JP2011523482A - ネットワーク照会を利用した最適定義配信による集中型スキャナデータベース - Google Patents
ネットワーク照会を利用した最適定義配信による集中型スキャナデータベース Download PDFInfo
- Publication number
- JP2011523482A JP2011523482A JP2011510688A JP2011510688A JP2011523482A JP 2011523482 A JP2011523482 A JP 2011523482A JP 2011510688 A JP2011510688 A JP 2011510688A JP 2011510688 A JP2011510688 A JP 2011510688A JP 2011523482 A JP2011523482 A JP 2011523482A
- Authority
- JP
- Japan
- Prior art keywords
- malware
- definitions
- filter
- input file
- definition
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 claims abstract description 27
- 238000001514 detection method Methods 0.000 claims abstract description 23
- 230000008569 process Effects 0.000 claims abstract description 6
- 238000004590 computer program Methods 0.000 claims description 18
- 230000004044 response Effects 0.000 claims description 7
- 230000002155 anti-virotic effect Effects 0.000 description 10
- 238000012545 processing Methods 0.000 description 8
- 238000010586 diagram Methods 0.000 description 7
- 230000006870 function Effects 0.000 description 6
- 238000012502 risk assessment Methods 0.000 description 5
- 238000013459 approach Methods 0.000 description 4
- 238000004891 communication Methods 0.000 description 4
- 238000012546 transfer Methods 0.000 description 4
- 241000700605 Viruses Species 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000001914 filtration Methods 0.000 description 2
- ZXQYGBMAQZUVMI-GCMPRSNUSA-N gamma-cyhalothrin Chemical compound CC1(C)[C@@H](\C=C(/Cl)C(F)(F)F)[C@H]1C(=O)O[C@H](C#N)C1=CC=CC(OC=2C=CC=CC=2)=C1 ZXQYGBMAQZUVMI-GCMPRSNUSA-N 0.000 description 2
- 230000004913 activation Effects 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000007796 conventional method Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000011156 evaluation Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000011867 re-evaluation Methods 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/564—Static detection by virus signature recognition
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Health & Medical Sciences (AREA)
- Virology (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer And Data Communications (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Description
Claims (20)
- マルウェアを検知するためのコンピュータ実施方法であって、
入力ファイルが一組の既知マルウェア定義内のマルウェア定義のものと一致する特性を有するかどうかを検知するために入力ファイルにフィルタを適用する工程と、
フィルタを適用する工程に基づくマルウェア定義のものと一致する特性を有する入力ファイルに応答して、マルウェア定義を使用して入力ファイルをスキャンする工程と、
スキャン工程に基づき入力ファイルがマルウェアを含むかどうかを判断する工程と
を含む方法。 - フィルタを適用する工程に基づくマルウェア定義のものと一致する特性を有する入力ファイルに応答して、マルウェア定義がローカルに格納されているかどうかを判断する工程と、
ローカルに格納されていないマルウェア定義に応答して、マルウェア定義を取得するために中央サーバに照会する工程と
をさらに含む、請求項1に記載の方法。 - 一組の既知のマルウェア定義から既知のマルウェア定義のサブセットをクライアント装置により受信する工程と、
一組の既知のマルウェア定義からの複数のマルウェア定義に基づくフィルタを受信する工程と、
クライアント装置においてフィルタと既知のマルウェア定義のサブセットとをローカルに格納する工程と
をさらに含む、請求項1に記載の方法。 - ローカルに格納するために受信された既知のマルウェア定義のサブセットは、クライアント装置により最も検知される可能性が高いマルウェアのマルウェア定義を含む、請求項3に記載の方法。
- 中央サーバから、更新された一組の既知のマルウェアに基づき生成された更新フィルタを含む更新を受信する工程をさらに含む、請求項1に記載の方法。
- フィルタは、入力ファイルに対しハッシュ関数を計算するようにされたBloomフィルタを含み、
ハッシュ関数の出力は、入力ファイルが一組の既知のマルウェア定義のいずれかと一致する特性を有するかどうかを示す、請求項1に記載の方法。 - 入力ファイルにBloomフィルタを適用する工程は、マルウェアの誤陽性検出を生ずる可能性があるが、誤陰性検出を生ずることができない、請求項6に記載の方法。
- フィルタは、
各マルウェア定義毎にハッシュ関数を計算する工程と、
ハッシュ関数の出力に基づきフィルタを定義する工程と、
に従って生成される、請求項1に記載の方法。 - マルウェアを検知するためのコンピュータプログラム製品であって、
入力ファイルが一組の既知のマルウェア定義内のマルウェア定義のものと一致する特性を有するかどうかを検知するために入力ファイルにフィルタを適用し、
フィルタを適用する工程に基づくマルウェア定義のものと一致する特性を有する入力ファイルに応答して、マルウェア定義を使用して入力ファイルをスキャンし、そして
スキャン工程に基づき入力ファイルがマルウェアを含むかどうかを判断する
ためのコンピュータプログラムコードを含むコンピュータ可読記憶媒体を含む、コンピュータプログラム製品。 - コンピュータ可読記憶媒体はさらに、
フィルタを適用する工程に基づくマルウェア定義のものと一致する特性を有する入力ファイルに応答して、マルウェア定義がローカルに格納されるかどうかを判断し、そして
ローカルに格納されていないマルウェア定義に応答して、マルウェア定義を取得するために中央サーバに照会する
ためのコンピュータプログラムコードを含む、請求項9に記載のコンピュータプログラム製品。 - コンピュータ可読記憶媒体はさらに、
一組の既知のマルウェア定義から既知のマルウェア定義のサブセットをクライアント装置により受信し、
一組の既知のマルウェア定義内の複数のマルウェア定義に基づくフィルタを受信し、そして
クライアント装置においてフィルタと既知のマルウェア定義のサブセットとをローカルに格納する
ためのコンピュータプログラムコードを含む、請求項9に記載のコンピュータプログラム製品。 - ローカルに格納するために受信された既知のマルウェア定義のサブセットはクライアント装置により最も検知される可能性が高いマルウェアのマルウェア定義を含む、請求項11に記載のコンピュータプログラム製品。
- コンピュータ可読記憶媒体はさらに、
更新された一組の既知のマルウェアに基づき生成された更新フィルタを含む、中央サーバからの更新を受信する
ためのコンピュータプログラムコードを含む、請求項9に記載のコンピュータプログラム製品。 - フィルタは入力ファイルに対するハッシュ関数を計算するようにされたBloomフィルタを含み、
ハッシュ関数の出力は入力ファイルが一組の既知のマルウェア定義のいずれかと一致する特性を有するかどうかを示す、請求項9に記載のコンピュータプログラム製品。 - 入力ファイルにBloomフィルタを適用する工程は、マルウェアの誤陽性検出を生ずる可能性があるが、誤陰性検出を生ずることができない、請求項14に記載のコンピュータプログラム製品。
- フィルタは、
各マルウェア定義毎のハッシュ関数を計算する工程と、
ハッシュ関数の出力に基づきフィルタを定義する工程と
に従って生成される、請求項9に記載のコンピュータプログラム製品。 - クライアント装置にマルウェア定義を配信する方法であって、
一組の既知のマルウェア定義から、入力ファイルが一組の既知のマルウェア定義のものと一致する特性を有するかどうかを検知するフィルタを生成する工程と、
クライアント装置にフィルタを配信する工程と、
フィルタを生成するために使用される一組の既知のマルウェア定義からマルウェア定義のサブセットをフィルタと共にクライアント装置に配信する工程と
を含む方法。 - クライアントに配信された既知のマルウェア定義のサブセット内に存在しない定義についてのクライアント装置からの照会を受信する工程と、
照会に応答して、照会された定義をクライアント装置に送信する工程と
をさらに含む、請求項17に記載の方法。 - クライアント装置に配信すべき既知のマルウェア定義のサブセットであって、クライアント装置により検知される可能性が最も高いマルウェア定義を含むサブセットを判断するために一組の既知のマルウェア定義を評価する工程をさらに含む、請求項17に記載の方法。
- クライアント装置からのマルウェア定義の照会の頻度に基づきクライアント装置に配信すべき既知のマルウェア定義のサブセットを更新する工程、をさらに含む、請求項17に記載の方法。
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US12/124,458 | 2008-05-21 | ||
US12/124,458 US8214977B2 (en) | 2008-05-21 | 2008-05-21 | Centralized scanner database with optimal definition distribution using network queries |
PCT/US2009/044713 WO2009143272A1 (en) | 2008-05-21 | 2009-05-20 | Centralized scanner database with optimal definition distribution using network queries |
Publications (3)
Publication Number | Publication Date |
---|---|
JP2011523482A true JP2011523482A (ja) | 2011-08-11 |
JP2011523482A5 JP2011523482A5 (ja) | 2012-07-05 |
JP5483033B2 JP5483033B2 (ja) | 2014-05-07 |
Family
ID=41009783
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2011510688A Expired - Fee Related JP5483033B2 (ja) | 2008-05-21 | 2009-05-20 | ネットワーク照会を利用した最適定義配信による集中型スキャナデータベース |
Country Status (5)
Country | Link |
---|---|
US (1) | US8214977B2 (ja) |
EP (1) | EP2286364A1 (ja) |
JP (1) | JP5483033B2 (ja) |
CN (1) | CN102037471B (ja) |
WO (1) | WO2009143272A1 (ja) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20150106937A (ko) * | 2013-03-14 | 2015-09-22 | 인텔 코포레이션 | 보안 운영 체제 환경으로의 콘텍스트 기반 전환 |
JP2015535115A (ja) * | 2012-11-20 | 2015-12-07 | シマンテック コーポレーションSymantec Corporation | マルウェア定義パッケージサイズを縮小するためのテレメトリの使用 |
Families Citing this family (74)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2006101549A2 (en) | 2004-12-03 | 2006-09-28 | Whitecell Software, Inc. | Secure system for allowing the execution of authorized computer program code |
US8312537B1 (en) * | 2008-03-28 | 2012-11-13 | Symantec Corporation | Reputation based identification of false positive malware detections |
US20100077482A1 (en) * | 2008-09-23 | 2010-03-25 | Robert Edward Adams | Method and system for scanning electronic data for predetermined data patterns |
US9043919B2 (en) | 2008-10-21 | 2015-05-26 | Lookout, Inc. | Crawling multiple markets and correlating |
US9235704B2 (en) | 2008-10-21 | 2016-01-12 | Lookout, Inc. | System and method for a scanning API |
US8984628B2 (en) | 2008-10-21 | 2015-03-17 | Lookout, Inc. | System and method for adverse mobile application identification |
US8347386B2 (en) * | 2008-10-21 | 2013-01-01 | Lookout, Inc. | System and method for server-coupled malware prevention |
US8087067B2 (en) | 2008-10-21 | 2011-12-27 | Lookout, Inc. | Secure mobile platform system |
US8051480B2 (en) | 2008-10-21 | 2011-11-01 | Lookout, Inc. | System and method for monitoring and analyzing multiple interfaces and multiple protocols |
US8108933B2 (en) * | 2008-10-21 | 2012-01-31 | Lookout, Inc. | System and method for attack and malware prevention |
US9367680B2 (en) | 2008-10-21 | 2016-06-14 | Lookout, Inc. | System and method for mobile communication device application advisement |
US8060936B2 (en) | 2008-10-21 | 2011-11-15 | Lookout, Inc. | Security status and information display system |
US9781148B2 (en) | 2008-10-21 | 2017-10-03 | Lookout, Inc. | Methods and systems for sharing risk responses between collections of mobile communications devices |
US8533844B2 (en) | 2008-10-21 | 2013-09-10 | Lookout, Inc. | System and method for security data collection and analysis |
US7861004B2 (en) * | 2008-12-04 | 2010-12-28 | At&T Intellectual Property I, Lp | System and method for analyzing data traffic |
US8813222B1 (en) * | 2009-01-21 | 2014-08-19 | Bitdefender IPR Management Ltd. | Collaborative malware scanning |
US9042876B2 (en) | 2009-02-17 | 2015-05-26 | Lookout, Inc. | System and method for uploading location information based on device movement |
US8467768B2 (en) | 2009-02-17 | 2013-06-18 | Lookout, Inc. | System and method for remotely securing or recovering a mobile device |
US8855601B2 (en) | 2009-02-17 | 2014-10-07 | Lookout, Inc. | System and method for remotely-initiated audio communication |
US9955352B2 (en) | 2009-02-17 | 2018-04-24 | Lookout, Inc. | Methods and systems for addressing mobile communications devices that are lost or stolen but not yet reported as such |
US8538815B2 (en) | 2009-02-17 | 2013-09-17 | Lookout, Inc. | System and method for mobile device replacement |
US9208315B2 (en) * | 2009-03-17 | 2015-12-08 | Microsoft Corporation | Identification of telemetry data |
US8285617B1 (en) * | 2009-06-15 | 2012-10-09 | Richard A Ross | Pub/Sub engine for automated processing of FIX messages |
US8306988B1 (en) * | 2009-10-26 | 2012-11-06 | Mcafee, Inc. | System, method, and computer program product for segmenting a database based, at least in part, on a prevalence associated with known objects included in the database |
US8397301B2 (en) | 2009-11-18 | 2013-03-12 | Lookout, Inc. | System and method for identifying and assessing vulnerabilities on a mobile communication device |
WO2011142027A1 (ja) | 2010-05-14 | 2011-11-17 | トヨタ自動車株式会社 | イソプロパノールの製造方法及びイソプロパノール生産能を有する組換え酵母 |
US9392005B2 (en) * | 2010-05-27 | 2016-07-12 | Samsung Sds Co., Ltd. | System and method for matching pattern |
KR101274348B1 (ko) * | 2010-06-21 | 2013-07-30 | 삼성에스디에스 주식회사 | 안티멀웨어 디바이스, 서버 및 멀웨어 패턴 매칭 방법 |
BR112013004345B1 (pt) * | 2010-08-25 | 2020-12-08 | Lookout, Inc. | sistema e método para evitar malware acoplado a um servidor |
RU2449348C1 (ru) * | 2010-11-01 | 2012-04-27 | Закрытое акционерное общество "Лаборатория Касперского" | Система и способ для антивирусной проверки на стороне сервера скачиваемых из сети данных |
WO2012105883A1 (en) * | 2011-02-04 | 2012-08-09 | Telefonaktiebolaget L M Ericsson (Publ) | Method for malicious attacks monitoring |
US10275526B2 (en) * | 2011-06-14 | 2019-04-30 | Sickweather Inc. | Social networking aggregator to track illnesses |
US8738765B2 (en) | 2011-06-14 | 2014-05-27 | Lookout, Inc. | Mobile device DNS optimization |
US8788881B2 (en) | 2011-08-17 | 2014-07-22 | Lookout, Inc. | System and method for mobile device push communications |
KR101908944B1 (ko) * | 2011-12-13 | 2018-10-18 | 삼성전자주식회사 | 데이터 분석 시스템에서 맬웨어를 분석하기 위한 장치 및 방법 |
US9589129B2 (en) | 2012-06-05 | 2017-03-07 | Lookout, Inc. | Determining source of side-loaded software |
US9407443B2 (en) | 2012-06-05 | 2016-08-02 | Lookout, Inc. | Component analysis of software applications on computing devices |
CN102694820B (zh) * | 2012-06-13 | 2015-01-21 | 华为技术有限公司 | 签名规则的处理方法、服务器及入侵防御系统 |
US9003529B2 (en) * | 2012-08-29 | 2015-04-07 | The Johns Hopkins University | Apparatus and method for identifying related code variants in binaries |
US9111095B2 (en) | 2012-08-29 | 2015-08-18 | The Johns Hopkins University | Apparatus and method for identifying similarity via dynamic decimation of token sequence n-grams |
US9767280B2 (en) * | 2012-10-09 | 2017-09-19 | Canon Denshi Kabushiki Kaisha | Information processing apparatus, method of controlling the same, information processing system, and information processing method |
US8655307B1 (en) | 2012-10-26 | 2014-02-18 | Lookout, Inc. | System and method for developing, updating, and using user device behavioral context models to modify user, device, and application state, settings and behavior for enhanced user security |
US9560069B1 (en) * | 2012-12-02 | 2017-01-31 | Symantec Corporation | Method and system for protection of messages in an electronic messaging system |
US9208215B2 (en) | 2012-12-27 | 2015-12-08 | Lookout, Inc. | User classification based on data gathered from a computing device |
US9374369B2 (en) | 2012-12-28 | 2016-06-21 | Lookout, Inc. | Multi-factor authentication and comprehensive login system for client-server networks |
CN103093148A (zh) * | 2012-12-28 | 2013-05-08 | 广东欧珀移动通信有限公司 | 一种恶意广告的检测方法、系统及设备 |
US8855599B2 (en) | 2012-12-31 | 2014-10-07 | Lookout, Inc. | Method and apparatus for auxiliary communications with mobile communications device |
US9424409B2 (en) | 2013-01-10 | 2016-08-23 | Lookout, Inc. | Method and system for protecting privacy and enhancing security on an electronic device |
US10649970B1 (en) | 2013-03-14 | 2020-05-12 | Invincea, Inc. | Methods and apparatus for detection of functionality |
US9251261B2 (en) * | 2013-09-30 | 2016-02-02 | Symantec Corporation | Method and system for metadata driven testing of malware signatures |
US8863284B1 (en) | 2013-10-10 | 2014-10-14 | Kaspersky Lab Zao | System and method for determining a security status of potentially malicious files |
US8739287B1 (en) * | 2013-10-10 | 2014-05-27 | Kaspersky Lab Zao | Determining a security status of potentially malicious files |
US9642008B2 (en) | 2013-10-25 | 2017-05-02 | Lookout, Inc. | System and method for creating and assigning a policy for a mobile communications device based on personal data |
US10122747B2 (en) | 2013-12-06 | 2018-11-06 | Lookout, Inc. | Response generation after distributed monitoring and evaluation of multiple devices |
US9753796B2 (en) | 2013-12-06 | 2017-09-05 | Lookout, Inc. | Distributed monitoring, evaluation, and response for multiple devices |
US9117081B2 (en) | 2013-12-20 | 2015-08-25 | Bitdefender IPR Management Ltd. | Strongly isolated malware scanning using secure virtual containers |
US9940459B1 (en) | 2014-05-19 | 2018-04-10 | Invincea, Inc. | Methods and devices for detection of malware |
CN104217164B (zh) * | 2014-09-11 | 2018-02-02 | 工业和信息化部电子第五研究所 | 智能移动终端恶意软件的检测方法与装置 |
US9584541B1 (en) * | 2015-02-12 | 2017-02-28 | Lookingglass Cyber Solutions, Inc. | Cyber threat identification and analytics apparatuses, methods and systems |
AU2016258533B2 (en) | 2015-05-01 | 2017-11-30 | Lookout, Inc. | Determining source of side-loaded software |
US9690938B1 (en) | 2015-08-05 | 2017-06-27 | Invincea, Inc. | Methods and apparatus for machine learning based malware detection |
CN105302851B (zh) * | 2015-09-10 | 2018-12-21 | 国家计算机网络与信息安全管理中心 | 一种基于文件序列化的自动机远程分发和初始化方法 |
US10200391B2 (en) * | 2015-09-23 | 2019-02-05 | AVAST Software s.r.o. | Detection of malware in derived pattern space |
US9424012B1 (en) | 2016-01-04 | 2016-08-23 | International Business Machines Corporation | Programmable code fingerprint |
US9552278B1 (en) * | 2016-01-04 | 2017-01-24 | International Business Machines Corporation | Configurable code fingerprint |
US10320821B2 (en) * | 2016-05-10 | 2019-06-11 | Allstate Insurance Company | Digital safety and account discovery |
US10419455B2 (en) | 2016-05-10 | 2019-09-17 | Allstate Insurance Company | Cyber-security presence monitoring and assessment |
US9906541B2 (en) * | 2016-05-10 | 2018-02-27 | Allstate Insurance Company | Digital safety and account discovery |
AU2017281232B2 (en) | 2016-06-22 | 2020-02-13 | Invincea, Inc. | Methods and apparatus for detecting whether a string of characters represents malicious activity using machine learning |
US10972495B2 (en) | 2016-08-02 | 2021-04-06 | Invincea, Inc. | Methods and apparatus for detecting and identifying malware by mapping feature data into a semantic space |
US10291633B1 (en) | 2016-10-18 | 2019-05-14 | The United States Of America As Represented By The Secretary Of The Army | Bandwidth conserving signature deployment with signature set and network security |
US10218697B2 (en) | 2017-06-09 | 2019-02-26 | Lookout, Inc. | Use of device risk evaluation to manage access to services |
CN113051568A (zh) * | 2021-03-29 | 2021-06-29 | 深信服科技股份有限公司 | 一种病毒检测方法、装置、电子设备及存储介质 |
CN113051567A (zh) * | 2021-03-29 | 2021-06-29 | 深信服科技股份有限公司 | 一种病毒检测方法、装置、电子设备及存储介质 |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5960170A (en) * | 1997-03-18 | 1999-09-28 | Trend Micro, Inc. | Event triggered iterative virus detection |
JP2004120082A (ja) * | 2002-09-24 | 2004-04-15 | Yuji Atsui | 電子メール中継システム、方法及びプログラム並びにウィルス検知システム、方法及びプログラム |
JP2004139177A (ja) * | 2002-10-15 | 2004-05-13 | Sony Corp | 情報検査方法及び装置、並びにプログラム |
US20050086520A1 (en) * | 2003-08-14 | 2005-04-21 | Sarang Dharmapurikar | Method and apparatus for detecting predefined signatures in packet payload using bloom filters |
US20070240218A1 (en) * | 2006-04-06 | 2007-10-11 | George Tuvell | Malware Detection System and Method for Mobile Platforms |
Family Cites Families (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6347375B1 (en) * | 1998-07-08 | 2002-02-12 | Ontrack Data International, Inc | Apparatus and method for remote virus diagnosis and repair |
US6976271B1 (en) * | 2000-01-06 | 2005-12-13 | International Business Machines Corporation | Method and system for retrieving an anti-virus signature from one or a plurality of virus-free certificate authorities |
US20040073617A1 (en) * | 2000-06-19 | 2004-04-15 | Milliken Walter Clark | Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail |
US6886099B1 (en) * | 2000-09-12 | 2005-04-26 | Networks Associates Technology, Inc. | Computer virus detection |
US7401359B2 (en) * | 2001-12-21 | 2008-07-15 | Mcafee, Inc. | Generating malware definition data for mobile computing devices |
US7849063B2 (en) * | 2003-10-17 | 2010-12-07 | Yahoo! Inc. | Systems and methods for indexing content for fast and scalable retrieval |
US20060191008A1 (en) * | 2004-11-30 | 2006-08-24 | Sensory Networks Inc. | Apparatus and method for accelerating intrusion detection and prevention systems using pre-filtering |
BRPI0520723B1 (pt) * | 2005-11-30 | 2019-04-30 | Telecom Italia S.P.A | Método para verificar automaticamente atualizações de um aplicativo de software, terminal de comunicações sem fio adaptado para ser usado em uma rede de comunicações sem fio, e, rede de comunicações sem fio |
US7523502B1 (en) * | 2006-09-21 | 2009-04-21 | Symantec Corporation | Distributed anti-malware |
US7912808B2 (en) * | 2006-12-08 | 2011-03-22 | Pandya Ashish A | 100Gbps security and search architecture using programmable intelligent search memory that uses a power down mode |
US20080155264A1 (en) * | 2006-12-20 | 2008-06-26 | Ross Brown | Anti-virus signature footprint |
US8689330B2 (en) * | 2007-09-05 | 2014-04-01 | Yahoo! Inc. | Instant messaging malware protection |
US8171554B2 (en) * | 2008-02-04 | 2012-05-01 | Yuval Elovici | System that provides early detection, alert, and response to electronic threats |
-
2008
- 2008-05-21 US US12/124,458 patent/US8214977B2/en active Active
-
2009
- 2009-05-20 JP JP2011510688A patent/JP5483033B2/ja not_active Expired - Fee Related
- 2009-05-20 WO PCT/US2009/044713 patent/WO2009143272A1/en active Application Filing
- 2009-05-20 EP EP09751500A patent/EP2286364A1/en not_active Ceased
- 2009-05-20 CN CN200980118697.XA patent/CN102037471B/zh active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5960170A (en) * | 1997-03-18 | 1999-09-28 | Trend Micro, Inc. | Event triggered iterative virus detection |
JP2001515625A (ja) * | 1997-03-18 | 2001-09-18 | トレンド マイクロ,インコーポレーテッド | クライアント・サーバシステムにおけるウイルス検出 |
JP2004120082A (ja) * | 2002-09-24 | 2004-04-15 | Yuji Atsui | 電子メール中継システム、方法及びプログラム並びにウィルス検知システム、方法及びプログラム |
JP2004139177A (ja) * | 2002-10-15 | 2004-05-13 | Sony Corp | 情報検査方法及び装置、並びにプログラム |
US20050086520A1 (en) * | 2003-08-14 | 2005-04-21 | Sarang Dharmapurikar | Method and apparatus for detecting predefined signatures in packet payload using bloom filters |
US20070240218A1 (en) * | 2006-04-06 | 2007-10-11 | George Tuvell | Malware Detection System and Method for Mobile Platforms |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2015535115A (ja) * | 2012-11-20 | 2015-12-07 | シマンテック コーポレーションSymantec Corporation | マルウェア定義パッケージサイズを縮小するためのテレメトリの使用 |
KR20150106937A (ko) * | 2013-03-14 | 2015-09-22 | 인텔 코포레이션 | 보안 운영 체제 환경으로의 콘텍스트 기반 전환 |
KR101700552B1 (ko) * | 2013-03-14 | 2017-01-26 | 인텔 코포레이션 | 보안 운영 체제 환경으로의 콘텍스트 기반 전환 |
Also Published As
Publication number | Publication date |
---|---|
WO2009143272A1 (en) | 2009-11-26 |
US20090293125A1 (en) | 2009-11-26 |
EP2286364A1 (en) | 2011-02-23 |
US8214977B2 (en) | 2012-07-10 |
CN102037471B (zh) | 2014-03-12 |
CN102037471A (zh) | 2011-04-27 |
JP5483033B2 (ja) | 2014-05-07 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP5483033B2 (ja) | ネットワーク照会を利用した最適定義配信による集中型スキャナデータベース | |
US11068588B2 (en) | Detecting irregularities on a device | |
US9246931B1 (en) | Communication-based reputation system | |
US8239944B1 (en) | Reducing malware signature set size through server-side processing | |
US20180307836A1 (en) | Efficient white listing of user-modifiable files | |
US8756691B2 (en) | IP-based blocking of malware | |
US8095964B1 (en) | Peer computer based threat detection | |
JP5610451B2 (ja) | コンピュータファイルの評判スコアの個別有効期間 | |
US8413235B1 (en) | Malware detection using file heritage data | |
EP2310974B1 (en) | Intelligent hashes for centralized malware detection | |
KR101693370B1 (ko) | 퍼지 화이트리스팅 안티-멀웨어 시스템 및 방법 | |
US8850570B1 (en) | Filter-based identification of malicious websites | |
US8266698B1 (en) | Using machine infection characteristics for behavior-based detection of malware | |
US8561190B2 (en) | System and method of opportunistically protecting a computer from malware | |
CN117171743A (zh) | 在内核模式下对隐写术的实时检测和防护 | |
US8365283B1 (en) | Detecting mutating malware using fingerprints | |
US20080201722A1 (en) | Method and System For Unsafe Content Tracking | |
US8479289B1 (en) | Method and system for minimizing the effects of rogue security software | |
JP2016525750A (ja) | 合法的オブジェクトの誤用の識別 | |
US8613092B2 (en) | System, method and computer program product for updating a security system definition database based on prioritized instances of known unwanted data |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20101227 |
|
RD03 | Notification of appointment of power of attorney |
Free format text: JAPANESE INTERMEDIATE CODE: A7423 Effective date: 20110216 Free format text: JAPANESE INTERMEDIATE CODE: A7423 Effective date: 20110125 |
|
A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20110414 |
|
A072 | Dismissal of procedure [no reply to invitation to correct request for examination] |
Free format text: JAPANESE INTERMEDIATE CODE: A072 Effective date: 20110712 |
|
RD04 | Notification of resignation of power of attorney |
Free format text: JAPANESE INTERMEDIATE CODE: A7424 Effective date: 20110930 |
|
A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20120517 |
|
A621 | Written request for application examination |
Free format text: JAPANESE INTERMEDIATE CODE: A621 Effective date: 20120517 |
|
A977 | Report on retrieval |
Free format text: JAPANESE INTERMEDIATE CODE: A971007 Effective date: 20130911 |
|
A131 | Notification of reasons for refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A131 Effective date: 20130917 |
|
A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20131217 |
|
TRDD | Decision of grant or rejection written | ||
A01 | Written decision to grant a patent or to grant a registration (utility model) |
Free format text: JAPANESE INTERMEDIATE CODE: A01 Effective date: 20140121 |
|
A61 | First payment of annual fees (during grant procedure) |
Free format text: JAPANESE INTERMEDIATE CODE: A61 Effective date: 20140204 |
|
R150 | Certificate of patent or registration of utility model |
Ref document number: 5483033 Country of ref document: JP Free format text: JAPANESE INTERMEDIATE CODE: R150 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
S111 | Request for change of ownership or part of ownership |
Free format text: JAPANESE INTERMEDIATE CODE: R313113 |
|
S531 | Written request for registration of change of domicile |
Free format text: JAPANESE INTERMEDIATE CODE: R313531 |
|
S533 | Written request for registration of change of name |
Free format text: JAPANESE INTERMEDIATE CODE: R313533 |
|
R350 | Written notification of registration of transfer |
Free format text: JAPANESE INTERMEDIATE CODE: R350 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
LAPS | Cancellation because of no payment of annual fees |