公开(公告)号：US20100058479A1

公开(公告)日：2010-03-04

申请号：US12231435

申请日：2008-09-03

申请人： Shu-Lin Chen ,  Stanley Chow ,  Christophe Gustave

发明人： Shu-Lin Chen ,  Stanley Chow ,  Christophe Gustave

IPC分类号： G06F21/00

CPC分类号： G06F21/54 ,  G06F21/83

摘要： A method is carried out by a computer system for combating malicious keystroke-logging activities thereon. An operation is performed for generating a plurality of fake keystroke datasets that are each configured to resemble a keystroke dataset generated by keystrokes made on an input device of the computer system while entering sensitive information of a prescribed configuration. An operation is performed for receiving an instance of the sensitive information instance of the prescribed configuration concurrently with generating the fake keystroke datasets. Receiving the sensitive information instance includes a user of the computer system entering the sensitive information instance by performing keystrokes on the input device of the computer system such that a real keystroke dataset corresponding to the sensitive information instance is generated. An operation is performed for embedding the real keystroke dataset within at least a portion of the fake keystroke datasets after receiving the sensitive information instance.

摘要翻译： 通过计算机系统进行方法来防止其上的恶意击键记录活动。 执行用于产生多个假击键数据集的操作，每个假击键击数据集被配置为类似于在输入规定的配置的敏感信息时在计算机系统的输入设备上进行的按键产生的击键数据集。 执行操作以与生成假击键数据集并发地接收规定配置的敏感信息实例的实例。 接收敏感信息实例包括计算机系统的用户通过在计算机系统的输入设备上执行击键来输入敏感信息实例，从而生成与敏感信息实例相对应的真实击键数据集。 执行操作以在接收到敏感信息实例之后在真实击键数据集的至少一部分内嵌入真实的击键数据集。

公开(公告)号：US08516259B2

公开(公告)日：2013-08-20

申请号：US12231430

申请日：2008-09-03

申请人： Christophe Gustave ,  Stanley Chow ,  Shu-Lin Chen

发明人： Christophe Gustave ,  Stanley Chow ,  Shu-Lin Chen

IPC分类号： H04M1/64 ,  H04L9/08

CPC分类号： H04M3/533 ,  H04L63/0823

摘要： A method includes receiving an authentication certificate of a voice mail account holder and/or an authentication certificate of a caller wanting to leave a voice mail message the holders' voice mail account. A voice mail apparatus that provides voice mail service for the voice mail account holder performs such receiving. The account holder and/or the caller are authenticated after receiving the authentication certificate of the party being authenticated. Authenticating the account holder and/or the caller is performed using authentication information contained within the respective certificate. After such authentication is successfully performed, a voice mail message record can be created in the account of the account holder. Such creating includes allowing the caller to store the message in the account of the account holder in addition to associating authenticated identification information of the caller with the message and/or providing authenticated identification of the account holder to the caller.

摘要翻译： 一种方法包括：接收语音邮件账户持有人的认证证书和/或想要留下语音邮件消息的呼叫者的认证证书持有人的语音邮件账号。 为语音邮件帐户持有者提供语音邮件服务的语音邮件装置进行这种接收。 收到认证方认证证书后，账号持有人和/或主叫方进行认证。 使用包含在相应证书内的认证信息来执行帐户持有人和/或呼叫者的认证。 在成功执行认证之后，可以在帐户持有人的帐户中创建语音邮件消息记录。 这样的创建包括允许呼叫者将消息存储在帐户持有者的帐户中，除了将呼叫者的认证身份信息与消息相关联和/或向呼叫者提供帐户持有人的认证身份。

公开(公告)号：US08176328B2

公开(公告)日：2012-05-08

申请号：US12211980

申请日：2008-09-17

申请人： Shu-Lin Chen ,  Stanley Chow ,  Christophe Gustave

发明人： Shu-Lin Chen ,  Stanley Chow ,  Christophe Gustave

IPC分类号： H04L29/06 ,  H04L9/32 ,  G06F7/04

CPC分类号： H04L9/3263 ,  H04L63/0823 ,  H04L2209/80 ,  H04W12/06 ,  H04W84/12 ,  H04W88/08

摘要： A method for authenticating an operator of an AP includes: registering the operator's identity with a CA, by providing the operator's identification information and public key; creating a certificate including the foregoing; signing the certificate with the CA's private key; provisioning the AP with the signed certificate; provisioning a client with the CA's public key; sending a request from the client to the AP; generating a signature with the operator's private key; returning a reply to the client, including the AP provisioned certificate signed with the generated signature; using the client provisioned CA's public key to obtain the operator's public key from the certificate received in the reply; and, using the operator's public key obtained from the certificate received in the reply to verify the signature generated with the operator's private key and used by the AP to sign the certificate received in the reply.

摘要翻译： 用于认证AP的运营商的方法包括：通过提供运营商的识别信息和公钥来向CA注册运营商的身份; 创建包括上述的证书; 用CA的私钥签名证书; 为AP提供签名证书; 为客户端提供CA的公钥; 向客户端发送请求; 用操作员的私钥生成签名; 返回给客户的答复，包括使用生成的签名签名的AP配置证书; 使用客户端提供CA的公钥从答复中收到的证书获取运营商的公钥; 并使用从答复中收到的证书获得的运营商的公钥来验证由运营商的私钥生成的签名，并由AP使用签名对答复中收到的证书进行签名。

公开(公告)号：US20100070771A1

公开(公告)日：2010-03-18

申请号：US12211980

申请日：2008-09-17

申请人： Shu-Lin Chen ,  Stanley Chow ,  Christophe Gustave

发明人： Shu-Lin Chen ,  Stanley Chow ,  Christophe Gustave

IPC分类号： H04L9/32

CPC分类号： H04L9/3263 ,  H04L63/0823 ,  H04L2209/80 ,  H04W12/06 ,  H04W84/12 ,  H04W88/08

摘要： A method is provided for authenticating an identity of an operator (10) of an access point (AP) (52) of a wireless local area network (WLAN) (50) to a client (40) seeking a connection with the AP (52). The method includes: registering the identity of the operator (10) of the AP (52) with a trusted certificate authority (CA) (20), the registering including providing the CA (20) with (i) identification information identifying the operator (10) and (ii) a public key (12) of the operator (10); creating an authentication certificate (30) including the operator's identification information and the operator's public key (12); signing the certificate (30) with a private key (28) of the CA (20); provisioning the AP (52) with the certificate (30) that was signed with the private key (28) of the CA (20); provisioning the client (40) with a public key (24) of the CA (20), the CA's public key (24) being a corresponding counterpart to the CA's private key (28); sending a certificate request from the client (40) to the AP (52); generating a signature with a private key (14) of the operator (10), the operator's private key (14) being a corresponding counterpart for the operator's public key (12); returning a certificate reply from the AP (52) to the client (40) in response to the request, the reply including the certificate (30) with which the AP (52) was provisioned signed by the AP (52) with the generated signature; using the CA's public key (24) with which the client was provisioned to obtain the operator's public key (12) from the certificate (30) received in the reply; and, using the operator's public key (12) obtained from the certificate (30) received in the reply to verify the signature generated with the operator's private key (14) and used by the AP (52) to sign the certificate (30) received in the reply.

公开(公告)号：US20100054433A1

公开(公告)日：2010-03-04

申请号：US12231430

申请日：2008-09-03

申请人： Christophe Gustave ,  Stanley Chow ,  Shu-Lin Chen

发明人： Christophe Gustave ,  Stanley Chow ,  Shu-Lin Chen

IPC分类号： H04M1/64

CPC分类号： H04M3/533 ,  H04L63/0823

摘要： A method includes receiving an authentication certificate of a voice mail account holder and/or an authentication certificate of a caller wanting to leave a voice mail message the holders' voice mail account. A voice mail apparatus that provides voice mail service for the voice mail account holder performs such receiving. The account holder and/or the caller are authenticated after receiving the authentication certificate of the party being authenticated. Authenticating the account holder and/or the caller is performed using authentication information contained within the respective certificate. After such authentication is successfully performed, a voice mail message record can be created in the account of the account holder. Such creating includes allowing the caller to store the message in the account of the account holder in addition to associating authenticated identification information of the caller with the message and/or providing authenticated identification of the account holder to the caller.

摘要翻译： 一种方法包括：接收语音邮件账户持有人的认证证书和/或想要留下语音邮件消息的呼叫者的认证证书持有人的语音邮件账号。 为语音邮件帐户持有者提供语音邮件服务的语音邮件装置进行这种接收。 收到认证方认证证书后，账号持有人和/或主叫方进行认证。 使用包含在相应证书内的认证信息来执行认证帐户持有人和/或呼叫者。 在成功执行认证之后，可以在帐户持有人的帐户中创建语音邮件消息记录。 这样的创建包括允许呼叫者将消息存储在帐户持有者的帐户中，除了将呼叫者的认证身份信息与消息相关联和/或向呼叫者提供帐户持有人的认证身份。

公开(公告)号：US20100070761A1

公开(公告)日：2010-03-18

申请号：US12212368

申请日：2008-09-17

申请人： Christophe Gustave ,  Vinod Choyi ,  Shu-Lin Chen

发明人： Christophe Gustave ,  Vinod Choyi ,  Shu-Lin Chen

IPC分类号： H04L9/06

CPC分类号： H04L9/3247 ,  H04L9/3263 ,  H04L9/3297

摘要： A method is provided in a telecommunications network for authenticating a sender (10) of a message to a recipient of the message. The method includes: registering the sender (10) with a trusted certificate authority (CA) (20), the registering including providing the CA (20) with (i) identification information identifying the sender (10) and (ii) a public key (12) of the sender (10); creating an authentication certificate (30) including the sender's identification information and the sender's public key (12); signing the certificate (30) with a private key (28) of the CA (20); provisioning a message sending device (52) of the sender (10) with the certificate (30) that was signed with the private key (28) of the CA (20); provisioning a message receiving device (40) of the recipient with a public key (24) of the CA (20), the CA's public key (24) being a corresponding counterpart to the CA's private key (28); generating a signature with a private key (14) of the sender (10), the sender's private key (14) being a corresponding counterpart for the sender's public key (12); sending a message from sender's message sending device (52), the message including the certificate (30) and the signature; retrieving the message with the recipient's message receiving device (40); using the CA's public key (24) with which the recipient's receiving device (40) was provisioned to obtain the sender's public key (12) from the certificate (30) received in the retrieved message; and, using the sender's public key (12) obtained from the certificate (30) received in the retrieved message to verify the signature generated with the sender's private key (14).

摘要翻译： 在电信网络中提供了一种方法，用于向消息的接收方认证消息的发送者（10）。 该方法包括：向可信证书机构（CA）（20）注册发送者（10），该注册包括向CA（20）提供（i）识别发送者（10）的识别信息和（ii）公开密钥 （10）的（12）; 创建包括所述发送者的识别信息和所述发送者的公开密钥（12）的认证证书（30）; 用CA（20）的私钥（28）签署证书（30）; 用CA（20）的私钥（28）签名的证书（30）来设置发送者（10）的消息发送设备（52）; 通过所述CA（20）的公开密钥（24）提供所述接收者的消息接收设备（40），所述CA的公开密钥（24）是所述CA的私钥（28）的相应对应物; 使用所述发送者（10）的私钥（14）生成签名，所述发送者的私钥（14）是所述发送者的公开密钥（12）的对应的对应物; 从发送者的消息发送装置（52）发送消息，所述消息包括证书（30）和签名; 用接收者的消息接收装置（40）检索消息; 使用接收者的接收设备（40）提供的CA的公开密钥（24）从在所检索的消息中接收的证书（30）获得发送者的公开密钥（12）; 以及使用从所检索的消息中接收的证书（30）获得的发送者的公开密钥（12）来验证使用发送者的私钥（14）生成的签名。

公开(公告)号：US08341740B2

公开(公告)日：2012-12-25

申请号：US12124431

申请日：2008-05-21

申请人： Bassem Abdel-Aziz ,  Stanley Chow ,  Shu-Lin Chen

发明人： Bassem Abdel-Aziz ,  Stanley Chow ,  Shu-Lin Chen

IPC分类号： G06F21/00

CPC分类号： H04L63/1416

摘要： Malware detection systems are presented in which a list is constructed of enterprise hosts to or from which each given enterprise network host sends or receives packets within a current measurement period and statistics are accumulated based on two or more measurement period lists, with a count value being derived from the statistics to indicate the number of other hosts to or from which each monitored host sent or received packets, and one or more monitored hosts may be identified as suspected of being infected with slow and/or distributed scanning malware for which the count value exceeds a threshold value.

摘要翻译： 提供了恶意软件检测系统，其中列表是由企业主机构成的，每个企业主机在每个给定的企业网络主机在当前测量周期内发送或接收分组，并且基于两个或更多个测量周期列表累积统计信息，计数值为 从统计信息中导出，以指示每个受监视主机发送或接收的数据包的其他主机的数量，以及一个或多个受监视主机可能被识别为怀疑被慢扫描和/或分布式扫描恶意软件感染，计数值 超过阈值。

公开(公告)号：US20090328220A1

公开(公告)日：2009-12-31

申请号：US12145768

申请日：2008-06-25

申请人： Bassem Abdel-Aziz ,  Stanley Chow ,  Shu-Lin Chen

发明人： Bassem Abdel-Aziz ,  Stanley Chow ,  Shu-Lin Chen

IPC分类号： G06F21/00

CPC分类号： H04L63/145 ,  G06F21/552

摘要： Malware detection systems and methods are presented in which header data of protocol data units (PDUs) are examined at a wireless access switch shared by multiple clients, and the PDU type and client are used to establish counters, with the count values being analyzed to identify clients suspected of being infected with malware.

摘要翻译： 介绍了恶意软件检测系统和方法，其中在多个客户端共享的无线接入交换机上检查协议数据单元（PDU）的报头数据，并且使用PDU类型和客户端建立计数器，计数值被分析以识别 怀疑被恶意软件感染的客户。

公开(公告)号：US08250645B2

公开(公告)日：2012-08-21

申请号：US12145768

申请日：2008-06-25

申请人： Bassem Abdel-Aziz ,  Stanley Chow ,  Shu-Lin Chen

发明人： Bassem Abdel-Aziz ,  Stanley Chow ,  Shu-Lin Chen

IPC分类号： H04L29/06

CPC分类号： H04L63/145 ,  G06F21/552

摘要： Malware detection systems and methods are presented in which header data of protocol data units (PDUs) are examined at a wireless access switch shared by multiple clients, and the PDU type and client are used to establish counters, with the count values being analyzed to identify clients suspected of being infected with malware.

摘要翻译： 介绍了恶意软件检测系统和方法，其中在多个客户端共享的无线接入交换机上检查协议数据单元（PDU）的报头数据，并且使用PDU类型和客户端建立计数器，计数值被分析以识别 怀疑被恶意软件感染的客户。

公开(公告)号：US20090293122A1

公开(公告)日：2009-11-26

申请号：US12124431

申请日：2008-05-21

申请人： Bassem Abdel-Aziz ,  Stanley Chow ,  Shu-Lin Chen

发明人： Bassem Abdel-Aziz ,  Stanley Chow ,  Shu-Lin Chen

IPC分类号： G06F11/00

CPC分类号： H04L63/1416

摘要： Malware detection systems are presented in which a list is constructed of enterprise hosts to or from which each given enterprise network host sends or receives packets within a current measurement period and statistics are accumulated based on two or more measurement period lists, with a count value being derived from the statistics to indicate the number of other hosts to or from which each monitored host sent or received packets, and one or more monitored hosts may be identified as suspected of being infected with slow and/or distributed scanning malware for which the count value exceeds a threshold value.

摘要翻译： 提供了恶意软件检测系统，其中列表是由企业主机构成的，每个企业主机在每个给定的企业网络主机在当前测量周期内发送或接收分组，并且基于两个或更多个测量周期列表累积统计信息，计数值为 从统计信息中导出，以指示每个受监视主机发送或接收的数据包的其他主机的数量，以及一个或多个受监控主机可能被识别为怀疑被慢扫描和/或分布式扫描恶意软件感染，计数值 超过阈值。