-
公开(公告)号:US20130111587A1
公开(公告)日:2013-05-02
申请号:US13283353
申请日:2011-10-27
申请人: Nitin Kumar Goel , Kenneth D. Johnson , Matthew Ryan Miller , Navin Narayan Pai , Grzegorz M. Wroblewski , Gregory Justice Riggs
发明人: Nitin Kumar Goel , Kenneth D. Johnson , Matthew Ryan Miller , Navin Narayan Pai , Grzegorz M. Wroblewski , Gregory Justice Riggs
IPC分类号: G06F21/00
CPC分类号: G06F21/577 , G06F2221/034
摘要: The subject disclosure is directed towards detecting software vulnerabilities in an isolated computing environment. In order to evaluate each input submission from an external computer, a plurality of tasks are automatically generated for execution on one or more computing units running within the isolated computing environment. Various configurations of the one or more computing units are defined in which each computing unit executes the plurality of tasks. A report is produced comprising results associated with such an execution.
摘要翻译: 主题公开旨在检测孤立计算环境中的软件漏洞。 为了评估来自外部计算机的每个输入提交,自动生成多个任务用于在孤立计算环境内运行的一个或多个计算单元上执行。 定义一个或多个计算单元的各种配置,其中每个计算单元执行多个任务。 制作了包含与此类执行相关联的结果的报告。
-
公开(公告)号:US09021587B2
公开(公告)日:2015-04-28
申请号:US13283353
申请日:2011-10-27
申请人: Nitin Kumar Goel , Kenneth D. Johnson , Matthew Ryan Miller , Navin Narayan Pai , Grzegorz M. Wroblewski , Gregory Justice Riggs
发明人: Nitin Kumar Goel , Kenneth D. Johnson , Matthew Ryan Miller , Navin Narayan Pai , Grzegorz M. Wroblewski , Gregory Justice Riggs
CPC分类号: G06F21/577 , G06F2221/034
摘要: The subject disclosure is directed towards detecting software vulnerabilities in an isolated computing environment. In order to evaluate each input submission from an external computer, a plurality of tasks are automatically generated for execution on one or more computing units running within the isolated computing environment. Various configurations of the one or more computing units are defined in which each computing unit executes the plurality of tasks. A report is produced comprising results associated with such an execution.
摘要翻译: 主题公开旨在检测孤立计算环境中的软件漏洞。 为了评估来自外部计算机的每个输入提交,自动生成多个任务用于在孤立计算环境内运行的一个或多个计算单元上执行。 定义一个或多个计算单元的各种配置,其中每个计算单元执行多个任务。 制作了包含与此类执行相关联的结果的报告。
-
3.发明申请公开(公告)号:US20100306847A1
公开(公告)日:2010-12-02
申请号:US12472096
申请日:2009-05-26
CPC分类号: H04L63/1425 , G06F21/552 , G06F21/566 , G06F21/577 , G06F2221/2101 , G06F2221/2115 , G06F2221/2119
摘要: Most machines in an organization's computer network connect to the Internet and create web traffic logs which allow analysis of HTTP traffic in a simple, centralized way. The web traffic logs may contain error reports and error reports contain significant information that can be used to detect network security. By reviewing the error reports, significant information about a network and its security can be found as common sources of network security weakness may be watched for in the error reports.
摘要翻译: 组织计算机网络中的大多数机器连接到互联网,并创建Web流量日志,以便以简单,集中的方式分析HTTP流量。 Web流量日志可能包含错误报告,错误报告包含可用于检测网络安全性的重要信息。 通过查看错误报告,可以找到关于网络及其安全性的重要信息,因为在错误报告中可能会看到网络安全漏洞的常见来源。
-
公开(公告)号:US11003464B2
公开(公告)日:2021-05-11
申请号:US13450487
申请日:2012-04-19
申请人: Richard John Black , Timothy William Burrell , Miguel Oom Temudo de Castro , Manuel Silverio da Silva Costa , Kenneth Johnson , Matthew Ryan Miller
发明人: Richard John Black , Timothy William Burrell , Miguel Oom Temudo de Castro , Manuel Silverio da Silva Costa , Kenneth Johnson , Matthew Ryan Miller
摘要: Various technologies described herein pertain to enforcing control flow integrity by adding instrumentation when source code is compiled or binary code is rewritten. An indirect call to a control transfer target (e.g., in the source code, in the binary code, etc.) can be identified. Moreover, the instrumentation can be inserted prior to the indirect call. The instrumentation can use a bit from a bitmap maintained by a runtime to verify whether the control transfer target is valid. When an executable image that includes the inserted instrumentation runs, execution can be terminated and/or other appropriate actions can be taken when the control transfer target is determined to be invalid; alternatively, execution can continue when the control transfer target is determined to be valid.
-
公开(公告)号:US20110191848A1
公开(公告)日:2011-08-04
申请号:US12699073
申请日:2010-02-03
申请人: Benjamin Goth Zorn , Benjamin Livshits , Reid Borsuk , John Joseph Lambert , Matthew Ryan Miller , Louis Lafreniere , Peter Stuart Beck , Joshua Theodore Goodman , Timothy William Burrell , Steven Edward Lucco
发明人: Benjamin Goth Zorn , Benjamin Livshits , Reid Borsuk , John Joseph Lambert , Matthew Ryan Miller , Louis Lafreniere , Peter Stuart Beck , Joshua Theodore Goodman , Timothy William Burrell , Steven Edward Lucco
CPC分类号: G06F11/00
摘要: A method disclosed herein includes acts of receiving code at a Just-in-Time compiler executing in an application on a computing device and compiling the code to generate machine code and causing the machine code to be placed on at least one page that is accessible by at least one processor on the computing device, wherein the Just-in-Time compiler compiles the code utilizing at least one technique for preventing a Just-in-Time spraying attack.
摘要翻译: 本文公开的方法包括在计算设备上的应用程序中执行的即时编译器接收代码的动作,并编译代码以生成机器代码,并使机器代码放置在至少一个可由 所述计算设备上的至少一个处理器,其中所述即时编译器使用至少一种用于防止即时喷涂攻击的技术来编译代码。
-
公开(公告)号:US20130283245A1
公开(公告)日:2013-10-24
申请号:US13450487
申请日:2012-04-19
申请人: Richard John Black , Timothy William Burrell , Miguel Oom Temudo de Castro , Manuel Silverio da Silva Costa , Kenneth Johnson , Matthew Ryan Miller
发明人: Richard John Black , Timothy William Burrell , Miguel Oom Temudo de Castro , Manuel Silverio da Silva Costa , Kenneth Johnson , Matthew Ryan Miller
IPC分类号: G06F9/44
CPC分类号: G06F9/44589 , G06F8/433
摘要: Various technologies described herein pertain to enforcing control flow integrity by adding instrumentation when source code is compiled or binary code is rewritten. An indirect call to a control transfer target (e.g., in the source code, in the binary code, etc.) can be identified. Moreover, the instrumentation can be inserted prior to the indirect call. The instrumentation can use a bit from a bitmap maintained by a runtime to verify whether the control transfer target is valid. When an executable image that includes the inserted instrumentation runs, execution can be terminated and/or other appropriate actions can be taken when the control transfer target is determined to be invalid; alternatively, execution can continue when the control transfer target is determined to be valid.
摘要翻译: 本文描述的各种技术涉及通过在编译源代码或重写二进制代码时添加仪器来实施控制流完整性。 可以识别对控制传送目标的间接呼叫(例如,在源代码中,二进制代码等中)。 此外,可以在间接呼叫之前插入仪器。 仪器可以使用运行时维护的位图中的位来验证控制传输目标是否有效。 当包括插入的仪器的可执行映像运行时,当控制传送目标被确定为无效时,可以终止执行和/或可以执行其他适当的动作; 或者,当控制传送目标被确定为有效时,执行可以继续。
-
公开(公告)号:US09871811B2
公开(公告)日:2018-01-16
申请号:US12472096
申请日:2009-05-26
CPC分类号: H04L63/1425 , G06F21/552 , G06F21/566 , G06F21/577 , G06F2221/2101 , G06F2221/2115 , G06F2221/2119
摘要: Most machines in an organization's computer network connect to the Internet and create web traffic logs which allow analysis of HTTP traffic in a simple, centralized way. The web traffic logs may contain error reports and error reports contain significant information that can be used to detect network security. By reviewing the error reports, significant information about a network and its security can be found as common sources of network security weakness may be watched for in the error reports.
-
-
-
-
-
-
搜索结果
7 条记录 (耗时 0.029 秒)
