-
公开(公告)号:US08763123B2
公开(公告)日:2014-06-24
申请号:US13543865
申请日:2012-07-08
申请人: Melvyn Morris , Paul Stubbs , Markus Hartwig , Darren Harter
发明人: Melvyn Morris , Paul Stubbs , Markus Hartwig , Darren Harter
IPC分类号: G06F11/00
CPC分类号: G06F21/56 , G06F21/577
摘要: In one aspect, a method of determining the protection that a remote computer has from malware includes receiving at a base computer, details of all or selected security products operating on a remote computer, receiving similar information from other remote computers, and identifying malware process that were not identified by the security products installed on the other remote computers and having a same or similar combination of security products installed on the remote computer.
摘要翻译: 一方面,确定远程计算机从恶意软件获得的保护的方法包括在基本计算机处接收在远程计算机上操作的所有或所选择的安全产品的细节,从其他远程计算机接收类似信息,以及识别恶意软件进程, 未被其他远程计算机上安装的安全产品识别,并且具有安装在远程计算机上的相同或相似的安全产品组合。
-
公开(公告)号:US08418250B2
公开(公告)日:2013-04-09
申请号:US11477807
申请日:2006-06-30
申请人: Melvyn Morris , Paul Stubbs , Markus Hartwig , Darren Harter
发明人: Melvyn Morris , Paul Stubbs , Markus Hartwig , Darren Harter
IPC分类号: G06F21/00
CPC分类号: G06F21/56 , G06F21/577
摘要: In one aspect, a method of classifying a computer object as malware includes receiving at a base computer data about a computer object from each of plural remote computers on which the object or similar objects are stored. The data about the computer object received from the plural computers is compared in the base computer. The computer object is classified as malware on the basis of said comparison. In one embodiment, the data about the computer object includes one or more of: executable instructions contained within or constituted by the object; the size of the object; the name of the object; the logical storage location or path of the object on the respective remote computers; the vendor of the object; the software product and version associated with the object; and, events initiated by or involving the object when the object is created, configured or runs on the respective remote computers.
摘要翻译: 一方面,将计算机对象分类为恶意软件的方法包括在基础计算机上从存储有对象或类似对象的多个远程计算机中的每一个接收关于计算机对象的数据。 在基本计算机中比较从多台计算机接收的关于计算机对象的数据。 基于所述比较,计算机对象被分类为恶意软件。 在一个实施例中,关于计算机对象的数据包括以下中的一个或多个:包含在对象内或由对象构成的可执行指令; 对象的大小; 对象的名称; 对象在相应远程计算机上的逻辑存储位置或路径; 对象的供应商; 与该对象相关联的软件产品和版本; 以及在对象创建,配置或运行在相应远程计算机上时由对象发起或涉及对象的事件。
-
公开(公告)号:US08726389B2
公开(公告)日:2014-05-13
申请号:US13543866
申请日:2012-07-08
申请人: Melvyn Morris , Paul Stubbs , Markus Hartwig , Darren Harter
发明人: Melvyn Morris , Paul Stubbs , Markus Hartwig , Darren Harter
CPC分类号: G06F21/56 , G06F21/577
摘要: In one aspect, a method of classifying a computer object as malware includes receiving at a base computer data about a computer object from each of plural remote computers on which the object or similar objects are stored. The data about the computer object received from the plural computers is compared in the base computer. The computer object is classified as malware on the basis of said comparison. In one embodiment, the data about the computer object includes one or more of: executable instructions contained within or constituted by the object; the size of the object; the name of the object; the logical storage location or path of the object on the respective remote computers; the vendor of the object; the software product and version associated with the object; and, events initiated by or involving the object when the object is created, configured or runs on the respective remote computers.
摘要翻译: 一方面,将计算机对象分类为恶意软件的方法包括在基础计算机上从存储有对象或类似对象的多个远程计算机中的每一个接收关于计算机对象的数据。 在基本计算机中比较从多台计算机接收的关于计算机对象的数据。 基于所述比较,计算机对象被分类为恶意软件。 在一个实施例中,关于计算机对象的数据包括以下中的一个或多个:包含在对象内或由对象构成的可执行指令; 对象的大小; 对象的名称; 对象在相应远程计算机上的逻辑存储位置或路径; 对象的供应商; 与该对象相关联的软件产品和版本; 以及在对象创建,配置或运行在相应远程计算机上时由对象发起或涉及对象的事件。
-
公开(公告)号:US20120278895A1
公开(公告)日:2012-11-01
申请号:US13543866
申请日:2012-07-08
申请人: Melvyn Morris , Paul Stubbs , Markus Hartwig , Darren Harter
发明人: Melvyn Morris , Paul Stubbs , Markus Hartwig , Darren Harter
IPC分类号: G06F21/00
CPC分类号: G06F21/56 , G06F21/577
摘要: In one aspect, a method of classifying a computer object as malware includes receiving at a base computer data about a computer object from each of plural remote computers on which the object or similar objects are stored. The data about the computer object received from the plural computers is compared in the base computer. The computer object is classified as malware on the basis of said comparison. In one embodiment, the data about the computer object includes one or more of: executable instructions contained within or constituted by the object;the size of the object; the name of the object; the logical storage location or path of the object on the respective remote computers; the vendor of the object; the software product and version associated with the object; and, events initiated by or involving the object when the object is created, configured or runs on the respective remote computers.
-
公开(公告)号:US20120278891A1
公开(公告)日:2012-11-01
申请号:US13543865
申请日:2012-07-08
申请人: Melvyn Morris , Paul Stubbs , Markus Hartwig , Darren Harter
发明人: Melvyn Morris , Paul Stubbs , Markus Hartwig , Darren Harter
IPC分类号: G06F21/00
CPC分类号: G06F21/56 , G06F21/577
摘要: In one aspect, a method of classifying a computer object as malware includes receiving at a base computer data about a computer object from each of plural remote computers on which the object or similar objects are stored. The data about the computer object received from the plural computers is compared in the base computer. The computer object is classified as malware on the basis of said comparison. In one embodiment, the data about the computer object includes one or more of: executable instructions contained within or constituted by the object;the size of the object; the name of the object; the logical storage location or path of the object on the respective remote computers; the vendor of the object; the software product and version associated with the object; and, events initiated by or involving the object when the object is created, configured or runs on the respective remote computers.
摘要翻译: 一方面,将计算机对象分类为恶意软件的方法包括在基础计算机上从存储有对象或类似对象的多个远程计算机中的每一个接收关于计算机对象的数据。 在基本计算机中比较从多台计算机接收的关于计算机对象的数据。 基于所述比较,计算机对象被分类为恶意软件。 在一个实施例中,关于计算机对象的数据包括以下中的一个或多个:包含在对象内或由对象构成的可执行指令; 对象的大小; 对象的名称; 对象在相应远程计算机上的逻辑存储位置或路径; 对象的供应商; 与该对象相关联的软件产品和版本; 以及在对象创建,配置或运行在相应远程计算机上时由对象发起或涉及对象的事件。
-
公开(公告)号:US20070016953A1
公开(公告)日:2007-01-18
申请号:US11477807
申请日:2006-06-30
申请人: Melvyn Morris , Paul Stubbs , Markus Hartwig , Darren Harter
发明人: Melvyn Morris , Paul Stubbs , Markus Hartwig , Darren Harter
IPC分类号: G06F12/14
CPC分类号: G06F21/56 , G06F21/577
摘要: In one aspect, a method of classifying a computer object as malware includes receiving at a base computer data about a computer object from each of plural remote computers on which the object or similar objects are stored. The data about the computer object received from the plural computers is compared in the base computer. The computer object is classified as malware on the basis of said comparison. In one embodiment, the data about the computer object includes one or more of: executable instructions contained within or constituted by the object; the size of the object; the name of the object; the logical storage location or path of the object on the respective remote computers; the vendor of the object; the software product and version associated with the object; and, events initiated by or involving the object when the object is created, configured or runs on the respective remote computers.
摘要翻译: 一方面,将计算机对象分类为恶意软件的方法包括在基础计算机上从存储有对象或类似对象的多个远程计算机中的每一个接收关于计算机对象的数据。 在基本计算机中比较从多台计算机接收的关于计算机对象的数据。 基于所述比较,计算机对象被分类为恶意软件。 在一个实施例中,关于计算机对象的数据包括以下中的一个或多个:包含在对象内或由对象构成的可执行指令; 对象的大小; 对象的名称; 对象在相应远程计算机上的逻辑存储位置或路径; 对象的供应商; 与该对象相关联的软件产品和版本; 以及在对象创建,配置或运行在相应远程计算机上时由对象发起或涉及对象的事件。
-
公开(公告)号:US20060026684A1
公开(公告)日:2006-02-02
申请号:US11183322
申请日:2005-07-18
申请人: Ralph Harvey , Darren Harter , Markus Hartwig , Paul Stubbs
发明人: Ralph Harvey , Darren Harter , Markus Hartwig , Paul Stubbs
IPC分类号: G06F12/14
CPC分类号: G06F21/552 , G06F21/53 , G06F21/6218
摘要: A system and method of host intrusion prevention for preventing intrusion into a computer system is disclosed. Requests to access a resource of the computer system are monitored. It is determined whether the requested access is to be permitted or not in accordance with a policy. The requested access is allowed or denied accordingly.
摘要翻译: 公开了一种用于防止入侵计算机系统的主机入侵防御的系统和方法。 监视访问计算机系统资源的请求。 根据策略确定是否允许所请求的访问。 相应地允许或拒绝请求的访问。
-
-
-
-
-
-
搜索结果
7 条记录 (耗时 0.021 秒)