专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20130074185A1 Providing a Network-Accessible Malware Analysis 有权
标题翻译：提供网络可访问恶意软件分析
公开(公告)号：US20130074185A1
公开(公告)日：2013-03-21
申请号：US13233804
申请日：2011-09-15
申请人： Monty D. McDougal , Bradley T. Ford , William E. Sterns
发明人： Monty D. McDougal , Bradley T. Ford , William E. Sterns
IPC分类号： G06F21/00 , G06F15/16
CPC分类号： G06F21/561
摘要： In certain embodiments, a computer-implemented method comprises receiving, via a computer network and from a first computer system, a first malware analysis request. The first malware analysis request comprises a file to be analyzed for malware by a malware analysis system. The method includes initiating a malware analysis by the malware analysis system of the first file for malware. The method includes communicating to the first computer system a response for the first file determined by the malware analysis system to the first computer system. The response comprises an indication of whether the first file comprises malware.
摘要翻译：在某些实施例中，计算机实现的方法包括经由计算机网络和第一计算机系统接收第一恶意软件分析请求。第一个恶意软件分析请求包括恶意软件分析系统要分析恶意软件的文件。该方法包括通过恶意软件分析系统对恶意软件的第一个文件进行恶意软件分析。该方法包括向第一计算机系统传送由恶意软件分析系统确定到第一计算机系统的第一文件的响应。响应包括第一个文件是否包含恶意软件的指示。

2. 发明授权

US09003532B2 Providing a network-accessible malware analysis 有权
标题翻译：提供网络可访问的恶意软件分析
公开(公告)号：US09003532B2
公开(公告)日：2015-04-07
申请号：US13233804
申请日：2011-09-15
申请人： Monty D. McDougal , Bradley T. Ford , William E. Sterns
发明人： Monty D. McDougal , Bradley T. Ford , William E. Sterns
IPC分类号： H04L29/06 , G06F21/56
CPC分类号： G06F21/561
摘要： In certain embodiments, a computer-implemented method comprises receiving, via a computer network and from a first computer system, a first malware analysis request. The first malware analysis request comprises a file to be analyzed for malware by a malware analysis system. The method includes initiating a malware analysis by the malware analysis system of the first file for malware. The method includes communicating to the first computer system a response for the first file determined by the malware analysis system to the first computer system. The response comprises an indication of whether the first file comprises malware.
摘要翻译：在某些实施例中，计算机实现的方法包括经由计算机网络和第一计算机系统接收第一恶意软件分析请求。第一个恶意软件分析请求包括恶意软件分析系统要分析恶意软件的文件。该方法包括通过恶意软件分析系统对恶意软件的第一个文件进行恶意软件分析。该方法包括向第一计算机系统传送由恶意软件分析系统确定到第一计算机系统的第一文件的响应。响应包括第一个文件是否包含恶意软件的指示。

3. 发明授权

US08468602B2 System and method for host-level malware detection 有权
标题翻译：用于主机级恶意软件检测的系统和方法
公开(公告)号：US08468602B2
公开(公告)日：2013-06-18
申请号：US12719614
申请日：2010-03-08
申请人： Monty D. McDougal , Brian N. Smith , Keven K. Kalkbrenner , Bradley T. Ford , Randy S. Jennings , William E. Sterns
发明人： Monty D. McDougal , Brian N. Smith , Keven K. Kalkbrenner , Bradley T. Ford , Randy S. Jennings , William E. Sterns
IPC分类号： G06F21/06 , H04L29/06
CPC分类号： H04L63/1416 , G06F21/562
摘要： According to one embodiment, a computer-implemented method includes: accessing a set of configuration parameters, accessing a set of identifiers of files known not to be malware, and accessing a set of identifiers of files known to be malware. Further, the method includes: comparing a first file to the set of configuration parameters, determining that a first hash of the first file is not in the set of identifiers of files known not to be malware and that the first hash is not in the set of identifiers of files known to be malware, and sending the at least one file and information related to the at least one file to be analyzed for malware. The method includes deleting the set of configuration parameters, the set of identifiers of files known not to be malware, and the set of identifiers of files known to be malware after sending the first file.
摘要翻译：根据一个实施例，计算机实现的方法包括：访问一组配置参数，访问已知不是恶意软件的文件的一组标识符，以及访问已知为恶意软件的一组文件的标识符。此外，该方法包括：将第一文件与配置参数集合进行比较，确定第一文件的第一散列不在已知不是恶意软件的文件的标识符集中，并且第一散列不在集合中已知是恶意软件的文件的标识符，以及发送所述至少一个文件以及与要被分析的至少一个文件相关的恶意软件的信息。该方法包括删除一组配置参数，已知不是恶意软件的文件的标识符集合，以及在发送第一个文件之后已知是恶意软件的文件的标识符集合。

4. 发明申请

US20110219451A1 System And Method For Host-Level Malware Detection 有权
标题翻译：用于主机级恶意软件检测的系统和方法
公开(公告)号：US20110219451A1
公开(公告)日：2011-09-08
申请号：US12719614
申请日：2010-03-08
申请人： Monty D. McDougal , Brian N. Smith , Keven K. Kalkbrenner , Bradley T. Ford , Randy S. Jennings , William E. Sterns
发明人： Monty D. McDougal , Brian N. Smith , Keven K. Kalkbrenner , Bradley T. Ford , Randy S. Jennings , William E. Sterns
IPC分类号： G06F11/00 , G06F21/00
CPC分类号： H04L63/1416 , G06F21/562
摘要： According to one embodiment, a computer-implemented method includes: accessing a set of configuration parameters, accessing a set of identifiers of files known not to be malware, and accessing a set of identifiers of files known to be malware. Further, the method includes: comparing a first file to the set of configuration parameters, determining that a first hash of the first file is not in the set of identifiers of files known not to be malware and that the first hash is not in the set of identifiers of files known to be malware, and sending the at least one file and information related to the at least one file to be analyzed for malware. The method includes deleting the set of configuration parameters, the set of identifiers of files known not to be malware, and the set of identifiers of files known to be malware after sending the first file.
摘要翻译：根据一个实施例，计算机实现的方法包括：访问一组配置参数，访问已知不是恶意软件的文件的一组标识符，以及访问已知为恶意软件的一组文件的标识符。此外，该方法包括：将第一文件与配置参数集合进行比较，确定第一文件的第一散列不在已知不是恶意软件的文件的标识符集中，并且第一散列不在集合中已知是恶意软件的文件的标识符，以及发送所述至少一个文件以及与要被分析的至少一个文件相关的恶意软件的信息。该方法包括删除一组配置参数，已知不是恶意软件的文件的标识符集合，以及在发送第一个文件之后已知是恶意软件的文件的标识符集合。

5. 发明授权

US08627404B2 Detecting addition of a file to a computer system and initiating remote analysis of the file for malware 有权
标题翻译：检测到文件添加到计算机系统并启动远程分析文件的恶意软件
公开(公告)号：US08627404B2
公开(公告)日：2014-01-07
申请号：US13216317
申请日：2011-08-24
申请人： Monty D. McDougal , Bradley T. Ford , William P. Smelser , Jason R. Clinton , Morgan J. Greenwood
发明人： Monty D. McDougal , Bradley T. Ford , William P. Smelser , Jason R. Clinton , Morgan J. Greenwood
IPC分类号： G06F15/16
CPC分类号： G06F21/56
摘要： In certain embodiments, a computer system includes a memory unit and a processing unit. The processing unit executes a monitoring module stored on the computer system. The monitoring module monitors the computer system for addition of a file to the computer system and detects an addition of a file to the computer system. The monitoring module accesses policies to determine whether to communicate information associated with the detected addition of the file over a communication network to a remote malware analysis system to initiate a possible malware analysis of the file by the remote malware analysis system. The monitoring module initiates, in response to determining to communicate information associated with the detected addition of the file, communication over the communication network of information associated with the detected addition of the file to the remote malware analysis system, the remote malware analysis system operable to analyze the file for malware.
摘要翻译：在某些实施例中，计算机系统包括存储器单元和处理单元。处理单元执行存储在计算机系统上的监视模块。监视模块监视计算机系统以将文件添加到计算机系统并检测文件到计算机系统的添加。监视模块访问策略以确定是否将通过通信网络检测到的文件添加相关联的信息传送到远程恶意软件分析系统，以发起由远程恶意软件分析系统对该文件的可能的恶意软件分析。所述监视模块响应于确定将与检测到的所述文件的添加相关联的信息通过所述通信网络与所述检测到的对所述文件的添加相关联的信息进行远程恶意软件分析系统的通信，所述远程恶意软件分析系统可操作以分析恶意软件的文件。

6. 发明申请

US20130055338A1 Detecting Addition of a File to a Computer System and Initiating Remote Analysis of the File for Malware 有权
标题翻译：检测文件添加到计算机系统并启动恶意软件文件的远程分析
公开(公告)号：US20130055338A1
公开(公告)日：2013-02-28
申请号：US13216317
申请日：2011-08-24
申请人： Monty D. McDougal , Bradley T. Ford , William P. Smelser , Jason R. Clinton , Morgan J. Greenwood
发明人： Monty D. McDougal , Bradley T. Ford , William P. Smelser , Jason R. Clinton , Morgan J. Greenwood
IPC分类号： G06F21/00 , G06F15/16
CPC分类号： G06F21/56
摘要： In certain embodiments, a computer system includes a memory unit and a processing unit. The processing unit executes a monitoring module stored on the computer system. The monitoring module monitors the computer system for addition of a file to the computer system and detects an addition of a file to the computer system. The monitoring module accesses policies to determine whether to communicate information associated with the detected addition of the file over a communication network to a remote malware analysis system to initiate a possible malware analysis of the file by the remote malware analysis system. The monitoring module initiates, in response to determining to communicate information associated with the detected addition of the file, communication over the communication network of information associated with the detected addition of the file to the remote malware analysis system, the remote malware analysis system operable to analyze the file for malware.
摘要翻译：在某些实施例中，计算机系统包括存储器单元和处理单元。处理单元执行存储在计算机系统上的监视模块。监视模块监视计算机系统以将文件添加到计算机系统并检测文件到计算机系统的添加。监视模块访问策略以确定是否将通过通信网络检测到的文件添加相关联的信息传送到远程恶意软件分析系统，以发起由远程恶意软件分析系统对该文件的可能的恶意软件分析。所述监视模块响应于确定将与检测到的所述文件的添加相关联的信息通过所述通信网络与所述检测到的对所述文件的添加相关联的信息进行远程恶意软件分析系统的通信，所述远程恶意软件分析系统可操作以分析恶意软件的文件。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式