专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US09305514B1 Detection of relative positions of tablet computers 有权
标题翻译：检测平板电脑的相对位置
公开(公告)号：US09305514B1
公开(公告)日：2016-04-05
申请号：US13563319
申请日：2012-07-31
申请人： Xiaochuan Wan , Xuewen Zhu , Xinfeng Liu , Qiang Huang
发明人： Xiaochuan Wan , Xuewen Zhu , Xinfeng Liu , Qiang Huang
IPC分类号： G09G5/00
CPC分类号： G09G5/00 , G06F3/1446 , G09G2356/00
摘要： Tablet computers send relevant geographic and identification data to an application server (one of the tablets, or a local or remote server) which groups them to form a video wall. Once placed next to one another in substantially the same plane, the tablets snap photographs at more or less the same time and these images are transmitted to the application server. The server determines the relative positions of the tablets and then streams a portion of a video or digital image to each of the tablets in order that all tablets display the video or image in an integrated fashion. The tablets may operate independently or may rely upon the remote application server. Relative positions are determined by analyzing features and determining an up-down or left-right relationship between pairs of images, sorting images into vertical and horizontal rows, and placing the images into a grid.
摘要翻译：平板电脑将相关的地理和标识数据发送到应用服务器（其中一个平板电脑或本地或远程服务器），将其组合成一个视频墙。一旦在基本相同的平面上彼此相邻放置，片剂或多或少相同地拍摄照片，并将这些图像发送到应用服务器。服务器确定平板电脑的相对位置，然后将视频或数字图像的一部分流式传输到每个平板电脑，以便所有平板电脑以集成的方式显示视频或图像。平板电脑可以独立运行，也可以依赖于远程应用服务器。通过分析特征并确定图像对之间的上下左右关系，将图像排列成垂直和水平行以及将图像放置在网格中来确定相对位置。

2. 发明授权

US09117079B1 Multiple application versions in a single virtual machine 有权
标题翻译：单个虚拟机中的多个应用程序版本
公开(公告)号：US09117079B1
公开(公告)日：2015-08-25
申请号：US13770554
申请日：2013-02-19
申请人： Ben Huang , Xiaochuan Wan , Xinfeng Liu , Qiang Huang
发明人： Ben Huang , Xiaochuan Wan , Xinfeng Liu , Qiang Huang
IPC分类号： G06F21/00 , G06F21/56 , G06F9/445
CPC分类号： G06F21/566 , G06F8/61 , G06F8/62 , G06F9/44505 , G06F21/56 , G06F21/565
摘要： A single virtual machine is implemented upon a computer and an operating system executes within this virtual machine. A sample file suspected of being malware is received and any number of versions of the software application corresponding to the sample file are installed. Each version of the software application is executed within the operating system, each version opening the sample file. Behavior of each version and of the sample file is collected while each version is executing. A score indicating malicious behavior for each version with respect to the sample file is determined and reported. The versions may execute serially in the happening system, each version terminating before the next version begins executing. Or, all versions may execute concurrently within the operating system. Files and registries are hidden to facilitate installation. System information is changed to facilitate execution.
摘要翻译：在计算机上实现单个虚拟机，并在该虚拟机内执行操作系统。接收到疑似恶意软件的示例文件，并安装与示例文件相对应的任意数量的软件应用程序版本。软件应用程序的每个版本都在操作系统中执行，每个版本打开示例文件。每个版本执行时收集每个版本和示例文件的行为。确定并报告每个版本相对于示例文件的恶意行为的分数。版本可以在发生的系统中连续执行，每个版本在下一个版本开始执行之前终止。或者，所有版本可能在操作系统中并发执行。隐藏文件和注册表以方便安装。更改系统信息以便于执行。

3. 发明授权

US09049222B1 Preventing cross-site scripting in web-based e-mail 有权
标题翻译：防止基于Web的电子邮件中的跨站点脚本
公开(公告)号：US09049222B1
公开(公告)日：2015-06-02
申请号：US13365161
申请日：2012-02-02
申请人： Juan He , Jialai Zhu , Xuewen Zhu , Xiaochuan Wan
发明人： Juan He , Jialai Zhu , Xuewen Zhu , Xiaochuan Wan
IPC分类号： H04L29/06 , G06F21/56 , G06F21/57
CPC分类号： H04L63/1416 , G06F21/566 , G06F21/577 , H04L63/1425 , H04L63/1433 , H04L63/145
摘要： Cross-site scripting vulnerabilities in a Web browser that may lead to malware execution on a computing device are reduced. The specific vulnerabilities arise from HTML-based e-mails using e-mail service providers (e.g., Hotmail, Gmail, Yahoo) that have unknown or malformed HTML elements and Javascripts. These unknown elements may execute in a browser and cause harm to the computing device. To prevent this, the e-mail is parsed to create a DOM tree. The DOM tree is filtered using a normal element filter. The modified DOM tree is filtered a second time using a script analyzer filter to isolate potentially harmful HTML and Javascript elements. These elements are then emulated to determine which of them are in fact malicious. These malicious elements are then prevented from executing, for example, by preventing the e-mail recipient from opening the e-mail in the browser.
摘要翻译： Web浏览器中可能导致计算设备上恶意软件执行的跨站点脚本漏洞减少。特定的漏洞源自使用电子邮件服务提供商（例如Hotmail，Gmail，Yahoo）的HTML电子邮件，其中包含未知或格式错误的HTML元素和Javascript。这些未知元素可能在浏览器中执行，并对计算设备造成危害。为了防止这种情况，电子邮件被解析为创建一个DOM树。使用普通元素过滤器过滤DOM树。修改后的DOM树第二次使用脚本分析器过滤器进行过滤，以隔离可能有害的HTML和Javascript元素。然后将这些元素模拟以确定其中哪些实际上是恶意的。然后，例如通过防止电子邮件接收者在浏览器中打开电子邮件来防止这些恶意元素的执行。

4. 发明授权

US09398032B1 Apparatus and methods for detecting malicious scripts in web pages 有权
标题翻译：用于检测网页中恶意脚本的装置和方法
公开(公告)号：US09398032B1
公开(公告)日：2016-07-19
申请号：US12500412
申请日：2009-07-09
申请人： Xiaochuan Wan , Yongtao Cao , Xuewen Zhu , Hua Ye
发明人： Xiaochuan Wan , Yongtao Cao , Xuewen Zhu , Hua Ye
IPC分类号： G06F15/16 , H04L29/06 , G06F21/56
CPC分类号： H04L63/1416 , G06F21/566 , G06F21/567 , G06F2221/2119 , H04L63/1491
摘要： One embodiment relates to a computer-implemented method for detecting malicious scripts in web pages. A local engine and an application are executed at a client computer. The local engine intercepts an access by the application to a web page at a universal resource locator (URL) under a domain. The local engine determines scripts at the URL and scripts at other URLs under the domain. Using that information, the local engine determines if the scripts at the URL include one or more unique script(s). The local engine sends the unique script(s), if any, via a network to a script analyzer. The script analyzer may then perform emulation of the unique script(s) to detect malicious code therein. Other embodiments, aspects and features are also disclosed.
摘要翻译：一个实施例涉及用于检测网页中的恶意脚本的计算机实现的方法。本地引擎和应用程序在客户端计算机上执行。本地引擎拦截应用程序访问域下的通用资源定位符（URL）的网页。本地引擎会确定URL上的脚本和域下的其他URL的脚本。使用该信息，本地引擎确定URL中的脚本是否包含一个或多个唯一脚本。本地引擎通过网络将唯一脚本（如果有的话）发送到脚本分析器。然后，脚本分析器可以执行唯一脚本的仿真以检测其中的恶意代码。还公开了其它实施例，方面和特征。

5. 发明授权

US08484732B1 Protecting computers against virtual machine exploits 有权
标题翻译：保护计算机免受虚拟机攻击
公开(公告)号：US08484732B1
公开(公告)日：2013-07-09
申请号：US13364012
申请日：2012-02-01
申请人： Xuebin Chen , Xiaochuan Wan , Min Zhang , Xinfeng Liu
发明人： Xuebin Chen , Xiaochuan Wan , Min Zhang , Xinfeng Liu
IPC分类号： G06F21/00
CPC分类号： G06F21/53
摘要： Computers are protected against virtual machine exploits. A computer includes an exploit monitor for a virtual machine running in the computer. Loading of a virtual machine program in the virtual machine triggers the exploit monitor to modify the virtual machine program after the virtual machine program is loaded in the virtual machine but before the virtual machine program is executed in the virtual machine. The modification includes adding monitoring code, such as one or more checkpoints, in the virtual machine program. When the monitoring code is reached during execution of the virtual machine program in the virtual machine, the virtual machine program is evaluated to determine whether or not the virtual machine program is a virtual machine exploit.
摘要翻译：计算机受到虚拟机攻击的保护。计算机包括在计算机中运行的虚拟机的漏洞监视器。在虚拟机中加载虚拟机程序将在虚拟机程序加载到虚拟机中之后但在虚拟机中执行虚拟机程序之前触发利用监视器来修改虚拟机程序。该修改包括在虚拟机程序中添加诸如一个或多个检查点的监视代码。当在虚拟机中执行虚拟机程序期间达到监视代码时，评估虚拟机程序以确定虚拟机程序是否为虚拟机漏洞。

6. 发明授权

US09355246B1 Tuning sandbox behavior based on static characteristics of malware 有权
标题翻译：根据恶意软件的静态特性调整沙箱行为
公开(公告)号：US09355246B1
公开(公告)日：2016-05-31
申请号：US14098488
申请日：2013-12-05
申请人： Xiaochuan Wan , Ben Huang , Xuebin Chen , Xiaodong Huang , Hailiang Fan
发明人： Xiaochuan Wan , Ben Huang , Xuebin Chen , Xiaodong Huang , Hailiang Fan
IPC分类号： G06F11/00 , G06F21/53 , H04L29/06
CPC分类号： G06F21/53 , G06F21/566 , H04L63/1408 , H04L63/1416 , H04L63/1441
摘要： An emulator on a host computer includes a static analysis module that analyzes executable code of a suspicious sample to determine whether the code identifies that a particular packing program (packer) has packed the sample. Once identified, a custom configuration file is generated that identifies particular API hooks or instructions that should be disabled (or enabled) so that the sample file cannot use these hooks or instructions to detect that it is executing within an emulator. The emulator (such as a virtual machine or sandbox) is configured using the configuration file. The suspicious sample is then executed and its behaviors are collected. The sample is prevented from detecting that it is operating within an emulator and thus prevented from terminating prematurely. Malicious behaviors are scored and a total score indicates whether or not the suspicious sample is malicious or not. Static analysis identifies signatures, instructions or strings.
摘要翻译：主计算机上的仿真器包括静态分析模块，其分析可疑样本的可执行代码，以确定代码是否识别特定打包程序（打包程序）已打包样本。一旦识别出来，就会生成一个自定义配置文件，该文件标识特定的API钩子或应禁用（或启用）的指令，以便样本文件不能使用这些钩子或指令来检测它在仿真器中的执行情况。使用配置文件配置仿真器（如虚拟机或沙盒）。然后执行可疑样本，并收集其行为。防止样品检测其在仿真器内操作，从而防止过早终止。恶意行为得分，总分表示可疑样本是否恶意。静态分析识别签名，指令或字符串。

7. 发明授权

US08087080B1 Inspection of downloadable contents for malicious codes 有权
标题翻译：检查恶意代码的可下载内容
公开(公告)号：US08087080B1
公开(公告)日：2011-12-27
申请号：US12253534
申请日：2008-10-17
申请人： Xiaochuan Wan , Xiaodong Huang , Zhengmao Lin
发明人： Xiaochuan Wan , Xiaodong Huang , Zhengmao Lin
IPC分类号： G06F11/00 , G06F7/10
CPC分类号： G06F11/327 , G06F21/51 , G06F21/566 , G06F2221/2119
摘要： A web page available for download from a web server computer may include a reference to a web widget. When the web page is received in a client computer, the reference executes and retrieves the web widget from a security server computer. The web widget may be configured to detect when a cursor in the client computer is pointed to a link displayed on the web page. The web widget may communicate with a remotely located computer to determine if the link points to a downloadable file that contains malicious code. The web widget may display a warning message to alert a user of the client computer when the downloadable file contains malicious code.
摘要翻译：可从网络服务器计算机下载的网页可以包括对web小部件的引用。当在客户端计算机中接收到网页时，引用执行并从安全服务器计算机检索Web窗口小部件。网络小窗口可以被配置为检测客户端计算机中的游标何时被指向网页上显示的链接。 web小部件可以与位于远程的计算机进行通信，以确定链接是否指向包含恶意代码的可下载文件。当可下载文件包含恶意代码时，网络小部件可能会显示警告消息以提醒客户端计算机的用户。

8. 发明授权

US07840958B1 Preventing spyware installation 有权
标题翻译：防止间谍软件安装
公开(公告)号：US07840958B1
公开(公告)日：2010-11-23
申请号：US11356600
申请日：2006-02-17
申请人： Xiaochuan Wan
发明人： Xiaochuan Wan
IPC分类号： G06F9/445
CPC分类号： G06F21/554
摘要： A computer or its user can prevent the installation of spyware on the computer by having a program that continuously observes and collects data on execution and installation behavior on the computer. This behavior can relate to execution of any application or installation of any type of software. The program uses various installation detection programs and an event collector that continuously observes and gathers data on execution and installation activities on the computer. The program then uses pre-defined rules to determine whether the behavior or activity correlates to spyware installation, which can occur through various methods and means that are often difficult to detect. However, by establishing a comprehensive set of rules that focus on the spyware installation behavior, the program of the present invention is able to detect when spyware is likely being installed and either alert the user who can prevent further installation or execution or automatically do so.
摘要翻译：计算机或其用户可以通过持续观察并收集计算机上的执行和安装行为数据的程序来防止在计算机上安装间谍软件。此行为可能涉及任何应用程序的执行或任何类型的软件的安装。该程序使用各种安装检测程序和事件收集器，连续观察并收集计算机上执行和安装活动的数据。该程序然后使用预定义的规则来确定行为或活动是否与间谍软件安装相关联，这可以通过常常难以检测的各种方法和方法发生。然而，通过建立专门针对间谍软件安装行为的综合规则，本发明的程序能够检测何时可能安装间谍软件，并且可以警告用户谁可以防止进一步的安装或执行或自动执行此操作。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式