-
公开(公告)号:US20120117653A1
公开(公告)日:2012-05-10
申请号:US13352451
申请日:2012-01-18
申请人: Stanley Chow , Bassem Abdel-Aziz , Faud Khan
发明人: Stanley Chow , Bassem Abdel-Aziz , Faud Khan
IPC分类号: G06F12/14
CPC分类号: H04L63/145 , G06F21/566 , H04L63/1491
摘要: Methods and systems are presented for detection of malware such as worms in which a network switch entices the malware into sending scan packets by allocating one or more ports as bait addresses, sending outgoing bait packets, and identifying compromised hosts that send unexpected incoming packets to a bait address.
摘要翻译: 提出了用于检测蠕虫的方法和系统,其中网络交换机通过将一个或多个端口分配为诱饵地址,发送传出诱饵分组以及将发送意外的传入分组的受损主机识别到 诱饵地址
-
公开(公告)号:US09419995B2
公开(公告)日:2016-08-16
申请号:US13352451
申请日:2012-01-18
申请人: Stanley Chow , Bassem Abdel-Aziz , Faud Khan
发明人: Stanley Chow , Bassem Abdel-Aziz , Faud Khan
CPC分类号: H04L63/145 , G06F21/566 , H04L63/1491
摘要: Methods and systems are presented for detection of malware such as worms in which a network switch entices the malware into sending scan packets by allocating one or more ports as bait addresses, sending outgoing bait packets, and identifying compromised hosts that send unexpected incoming packets to a bait address.
摘要翻译: 提出了用于检测蠕虫的方法和系统,其中网络交换机通过将一个或多个端口分配为诱饵地址,发送传出诱饵分组以及将发送意外的传入分组的受损主机识别到 诱饵地址
-
公开(公告)号:US20090222920A1
公开(公告)日:2009-09-03
申请号:US12039817
申请日:2008-02-29
申请人: Stanley Chow , Bassem Abdel-Aziz , Faud Khan
发明人: Stanley Chow , Bassem Abdel-Aziz , Faud Khan
IPC分类号: G06F21/00
CPC分类号: H04L63/145 , G06F21/566 , H04L63/1491
摘要: Methods and systems are presented for detection of malware such as worms in which a network switch entices the malware into sending scan packets by allocating one or more ports as bait addresses, sending outgoing bait packets, and identifying compromised hosts that send unexpected incoming packets to a bait address.
摘要翻译: 提出了用于检测蠕虫的方法和系统,其中网络交换机通过将一个或多个端口分配为诱饵地址,发送传出诱饵分组以及将发送意外的传入分组的受损主机识别到 诱饵地址
-
公开(公告)号:US08181249B2
公开(公告)日:2012-05-15
申请号:US12039817
申请日:2008-02-29
申请人: Stanley Chow , Bassem Abdel-Aziz , Faud Khan
发明人: Stanley Chow , Bassem Abdel-Aziz , Faud Khan
IPC分类号: G06F12/14
CPC分类号: H04L63/145 , G06F21/566 , H04L63/1491
摘要: Methods and systems are presented for detection of malware such as worms in which a network switch entices the malware into sending scan packets by allocating one or more ports as bait addresses, sending outgoing bait packets, and identifying compromised hosts that send unexpected incoming packets to a bait address.
摘要翻译: 提出了用于检测蠕虫的方法和系统,其中网络交换机通过将一个或多个端口分配为诱饵地址,发送传出诱饵分组以及将发送意外的传入分组的受损主机识别到 诱饵地址
-
5.发明申请MALWARE DETECTION METHODS AND SYSTEMS FOR MULTIPLE USERS SHARING COMMON ACCESS SWITCH 有权多用户共享通用访问开关的恶意检测方法与系统公开(公告)号:US20090328220A1
公开(公告)日:2009-12-31
申请号:US12145768
申请日:2008-06-25
申请人: Bassem Abdel-Aziz , Stanley Chow , Shu-Lin Chen
发明人: Bassem Abdel-Aziz , Stanley Chow , Shu-Lin Chen
IPC分类号: G06F21/00
CPC分类号: H04L63/145 , G06F21/552
摘要: Malware detection systems and methods are presented in which header data of protocol data units (PDUs) are examined at a wireless access switch shared by multiple clients, and the PDU type and client are used to establish counters, with the count values being analyzed to identify clients suspected of being infected with malware.
摘要翻译: 介绍了恶意软件检测系统和方法,其中在多个客户端共享的无线接入交换机上检查协议数据单元(PDU)的报头数据,并且使用PDU类型和客户端建立计数器,计数值被分析以识别 怀疑被恶意软件感染的客户。
-
6.发明申请公开(公告)号:US20090222663A1
公开(公告)日:2009-09-03
申请号:US12039946
申请日:2008-02-29
IPC分类号: H04L9/00
CPC分类号: H04L9/3263 , H04L2209/60
摘要: A system and method of authenticating the identity of a remote fax machine during a faxing operation is provided. An X.509-type Certificate received from the remote fax machine is validated to affirm it can be properly associated with the remote machine. The Certificate's public key is used to verify the remote fax machine has the corresponding private key. A Certificate's Common Name then compared to an Expected Name to authenticate the identity of the remote fax machine prior to sending a fax to prevent an unwanted misdirection of faxed information and to screen incoming faxes for unwanted spam.
摘要翻译: 提供了在传真操作期间认证远程传真机的身份的系统和方法。 从远程传真机接收到的X.509型证书被验证,以确认它可以与远程机器正确关联。 证书的公钥用于验证远程传真机具有相应的私钥。 然后将证书的通用名称与预期名称进行比较,以在发送传真之前对远程传真机的身份进行身份验证,以防止传真信息的不必要的误导,并屏蔽传入的传真以获取垃圾邮件。
-
7.发明授权Method and system for identifying enterprise network hosts infected with slow and/or distributed scanning malware 有权识别感染慢扫描和/或分布式扫描恶意软件的企业网络主机的方法和系统公开(公告)号:US08341740B2
公开(公告)日:2012-12-25
申请号:US12124431
申请日:2008-05-21
申请人: Bassem Abdel-Aziz , Stanley Chow , Shu-Lin Chen
发明人: Bassem Abdel-Aziz , Stanley Chow , Shu-Lin Chen
IPC分类号: G06F21/00
CPC分类号: H04L63/1416
摘要: Malware detection systems are presented in which a list is constructed of enterprise hosts to or from which each given enterprise network host sends or receives packets within a current measurement period and statistics are accumulated based on two or more measurement period lists, with a count value being derived from the statistics to indicate the number of other hosts to or from which each monitored host sent or received packets, and one or more monitored hosts may be identified as suspected of being infected with slow and/or distributed scanning malware for which the count value exceeds a threshold value.
摘要翻译: 提供了恶意软件检测系统,其中列表是由企业主机构成的,每个企业主机在每个给定的企业网络主机在当前测量周期内发送或接收分组,并且基于两个或更多个测量周期列表累积统计信息,计数值为 从统计信息中导出,以指示每个受监视主机发送或接收的数据包的其他主机的数量,以及一个或多个受监视主机可能被识别为怀疑被慢扫描和/或分布式扫描恶意软件感染,计数值 超过阈值。
-
8.发明授权Malware detection methods and systems for multiple users sharing common access switch 有权多个用户共享公共访问交换机的恶意软件检测方法和系统公开(公告)号:US08250645B2
公开(公告)日:2012-08-21
申请号:US12145768
申请日:2008-06-25
申请人: Bassem Abdel-Aziz , Stanley Chow , Shu-Lin Chen
发明人: Bassem Abdel-Aziz , Stanley Chow , Shu-Lin Chen
IPC分类号: H04L29/06
CPC分类号: H04L63/145 , G06F21/552
摘要: Malware detection systems and methods are presented in which header data of protocol data units (PDUs) are examined at a wireless access switch shared by multiple clients, and the PDU type and client are used to establish counters, with the count values being analyzed to identify clients suspected of being infected with malware.
摘要翻译: 介绍了恶意软件检测系统和方法,其中在多个客户端共享的无线接入交换机上检查协议数据单元(PDU)的报头数据,并且使用PDU类型和客户端建立计数器,计数值被分析以识别 怀疑被恶意软件感染的客户。
-
9.发明申请METHOD AND SYSTEM FOR IDENTIFYING ENTERPRISE NETWORK HOSTS INFECTED WITH SLOW AND/OR DISTRIBUTED SCANNING MALWARE 有权用于识别用慢速和/或分布式扫描恶意软件感染的企业网络主机的方法和系统公开(公告)号:US20090293122A1
公开(公告)日:2009-11-26
申请号:US12124431
申请日:2008-05-21
申请人: Bassem Abdel-Aziz , Stanley Chow , Shu-Lin Chen
发明人: Bassem Abdel-Aziz , Stanley Chow , Shu-Lin Chen
IPC分类号: G06F11/00
CPC分类号: H04L63/1416
摘要: Malware detection systems are presented in which a list is constructed of enterprise hosts to or from which each given enterprise network host sends or receives packets within a current measurement period and statistics are accumulated based on two or more measurement period lists, with a count value being derived from the statistics to indicate the number of other hosts to or from which each monitored host sent or received packets, and one or more monitored hosts may be identified as suspected of being infected with slow and/or distributed scanning malware for which the count value exceeds a threshold value.
摘要翻译: 提供了恶意软件检测系统,其中列表是由企业主机构成的,每个企业主机在每个给定的企业网络主机在当前测量周期内发送或接收分组,并且基于两个或更多个测量周期列表累积统计信息,计数值为 从统计信息中导出,以指示每个受监视主机发送或接收的数据包的其他主机的数量,以及一个或多个受监控主机可能被识别为怀疑被慢扫描和/或分布式扫描恶意软件感染,计数值 超过阈值。
-
公开(公告)号:US07877784B2
公开(公告)日:2011-01-25
申请号:US11811235
申请日:2007-06-07
申请人: Stanley Chow , Jeff Smith , Christophe Gustave
发明人: Stanley Chow , Jeff Smith , Christophe Gustave
CPC分类号: H04L63/0823 , H04L63/12 , H04L63/168
摘要: A certificate registry system is configured to issue authentication certificates issued to each one of a plurality of information providers and to maintain a root certificate corresponding to all of the authentication certificates. Each one of the authentication certificates links respective authentication information thereof to identification information of a corresponding one of the information providers. Each one of the authentication certificates is devoid of linkage between the corresponding one of the information providers and domain name information thereof. The authentication certificates of the certificate registry are associated in a manner at least partially dependent upon at least one of a particular type of information that the information providers provide, a particular organization that the information providers are associated with, a particular type profession in which the information providers are engaged and a particular geographical region in which the information providers are located.
摘要翻译: 证书注册系统被配置为发出颁发给多个信息提供者中的每一个的认证证书并维护与所有认证证书相对应的根证书。 每个认证证书将其相应的认证信息链接到相应的一个信息提供者的识别信息。 认证证书中的每一个都没有相应的一个信息提供者和其域名信息之间的链接。 证书注册管理机构的认证证书至少部分地取决于信息提供者提供的特定类型的信息,信息提供者所关联的特定组织,特定类型职业中的至少一个,其中 信息提供者参与信息提供者所在的特定地理区域。
-
-
-
-
-
-
-
-
-
搜索结果
32 条记录 (耗时 0.02 秒)
