-
公开(公告)号:US08621625B1
公开(公告)日:2013-12-31
申请号:US12342607
申请日:2008-12-23
申请人: Walter Bogorad , Vadim Antonov
发明人: Walter Bogorad , Vadim Antonov
IPC分类号: G06F21/00
CPC分类号: G06F21/562
摘要: A computer-implemented method for detecting infected files may include identifying a set of known-clean files. The method may also include identifying a set of characteristics of an unchecked file. The method may further include determine that the unchecked file is related to a clean file in the set of known-clean files. The determination may be based on the set of characteristics of the unchecked file. The method may additionally include determining whether the unchecked file is functionally equivalent to the clean file. This determination may be based on the set of characteristics of the unchecked file. Various other methods, systems, and computer-readable media are also disclosed.
摘要翻译: 用于检测感染文件的计算机实现的方法可以包括识别一组已知干净的文件。 该方法还可以包括识别未检查文件的一组特征。 该方法还可以包括确定未经检查的文件与一组已知干净文件中的干净文件相关。 该确定可以基于未检查文件的特征集合。 该方法还可以包括确定未被检查的文件是否在功能上等同于干净的文件。 该确定可以基于未经检查的文件的特征集合。 还公开了各种其它方法,系统和计算机可读介质。
-
公开(公告)号:US08185956B1
公开(公告)日:2012-05-22
申请号:US12059471
申请日:2008-03-31
申请人: Walter Bogorad , Vadim Antonov
发明人: Walter Bogorad , Vadim Antonov
IPC分类号: H04L29/06 , G06F15/173 , G06F11/00
CPC分类号: H04L63/105
摘要: A mechanism is provided for determining a safety reputation for a network site in a manner that provides both wide coverage of potentially malicious sites as well as improves the freshness of information from which the safety reputation is derived. Community-based information, such as reports from users related to recently-visited network sites, malware detected by reporting network nodes, non-specific information such as unusual CPU usage and network activity of visiting nodes, and information received from other types of external feeds is used in determining the safety reputation and updating the safety reputation. Such information is analyzed in order to determine network sites that are potential sources of malware, which can then be subjected to more detailed analysis. Historical information as to a site's reputation and other factors such as commercial importance can also be reviewed to make a determination as to whether information being currently gathered by a community of users is sufficient to trigger additional analysis of the network site. Thus, resources used for detailed analysis of suspect network sites is conserved.
摘要翻译: 提供了一种用于以提供潜在恶意站点的广泛覆盖的方式来确定网络站点的安全信誉的机制,以及提高从其导出安全信誉的信息的新鲜度。 基于社区的信息,例如与最近访问的网站相关的用户的报告,由报告网络节点检测到的恶意软件,诸如异常CPU使用率和访问节点的网络活动之类的非特定信息以及从其他类型的外部馈送接收到的信息 用于确定安全声誉和更新安全声誉。 分析这些信息以便确定作为恶意软件潜在来源的网络站点,然后可以进行更详细的分析。 关于网站声誉和商业重要性等其他因素的历史信息也可以进行审查,以确定目前由用户社区收集的信息是否足以触发网站的额外分析。 因此,用于详细分析可疑网站的资源是保守的。
-
公开(公告)号:US6044080A
公开(公告)日:2000-03-28
申请号:US752479
申请日:1996-11-19
申请人: Vadim Antonov
发明人: Vadim Antonov
CPC分类号: H04Q11/0478 , H04L2012/5619 , H04L2012/5645 , H04L2012/565 , H04L2012/5672
摘要: A scalable parallel packet router comprises a massively parallel computer 10 and a plurality of multiplexers 15, and is controlled by a disclosed packet routing algorithm, and a method of very high-speed packet routing. The method includes selection of an destination node by computing a hash function from source and destination addresses of a packet, so the ordering of packets is preserved.
摘要翻译: 可扩展的并行包路由器包括大型并行计算机10和多个多路复用器15,并且由公开的分组路由选择算法和非常高速分组路由的方法控制。 该方法包括通过从分组的源和目的地址计算哈希函数来选择目的地节点,因此保留分组的顺序。
-
公开(公告)号:US08875292B1
公开(公告)日:2014-10-28
申请号:US12754586
申请日:2010-04-05
申请人: Walter Bogorad , Vadim Antonov
发明人: Walter Bogorad , Vadim Antonov
CPC分类号: G06F21/564 , G06F2221/2115 , H04L63/1416
摘要: A computer-implemented method for managing malware signatures. The method may include maintaining a set of active malware signatures and maintaining a set of dormant malware signatures. The method may also include providing the set of active malware signatures for use in malware detection more frequently than the set of dormant malware signatures and determining that a first malware signature from the set of dormant malware signatures triggers one or more positive malware detection responses. The method may further include, in response to the determination, moving the first malware signature from the set of dormant malware signatures to the set of active malware signatures. Various other methods, systems, and computer-readable media are also disclosed.
摘要翻译: 用于管理恶意软件签名的计算机实现的方法。 该方法可以包括维护一组主动恶意软件签名并维护一组休眠的恶意软件签名。 该方法还可以包括提供用于恶意软件检测的一组主动恶意软件签名,比一组休眠恶意软件签名更频繁,并且确定来自该组休眠恶意软件签名的第一恶意软件签名触发一个或多个正恶意软件检测响应。 该方法还可以包括响应于该确定,将第一恶意软件签名从该组休眠恶意软件签名移动到该组活动恶意软件签名。 还公开了各种其它方法,系统和计算机可读介质。
-
公开(公告)号:US08667587B1
公开(公告)日:2014-03-04
申请号:US13474973
申请日:2012-05-18
申请人: Walter Bogorad , Vadim Antonov
发明人: Walter Bogorad , Vadim Antonov
IPC分类号: G06F11/00 , G06F12/14 , G06F12/16 , G06F15/173
CPC分类号: H04L63/105
摘要: A mechanism is provided for determining a safety reputation for a network site in a manner that provides both wide coverage of potentially malicious sites as well as improves the freshness of information from which the safety reputation is derived. Community-based information, such as reports from users related to recently-visited network sites, malware detected by reporting network nodes, non-specific information such as unusual CPU usage and network activity of visiting nodes, and information received from other types of external feeds is used in determining the safety reputation and updating the safety reputation. Such information is analyzed in order to determine network sites that are potential sources of malware, which can then be subjected to more detailed analysis. Historical information as to a site's reputation and other factors such as commercial importance can also be reviewed to make a determination as to whether information being currently gathered by a community of users is sufficient to trigger additional analysis of the network site. Thus, resources used for detailed analysis of suspect network sites is conserved.
摘要翻译: 提供了一种用于以提供潜在恶意站点的广泛覆盖的方式来确定网络站点的安全信誉的机制,以及提高从其导出安全信誉的信息的新鲜度。 基于社区的信息,例如与最近访问的网站相关的用户的报告,由报告网络节点检测到的恶意软件,诸如异常CPU使用率和访问节点的网络活动之类的非特定信息以及从其他类型的外部馈送接收到的信息 用于确定安全声誉和更新安全声誉。 分析这些信息以便确定作为恶意软件潜在来源的网络站点,然后可以进行更详细的分析。 关于网站声誉和商业重要性等其他因素的历史信息也可以进行审查,以确定目前由用户社区收集的信息是否足以触发网站的额外分析。 因此,用于详细分析可疑网站的资源是保守的。
-
公开(公告)号:US08463235B1
公开(公告)日:2013-06-11
申请号:US12881915
申请日:2010-09-14
申请人: Vadim Antonov , Kirill Levichev
发明人: Vadim Antonov , Kirill Levichev
IPC分类号: H04M1/66
CPC分类号: H04M3/436 , H04M1/663 , H04M2203/6027
摘要: Attempts to communicate telephonically by a mobile phone are detected. When an attempt is detected, an associated phone number is identified and transmitted to a server in order to glean corresponding security information. On the server, a database is maintained containing 1) phone numbers known to present potential security concerns and 2) descriptive security information concerning each of these phone numbers. The server receives phone numbers from mobile phones to check for security information, searches the database for received phone numbers, and transmits corresponding security information to the originating mobile phones. Security information concerning identified telephone numbers is received from the server by mobile phones. Responsive to the contents of the received security information, detected attempts to communicate telephonically are allowed to processed, blocked or otherwise processed.
摘要翻译: 检测到通过手机进行电话通信的尝试。 当检测到尝试时,识别相关联的电话号码并将其发送到服务器,以便收集相应的安全信息。 在服务器上,维护一个数据库,其中包含1)已知的潜在安全问题的电话号码,以及2)有关这些电话号码的描述性安全信息。 服务器从手机接收电话号码以检查安全信息,在数据库中搜索接收到的电话号码,并将相应的安全信息发送给发起的手机。 通过移动电话从服务器接收到关于识别的电话号码的安全信息。 响应于接收的安全信息的内容,检测到的通话电话的尝试被允许处理,阻止或以其他方式处理。
-
公开(公告)号:US5884046A
公开(公告)日:1999-03-16
申请号:US735556
申请日:1996-10-23
申请人: Vadim Antonov
发明人: Vadim Antonov
IPC分类号: G06F17/30 , H04L12/56 , G06F13/00 , G06F15/173
CPC分类号: H04L49/351 , G06F17/30067 , H04L49/15 , H04L49/25
摘要: A parallel local area network server is capable of sharing data and routing messages between workstations in a local area network. An apparatus according to the invention includes a plurality of processing nodes, each constituted by at least a single data processor, and an interconnect by which the processing nodes communicate. A plurality of mass storage devices are associated with the processing nodes, and a plurality of workstation computers are connected to the processing nodes. Each processing node includes is adapted to route messages to workstation computers associated with other processing nodes and to access data located both locally and at data storage devices associated with other processing nodes. A method according to the invention includes receiving a message at a first processing node and determining if the message is directed to a workstation computer at a second processing node and sending the message to the second processing node for subsequent delivery to the workstation computer. If the message includes a request for a specific data, a second determination is made if the specific data is in the local cache memory of the first processing node. If the specific data is not in the local cache memory, determination is made if the specific data is in a mass storage device at the first processing node, and if so the mass storage device is accessed to obtain the specific data. If the specific data is not in the local mass storage device, a message is forwarded to a remote processing node to request the specific data. Once this data is obtained, it is sent to the requesting workstation computer. The network server system according to the invention thus provides the functions of a file server and a local area network switch, thereby eliminating performance limitations associated with overloaded connections between file servers and LAN switches in conventional local area networks.
-
公开(公告)号:US07143164B2
公开(公告)日:2006-11-28
申请号:US09905630
申请日:2001-07-13
申请人: Vadim Antonov , Mikhail Kourjanski
发明人: Vadim Antonov , Mikhail Kourjanski
IPC分类号: G06F15/173 , G06F15/16 , G06F9/44
CPC分类号: H04L63/0428
摘要: A system for utilizing an object library to dynamically match the type structures of a client and a server to determine compatibility. Once compatibility has been established, the client and server can communicate through a secure connection. Information can be sent asynchronously between the client and the server, and a flow control provides a buffer at the flow origin to ensure that there is no overflow of information to the recipient of the flow.
摘要翻译: 一种利用对象库来动态地匹配客户机和服务器的类型结构以确定兼容性的系统。 一旦建立了兼容性,客户端和服务器就可以通过安全连接进行通信。 信息可以在客户端和服务器之间异步发送,并且流控制提供流源的缓冲区,以确保信息不会溢出到流的接收者。
-
9.发明授权公开(公告)号:US07002958B1
公开(公告)日:2006-02-21
申请号:US09393768
申请日:1999-09-10
申请人: Erok Basturk , Vadim Antonov
发明人: Erok Basturk , Vadim Antonov
IPC分类号: H04L12/56
摘要: A method for routing packets in a multipath network of nodes balances the loading of system resources while guaranteeing a FIFO network (i.e., First In First Out). Acyclic directed graphs based on local network information are used at each node with routing bias tables that allow for local preferences. A randomizing function may be used throughout the network to allow uniform utilization of system resources. A normalizing function may be used throughout the network to reduce bit operations in routing packets.
摘要翻译: 在节点的多径网络中路由分组的方法平衡了系统资源的加载,同时保证了FIFO网络(即先进先出)。 在每个节点使用基于本地网络信息的非循环有向图,其中允许本地偏好的路由偏置表。 可以在整个网络中使用随机化功能来允许统一利用系统资源。 可以在整个网络中使用归一化功能来减少路由分组中的比特操作。
-
公开(公告)号:US09081958B2
公开(公告)日:2015-07-14
申请号:US12540907
申请日:2009-08-13
CPC分类号: G06F21/56 , G06F21/55 , G06F2221/034 , H04L51/12 , H04L63/1441
摘要: Reputations of objects are determined by a reputation system using reports from clients identifying the objects. Confidence metrics for the clients are generated using information determined from the reports. Confidence metrics indicate the amounts of confidence in the veracity of the reports. Reputation scores of objects are calculated using the reports from the clients and the confidence metrics for the clients. Confidence metrics and reputation scores are stored in correlation with identifiers for the objects. An object's reputation score is provided to a client in response to a request.
摘要翻译: 对象的声明由使用来自识别对象的客户端的报告的信誉系统决定。 使用从报告确定的信息生成客户端的置信指标。 信心指标表明对报告的真实性的信心量。 使用客户端的报告和客户端的置信指标计算对象的声望分数。 置信度量度和信誉评分与对象的标识符相关联存储。 响应于请求,向客户端提供对象的声誉分数。
-
-
-
-
-
-
-
-
-
搜索结果
13 条记录 (耗时 0.016 秒)