-
公开(公告)号:US09183377B1
公开(公告)日:2015-11-10
申请号:US12141736
申请日:2008-06-18
申请人: William E. Sobel , Brian Hernacki , Mark Kennedy
发明人: William E. Sobel , Brian Hernacki , Mark Kennedy
CPC分类号: G06F21/554 , G06F21/55 , G06F2221/034
摘要: A possibly pre-infected system is inspected for the existence of tracked application-specific accounts. In a tracked application-specific account is found, the system is further audited to verify that only authorized processes are using the account and that the authorized account creation application is installed on the host computer system.
摘要翻译: 检查可能的预先感染的系统是否存在跟踪的特定于应用程序的帐户。 在被跟踪的应用程序特定帐户中,系统被进一步审核,以验证只有授权的进程正在使用该帐户,并且授权的帐户创建应用程序安装在主机系统上。
-
2.发明授权Systems and methods for detecting malicious processes by analyzing process names and process characteristics 有权通过分析过程名称和过程特征来检测恶意进程的系统和方法公开(公告)号:US08176555B1
公开(公告)日:2012-05-08
申请号:US12130812
申请日:2008-05-30
IPC分类号: G06F21/00
CPC分类号: G06F21/566
摘要: A computer-implemented method for detecting a malicious process using file-name heuristics may comprise: 1) identifying a process, 2) identifying a process name for the process, 3) identifying a list of process names for non-malicious processes, and 4) determining, by comparing the process name for the process with the list of process names for non-malicious processes, whether to allow the process to execute. A method for maintaining a database containing information about non-malicious processes is also disclosed. Corresponding systems and computer-readable media are also disclosed.
摘要翻译: 用于使用文件名启发式检测恶意进程的计算机实现的方法可以包括:1)识别进程,2)识别该进程的进程名称,3)识别非恶意进程的进程名称列表,4 )通过将进程的进程名称与非恶意进程的进程名称列表进行比较来确定是否允许进程执行。 还公开了一种维护包含有关非恶意进程信息的数据库的方法。 还公开了相应的系统和计算机可读介质。
-
公开(公告)号:US09077748B1
公开(公告)日:2015-07-07
申请号:US12141022
申请日:2008-06-17
申请人: Brian Hernacki , William E. Sobel
发明人: Brian Hernacki , William E. Sobel
CPC分类号: H04L63/1483 , G06F21/562 , G06F21/565 , G06F21/566 , H04L63/1433
摘要: Unauthorized uses of embedded objects in websites are detected, in order to protect users from phishing sites using cloned copies of such objects. Authorized parties register objects for use at legitimate locations (e.g., specific IP address ranges or domains). When a client computing device accesses a website, the objects in the website are checked against the registered objects, to determine whether the objects are registered for use by the site being accessed. Depending upon trust status information concerning the objects, the access of the website can be permitted or blocked, or the user can be warned about questionable or un-trusted embedded objects. Additionally, the party that registered an object can be notified, in the case of an indication of unauthorized use of the object by a website.
摘要翻译: 检测到未经授权的网站中嵌入对象的使用,以便使用克隆的这些对象副本来保护用户免受网络钓鱼站点的攻击。 授权方注册在合法位置使用的对象(例如,特定的IP地址范围或域)。 当客户端计算设备访问网站时,将根据注册对象检查网站中的对象,以确定对象是否被所访问的站点注册使用。 根据有关对象的信任状态信息,可以允许或阻止网站的访问,或者可以对可疑或不可信的嵌入对象进行警告。 此外,在通过网站指示未经许可使用对象的情况下,可以通知注册对象的一方。
-
公开(公告)号:US08468608B1
公开(公告)日:2013-06-18
申请号:US12414466
申请日:2009-03-30
申请人: Brian Hernacki , Sourabh Satish , William E. Sobel
发明人: Brian Hernacki , Sourabh Satish , William E. Sobel
IPC分类号: G06F7/04
CPC分类号: G06F21/10 , G06F2221/0728
摘要: A DRM server parses a request received from a client for a content identifier and client classification information. The content identifier identifies the requested content and client classification information describes the capabilities of the client. The DRM server determines a policy for the requested content. The policy specifies rules for determining access rights for the content responsive to the capabilities of the client. The DRM server determines access rights for the requested content responsive to the capabilities of the client and the policy. The DRM manager then provides the requested content and the determined access rights to the client.
摘要翻译: DRM服务器解析从客户端接收到的用于内容标识符和客户端分类信息的请求。 内容标识符识别所请求的内容,并且客户端分类信息描述客户端的能力。 DRM服务器确定所请求内容的策略。 该策略指定响应于客户端的能力确定内容的访问权限的规则。 响应于客户端的能力和策略,DRM服务器确定所请求的内容的访问权限。 然后,DRM管理器向客户端提供所请求的内容和确定的访问权限。
-
公开(公告)号:US08424007B1
公开(公告)日:2013-04-16
申请号:US12242685
申请日:2008-09-30
申请人: Brian Hernacki , Sourabh Satish , William E. Sobel
发明人: Brian Hernacki , Sourabh Satish , William E. Sobel
IPC分类号: G06F9/46
CPC分类号: G06F9/4881 , G06F9/485 , G06F2209/503
摘要: A computer-implemented method for prioritizing virtual machine tasks may include receiving a request to perform a first task from a virtual machine. The request may include information relevant to determining a priority of the task. The method may include determining the priority of the task based on the information. The method may further include scheduling the first task based on the priority of the task. The method may include selecting the first task for execution based on the scheduling. The method may include notifying the virtual machine that the first task has been selected for execution. Various related methods, computer-readable media, and systems are also disclosed.
摘要翻译: 用于对虚拟机任务进行优先级的计算机实现的方法可以包括从虚拟机接收执行第一任务的请求。 该请求可以包括与确定任务的优先级有关的信息。 该方法可以包括基于该信息确定任务的优先级。 该方法还可以包括基于任务的优先级调度第一任务。 该方法可以包括基于调度来选择用于执行的第一任务。 该方法可以包括通知虚拟机第一任务已经被选择用于执行。 还公开了各种相关方法,计算机可读介质和系统。
-
6.发明授权Methods and systems for defragmenting virtual machine prefetch data on physical storage 有权在物理存储上对虚拟机预取数据进行碎片整理的方法和系统公开(公告)号:US08332570B1
公开(公告)日:2012-12-11
申请号:US12242734
申请日:2008-09-30
CPC分类号: G06F3/0613 , G06F3/0646 , G06F3/0676 , G06F9/45558 , G06F2009/45579 , G06F2206/1004
摘要: A computer-implemented method for defragmenting virtual machine prefetch data. The method may include obtaining prefetch information associated with prefetch data of a virtual machine. The method may also include defragmenting, based on the prefetch information, the prefetch data on physical storage. The prefetch information may include a starting location and length of the prefetch data on a virtual disk. The prefetch information may include a geometry specification of the virtual disk. Defragmenting on physical storage may include placing the prefetch data contiguously on physical storage, placing the prefetch data in a fast-access segment of physical storage, and/or ordering the prefetch data according to the order in which it is accessed at system or application startup.
摘要翻译: 用于对虚拟机预取数据进行碎片整理的计算机实现的方法。 该方法可以包括获得与虚拟机的预取数据相关联的预取信息。 该方法还可以包括基于预取信息对物理存储器上的预取数据进行碎片整理。 预取信息可以包括虚拟磁盘上的预取数据的起始位置和长度。 预取信息可以包括虚拟磁盘的几何规格。 物理存储上的碎片整理可能包括将预取数据连续地放置在物理存储上,将预取数据放置在物理存储的快速访问段中,和/或根据系统或应用程序启动时访问顺序对预取数据进行排序 。
-
公开(公告)号:US08131846B1
公开(公告)日:2012-03-06
申请号:US12498288
申请日:2009-07-06
申请人: Brian Hernacki , William E. Sobel
发明人: Brian Hernacki , William E. Sobel
IPC分类号: G06F15/173
CPC分类号: G06F21/552 , G06F21/577 , G06F2221/2111 , G06F2221/2149
摘要: Global, location-aware security information is generated, and used to provide location-aware computer security to portable computing devices. A global, location-aware security system receives local, location-aware security information from a large number of portable devices. The local information from each device comprises their locations at the times of detection of threat indicators. The global system transforms the received local information into global information, and maps detected threat indicators to specific locations. Each device monitors activity occurring thereon, detects threat indicators and current locations, and builds local information, which is periodically transmitted to the global system. When a device is activated or moved to a new location, it determines its current location, and requests global information concerning that location from the global system. The global system transmits global information, which the portable device uses to apply a location-based risk level policy to provide location-aware computer security.
摘要翻译: 生成全球,位置感知安全信息,并用于为便携式计算设备提供位置感知计算机安全性。 全球的位置感知安全系统从大量便携式设备接收本地的位置感知安全信息。 每个设备的本地信息包括在检测到威胁指标时的位置。 全球系统将接收的本地信息转换为全球信息,并将检测到的威胁指标映射到特定位置。 每个设备监视其上发生的活动,检测威胁指示符和当前位置,并构建周期性地发送到全局系统的本地信息。 当设备激活或移动到新位置时,它会确定其当前位置,并从全局系统请求有关该位置的全局信息。 全球系统传输全球信息,便携式设备用于应用基于位置的风险级别策略,以提供位置感知计算机的安全性。
-
公开(公告)号:US09158558B1
公开(公告)日:2015-10-13
申请号:US12059513
申请日:2008-03-31
申请人: Brian Hernacki , William E. Sobel
发明人: Brian Hernacki , William E. Sobel
CPC分类号: G06F9/445 , G06F8/75 , G06F21/316 , G06F21/563 , G06F21/566 , G06F2221/2133
摘要: A computer-implemented method for providing application manifest information may include analyzing source code of a software application. The method may also include detecting that the source code is programmed to access a computer resource and determining a security implication of the source code being programmed to access the computer resource. Determining the security implication may include providing a notification of the security implication of the source code to a developer of the source code. Determining the security implication may also include providing information about the security implication in an application manifest. Systems and computer-readable-media for creating and editing application manifests are also disclosed.
摘要翻译: 用于提供应用程序清单信息的计算机实现的方法可以包括分析软件应用的源代码。 该方法还可以包括检测源代码被编程为访问计算机资源并且确定被编程为访问计算机资源的源代码的安全含义。 确定安全含义可以包括向源代码的开发者提供源代码的安全含义的通知。 确定安全含义还可以包括提供关于应用清单中的安全含义的信息。 还公开了用于创建和编辑应用程序清单的系统和计算机可读介质。
-
公开(公告)号:US08561181B1
公开(公告)日:2013-10-15
申请号:US12324820
申请日:2008-11-26
申请人: Brian Hernacki , William E. Sobel
发明人: Brian Hernacki , William E. Sobel
CPC分类号: G06F21/552
摘要: A page list comprising a list of transitions between network resources is established. Subsequently, a transition is detected between a first network resource and a second network resource. An expected security level associated with the transition is identified based on the page list. Responsive to the detected security level being determined to be lower than the expected security level, a remedial action is performed.
摘要翻译: 建立包括网络资源之间的转换列表的页面列表。 随后,在第一网络资源和第二网络资源之间检测到转换。 基于页面列表来识别与转换相关联的期望的安全级别。 响应于检测到的安全级别被确定为低于预期安全级别,执行补救动作。
-
10.发明授权公开(公告)号:US08504680B1
公开(公告)日:2013-08-06
申请号:US12343377
申请日:2008-12-23
申请人: Brian Hernacki , William E. Sobel
发明人: Brian Hernacki , William E. Sobel
IPC分类号: G06F15/173
CPC分类号: H04L47/28
摘要: It is detected when an administrator begins or finishes performing remote administrative activity. In response, the polling interval is modified. When the level of remote administrative activity increases, the polling interval is decreased, thereby directing the managed clients to poll the server more frequently. When the level of remote administrative activity decreases, the polling interval is increased, thereby directing the managed clients to poll the server less frequently. By dynamically adjusting the polling interval based on remote administrative activity, a balance is struck between scalability and usability.
摘要翻译: 当管理员开始或完成远程管理活动时检测到。 作为响应,轮询间隔被修改。 当远程管理活动级别增加时,轮询间隔减少,从而指示受管客户端更频繁地轮询服务器。 当远程管理活动级别减少时,轮询时间间隔会增加,从而指导受管客户端较少的轮询服务器。 通过根据远程管理活动动态调整轮询间隔,可扩展性和可用性之间取得平衡。
-
-
-
-
-
-
-
-
-
搜索结果
127 条记录 (耗时 0.026 秒)
