专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08739283B1 Automatic generation of malware clean pattern 有权
标题翻译：自动生成恶意软件清理模式
公开(公告)号：US08739283B1
公开(公告)日：2014-05-27
申请号：US12632158
申请日：2009-12-07
申请人： Zhihe Zhang , Mingyan Sun , Zhengmao Lin
发明人： Zhihe Zhang , Mingyan Sun , Zhengmao Lin
IPC分类号： G06F11/00 , G06F21/56 , G06F21/36 , H04L29/06
CPC分类号： G06F21/566 , G06F21/36 , G06F21/56 , G06F21/568 , H04L63/1416 , H04L63/1441
摘要： A computing device is capable of automatically detecting malware execution and cleaning the effects of malware execution using a malware repair module that is customized to the operating features and characteristics of the computing device. The computing device has software modules, hardware components, and network interfaces for accessing remote sources which, collectively, enable the device to restore itself after malware has executed on it. These modules, components, and interfaces may also enable the apparatus to delete the malware, if not entirely, at least partially so that it can no longer execute and cause further harm. The malware repair module is created from a detailed malware behavior data set retrieved from a remote malware behavior database and then modified to take into account specific operating features of the computing device. The repair module executes on a repair module execution engine and the effects of the malware on the device are minimized.
摘要翻译：计算设备能够使用根据计算设备的操作特征和特征定制的恶意软件修复模块来自动检测恶意软件执行并清除恶意软件执行的影响。计算设备具有用于访问远程源的软件模块，硬件组件和网络接口，这些远程源共同地使设备在恶意软件执行之后恢复自身。这些模块，组件和接口还可以使设备至少部分地删除恶意软件（如果不是完全），使其不再能够执行并造成进一步的伤害。从远程恶意软件行为数据库检索的详细的恶意软件行为数据集创建恶意软件修复模块，然后修改以考虑计算设备的特定操作功能。修复模块在修复模块执行引擎上执行，恶意软件对设备的影响最小化。

2. 发明授权

US08510838B1 Malware protection using file input/output virtualization 有权
标题翻译：使用文件输入/输出虚拟化的恶意软件保护
公开(公告)号：US08510838B1
公开(公告)日：2013-08-13
申请号：US12420508
申请日：2009-04-08
申请人： Mingyan Sun , Chi-Huang Fan
发明人： Mingyan Sun , Chi-Huang Fan
IPC分类号： G06F21/00
CPC分类号： G06F21/53 , G06F21/566 , G06F21/6281 , G06F21/78
摘要： Applications running in an API-proxy-based emulator are prevented from infecting a PC's hard disk when executing file I/O commands. Such commands are redirected to an I/O redirection engine instead of going directly to the PC's normal operating system where it can potentially harm files in on the hard disk. The redirection engine executes the file I/O command using a private storage area in the hard disk that is not accessible by the PC's normal operating system. If a file that is the subject of a file I/O command from an emulated application is not in the private storage area, a copy is made from the original that is presumed to exist in the public storage area. This copy is then acted on by the command and is stored in the private storage area, which can be described as a controlled, quarantined storage space on the hard disk. In this manner the PC's (or any computing device's) hard disk is defended from potential malware that may originate from applications running in emulated environments.
摘要翻译：在执行文件I / O命令时，在基于API代理的仿真器中运行的应用程序将被阻止感染PC的硬盘。这样的命令被重定向到I / O重定向引擎，而不是直接转到PC的正常操作系统，它可能会损坏硬盘上的文件。重定向引擎使用硬盘中的无法通过PC的普通操作系统访问的专用存储区域来执行文件I / O命令。如果作为模拟应用程序的文件I / O命令的主题的文件不在私有存储区域，则从假定存在于公共存储区域中的原件进行复制。该副本随后由命令执行，并存储在专用存储区域中，可以将其描述为硬盘上受控隔离的存储空间。以这种方式，PC（或任何计算设备的）硬盘可能来自可能源自在仿真环境中运行的应用程序的潜在恶意软件。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式