专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US09003402B1 Method and system for injecting function calls into a virtual machine 有权
标题翻译：将功能调用注入虚拟机的方法和系统
公开(公告)号：US09003402B1
公开(公告)日：2015-04-07
申请号：US12969334
申请日：2010-12-15
申请人： Martim Carbone , Matthew Conover , Bruce Robert Montague
发明人： Martim Carbone , Matthew Conover , Bruce Robert Montague
IPC分类号： G06F9/455
CPC分类号： G06F9/45554 , G06F9/4484 , G06F9/45558 , G06F2009/45587
摘要： A method and apparatus for injecting function calls into a virtual machine whereby a Function Call Injection (FCI) process is employed, through which a Secure Virtual Machine (SVM) is used to trigger desired function call invocations inside a Guest Virtual Machine (GVM) by externally manipulating the GVMs memory and CPU register contents using a security API. Once the triggered function is executed, control is then returned at the originating SVM invocation point. Therefore, the GVM state is manipulated to externally inject function calls, making it possible to create control appliances which do not require an in-GVM agent.
摘要翻译：一种用于将功能调用注入到虚拟机中的方法和装置，由此使用功能呼叫注入（FCI）过程，通过该方法使用安全虚拟机（SVM）来触发来宾虚拟机（GVM）内的期望的功能呼叫调用，由使用安全API外部操作GVM内存和CPU寄存器内容。一旦执行了触发功能，则在始发SVM调用点处返回控制。因此，GVM状态被操纵以外部注入功能调用，使得可以创建不需要GVM代理的控制设备。

2. 发明授权

US09158561B2 Systems and methods for modifying an operating system for a virtual machine 有权
标题翻译：用于修改虚拟机的操作系统的系统和方法
公开(公告)号：US09158561B2
公开(公告)日：2015-10-13
申请号：US13588699
申请日：2012-08-17
申请人： Matthew Conover
发明人： Matthew Conover
IPC分类号： G06F9/44 , G06F9/455 , G06F9/445
CPC分类号： G06F9/45558 , G06F8/61 , G06F8/65 , G06F9/44505 , G06F9/455 , G06F9/45533 , G06F2009/4557 , G06F2009/45583
摘要： Systems, methods, and software are described herein for operating a data management system, including executing an attached application and application data on a first virtual machine running a first operating system, separating the attached application and application data from the first virtual machine, and dynamically attaching the application and application data to a second virtual machine running an updated version of the first operating system.
摘要翻译：本文描述了用于操作数据管理系统的系统，方法和软件，包括在运行第一操作系统的第一虚拟机上执行附加的应用和应用数据，将附加的应用和应用数据与第一虚拟机分离，并且动态地将应用程序和应用程序数据附加到运行第一操作系统的更新版本的第二虚拟机。

3. 发明申请

US20130047160A1 SYSTEMS AND METHODS FOR MODIFYING AN OPERATING SYSTEM FOR A VIRTUAL MACHINE 有权
标题翻译：用于修改虚拟机的操作系统的系统和方法
公开(公告)号：US20130047160A1
公开(公告)日：2013-02-21
申请号：US13588699
申请日：2012-08-17
申请人： Matthew Conover
发明人： Matthew Conover
IPC分类号： G06F9/455
CPC分类号： G06F9/45558 , G06F8/61 , G06F8/65 , G06F9/44505 , G06F9/455 , G06F9/45533 , G06F2009/4557 , G06F2009/45583
摘要： Systems, methods, and software are described herein for operating a data management system, including executing an attached application and application data on a first virtual machine running a first operating system, separating the attached application and application data from the first virtual machine, and dynamically attaching the application and application data to a second virtual machine running an updated version of the first operating system.
摘要翻译：这里描述了用于操作数据管理系统的系统，方法和软件，包括在运行第一操作系统的第一虚拟机上执行附加的应用和应用数据，将附加的应用和应用数据与第一虚拟机分离，并且动态地将应用程序和应用程序数据附加到运行第一操作系统的更新版本的第二虚拟机。

4. 发明授权

US07487548B1 Granular access control method and system 有权
标题翻译：粒度访问控制方法和系统
公开(公告)号：US07487548B1
公开(公告)日：2009-02-03
申请号：US10829591
申请日：2004-04-21
申请人： Matthew Conover
发明人： Matthew Conover
IPC分类号： G06F7/04 , G06F11/30 , H04L9/00
CPC分类号： G06F21/52 , G06F21/568
摘要： A method includes stalling an attempt to reference an object, and determining whether an attempter that originated the attempt is authorized to access the object. A content-based access control list is used to determine if the attempter is authorized access to the object. This content-based access control list can be customized to protect against malicious code or other threats. Further, attempt information about the attempt can be recorded allowing profiles to be built of what a user or process is doing on a computer system.
摘要翻译：一种方法包括停止引用对象的尝试，以及确定是否授权发起尝试的attemp是访问该对象的。使用基于内容的访问控制列表来确定attempter是否被授权访问该对象。可以定制基于内容的访问控制列表，以防止恶意代码或其他威胁。此外，可以记录关于尝试的尝试信息，允许简档由用户或进程在计算机系统上正在进行的构建。

5. 发明授权

US08065567B1 Systems and methods for recording behavioral information of an unverified component 有权
标题翻译：用于记录未验证组件的行为信息的系统和方法
公开(公告)号：US08065567B1
公开(公告)日：2011-11-22
申请号：US12397009
申请日：2009-03-03
申请人： Matthew Conover , Tzi-cker Chiueh
发明人： Matthew Conover , Tzi-cker Chiueh
IPC分类号： G06F21/00
CPC分类号： G06F21/566 , G06F21/577
摘要： A computer-implemented method for recording behavioral information of an unverified component is described. Interactions between a first process and an unverified component loaded in the first process are monitored. A fault is detected from the monitored interactions. Information associated with an event is sent to a proxy module loaded in a second process. The execution of the event in the second process is verified. Information associated with the behavior of the unverified component during the execution of the event is recorded.
摘要翻译：描述用于记录未验证组件的行为信息的计算机实现的方法。监视第一进程和加载在第一进程中的未验证组件之间的交互。从监控的交互中检测到故障。与事件相关联的信息被发送到在第二进程中加载的代理模块。验证第二个进程中事件的执行。记录在执行事件期间与未验证组件的行为相关联的信息。

6. 发明授权

US07552477B1 Detecting return-to-LIBC buffer overflows via dynamic disassembly of offsets 有权
标题翻译：通过动态反汇编来检测返回LIBC缓冲区溢出
公开(公告)号：US07552477B1
公开(公告)日：2009-06-23
申请号：US11064712
申请日：2005-02-23
申请人： Sourabh Satish , Matthew Conover
发明人： Sourabh Satish , Matthew Conover
IPC分类号： G06F12/16 , G06F13/24
CPC分类号： G06F21/52 , G06F9/545 , G06F2209/542
摘要： A method makes use of the fact that call modules, such as APIS, making calls to a critical operating system (OS) function are typically called by a call instruction while, in contrast, a RLIBC attack typically uses call modules that are jumped to, returned to, or invoked by some means other than a call instruction. The method includes stalling a call to critical OS function and checking to ensure that the call module making the call to the critical OS function was called by a call instruction. If it is determined that the call module making the call to the critical OS function was not called by a call instruction, the method further includes taking protective action to protect a computer system.
摘要翻译：一种方法利用呼叫模块（例如APIS）调用关键操作系统（OS）功能的事实通常由调用指令调用，而相比之下，RLIBC攻击通常使用跳转到的调用模块，通过某种方式返回或调用，而不是通话指令。该方法包括停止对关键OS功能的调用，并检查以确保通过调用指令调用对关键OS功能进行调用的调用模块。如果确定对呼叫指令进行调用的呼叫模块未被呼叫指令调用，则该方法还包括采取保护措施来保护计算机系统。

7. 发明授权

US07284276B2 Return-to-LIBC attack detection using branch trace records system and method 有权
标题翻译：使用分支跟踪记录系统和方法进行返回LIBC攻击检测
公开(公告)号：US07284276B2
公开(公告)日：2007-10-16
申请号：US10763867
申请日：2004-01-22
申请人： Matthew Conover , Peter Szor
发明人： Matthew Conover , Peter Szor
IPC分类号： H04L9/00
CPC分类号： G06F21/55
摘要： A method includes stalling a call to a critical operating system (OS) function and determining whether branch trace records of the call include a return instruction. Upon a determination that the branch trace records of the call do include a return instruction, the method further includes taking protective action to protect a computer system.
摘要翻译：一种方法包括停止对关键操作系统（OS）功能的调用，并确定呼叫的分支跟踪记录是否包含返回指令。在确定呼叫的分支跟踪记录确实包括返回指令时，该方法还包括采取保护动作来保护计算机系统。

8. 发明申请

US20050166001A1 Return-to-LIBC attack detection using branch trace records system and method 有权
标题翻译：使用分支跟踪记录系统和方法进行返回LIBC攻击检测
公开(公告)号：US20050166001A1
公开(公告)日：2005-07-28
申请号：US10763867
申请日：2004-01-22
申请人： Matthew Conover , Peter Szor
发明人： Matthew Conover , Peter Szor
IPC分类号： G06F12/14 , G06F21/00
CPC分类号： G06F21/55
摘要： A method includes stalling a call to a critical operating system (OS) function and determining whether branch trace records of the call include a return instruction. Upon a determination that the branch trace records of the call do include a return instruction, the method further includes taking protective action to protect a computer system.
摘要翻译：一种方法包括停止对关键操作系统（OS）功能的调用，并确定呼叫的分支跟踪记录是否包含返回指令。在确定呼叫的分支跟踪记录确实包括返回指令时，该方法还包括采取保护动作来保护计算机系统。

9. 发明授权

US08838913B1 System and method for locating a memory page in a guest virtual machine 有权
标题翻译：用于在guest虚拟机中定位内存页的系统和方法
公开(公告)号：US08838913B1
公开(公告)日：2014-09-16
申请号：US12560036
申请日：2009-09-15
申请人： Matthew Conover
发明人： Matthew Conover
IPC分类号： G06F12/00 , G06F9/44 , G06F9/455 , G06F12/08
CPC分类号： G06F12/08 , G06F9/45558 , G06F2009/45583 , G06F2212/151
摘要： A system and method for locating a memory page in a guest virtual machine are provided. An execution event is triggered, in response to a request to allocate a first memory page in a virtual machine. A processor sends an indication to a hypervisor that the first memory page has been allocated in the virtual machine, in response to the triggering of the execution event. Responsive to receiving the indication, a security virtual machine appropriates control, via the hypervisor, of the first memory page allocated in the virtual machine and inserts program code in the first memory page. The processor executes the program code. The security virtual machine relinquishes control of the first memory page allocated in the virtual machine, in response to determining the program code has completed execution.
摘要翻译：提供了一种用于定位客虚拟机中的存储器页面的系统和方法。响应于在虚拟机中分配第一内存页的请求，触发执行事件。响应于触发执行事件，处理器向管理程序发送指示已经在虚拟机中分配了第一存储器页面。响应于接收到该指示，安全虚拟机通过虚拟机管理程序对分配在虚拟机中的第一存储器页面进行控制，并将程序代码插入到第一存储器页面中。处理器执行程序代码。响应于确定程序代码已经完成执行，安全虚拟机放弃在虚拟机中分配的第一内存页的控制。

10. 发明申请

US20130346961A1 SYSTEMS AND METHODS TO CREATE A CLEAN INSTALL OF AN APPLICATION 有权
公开(公告)号：US20130346961A1
公开(公告)日：2013-12-26
申请号：US13926207
申请日：2013-06-25
申请人： Matthew Conover
发明人： Matthew Conover
IPC分类号： G06F9/445
CPC分类号： G06F8/61
摘要： Disclosed herein are methods, systems, and software for computer application installation. In one example, a method of computer application installation includes executing a computer application installer. The method further provides, interrupting the computer application installer with a clean install mechanism, and forcing installation of all application components even if one or more of the application components was previously installed.

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式