公开(公告)号：US10147289B2

公开(公告)日：2018-12-04

申请号：US15946397

申请日：2018-04-05

申请人： UT-Battelle, LLC

发明人： Charles L. Britton, Jr. ,  Steven S. Frank ,  Michael J. Kuhn ,  Andrzej Nycz ,  Chris A. Pickett ,  Scott L. Stewart ,  Robert J. Warmack ,  Richard A. Willems ,  James R. Younkin

IPC分类号： G08B13/14 ,  G08B13/24 ,  G08B21/18 ,  G08B29/18

摘要： Sensing devices, systems and methods for securing articles against tampering using a unique magnetic field signature measured at two different times are provided. One or more sensing devices are secured to a ferrous surface portion of a target container. The sensing devices are secured using a plurality of magnets. The unique magnetic field signature sensed by a sensing device is produced by a combination of the plurality of magnets of the sensing device and the ferrous surface portion of the target container and earth's magnetic field. The two different times being one of a baseline measurement session and one of an observation measurement session. An observation measurement session may be triggered by a shock event or periodically.

公开(公告)号：US20180189487A1

公开(公告)日：2018-07-05

申请号：US15906831

申请日：2018-02-27

申请人： UT Battelle, LLC

发明人： Kirk D. Sayre ,  Richard A. Willems ,  Stephen Lanse Lindberg

IPC分类号： G06F21/56

CPC分类号： G06F21/563

摘要： A process transforms compiled software into a semantic form. The process transforms the code into a semantic form. The process analyzes behavior functionality by processing precise programming behavior abstractions stored in a memory and classifies the code as malware based on the code behavior. Another method identifies the starting point of execution of a compiled program. The method calculates a complexity measure by calculating the number of potential execution paths of local functions; identifies the number of arguments passed to local functions; and identifies the starting point of execution of the compiled program. Another method provides interactive, dynamic visualization of a group of related functions wherein a user can explore the rendered graph and select a specific function and display functions that are color coded by their ancestral relation and their function call distance to the selected function.

公开(公告)号：US20160042180A1

公开(公告)日：2016-02-11

申请号：US14820976

申请日：2015-08-07

申请人： UT Battelle, LLC

发明人： Kirk D. Sayre ,  Richard A. Willems ,  Stephen Lanse Lindberg

IPC分类号： G06F21/56

CPC分类号： G06F21/563

摘要： A process transforms compiled software into a semantic form. The process transforms the code into a semantic form. The process analyzes behavior functionality by processing precise programming behavior abstractions stored in a memory and classifies the code as malware based on the code behavior. Another method identifies the starting point of execution of a compiled program. The method calculates a complexity measure by calculating the number of potential execution paths of local functions; identifies the number of arguments passed to local functions; and identifies the starting point of execution of the compiled program. Another method provides interactive, dynamic visualization of a group of related functions wherein a user can explore the rendered graph and select a specific function and display functions that are color coded by their ancestral relation and their function call distance to the selected function.

摘要翻译： 一个过程将编译的软件转换为语义形式。 该过程将代码转换为语义形式。 该过程通过处理存储在存储器中的精确编程行为抽象来分析行为功能，并根据代码行为将代码分类为恶意软件。 另一种方法标识了编译程序的执行起点。 该方法通过计算局部函数的潜在执行路径数来计算复杂性度量; 标识传递给本地函数的参数数; 并识别编译程序的执行起始点。 另一种方法提供一组相关功能的交互式动态可视化，其中用户可以探索渲染图并选择特定功能，并显示由其祖先关系对其进行颜色编码的功能及其对所选功能的功能呼叫距离。

公开(公告)号：US10198580B2

公开(公告)日：2019-02-05

申请号：US15906831

申请日：2018-02-27

申请人： UT Battelle, LLC

发明人： Kirk D. Sayre ,  Richard A. Willems ,  Stephen Lanse Lindberg

IPC分类号： G06F21/00 ,  G06F21/56

摘要： A process transforms compiled software into a semantic form. The process transforms the code into a semantic form. The process analyzes behavior functionality by processing precise programming behavior abstractions stored in a memory and classifies the code as malware based on the code behavior. Another method identifies the starting point of execution of a compiled program. The method calculates a complexity measure by calculating the number of potential execution paths of local functions; identifies the number of arguments passed to local functions; and identifies the starting point of execution of the compiled program. Another method provides interactive, dynamic visualization of a group of related functions wherein a user can explore the rendered graph and select a specific function and display functions that are color coded by their ancestral relation and their function call distance to the selected function.

公开(公告)号：US20180293860A1

公开(公告)日：2018-10-11

申请号：US15946397

申请日：2018-04-05

申请人： UT-Battelle, LLC

发明人： Charles L. Britton, JR. ,  Steven S. Frank ,  Michael J. Kuhn ,  Andrzej Nycz ,  Chris A. Pickett ,  Scott L. Stewart ,  Robert J. Warmack ,  Richard A. Willems ,  James R. Younkin

IPC分类号： G08B13/24 ,  G08B21/18

CPC分类号： G08B13/24 ,  G08B21/182 ,  G08B29/185

摘要： Sensing devices, systems and methods for securing articles against tampering using a unique magnetic field signature measured at two different times are provided. One or more sensing devices are secured to a ferrous surface portion of a target container. The sensing devices are secured using a plurality of magnets. The unique magnetic field signature sensed by a sensing device is produced by a combination of the plurality of magnets of the sensing device and the ferrous surface portion of the target container and earth's magnetic field. The two different times being one of a baseline measurement session and one of an observation measurement session. An observation measurement session may be triggered by a shock event or periodically.