JP2018501583A - マルウェア検出のためのインテリジェントかつコンテキストアウェアなユーザインタラクション - Google Patents
マルウェア検出のためのインテリジェントかつコンテキストアウェアなユーザインタラクション Download PDFInfo
- Publication number
- JP2018501583A JP2018501583A JP2017535823A JP2017535823A JP2018501583A JP 2018501583 A JP2018501583 A JP 2018501583A JP 2017535823 A JP2017535823 A JP 2017535823A JP 2017535823 A JP2017535823 A JP 2017535823A JP 2018501583 A JP2018501583 A JP 2018501583A
- Authority
- JP
- Japan
- Prior art keywords
- logic
- simulated
- delete
- profile
- launched
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 230000003993 interaction Effects 0.000 title claims abstract description 104
- 238000001514 detection method Methods 0.000 title abstract description 22
- 230000009471 action Effects 0.000 claims abstract description 134
- 238000004458 analytical method Methods 0.000 claims abstract description 72
- 238000004088 simulation Methods 0.000 claims description 110
- 238000000034 method Methods 0.000 claims description 29
- 230000004044 response Effects 0.000 claims description 24
- 230000000694 effects Effects 0.000 claims description 12
- 238000005474 detonation Methods 0.000 claims description 4
- 230000003068 static effect Effects 0.000 abstract description 26
- 238000004891 communication Methods 0.000 description 29
- 238000012545 processing Methods 0.000 description 18
- 230000005540 biological transmission Effects 0.000 description 13
- 230000008569 process Effects 0.000 description 13
- 230000006399 behavior Effects 0.000 description 12
- 230000006870 function Effects 0.000 description 11
- 238000010586 diagram Methods 0.000 description 9
- 238000000605 extraction Methods 0.000 description 9
- 230000011664 signaling Effects 0.000 description 7
- 238000010801 machine learning Methods 0.000 description 6
- 238000007726 management method Methods 0.000 description 6
- 230000004913 activation Effects 0.000 description 5
- 238000012544 monitoring process Methods 0.000 description 5
- 230000008859 change Effects 0.000 description 3
- 230000001419 dependent effect Effects 0.000 description 3
- 230000007246 mechanism Effects 0.000 description 3
- 238000000125 metastable de-excitation spectroscopy Methods 0.000 description 3
- 239000004065 semiconductor Substances 0.000 description 3
- 230000002159 abnormal effect Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000001960 triggered effect Effects 0.000 description 2
- 206010042635 Suspiciousness Diseases 0.000 description 1
- 230000002411 adverse Effects 0.000 description 1
- 230000003139 buffering effect Effects 0.000 description 1
- 230000006835 compression Effects 0.000 description 1
- 238000007906 compression Methods 0.000 description 1
- 238000012790 confirmation Methods 0.000 description 1
- 238000007405 data analysis Methods 0.000 description 1
- 230000003111 delayed effect Effects 0.000 description 1
- 238000009429 electrical wiring Methods 0.000 description 1
- 238000004374 forensic analysis Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 230000005055 memory storage Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 238000012913 prioritisation Methods 0.000 description 1
- 230000024977 response to activity Effects 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
- 230000008685 targeting Effects 0.000 description 1
- 230000036962 time dependent Effects 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/566—Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- Virology (AREA)
- Health & Medical Sciences (AREA)
- General Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- User Interface Of Digital Computer (AREA)
- Computer And Data Communications (AREA)
- Debugging And Monitoring (AREA)
Abstract
Description
(1)オブジェクトが暗号化されているかと暗号化スキームの種別の少なくとも一方
(2)オブジェクトが埋め込みオブジェクトであるか
(3)オブジェクトを処理するために必要なアプリケーション
(4)オブジェクトを含むネットワークコンテンツの提供に使用される送信プロトコル
以降の説明においては、発明の特徴を記述するために特定の用語が使用される。例えば、特定の状況下において、「ロジック」、「コンポーネント」、および「エンジン」という語は、少なくとも一つの機能を実行するように構成されたハードウェア、ファームウェア、ソフトウェアの少なくとも一つを表す。ハードウェアの場合、ロジック(あるいはコンポーネントやエンジン)は、データを処理あるいは記憶する機能を有する回路を含みうる。そのような回路の例としては、マイクロプロセッサ、少なくとも一つのプロセッサコア、プログラマブルゲートアレイ、マイクロコントローラ、特定用途向け集積回路、半導体メモリ、組合せロジックが挙げられるが、これらに限定あるいは制限されない。
ネットワーク100のブロック図の一例が示されている図1を参照する。ネットワーク100には、複数のマルウェア検出システム(MDS)1101〜110N(Nは1より大きく、本実施形態においては3である)が配備されている。MDS1101〜110Nは、ネットワーク125を介して管理システム120と通信可能に結合されている。一般に、管理システム120は、各1101〜1103を管理するように構成されている。例えば、管理システム120は、ロジック内のコンテンツの更新(新しい規則や変更された規則の更新、規則の削除、当該規則によって利用されるパラメータの修正、およびメタデータの修正の少なくとも一つ)を行うように構成されうる。当該ロジックは、通信インターフェース140、静的分析エンジン145、動的分析エンジン160、分類エンジン190、および報告エンジン195の少なくとも一つの一部として動作する。当該ロジックは、初期システム設定および構成などを目的として選択型ユーザインターフェース機能を備えている。具体的には、管理システム120は、アクションプロファイル更新ロジック174を介して少なくとも一つのアクションプロファイルへ更新を伝達するように構成されている。少なくとも一つのアクションプロファイル188は、後述するように、ヒューマンインタラクションのシミュレーションと分析中のオブジェクトのためのデバイス制御の少なくとも一方を制御するために使用される。
(1)オブジェクトが暗号化されているかと暗号化スキームの種別の少なくとも一方を特定するデータ
(2)オブジェクトが埋め込みオブジェクトであるかを特定するデータ
(3)オブジェクトを処理するために必要なアプリケーションを特定するデータ
(4)オブジェクトを含むネットワークコンテンツの提供に使用される送信プロトコルを特定するデータ
これらに加えて当該オブジェクトに関連する可能性のある特徴が後の使用のために保存される。
図3Aと図3Bを参照する。仮想ランタイム環境164内におけるUI制御ロジック182の動作フローのブロック図の例が示されている。具体的には、VM1701内で動作するUI制御ロジック182の一実施形態が例示されている。UI制御ロジック182は、(1)プロファイルセレクタ184と、(2)UIフレームワーク186を備えている。図示されているように、UIフレームワーク186は、(a)アクチュエーションロジック340と、(b)シミュレーションロジック350を備えている。シミュレーションロジック350は、(1)アクティブUIシミュレーションロジック360、(2)パッシブUIシミュレーションロジック370、および(3)デバイス制御シミュレーションロジック380を含んでいる。
(1)オブジェクト147が暗号化されているかと暗号化スキームの種別の少なくとも一方を特定するデータ
(2)オブジェクト147が埋め込みオブジェクトであるかと埋め込みオブジェクトを含むものであるかの少なくとも一方を特定するデータ
(3)オブジェクト147がパスワード保護されたフィールドと当該パスワードに関連付けられた情報を含んでいるか特定するデータ
(4)オブジェクト147を処理するために必要なアプリケーションを特定するデータ
(5)オブジェクト147を含むネットワークコンテンツの提供に使用される送信プロトコルを特定するデータ
図4Aを参照する。マルウェアを検出するためにパッシブUIシミュレーションロジックとデバイス制御シミュレーションロジックにより行なわれる方法例のフローチャートが示されている。図4Aにおける各ブロックは、選択されたアクションプロファイルに基づいて実行される動作を表している。当該動作は、標的とされたユーザインタラクションがシミュレーテッドものを提供するために、仮想ランタイム環境内のオブジェクト147の分析中に実行される。これらの動作は、MDS1001によって、自動的に(ヒューマンインタラクションなしに)悪意あるオブジェクトを検出するために実行される。当該オブジェクトは、ヒューマンインタラクションに応じて悪意ある攻撃を開始するものである。本実施形態においては、選択されたアクションプロファイルにより、当該オブジェクトからの入力要求に応じる「アクティブ」なシミュレーテッドヒューマンインタラクションに高い優先度が付与される一方、「パッシブ」なシミュレーテッドヒューマンインタラクションとシミュレーテッドデバイス制御インタラクションには低い優先度が付与される。
図5を参照する。MDS1101に関連付けられたロジックのブロック図の一例が示されている。MDS1101は、少なくとも一つのプロセッサ500を備えている。少なくとも一つのプロセッサ500は、第一伝送媒体520を介して第一通信インターフェースロジック510と接続されている。第一通信インターフェースロジック510は、図1のネットワークインターフェース136との通信接続を提供しうる。加えて、少なくとも一つのプロセッサ500は、第二伝送媒体540を介して第二通信インターフェースロジック530と通信可能に接続されうる。第二通信インターフェースロジック530は、図1における他のMDS1102〜1103および管理システム120との通信を提供しうる。
Claims (34)
- ロジックが記憶された非一時的かつコンピュータが読み取り可能な記憶媒体であって、
ネットワーク装置内に実装された少なくとも一方のプロセッサにより前記ロジックが実行されると、
アクチュエーションロジックによって、少なくとも一つの仮想マシンを含む仮想ランタイム環境内にオブジェクトをローンチし、
制御ロジックによって、前記オブジェクトによる少なくとも一つのシミュレーテッドユーザインタラクションを、当該オブジェクトに関連付けられたメタデータに基づいて選択し、
前記少なくとも一つのシミュレーテッドユーザインタラクションは、前記少なくとも一つの仮想マシン内で実行され、
前記メタデータは、前記アクチュエーションロジックによってローンチされた前記オブジェクトに対応するオブジェクト種を特定するデータを含む、
非一時的かつコンピュータが読み取り可能な記憶媒体。 - 前記オブジェクトをローンチする際に、前記アクチュエーションロジックを選択し、
前記アクチュエーションロジックは、ソフトウェアプロファイルの一部として実装されたソフトウェアコンポーネントであり、
前記ソフトウェアプロファイルは、前記仮想ランタイム環境内で動作する前記少なくとも一つの仮想マシンを、前記メタデータに基づいてプロビジョンする、
請求項1に記載の非一時的かつコンピュータが読み取り可能な記憶媒体。 - 前記オブジェクトにより第一ユーザインタラクションが要求されているとの判断に応じて、前記少なくとも一つのシミュレーテッドユーザインタラクションの一部である第一のシミュレーテッドヒューマンインタラクションを発生させる、
請求項2に記載の非一時的かつコンピュータが読み取り可能な記憶媒体。 - 前記第一のシミュレーテッドヒューマンインタラクションは、前記アクチュエーションロジックによって前記少なくとも一つの仮想マシン内にローンチされている前記オブジェクトによる挙動に応答するシミュレーテッドアクションを含み、
前記挙動は、前記オブジェクトがユーザ入力をアクティブに待つ動作状態を表す、
請求項3に記載の非一時的かつコンピュータが読み取り可能な記憶媒体。 - (削除)
- (削除)
- (削除)
- (削除)
- (削除)
- (削除)
- 前記仮想ランタイム環境における前記少なくとも一つの仮想マシン内に前記オブジェクトをローンチする前に、仮想マシンモニタ(VMM)内に実現されたプロファイルセレクタにより、前記オブジェクトに関連付けられた前記メタデータに基づいてアクションプロファイルを選択し、
前記アクションプロファイルは、前記少なくとも一つのシミュレーテッドユーザインタラクションを動的に制御する複数の規則を含む、
請求項1に記載の非一時的かつコンピュータが読み取り可能な記憶媒体。 - (削除)
- (削除)
- オブジェクトを伴うマルウェアを検出する装置であって、
各々が所定の規則セットに基づいてユーザインタラクション(UI)アクティビティを実行する指令または命令の集合である、少なくとも一つのアクションプロファイルと、
前記オブジェクトに関連付けられて当該オブジェクトの種別を特定しているメタデータに基づいて、前記少なくとも一つのアクションプロファイルから一つのアクションプロファイルを選択するプロファイルセレクタと、
仮想マシン内にローンチされた前記オブジェクトに応じて、選択された前記一つのアクションプロファイルにおける前記所定の規則セットに基づき、前記オブジェクトを伴うシミュレーテッドUIを実行するUIフレームワークロジックと、
を備えており、
前記UIフレームワークロジックは、(1)前記オブジェクトをローンチするアクチュエーションロジック、および(2)ローンチされた前記オブジェクトについて行なわれる前記シミュレーテッドUIを動的に制御するシミュレーションロジックを含んでいる、
装置。 - 前記シミュレーションロジックは、(1)アクティブUIシミュレーションロジック、(2)パッシブUIシミュレーションロジック、および(3)デバイス制御シミュレーションロジックを含む、
請求項14に記載の装置。 - 前記アクティブUIシミュレーションロジックは、
ローンチされた前記オブジェクトによって開始される入力要求を検出し、
前記入力要求に応じて、選択された前記一つのアクションプロファイルのコンテンツに基づく応答を判断するように構成されている、
請求項15に記載の装置。 - (削除)
- (削除)
- (削除)
- (削除)
- データを含むログを備えており、
ローンチされた前記オブジェクトがマルウェアとして分類されると、前記データは、前記少なくとも一つのアクションプロファイルを更新するために使用され、
前記更新は、ローンチされた前記オブジェクトによる悪意ある挙動の起動を成功させるシミュレーテッドUIのセットを示すことにより行なわれる、
請求項14に記載の装置。 - ローンチされた前記オブジェクトが分析の結果として疑わしいものと分類された場合に前記ログ内のデータをクラウドインフラへ送信するロジックを備えており、
前記少なくとも一つのアクションプロファイルは、ローンチされた前記オブジェクト内のマルウェアのデトネーションの不足または障害に基づいて更新される、
請求項21に記載の装置。 - ネットワーク装置において実施されるコンピュータ制御された方法であって、
前記ネットワーク装置内のアクチュエーションロジックによって、仮想ランタイム環境における少なくとも一つの仮想マシン内にオブジェクトをローンチし、
前記少なくとも一つの仮想マシン内で実行される少なくとも一つのシミュレーテッドユーザインタラクションを規定する少なくとも一つの指令を提供するアクションプロファイルを、プロファイルセレクタにより、前記オブジェクトに関連付けられたメタデータに基づいて選択し、
前記メタデータは、前記オブジェクトに対応するオブジェクト種を特定するデータを含み、
前記アクションプロファイルは、ローンチされた前記オブジェクトを伴う少なくとも一つのユーザインタラクションを動的に制御する規則のセットを含む、
方法。 - 前記オブジェクトをローンチする際に、前記メタデータに基づいて前記アクチュエーションロジックを選択する、
請求項23に記載の方法。 - 前記シミュレーテッドユーザインタラクションは、
ローンチされた前記オブジェクトにより第一ユーザインタラクションが要求されていると判断されると、前記少なくとも一つのシミュレーテッドヒューマンインタラクションの一部である第一のシミュレーテッドヒューマンインタラクションを発生させることと、
前記オブジェクトにより何のユーザインタラクションも要求されていないと判断されると、先に起動されており、かつ第一ユーザインタラクションが要求されているとの判断を受けて一時停止されている第二のシミュレーテッドヒューマンインタラクションを再開することと、
を含む、
請求項23に記載の方法。 - 前記第一のシミュレーテッドヒューマンインタラクションは、前記仮想ランタイム環境の一部である前記少なくとも一つの仮想マシン内にローンチされた前記オブジェクトによる挙動に応じるシミュレーテッドアクションを含み、
前記挙動は、ユーザ入力を能動的に待つローンチされた前記オブジェクトの動作状態を表す、
請求項25に記載の方法。 - (削除)
- (削除)
- (削除)
- (削除)
- (削除)
- 前記アクションプロファイルは、プロファイルセレクタによって複数のアクションプロファイルから選択され、
前記プロファイルセレクタは、前記仮想ランタイム環境内で動作する前記少なくとも一つの仮想マシンと通信可能に結合された仮想マシンモニタ(VMM)内に実現される、
請求項23に記載の方法。 - (削除)
- (削除)
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US14/586,233 US9838417B1 (en) | 2014-12-30 | 2014-12-30 | Intelligent context aware user interaction for malware detection |
US14/586,233 | 2014-12-30 | ||
PCT/US2015/067082 WO2016109283A1 (en) | 2014-12-30 | 2015-12-21 | Intelligent context aware user interaction for malware detection |
Publications (2)
Publication Number | Publication Date |
---|---|
JP2018501583A true JP2018501583A (ja) | 2018-01-18 |
JP6702983B2 JP6702983B2 (ja) | 2020-06-03 |
Family
ID=55080234
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2017535823A Active JP6702983B2 (ja) | 2014-12-30 | 2015-12-21 | マルウェア検出のためのインテリジェントかつコンテキストアウェアなユーザインタラクション |
Country Status (4)
Country | Link |
---|---|
US (2) | US9838417B1 (ja) |
EP (1) | EP3245609A1 (ja) |
JP (1) | JP6702983B2 (ja) |
WO (1) | WO2016109283A1 (ja) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2020240718A1 (ja) * | 2019-05-28 | 2020-12-03 | 日本電信電話株式会社 | 抽出装置、抽出方法及び抽出プログラム |
WO2021038780A1 (ja) * | 2019-08-29 | 2021-03-04 | 日本電気株式会社 | バックドア検査装置、バックドア検査方法、及び非一時的なコンピュータ可読媒体 |
Families Citing this family (132)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7587537B1 (en) | 2007-11-30 | 2009-09-08 | Altera Corporation | Serializer-deserializer circuits formed from input-output circuit registers |
US9106694B2 (en) | 2004-04-01 | 2015-08-11 | Fireeye, Inc. | Electronic message analysis for malware detection |
US8171553B2 (en) | 2004-04-01 | 2012-05-01 | Fireeye, Inc. | Heuristic based capture with replay to virtual machine |
US8528086B1 (en) | 2004-04-01 | 2013-09-03 | Fireeye, Inc. | System and method of detecting computer worms |
US8793787B2 (en) | 2004-04-01 | 2014-07-29 | Fireeye, Inc. | Detecting malicious network content using virtual environment components |
US8881282B1 (en) | 2004-04-01 | 2014-11-04 | Fireeye, Inc. | Systems and methods for malware attack detection and identification |
US8832829B2 (en) | 2009-09-30 | 2014-09-09 | Fireeye, Inc. | Network-based binary file extraction and analysis for malware detection |
US20130173642A1 (en) | 2011-12-30 | 2013-07-04 | Nokia Corporation | Method and apparatus for consent document management |
US10572665B2 (en) | 2012-12-28 | 2020-02-25 | Fireeye, Inc. | System and method to create a number of breakpoints in a virtual machine via virtual machine trapping events |
US9195829B1 (en) | 2013-02-23 | 2015-11-24 | Fireeye, Inc. | User interface with real-time visual playback along with synchronous textual analysis log display and event/time index for anomalous behavior detection in applications |
US9104867B1 (en) | 2013-03-13 | 2015-08-11 | Fireeye, Inc. | Malicious content analysis using simulated user interaction without user involvement |
US9626509B1 (en) | 2013-03-13 | 2017-04-18 | Fireeye, Inc. | Malicious content analysis with multi-version application support within single operating environment |
US9311479B1 (en) | 2013-03-14 | 2016-04-12 | Fireeye, Inc. | Correlation and consolidation of analytic data for holistic view of a malware attack |
US9413781B2 (en) | 2013-03-15 | 2016-08-09 | Fireeye, Inc. | System and method employing structured intelligence to verify and contain threats at endpoints |
US10713358B2 (en) | 2013-03-15 | 2020-07-14 | Fireeye, Inc. | System and method to extract and utilize disassembly features to classify software intent |
US9495180B2 (en) | 2013-05-10 | 2016-11-15 | Fireeye, Inc. | Optimized resource allocation for virtual machines within a malware content detection system |
US9635039B1 (en) | 2013-05-13 | 2017-04-25 | Fireeye, Inc. | Classifying sets of malicious indicators for detecting command and control communications associated with malware |
US9300686B2 (en) | 2013-06-28 | 2016-03-29 | Fireeye, Inc. | System and method for detecting malicious links in electronic messages |
US9628507B2 (en) | 2013-09-30 | 2017-04-18 | Fireeye, Inc. | Advanced persistent threat (APT) detection center |
US9171160B2 (en) | 2013-09-30 | 2015-10-27 | Fireeye, Inc. | Dynamically adaptive framework and method for classifying malware using intelligent static, emulation, and dynamic analyses |
US10515214B1 (en) | 2013-09-30 | 2019-12-24 | Fireeye, Inc. | System and method for classifying malware within content created during analysis of a specimen |
US9736179B2 (en) | 2013-09-30 | 2017-08-15 | Fireeye, Inc. | System, apparatus and method for using malware analysis results to drive adaptive instrumentation of virtual machines to improve exploit detection |
US9690936B1 (en) | 2013-09-30 | 2017-06-27 | Fireeye, Inc. | Multistage system and method for analyzing obfuscated content for malware |
US9747446B1 (en) | 2013-12-26 | 2017-08-29 | Fireeye, Inc. | System and method for run-time object classification |
US9756074B2 (en) | 2013-12-26 | 2017-09-05 | Fireeye, Inc. | System and method for IPS and VM-based detection of suspicious objects |
US9507935B2 (en) | 2014-01-16 | 2016-11-29 | Fireeye, Inc. | Exploit detection system with threat-aware microvisor |
US9262635B2 (en) | 2014-02-05 | 2016-02-16 | Fireeye, Inc. | Detection efficacy of virtual machine-based analysis with application specific events |
US10242185B1 (en) | 2014-03-21 | 2019-03-26 | Fireeye, Inc. | Dynamic guest image creation and rollback |
US9591015B1 (en) | 2014-03-28 | 2017-03-07 | Fireeye, Inc. | System and method for offloading packet processing and static analysis operations |
US9223972B1 (en) | 2014-03-31 | 2015-12-29 | Fireeye, Inc. | Dynamically remote tuning of a malware content detection system |
US10084813B2 (en) | 2014-06-24 | 2018-09-25 | Fireeye, Inc. | Intrusion prevention and remedy system |
US10805340B1 (en) | 2014-06-26 | 2020-10-13 | Fireeye, Inc. | Infection vector and malware tracking with an interactive user display |
US10002252B2 (en) | 2014-07-01 | 2018-06-19 | Fireeye, Inc. | Verification of trusted threat-aware microvisor |
US10027689B1 (en) | 2014-09-29 | 2018-07-17 | Fireeye, Inc. | Interactive infection visualization for improved exploit detection and signature generation for malware and malware families |
US9690933B1 (en) | 2014-12-22 | 2017-06-27 | Fireeye, Inc. | Framework for classifying an object as malicious with machine learning for deploying updated predictive models |
US9934376B1 (en) | 2014-12-29 | 2018-04-03 | Fireeye, Inc. | Malware detection appliance architecture |
US9838417B1 (en) | 2014-12-30 | 2017-12-05 | Fireeye, Inc. | Intelligent context aware user interaction for malware detection |
US10148693B2 (en) | 2015-03-25 | 2018-12-04 | Fireeye, Inc. | Exploit detection system |
US10474813B1 (en) | 2015-03-31 | 2019-11-12 | Fireeye, Inc. | Code injection technique for remediation at an endpoint of a network |
US10417031B2 (en) | 2015-03-31 | 2019-09-17 | Fireeye, Inc. | Selective virtualization for security threat detection |
US9654485B1 (en) | 2015-04-13 | 2017-05-16 | Fireeye, Inc. | Analytics-based security monitoring system and method |
US10726127B1 (en) | 2015-06-30 | 2020-07-28 | Fireeye, Inc. | System and method for protecting a software component running in a virtual machine through virtual interrupts by the virtualization layer |
US10395029B1 (en) | 2015-06-30 | 2019-08-27 | Fireeye, Inc. | Virtual system and method with threat protection |
US10454950B1 (en) | 2015-06-30 | 2019-10-22 | Fireeye, Inc. | Centralized aggregation technique for detecting lateral movement of stealthy cyber-attacks |
US10216927B1 (en) | 2015-06-30 | 2019-02-26 | Fireeye, Inc. | System and method for protecting memory pages associated with a process using a virtualization layer |
US10642753B1 (en) | 2015-06-30 | 2020-05-05 | Fireeye, Inc. | System and method for protecting a software component running in virtual machine using a virtualization layer |
US11113086B1 (en) | 2015-06-30 | 2021-09-07 | Fireeye, Inc. | Virtual system and method for securing external network connectivity |
US10715542B1 (en) | 2015-08-14 | 2020-07-14 | Fireeye, Inc. | Mobile application risk analysis |
US10176321B2 (en) | 2015-09-22 | 2019-01-08 | Fireeye, Inc. | Leveraging behavior-based rules for malware family classification |
US10033759B1 (en) | 2015-09-28 | 2018-07-24 | Fireeye, Inc. | System and method of threat detection under hypervisor control |
US10033747B1 (en) | 2015-09-29 | 2018-07-24 | Fireeye, Inc. | System and method for detecting interpreter-based exploit attacks |
US10601865B1 (en) | 2015-09-30 | 2020-03-24 | Fireeye, Inc. | Detection of credential spearphishing attacks using email analysis |
US9825989B1 (en) | 2015-09-30 | 2017-11-21 | Fireeye, Inc. | Cyber attack early warning system |
US10817606B1 (en) | 2015-09-30 | 2020-10-27 | Fireeye, Inc. | Detecting delayed activation malware using a run-time monitoring agent and time-dilation logic |
US10706149B1 (en) | 2015-09-30 | 2020-07-07 | Fireeye, Inc. | Detecting delayed activation malware using a primary controller and plural time controllers |
US10210329B1 (en) | 2015-09-30 | 2019-02-19 | Fireeye, Inc. | Method to detect application execution hijacking using memory protection |
US10284575B2 (en) | 2015-11-10 | 2019-05-07 | Fireeye, Inc. | Launcher for setting analysis environment variations for malware detection |
US10846117B1 (en) | 2015-12-10 | 2020-11-24 | Fireeye, Inc. | Technique for establishing secure communication between host and guest processes of a virtualization architecture |
US10447728B1 (en) | 2015-12-10 | 2019-10-15 | Fireeye, Inc. | Technique for protecting guest processes using a layered virtualization architecture |
US10108446B1 (en) | 2015-12-11 | 2018-10-23 | Fireeye, Inc. | Late load technique for deploying a virtualization layer underneath a running operating system |
US10050998B1 (en) | 2015-12-30 | 2018-08-14 | Fireeye, Inc. | Malicious message analysis system |
US10565378B1 (en) | 2015-12-30 | 2020-02-18 | Fireeye, Inc. | Exploit of privilege detection framework |
US10133866B1 (en) | 2015-12-30 | 2018-11-20 | Fireeye, Inc. | System and method for triggering analysis of an object for malware in response to modification of that object |
US11552986B1 (en) | 2015-12-31 | 2023-01-10 | Fireeye Security Holdings Us Llc | Cyber-security framework for application of virtual features |
US10581874B1 (en) | 2015-12-31 | 2020-03-03 | Fireeye, Inc. | Malware detection system with contextual analysis |
US10785255B1 (en) * | 2016-03-25 | 2020-09-22 | Fireeye, Inc. | Cluster configuration within a scalable malware detection system |
US10601863B1 (en) | 2016-03-25 | 2020-03-24 | Fireeye, Inc. | System and method for managing sensor enrollment |
US10671721B1 (en) | 2016-03-25 | 2020-06-02 | Fireeye, Inc. | Timeout management services |
US10476906B1 (en) | 2016-03-25 | 2019-11-12 | Fireeye, Inc. | System and method for managing formation and modification of a cluster within a malware detection system |
US10893059B1 (en) | 2016-03-31 | 2021-01-12 | Fireeye, Inc. | Verification and enhancement using detection systems located at the network periphery and endpoint devices |
US10826933B1 (en) | 2016-03-31 | 2020-11-03 | Fireeye, Inc. | Technique for verifying exploit/malware at malware detection appliance through correlation with endpoints |
US10169585B1 (en) | 2016-06-22 | 2019-01-01 | Fireeye, Inc. | System and methods for advanced malware detection through placement of transition events |
US10462173B1 (en) | 2016-06-30 | 2019-10-29 | Fireeye, Inc. | Malware detection verification and enhancement by coordinating endpoint and malware detection systems |
US10592678B1 (en) | 2016-09-09 | 2020-03-17 | Fireeye, Inc. | Secure communications between peers using a verified virtual trusted platform module |
US10491627B1 (en) | 2016-09-29 | 2019-11-26 | Fireeye, Inc. | Advanced malware detection using similarity analysis |
US10795991B1 (en) | 2016-11-08 | 2020-10-06 | Fireeye, Inc. | Enterprise search |
US10587647B1 (en) | 2016-11-22 | 2020-03-10 | Fireeye, Inc. | Technique for malware detection capability comparison of network security devices |
US10581879B1 (en) | 2016-12-22 | 2020-03-03 | Fireeye, Inc. | Enhanced malware detection for generated objects |
US10552610B1 (en) | 2016-12-22 | 2020-02-04 | Fireeye, Inc. | Adaptive virtual machine snapshot update framework for malware behavioral analysis |
US10523609B1 (en) | 2016-12-27 | 2019-12-31 | Fireeye, Inc. | Multi-vector malware detection and analysis |
US10904286B1 (en) | 2017-03-24 | 2021-01-26 | Fireeye, Inc. | Detection of phishing attacks using similarity analysis |
US10798112B2 (en) | 2017-03-30 | 2020-10-06 | Fireeye, Inc. | Attribute-controlled malware detection |
US10791138B1 (en) | 2017-03-30 | 2020-09-29 | Fireeye, Inc. | Subscription-based malware detection |
US10902119B1 (en) | 2017-03-30 | 2021-01-26 | Fireeye, Inc. | Data extraction system for malware analysis |
US10848397B1 (en) | 2017-03-30 | 2020-11-24 | Fireeye, Inc. | System and method for enforcing compliance with subscription requirements for cyber-attack detection service |
US10503904B1 (en) | 2017-06-29 | 2019-12-10 | Fireeye, Inc. | Ransomware detection and mitigation |
US10855700B1 (en) | 2017-06-29 | 2020-12-01 | Fireeye, Inc. | Post-intrusion detection of cyber-attacks during lateral movement within networks |
US10601848B1 (en) | 2017-06-29 | 2020-03-24 | Fireeye, Inc. | Cyber-security system and method for weak indicator detection and correlation to generate strong indicators |
US10893068B1 (en) | 2017-06-30 | 2021-01-12 | Fireeye, Inc. | Ransomware file modification prevention technique |
US11062021B2 (en) | 2017-08-29 | 2021-07-13 | NortonLifeLock Inc. | Systems and methods for preventing malicious applications from exploiting application services |
US10747872B1 (en) | 2017-09-27 | 2020-08-18 | Fireeye, Inc. | System and method for preventing malware evasion |
US10805346B2 (en) | 2017-10-01 | 2020-10-13 | Fireeye, Inc. | Phishing attack detection |
US11108809B2 (en) | 2017-10-27 | 2021-08-31 | Fireeye, Inc. | System and method for analyzing binary code for malware classification using artificial neural network techniques |
KR101988747B1 (ko) * | 2017-11-30 | 2019-06-12 | 건국대학교 산학협력단 | 하이브리드 분석을 통한 머신러닝 기반의 랜섬웨어 탐지 방법 및 장치 |
US11240275B1 (en) | 2017-12-28 | 2022-02-01 | Fireeye Security Holdings Us Llc | Platform and method for performing cybersecurity analyses employing an intelligence hub with a modular architecture |
US11271955B2 (en) | 2017-12-28 | 2022-03-08 | Fireeye Security Holdings Us Llc | Platform and method for retroactive reclassification employing a cybersecurity-based global data store |
US11005860B1 (en) | 2017-12-28 | 2021-05-11 | Fireeye, Inc. | Method and system for efficient cybersecurity analysis of endpoint events |
JP6714175B2 (ja) * | 2018-01-17 | 2020-06-24 | 日本電信電話株式会社 | 解析装置、解析方法及び解析プログラム |
US10826931B1 (en) | 2018-03-29 | 2020-11-03 | Fireeye, Inc. | System and method for predicting and mitigating cybersecurity system misconfigurations |
US11003773B1 (en) | 2018-03-30 | 2021-05-11 | Fireeye, Inc. | System and method for automatically generating malware detection rule recommendations |
US11558401B1 (en) | 2018-03-30 | 2023-01-17 | Fireeye Security Holdings Us Llc | Multi-vector malware detection data sharing system for improved detection |
US10956477B1 (en) | 2018-03-30 | 2021-03-23 | Fireeye, Inc. | System and method for detecting malicious scripts through natural language processing modeling |
US11075930B1 (en) | 2018-06-27 | 2021-07-27 | Fireeye, Inc. | System and method for detecting repetitive cybersecurity attacks constituting an email campaign |
US11314859B1 (en) | 2018-06-27 | 2022-04-26 | FireEye Security Holdings, Inc. | Cyber-security system and method for detecting escalation of privileges within an access token |
US11228491B1 (en) | 2018-06-28 | 2022-01-18 | Fireeye Security Holdings Us Llc | System and method for distributed cluster configuration monitoring and management |
US11316900B1 (en) | 2018-06-29 | 2022-04-26 | FireEye Security Holdings Inc. | System and method for automatically prioritizing rules for cyber-threat detection and mitigation |
US11138313B2 (en) * | 2018-08-13 | 2021-10-05 | Juniper Networks, Inc. | Malware detection based on user interactions |
US11182473B1 (en) | 2018-09-13 | 2021-11-23 | Fireeye Security Holdings Us Llc | System and method for mitigating cyberattacks against processor operability by a guest process |
US11763004B1 (en) | 2018-09-27 | 2023-09-19 | Fireeye Security Holdings Us Llc | System and method for bootkit detection |
US11093620B2 (en) * | 2018-11-02 | 2021-08-17 | ThreatConnect, Inc. | Ahead of time application launching for cybersecurity threat intelligence of network security events |
US11176251B1 (en) | 2018-12-21 | 2021-11-16 | Fireeye, Inc. | Determining malware via symbolic function hash analysis |
US11743290B2 (en) | 2018-12-21 | 2023-08-29 | Fireeye Security Holdings Us Llc | System and method for detecting cyberattacks impersonating legitimate sources |
US11368475B1 (en) | 2018-12-21 | 2022-06-21 | Fireeye Security Holdings Us Llc | System and method for scanning remote services to locate stored objects with malware |
US11601444B1 (en) | 2018-12-31 | 2023-03-07 | Fireeye Security Holdings Us Llc | Automated system for triage of customer issues |
US11550908B2 (en) * | 2019-03-15 | 2023-01-10 | Paul J Long | Method and apparatus for producing a machine learning system for malware prediction in low complexity sensor networks |
US11196766B2 (en) | 2019-03-21 | 2021-12-07 | Red Hat, Inc. | Detecting denial of service attacks in serverless computing |
US11310238B1 (en) | 2019-03-26 | 2022-04-19 | FireEye Security Holdings, Inc. | System and method for retrieval and analysis of operational data from customer, cloud-hosted virtual resources |
US11677786B1 (en) | 2019-03-29 | 2023-06-13 | Fireeye Security Holdings Us Llc | System and method for detecting and protecting against cybersecurity attacks on servers |
US11636198B1 (en) | 2019-03-30 | 2023-04-25 | Fireeye Security Holdings Us Llc | System and method for cybersecurity analyzer update and concurrent management system |
US11714905B2 (en) * | 2019-05-10 | 2023-08-01 | Sophos Limited | Attribute relevance tagging in malware recognition |
US11258806B1 (en) | 2019-06-24 | 2022-02-22 | Mandiant, Inc. | System and method for automatically associating cybersecurity intelligence to cyberthreat actors |
US11556640B1 (en) | 2019-06-27 | 2023-01-17 | Mandiant, Inc. | Systems and methods for automated cybersecurity analysis of extracted binary string sets |
US11392700B1 (en) | 2019-06-28 | 2022-07-19 | Fireeye Security Holdings Us Llc | System and method for supporting cross-platform data verification |
US11886585B1 (en) | 2019-09-27 | 2024-01-30 | Musarubra Us Llc | System and method for identifying and mitigating cyberattacks through malicious position-independent code execution |
US11637862B1 (en) | 2019-09-30 | 2023-04-25 | Mandiant, Inc. | System and method for surfacing cyber-security threats with a self-learning recommendation engine |
DE102019134590A1 (de) * | 2019-12-16 | 2021-06-17 | Thomas Schmalz | Vorrichtung zum Sammeln von IT-forensisch potenziell relevanten Daten, Verfahren, Computerprogrammprodukt und Speichereinheit |
US11838300B1 (en) | 2019-12-24 | 2023-12-05 | Musarubra Us Llc | Run-time configurable cybersecurity system |
US11436327B1 (en) | 2019-12-24 | 2022-09-06 | Fireeye Security Holdings Us Llc | System and method for circumventing evasive code for cyberthreat detection |
US11522884B1 (en) | 2019-12-24 | 2022-12-06 | Fireeye Security Holdings Us Llc | Subscription and key management system |
US11863573B2 (en) | 2020-03-06 | 2024-01-02 | ThreatConnect, Inc. | Custom triggers for a network security event for cybersecurity threat intelligence |
CN113138966B (zh) * | 2021-05-08 | 2023-06-06 | 贵州全安密灵科技有限公司 | 一种复现起爆操作场景的方法、装置、存储介质及设备 |
US11985144B2 (en) | 2021-06-25 | 2024-05-14 | ThreatConnect, Inc. | Browser extension for cybersecurity threat intelligence and response |
Family Cites Families (635)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE2851871C2 (de) | 1978-11-30 | 1984-06-07 | Siemens AG, 1000 Berlin und 8000 München | Schaltungsanordnung zur Bedämpfung von Leistungspendelungen in Netzen |
GB9003890D0 (en) | 1990-02-21 | 1990-04-18 | Rodime Plc | Method and apparatus for controlling access to and corruption of information in computer systems |
US5319776A (en) | 1990-04-19 | 1994-06-07 | Hilgraeve Corporation | In transit detection of computer virus with safeguard |
US5175732A (en) | 1991-02-15 | 1992-12-29 | Standard Microsystems Corp. | Method and apparatus for controlling data communication operations within stations of a local-area network |
US5278901A (en) | 1992-04-30 | 1994-01-11 | International Business Machines Corporation | Pattern-oriented intrusion-detection system and method |
US5390325A (en) | 1992-12-23 | 1995-02-14 | Taligent, Inc. | Automated testing system |
JP2501771B2 (ja) | 1993-01-19 | 1996-05-29 | インターナショナル・ビジネス・マシーンズ・コーポレイション | 不所望のソフトウェア・エンティティの複数の有効なシグネチャを得る方法及び装置 |
US5440723A (en) | 1993-01-19 | 1995-08-08 | International Business Machines Corporation | Automatic immune system for computers and computer networks |
DE69511556D1 (de) | 1994-06-01 | 1999-09-23 | Quantum Leap Innovations Inc | Computervirenfalle |
US5889973A (en) | 1995-03-31 | 1999-03-30 | Motorola, Inc. | Method and apparatus for selectively controlling interrupt latency in a data processing system |
GB2303947A (en) | 1995-07-31 | 1997-03-05 | Ibm | Boot sector virus protection in computer systems |
US6167520A (en) | 1996-11-08 | 2000-12-26 | Finjan Software, Inc. | System and method for protecting a client during runtime from hostile downloadables |
US6154844A (en) | 1996-11-08 | 2000-11-28 | Finjan Software, Ltd. | System and method for attaching a downloadable security profile to a downloadable |
US7058822B2 (en) | 2000-03-30 | 2006-06-06 | Finjan Software, Ltd. | Malicious mobile code runtime monitoring system and methods |
US6424627B1 (en) | 1997-02-24 | 2002-07-23 | Metrobility Optical Systems | Full-duplex medium tap apparatus and system |
US5960170A (en) | 1997-03-18 | 1999-09-28 | Trend Micro, Inc. | Event triggered iterative virus detection |
US6094677A (en) | 1997-05-30 | 2000-07-25 | International Business Machines Corporation | Methods, systems and computer program products for providing insertions during delays in interactive systems |
US5978917A (en) | 1997-08-14 | 1999-11-02 | Symantec Corporation | Detection and elimination of macro viruses |
US5983348A (en) | 1997-09-10 | 1999-11-09 | Trend Micro Incorporated | Computer network malicious code scanner |
US6357008B1 (en) | 1997-09-23 | 2002-03-12 | Symantec Corporation | Dynamic heuristic method for detecting computer viruses using decryption exploration and evaluation phases |
IL121898A0 (en) | 1997-10-07 | 1998-03-10 | Cidon Israel | A method and apparatus for active testing and fault allocation of communication networks |
US6118382A (en) | 1997-10-30 | 2000-09-12 | Fireeye Development, Incorporated | System and method for alerting safety personnel of unsafe air temperature conditions |
US6417774B1 (en) | 1997-10-30 | 2002-07-09 | Fireeye Development Inc. | System and method for identifying unsafe temperature conditions |
US6108799A (en) | 1997-11-21 | 2000-08-22 | International Business Machines Corporation | Automated sample creation of polymorphic and non-polymorphic marcro viruses |
US6088803A (en) | 1997-12-30 | 2000-07-11 | Intel Corporation | System for virus-checking network data during download to a client device |
US6088804A (en) | 1998-01-12 | 2000-07-11 | Motorola, Inc. | Adaptive system and method for responding to computer network security attacks |
US6279113B1 (en) | 1998-03-16 | 2001-08-21 | Internet Tools, Inc. | Dynamic signature inspection-based network intrusion detection |
US6298445B1 (en) | 1998-04-30 | 2001-10-02 | Netect, Ltd. | Computer security |
US7711714B2 (en) | 1998-09-22 | 2010-05-04 | Hitachi, Ltd. | Method and a device for sterilizing downloaded files |
US6550012B1 (en) | 1998-12-11 | 2003-04-15 | Network Associates, Inc. | Active firewall system and methodology |
US20060095274A1 (en) | 2004-05-07 | 2006-05-04 | Mark Phillips | Execution engine for business processes |
US6487666B1 (en) | 1999-01-15 | 2002-11-26 | Cisco Technology, Inc. | Intrusion detection signature analysis using regular expressions and logical operators |
US6484315B1 (en) | 1999-02-01 | 2002-11-19 | Cisco Technology, Inc. | Method and system for dynamically distributing updates in a network |
US20030191957A1 (en) | 1999-02-19 | 2003-10-09 | Ari Hypponen | Distributed computer virus detection and scanning |
US7240368B1 (en) | 1999-04-14 | 2007-07-03 | Verizon Corporate Services Group Inc. | Intrusion and misuse deterrence system employing a virtual network |
US6430691B1 (en) | 1999-06-21 | 2002-08-06 | Copytele, Inc. | Stand-alone telecommunications security device |
US6442696B1 (en) | 1999-10-05 | 2002-08-27 | Authoriszor, Inc. | System and method for extensible positive client identification |
US6493756B1 (en) | 1999-10-28 | 2002-12-10 | Networks Associates, Inc. | System and method for dynamically sensing an asynchronous network event within a modular framework for network event processing |
US7249175B1 (en) | 1999-11-23 | 2007-07-24 | Escom Corporation | Method and system for blocking e-mail having a nonexistent sender address |
US6775657B1 (en) | 1999-12-22 | 2004-08-10 | Cisco Technology, Inc. | Multilayered intrusion detection system and method |
GB2353372B (en) | 1999-12-24 | 2001-08-22 | F Secure Oyj | Remote computer virus scanning |
US6832367B1 (en) | 2000-03-06 | 2004-12-14 | International Business Machines Corporation | Method and system for recording and replaying the execution of distributed java programs |
US20010047326A1 (en) | 2000-03-14 | 2001-11-29 | Broadbent David F. | Interface system for a mortgage loan originator compliance engine |
US20040006473A1 (en) | 2002-07-02 | 2004-01-08 | Sbc Technology Resources, Inc. | Method and system for automated categorization of statements |
EP2285104A1 (en) | 2000-03-31 | 2011-02-16 | United Video Properties, Inc. | System and method for reducing cut-offs in program recording |
US6831893B1 (en) | 2000-04-03 | 2004-12-14 | P-Cube, Ltd. | Apparatus and method for wire-speed classification and pre-processing of data packets in a full duplex network |
US7080396B2 (en) | 2000-04-14 | 2006-07-18 | Lg Electronics Inc. | Event overrun and downstream event shift technology |
US7054943B1 (en) | 2000-04-28 | 2006-05-30 | International Business Machines Corporation | Method and apparatus for dynamically adjusting resources assigned to plurality of customers, for meeting service level agreements (slas) with minimal resources, and allowing common pools of resources to be used across plural customers on a demand basis |
US7240364B1 (en) | 2000-05-20 | 2007-07-03 | Ciena Corporation | Network device identity authentication |
AU6337701A (en) | 2000-05-19 | 2002-03-22 | Self Repairing Computers Inc | A computer with switchable components |
US6907396B1 (en) | 2000-06-01 | 2005-06-14 | Networks Associates Technology, Inc. | Detecting computer viruses or malicious software by patching instructions into an emulator |
US6971097B1 (en) | 2000-06-09 | 2005-11-29 | Sun Microsystems, Inc. | Method and apparatus for implementing concurrently running jobs on an extended virtual machine using different heaps managers |
US9444785B2 (en) | 2000-06-23 | 2016-09-13 | Cloudshield Technologies, Inc. | Transparent provisioning of network access to an application |
US7080407B1 (en) | 2000-06-27 | 2006-07-18 | Cisco Technology, Inc. | Virus detection and removal system and method for network-based systems |
US7093239B1 (en) | 2000-07-14 | 2006-08-15 | Internet Security Systems, Inc. | Computer immune system and method for detecting unwanted code in a computer system |
JP2002035109A (ja) | 2000-07-21 | 2002-02-05 | Tadashi Kokubo | 抗血栓性材料及びその製造方法 |
US6981279B1 (en) | 2000-08-17 | 2005-12-27 | International Business Machines Corporation | Method and apparatus for replicating and analyzing worm programs |
GB0022485D0 (en) | 2000-09-13 | 2000-11-01 | Apl Financial Services Oversea | Monitoring network activity |
US20020038430A1 (en) | 2000-09-13 | 2002-03-28 | Charles Edwards | System and method of data collection, processing, analysis, and annotation for monitoring cyber-threats and the notification thereof to subscribers |
US7496960B1 (en) | 2000-10-30 | 2009-02-24 | Trend Micro, Inc. | Tracking and reporting of computer virus information |
US20020091819A1 (en) | 2001-01-05 | 2002-07-11 | Daniel Melchione | System and method for configuring computer applications and devices using inheritance |
US20060047665A1 (en) | 2001-01-09 | 2006-03-02 | Tim Neil | System and method for simulating an application for subsequent deployment to a device in communication with a transaction server |
US20020095607A1 (en) | 2001-01-18 | 2002-07-18 | Catherine Lin-Hendel | Security protection for computers and computer-networks |
US7290283B2 (en) | 2001-01-31 | 2007-10-30 | Lancope, Inc. | Network port profiling |
GB0103416D0 (en) | 2001-02-12 | 2001-03-28 | Nokia Networks Oy | Message authentication |
US7281267B2 (en) | 2001-02-20 | 2007-10-09 | Mcafee, Inc. | Software audit system |
US20020166063A1 (en) | 2001-03-01 | 2002-11-07 | Cyber Operations, Llc | System and method for anti-network terrorism |
US20030074206A1 (en) | 2001-03-23 | 2003-04-17 | Restaurant Services, Inc. | System, method and computer program product for utilizing market demand information for generating revenue |
US7770223B2 (en) | 2001-04-12 | 2010-08-03 | Computer Associates Think, Inc. | Method and apparatus for security management via vicarious network devices |
CN1147795C (zh) | 2001-04-29 | 2004-04-28 | 北京瑞星科技股份有限公司 | 检测和清除已知及未知计算机病毒的方法、系统 |
EP1395890A2 (en) | 2001-05-09 | 2004-03-10 | ECD Systems, Inc. | Systems and methods for the prevention of unauthorized use and manipulation of digital content |
US7043757B2 (en) | 2001-05-22 | 2006-05-09 | Mci, Llc | System and method for malicious code detection |
US20020194490A1 (en) | 2001-06-18 | 2002-12-19 | Avner Halperin | System and method of virus containment in computer networks |
US7657419B2 (en) | 2001-06-19 | 2010-02-02 | International Business Machines Corporation | Analytical virtual machine |
US7028179B2 (en) | 2001-07-03 | 2006-04-11 | Intel Corporation | Apparatus and method for secure, automated response to distributed denial of service attacks |
US20030021728A1 (en) | 2001-07-26 | 2003-01-30 | Sharpe Richard R. | Method of and apparatus for object-oriented real-time mechanical control of automated chemistry instruments |
US7171690B2 (en) | 2001-08-01 | 2007-01-30 | Mcafee, Inc. | Wireless malware scanning back-end system and method |
US20030033463A1 (en) | 2001-08-10 | 2003-02-13 | Garnett Paul J. | Computer system storage |
US8438241B2 (en) | 2001-08-14 | 2013-05-07 | Cisco Technology, Inc. | Detecting and protecting against worm traffic on a network |
US7356736B2 (en) | 2001-09-25 | 2008-04-08 | Norman Asa | Simulated computer system for monitoring of software performance |
US7107617B2 (en) | 2001-10-15 | 2006-09-12 | Mcafee, Inc. | Malware scanning of compressed computer files |
US20030074578A1 (en) | 2001-10-16 | 2003-04-17 | Richard Ford | Computer virus containment |
US7007107B1 (en) | 2001-10-22 | 2006-02-28 | United Electronic Industries | Methods and apparatus for performing data acquisition and control |
US20030084318A1 (en) | 2001-10-31 | 2003-05-01 | Schertz Richard L. | System and method of graphically correlating data for an intrusion protection system |
US7320142B1 (en) | 2001-11-09 | 2008-01-15 | Cisco Technology, Inc. | Method and system for configurable network intrusion detection |
US20030101381A1 (en) | 2001-11-29 | 2003-05-29 | Nikolay Mateev | System and method for virus checking software |
US7512980B2 (en) | 2001-11-30 | 2009-03-31 | Lancope, Inc. | Packet sampling flow-based detection of network intrusions |
US7080408B1 (en) | 2001-11-30 | 2006-07-18 | Mcafee, Inc. | Delayed-delivery quarantining of network communications having suspicious contents |
US7062553B2 (en) | 2001-12-04 | 2006-06-13 | Trend Micro, Inc. | Virus epidemic damage control system and method for network environment |
US6895550B2 (en) | 2001-12-05 | 2005-05-17 | I2 Technologies Us, Inc. | Computer-implemented PDF document management |
US7093002B2 (en) | 2001-12-06 | 2006-08-15 | Mcafee, Inc. | Handling of malware scanning of files stored within a file storage device of a computer network |
NZ516346A (en) | 2001-12-21 | 2004-09-24 | Esphion Ltd | A device for evaluating traffic on a computer network to detect traffic abnormalities such as a denial of service attack |
US7607171B1 (en) | 2002-01-17 | 2009-10-20 | Avinti, Inc. | Virus detection by executing e-mail code in a virtual machine |
US7100201B2 (en) | 2002-01-24 | 2006-08-29 | Arxceo Corporation | Undetectable firewall |
US7448084B1 (en) | 2002-01-25 | 2008-11-04 | The Trustees Of Columbia University In The City Of New York | System and methods for detecting intrusions in a computer system by monitoring operating system registry accesses |
US7069316B1 (en) | 2002-02-19 | 2006-06-27 | Mcafee, Inc. | Automated Internet Relay Chat malware monitoring and interception |
CA2476349C (en) | 2002-02-19 | 2010-09-28 | Scott Michael Petry | E-mail management services |
JP3713491B2 (ja) | 2002-02-28 | 2005-11-09 | 株式会社エヌ・ティ・ティ・ドコモ | サーバ装置、及び情報処理方法 |
US7096498B2 (en) | 2002-03-08 | 2006-08-22 | Cipher Trust, Inc. | Systems and methods for message threat management |
US7458098B2 (en) | 2002-03-08 | 2008-11-25 | Secure Computing Corporation | Systems and methods for enhancing electronic communication security |
US7693947B2 (en) | 2002-03-08 | 2010-04-06 | Mcafee, Inc. | Systems and methods for graphically displaying messaging traffic |
US20030188190A1 (en) | 2002-03-26 | 2003-10-02 | Aaron Jeffrey A. | System and method of intrusion detection employing broad-scope monitoring |
US20040111632A1 (en) | 2002-05-06 | 2004-06-10 | Avner Halperin | System and method of virus containment in computer networks |
US7237008B1 (en) | 2002-05-10 | 2007-06-26 | Mcafee, Inc. | Detecting malware carried by an e-mail message |
US7370360B2 (en) | 2002-05-13 | 2008-05-06 | International Business Machines Corporation | Computer immune system and method for detecting unwanted code in a P-code or partially compiled native-code program executing within a virtual machine |
US6995665B2 (en) | 2002-05-17 | 2006-02-07 | Fireeye Development Incorporated | System and method for identifying, monitoring and evaluating equipment, environmental and physiological conditions |
GB2394382A (en) | 2002-10-19 | 2004-04-21 | Hewlett Packard Co | Monitoring the propagation of viruses through an Information Technology network |
US7415723B2 (en) | 2002-06-11 | 2008-08-19 | Pandya Ashish A | Distributed network security system and a hardware processor therefor |
US8539580B2 (en) | 2002-06-19 | 2013-09-17 | International Business Machines Corporation | Method, system and program product for detecting intrusion of a wireless network |
US20060190561A1 (en) | 2002-06-19 | 2006-08-24 | Watchfire Corporation | Method and system for obtaining script related information for website crawling |
US8423374B2 (en) | 2002-06-27 | 2013-04-16 | Siebel Systems, Inc. | Method and system for processing intelligence information |
US7124327B2 (en) | 2002-06-29 | 2006-10-17 | Intel Corporation | Control over faults occurring during the operation of guest software in the virtual-machine architecture |
US7418729B2 (en) | 2002-07-19 | 2008-08-26 | Symantec Corporation | Heuristic detection of malicious computer code by page tracking |
US8789183B1 (en) | 2002-07-19 | 2014-07-22 | Fortinet, Inc. | Detecting network traffic content |
US7487543B2 (en) | 2002-07-23 | 2009-02-03 | International Business Machines Corporation | Method and apparatus for the automatic determination of potentially worm-like behavior of a program |
JP3794491B2 (ja) | 2002-08-20 | 2006-07-05 | 日本電気株式会社 | 攻撃防御システムおよび攻撃防御方法 |
US20040047356A1 (en) | 2002-09-06 | 2004-03-11 | Bauer Blaine D. | Network traffic monitoring |
US7467408B1 (en) | 2002-09-09 | 2008-12-16 | Cisco Technology, Inc. | Method and apparatus for capturing and filtering datagrams for network security monitoring |
GB0220907D0 (en) | 2002-09-10 | 2002-10-16 | Ingenia Holdings Ltd | Security device and system |
US8909926B2 (en) | 2002-10-21 | 2014-12-09 | Rockwell Automation Technologies, Inc. | System and methodology providing automation security analysis, validation, and learning in an industrial controller environment |
US7159149B2 (en) | 2002-10-24 | 2007-01-02 | Symantec Corporation | Heuristic detection and termination of fast spreading network worm attacks |
US7363656B2 (en) | 2002-11-04 | 2008-04-22 | Mazu Networks, Inc. | Event detection/anomaly correlation heuristics |
US8504879B2 (en) | 2002-11-04 | 2013-08-06 | Riverbed Technology, Inc. | Connection based anomaly detection |
US7353539B2 (en) | 2002-11-04 | 2008-04-01 | Hewlett-Packard Development Company, L.P. | Signal level propagation mechanism for distribution of a payload to vulnerable systems |
US20050033989A1 (en) | 2002-11-04 | 2005-02-10 | Poletto Massimiliano Antonio | Detection of scanning attacks |
US7774839B2 (en) | 2002-11-04 | 2010-08-10 | Riverbed Technology, Inc. | Feedback mechanism to minimize false assertions of a network intrusion |
US8090809B2 (en) | 2002-11-04 | 2012-01-03 | Riverbed Technology, Inc. | Role grouping |
US7454499B2 (en) | 2002-11-07 | 2008-11-18 | Tippingpoint Technologies, Inc. | Active network defense system and method |
US20040111531A1 (en) | 2002-12-06 | 2004-06-10 | Stuart Staniford | Method and system for reducing the rate of infection of a communications network by a software worm |
US7428300B1 (en) | 2002-12-09 | 2008-09-23 | Verizon Laboratories Inc. | Diagnosing fault patterns in telecommunication networks |
US20040128355A1 (en) | 2002-12-25 | 2004-07-01 | Kuo-Jen Chao | Community-based message classification and self-amending system for a messaging system |
US20040199569A1 (en) | 2003-02-18 | 2004-10-07 | Mohan Kalkunte | Method and system for handling traffic for server systems |
US7546638B2 (en) | 2003-03-18 | 2009-06-09 | Symantec Corporation | Automated identification and clean-up of malicious computer code |
US6898632B2 (en) | 2003-03-31 | 2005-05-24 | Finisar Corporation | Network security tap for use with intrusion detection system |
US7949785B2 (en) | 2003-03-31 | 2011-05-24 | Inpro Network Facility, Llc | Secure virtual community network system |
US7607010B2 (en) | 2003-04-12 | 2009-10-20 | Deep Nines, Inc. | System and method for network edge data protection |
US8640234B2 (en) | 2003-05-07 | 2014-01-28 | Trustwave Holdings, Inc. | Method and apparatus for predictive and actual intrusion detection on a network |
US7464404B2 (en) | 2003-05-20 | 2008-12-09 | International Business Machines Corporation | Method of responding to a truncated secure session attack |
US7308716B2 (en) | 2003-05-20 | 2007-12-11 | International Business Machines Corporation | Applying blocking measures progressively to malicious network traffic |
US7543051B2 (en) | 2003-05-30 | 2009-06-02 | Borland Software Corporation | Method of non-intrusive analysis of secure and non-secure web application traffic in real-time |
US7231667B2 (en) | 2003-05-29 | 2007-06-12 | Computer Associates Think, Inc. | System and method for computer virus detection utilizing heuristic analysis |
EP1636918B1 (en) | 2003-06-18 | 2016-12-28 | Intellisync Corporation | System and method for providing notification on remote devices |
US20050108562A1 (en) | 2003-06-18 | 2005-05-19 | Khazan Roger I. | Technique for detecting executable malicious code using a combination of static and dynamic analyses |
US8627457B2 (en) | 2003-06-30 | 2014-01-07 | Verizon Business Global Llc | Integrated security system |
US7392543B2 (en) | 2003-06-30 | 2008-06-24 | Symantec Corporation | Signature extraction system and method |
US20070256132A2 (en) | 2003-07-01 | 2007-11-01 | Securityprofiling, Inc. | Vulnerability and remediation database |
US7392542B2 (en) | 2003-08-29 | 2008-06-24 | Seagate Technology Llc | Restoration of data corrupted by viruses using pre-infected copy of data |
US7287278B2 (en) | 2003-08-29 | 2007-10-23 | Trend Micro, Inc. | Innoculation of computing devices against a selected computer virus |
KR100432675B1 (ko) | 2003-09-19 | 2004-05-27 | 주식회사 아이앤아이맥스 | 네트워크상의 장비들 간의 통신제어방법 및 이를 위한 장치 |
US7644441B2 (en) | 2003-09-26 | 2010-01-05 | Cigital, Inc. | Methods for identifying malicious software |
US7496961B2 (en) | 2003-10-15 | 2009-02-24 | Intel Corporation | Methods and apparatus to provide network traffic support and physical security support |
WO2005043360A1 (en) | 2003-10-21 | 2005-05-12 | Green Border Technologies | Systems and methods for secure client applications |
US7584455B2 (en) | 2003-10-23 | 2009-09-01 | Microsoft Corporation | Predicate-based test coverage and generation |
US7421689B2 (en) | 2003-10-28 | 2008-09-02 | Hewlett-Packard Development Company, L.P. | Processor-architecture for facilitating a virtual machine monitor |
JP4051020B2 (ja) | 2003-10-28 | 2008-02-20 | 富士通株式会社 | ワーム判定プログラム、ワーム判定プログラムを記憶したコンピュータ読み取り可能な記憶媒体、ワーム判定方法およびワーム判定装置 |
JP3999188B2 (ja) | 2003-10-28 | 2007-10-31 | 富士通株式会社 | 不正アクセス検知装置、不正アクセス検知方法および不正アクセス検知プログラム |
US8239687B2 (en) | 2003-11-12 | 2012-08-07 | The Trustees Of Columbia University In The City Of New York | Apparatus method and medium for tracing the origin of network transmissions using n-gram distribution of data |
US20050114710A1 (en) | 2003-11-21 | 2005-05-26 | Finisar Corporation | Host bus adapter for secure network devices |
US20050201297A1 (en) | 2003-12-12 | 2005-09-15 | Cyrus Peikari | Diagnosis of embedded, wireless mesh networks with real-time, flexible, location-specific signaling |
US7325251B1 (en) | 2003-12-16 | 2008-01-29 | Symantec Corporation | Method and system to prevent peer-to-peer (P2P) worms |
EP1712064A1 (en) | 2004-01-20 | 2006-10-18 | Intrusic, Inc | Systems and methods for monitoring data transmissions to detect a compromised network |
ATE526628T1 (de) | 2004-01-22 | 2011-10-15 | Nec Lab America Inc | System und verfahren zum modellieren, abstrahieren und analysieren von software |
US7610627B1 (en) | 2004-01-23 | 2009-10-27 | Acxiom Corporation | Secure data exchange technique |
US8220055B1 (en) | 2004-02-06 | 2012-07-10 | Symantec Corporation | Behavior blocking utilizing positive behavior system and method |
US7530104B1 (en) | 2004-02-09 | 2009-05-05 | Symantec Corporation | Threat analysis |
US20050183143A1 (en) | 2004-02-13 | 2005-08-18 | Anderholm Eric J. | Methods and systems for monitoring user, application or device activity |
US20060064721A1 (en) | 2004-03-10 | 2006-03-23 | Techfoundries, Inc. | Method and apparatus for implementing a synchronized electronic program guide application |
US8549638B2 (en) | 2004-06-14 | 2013-10-01 | Fireeye, Inc. | System and method of containing computer worms |
US8539582B1 (en) | 2004-04-01 | 2013-09-17 | Fireeye, Inc. | Malware containment and security analysis on connection |
US8881282B1 (en) | 2004-04-01 | 2014-11-04 | Fireeye, Inc. | Systems and methods for malware attack detection and identification |
US8171553B2 (en) | 2004-04-01 | 2012-05-01 | Fireeye, Inc. | Heuristic based capture with replay to virtual machine |
US9106694B2 (en) | 2004-04-01 | 2015-08-11 | Fireeye, Inc. | Electronic message analysis for malware detection |
US8528086B1 (en) | 2004-04-01 | 2013-09-03 | Fireeye, Inc. | System and method of detecting computer worms |
US8006305B2 (en) | 2004-06-14 | 2011-08-23 | Fireeye, Inc. | Computer worm defense system and method |
US8566946B1 (en) | 2006-04-20 | 2013-10-22 | Fireeye, Inc. | Malware containment on connection |
US8584239B2 (en) | 2004-04-01 | 2013-11-12 | Fireeye, Inc. | Virtual machine with dynamic data flow analysis |
US8204984B1 (en) | 2004-04-01 | 2012-06-19 | Fireeye, Inc. | Systems and methods for detecting encrypted bot command and control communication channels |
US8561177B1 (en) | 2004-04-01 | 2013-10-15 | Fireeye, Inc. | Systems and methods for detecting communication channels of bots |
US8793787B2 (en) | 2004-04-01 | 2014-07-29 | Fireeye, Inc. | Detecting malicious network content using virtual environment components |
US9027135B1 (en) | 2004-04-01 | 2015-05-05 | Fireeye, Inc. | Prospective client identification using malware attack detection |
US7587537B1 (en) | 2007-11-30 | 2009-09-08 | Altera Corporation | Serializer-deserializer circuits formed from input-output circuit registers |
US8375444B2 (en) | 2006-04-20 | 2013-02-12 | Fireeye, Inc. | Dynamic signature creation and enforcement |
US8898788B1 (en) | 2004-04-01 | 2014-11-25 | Fireeye, Inc. | Systems and methods for malware attack prevention |
US7966658B2 (en) | 2004-04-08 | 2011-06-21 | The Regents Of The University Of California | Detecting public network attacks using signatures and fast content analysis |
US7533415B2 (en) | 2004-04-21 | 2009-05-12 | Trend Micro Incorporated | Method and apparatus for controlling traffic in a computer network |
US20050240781A1 (en) | 2004-04-22 | 2005-10-27 | Gassoway Paul A | Prioritizing intrusion detection logs |
US7779463B2 (en) | 2004-05-11 | 2010-08-17 | The Trustees Of Columbia University In The City Of New York | Systems and methods for correlating and distributing intrusion alert information among collaborating computer systems |
WO2005114955A1 (en) | 2004-05-21 | 2005-12-01 | Computer Associates Think, Inc. | Systems and methods of computer security |
US7441272B2 (en) | 2004-06-09 | 2008-10-21 | Intel Corporation | Techniques for self-isolation of networked devices |
US20050278178A1 (en) | 2004-06-10 | 2005-12-15 | International Business Machines Corporation | System and method for intrusion decision-making in autonomic computing environments |
US7908653B2 (en) | 2004-06-29 | 2011-03-15 | Intel Corporation | Method of improving computer security through sandboxing |
US20060010495A1 (en) | 2004-07-06 | 2006-01-12 | Oded Cohen | Method for protecting a computer from suspicious objects |
US7444521B2 (en) | 2004-07-16 | 2008-10-28 | Red Hat, Inc. | System and method for detecting computer virus |
US20060015715A1 (en) | 2004-07-16 | 2006-01-19 | Eric Anderson | Automatically protecting network service from network attack |
WO2006009081A1 (ja) | 2004-07-16 | 2006-01-26 | Matsushita Electric Industrial Co., Ltd. | アプリケーション実行装置及びアプリケーション実行装置のアプリケーション実行方法 |
US7603715B2 (en) | 2004-07-21 | 2009-10-13 | Microsoft Corporation | Containment of worms |
US20060031476A1 (en) | 2004-08-05 | 2006-02-09 | Mathes Marvin L | Apparatus and method for remotely monitoring a computer network |
US7949849B2 (en) | 2004-08-24 | 2011-05-24 | Mcafee, Inc. | File system for a capture system |
US8214901B2 (en) | 2004-09-17 | 2012-07-03 | Sri International | Method and apparatus for combating malicious code |
US7434261B2 (en) | 2004-09-27 | 2008-10-07 | Microsoft Corporation | System and method of identifying the source of an attack on a computer network |
US7987293B2 (en) | 2004-10-04 | 2011-07-26 | Netmask (El-Mar) Internet Technologies Ltd. | Dynamic content conversion |
US20060101516A1 (en) | 2004-10-12 | 2006-05-11 | Sushanthan Sudaharan | Honeynet farms as an early warning system for production networks |
US7478428B1 (en) | 2004-10-12 | 2009-01-13 | Microsoft Corporation | Adapting input to find integer overflows |
US7849506B1 (en) | 2004-10-12 | 2010-12-07 | Avaya Inc. | Switching device, method, and computer program for efficient intrusion detection |
US20060101517A1 (en) | 2004-10-28 | 2006-05-11 | Banzhof Carl E | Inventory management-based computer vulnerability resolution system |
US7610375B2 (en) | 2004-10-28 | 2009-10-27 | Cisco Technology, Inc. | Intrusion detection in a data center environment |
US20090328185A1 (en) | 2004-11-04 | 2009-12-31 | Eric Van Den Berg | Detecting exploit code in network flows |
US20060101277A1 (en) | 2004-11-10 | 2006-05-11 | Meenan Patrick A | Detecting and remedying unauthorized computer programs |
US7540025B2 (en) | 2004-11-18 | 2009-05-26 | Cisco Technology, Inc. | Mitigating network attacks using automatic signature generation |
US7784097B1 (en) | 2004-11-24 | 2010-08-24 | The Trustees Of Columbia University In The City Of New York | Systems and methods for correlating and distributing intrusion alert information among collaborating computer systems |
US20060117385A1 (en) | 2004-11-30 | 2006-06-01 | Mester Michael L | Monitoring propagation protection within a network |
US7987272B2 (en) | 2004-12-06 | 2011-07-26 | Cisco Technology, Inc. | Performing message payload processing functions in a network element on behalf of an application |
US7941856B2 (en) | 2004-12-06 | 2011-05-10 | Wisconsin Alumni Research Foundation | Systems and methods for testing and evaluating an intrusion detection system |
US20060161989A1 (en) | 2004-12-13 | 2006-07-20 | Eran Reshef | System and method for deterring rogue users from attacking protected legitimate users |
US7937761B1 (en) | 2004-12-17 | 2011-05-03 | Symantec Corporation | Differential threat detection processing |
US20060143709A1 (en) | 2004-12-27 | 2006-06-29 | Raytheon Company | Network intrusion prevention |
US7725938B2 (en) | 2005-01-20 | 2010-05-25 | Cisco Technology, Inc. | Inline intrusion detection |
US20060164199A1 (en) | 2005-01-26 | 2006-07-27 | Lockdown Networks, Inc. | Network appliance for securely quarantining a node on a network |
US7676841B2 (en) | 2005-02-01 | 2010-03-09 | Fmr Llc | Network intrusion mitigation |
US7668962B2 (en) | 2005-02-07 | 2010-02-23 | Symantec Operating Corporation | System and method for connection failover using redirection |
US7904518B2 (en) | 2005-02-15 | 2011-03-08 | Gytheion Networks Llc | Apparatus and method for analyzing and filtering email and for providing web related services |
US7784099B2 (en) | 2005-02-18 | 2010-08-24 | Pace University | System for intrusion detection and vulnerability assessment in a computer network using simulation and machine learning |
US7836504B2 (en) | 2005-03-01 | 2010-11-16 | Microsoft Corporation | On-access scan of memory for malware |
JP2006270193A (ja) | 2005-03-22 | 2006-10-05 | Fuji Xerox Co Ltd | 画像形成システムおよび方法および画像読取装置 |
US7650639B2 (en) | 2005-03-31 | 2010-01-19 | Microsoft Corporation | System and method for protecting a limited resource computer from malware |
US20060221956A1 (en) | 2005-03-31 | 2006-10-05 | Narayan Harsha L | Methods for performing packet classification via prefix pair bit vectors |
JP4630706B2 (ja) | 2005-03-31 | 2011-02-09 | 富士通株式会社 | サービス装置、サービス装置によるクライアント装置の接続先切替制御方法およびプログラム |
US7568233B1 (en) | 2005-04-01 | 2009-07-28 | Symantec Corporation | Detecting malicious software through process dump scanning |
WO2006107712A2 (en) | 2005-04-04 | 2006-10-12 | Bae Systems Information And Electronic Systems Integration Inc. | Method and apparatus for defending against zero-day worm-based attacks |
MX2007013025A (es) | 2005-04-18 | 2008-01-11 | Univ Columbia | Sistemas y metodos para detectar e inhibir ataques mediante el uso de colmenas. |
US7603712B2 (en) | 2005-04-21 | 2009-10-13 | Microsoft Corporation | Protecting a computer that provides a Web service from malware |
US8069250B2 (en) | 2005-04-28 | 2011-11-29 | Vmware, Inc. | One-way proxy system |
US7493602B2 (en) | 2005-05-02 | 2009-02-17 | International Business Machines Corporation | Methods and arrangements for unified program analysis |
US7480773B1 (en) | 2005-05-02 | 2009-01-20 | Sprint Communications Company L.P. | Virtual machine use and optimization of hardware configurations |
CA2606998C (en) | 2005-05-05 | 2014-09-09 | Ironport Systems, Inc. | Detecting unwanted electronic mail messages based on probabilistic analysis of referenced resources |
US7930738B1 (en) | 2005-06-02 | 2011-04-19 | Adobe Systems Incorporated | Method and apparatus for secure execution of code |
ATE459184T1 (de) | 2005-06-06 | 2010-03-15 | Ibm | System und verfahren zur erkennung von eindringungen in ein computernetzwerk |
US7490355B2 (en) | 2005-06-16 | 2009-02-10 | Chung Shan Institute Of Science And Technology | Method of detecting network worms |
US20060288417A1 (en) | 2005-06-21 | 2006-12-21 | Sbc Knowledge Ventures Lp | Method and apparatus for mitigating the effects of malicious software in a communication network |
US7877803B2 (en) | 2005-06-27 | 2011-01-25 | Hewlett-Packard Development Company, L.P. | Automated immune response for a computer |
US7636938B2 (en) | 2005-06-30 | 2009-12-22 | Microsoft Corporation | Controlling network access |
US20070016951A1 (en) | 2005-07-13 | 2007-01-18 | Piccard Paul L | Systems and methods for identifying sources of malware |
JP2007025422A (ja) | 2005-07-20 | 2007-02-01 | Alps Electric Co Ltd | 波長分岐フィルタ及び光通信モジュール |
US7984493B2 (en) | 2005-07-22 | 2011-07-19 | Alcatel-Lucent | DNS based enforcement for confinement and detection of network malicious activities |
US7818800B1 (en) | 2005-08-05 | 2010-10-19 | Symantec Corporation | Method, system, and computer program product for blocking malicious program behaviors |
US7797387B2 (en) | 2005-08-15 | 2010-09-14 | Cisco Technology, Inc. | Interactive text communication system |
US8468604B2 (en) | 2005-08-16 | 2013-06-18 | Emc Corporation | Method and system for detecting malware |
EP1934742A4 (en) | 2005-08-25 | 2009-08-19 | Fortify Software Inc | DEVICE AND METHOD FOR ANALYZING AND COMPLEMENTING A PROGRAM FOR PROVIDING SAFETY |
US8117045B2 (en) | 2005-09-12 | 2012-02-14 | Mymedicalrecords.Com, Inc. | Method and system for providing online medical records |
US7739740B1 (en) | 2005-09-22 | 2010-06-15 | Symantec Corporation | Detecting polymorphic threats |
US7725737B2 (en) | 2005-10-14 | 2010-05-25 | Check Point Software Technologies, Inc. | System and methodology providing secure workspace environment |
US7730011B1 (en) | 2005-10-19 | 2010-06-01 | Mcafee, Inc. | Attributes of captured objects in a capture system |
CN100428157C (zh) | 2005-10-19 | 2008-10-22 | 联想(北京)有限公司 | 一种可进行完整性检测的计算机系统和方法 |
US7971256B2 (en) | 2005-10-20 | 2011-06-28 | Cisco Technology, Inc. | Mechanism to correlate the presence of worms in a network |
US9055093B2 (en) | 2005-10-21 | 2015-06-09 | Kevin R. Borders | Method, system and computer program product for detecting at least one of security threats and undesirable computer files |
WO2007050244A2 (en) | 2005-10-27 | 2007-05-03 | Georgia Tech Research Corporation | Method and system for detecting and responding to attacking networks |
KR100735411B1 (ko) | 2005-12-07 | 2007-07-04 | 삼성전기주식회사 | 배선기판의 제조방법 및 배선기판 |
US7698548B2 (en) | 2005-12-08 | 2010-04-13 | Microsoft Corporation | Communications traffic segregation for security purposes |
US7577424B2 (en) | 2005-12-19 | 2009-08-18 | Airdefense, Inc. | Systems and methods for wireless vulnerability analysis |
US20070143827A1 (en) | 2005-12-21 | 2007-06-21 | Fiberlink | Methods and systems for intelligently controlling access to computing resources |
US20080018122A1 (en) | 2005-12-28 | 2008-01-24 | Robert Zierler | Rifle Sling and Method of Use Thereof |
US7849143B2 (en) | 2005-12-29 | 2010-12-07 | Research In Motion Limited | System and method of dynamic management of spam |
US8255996B2 (en) | 2005-12-30 | 2012-08-28 | Extreme Networks, Inc. | Network threat detection and mitigation |
US20090271867A1 (en) | 2005-12-30 | 2009-10-29 | Peng Zhang | Virtual machine to detect malicious code |
US8533680B2 (en) | 2005-12-30 | 2013-09-10 | Microsoft Corporation | Approximating finite domains in symbolic state exploration |
US8209667B2 (en) | 2006-01-11 | 2012-06-26 | International Business Machines Corporation | Software verification using hybrid explicit and symbolic model checking |
US7450005B2 (en) | 2006-01-18 | 2008-11-11 | International Business Machines Corporation | System and method of dynamically weighted analysis for intrusion decision-making |
US8196205B2 (en) | 2006-01-23 | 2012-06-05 | University Of Washington Through Its Center For Commercialization | Detection of spyware threats within virtual machine |
US8018845B2 (en) | 2006-01-25 | 2011-09-13 | Cisco Technology, Inc | Sampling rate-limited traffic |
US20070192500A1 (en) | 2006-02-16 | 2007-08-16 | Infoexpress, Inc. | Network access control including dynamic policy enforcement point |
US20070192858A1 (en) | 2006-02-16 | 2007-08-16 | Infoexpress, Inc. | Peer based network access control |
US8176480B1 (en) | 2006-02-27 | 2012-05-08 | Symantec Operating Corporation | Adaptive instrumentation through dynamic recompilation |
US8448242B2 (en) | 2006-02-28 | 2013-05-21 | The Trustees Of Columbia University In The City Of New York | Systems, methods, and media for outputting data based upon anomaly detection |
US7774459B2 (en) | 2006-03-01 | 2010-08-10 | Microsoft Corporation | Honey monkey network exploration |
JP4897520B2 (ja) | 2006-03-20 | 2012-03-14 | 株式会社リコー | 情報配信システム |
WO2007110093A1 (en) | 2006-03-27 | 2007-10-04 | Telecom Italia S.P.A. | A method and system for identifying malicious messages in mobile communication networks, related network and computer program product therefor |
US9171157B2 (en) | 2006-03-28 | 2015-10-27 | Blue Coat Systems, Inc. | Method and system for tracking access to application data and preventing data exploitation by malicious programs |
US7757112B2 (en) | 2006-03-29 | 2010-07-13 | Lenovo (Singapore) Pte. Ltd. | System and method for booting alternate MBR in event of virus attack |
US8479174B2 (en) | 2006-04-05 | 2013-07-02 | Prevx Limited | Method, computer program and computer for analyzing an executable computer file |
WO2007117574A2 (en) | 2006-04-06 | 2007-10-18 | Smobile Systems Inc. | Non-signature malware detection system and method for mobile platforms |
US8510827B1 (en) | 2006-05-18 | 2013-08-13 | Vmware, Inc. | Taint tracking mechanism for computer security |
US8365286B2 (en) | 2006-06-30 | 2013-01-29 | Sophos Plc | Method and system for classification of software using characteristics and combinations of such characteristics |
US8261344B2 (en) | 2006-06-30 | 2012-09-04 | Sophos Plc | Method and system for classification of software using characteristics and combinations of such characteristics |
US8020206B2 (en) | 2006-07-10 | 2011-09-13 | Websense, Inc. | System and method of analyzing web content |
DE202006011850U1 (de) | 2006-08-02 | 2006-10-05 | Harting Electric Gmbh & Co. Kg | Kontaktelement für geschirmte Steckverbinder |
US8291198B2 (en) | 2006-09-11 | 2012-10-16 | Samsung Electronics Co., Ltd. | Apparatus and method for regulating bursty data in a signal processing pipeline |
US7870612B2 (en) | 2006-09-11 | 2011-01-11 | Fujian Eastern Micropoint Info-Tech Co., Ltd | Antivirus protection system and method for computers |
US8789172B2 (en) | 2006-09-18 | 2014-07-22 | The Trustees Of Columbia University In The City Of New York | Methods, media, and systems for detecting attack on a digital processing device |
US20080077793A1 (en) | 2006-09-21 | 2008-03-27 | Sensory Networks, Inc. | Apparatus and method for high throughput network security systems |
US8533819B2 (en) | 2006-09-29 | 2013-09-10 | At&T Intellectual Property Ii, L.P. | Method and apparatus for detecting compromised host computers |
SG176471A1 (en) | 2006-10-04 | 2011-12-29 | Trek 2000 Int Ltd | Method, apparatus and system for authentication of external storage devices |
DE102006047979B4 (de) | 2006-10-10 | 2009-07-16 | OCé PRINTING SYSTEMS GMBH | Datenverarbeitungssystem, Verfahren und Computerprogrammprodukt zum Ausführen einer Testroutine in Verbindung mit einem Betriebssystem |
US7832008B1 (en) | 2006-10-11 | 2010-11-09 | Cisco Technology, Inc. | Protection of computer resources |
US8949826B2 (en) | 2006-10-17 | 2015-02-03 | Managelq, Inc. | Control and management of virtual systems |
US8234640B1 (en) | 2006-10-17 | 2012-07-31 | Manageiq, Inc. | Compliance-based adaptations in managed virtual systems |
US8042184B1 (en) | 2006-10-18 | 2011-10-18 | Kaspersky Lab, Zao | Rapid analysis of data stream for malware presence |
US20080141376A1 (en) | 2006-10-24 | 2008-06-12 | Pc Tools Technology Pty Ltd. | Determining maliciousness of software |
US8656495B2 (en) | 2006-11-17 | 2014-02-18 | Hewlett-Packard Development Company, L.P. | Web application assessment based on intelligent generation of attack strings |
KR100922579B1 (ko) | 2006-11-30 | 2009-10-21 | 한국전자통신연구원 | 네트워크 공격 탐지 장치 및 방법 |
GB2444514A (en) | 2006-12-04 | 2008-06-11 | Glasswall | Electronic file re-generation |
KR101206542B1 (ko) | 2006-12-18 | 2012-11-30 | 주식회사 엘지씨엔에스 | 하드웨어 기반의 동적공격 탐지 및 차단을 지원하는네트워크 보안 장치 및 방법 |
WO2008079990A2 (en) | 2006-12-20 | 2008-07-03 | The Penn State Research Foundation | Proactive worm containment (pwc) for enterprise networks |
EP1936532B1 (en) | 2006-12-21 | 2009-07-29 | Telefonaktiebolaget LM Ericsson (publ) | Obfuscating computer program code |
CN101573653B (zh) | 2006-12-26 | 2011-03-16 | 夏普株式会社 | 背光装置、显示装置和电视接收机 |
US7996836B1 (en) | 2006-12-29 | 2011-08-09 | Symantec Corporation | Using a hypervisor to provide computer security |
US8380987B2 (en) | 2007-01-25 | 2013-02-19 | Microsoft Corporation | Protection agents and privilege modes |
US8069484B2 (en) | 2007-01-25 | 2011-11-29 | Mandiant Corporation | System and method for determining data entropy to identify malware |
US8391288B2 (en) | 2007-01-31 | 2013-03-05 | Hewlett-Packard Development Company, L.P. | Security system for protecting networks from vulnerability exploits |
US7908660B2 (en) | 2007-02-06 | 2011-03-15 | Microsoft Corporation | Dynamic risk management |
US20080201778A1 (en) | 2007-02-21 | 2008-08-21 | Matsushita Electric Industrial Co., Ltd. | Intrusion detection using system call monitors on a bayesian network |
US9021590B2 (en) | 2007-02-28 | 2015-04-28 | Microsoft Technology Licensing, Llc | Spyware detection mechanism |
US20080222729A1 (en) | 2007-03-05 | 2008-09-11 | Songqing Chen | Containment of Unknown and Polymorphic Fast Spreading Worms |
US8392997B2 (en) | 2007-03-12 | 2013-03-05 | University Of Southern California | Value-adaptive security threat modeling and vulnerability ranking |
US20080320594A1 (en) | 2007-03-19 | 2008-12-25 | Xuxian Jiang | Malware Detector |
US8955122B2 (en) | 2007-04-04 | 2015-02-10 | Sri International | Method and apparatus for detecting malware infection |
US9083712B2 (en) | 2007-04-04 | 2015-07-14 | Sri International | Method and apparatus for generating highly predictive blacklists |
US7904961B2 (en) | 2007-04-20 | 2011-03-08 | Juniper Networks, Inc. | Network attack detection using partial deterministic finite automaton pattern matching |
US20080295172A1 (en) | 2007-05-22 | 2008-11-27 | Khushboo Bohacek | Method, system and computer-readable media for reducing undesired intrusion alarms in electronic communications systems and networks |
IL183390A0 (en) | 2007-05-24 | 2007-09-20 | Deutsche Telekom Ag | Distributed system for the detection |
US8321936B1 (en) | 2007-05-30 | 2012-11-27 | M86 Security, Inc. | System and method for malicious software detection in multiple protocols |
GB2449852A (en) | 2007-06-04 | 2008-12-10 | Agilent Technologies Inc | Monitoring network attacks using pattern matching |
US7853689B2 (en) | 2007-06-15 | 2010-12-14 | Broadcom Corporation | Multi-stage deep packet inspection for lightweight devices |
US20090007100A1 (en) | 2007-06-28 | 2009-01-01 | Microsoft Corporation | Suspending a Running Operating System to Enable Security Scanning |
US8584094B2 (en) | 2007-06-29 | 2013-11-12 | Microsoft Corporation | Dynamically computing reputation scores for objects |
US8135007B2 (en) | 2007-06-29 | 2012-03-13 | Extreme Networks, Inc. | Method and mechanism for port redirects in a network switch |
US7836502B1 (en) | 2007-07-03 | 2010-11-16 | Trend Micro Inc. | Scheduled gateway scanning arrangement and methods thereof |
US20090013408A1 (en) | 2007-07-06 | 2009-01-08 | Messagelabs Limited | Detection of exploits in files |
US20090013405A1 (en) | 2007-07-06 | 2009-01-08 | Messagelabs Limited | Heuristic detection of malicious code |
US8060074B2 (en) | 2007-07-30 | 2011-11-15 | Mobile Iron, Inc. | Virtual instance architecture for mobile device management systems |
US8448161B2 (en) | 2007-07-30 | 2013-05-21 | Adobe Systems Incorporated | Application tracking for application execution environment |
US8621610B2 (en) | 2007-08-06 | 2013-12-31 | The Regents Of The University Of Michigan | Network service for the detection, analysis and quarantine of malicious and unwanted files |
US8763115B2 (en) | 2007-08-08 | 2014-06-24 | Vmware, Inc. | Impeding progress of malicious guest software |
US8695097B1 (en) | 2007-08-28 | 2014-04-08 | Wells Fargo Bank, N.A. | System and method for detection and prevention of computer fraud |
US8601451B2 (en) | 2007-08-29 | 2013-12-03 | Mcafee, Inc. | System, method, and computer program product for determining whether code is unwanted based on the decompilation thereof |
KR101377014B1 (ko) | 2007-09-04 | 2014-03-26 | 삼성전자주식회사 | 면역 데이터베이스 기반의 악성코드 진단 방법 및 시스템 |
US8689330B2 (en) | 2007-09-05 | 2014-04-01 | Yahoo! Inc. | Instant messaging malware protection |
US9387402B2 (en) * | 2007-09-18 | 2016-07-12 | Disney Enterprises, Inc. | Method and system for converting a computer virtual environment into a real-life simulation environment |
US8307443B2 (en) | 2007-09-28 | 2012-11-06 | Microsoft Corporation | Securing anti-virus software with virtualization |
US7614084B2 (en) | 2007-10-02 | 2009-11-03 | Kaspersky Lab Zao | System and method for detecting multi-component malware |
US8019700B2 (en) | 2007-10-05 | 2011-09-13 | Google Inc. | Detecting an intrusive landing page |
US8555081B2 (en) | 2007-10-30 | 2013-10-08 | Vmware, Inc. | Cryptographic multi-shadowing with integrity verification |
US8045458B2 (en) | 2007-11-08 | 2011-10-25 | Mcafee, Inc. | Prioritizing network traffic |
US8302080B2 (en) | 2007-11-08 | 2012-10-30 | Ntt Docomo, Inc. | Automated test input generation for web applications |
KR100942795B1 (ko) | 2007-11-21 | 2010-02-18 | 한국전자통신연구원 | 악성프로그램 탐지장치 및 그 방법 |
US7797748B2 (en) | 2007-12-12 | 2010-09-14 | Vmware, Inc. | On-access anti-virus mechanism for virtual machine architecture |
US7996904B1 (en) | 2007-12-19 | 2011-08-09 | Symantec Corporation | Automated unpacking of executables packed by multiple layers of arbitrary packers |
US8510828B1 (en) | 2007-12-31 | 2013-08-13 | Symantec Corporation | Enforcing the execution exception to prevent packers from evading the scanning of dynamically created code |
US8225288B2 (en) | 2008-01-29 | 2012-07-17 | Intuit Inc. | Model-based testing using branches, decisions, and options |
US8566476B2 (en) | 2008-02-01 | 2013-10-22 | Mandiant Corporation | Method and system for analyzing data related to an event |
US9106630B2 (en) | 2008-02-01 | 2015-08-11 | Mandiant, Llc | Method and system for collaboration during an event |
US7937387B2 (en) | 2008-02-01 | 2011-05-03 | Mandiant | System and method for data preservation and retrieval |
US8949257B2 (en) | 2008-02-01 | 2015-02-03 | Mandiant, Llc | Method and system for collecting and organizing data corresponding to an event |
US20100031353A1 (en) | 2008-02-04 | 2010-02-04 | Microsoft Corporation | Malware Detection Using Code Analysis and Behavior Monitoring |
US8595834B2 (en) | 2008-02-04 | 2013-11-26 | Samsung Electronics Co., Ltd | Detecting unauthorized use of computing devices based on behavioral patterns |
US9256898B2 (en) * | 2008-02-11 | 2016-02-09 | International Business Machines Corporation | Managing shared inventory in a virtual universe |
US8201246B1 (en) | 2008-02-25 | 2012-06-12 | Trend Micro Incorporated | Preventing malicious codes from performing malicious actions in a computer system |
US8805947B1 (en) | 2008-02-27 | 2014-08-12 | Parallels IP Holdings GmbH | Method and system for remote device access in virtual environment |
US20090228233A1 (en) | 2008-03-06 | 2009-09-10 | Anderson Gary F | Rank-based evaluation |
US8407784B2 (en) | 2008-03-19 | 2013-03-26 | Websense, Inc. | Method and system for protection against information stealing software |
US9264441B2 (en) | 2008-03-24 | 2016-02-16 | Hewlett Packard Enterprise Development Lp | System and method for securing a network from zero-day vulnerability exploits |
US8239944B1 (en) | 2008-03-28 | 2012-08-07 | Symantec Corporation | Reducing malware signature set size through server-side processing |
US8782615B2 (en) * | 2008-04-14 | 2014-07-15 | Mcafee, Inc. | System, method, and computer program product for simulating at least one of a virtual environment and a debugging environment to prevent unwanted code from executing |
US8549486B2 (en) | 2008-04-21 | 2013-10-01 | Microsoft Corporation | Active property checking |
US8316445B2 (en) | 2008-04-23 | 2012-11-20 | Trusted Knight Corporation | System and method for protecting against malware utilizing key loggers |
US9123027B2 (en) | 2010-10-19 | 2015-09-01 | QinetiQ North America, Inc. | Social engineering protection appliance |
US8844033B2 (en) | 2008-05-27 | 2014-09-23 | The Trustees Of Columbia University In The City Of New York | Systems, methods, and media for detecting network anomalies using a trained probabilistic model |
US8732825B2 (en) | 2008-05-28 | 2014-05-20 | Symantec Corporation | Intelligent hashes for centralized malware detection |
US8516478B1 (en) | 2008-06-12 | 2013-08-20 | Mcafee, Inc. | Subsequent processing of scanning task utilizing subset of virtual machines predetermined to have scanner process and adjusting amount of subsequest VMs processing based on load |
US8234709B2 (en) | 2008-06-20 | 2012-07-31 | Symantec Operating Corporation | Streaming malware definition updates |
US8850570B1 (en) | 2008-06-30 | 2014-09-30 | Symantec Corporation | Filter-based identification of malicious websites |
US8381298B2 (en) | 2008-06-30 | 2013-02-19 | Microsoft Corporation | Malware detention for suspected malware |
US8087086B1 (en) | 2008-06-30 | 2011-12-27 | Symantec Corporation | Method for mitigating false positive generation in antivirus software |
US7996475B2 (en) | 2008-07-03 | 2011-08-09 | Barracuda Networks Inc | Facilitating transmission of email by checking email parameters with a database of well behaved senders |
US8881271B2 (en) | 2008-08-01 | 2014-11-04 | Mandiant, Llc | System and method for forensic identification of elements within a computer system |
US10027688B2 (en) | 2008-08-11 | 2018-07-17 | Damballa, Inc. | Method and system for detecting malicious and/or botnet-related domain names |
JP5446167B2 (ja) | 2008-08-13 | 2014-03-19 | 富士通株式会社 | ウイルス対策方法、コンピュータ、及びプログラム |
US20100058474A1 (en) | 2008-08-29 | 2010-03-04 | Avg Technologies Cz, S.R.O. | System and method for the detection of malware |
JP4521456B2 (ja) | 2008-09-05 | 2010-08-11 | 株式会社東芝 | 情報処理システムおよび情報処理システムの制御方法 |
US8667583B2 (en) | 2008-09-22 | 2014-03-04 | Microsoft Corporation | Collecting and analyzing malware data |
US8931086B2 (en) | 2008-09-26 | 2015-01-06 | Symantec Corporation | Method and apparatus for reducing false positive detection of malware |
US8028338B1 (en) | 2008-09-30 | 2011-09-27 | Symantec Corporation | Modeling goodware characteristics to reduce false positive malware signatures |
US8171201B1 (en) | 2008-10-07 | 2012-05-01 | Vizioncore, Inc. | Systems and methods for improving virtual machine performance |
US20110173460A1 (en) | 2008-10-10 | 2011-07-14 | Takayuki Ito | Information processing device, method, program, and integrated circuit |
US8347386B2 (en) | 2008-10-21 | 2013-01-01 | Lookout, Inc. | System and method for server-coupled malware prevention |
US8984628B2 (en) | 2008-10-21 | 2015-03-17 | Lookout, Inc. | System and method for adverse mobile application identification |
US9367680B2 (en) | 2008-10-21 | 2016-06-14 | Lookout, Inc. | System and method for mobile communication device application advisement |
US8850571B2 (en) | 2008-11-03 | 2014-09-30 | Fireeye, Inc. | Systems and methods for detecting malicious network content |
US8997219B2 (en) | 2008-11-03 | 2015-03-31 | Fireeye, Inc. | Systems and methods for detecting malicious PDF network content |
US8484727B2 (en) | 2008-11-26 | 2013-07-09 | Kaspersky Lab Zao | System and method for computer malware detection |
US8161556B2 (en) | 2008-12-17 | 2012-04-17 | Symantec Corporation | Context-aware real-time computer-protection systems and methods |
US8635694B2 (en) | 2009-01-10 | 2014-01-21 | Kaspersky Lab Zao | Systems and methods for malware classification |
JP5324934B2 (ja) | 2009-01-16 | 2013-10-23 | 株式会社ソニー・コンピュータエンタテインメント | 情報処理装置および情報処理方法 |
EP2211277A1 (en) | 2009-01-19 | 2010-07-28 | BRITISH TELECOMMUNICATIONS public limited company | Method and apparatus for generating an integrated view of multiple databases |
EP2222048A1 (en) | 2009-02-24 | 2010-08-25 | BRITISH TELECOMMUNICATIONS public limited company | Detecting malicious behaviour on a computer network |
US8233620B2 (en) | 2009-02-27 | 2012-07-31 | Inside Secure | Key recovery mechanism for cryptographic systems |
US8370835B2 (en) | 2009-03-12 | 2013-02-05 | Arend Erich Dittmer | Method for dynamically generating a configuration for a virtual machine with a virtual hard disk in an external storage device |
CA2789243A1 (en) | 2009-03-13 | 2010-09-16 | Rutgers, The State University Of New Jersey | Systems and methods for the detection of malware |
CA2755286C (en) | 2009-03-13 | 2017-08-29 | Donald G. Peterson | Systems and methods for document management transformation and security |
US20100251104A1 (en) | 2009-03-27 | 2010-09-30 | Litera Technology Llc. | System and method for reflowing content in a structured portable document format (pdf) file |
US8935773B2 (en) | 2009-04-09 | 2015-01-13 | George Mason Research Foundation, Inc. | Malware detector |
US8555391B1 (en) | 2009-04-25 | 2013-10-08 | Dasient, Inc. | Adaptive scanning |
US8516590B1 (en) | 2009-04-25 | 2013-08-20 | Dasient, Inc. | Malicious advertisement detection and remediation |
US8370938B1 (en) | 2009-04-25 | 2013-02-05 | Dasient, Inc. | Mitigating malware |
US8090797B2 (en) | 2009-05-02 | 2012-01-03 | Citrix Systems, Inc. | Methods and systems for launching applications into existing isolation environments |
US8954725B2 (en) | 2009-05-08 | 2015-02-10 | Microsoft Technology Licensing, Llc | Sanitization of packets |
US8370945B2 (en) | 2009-05-20 | 2013-02-05 | International Business Machines Corporation | Identifying security breaches caused by web-enabled software applications |
US20120066698A1 (en) | 2009-05-20 | 2012-03-15 | Nec Corporation | Dynamic data flow tracking method, dynamic data flow tracking program, and dynamic data flow tracking apparatus |
US20100306825A1 (en) * | 2009-05-27 | 2010-12-02 | Lucid Ventures, Inc. | System and method for facilitating user interaction with a simulated object associated with a physical location |
US8527466B2 (en) | 2009-05-31 | 2013-09-03 | Red Hat Israel, Ltd. | Handling temporary files of a virtual machine |
US8233882B2 (en) | 2009-06-26 | 2012-07-31 | Vmware, Inc. | Providing security in mobile devices via a virtualization software layer |
WO2011002818A1 (en) | 2009-06-29 | 2011-01-06 | Cyberdefender Corporation | Systems and methods for operating an anti-malware network on a cloud computing platform |
US8225061B2 (en) | 2009-07-02 | 2012-07-17 | Apple Inc. | Method and apparatus for protected content data processing |
US8266091B1 (en) | 2009-07-21 | 2012-09-11 | Symantec Corporation | Systems and methods for emulating the behavior of a user in a computer-human interaction environment |
US8522348B2 (en) | 2009-07-29 | 2013-08-27 | Northwestern University | Matching with a large vulnerability signature ruleset for high performance network defense |
US8390454B2 (en) | 2009-07-31 | 2013-03-05 | Hewlett-Packard Development Company, L.P. | USB hosted sensor module |
US8789178B2 (en) | 2009-08-03 | 2014-07-22 | Barracuda Networks, Inc. | Method for detecting malicious javascript |
US20110041179A1 (en) | 2009-08-11 | 2011-02-17 | F-Secure Oyj | Malware detection |
WO2011027352A1 (en) | 2009-09-03 | 2011-03-10 | Mcafee, Inc. | Network access control |
US9009834B1 (en) * | 2009-09-24 | 2015-04-14 | Google Inc. | System policy violation detection |
US8832829B2 (en) | 2009-09-30 | 2014-09-09 | Fireeye, Inc. | Network-based binary file extraction and analysis for malware detection |
US7743419B1 (en) | 2009-10-01 | 2010-06-22 | Kaspersky Lab, Zao | Method and system for detection and prediction of computer virus-related epidemics |
US20110145934A1 (en) | 2009-10-13 | 2011-06-16 | Miron Abramovici | Autonomous distributed programmable logic for monitoring and securing electronic systems |
US8713681B2 (en) | 2009-10-27 | 2014-04-29 | Mandiant, Llc | System and method for detecting executable machine instructions in a data stream |
US8850428B2 (en) | 2009-11-12 | 2014-09-30 | Trustware International Limited | User transparent virtualization method for protecting computer programs and data from hostile code |
US20110113230A1 (en) | 2009-11-12 | 2011-05-12 | Daniel Kaminsky | Apparatus and method for securing and isolating operational nodes in a computer network |
CA2781827C (en) | 2009-11-25 | 2016-05-24 | Lg Electronics Inc. | Method of processing epg metadata in network device and network device for controlling the same |
EP3002703B1 (en) | 2009-12-14 | 2017-08-30 | Citrix Systems Inc. | Methods and systems for communicating between trusted and non-trusted virtual machines |
US8479286B2 (en) | 2009-12-15 | 2013-07-02 | Mcafee, Inc. | Systems and methods for behavioral sandboxing |
US8893280B2 (en) | 2009-12-15 | 2014-11-18 | Intel Corporation | Sensitive data tracking using dynamic taint analysis |
US8528091B2 (en) | 2009-12-31 | 2013-09-03 | The Trustees Of Columbia University In The City Of New York | Methods, systems, and media for detecting covert malware |
US8307435B1 (en) | 2010-02-18 | 2012-11-06 | Symantec Corporation | Software object corruption detection |
US20110219449A1 (en) | 2010-03-04 | 2011-09-08 | St Neitzel Michael | Malware detection method, system and computer program product |
US8863279B2 (en) | 2010-03-08 | 2014-10-14 | Raytheon Company | System and method for malware detection |
US8468602B2 (en) | 2010-03-08 | 2013-06-18 | Raytheon Company | System and method for host-level malware detection |
US9501644B2 (en) | 2010-03-15 | 2016-11-22 | F-Secure Oyj | Malware protection |
US8938782B2 (en) | 2010-03-15 | 2015-01-20 | Symantec Corporation | Systems and methods for providing network access control in virtual environments |
US8566944B2 (en) | 2010-04-27 | 2013-10-22 | Microsoft Corporation | Malware investigation by analyzing computer memory |
US8914879B2 (en) | 2010-06-11 | 2014-12-16 | Trustwave Holdings, Inc. | System and method for improving coverage for web code |
US8260914B1 (en) | 2010-06-22 | 2012-09-04 | Narus, Inc. | Detecting DNS fast-flux anomalies |
US8627476B1 (en) | 2010-07-05 | 2014-01-07 | Symantec Corporation | Altering application behavior based on content provider reputation |
US8584234B1 (en) | 2010-07-07 | 2013-11-12 | Symantec Corporation | Secure network cache content |
RU2446459C1 (ru) | 2010-07-23 | 2012-03-27 | Закрытое акционерное общество "Лаборатория Касперского" | Система и способ проверки веб-ресурсов на наличие вредоносных компонент |
US20120023593A1 (en) | 2010-07-26 | 2012-01-26 | Puder George | System and method for filtering internet content & blocking undesired websites by secure network appliance |
US9356941B1 (en) | 2010-08-16 | 2016-05-31 | Symantec Corporation | Systems and methods for detecting suspicious web pages |
EP2609537A1 (en) | 2010-08-26 | 2013-07-03 | Verisign, Inc. | Method and system for automatic detection and analysis of malware |
US8661544B2 (en) | 2010-08-31 | 2014-02-25 | Cisco Technology, Inc. | Detecting botnets |
US8869277B2 (en) | 2010-09-30 | 2014-10-21 | Microsoft Corporation | Realtime multiple engine selection and combining |
US8479291B1 (en) | 2010-10-28 | 2013-07-02 | Symantec Corporation | Systems and methods for identifying polymorphic malware |
RU2449348C1 (ru) | 2010-11-01 | 2012-04-27 | Закрытое акционерное общество "Лаборатория Касперского" | Система и способ для антивирусной проверки на стороне сервера скачиваемых из сети данных |
US8412984B2 (en) | 2010-11-12 | 2013-04-02 | Microsoft Corporation | Debugging in a cluster processing network |
US8682054B2 (en) | 2010-11-15 | 2014-03-25 | Siemens Aktiengesellschaft | Method and system for propagation of myocardial infarction from delayed enhanced cardiac imaging to cine magnetic resonance imaging using hybrid image registration |
EP2646911B1 (en) | 2010-12-01 | 2018-04-04 | Cisco Technology, Inc. | Detecting malicious software through contextual convictions, generic signatures and machine learning techniques |
US8875286B2 (en) | 2010-12-01 | 2014-10-28 | Cisco Technology, Inc. | Method and apparatus for detecting malicious software using machine learning techniques |
US8763126B2 (en) | 2010-12-08 | 2014-06-24 | At&T Intellectual Property I, L.P. | Devices, systems, and methods for detecting proximity-based mobile propagation |
US8682812B1 (en) | 2010-12-23 | 2014-03-25 | Narus, Inc. | Machine learning based botnet detection using real-time extracted traffic features |
US8640245B2 (en) | 2010-12-24 | 2014-01-28 | Kaspersky Lab, Zao | Optimization of anti-malware processing by automated correction of detection rules |
US8479276B1 (en) | 2010-12-29 | 2013-07-02 | Emc Corporation | Malware detection using risk analysis based on file system and network activity |
US9118712B2 (en) | 2010-12-30 | 2015-08-25 | Everis, Inc. | Network communication system with improved security |
US20120174196A1 (en) | 2010-12-30 | 2012-07-05 | Suresh Bhogavilli | Active validation for ddos and ssl ddos attacks |
US8566648B2 (en) | 2011-02-02 | 2013-10-22 | Salesforce, Inc. | Automated testing on devices |
US9087199B2 (en) | 2011-03-31 | 2015-07-21 | Mcafee, Inc. | System and method for providing a secured operating system execution environment |
US8479295B2 (en) | 2011-03-30 | 2013-07-02 | Intel Corporation | Method and apparatus for transparently instrumenting an application program |
US8756693B2 (en) | 2011-04-05 | 2014-06-17 | The United States Of America As Represented By The Secretary Of The Air Force | Malware target recognition |
US8510842B2 (en) | 2011-04-13 | 2013-08-13 | International Business Machines Corporation | Pinpointing security vulnerabilities in computer software applications |
US8997233B2 (en) | 2011-04-13 | 2015-03-31 | Microsoft Technology Licensing, Llc | Detecting script-based malware using emulation and heuristics |
US8707437B1 (en) | 2011-04-18 | 2014-04-22 | Trend Micro Incorporated | Techniques for detecting keyloggers in computer systems |
US8806647B1 (en) | 2011-04-25 | 2014-08-12 | Twitter, Inc. | Behavioral scanning of mobile applications |
PL2702524T3 (pl) | 2011-04-27 | 2018-02-28 | Seven Networks Llc | Wykrywanie i filtrowanie złośliwego oprogramowania, oparte na obserwacji ruchu wykonywanego w rozproszonym układzie zarządzania ruchem w sieciach mobilnych |
US9524179B2 (en) * | 2011-05-05 | 2016-12-20 | Microsoft Technology Licensing, Llc | Virtual-machine-deployment-action analysis |
US8695096B1 (en) | 2011-05-24 | 2014-04-08 | Palo Alto Networks, Inc. | Automatic signature generation for malicious PDF files |
US9047441B2 (en) | 2011-05-24 | 2015-06-02 | Palo Alto Networks, Inc. | Malware analysis system |
US9921860B1 (en) * | 2011-05-25 | 2018-03-20 | Bromium, Inc. | Isolation of applications within a virtual machine |
US8627473B2 (en) | 2011-06-08 | 2014-01-07 | At&T Intellectual Property I, L.P. | Peer-to-peer (P2P) botnet tracking at backbone level |
US8640246B2 (en) | 2011-06-27 | 2014-01-28 | Raytheon Company | Distributed malware detection |
US8769692B1 (en) | 2011-07-14 | 2014-07-01 | Mcafee, Inc. | System and method for detecting malware by transforming objects and analyzing different views of objects |
CN102339371B (zh) | 2011-09-14 | 2013-12-25 | 奇智软件(北京)有限公司 | 一种检测恶意程序的方法、装置及虚拟机 |
US9003532B2 (en) | 2011-09-15 | 2015-04-07 | Raytheon Company | Providing a network-accessible malware analysis |
EP2610776B1 (en) | 2011-09-16 | 2019-08-21 | Veracode, Inc. | Automated behavioural and static analysis using an instrumented sandbox and machine learning classification for mobile security |
US8739280B2 (en) | 2011-09-29 | 2014-05-27 | Hewlett-Packard Development Company, L.P. | Context-sensitive taint analysis |
US8806639B2 (en) | 2011-09-30 | 2014-08-12 | Avaya Inc. | Contextual virtual machines for application quarantine and assessment method and system |
WO2013055807A1 (en) | 2011-10-10 | 2013-04-18 | Global Dataguard, Inc | Detecting emergent behavior in communications networks |
US8677487B2 (en) | 2011-10-18 | 2014-03-18 | Mcafee, Inc. | System and method for detecting a malicious command and control channel |
US9020331B2 (en) | 2011-10-21 | 2015-04-28 | Mitsubishi Electric Corporation | Video image information playback method and video image information playback device |
US8782792B1 (en) | 2011-10-27 | 2014-07-15 | Symantec Corporation | Systems and methods for detecting malware on mobile platforms |
US9021587B2 (en) | 2011-10-27 | 2015-04-28 | Microsoft Technology Licensing, Llc | Detecting software vulnerabilities in an isolated computing environment |
US9686293B2 (en) | 2011-11-03 | 2017-06-20 | Cyphort Inc. | Systems and methods for malware detection and mitigation |
US9519781B2 (en) | 2011-11-03 | 2016-12-13 | Cyphort Inc. | Systems and methods for virtualization and emulation assisted malware detection |
KR20130051116A (ko) | 2011-11-09 | 2013-05-20 | 한국전자통신연구원 | 애플리케이션 보안성 점검 자동화 장치 및 방법 |
EP2592784B1 (en) | 2011-11-14 | 2013-09-18 | Alcatel Lucent | Apparatus, method and computer program for routing data packets |
US8590041B2 (en) | 2011-11-28 | 2013-11-19 | Mcafee, Inc. | Application sandboxing using a dynamic optimization framework |
KR101296716B1 (ko) | 2011-12-14 | 2013-08-20 | 한국인터넷진흥원 | 피디에프 문서형 악성코드 탐지 시스템 및 방법 |
US8533835B2 (en) | 2011-12-14 | 2013-09-10 | Mcafee, Inc. | Method and system for rapid signature search over encrypted content |
DE102011056502A1 (de) | 2011-12-15 | 2013-06-20 | Avira Holding GmbH | Verfahren und Vorrichtung zur automatischen Erzeugung von Virenbeschreibungen |
US20130160130A1 (en) | 2011-12-20 | 2013-06-20 | Kirill Mendelev | Application security testing |
US10701097B2 (en) | 2011-12-20 | 2020-06-30 | Micro Focus Llc | Application security testing |
US8214905B1 (en) | 2011-12-21 | 2012-07-03 | Kaspersky Lab Zao | System and method for dynamically allocating computing resources for processing security information |
RU2472215C1 (ru) | 2011-12-28 | 2013-01-10 | Закрытое акционерное общество "Лаборатория Касперского" | Способ выявления неизвестных программ с использованием эмуляции процесса загрузки |
US20130174214A1 (en) | 2011-12-29 | 2013-07-04 | Imation Corp. | Management Tracking Agent for Removable Media |
US20130185795A1 (en) | 2012-01-12 | 2013-07-18 | Arxceo Corporation | Methods and systems for providing network protection by progressive degradation of service |
US8533836B2 (en) | 2012-01-13 | 2013-09-10 | Accessdata Group, Llc | Identifying software execution behavior |
JP5711160B2 (ja) | 2012-01-15 | 2015-04-30 | レノボ・シンガポール・プライベート・リミテッド | パスワードを保護する方法およびコンピュータ |
US9922190B2 (en) | 2012-01-25 | 2018-03-20 | Damballa, Inc. | Method and system for detecting DGA-based malware |
US8774761B2 (en) | 2012-01-27 | 2014-07-08 | Qualcomm Incorporated | Mobile device to detect unexpected behaviour |
US9519782B2 (en) | 2012-02-24 | 2016-12-13 | Fireeye, Inc. | Detecting malicious network content |
US9275229B2 (en) | 2012-03-15 | 2016-03-01 | Mandiant, Llc | System to bypass a compromised mass storage device driver stack and method thereof |
US9832211B2 (en) | 2012-03-19 | 2017-11-28 | Qualcomm, Incorporated | Computing device to detect malware |
US8726392B1 (en) | 2012-03-29 | 2014-05-13 | Symantec Corporation | Systems and methods for combining static and dynamic code analysis |
US8990948B2 (en) | 2012-05-01 | 2015-03-24 | Taasera, Inc. | Systems and methods for orchestrating runtime operational integrity |
US9503463B2 (en) | 2012-05-14 | 2016-11-22 | Zimperium, Inc. | Detection of threats to networks, based on geographic location |
GB2490431B (en) | 2012-05-15 | 2014-03-26 | F Secure Corp | Foiling a document exploit attack |
US9064097B2 (en) | 2012-06-06 | 2015-06-23 | Oracle International Corporation | System and method of automatically detecting outliers in usage patterns |
US8879558B1 (en) | 2012-06-27 | 2014-11-04 | Juniper Networks, Inc. | Dynamic remote packet capture |
US9223962B1 (en) * | 2012-07-03 | 2015-12-29 | Bromium, Inc. | Micro-virtual machine forensics and detection |
US9152449B2 (en) | 2012-07-13 | 2015-10-06 | International Business Machines Corporation | Co-location of virtual machines with nested virtualization |
US9245118B2 (en) | 2012-07-18 | 2016-01-26 | Infosys Limited | Methods for identifying key logging activities with a portable device and devices thereof |
US9268936B2 (en) | 2012-07-27 | 2016-02-23 | Mandiant, Llc | Physical memory forensics system and method |
US9747440B2 (en) | 2012-08-15 | 2017-08-29 | Qualcomm Incorporated | On-line behavioral analysis engine in mobile device with multiple analyzer model providers |
US9495537B2 (en) | 2012-08-15 | 2016-11-15 | Qualcomm Incorporated | Adaptive observation of behavioral features on a mobile device |
US8775925B2 (en) | 2012-08-28 | 2014-07-08 | Sweetlabs, Inc. | Systems and methods for hosted applications |
RU2514140C1 (ru) | 2012-09-28 | 2014-04-27 | Закрытое акционерное общество "Лаборатория Касперского" | Система и способ увеличения качества обнаружений вредоносных объектов с использованием правил и приоритетов |
US20140181975A1 (en) | 2012-11-06 | 2014-06-26 | William Spernow | Method to scan a forensic image of a computer system with multiple malicious code detection engines simultaneously from a master control point |
US8850581B2 (en) | 2012-11-07 | 2014-09-30 | Microsoft Corporation | Identification of malware detection signature candidate code |
US8910238B2 (en) | 2012-11-13 | 2014-12-09 | Bitdefender IPR Management Ltd. | Hypervisor-based enterprise endpoint protection |
US9277378B2 (en) | 2012-12-21 | 2016-03-01 | Verizon Patent And Licensing Inc. | Short message service validation engine |
RU2522019C1 (ru) | 2012-12-25 | 2014-07-10 | Закрытое акционерное общество "Лаборатория Касперского" | Система и способ обнаружения угроз в коде, исполняемом виртуальной машиной |
US9633134B2 (en) | 2012-12-26 | 2017-04-25 | Fireeye, Inc. | Timeline wrinkling system and method |
US10572665B2 (en) | 2012-12-28 | 2020-02-25 | Fireeye, Inc. | System and method to create a number of breakpoints in a virtual machine via virtual machine trapping events |
US9690935B2 (en) | 2012-12-31 | 2017-06-27 | Fireeye, Inc. | Identification of obfuscated computer items using visual algorithms |
EP2946329A4 (en) | 2013-01-16 | 2016-08-31 | Mcafee Inc | MALIGNANT SCRIPT LANGUAGE CODE DETECTION IN A NETWORK ENVIRONMENT |
US9165142B1 (en) | 2013-01-30 | 2015-10-20 | Palo Alto Networks, Inc. | Malware family identification using profile signatures |
US9195829B1 (en) | 2013-02-23 | 2015-11-24 | Fireeye, Inc. | User interface with real-time visual playback along with synchronous textual analysis log display and event/time index for anomalous behavior detection in applications |
US9824209B1 (en) | 2013-02-23 | 2017-11-21 | Fireeye, Inc. | Framework for efficient security coverage of mobile software applications that is usable to harden in the field code |
US9367681B1 (en) | 2013-02-23 | 2016-06-14 | Fireeye, Inc. | Framework for efficient security coverage of mobile software applications using symbolic execution to reach regions of interest within an application |
US9009823B1 (en) | 2013-02-23 | 2015-04-14 | Fireeye, Inc. | Framework for efficient security coverage of mobile software applications installed on mobile devices |
US9159035B1 (en) | 2013-02-23 | 2015-10-13 | Fireeye, Inc. | Framework for computer application analysis of sensitive information tracking |
US9009822B1 (en) | 2013-02-23 | 2015-04-14 | Fireeye, Inc. | Framework for multi-phase analysis of mobile applications |
US8990944B1 (en) | 2013-02-23 | 2015-03-24 | Fireeye, Inc. | Systems and methods for automatically detecting backdoors |
US9176843B1 (en) | 2013-02-23 | 2015-11-03 | Fireeye, Inc. | Framework for efficient security coverage of mobile software applications |
US9740390B2 (en) | 2013-03-11 | 2017-08-22 | Spikes, Inc. | Dynamic clip analysis |
US9104867B1 (en) | 2013-03-13 | 2015-08-11 | Fireeye, Inc. | Malicious content analysis using simulated user interaction without user involvement |
US9355247B1 (en) | 2013-03-13 | 2016-05-31 | Fireeye, Inc. | File extraction from memory dump for malicious content analysis |
US9626509B1 (en) | 2013-03-13 | 2017-04-18 | Fireeye, Inc. | Malicious content analysis with multi-version application support within single operating environment |
US9565202B1 (en) | 2013-03-13 | 2017-02-07 | Fireeye, Inc. | System and method for detecting exfiltration content |
US9311479B1 (en) | 2013-03-14 | 2016-04-12 | Fireeye, Inc. | Correlation and consolidation of analytic data for holistic view of a malware attack |
US9430646B1 (en) | 2013-03-14 | 2016-08-30 | Fireeye, Inc. | Distributed systems and methods for automatically detecting unknown bots and botnets |
US10713358B2 (en) | 2013-03-15 | 2020-07-14 | Fireeye, Inc. | System and method to extract and utilize disassembly features to classify software intent |
US9413781B2 (en) | 2013-03-15 | 2016-08-09 | Fireeye, Inc. | System and method employing structured intelligence to verify and contain threats at endpoints |
US9824211B2 (en) | 2013-03-15 | 2017-11-21 | Fireeye, Inc. | System and method to visualize user sessions |
US9497213B2 (en) | 2013-03-15 | 2016-11-15 | Fireeye, Inc. | System and method to manage sinkholes |
US9251343B1 (en) | 2013-03-15 | 2016-02-02 | Fireeye, Inc. | Detecting bootkits resident on compromised computers |
US8910285B2 (en) | 2013-04-19 | 2014-12-09 | Lastline, Inc. | Methods and systems for reciprocal generation of watch-lists and malware signatures |
US9104814B1 (en) * | 2013-05-03 | 2015-08-11 | Kabam, Inc. | System and method for integrated testing of a virtual space |
US9495180B2 (en) | 2013-05-10 | 2016-11-15 | Fireeye, Inc. | Optimized resource allocation for virtual machines within a malware content detection system |
US9635039B1 (en) | 2013-05-13 | 2017-04-25 | Fireeye, Inc. | Classifying sets of malicious indicators for detecting command and control communications associated with malware |
US9536091B2 (en) | 2013-06-24 | 2017-01-03 | Fireeye, Inc. | System and method for detecting time-bomb malware |
US10133863B2 (en) | 2013-06-24 | 2018-11-20 | Fireeye, Inc. | Zero-day discovery system |
US9300686B2 (en) | 2013-06-28 | 2016-03-29 | Fireeye, Inc. | System and method for detecting malicious links in electronic messages |
US9888016B1 (en) | 2013-06-28 | 2018-02-06 | Fireeye, Inc. | System and method for detecting phishing using password prediction |
US9426071B1 (en) | 2013-08-22 | 2016-08-23 | Fireeye, Inc. | Storing network bidirectional flow data and metadata with efficient processing technique |
US9292684B2 (en) | 2013-09-06 | 2016-03-22 | Michael Guidry | Systems and methods for security in computer systems |
US9773240B1 (en) | 2013-09-13 | 2017-09-26 | Square, Inc. | Fake sensor input for passcode entry security |
US9736179B2 (en) | 2013-09-30 | 2017-08-15 | Fireeye, Inc. | System, apparatus and method for using malware analysis results to drive adaptive instrumentation of virtual machines to improve exploit detection |
US9294501B2 (en) | 2013-09-30 | 2016-03-22 | Fireeye, Inc. | Fuzzy hash of behavioral results |
US10089461B1 (en) | 2013-09-30 | 2018-10-02 | Fireeye, Inc. | Page replacement code injection |
US9628507B2 (en) | 2013-09-30 | 2017-04-18 | Fireeye, Inc. | Advanced persistent threat (APT) detection center |
US9171160B2 (en) | 2013-09-30 | 2015-10-27 | Fireeye, Inc. | Dynamically adaptive framework and method for classifying malware using intelligent static, emulation, and dynamic analyses |
US10192052B1 (en) | 2013-09-30 | 2019-01-29 | Fireeye, Inc. | System, apparatus and method for classifying a file as malicious using static scanning |
US9690936B1 (en) | 2013-09-30 | 2017-06-27 | Fireeye, Inc. | Multistage system and method for analyzing obfuscated content for malware |
US9350747B2 (en) | 2013-10-31 | 2016-05-24 | Cyberpoint International Llc | Methods and systems for malware analysis |
US9921978B1 (en) | 2013-11-08 | 2018-03-20 | Fireeye, Inc. | System and method for enhanced security of storage devices |
US9189627B1 (en) | 2013-11-21 | 2015-11-17 | Fireeye, Inc. | System, apparatus and method for conducting on-the-fly decryption of encrypted objects for malware detection |
US9355246B1 (en) | 2013-12-05 | 2016-05-31 | Trend Micro Inc. | Tuning sandbox behavior based on static characteristics of malware |
US9747446B1 (en) | 2013-12-26 | 2017-08-29 | Fireeye, Inc. | System and method for run-time object classification |
US9756074B2 (en) | 2013-12-26 | 2017-09-05 | Fireeye, Inc. | System and method for IPS and VM-based detection of suspicious objects |
US9507935B2 (en) | 2014-01-16 | 2016-11-29 | Fireeye, Inc. | Exploit detection system with threat-aware microvisor |
US9262635B2 (en) | 2014-02-05 | 2016-02-16 | Fireeye, Inc. | Detection efficacy of virtual machine-based analysis with application specific events |
US9537972B1 (en) | 2014-02-20 | 2017-01-03 | Fireeye, Inc. | Efficient access to sparse packets in large repositories of stored network traffic |
KR101498614B1 (ko) | 2014-02-27 | 2015-03-04 | 한국전자통신연구원 | 악성코드 활동 차단 장치 및 방법 |
US9241010B1 (en) | 2014-03-20 | 2016-01-19 | Fireeye, Inc. | System and method for network behavior detection |
US10242185B1 (en) | 2014-03-21 | 2019-03-26 | Fireeye, Inc. | Dynamic guest image creation and rollback |
US9591015B1 (en) | 2014-03-28 | 2017-03-07 | Fireeye, Inc. | System and method for offloading packet processing and static analysis operations |
US9223972B1 (en) | 2014-03-31 | 2015-12-29 | Fireeye, Inc. | Dynamically remote tuning of a malware content detection system |
US9432389B1 (en) | 2014-03-31 | 2016-08-30 | Fireeye, Inc. | System, apparatus and method for detecting a malicious attack based on static analysis of a multi-flow object |
US9973531B1 (en) | 2014-06-06 | 2018-05-15 | Fireeye, Inc. | Shellcode detection |
US9438623B1 (en) | 2014-06-06 | 2016-09-06 | Fireeye, Inc. | Computer exploit detection using heap spray pattern matching |
US9594912B1 (en) | 2014-06-06 | 2017-03-14 | Fireeye, Inc. | Return-oriented programming detection |
US9311506B1 (en) | 2014-06-10 | 2016-04-12 | Lockheed Martin Corporation | Storing and transmitting sensitive data |
US9015814B1 (en) * | 2014-06-10 | 2015-04-21 | Kaspersky Lab Zao | System and methods for detecting harmful files of different formats |
US10084813B2 (en) | 2014-06-24 | 2018-09-25 | Fireeye, Inc. | Intrusion prevention and remedy system |
US9398028B1 (en) | 2014-06-26 | 2016-07-19 | Fireeye, Inc. | System, device and method for detecting a malicious attack based on communcations between remotely hosted virtual machines and malicious web servers |
US10002252B2 (en) | 2014-07-01 | 2018-06-19 | Fireeye, Inc. | Verification of trusted threat-aware microvisor |
US9680862B2 (en) | 2014-07-01 | 2017-06-13 | Fireeye, Inc. | Trusted threat-aware microvisor |
US9912644B2 (en) | 2014-08-05 | 2018-03-06 | Fireeye, Inc. | System and method to communicate sensitive information via one or more untrusted intermediate nodes with resilience to disconnected network topology |
US9363280B1 (en) | 2014-08-22 | 2016-06-07 | Fireeye, Inc. | System and method of detecting delivery of malware using cross-customer data |
EP3189638B1 (en) | 2014-09-05 | 2018-11-28 | Telefonaktiebolaget LM Ericsson (publ) | Explicit control of aggregation links via is-is |
US10027689B1 (en) | 2014-09-29 | 2018-07-17 | Fireeye, Inc. | Interactive infection visualization for improved exploit detection and signature generation for malware and malware families |
US9773112B1 (en) | 2014-09-29 | 2017-09-26 | Fireeye, Inc. | Exploit detection of malware and malware families |
US9781144B1 (en) | 2014-09-30 | 2017-10-03 | Fireeye, Inc. | Determining duplicate objects for malware analysis using environmental/context information |
US9210185B1 (en) | 2014-12-05 | 2015-12-08 | Lookingglass Cyber Solutions, Inc. | Cyber threat monitor and control apparatuses, methods and systems |
US9690933B1 (en) | 2014-12-22 | 2017-06-27 | Fireeye, Inc. | Framework for classifying an object as malicious with machine learning for deploying updated predictive models |
US9467460B1 (en) | 2014-12-23 | 2016-10-11 | Fireeye, Inc. | Modularized database architecture using vertical partitioning for a state machine |
US10075455B2 (en) | 2014-12-26 | 2018-09-11 | Fireeye, Inc. | Zero-day rotating guest image profile |
US9934376B1 (en) | 2014-12-29 | 2018-04-03 | Fireeye, Inc. | Malware detection appliance architecture |
US20160191550A1 (en) | 2014-12-29 | 2016-06-30 | Fireeye, Inc. | Microvisor-based malware detection endpoint architecture |
US9838417B1 (en) | 2014-12-30 | 2017-12-05 | Fireeye, Inc. | Intelligent context aware user interaction for malware detection |
US10148693B2 (en) | 2015-03-25 | 2018-12-04 | Fireeye, Inc. | Exploit detection system |
US9690606B1 (en) | 2015-03-25 | 2017-06-27 | Fireeye, Inc. | Selective system call monitoring |
US9438613B1 (en) | 2015-03-30 | 2016-09-06 | Fireeye, Inc. | Dynamic content activation for automated analysis of embedded objects |
US9912681B1 (en) | 2015-03-31 | 2018-03-06 | Fireeye, Inc. | Injection of content processing delay in an endpoint |
US9483644B1 (en) | 2015-03-31 | 2016-11-01 | Fireeye, Inc. | Methods for detecting file altering malware in VM based analysis |
US10417031B2 (en) | 2015-03-31 | 2019-09-17 | Fireeye, Inc. | Selective virtualization for security threat detection |
US9654485B1 (en) | 2015-04-13 | 2017-05-16 | Fireeye, Inc. | Analytics-based security monitoring system and method |
US9594904B1 (en) | 2015-04-23 | 2017-03-14 | Fireeye, Inc. | Detecting malware based on reflection |
US20160357965A1 (en) | 2015-06-04 | 2016-12-08 | Ut Battelle, Llc | Automatic clustering of malware variants based on structured control flow |
US10536357B2 (en) | 2015-06-05 | 2020-01-14 | Cisco Technology, Inc. | Late data detection in data center |
US10216927B1 (en) | 2015-06-30 | 2019-02-26 | Fireeye, Inc. | System and method for protecting memory pages associated with a process using a virtualization layer |
US10176321B2 (en) | 2015-09-22 | 2019-01-08 | Fireeye, Inc. | Leveraging behavior-based rules for malware family classification |
US10033759B1 (en) | 2015-09-28 | 2018-07-24 | Fireeye, Inc. | System and method of threat detection under hypervisor control |
US10033747B1 (en) | 2015-09-29 | 2018-07-24 | Fireeye, Inc. | System and method for detecting interpreter-based exploit attacks |
US9825976B1 (en) | 2015-09-30 | 2017-11-21 | Fireeye, Inc. | Detection and classification of exploit kits |
US10210329B1 (en) | 2015-09-30 | 2019-02-19 | Fireeye, Inc. | Method to detect application execution hijacking using memory protection |
US9825989B1 (en) | 2015-09-30 | 2017-11-21 | Fireeye, Inc. | Cyber attack early warning system |
US10284575B2 (en) | 2015-11-10 | 2019-05-07 | Fireeye, Inc. | Launcher for setting analysis environment variations for malware detection |
US10108446B1 (en) | 2015-12-11 | 2018-10-23 | Fireeye, Inc. | Late load technique for deploying a virtualization layer underneath a running operating system |
US10133866B1 (en) | 2015-12-30 | 2018-11-20 | Fireeye, Inc. | System and method for triggering analysis of an object for malware in response to modification of that object |
US10050998B1 (en) | 2015-12-30 | 2018-08-14 | Fireeye, Inc. | Malicious message analysis system |
US9824216B1 (en) | 2015-12-31 | 2017-11-21 | Fireeye, Inc. | Susceptible environment detection system |
US10169585B1 (en) | 2016-06-22 | 2019-01-01 | Fireeye, Inc. | System and methods for advanced malware detection through placement of transition events |
US10121000B1 (en) | 2016-06-28 | 2018-11-06 | Fireeye, Inc. | System and method to detect premium attacks on electronic networks and electronic devices |
US10191861B1 (en) | 2016-09-06 | 2019-01-29 | Fireeye, Inc. | Technique for implementing memory views using a layered virtualization architecture |
US10025691B1 (en) | 2016-09-09 | 2018-07-17 | Fireeye, Inc. | Verification of complex software code using a modularized architecture |
US10798112B2 (en) | 2017-03-30 | 2020-10-06 | Fireeye, Inc. | Attribute-controlled malware detection |
US10650567B2 (en) * | 2017-06-09 | 2020-05-12 | FlyInside, Inc. | Optimizing processing time of a simulation engine |
US10265627B2 (en) * | 2017-06-22 | 2019-04-23 | Centurion VR, LLC | Virtual reality simulation of a live-action sequence |
US20190066377A1 (en) * | 2017-08-22 | 2019-02-28 | Software Ag | Systems and/or methods for virtual reality based process optimization |
-
2014
- 2014-12-30 US US14/586,233 patent/US9838417B1/en active Active
-
2015
- 2015-12-21 EP EP15823116.7A patent/EP3245609A1/en not_active Withdrawn
- 2015-12-21 WO PCT/US2015/067082 patent/WO2016109283A1/en active Application Filing
- 2015-12-21 JP JP2017535823A patent/JP6702983B2/ja active Active
-
2017
- 2017-12-04 US US15/831,311 patent/US10798121B1/en active Active
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2020240718A1 (ja) * | 2019-05-28 | 2020-12-03 | 日本電信電話株式会社 | 抽出装置、抽出方法及び抽出プログラム |
JPWO2020240718A1 (ja) * | 2019-05-28 | 2020-12-03 | ||
JP7131704B2 (ja) | 2019-05-28 | 2022-09-06 | 日本電信電話株式会社 | 抽出装置、抽出方法及び抽出プログラム |
WO2021038780A1 (ja) * | 2019-08-29 | 2021-03-04 | 日本電気株式会社 | バックドア検査装置、バックドア検査方法、及び非一時的なコンピュータ可読媒体 |
JPWO2021038780A1 (ja) * | 2019-08-29 | 2021-03-04 | ||
JP7276465B2 (ja) | 2019-08-29 | 2023-05-18 | 日本電気株式会社 | バックドア検査装置、バックドア検査方法、及びプログラム |
Also Published As
Publication number | Publication date |
---|---|
US9838417B1 (en) | 2017-12-05 |
WO2016109283A1 (en) | 2016-07-07 |
US10798121B1 (en) | 2020-10-06 |
EP3245609A1 (en) | 2017-11-22 |
JP6702983B2 (ja) | 2020-06-03 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP6702983B2 (ja) | マルウェア検出のためのインテリジェントかつコンテキストアウェアなユーザインタラクション | |
US10169585B1 (en) | System and methods for advanced malware detection through placement of transition events | |
US10666686B1 (en) | Virtualized exploit detection system | |
US10075455B2 (en) | Zero-day rotating guest image profile | |
US11294705B1 (en) | Selective virtualization for security threat detection | |
US9438613B1 (en) | Dynamic content activation for automated analysis of embedded objects | |
US10581879B1 (en) | Enhanced malware detection for generated objects | |
US9846776B1 (en) | System and method for detecting file altering behaviors pertaining to a malicious attack | |
JP6419787B2 (ja) | マルウェアコンテンツ検出システム内の仮想マシンへの最適化されたリソース割当て | |
EP3049985B1 (en) | A separate, disposable execution environment for accessing unverified content | |
US10715542B1 (en) | Mobile application risk analysis | |
US9251343B1 (en) | Detecting bootkits resident on compromised computers | |
RU2653985C2 (ru) | Способ и система обнаружения вредоносного программного обеспечения путем контроля исполнения программного обеспечения запущенного по сценарию | |
US20190318089A1 (en) | System security method and apparatus | |
US10341365B1 (en) | Methods and system for hiding transition events for malware detection | |
US9158915B1 (en) | Systems and methods for analyzing zero-day attacks | |
US20120272317A1 (en) | System and method for detecting infectious web content | |
US10769275B2 (en) | Systems and methods for monitoring bait to protect users from security threats | |
US11706251B2 (en) | Simulating user interactions for malware analysis | |
US9330254B1 (en) | Systems and methods for preventing the installation of unapproved applications | |
US10885191B1 (en) | Detonate targeted malware using environment context information | |
Heiser | Secure embedded systems need microkernels | |
CN110574034A (zh) | 基于端点遥测的样本特定的沙箱配置 | |
CN110659478A (zh) | 在隔离的环境中检测阻止分析的恶意文件的方法 | |
US11677786B1 (en) | System and method for detecting and protecting against cybersecurity attacks on servers |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A621 | Written request for application examination |
Free format text: JAPANESE INTERMEDIATE CODE: A621 Effective date: 20181212 |
|
A977 | Report on retrieval |
Free format text: JAPANESE INTERMEDIATE CODE: A971007 Effective date: 20190829 |
|
A131 | Notification of reasons for refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A131 Effective date: 20190910 |
|
A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20191210 |
|
TRDD | Decision of grant or rejection written | ||
A01 | Written decision to grant a patent or to grant a registration (utility model) |
Free format text: JAPANESE INTERMEDIATE CODE: A01 Effective date: 20200407 |
|
A61 | First payment of annual fees (during grant procedure) |
Free format text: JAPANESE INTERMEDIATE CODE: A61 Effective date: 20200507 |
|
R150 | Certificate of patent or registration of utility model |
Ref document number: 6702983 Country of ref document: JP Free format text: JAPANESE INTERMEDIATE CODE: R150 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |