IN2014DN09583A - - Google Patents

Info

Publication number
IN2014DN09583A
IN2014DN09583A IN9583DEN2014A IN2014DN09583A IN 2014DN09583 A IN2014DN09583 A IN 2014DN09583A IN 9583DEN2014 A IN9583DEN2014 A IN 9583DEN2014A IN 2014DN09583 A IN2014DN09583 A IN 2014DN09583A
Authority
IN
India
Prior art keywords
kernel
security agent
level security
malicious code
events
Prior art date
Application number
Other languages
English (en)
Inventor
David F Diehl
Dmitri Alperovitch
Ion0 Alexandru IONESCU
George Robert Kurtz
Original Assignee
Crowdstrike Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Crowdstrike Inc filed Critical Crowdstrike Inc
Publication of IN2014DN09583A publication Critical patent/IN2014DN09583A/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/567Computer malware detection or handling, e.g. anti-virus arrangements using dedicated hardware
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/568Computer malware detection or handling, e.g. anti-virus arrangements eliminating virus, restoring damaged files
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N5/00Computing arrangements using knowledge-based models
    • G06N5/04Inference or reasoning models
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0245Filtering by information in the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1491Countermeasures against malicious traffic using deception as countermeasure, e.g. honeypots, honeynets, decoys or entrapment
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/034Test or assess a computer or a system

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Virology (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Artificial Intelligence (AREA)
  • Computational Linguistics (AREA)
  • Data Mining & Analysis (AREA)
  • Evolutionary Computation (AREA)
  • Mathematical Physics (AREA)
  • Debugging And Monitoring (AREA)
  • Measuring Or Testing Involving Enzymes Or Micro-Organisms (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
IN9583DEN2014 2012-06-08 2013-05-09 IN2014DN09583A (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US13/492,672 US9043903B2 (en) 2012-06-08 2012-06-08 Kernel-level security agent
PCT/US2013/040420 WO2013184281A1 (fr) 2012-06-08 2013-05-09 Agent de sécurité au niveau du noyau

Publications (1)

Publication Number Publication Date
IN2014DN09583A true IN2014DN09583A (fr) 2015-07-17

Family

ID=49712456

Family Applications (1)

Application Number Title Priority Date Filing Date
IN9583DEN2014 IN2014DN09583A (fr) 2012-06-08 2013-05-09

Country Status (10)

Country Link
US (6) US9043903B2 (fr)
EP (3) EP3654218B1 (fr)
JP (2) JP6212548B2 (fr)
AU (1) AU2013272198A1 (fr)
BR (1) BR112014030746A2 (fr)
CA (1) CA2872786A1 (fr)
IL (1) IL235905B (fr)
IN (1) IN2014DN09583A (fr)
SG (1) SG11201407292QA (fr)
WO (1) WO2013184281A1 (fr)

Families Citing this family (94)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8510596B1 (en) 2006-02-09 2013-08-13 Virsec Systems, Inc. System and methods for run time detection and correction of memory corruption
AU2011361577B2 (en) * 2011-03-09 2017-04-20 Irdeto B.V. Method and system for dynamic platform security in a device operating system
US9043903B2 (en) * 2012-06-08 2015-05-26 Crowdstrike, Inc. Kernel-level security agent
US9292881B2 (en) 2012-06-29 2016-03-22 Crowdstrike, Inc. Social sharing of security information in a group
US10409980B2 (en) * 2012-12-27 2019-09-10 Crowdstrike, Inc. Real-time representation of security-relevant system state
US10127379B2 (en) * 2013-03-13 2018-11-13 Mcafee, Llc Profiling code execution
WO2014145805A1 (fr) 2013-03-15 2014-09-18 Mandiant, Llc Système et procédé utilisant une intelligence structurée pour contrôler et gérer des menaces au niveau de postes de travail
US9740886B2 (en) * 2013-03-15 2017-08-22 Sony Interactive Entertainment Inc. Enhanced security for hardware decoder accelerator
US9158914B2 (en) * 2013-04-19 2015-10-13 Crowdstrike, Inc. Executable component injection utilizing hotpatch mechanisms
US9852290B1 (en) * 2013-07-12 2017-12-26 The Boeing Company Systems and methods of analyzing a software component
JP2016534479A (ja) 2013-09-12 2016-11-04 ヴァーセック・システムズ・インコーポレーテッドVirsec Systems,Inc. マルウェアのランタイム中の自動検出
KR102125923B1 (ko) * 2013-10-24 2020-06-24 삼성전자 주식회사 전자 장치의 운영체제 업그레이드 방법 및 장치
US20150222646A1 (en) * 2014-01-31 2015-08-06 Crowdstrike, Inc. Tagging Security-Relevant System Objects
US20150304343A1 (en) 2014-04-18 2015-10-22 Intuit Inc. Method and system for providing self-monitoring, self-reporting, and self-repairing virtual assets in a cloud computing environment
US10757133B2 (en) 2014-02-21 2020-08-25 Intuit Inc. Method and system for creating and deploying virtual assets
US9866581B2 (en) 2014-06-30 2018-01-09 Intuit Inc. Method and system for secure delivery of information to computing environments
US9276945B2 (en) * 2014-04-07 2016-03-01 Intuit Inc. Method and system for providing security aware applications
US10289405B2 (en) 2014-03-20 2019-05-14 Crowdstrike, Inc. Integrity assurance and rebootless updating during runtime
US11294700B2 (en) 2014-04-18 2022-04-05 Intuit Inc. Method and system for enabling self-monitoring virtual assets to correlate external events with characteristic patterns associated with the virtual assets
US9798882B2 (en) 2014-06-06 2017-10-24 Crowdstrike, Inc. Real-time model of states of monitored devices
WO2015200511A1 (fr) 2014-06-24 2015-12-30 Virsec Systems, Inc. Système et procédés de détection automatisée d'une validation d'entrées et de sorties et d'une vulnérabilité de gestion de ressources
WO2016014021A1 (fr) * 2014-07-21 2016-01-28 Hewlett-Packard Development Company, L.P. Détermination de liaison d'indicateur de sécurité
US10102082B2 (en) 2014-07-31 2018-10-16 Intuit Inc. Method and system for providing automated self-healing virtual assets
US11507663B2 (en) 2014-08-11 2022-11-22 Sentinel Labs Israel Ltd. Method of remediating operations performed by a program and system thereof
US10102374B1 (en) 2014-08-11 2018-10-16 Sentinel Labs Israel Ltd. Method of remediating a program and system thereof by undoing operations
US9710648B2 (en) 2014-08-11 2017-07-18 Sentinel Labs Israel Ltd. Method of malware detection and system thereof
US9940336B2 (en) * 2014-10-24 2018-04-10 Splunk Inc. File monitoring
US9565093B1 (en) * 2014-12-15 2017-02-07 Symantec Corporation Systems and methods for anticipating file-security queries
US10032041B2 (en) * 2015-05-30 2018-07-24 Apple Inc. Storage volume protection using restricted resource classes
KR101666176B1 (ko) * 2015-06-25 2016-10-14 한국전자통신연구원 안드로이드 플랫폼 기반의 어플리케이션 모니터링 장치 및 방법
US10216927B1 (en) 2015-06-30 2019-02-26 Fireeye, Inc. System and method for protecting memory pages associated with a process using a virtualization layer
US10726127B1 (en) 2015-06-30 2020-07-28 Fireeye, Inc. System and method for protecting a software component running in a virtual machine through virtual interrupts by the virtualization layer
US11113086B1 (en) 2015-06-30 2021-09-07 Fireeye, Inc. Virtual system and method for securing external network connectivity
US10395029B1 (en) 2015-06-30 2019-08-27 Fireeye, Inc. Virtual system and method with threat protection
US10642753B1 (en) 2015-06-30 2020-05-05 Fireeye, Inc. System and method for protecting a software component running in virtual machine using a virtualization layer
US10339316B2 (en) * 2015-07-28 2019-07-02 Crowdstrike, Inc. Integrity assurance through early loading in the boot phase
US10033759B1 (en) 2015-09-28 2018-07-24 Fireeye, Inc. System and method of threat detection under hypervisor control
CN105389197B (zh) * 2015-10-13 2019-02-26 北京百度网讯科技有限公司 用于基于容器的虚拟化系统的操作捕获方法和装置
WO2017086928A1 (fr) * 2015-11-17 2017-05-26 Hewlett Packard Enterprise Development Lp Gestion de menaces au réseau
US10257223B2 (en) * 2015-12-21 2019-04-09 Nagravision S.A. Secured home network
US20170195364A1 (en) * 2016-01-06 2017-07-06 Perception Point Ltd. Cyber security system and method
JP2019505943A (ja) 2016-02-23 2019-02-28 カーボン ブラック, インコーポレイテッド サイバーセキュリティシステムおよび技術
US20210049292A1 (en) * 2016-03-07 2021-02-18 Crowdstrike, Inc. Hypervisor-Based Interception of Memory and Register Accesses
US11188651B2 (en) * 2016-03-07 2021-11-30 Crowdstrike, Inc. Hypervisor-based interception of memory accesses
US10320820B2 (en) 2016-03-24 2019-06-11 Carbon Black, Inc. Systems and techniques for guiding a response to a cybersecurity incident
US10243972B2 (en) * 2016-04-11 2019-03-26 Crowdstrike, Inc. Correlation-based detection of exploit activity
US10044744B1 (en) 2016-04-26 2018-08-07 EMC IP Holding Company LLC Covert storage channel communication between computer security agent and security system
US10681059B2 (en) 2016-05-25 2020-06-09 CyberOwl Limited Relating to the monitoring of network security
CA3027728A1 (fr) * 2016-06-16 2017-12-21 Virsec Systems, Inc. Systemes et procedes permettant de remedier a une corruption de memoire dans une application informatique
US10191789B2 (en) * 2016-08-18 2019-01-29 Crowdstrike, Inc. Tracing system operations across remote procedure linkages to identify request originators
CN106452881B (zh) * 2016-10-21 2019-12-20 用友网络科技股份有限公司 一种基于云加端模式的运维数据处理系统
US10685111B2 (en) 2016-10-31 2020-06-16 Crowdstrike, Inc. File-modifying malware detection
US10515226B2 (en) * 2016-11-21 2019-12-24 Dell Products, L.P. Systems and methods for protected local backup
US11695800B2 (en) 2016-12-19 2023-07-04 SentinelOne, Inc. Deceiving attackers accessing network data
US11616812B2 (en) 2016-12-19 2023-03-28 Attivo Networks Inc. Deceiving attackers accessing active directory data
US10320818B2 (en) * 2017-02-14 2019-06-11 Symantec Corporation Systems and methods for detecting malicious computing events
US10387228B2 (en) 2017-02-21 2019-08-20 Crowdstrike, Inc. Symmetric bridge component for communications between kernel mode and user mode
US11436317B2 (en) * 2017-02-21 2022-09-06 Raptor Engineering LLC Systems and methods for assuring integrity of operating system and software components at runtime
US11238185B2 (en) * 2017-03-07 2022-02-01 Sennco Solutions, Inc. Integrated, persistent security monitoring of electronic merchandise
US10503545B2 (en) * 2017-04-12 2019-12-10 At&T Intellectual Property I, L.P. Universal security agent
US10635806B2 (en) * 2017-05-04 2020-04-28 Crowdstrike, Inc. Least recently used (LRU)-based event suppression
CA3065306A1 (fr) 2017-05-30 2018-12-06 Stewart P. Macleod Detection et protection en temps reel des logiciels malveillants et de la steganographie dans un mode noyau
JP2019008503A (ja) * 2017-06-23 2019-01-17 杉中 順子 情報処理監視装置、情報処理監視方法、プログラム、記録媒体及び情報処理装置
US10659432B2 (en) * 2017-07-06 2020-05-19 Crowdstrike, Inc. Network containment of compromised machines
JP6656211B2 (ja) * 2017-08-02 2020-03-04 三菱電機株式会社 情報処理装置、情報処理方法及び情報処理プログラム
JP2020530922A (ja) * 2017-08-08 2020-10-29 センチネル ラボ, インコーポレイテッドSentinel Labs, Inc. エッジネットワーキングのエンドポイントを動的にモデリングおよびグループ化する方法、システム、およびデバイス
US10997303B2 (en) * 2017-09-12 2021-05-04 Sophos Limited Managing untyped network traffic flows
US11163880B2 (en) * 2017-09-29 2021-11-02 Crowdstrike, Inc. Using indirection to facilitate software upgrades
US10990664B2 (en) 2017-11-20 2021-04-27 International Business Machines Corporation Eliminating and reporting kernel instruction alteration
US10740459B2 (en) 2017-12-28 2020-08-11 Crowdstrike, Inc. Kernel- and user-level cooperative security processing
US11423186B2 (en) 2018-01-17 2022-08-23 Crowdstrike, Inc. Verified inter-module communications interface
EP3514717B1 (fr) 2018-01-17 2021-03-31 Crowdstrike, Inc. Installation d'un magasin de stockage non-volatile pour pilote de périphérique
US11113425B2 (en) 2018-01-17 2021-09-07 Crowd Strike, Inc. Security component for devices on an enumerated bus
US11470115B2 (en) 2018-02-09 2022-10-11 Attivo Networks, Inc. Implementing decoys in a network environment
CN108429746B (zh) * 2018-03-06 2020-01-03 华中科技大学 一种面向云租户的隐私数据保护方法及系统
US10762202B2 (en) 2018-04-11 2020-09-01 Crowdstrike, Inc. Securely and efficiently providing user notifications about security actions
US10333977B1 (en) * 2018-08-23 2019-06-25 Illusive Networks Ltd. Deceiving an attacker who is harvesting credentials
US11916953B2 (en) * 2018-09-24 2024-02-27 Cybereason, Inc. Method and mechanism for detection of pass-the-hash attacks
US10983849B2 (en) 2019-02-28 2021-04-20 Crowdstrike, Inc. Container application for android-based devices
EP3973427A4 (fr) 2019-05-20 2023-06-21 Sentinel Labs Israel Ltd. Systèmes et procédés de détection de code exécutable, extraction de caractéristique automatique et détection de code indépendante de la position
US11636204B2 (en) * 2019-10-01 2023-04-25 Acronis International Gmbh Systems and methods for countering removal of digital forensics information by malicious software
WO2021189152A1 (fr) * 2020-03-26 2021-09-30 Groupe Elucidia Inc. Système et procédé de découverte de surveillance et de réparation d'informations sensibles automatisées
US11711379B2 (en) 2020-04-15 2023-07-25 Crowdstrike, Inc. Distributed digital security system
US11563756B2 (en) 2020-04-15 2023-01-24 Crowdstrike, Inc. Distributed digital security system
US11616790B2 (en) 2020-04-15 2023-03-28 Crowdstrike, Inc. Distributed digital security system
US11645397B2 (en) * 2020-04-15 2023-05-09 Crowd Strike, Inc. Distributed digital security system
US11861019B2 (en) 2020-04-15 2024-01-02 Crowdstrike, Inc. Distributed digital security system
US11636214B2 (en) * 2020-12-11 2023-04-25 Hewlett Packard Enterprise Development Lp Memory scan-based process monitoring
US11579857B2 (en) 2020-12-16 2023-02-14 Sentinel Labs Israel Ltd. Systems, methods and devices for device fingerprinting and automatic deployment of software in a computing network using a peer-to-peer approach
US11836137B2 (en) 2021-05-19 2023-12-05 Crowdstrike, Inc. Real-time streaming graph queries
US11899782B1 (en) 2021-07-13 2024-02-13 SentinelOne, Inc. Preserving DLL hooks
US20230068691A1 (en) * 2021-08-31 2023-03-02 EMC IP Holding Company LLC System and method for correlating filesystem events into meaningful behaviors
CN113779583B (zh) * 2021-11-10 2022-02-22 北京微步在线科技有限公司 一种行为检测方法、装置、存储介质及电子设备
US20230421587A1 (en) 2022-06-24 2023-12-28 Crowdstrike, Inc. Distributed Digital Security System for Predicting Malicious Behavior

Family Cites Families (131)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5355498A (en) 1992-02-25 1994-10-11 Sun Microsystems, Inc. Method and apparatus for booting a computer system without loading a device driver into memory
US5410703A (en) * 1992-07-01 1995-04-25 Telefonaktiebolaget L M Ericsson System for changing software during computer operation
US6052723A (en) 1996-07-25 2000-04-18 Stockmaster.Com, Inc. Method for aggregate control on an electronic network
US6009274A (en) 1996-12-13 1999-12-28 3Com Corporation Method and apparatus for automatically updating software components on end systems over a network
US6088804A (en) * 1998-01-12 2000-07-11 Motorola, Inc. Adaptive system and method for responding to computer network security attacks
DE19810814B4 (de) * 1998-03-12 2004-10-28 Telefonaktiebolaget Lm Ericsson (Publ) Rechnersystem und Zustandskopierverfahren zur skalierbaren Software-Aktualisierung
US7418504B2 (en) 1998-10-30 2008-08-26 Virnetx, Inc. Agile network protocol for secure communications using secure domain names
US20010044904A1 (en) 1999-09-29 2001-11-22 Berg Ryan J. Secure remote kernel communication
US7281268B2 (en) * 1999-11-14 2007-10-09 Mcafee, Inc. System, method and computer program product for detection of unwanted processes
US7076647B2 (en) 2000-06-09 2006-07-11 Hewlett-Packard Development Company, L.P. Dynamic kernel tunables
US7099948B2 (en) 2001-02-16 2006-08-29 Swsoft Holdings, Ltd. Virtual computing environment
JP2003084983A (ja) 2001-09-11 2003-03-20 Toshiba Corp ソフトウェア配布装置、ソフトウェア配布システム及びソフトウェア配布方法
US20030112781A1 (en) 2001-12-17 2003-06-19 Kermode Roger George Communications unit for secure communications
US7512810B1 (en) 2002-09-11 2009-03-31 Guardian Data Storage Llc Method and system for protecting encrypted files transmitted over a network
US7448049B1 (en) 2002-10-18 2008-11-04 Crossroads Systems, Inc. System and method of supporting kernel functionality
US7784044B2 (en) 2002-12-02 2010-08-24 Microsoft Corporation Patching of in-use functions on a running computer system
US7340638B2 (en) 2003-01-30 2008-03-04 Microsoft Corporation Operating system update and boot failure recovery
US7093116B2 (en) 2003-04-28 2006-08-15 Intel Corporation Methods and apparatus to operate in multiple phases of a basic input/output system (BIOS)
WO2005058018A2 (fr) 2003-12-16 2005-06-30 Aerulean Plant Identification Systems, Inc. Systeme et procede d'identification de plantes
US8010459B2 (en) 2004-01-21 2011-08-30 Google Inc. Methods and systems for rating associated members in a social network
US20070153993A1 (en) 2004-02-02 2007-07-05 Mobile Reach Media Inc. Monitoring method and system
US7490356B2 (en) * 2004-07-20 2009-02-10 Reflectent Software, Inc. End user risk management
JP4624181B2 (ja) * 2004-07-28 2011-02-02 株式会社エヌ・ティ・ティ・データ 不正アクセス対策制御装置および不正アクセス対策制御プログラム
US7571448B1 (en) 2004-07-28 2009-08-04 Symantec Corporation Lightweight hooking mechanism for kernel level operations
US20060070089A1 (en) 2004-08-20 2006-03-30 Shahid Shoaib Method and apparatus for dynamic replacement of device drivers in the operating system (OS) kernel
KR101201118B1 (ko) * 2004-11-08 2012-11-13 마이크로소프트 코포레이션 바이러스 방지 소프트웨어 어플리케이션들의 지식 베이스를모으는 시스템 및 방법
US7478237B2 (en) * 2004-11-08 2009-01-13 Microsoft Corporation System and method of allowing user mode applications with access to file data
US7765410B2 (en) * 2004-11-08 2010-07-27 Microsoft Corporation System and method of aggregating the knowledge base of antivirus software applications
US7765400B2 (en) * 2004-11-08 2010-07-27 Microsoft Corporation Aggregation of the knowledge base of antivirus software
US7698744B2 (en) 2004-12-03 2010-04-13 Whitecell Software Inc. Secure system for allowing the execution of authorized computer program code
US7366891B2 (en) 2004-12-30 2008-04-29 Intel Corporation Methods and apparatus to provide dual-mode drivers in processor systems
US7979889B2 (en) * 2005-01-07 2011-07-12 Cisco Technology, Inc. Methods and apparatus providing security to computer systems and networks
US8365293B2 (en) 2005-01-25 2013-01-29 Redphone Security, Inc. Securing computer network interactions between entities with authorization assurances
US8572733B1 (en) * 2005-07-06 2013-10-29 Raytheon Company System and method for active data collection in a network security system
US7874001B2 (en) 2005-07-15 2011-01-18 Microsoft Corporation Detecting user-mode rootkits
US20070094496A1 (en) * 2005-10-25 2007-04-26 Michael Burtscher System and method for kernel-level pestware management
US7882560B2 (en) * 2005-12-16 2011-02-01 Cisco Technology, Inc. Methods and apparatus providing computer and network security utilizing probabilistic policy reposturing
US8239947B1 (en) * 2006-02-06 2012-08-07 Symantec Corporation Method using kernel mode assistance for the detection and removal of threats which are actively preventing detection and removal from a running system
US8201243B2 (en) 2006-04-20 2012-06-12 Webroot Inc. Backwards researching activity indicative of pestware
US7441113B2 (en) 2006-07-10 2008-10-21 Devicevm, Inc. Method and apparatus for virtualization of appliances
WO2008009112A1 (fr) 2006-07-18 2008-01-24 Certicom Corp. système et procédé pour authentifier un dispositif de jeu
US8190868B2 (en) 2006-08-07 2012-05-29 Webroot Inc. Malware management through kernel detection
CN100485700C (zh) 2006-08-11 2009-05-06 珠海金山软件股份有限公司 一种可对文件实时监控的防治计算机病毒的装置及其升级方法
US9111088B2 (en) 2006-08-14 2015-08-18 Quantum Security, Inc. Policy-based physical security system for restricting access to computer resources and data flow through network equipment
JP5112787B2 (ja) 2006-09-01 2013-01-09 株式会社リコー 情報処理装置、プログラム更新方法及びプログラム
US8321677B2 (en) 2006-09-21 2012-11-27 Google Inc. Pre-binding and tight binding of an on-line identity to a digital signature
US20080162589A1 (en) 2006-12-29 2008-07-03 Microsoft Corporation Weakly-consistent distributed collection compromised replica recovery
US7765374B2 (en) * 2007-01-25 2010-07-27 Microsoft Corporation Protecting operating-system resources
US8181264B2 (en) 2007-02-07 2012-05-15 Apple Inc. Method and apparatus for deferred security analysis
US8578477B1 (en) 2007-03-28 2013-11-05 Trend Micro Incorporated Secure computer system integrity check
US8565799B2 (en) 2007-04-04 2013-10-22 Qualcomm Incorporated Methods and apparatus for flow data acquisition in a multi-frequency network
US7908656B1 (en) 2007-04-23 2011-03-15 Network Appliance, Inc. Customized data generating data storage system filter for data security
US8918717B2 (en) 2007-05-07 2014-12-23 International Business Machines Corporation Method and sytem for providing collaborative tag sets to assist in the use and navigation of a folksonomy
US20080301669A1 (en) 2007-05-30 2008-12-04 Google Inc. Dynamically Self-Updating by a Software Application on a Device
WO2008151321A2 (fr) * 2007-06-08 2008-12-11 The Trustees Of Columbia University In The City Of New York Systèmes, procédés, et supports pour la mise en œuvre d'une règle de sécurité dans un réseau comportant une pluralité de composants
JP4931711B2 (ja) 2007-07-02 2012-05-16 日本電信電話株式会社 カーネル更新方法、情報処理装置、プログラムおよび記憶媒体
US8099740B1 (en) 2007-08-17 2012-01-17 Mcafee, Inc. System, method, and computer program product for terminating a hidden kernel process
US8065728B2 (en) * 2007-09-10 2011-11-22 Wisconsin Alumni Research Foundation Malware prevention system monitoring kernel events
US20090094039A1 (en) 2007-10-04 2009-04-09 Zhura Corporation Collaborative production of rich media content
US8255926B2 (en) 2007-11-06 2012-08-28 International Business Machines Corporation Virus notification based on social groups
US8220041B2 (en) 2007-12-13 2012-07-10 Trend Micro Incorporated Method and system for protecting a computer system during boot operation
EP2235629B1 (fr) 2008-01-25 2019-07-31 Citrix Systems, Inc. Procédé et systèmes de fourniture d'un disque virtuel à des machines virtuelle et physique sans disque
RU2490814C2 (ru) 2008-02-11 2013-08-20 Долби Лэборетериз Лайсенсинг Корпорейшн Система динамической dns для частных сетей
US20090216806A1 (en) 2008-02-24 2009-08-27 Allofme Ltd. Digital assets internet timeline aggregation and sharing platform
JP2009238153A (ja) * 2008-03-28 2009-10-15 Nec Corp マルウェア対処システム、方法及びプログラム
US7890664B1 (en) 2008-03-31 2011-02-15 Emc Corporation Methods and apparatus for non-disruptive upgrade by redirecting I/O operations
US8806630B2 (en) * 2008-05-13 2014-08-12 At&T Intellectual Property, I, L.P. Methods and apparatus for intrusion protection in systems that monitor for improper network usage
US8413261B2 (en) 2008-05-30 2013-04-02 Red Hat, Inc. Sharing private data publicly and anonymously
US20090307140A1 (en) 2008-06-06 2009-12-10 Upendra Mardikar Mobile device over-the-air (ota) registration and point-of-sale (pos) payment
US8631488B2 (en) 2008-08-04 2014-01-14 Cupp Computing As Systems and methods for providing security services during power management mode
GB0815587D0 (en) 2008-08-27 2008-10-01 Applied Neural Technologies Ltd Computer/network security application
US8401195B2 (en) 2008-09-22 2013-03-19 Motorola Solutions, Inc. Method of automatically populating a list of managed secure communications group members
WO2010059864A1 (fr) 2008-11-19 2010-05-27 Yoggie Security Systems Ltd. Systèmes et procédés pour fournir une surveillance d'accès en temps réel d'un dispositif multimédia amovible
US8234693B2 (en) 2008-12-05 2012-07-31 Raytheon Company Secure document management
KR20100078081A (ko) * 2008-12-30 2010-07-08 (주) 세인트 시큐리티 커널 기반 시스템 행위 분석을 통한 알려지지 않은 악성코드 탐지 시스템 및 방법
KR101021708B1 (ko) 2009-01-20 2011-03-15 성균관대학교산학협력단 그룹키 분배 방법 및 이를 위한 서버 및 클라이언트
JP2010182019A (ja) * 2009-02-04 2010-08-19 Kddi Corp 異常検知装置およびプログラム
EP2406749B1 (fr) 2009-03-13 2018-06-13 Assa Abloy Ab Dispositif de transfert pour élément sensible tel qu'une clé cryptographique
US8533830B1 (en) 2009-03-31 2013-09-10 Mcafee, Inc. System, method, and computer program product for mounting an image of a computer system in a pre-boot environment for validating the computer system
US20110010522A1 (en) 2009-06-12 2011-01-13 Cray Inc. Multiprocessor communication protocol bridge between scalar and vector compute nodes
US8776218B2 (en) * 2009-07-21 2014-07-08 Sophos Limited Behavioral-based host intrusion prevention system
US8607340B2 (en) * 2009-07-21 2013-12-10 Sophos Limited Host intrusion prevention system using software and user behavior analysis
US8589904B2 (en) 2009-08-10 2013-11-19 Symantec Corporation Systems and methods for updating a software product
US8572740B2 (en) * 2009-10-01 2013-10-29 Kaspersky Lab, Zao Method and system for detection of previously unknown malware
US8429429B1 (en) 2009-10-23 2013-04-23 Secure Vector, Inc. Computer security system and method
US8510569B2 (en) 2009-12-16 2013-08-13 Intel Corporation Providing integrity verification and attestation in a hidden execution environment
KR101038048B1 (ko) 2009-12-21 2011-06-01 한국인터넷진흥원 봇넷 악성행위 실시간 분석 시스템
US8528091B2 (en) * 2009-12-31 2013-09-03 The Trustees Of Columbia University In The City Of New York Methods, systems, and media for detecting covert malware
US8621628B2 (en) * 2010-02-25 2013-12-31 Microsoft Corporation Protecting user mode processes from improper tampering or termination
US9384112B2 (en) 2010-07-01 2016-07-05 Logrhythm, Inc. Log collection, structuring and processing
KR101329847B1 (ko) 2010-07-26 2013-11-14 주식회사 팬택 인체통신을 이용한 소셜 네트워크 서비스를 제공하는 휴대용 단말기 및 그 방법
US8539584B2 (en) * 2010-08-30 2013-09-17 International Business Machines Corporation Rootkit monitoring agent built into an operating system kernel
KR101174751B1 (ko) 2010-09-27 2012-08-17 한국인터넷진흥원 커널 콜백 매커니즘을 이용한 악성코드 자동 분석 방법
US8776227B1 (en) * 2010-10-21 2014-07-08 Symantec Corporation User interface based malware detection
KR20120072266A (ko) 2010-12-23 2012-07-03 한국전자통신연구원 전역 네트워크 보안상황 제어 장치 및 방법
US8762298B1 (en) 2011-01-05 2014-06-24 Narus, Inc. Machine learning based botnet detection using real-time connectivity graph based traffic features
EP2487860B1 (fr) 2011-02-10 2013-09-25 Telefónica, S.A. Procédé et système pour améliorer la détection de menaces de sécurité dans des réseaux de communication
US20120246297A1 (en) 2011-03-25 2012-09-27 Vijaya Shanker Agent based monitoring for saas it service management
CN103620613B (zh) 2011-03-28 2018-06-12 迈克菲股份有限公司 用于基于虚拟机监视器的反恶意软件安全的系统和方法
US8549648B2 (en) 2011-03-29 2013-10-01 Mcafee, Inc. Systems and methods for identifying hidden processes
US8813227B2 (en) 2011-03-29 2014-08-19 Mcafee, Inc. System and method for below-operating system regulation and control of self-modifying code
US9038176B2 (en) 2011-03-31 2015-05-19 Mcafee, Inc. System and method for below-operating system trapping and securing loading of code into memory
US8966629B2 (en) 2011-03-31 2015-02-24 Mcafee, Inc. System and method for below-operating system trapping of driver loading and unloading
US8739281B2 (en) * 2011-12-06 2014-05-27 At&T Intellectual Property I, L.P. Multilayered deception for intrusion detection and prevention
US8789034B1 (en) 2011-12-31 2014-07-22 Parallels IP Holdings GmbH Method for updating operating system without memory reset
CA2773095C (fr) 2012-03-27 2014-12-02 Yin Sheng Zhang Ordinateur avec systeme d'exploitation souple
US9081960B2 (en) * 2012-04-27 2015-07-14 Ut-Battelle, Llc Architecture for removable media USB-ARM
IL219597A0 (en) 2012-05-03 2012-10-31 Syndrome X Ltd Malicious threat detection, malicious threat prevention, and a learning systems and methods for malicious threat detection and prevention
US8997201B2 (en) 2012-05-14 2015-03-31 Cisco Technology, Inc. Integrity monitoring to detect changes at network device for use in secure network access
US9317687B2 (en) * 2012-05-21 2016-04-19 Mcafee, Inc. Identifying rootkits based on access permissions
US20130312099A1 (en) 2012-05-21 2013-11-21 Mcafee, Inc. Realtime Kernel Object Table and Type Protection
US9043903B2 (en) 2012-06-08 2015-05-26 Crowdstrike, Inc. Kernel-level security agent
US9292881B2 (en) 2012-06-29 2016-03-22 Crowdstrike, Inc. Social sharing of security information in a group
US9158914B2 (en) 2013-04-19 2015-10-13 Crowdstrike, Inc. Executable component injection utilizing hotpatch mechanisms
US9716589B2 (en) 2013-04-22 2017-07-25 Unisys Corporation Secured communications arrangement applying internet protocol security
US9225739B2 (en) 2013-06-26 2015-12-29 Microsoft Technology Licensing, Llc Providing user-specific malware assessment based on social interactions
US9197654B2 (en) 2013-06-28 2015-11-24 Mcafee, Inc. Rootkit detection by using HW resources to detect inconsistencies in network traffic
US9477835B2 (en) 2013-10-08 2016-10-25 Crowdstrike, Inc. Event model for correlating system component states
US20150128206A1 (en) 2013-11-04 2015-05-07 Trusteer Ltd. Early Filtering of Events Using a Kernel-Based Filter
US9170803B2 (en) 2013-12-19 2015-10-27 Novell, Inc. Runtime patching of an operating system (OS) without stopping execution
KR101554633B1 (ko) 2014-03-04 2015-09-21 한국전자통신연구원 악성 코드 검출 장치 및 그 방법
US10289405B2 (en) 2014-03-20 2019-05-14 Crowdstrike, Inc. Integrity assurance and rebootless updating during runtime
US9798882B2 (en) 2014-06-06 2017-10-24 Crowdstrike, Inc. Real-time model of states of monitored devices
US10339316B2 (en) 2015-07-28 2019-07-02 Crowdstrike, Inc. Integrity assurance through early loading in the boot phase
US10033536B2 (en) 2016-03-25 2018-07-24 Credly, Inc. Generation, management, and tracking of digital credentials
JP6786960B2 (ja) * 2016-08-26 2020-11-18 富士通株式会社 サイバー攻撃分析支援プログラム、サイバー攻撃分析支援方法およびサイバー攻撃分析支援装置
US10387228B2 (en) 2017-02-21 2019-08-20 Crowdstrike, Inc. Symmetric bridge component for communications between kernel mode and user mode
US10503904B1 (en) 2017-06-29 2019-12-10 Fireeye, Inc. Ransomware detection and mitigation
KR101921052B1 (ko) * 2017-11-15 2018-11-22 한국인터넷진흥원 바이너리에 대한 보안 취약점 및 그 원인 위치의 식별 방법 및 그 장치
US10740459B2 (en) 2017-12-28 2020-08-11 Crowdstrike, Inc. Kernel- and user-level cooperative security processing
US11200317B2 (en) * 2018-07-22 2021-12-14 Minerva Labs Ltd. Systems and methods for protecting a computing device against malicious code

Also Published As

Publication number Publication date
US20140109226A1 (en) 2014-04-17
US9571453B2 (en) 2017-02-14
CA2872786A1 (fr) 2013-12-12
EP3654218B1 (fr) 2024-04-03
US10853491B2 (en) 2020-12-01
BR112014030746A2 (pt) 2017-06-27
US10002250B2 (en) 2018-06-19
JP2015522874A (ja) 2015-08-06
US20170109530A1 (en) 2017-04-20
JP6212548B2 (ja) 2017-10-11
EP4404508A2 (fr) 2024-07-24
EP3654218A2 (fr) 2020-05-20
EP2859493A4 (fr) 2016-03-16
WO2013184281A1 (fr) 2013-12-12
AU2013272198A1 (en) 2014-11-27
EP2859493A1 (fr) 2015-04-15
SG11201407292QA (en) 2014-12-30
IL235905B (en) 2018-02-28
US20130333040A1 (en) 2013-12-12
EP3654218A3 (fr) 2020-08-05
EP2859493B1 (fr) 2020-01-08
IL235905A0 (en) 2015-01-29
US20150244679A1 (en) 2015-08-27
US20170213031A1 (en) 2017-07-27
US9621515B2 (en) 2017-04-11
US20190138723A1 (en) 2019-05-09
EP4404508A3 (fr) 2024-10-16
US9904784B2 (en) 2018-02-27
US9043903B2 (en) 2015-05-26
JP2017216018A (ja) 2017-12-07

Similar Documents

Publication Publication Date Title
IN2014DN09583A (fr)
WO2016028067A3 (fr) Système et procédé permettant de détecter un programme malveillant par visualisation
WO2014007947A3 (fr) Création d'évènements pour un groupe social
WO2011109766A3 (fr) Filtrage de paramètre d'entrée pour sécurité d'application web
MX2015016699A (es) Sistema y metodos de control y monitoreo de un dispositivo de campo.
GB201208529D0 (en) Foiling a document exploit attack
WO2013164821A3 (fr) Détection et prévention de menaces malveillantes, système d'apprentissage et procédés de détection et de prévention de menaces malveillantes
WO2012170709A3 (fr) Système et procédé de surveillance de partition virtuelle
WO2013040496A3 (fr) Systèmes et procédés pour une protection personnalisée en temps réel contre des menaces
WO2012109633A3 (fr) Plateforme de gestion de contre-mesures de sécurité
WO2012174420A3 (fr) Détection et réponse à des événements sentinelle
GB201210533D0 (en) A method of processing geological log data
GB201100039D0 (en) Server, user device and malware detection method thereof
MX2013010682A (es) Analisis de manejo de servicios con datos de redes sociales.
GB2512514A (en) User interface displaying filtered information
FR2988610B1 (fr) Progestatif co-micronise avec un polymere portant le groupe pyrrolidone, composition et utilisations
WO2014159148A3 (fr) Vues de rappel conçues pour faciliter des rappels provisoires
WO2013135494A3 (fr) Appareil lithographique
GB2535380A (en) Well alarms and event detection
MX357172B (es) Método, dispositivo y terminal de pantalla táctil para procesar llamadas entrantes al manejar.
WO2014166303A3 (fr) Utilisation de signature multi-omique pour prédire un diabète
AU2012101375A4 (en) FutureNetID
GB201319322D0 (en) Facilitating processing in a communications environment using stop signaling
WO2013098619A9 (fr) Système et procédé de localisation et de notification de défaut et d'alarme de manipulation associée
EP2492881A3 (fr) Système et méthode de protection anti-vol/alarme