CN107079041B - 用于文件信誉评估的方法、计算机系统和计算机可读介质 - Google Patents

用于文件信誉评估的方法、计算机系统和计算机可读介质 Download PDF

Info

Publication number
CN107079041B
CN107079041B CN201580050340.8A CN201580050340A CN107079041B CN 107079041 B CN107079041 B CN 107079041B CN 201580050340 A CN201580050340 A CN 201580050340A CN 107079041 B CN107079041 B CN 107079041B
Authority
CN
China
Prior art keywords
reputation
file
computer
chunk
client
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201580050340.8A
Other languages
English (en)
Chinese (zh)
Other versions
CN107079041A (zh
Inventor
R.A.辛
C.塞弗特
A.彭塔
E.J.哈伯
T.卡斯佩基维奇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Microsoft Technology Licensing LLC
Original Assignee
Microsoft Technology Licensing LLC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Microsoft Technology Licensing LLC filed Critical Microsoft Technology Licensing LLC
Publication of CN107079041A publication Critical patent/CN107079041A/zh
Application granted granted Critical
Publication of CN107079041B publication Critical patent/CN107079041B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/18File system types
    • G06F16/182Distributed file systems
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Computing Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Databases & Information Systems (AREA)
  • Information Transfer Between Computers (AREA)
  • Storage Device Security (AREA)
  • Debugging And Monitoring (AREA)
CN201580050340.8A 2014-09-17 2015-09-16 用于文件信誉评估的方法、计算机系统和计算机可读介质 Active CN107079041B (zh)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US14/488719 2014-09-17
US14/488,719 US9398036B2 (en) 2014-09-17 2014-09-17 Chunk-based file acquisition and file reputation evaluation
PCT/US2015/050307 WO2016044354A1 (en) 2014-09-17 2015-09-16 File reputation evaluation

Publications (2)

Publication Number Publication Date
CN107079041A CN107079041A (zh) 2017-08-18
CN107079041B true CN107079041B (zh) 2020-10-20

Family

ID=54251733

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201580050340.8A Active CN107079041B (zh) 2014-09-17 2015-09-16 用于文件信誉评估的方法、计算机系统和计算机可读介质

Country Status (10)

Country Link
US (1) US9398036B2 (enExample)
EP (1) EP3195573B1 (enExample)
JP (1) JP6633059B2 (enExample)
KR (1) KR102351948B1 (enExample)
CN (1) CN107079041B (enExample)
AU (1) AU2015317916B2 (enExample)
CA (1) CA2959754C (enExample)
MX (1) MX370212B (enExample)
RU (1) RU2690759C2 (enExample)
WO (1) WO2016044354A1 (enExample)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10169584B1 (en) * 2015-06-25 2019-01-01 Symantec Corporation Systems and methods for identifying non-malicious files on computing devices within organizations
US10055586B1 (en) 2015-06-29 2018-08-21 Symantec Corporation Systems and methods for determining the trustworthiness of files within organizations
US9838405B1 (en) 2015-11-20 2017-12-05 Symantec Corporation Systems and methods for determining types of malware infections on computing devices
US10003606B2 (en) 2016-03-30 2018-06-19 Symantec Corporation Systems and methods for detecting security threats
US10178122B1 (en) * 2016-08-12 2019-01-08 Symantec Corporation Systems and methods for disseminating location-based reputations for link-layer wireless attacks
US11086822B1 (en) * 2016-09-13 2021-08-10 Amazon Technologies, Inc. Application-based compression
US10091231B1 (en) 2016-09-15 2018-10-02 Symantec Corporation Systems and methods for detecting security blind spots
US10542017B1 (en) 2016-10-13 2020-01-21 Symantec Corporation Systems and methods for personalizing security incident reports
US11711380B2 (en) * 2019-10-21 2023-07-25 Acronis International Gmbh Systems and methods for parallel virus and malware scan between agents in a cloud environment
US20220129417A1 (en) * 2020-10-22 2022-04-28 Google Llc Code Similarity Search
CN113282922B (zh) * 2021-06-29 2024-08-20 北京安天网络安全技术有限公司 对移动存储设备进行防护控制的方法、装置、设备及介质

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102272771A (zh) * 2008-12-31 2011-12-07 微软公司 恶意软件数据的共享储存库
CN103220367A (zh) * 2013-05-13 2013-07-24 深圳市中博科创信息技术有限公司 数据复制方法及数据存储系统

Family Cites Families (38)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020046041A1 (en) 2000-06-23 2002-04-18 Ken Lang Automated reputation/trust service
WO2002005193A2 (en) * 2000-07-12 2002-01-17 Cachestream Corporation Credit system
US8635690B2 (en) 2004-11-05 2014-01-21 Mcafee, Inc. Reputation based message processing
US7991902B2 (en) * 2006-12-08 2011-08-02 Microsoft Corporation Reputation-based authorization decisions
US8250657B1 (en) * 2006-12-29 2012-08-21 Symantec Corporation Web site hygiene-based computer security
US8312536B2 (en) * 2006-12-29 2012-11-13 Symantec Corporation Hygiene-based computer security
US8214497B2 (en) 2007-01-24 2012-07-03 Mcafee, Inc. Multi-dimensional reputation scoring
US8769702B2 (en) 2008-04-16 2014-07-01 Micosoft Corporation Application reputation service
US8595282B2 (en) * 2008-06-30 2013-11-26 Symantec Corporation Simplified communication of a reputation score for an entity
EP2988189B1 (en) * 2008-07-11 2020-09-02 eldoLAB Holding B.V. Power converter for an led assembly and lighting application
US9135433B2 (en) 2008-08-29 2015-09-15 Adobe Systems Incorporated Identifying reputation and trust information for software
US8281403B1 (en) * 2009-06-02 2012-10-02 Symantec Corporation Methods and systems for evaluating the health of computing systems based on when operating-system changes occur
CN101576947B (zh) * 2009-06-05 2012-08-08 成都市华为赛门铁克科技有限公司 文件防护处理方法、装置及系统
US20100318759A1 (en) * 2009-06-15 2010-12-16 Microsoft Corporation Distributed rdc chunk store
US8719939B2 (en) 2009-12-31 2014-05-06 Mcafee, Inc. Malware detection via reputation system
JP2012008847A (ja) * 2010-06-25 2012-01-12 Brother Ind Ltd 配信システム、ノード装置、ノード処理プログラム、及びコンテンツ取得方法
JP5135389B2 (ja) * 2010-06-30 2013-02-06 株式会社日立情報システムズ 情報漏えいファイル検知装置、及びその方法とプログラム
CN103180862B (zh) * 2010-08-25 2016-03-02 前景公司 用于服务器耦合的恶意软件防止的系统和方法
US8413235B1 (en) * 2010-09-10 2013-04-02 Symantec Corporation Malware detection using file heritage data
US9235586B2 (en) * 2010-09-13 2016-01-12 Microsoft Technology Licensing, Llc Reputation checking obtained files
US8572007B1 (en) 2010-10-29 2013-10-29 Symantec Corporation Systems and methods for classifying unknown files/spam based on a user actions, a file's prevalence within a user community, and a predetermined prevalence threshold
US8671449B1 (en) 2010-11-10 2014-03-11 Symantec Corporation Systems and methods for identifying potential malware
US8863291B2 (en) * 2011-01-20 2014-10-14 Microsoft Corporation Reputation checking of executable programs
US8769691B1 (en) * 2011-02-14 2014-07-01 Trend Micro, Inc. Network traffic reduction
US8732587B2 (en) 2011-03-21 2014-05-20 Symantec Corporation Systems and methods for displaying trustworthiness classifications for files as visually overlaid icons
KR20140034222A (ko) * 2011-05-14 2014-03-19 비트카사, 인코포레이티드 사용자-독립적인 암호화된 파일들의 서버측 중복제거를 하는 클라우드 파일 시스템
US8516592B1 (en) * 2011-06-13 2013-08-20 Trend Micro Incorporated Wireless hotspot with lightweight anti-malware
US8799190B2 (en) * 2011-06-17 2014-08-05 Microsoft Corporation Graph-based malware classification based on file relationships
US9065826B2 (en) 2011-08-08 2015-06-23 Microsoft Technology Licensing, Llc Identifying application reputation based on resource accesses
US8650638B2 (en) * 2011-10-18 2014-02-11 Mcafee, Inc. System and method for detecting a file embedded in an arbitrary location and determining the reputation of the file
US8635700B2 (en) * 2011-12-06 2014-01-21 Raytheon Company Detecting malware using stored patterns
US8627469B1 (en) * 2012-03-14 2014-01-07 Symantec Corporation Systems and methods for using acquisitional contexts to prevent false-positive malware classifications
US20130254880A1 (en) 2012-03-21 2013-09-26 Mcafee, Inc. System and method for crowdsourcing of mobile application reputations
CN102752290B (zh) * 2012-06-13 2016-06-01 深圳市腾讯计算机系统有限公司 一种云安全系统中的未知文件安全信息确定方法和装置
CN103685150B (zh) * 2012-09-03 2015-08-12 腾讯科技(深圳)有限公司 上传文件的方法和装置
US9660745B2 (en) * 2012-12-12 2017-05-23 At&T Intellectual Property I, L.P. Geocast-based file transfer
US9143519B2 (en) * 2013-03-15 2015-09-22 Mcafee, Inc. Remote malware remediation
US9311480B2 (en) * 2013-03-15 2016-04-12 Mcafee, Inc. Server-assisted anti-malware client

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102272771A (zh) * 2008-12-31 2011-12-07 微软公司 恶意软件数据的共享储存库
CN103220367A (zh) * 2013-05-13 2013-07-24 深圳市中博科创信息技术有限公司 数据复制方法及数据存储系统

Also Published As

Publication number Publication date
US9398036B2 (en) 2016-07-19
JP6633059B2 (ja) 2020-01-22
AU2015317916B2 (en) 2019-01-24
EP3195573A1 (en) 2017-07-26
KR20170056556A (ko) 2017-05-23
CA2959754C (en) 2022-05-03
RU2017108769A3 (enExample) 2019-04-01
BR112017003782A2 (pt) 2017-12-12
MX2017003416A (es) 2017-06-19
US20160080400A1 (en) 2016-03-17
RU2017108769A (ru) 2018-09-17
CA2959754A1 (en) 2016-03-24
RU2690759C2 (ru) 2019-06-05
EP3195573B1 (en) 2018-06-27
AU2015317916A1 (en) 2017-03-09
MX370212B (es) 2019-12-05
KR102351948B1 (ko) 2022-01-14
JP2017538181A (ja) 2017-12-21
WO2016044354A1 (en) 2016-03-24
CN107079041A (zh) 2017-08-18

Similar Documents

Publication Publication Date Title
CN107079041B (zh) 用于文件信誉评估的方法、计算机系统和计算机可读介质
US11874921B2 (en) Digital protection that travels with data
US12041072B2 (en) Software release tracking and logging
JP2012530322A (ja) カタログベースのソフトウェアコンポーネント管理
WO2012098018A1 (en) Malware detection
WO2018233051A1 (zh) 数据发布方法、装置、服务器和存储介质
RU2012151502A (ru) Служба репутации контента на основе декларации
US20150199343A1 (en) Optimized file processing for linked clone virtual machines
CN107924440B (zh) 用于管理容器的方法、系统和计算机可读介质
WO2016029441A1 (zh) 一种文件扫描方法及装置
CN106649600B (zh) 一种迁移文件权限的方法、装置以及系统
US20200348927A1 (en) Data file partition and replication
US20170286439A1 (en) System and method for duplicating files on client device for cloud storage
US8572730B1 (en) Systems and methods for revoking digital signatures
CN110020040B (zh) 查询数据的方法、装置和系统
US11599636B1 (en) Systems and methods for managing and providing software packages which have undergone malware and/or vulnerability analysis
US20260005837A1 (en) Secure authorization of the helm chart
BR112017003782B1 (pt) Método e sistema para aquisição de arquivo para avaliação de reputação
US10747729B2 (en) Device specific chunked hash size tuning
US20220366035A1 (en) Execution control system, execution control method, and program

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant