专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

31. 发明授权

US08914879B2 System and method for improving coverage for web code 有权
标题翻译：提高网页代码覆盖率的系统和方法
公开(公告)号：US08914879B2
公开(公告)日：2014-12-16
申请号：US13155179
申请日：2011-06-07
申请人： Artem Melnik , Mark Kaplan
发明人： Artem Melnik , Mark Kaplan
IPC分类号： G06F21/00 , G06F21/55 , H04L29/06
CPC分类号： G06F21/563 , G06F17/227 , G06F21/554 , G06F21/56 , H04L63/0227 , H04L63/1408 , H04L63/168
摘要： A system and method for improving code coverage for web code that is analyzed for security purposes by dynamic code execution are described. A controller receives information, routes the information to the appropriate engine, analyzer or module and provides the functionality for improving code coverage for code analyzed for security purposes. A code rewrite engine rewrites code in such a way that all branches and stray functions will be executed. A dynamic analyzer performs dynamic analysis on web content to detect malicious code. Additionally, a static analyzer performs static analysis on web content. The static analyzer scans web content and detects a style of coding, a style of obfuscation of the code or patterns in the code.
摘要翻译：描述了一种通过动态代码执行来改进为了安全目的而分析的用于改进代码覆盖的系统和方法。控制器接收信息，将信息路由到适当的引擎，分析器或模块，并提供用于为了安全目的分析的代码来提高代码覆盖率的功能。代码重写引擎以这样的方式重写代码，即所有分支和杂散函数都将被执行。动态分析器对网页内容执行动态分析，以检测恶意代码。另外，静态分析器可以对Web内容执行静态分析。静态分析仪扫描Web内容并检测编码风格，代码中的代码或模式的混淆风格。

32. 发明授权

US08756697B2 Systems and methods for determining vulnerability to session stealing 有权
标题翻译：确定会话窃取漏洞的系统和方法
公开(公告)号：US08756697B2
公开(公告)日：2014-06-17
申请号：US13436818
申请日：2012-03-30
申请人： Steven R. Ocepek , Wendel Guglielmetti Henrique
发明人： Steven R. Ocepek , Wendel Guglielmetti Henrique
IPC分类号： H04L29/06 , G06F11/00 , G06F12/14 , G06F12/16 , G08B23/00
CPC分类号： G06F21/552 , H04L63/1433 , H04L63/1466
摘要： Systems and methods for determining vulnerability to session stealing are disclosed. An example method includes intercepting, at a first computing device, an intercepted packet sent from a client to a second computing device different than the first computing device, the intercepted packet including a first instruction in a first portion of the intercepted packet, determining, using a template, a second portion of the intercepted packet that is a value that is changed by a calculated amount each time that the client sends a packet, changing the value by the calculated amount to determine a next value for a next packet, replacing the second portion of the intercepted packet with the next value to generate a modified packet, replacing the first portion of the modified packet with a second instruction, and transmitting the modified packet to the second computing device.
摘要翻译：公开了确定会话窃取漏洞的系统和方法。示例性方法包括在第一计算设备处拦截从客户端发送到与第一计算设备不同的第二计算设备的被拦截的分组，所截获的分组包括被截获的分组的第一部分中的第一指令，使用截取的分组的第二部分是每当客户端发送分组时改变计算量的值，将该值改变计算量以确定下一个分组的下一个值，将第二个截取的分组的部分具有下一个值以生成修改的分组，用第二指令替换修改的分组的第一部分，并将修改的分组发送到第二计算设备。

33. 发明授权

US08683031B2 Methods and systems for scanning and monitoring content on a network 有权
标题翻译：扫描和监控网络内容的方法和系统
公开(公告)号：US08683031B2
公开(公告)日：2014-03-25
申请号：US10976181
申请日：2004-10-29
申请人： Kenneth Green , Joseph Patanella , Phillip Smith
发明人： Kenneth Green , Joseph Patanella , Phillip Smith
IPC分类号： G06F15/173 , G06F15/16
CPC分类号： H04L63/123 , G06F17/30864 , H04L63/1408 , H04L63/1483 , H04L67/02
摘要： The invention addressed methods and systems of scanning and monitoring network locations and resources such as websites and webpages. The method scans the webpages for content and compliance with predefined standards, and reports the results in a non-technical format. The method can also scan and monitor any website on the Internet, categorize its content, and validate its compliance with application, presentation or content standards, or any combination of the above.
摘要翻译：本发明解决了网站和网页等扫描和监控网络位置和资源的方法和系统。该方法扫描网页以获取内容并遵守预定义的标准，并以非技术格式报告结果。该方法还可以扫描和监控互联网上的任何网站，对其内容进行分类，并验证其符合应用程序，演示文稿或内容标准，或上述任何组合。

34. 发明授权

US08640234B2 Method and apparatus for predictive and actual intrusion detection on a network 有权
标题翻译：网络上预测和实际入侵检测的方法和装置
公开(公告)号：US08640234B2
公开(公告)日：2014-01-28
申请号：US10838863
申请日：2004-05-04
申请人： Derek Gassen , Thomas P. Donahue
发明人： Derek Gassen , Thomas P. Donahue
IPC分类号： G06F12/14
CPC分类号： G06F21/606 , G06F21/554 , G06F21/56 , G06F21/6209 , H04L63/1416 , H04L63/1441
摘要： A method of managing network usage by defining a set of linguistic patterns, where each linguistic pattern is associated with a condition that is to be monitored. Network packets are captured during transmission and analyzed to identify linguistic patterns. Captured network packets are scored based on similarity of at least one linguistic pattern to one or more of the defined set of linguistic patterns. When a packet that is scored above a specified threshold value is identified, at least one responsive action is implemented. In this manner, a system implementing the method is able to identify network traffic that is associated with prospective malicious activity and thereby provide an early warning before damage has occurred.
摘要翻译：一种通过定义一组语言模式来管理网络使用的方法，其中每个语言模式与待监视的条件相关联。在传输过程中捕获网络数据包并进行分析，以识别语言模式。基于至少一个语言模式与所定义的一组语言模式中的一个或多个的相似性来对获取的网络分组进行评分。当识别到高于指定阈值的分组时，实现至少一个响应动作。以这种方式，实现该方法的系统能够识别与预期恶意活动相关联的网络流量，从而在发生损害之前提供预警。

35. 发明授权

US08429751B2 Method and apparatus for phishing and leeching vulnerability detection 有权
标题翻译：网络钓鱼漏洞检测方法与设备
公开(公告)号：US08429751B2
公开(公告)日：2013-04-23
申请号：US12722778
申请日：2010-03-12
申请人： Rami Mizrahi , Galit Efron-Nitzan , Or Katz
发明人： Rami Mizrahi , Galit Efron-Nitzan , Or Katz
IPC分类号： H04L29/06
CPC分类号： H04L63/1416 , H04L63/168
摘要： A system and method for protection of Web based applications are described. Anomalous traffic can be identified by comparing the traffic to a profile of acceptable user traffic when interacting with the application. Phishing and leeching are one type of anomalous traffic that is detected. The anomalous traffic, or security events, identified at the individual computer networks are communicated to a central security manager. Various responsive actions may be taken in response to detection of phishing or leeching.
摘要翻译：描述了一种用于保护基于Web的应用程序的系统和方法。通过在与应用程序交互时将流量与可接受用户流量的配置文件进行比较，可以识别异常流量。网络钓鱼和水蛭是检测到的一种异常流量。在个别计算机网络上识别的异常流量或安全事件被传送给中央安全管理员。可以响应于钓鱼或水蛭的检测而采取各种响应动作。

36. 发明授权

US08122152B2 Systems and methods for network user resolution 有权
标题翻译：网络用户解析的系统和方法
公开(公告)号：US08122152B2
公开(公告)日：2012-02-21
申请号：US10965276
申请日：2004-10-14
申请人： Bruce Chittenden , William Madden , Myk Willis
发明人： Bruce Chittenden , William Madden , Myk Willis
IPC分类号： G06F15/16
CPC分类号： H04L41/00 , H04L41/0686 , H04L41/0893 , H04L41/0896
摘要： Systems and software that enable mapping of a particular network transaction with a specific computer and user in an organization. The network packet may be a live in-transit packet, or a packet that occurred at some time in the past. In a particular implementation, a database currently comprises a collection of records containing fields for username, computer name, IP address of the computer, and logon time. A name resolution is performed by taking an IP address and time as input, and determining from the records in the database what user's computer owned the IP address at that time.
摘要翻译：能够将特定网络事务与组织中的特定计算机和用户进行映射的系统和软件。网络分组可以是实时传输分组，也可能是过去某个时间发生的分组。在特定实现中，数据库当前包括包含用户名，计算机名称，计算机的IP地址和登录时间的字段的记录集合。通过将IP地址和时间作为输入来执行名称解析，并从数据库中的记录确定当时用户的计算机拥有IP地址。

37. 发明申请

US20110283101A1 System to Enable Detecting Attacks Within Encrypted Traffic 有权
标题翻译：系统启用检测加密流量中的攻击
公开(公告)号：US20110283101A1
公开(公告)日：2011-11-17
申请号：US13006230
申请日：2011-01-13
申请人： Doron Kolton , Adi Stav , Asaf Wexler , Ariel Ernesto Frydman , Yoram Zahavi
发明人： Doron Kolton , Adi Stav , Asaf Wexler , Ariel Ernesto Frydman , Yoram Zahavi
IPC分类号： H04L9/00
CPC分类号： H04L63/0428 , G06F21/552 , H04L63/1408 , H04L63/1416
摘要： A system and method for detecting network attacks within encrypted network traffic received by a protected network includes a decryption module and an adaptor module. This system and method can be inserted and used with multiple types of operating systems.
摘要翻译：用于检测由受保护网络接收的加密网络流量内的网络攻击的系统和方法包括解密模块和适配器模块。该系统和方法可以插入和使用多种类型的操作系统。

38. 发明授权

US07873998B1 Rapidly propagating threat detection 有权
标题翻译：快速传播威胁检测
公开(公告)号：US07873998B1
公开(公告)日：2011-01-18
申请号：US11184941
申请日：2005-07-19
申请人： Mark L. Wilkinson , Dirk Ourston
发明人： Mark L. Wilkinson , Dirk Ourston
IPC分类号： G08B23/00 , G06F15/173
CPC分类号： H04L63/1416 , G06F21/566 , G06F21/577 , G06F21/88 , G06F2221/2101
摘要： A method, system, apparatus, and computer-readable medium to detect rapidly propagating threats in a network. A rapidly propagating threat is detected by capturing a series of packets as the packets are communicated to nodes of the organizational network. The rapidly propagating threat can be detected without relying upon a known signature for the threat. Behavior of nodes when sending and receiving packets is examined for patterns typical of worm propagation.
摘要翻译：一种用于检测网络中快速传播威胁的方法，系统，装置和计算机可读介质。当分组被传送到组织网络的节点时，通过捕获一系列分组来检测快速传播的威胁。可以在不依赖威胁的已知签名的情况下检测到迅速传播的威胁。检查发送和接收数据包时节点的行为是针对蠕虫传播典型的模式。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式