公开(公告)号：WO2008092162A3

公开(公告)日：2008-10-02

申请号：PCT/US2008052220

申请日：2008-01-28

Applicant: UNIV COLUMBIA ,  LOCASTO MICHAEL E ,  KEROMYTIS ANGELOS D ,  STAVROU ANGELOS ,  CRETU GABRIELA

Inventor： LOCASTO MICHAEL E ,  KEROMYTIS ANGELOS D ,  STAVROU ANGELOS ,  CRETU GABRIELA

IPC: G06F11/00

CPC classification number: G06F11/1469 ,  G06F11/1471 ,  G06F11/3604 ,  G06F11/3612 ,  G06F11/3672 ,  G06F2201/84

Abstract: Systems, methods, and media for recovering an application from a fault or an attack are disclosed herein. In some embodiments, a method is provided for enabling a software application to recover from a fault condition. The method includes specifying constrained data items and assigning a set of repair procedures to the constrained data items. The method further includes detecting a fault condition on the constrained data items during execution of the software application, which triggers at least one repair procedure. The triggered repair procedures are executed and the execution of the software application is restored. In some embodiments, the restoring comprises providing memory rollback to a point of execution of the software application before the fault condition was detected.

Abstract translation: 本文公开了用于从故障或攻击中恢复应用的系统，方法和媒体。 在一些实施例中，提供了一种使软件应用程序能够从故障状态恢复的方法。 该方法包括指定受约束的数据项，并将一组修复过程分配给受约束的数据项。 该方法还包括在执行软件应用期间检测受限数据项上的故障状况，其触发至少一个修复过程。 执行触发的修复过程，并恢复软件应用程序的执行。 在一些实施例中，恢复包括在检测到故障状况之前向软件应用的执行点提供内存回滚。

公开(公告)号：WO2007035655A3

公开(公告)日：2007-11-01

申请号：PCT/US2006036327

申请日：2006-09-18

Applicant: UNIV COLUMBIA ,  STAVROU ANGELOS ,  KEROMYTIS ANGELOS D

Inventor： STAVROU ANGELOS ,  KEROMYTIS ANGELOS D

IPC: H04L9/32

CPC classification number: H04L63/1458 ,  H04L63/08 ,  H04L63/0823 ,  H04L63/12 ,  H04L63/123 ,  H04L63/1416 ,  H04L2463/141

Abstract: Systems and methods for inhibiting attacks with a network are provided. In some embodiments, methods for inhibiting attacks by forwarding packets through a plurality of intermediate nodes when being transmitted from a source node to a destination node are provided, the methods comprising: receiving a packet at one of the plurality of intermediate nodes; determining at the selected intermediate node whether the packet has been sent to the correct one of the plurality of intermediate nodes based on a pseudo random function; and forwarding the packet to the destination node, based on the determining. In some embodiments an intermediate node is selected based on a pseudo random function. In some embodiments, systems and methods for establishing access to a multi-path network are provided.

Abstract translation: 提供了用于抑制网络攻击的系统和方法。 在一些实施例中，提供了当从源节点发送到目的地节点时通过将多个中间节点转发分组来抑制攻击的方法，所述方法包括：在所述多个中间节点之一处接收分组; 在所选择的中间节点处，确定所述分组是否已经基于伪随机函数发送到所述多个中间节点中的正确的一个; 以及基于所述确定将所述分组转发到所述目的地节点。 在一些实施例中，基于伪随机函数来选择中间节点。 在一些实施例中，提供了用于建立对多路径网络的访问的系统和方法。

公开(公告)号：WO2008036665A2

公开(公告)日：2008-03-27

申请号：PCT/US2007/078773

申请日：2007-09-18

Applicant: THE TRUSTEES OF COLUMBIA UNIVERSITY IN THE CITY OF NEW YORK ,  LI, Wei-Jen ,  STOLFO, Salvatore, J. ,  STAVROU, Angelos ,  ANDROULAKI, Elli

Inventor： LI, Wei-Jen ,  STOLFO, Salvatore, J. ,  STAVROU, Angelos ,  ANDROULAKI, Elli

IPC: G06F21/24

CPC classification number: G06F21/566 ,  G06F2221/2101

Abstract: Methods, media, and systems for detecting attack are provided. In some embodiments, them methods include comparing at least part of a document to a static detection model; determining whether attacking code is included in the document based on the comparison of the document to the static detection model; executing at least part of the document; determining whether attacking code is included in the document based on the execution of the at least part of the document; and if attacking code is determined to be included in the document based on at least one of the comparison of the document to the static detection model and the execution of the at least part of the document, reporting the presence of an attack.

Abstract translation: 提供了检测攻击的方法，媒体和系统。 在一些实施例中，它们的方法包括将文档的至少一部分与静态检测模型进行比较; 基于文档与静态检测模型的比较，确定攻击代码是否包括在文档中; 执行文档的至少一部分; 基于所述文档的至少一部分的执行来确定所述文档中是否包含攻击代码; 并且如果基于文档与静态检测模型的比较和文档的至少部分的执行中的至少一个来确定攻击代码被包括在文档中，则报告攻击的存在。

公开(公告)号：WO2008091272A3

公开(公告)日：2008-11-20

申请号：PCT/US2007012784

申请日：2007-05-31

Applicant: UNIV COLUMBIA ,  LOCASTO MICHAEL E ,  KEROMYTIS ANGELOS D ,  STOLFO SALVATORE J ,  STAVROU ANGELOS ,  CRETU GABRIELA ,  SIDIROGLOU STELIOS ,  NIEH JASON ,  LAADAN OREN

Inventor： LOCASTO MICHAEL E ,  KEROMYTIS ANGELOS D ,  STOLFO SALVATORE J ,  STAVROU ANGELOS ,  CRETU GABRIELA ,  SIDIROGLOU STELIOS ,  NIEH JASON ,  LAADAN OREN

IPC: G06F11/00

CPC classification number: G06F11/1438

Abstract: Methods, systems, and media for enabling a software application to recover from a fault condition, and for protecting a software application from a fault condition, are provided. In some embodiments, methods include detecting a fault condition during execution of the software application, restoring execution of the software application to a previous point of execution, the previous point of execution occurring during execution of a first subroutine in the software application, and forcing the first subroutine to forego further execution and return to a caller of the first subroutine.

Abstract translation: 提供了使软件应用程序能够从故障状态中恢复以及保护软件应用程序免受故障状况的方法，系统和介质。 在一些实施例中，方法包括在执行软件应用期间检测故障状况，将软件应用的执行恢复到先前的执行点，执行先前的执行点发生在软件应用中的第一子例程的执行期间， 第一个子程序放弃进一步执行并返回给第一个子程序的调用者。

公开(公告)号：WO2008092162A2

公开(公告)日：2008-07-31

申请号：PCT/US2008/052220

申请日：2008-01-28

Applicant: THE TRUSTEES OF COLUMBIA UNIVERSITY IN THE CITY OF NEW YORK ,  LOCASTO, Michael, E. ,  KEROMYTIS, Angelos, D. ,  STAVROU, Angelos ,  CRETU, Gabriela

Inventor： LOCASTO, Michael, E. ,  KEROMYTIS, Angelos, D. ,  STAVROU, Angelos ,  CRETU, Gabriela

IPC: G06F11/10

CPC classification number: G06F11/1469 ,  G06F11/1471 ,  G06F11/3604 ,  G06F11/3612 ,  G06F11/3672 ,  G06F2201/84

Abstract: Systems, methods, and media for recovering an application from a fault or an attack are disclosed herein. In some embodiments, a method is provided for enabling a software application to recover from a fault condition. The method includes specifying constrained data items and assigning a set of repair procedures to the constrained data items. The method further includes detecting a fault condition on the constrained data items during execution of the software application, which triggers at least one repair procedure. The triggered repair procedures are executed and the execution of the software application is restored. In some embodiments, the restoring comprises providing memory rollback to a point of execution of the software application before the fault condition was detected.

Abstract translation: 这里公开了用于从故障或攻击中恢复应用的系统，方法和介质。 在一些实施例中，提供了一种用于使软件应用能够从故障状况恢复的方法。 该方法包括指定约束数据项并将一组修复过程分配给受约束数据项。 该方法还包括在执行软件应用程序期间检测受约束的数据项上的故障状况，其触发至少一个修复过程。 触发的修复过程被执行并且软件应用程序的执行被恢复。 在一些实施例中，恢复包括在检测到故障状况之前将存储器回滚提供给软件应用程序的执行点。

公开(公告)号：WO2008091272A2

公开(公告)日：2008-07-31

申请号：PCT/US2007/012784

申请日：2007-05-31

Applicant: THE TRUSTEES OF COLUMBIA UNIVERSITY IN THE CITY OF NEW YORK ,  LOCASTO, Michael, E. ,  KEROMYTIS, Angelos, D. ,  STOLFO, Salvatore, J. ,  STAVROU, Angelos ,  CRETU, Gabriela ,  SIDIROGLOU, Stelios ,  NIEH, Jason ,  LAADAN, Oren

Inventor： LOCASTO, Michael, E. ,  KEROMYTIS, Angelos, D. ,  STOLFO, Salvatore, J. ,  STAVROU, Angelos ,  CRETU, Gabriela ,  SIDIROGLOU, Stelios ,  NIEH, Jason ,  LAADAN, Oren

IPC: G06F11/08

CPC classification number: G06F11/1438

Abstract: Methods, systems, and media for enabling a software application to recover from a fault condition, and for protecting a software application from a fault condition, are provided. In some embodiments, methods include detecting a fault condition during execution of the software application, restoring execution of the software application to a previous point of execution, the previous point of execution occurring during execution of a first subroutine in the software application, and forcing the first subroutine to forego further execution and return to a caller of the first subroutine.

Abstract translation: 提供了用于使软件应用程序从故障状态恢复并用于保护软件应用程序免受故障状况的方法，系统和媒体。 在一些实施例中，方法包括在执行软件应用期间检测故障状况，将软件应用程序的执行恢复到先前的执行点，在执行软件应用程序中的第一子程序期间发生的先前执行点，并强制执行 第一个子程序放弃进一步执行并返回第一个子程序的调用者。

公开(公告)号：WO2008016442A3

公开(公告)日：2008-07-31

申请号：PCT/US2007014815

申请日：2007-06-26

Applicant: UNIV COLUMBIA ,  SHERMAN ALEXANDER ,  STAVROU ANGELOS ,  NIEH JASON ,  STEIN CLIFFORD ,  KEROMYTIS ANGELOS ,  CHAWLA JAPINDER SINGH ,  SARMA JUSTIN

Inventor： SHERMAN ALEXANDER ,  STAVROU ANGELOS ,  NIEH JASON ,  STEIN CLIFFORD ,  KEROMYTIS ANGELOS ,  CHAWLA JAPINDER SINGH ,  SARMA JUSTIN

IPC: G06F15/16 ,  G06F21/10

CPC classification number: G06F21/10 ,  G06F2221/0788 ,  G06F2221/2101 ,  G06Q30/06

Abstract: A peer-to-peer content delivery system includes trusted auditors to report inappropriate peer behavior. This permits punishment or banishment. The trusted auditors can mimic peer behavior. The trusted auditors can be used in an existing peer-to-peer system, or in a system in which users share content anonymously via layer of intepnediate nodes. The intermediate nodes can be inhibited from having an entirety of content they help to transfer. Vendors can leverage peer-to-peer transfer capacity and keep the same level of trust of customers as in traditional content distribution models. Infrastructure costs and end-user cost can be lowered. The intermediate nodes can be incentivized to contribute a portion of their transfer capacity, such as via electronic payments, and electronic payment transactions ma be facilitated by a bank service. Efficiency, security or reliability can be enhanced through queuing, pipelining, encryption and direct-download recovery capabilities.

Abstract translation: 点对点内容交付系统包括可信审计员报告不适当的对等行为。 这允许惩罚或放逐。 可信的审计师可以模仿对等行为。 可信审计人员可以用于现有的对等系统，也可以用于用户通过匿名节点层匿名共享内容的系统。 可以禁止中间节点拥有他们帮助传输的全部内容。 供应商可以利用点对点传输能力，并保持与传统内容分发模式相同的客户信任度。 基础设施成本和最终用户成本可以降低。 中间节点可以通过电子支付来激励他们的部分转账能力，并且电子支付交易可以通过银行服务来促进。 通过排队，流水线，加密和直接下载恢复功能可以提高效率，安全性或可靠性。

公开(公告)号：WO2007092525A3

公开(公告)日：2008-11-06

申请号：PCT/US2007003309

申请日：2007-02-07

Applicant: UNIV COLUMBIA ,  STAVROU ANGELOS ,  KEROMYTIS ANGELOS D ,  LOCASTO MICHAEL E

Inventor： STAVROU ANGELOS ,  KEROMYTIS ANGELOS D ,  LOCASTO MICHAEL E

IPC: H04L9/00

CPC classification number: H04L63/0428 ,  G06F21/53 ,  G06F21/6263

Abstract: Systems, methods, and media for inhibiting attacks on data are provided. In some embodiments, methods for inhibiting attacks include receiving data and at least one indication indicating that the data is encrypted in an unprotected environment in a web browser; determining whether the at least one indication indicates that the portion of the data is encrypted; creating a protected environment in the web browser; automatically making the data available to the protected environment; decrypting the data to form decrypted data in the protected environment; and displaying the decrypted data in the protected environment.

Abstract translation: 提供了用于抑制数据攻击的系统，方法和媒体。 在一些实施例中，用于抑制攻击的方法包括在web浏览器中的未受保护的环境中接收数据和指示数据被加密的至少一个指示; 确定所述至少一个指示是否指示所述数据的所述部分被加密; 在Web浏览器中创建受保护的环境; 自动使数据可用于受保护的环境; 解密数据以在受保护环境中形成解密数据; 并在受保护的环境中显示解密的数据。

公开(公告)号：WO2008036665A3

公开(公告)日：2008-10-02

申请号：PCT/US2007078773

申请日：2007-09-18

Applicant: UNIV COLUMBIA ,  LI WEI-JEN ,  STOLFO SALVATORE J ,  STAVROU ANGELOS ,  ANDROULAKI ELLI

Inventor： LI WEI-JEN ,  STOLFO SALVATORE J ,  STAVROU ANGELOS ,  ANDROULAKI ELLI

IPC: G06F11/00 ,  G06F21/56

CPC classification number: G06F21/566 ,  G06F2221/2101

Abstract: Methods, media, and systems for detecting attack are provided. In some embodiments, them methods include comparing at least part of a document to a static detection model; determining whether attacking code is included in the document based on the comparison of the document to the static detection model; executing at least part of the document; determining whether attacking code is included in the document based on the execution of the at least part of the document; and if attacking code is determined to be included in the document based on at least one of the comparison of the document to the static detection model and the execution of the at least part of the document, reporting the presence of an attack.

Abstract translation: 提供了用于检测攻击的方法，媒体和系统。 在一些实施例中，它们的方法包括将文档的至少一部分与静态检测模型进行比较; 基于文档与静态检测模型的比较来确定攻击代码是否被包括在文档中; 执行该文件的至少一部分; 基于文档的至少一部分的执行来确定攻击代码是否被包括在文档中; 并且如果基于文档与静态检测模型的比较和文档的至少部分的执行中的至少一个，确定攻击代码被包括在文档中，则报告攻击的存在。

公开(公告)号：WO2008016442A2

公开(公告)日：2008-02-07

申请号：PCT/US2007/014815

申请日：2007-06-26

Applicant: THE TRUSTEES OF COLUMBIA UNIVERSITY IN THE CITY OFNEW YORK ,  SHERMAN, Alexander ,  STAVROU, Angelos ,  NIEH, Jason ,  STEIN, Clifford ,  KEROMYTIS, Angelos ,  CHAWLA, Japinder, Singh ,  SARMA, Justin

Inventor： SHERMAN, Alexander ,  STAVROU, Angelos ,  NIEH, Jason ,  STEIN, Clifford ,  KEROMYTIS, Angelos ,  CHAWLA, Japinder, Singh ,  SARMA, Justin

IPC: G06F21/20

CPC classification number: G06F21/10 ,  G06F2221/0788 ,  G06F2221/2101 ,  G06Q30/06

Abstract: A peer-to-peer content delivery system includes trusted auditors to report inappropriate peer behavior. This permits punishment or banishment. The trusted auditors can mimic peer behavior. The trusted auditors can be used in an existing peer-to-peer system, or in a system in which users share content anonymously via layer of inteπnediate nodes. The intermediate nodes can be inhibited from having an entirety of content they help to transfer. Vendors can leverage peer-to-peer transfer capacity and keep the same level of trust of customers as in traditional content distribution models. Infrastructure costs and end-user cost can be lowered. The intermediate nodes can be incentivized to contribute a portion of their transfer capacity, such as via electronic payments, and electronic payment transactions ma be facilitated by a bank service. Efficiency, security or reliability can be enhanced through queuing, pipelining, encryption and direct-download recovery capabilities.

Abstract translation: 点对点内容传送系统包括可信的审计人员来报告不适当的对等行为。 这允许惩罚或放逐。 可信任的审核员可以模仿对等行为。 受信任的审核员可以在现有的对等系统中使用，也可以在用户通过内部节点层匿名共享内容的系统中使用。 可以禁止中间节点具有有助于传输的整体内容。 供应商可以利用对等传输能力，并保持与传统内容分发模式相同的客户信任水平。 可降低基础架构成本和终端用户成本。 中间节点可以被激励以贡献其一部分转移能力，例如通过电子支付，并且电子支付交易可由银行服务促进。 可以通过排队，流水线，加密和直接下载恢复功能来提高效率，安全性或可靠性。