

摘要： One aspect of the invention is a vulnerability detection mechanism that can detect a large class of attacks through dynamic dataflow analysis. Another aspect of the invention includes self-certifying alerts as the basis for safely sharing knowledge about worms. Another aspect of the invention is a resilient and self-organizing protocol to propagate alerts to all non-infected nodes in a timely fashion, even when under active attack during a worm outbreak. Another aspect of the invention is a system architecture that enables a large number of mutually untrusting computers to collaborate in the task of stopping a previously unknown worm, even when the worm is spreading rapidly and exploiting unknown vulnerabilities in popular software packages.

摘要翻译： 本发明的一个方面是可以通过动态数据流分析来检测大类攻击的漏洞检测机制。 本发明的另一方面包括自我认证警报作为安全地共享关于蠕虫的知识的基础。 本发明的另一方面是一种弹性和自组织协议，即使在蠕虫爆发期间受到主动攻击时，也可以及时向所有非感染节点传播警报。 本发明的另一方面是使得大量相互不信任的计算机能够在停止以前未知的蠕虫的任务中进行协作，即使当蠕虫迅速传播并利用流行的软件包中的未知的漏洞时。

公开(公告)号：US20060031933A1

公开(公告)日：2006-02-09

申请号：US11095287

申请日：2005-03-30

申请人： Manuel Costa ,  Miguel Castro ,  Antony Rowstron ,  Jon Crowcroft

发明人： Manuel Costa ,  Miguel Castro ,  Antony Rowstron ,  Jon Crowcroft

IPC分类号： G06F12/14 ,  G06F11/00

CPC分类号： G06F21/57 ,  G06F21/552

摘要： A containment system may include a protection system which may protect the computing device from future attacks. For example, a patch may be automatically generated which resolves a detected vulnerability in a program. IN another example, a filter may be automatically generated which filters actions and/or messages which take advantage of a detected vulnerability in a program.

公开(公告)号：US20060021054A1

公开(公告)日：2006-01-26

申请号：US11096054

申请日：2005-03-30

申请人： Manuel Costa ,  Miguel Castro ,  Antony Rowstron ,  Jon Crowcroft

发明人： Manuel Costa ,  Miguel Castro ,  Antony Rowstron ,  Jon Crowcroft

IPC分类号： G06F11/00

CPC分类号： G06F21/566 ,  H04L63/1416

摘要： One aspect of the invention is a vulnerability detection mechanism that can detect a large class of attacks through dynamic dataflow analysis. Another aspect of the invention includes self-certifying alerts as the basis for safely sharing knowledge about worms. Another aspect of the invention is a resilient and self-organizing protocol to propagate alerts to all non-infected nodes in a timely fashion, even when under active attack during a worm outbreak. Another aspect of the invention is a system architecture that enables a large number of mutually untrusting computers to collaborate in the task of stopping a previously unknown worm, even when the worm is spreading rapidly and exploiting unknown vulnerabilities in popular software packages.