-
1.发明申请
公开(公告)号:WO2019108919A1
公开(公告)日:2019-06-06
申请号:PCT/US2018/063288
申请日:2018-11-30
Applicant: SEVEN NETWORKS, LLC
Inventor: BACKHOLM, Ari , BOTT, Ross , MORGAN, Dustin , ADAMS, Colby
CPC classification number: H04W12/1208 , H04L63/0281 , H04L63/1425 , H04L63/145 , H04W12/002
Abstract: Systems and methods for detecting and identifying malware/potentially harmful applications based on behavior characteristics of a mobile application are disclosed. One embodiment of a method of detecting a potentially harmful application includes detecting behavior characteristics of a mobile device and, based on those detected behavior characteristics, identifying one or more indicators that the mobile application is a potentially harmful application. Those indicators are then analyzed to determine whether the application is a potentially harmful application.
-
公开(公告)号:WO2019087114A1
公开(公告)日:2019-05-09
申请号:PCT/IB2018/058563
申请日:2018-10-31
Applicant: CYBERSWARM, INC.
Inventor: IONESCU, Octavian , CONSTANTINESCU, Zoran , SERBAN, Bogdan, Catalin , BUIU, Octavian , BUIU, Andrei
CPC classification number: H04L63/1416 , H04L63/0227 , H04L63/145
Abstract: A security system may include a normally open relay between an external network connection and at least one internal network connection, a network controller, and a microcontroller. The network controller may be configured to monitor for malicious activity on an external network accessible through the external network connection. The microcontroller may be configured to cause the normally open relay to temporarily close in response to the network controller failing to detect the malicious activity for a predetermined amount of time and cause the normally open relay to remain open and generate an alert in response to the network controller detecting the malicious activity.
-
公开(公告)号:WO2018177892A1
公开(公告)日:2018-10-04
申请号:PCT/EP2018/057330
申请日:2018-03-22
Applicant: VON LONSKI, Norbert
Inventor: VON LONSKI, Norbert
IPC: H04L29/06
CPC classification number: H04L63/0281 , G06F21/6218 , H04L63/145 , H04W12/00522
Abstract: Die Erfindung betrifft eine Datenverarbeitungsanordnung (1) zum Informationsaustausch, mit einer Netzwerkeinrichtung (5), welche eine Mehrzahl von Datenverarbeitungsvorrichtungen als Teilnehmer (10, 20, 30) verbindet, mit zumindest einem ersten, informationsgebenden Teilnehmer (10), welcher wenigstens eine Informationsabfrage wenigstens eines zweiten, informationsanfordernden Teilnehmers (20) empfängt. Außerdem betrifft die Erfindung ein Verfahren (100) zum Betrieb einer solchen Datenverarbeitungsanordnung (1). Es wird vorgeschlagen, den wenigstens einen ersten Teilnehmer (10) mit zumindest einer Behandlungseinrichtung (12) zu versehen, welche die wenigstens eine Informationsabfrage in ein codiertes Format wandelt, außerdem den ersten Teilnehmer (10) mit zumindest einer Umsetzungseinrichtung (14) zu versehen, welche codierte, abgebildete Informationsabfragen kontaktfrei erfasst und in ein maschinenlesbares Format umwandelt, und den wenigstens einen ersten Teilnehmer (10) mit eine Verarbeitungseinrichtung (16) zu versehen, welche anhand der Informationsabfrage unter Abgleich mit einem vorgehaltenen Informationsbestand (50) wenigstens eine Antwortinformation erzeugt und durch Rückgabe der wenigstens einen Antwortinformation in Richtung des zweiten Teilnehmers (20) die wenigstens eine Informationsabfrage beantwortet
-
公开(公告)号:WO2018057110A1
公开(公告)日:2018-03-29
申请号:PCT/US2017/043968
申请日:2017-07-26
Applicant: QUALCOMM INCORPORATED
Inventor: CAMMAROTA, Rosario , TINNAKORNSRISUPHAP, Peerapol
CPC classification number: H04L63/145 , H04L63/1408 , H04L63/1416 , H04L63/1425 , H04L63/1441 , H04L63/1491 , H04W4/70 , H04W12/1208 , H04W88/08
Abstract: This disclosure provides systems, methods and apparatus, including computer programs encoded on computer storage media for mitigating an Internet of things (IoT) worm. In one aspect, a processor of a router device may randomly select a plurality of Internet Protocol (IP) addresses. The processor may expose one or more emulated services at the plurality of randomly selected IP addresses. The processor may determine whether IoT worm communication activity is detected at one of the randomly selected IP addresses. The processor may grant to, or otherwise enable, an IoT worm access to one of the emulated services in response to detecting IoT worm communication activity at one of the selected IP addresses.
Abstract translation: 本公开提供了系统,方法和装置,包括编码在计算机存储介质上用于缓解物联网(IoT)蠕虫的计算机程序。 在一个方面,路由器设备的处理器可以随机选择多个互联网协议(IP)地址。 处理器可以在多个随机选择的IP地址处公开一个或多个仿真服务。 处理器可以确定在随机选择的IP地址之一处是否检测到IoT蠕虫通信活动。 响应于检测到在所选IP地址之一处的IoT蠕虫通信活动,处理器可以授权或者以其他方式启用IoT蠕虫访问仿真服务中的一个仿真服务。
-
公开(公告)号:WO2017211839A1
公开(公告)日:2017-12-14
申请号:PCT/EP2017/063728
申请日:2017-06-06
Applicant: GLASSWALL (IP) LIMITED
Inventor: HUTTON, Samuel, Harrison
IPC: G06F21/56
CPC classification number: H04L63/145 , G06F21/56 , G06Q30/0241
Abstract: A Threat Intelligence Cloud is disclosed. The Threat Intelligence Cloud can include a machine. A receiver on the machine can receive an electronic file including a threat detected by an anti-virus solution. A Virus Total Service can determine information from traditional anti-virus solutions scanning the electronic file. A database can store the information from the Virus Total Service. A report generator can generate a report from the information.
Abstract translation: 披露了一个威胁智能云。 威胁智能云可以包含一台机器。 机器上的接收器可以接收包含由防病毒解决方案检测到的威胁的电子文件。 病毒全面服务可以确定传统扫描电子文件的反病毒解决方案的信息。 数据库可以存储来自病毒总服务的信息。 报告生成器可以根据信息生成报告。
-
Patent Agency Ranking6.发明申请STRENGTH OF ASSOCIATIONS AMONG DATA RECORDS IN A SECURITY INFORMATION SHARING PLATFORM 审中-公开安全信息共享平台中数据记录关联的强度
公开(公告)号:WO2017138958A1
公开(公告)日:2017-08-17
申请号:PCT/US2016/017835
申请日:2016-02-12
Applicant: ENTIT SOFTWARE LLC
Inventor: SANDER, Tomas , HEIN, Brian Frederik Hosea Che , COHEN, Nadav , ROSS, Ted
CPC classification number: G06F17/30 , G06F21/57 , G06F21/6218 , H04L63/104 , H04L63/145
Abstract: Examples disclosed herein relate to strength of associations among data records in a security information sharing platform. Some examples may enable creating, in the security information sharing platform, an association between a security indicator comprising an observable, and a data record. Some examples may further enable determining strength of the association between the security indicator and the data record based on at least one of: a likelihood of change in the association; a creator of the association; an aging rate of the association; or a quality of evidence that supports the association.
Abstract translation: 这里公开的示例涉及安全信息共享平台中的数据记录之间的关联强度。 一些示例可以使得能够在安全信息共享平台中创建包括可观察项的安全性指示符和数据记录之间的关联。 一些示例还可以基于以下中的至少一个来确定安全指示符与数据记录之间的关联的强度:关联中的改变的可能性; 该协会的创建者; 协会的老化率; 或支持该协会的一系列证据。
-
公开(公告)号:WO2017109659A1
公开(公告)日:2017-06-29
申请号:PCT/IB2016/057733
申请日:2016-12-16
Applicant: NAGRAVISION S.A.
Inventor: STRANSKY-HEILKRON, Philippe
CPC classification number: H04L63/145 , H04L63/1416 , H04W12/12
Abstract: Malware detection logic executed by a secured device residing in a home network may receive a message from an unsecured device of a first unsecured network and intended for a destination device of the home network, the destination device comprising a security client. The malware detection logic may establish a secure communication channel between the malware detection logic of the secured device and the security client of the destination device. The malware detection logic may execute a validation test on the message to determine that the message includes malware. The malware detection logic may report an alarm to the security client of the destination device. The malware detection logic may transmit information related to the malware to a cloud computing server. The malware detection logic may prevent an application associated with the destination device from processing the message.
Abstract translation: 由驻留在家庭网络中的安全设备执行的恶意软件检测逻辑可以从第一不安全网络的非安全设备接收消息并且旨在用于家庭网络的目的地设备,目的地设备包括 安全客户端。 恶意软件检测逻辑可以建立安全设备的恶意软件检测逻辑与目的地设备的安全客户端之间的安全通信信道。 恶意软件检测逻辑可以对消息执行验证测试以确定该消息包括恶意软件。 恶意软件检测逻辑可以向目标设备的安全客户端报告警报。 恶意软件检测逻辑可以将与恶意软件相关的信息传输到云计算服务器。 恶意软件检测逻辑可以阻止与目标设备相关联的应用程序处理该消息。
-
公开(公告)号:WO2017108575A1
公开(公告)日:2017-06-29
申请号:PCT/EP2016/081187
申请日:2016-12-15
Inventor: KALLOS, George , EL-MOUSSA, Fadi
CPC classification number: G06F21/566 , G06F21/50 , G06F21/55 , G06F21/552 , G06F21/554 , G06F21/56 , G06F21/563 , G06F21/564 , G06F21/568 , H04L63/1408 , H04L63/1416 , H04L63/1441 , H04L63/145
Abstract: A computer implemented method to identify malicious software in a computer system comprising: receiving an indication of a detection of malicious network traffic communicated via a computer network accessed by the computer system; identifying a software component involved in the malicious network traffic at the computer system; evaluating a measure of a correlation fractal dimension (CFD) for at least a portion of the software component; and storing the measure of CFD for subsequent comparison with a second measure of CFD for a corresponding portion of a second software component in the computer system to identify the second software component as a software component involved in malicious network communication.
Abstract translation: 一种用于识别计算机系统中的恶意软件的计算机实现的方法,包括:接收经由计算机系统访问的计算机网络传送的恶意网络业务的检测的指示; 在计算机系统处识别涉及恶意网络流量的软件组件; 评估所述软件组件的至少一部分的相关分形维数(CFD)的度量; 以及存储用于随后与计算机系统中的第二软件组件的相应部分的CFD的第二度量的CFD度量以用于后续比较,以将第二软件组件识别为涉及恶意网络通信的软件组件。
-
公开(公告)号:WO2017053768A1
公开(公告)日:2017-03-30
申请号:PCT/US2016/053396
申请日:2016-09-23
Applicant: SAUDI ARABIAN OIL COMPANY , ARAMCO SERVICES COMPANY
CPC classification number: H04L63/145 , H04L63/0428 , H04L63/162 , H04L67/12 , H04L67/2823 , H04L69/08 , H04L69/321
Abstract: A data frame transmitted over a serial link between a destination network and a source network is received by a computer-implemented system in the destination network. The data frame is compatible with a data link layer protocol and includes a data field. The computer-implemented system in the destination network converts the data frame directly into a format compatible with an application layer protocol, where converting the data frame into the format comprises interpreting received information included in the data field as numerical values rather than executable code. The computer-implemented system in the destination network outputs the numerical values to an application in the destination network.
Abstract translation: 通过目的地网络和源网络之间的串行链路传输的数据帧由目的地网络中的计算机实现的系统接收。 数据帧与数据链路层协议兼容,并包括数据字段。 目的地网络中的计算机实现的系统将数据帧直接转换成与应用层协议兼容的格式,其中将数据帧转换成格式包括将包含在数据字段中的接收信息解释为数值而不是可执行代码。 目标网络中的计算机实现的系统将数值输出到目标网络中的应用程序。
-
10.发明申请SYSTEMS AND METHODS FOR IDENTIFYING ELECTRONIC MESSAGES CONTAINING MALICIOUS CONTENT 审中-公开识别包含恶性内容的电子信息的系统和方法
公开(公告)号:WO2017019968A1
公开(公告)日:2017-02-02
申请号:PCT/US2016/044744
申请日:2016-07-29
Applicant: MASTERCARD INTERNATIONAL INCORPORATED
Inventor: GREEN, Ronald
CPC classification number: H04L63/123 , H04L63/0227 , H04L63/0876 , H04L63/1416 , H04L63/145
Abstract: Systems and methods are provided herein for use in identifying and/or detecting electronic message containing malicious content. One exemplary method includes receiving multiple electronic tags. Each of the multiple electronic tags corresponds to an electronic message and a use, and the user caused the electronic tag to be associated with the electronic message based on a perception that the electronic message included malicious content. The exemplary method further includes assigning, for each electronic tag, point(s) to the corresponding user when the corresponding electronic message includes malicious content, totaling, for each user, the point(s) assigned during a predefined interval, and identifying one of the user(s) with a highest total point(s), for the defined interval, as a winner, thereby incentivizing users to associate electronic tags with electronic message perceived to include malicious content.
Abstract translation: 本文提供的系统和方法用于识别和/或检测包含恶意内容的电子消息。 一种示例性方法包括接收多个电子标签。 多个电子标签中的每一个对应于电子消息和使用,并且用户基于电子消息包含恶意内容的感知使电子标签与电子消息相关联。 该示例性方法还包括:当对应的电子消息包含恶意内容时,为每个电子标签分配点给对应的用户,为每个用户总共在预定间隔期间分配的点,以及识别 在定义的间隔内具有最高总点的用户作为获胜者,从而激励用户将电子标签与被感知为包括恶意内容的电子消息相关联。
-
-
-
-
-
-
-
-
-
Search Results
875
records
(took 0.017 seconds)
