RU2723665C1 - Динамический индикатор репутации для оптимизации операций по обеспечению компьютерной безопасности - Google Patents

Динамический индикатор репутации для оптимизации операций по обеспечению компьютерной безопасности Download PDF

Info

Publication number
RU2723665C1
RU2723665C1 RU2019112780A RU2019112780A RU2723665C1 RU 2723665 C1 RU2723665 C1 RU 2723665C1 RU 2019112780 A RU2019112780 A RU 2019112780A RU 2019112780 A RU2019112780 A RU 2019112780A RU 2723665 C1 RU2723665 C1 RU 2723665C1
Authority
RU
Russia
Prior art keywords
reputation
target entity
indicator
entity
reputation indicator
Prior art date
Application number
RU2019112780A
Other languages
English (en)
Russian (ru)
Inventor
Георге-Флорин ХАЖМАСАН
Александра МОНДОК
Раду-Марьян ПОРТАСЕ
Original Assignee
БИТДЕФЕНДЕР АйПиАр МЕНЕДЖМЕНТ ЛТД
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by БИТДЕФЕНДЕР АйПиАр МЕНЕДЖМЕНТ ЛТД filed Critical БИТДЕФЕНДЕР АйПиАр МЕНЕДЖМЕНТ ЛТД
Application granted granted Critical
Publication of RU2723665C1 publication Critical patent/RU2723665C1/ru

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer And Data Communications (AREA)
  • Debugging And Monitoring (AREA)
  • Information Transfer Between Computers (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
RU2019112780A 2016-10-27 2017-10-26 Динамический индикатор репутации для оптимизации операций по обеспечению компьютерной безопасности RU2723665C1 (ru)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US15/336,387 2016-10-27
US15/336,387 US10237293B2 (en) 2016-10-27 2016-10-27 Dynamic reputation indicator for optimizing computer security operations
PCT/EP2017/077390 WO2018077996A1 (en) 2016-10-27 2017-10-26 Dynamic reputation indicator for optimizing computer security operations

Publications (1)

Publication Number Publication Date
RU2723665C1 true RU2723665C1 (ru) 2020-06-17

Family

ID=60935760

Family Applications (1)

Application Number Title Priority Date Filing Date
RU2019112780A RU2723665C1 (ru) 2016-10-27 2017-10-26 Динамический индикатор репутации для оптимизации операций по обеспечению компьютерной безопасности

Country Status (12)

Country Link
US (1) US10237293B2 (enExample)
EP (1) EP3516572B1 (enExample)
JP (1) JP7068294B2 (enExample)
KR (1) KR102116573B1 (enExample)
CN (1) CN109891422B (enExample)
AU (1) AU2017350292B2 (enExample)
CA (1) CA3037453C (enExample)
ES (1) ES2871898T3 (enExample)
IL (1) IL266200B (enExample)
RU (1) RU2723665C1 (enExample)
SG (1) SG11201903491XA (enExample)
WO (1) WO2018077996A1 (enExample)

Families Citing this family (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10237293B2 (en) * 2016-10-27 2019-03-19 Bitdefender IPR Management Ltd. Dynamic reputation indicator for optimizing computer security operations
US9756061B1 (en) * 2016-11-18 2017-09-05 Extrahop Networks, Inc. Detecting attacks using passive network monitoring
TWI755616B (zh) 2017-04-21 2022-02-21 美商時美媒體公司 用於編碼器導引自適應性品質演現的系統及方法
US11050783B2 (en) * 2018-01-31 2021-06-29 International Business Machines Corporation System and method for detecting client participation in malware activity
US11165814B2 (en) 2019-07-29 2021-11-02 Extrahop Networks, Inc. Modifying triage information based on network monitoring
US11409868B2 (en) * 2019-09-26 2022-08-09 At&T Intellectual Property I, L.P. Ransomware detection and mitigation
CN111027067A (zh) * 2019-11-25 2020-04-17 深圳传音控股股份有限公司 基于大数据分析的恶意软件识别方法、服务器及存储介质
US11165823B2 (en) 2019-12-17 2021-11-02 Extrahop Networks, Inc. Automated preemptive polymorphic deception
KR102180105B1 (ko) * 2020-08-13 2020-11-17 최원천 장치에 설치된 소프트웨어에 대한 악성 소프트웨어 판단 방법 및 장치
US11683331B2 (en) * 2020-11-23 2023-06-20 Juniper Networks, Inc. Trust scoring of network entities in networks
US11349861B1 (en) 2021-06-18 2022-05-31 Extrahop Networks, Inc. Identifying network entities based on beaconing activity
US11914709B2 (en) * 2021-07-20 2024-02-27 Bank Of America Corporation Hybrid machine learning and knowledge graph approach for estimating and mitigating the spread of malicious software
US12074879B2 (en) 2021-09-14 2024-08-27 Juniper Networks, Inc. Inferring trust in computer networks
US12170670B2 (en) 2021-12-15 2024-12-17 Juniper Networks, Inc. Use of sentiment analysis to assess trust in a network
US12348568B1 (en) * 2022-12-23 2025-07-01 F5, Inc. Methods for optimizing selection of a hardware security server and devices thereof
US12355803B2 (en) 2022-12-30 2025-07-08 Juniper Networks, Inc. Remediation work score for network trust applications
US12483384B1 (en) 2025-04-16 2025-11-25 Extrahop Networks, Inc. Resynchronizing encrypted network traffic

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070240222A1 (en) * 2006-04-06 2007-10-11 George Tuvell System and Method for Managing Malware Protection on Mobile Devices
US20080209552A1 (en) * 2007-02-28 2008-08-28 Microsoft Corporation Identifying potentially offending content using associations
RU2011138462A (ru) * 2011-09-20 2013-04-10 Закрытое акционерное общество "Лаборатория Касперского" Использование решений пользователей для обнаружения неизвестных компьютерных угроз
US20150096018A1 (en) * 2013-09-27 2015-04-02 Bitdefender IPR Management Ltd. Systems and Methods for Using a Reputation Indicator to Facilitate Malware Scanning

Family Cites Families (31)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6931540B1 (en) 2000-05-31 2005-08-16 Networks Associates Technology, Inc. System, method and computer program product for selecting virus detection actions based on a process by which files are being accessed
US20020184362A1 (en) * 2001-05-31 2002-12-05 International Business Machines Corporation System and method for extending server security through monitored load management
US8635690B2 (en) 2004-11-05 2014-01-21 Mcafee, Inc. Reputation based message processing
WO2006101549A2 (en) 2004-12-03 2006-09-28 Whitecell Software, Inc. Secure system for allowing the execution of authorized computer program code
US8584094B2 (en) * 2007-06-29 2013-11-12 Microsoft Corporation Dynamically computing reputation scores for objects
US7392544B1 (en) 2007-12-18 2008-06-24 Kaspersky Lab, Zao Method and system for anti-malware scanning with variable scan settings
US8595282B2 (en) 2008-06-30 2013-11-26 Symantec Corporation Simplified communication of a reputation score for an entity
US8225406B1 (en) 2009-03-31 2012-07-17 Symantec Corporation Systems and methods for using reputation data to detect shared-object-based security threats
US8381289B1 (en) * 2009-03-31 2013-02-19 Symantec Corporation Communication-based host reputation system
US8001606B1 (en) * 2009-06-30 2011-08-16 Symantec Corporation Malware detection using a white list
US8955131B2 (en) 2010-01-27 2015-02-10 Mcafee Inc. Method and system for proactive detection of malicious shared libraries via a remote reputation system
US9147071B2 (en) * 2010-07-20 2015-09-29 Mcafee, Inc. System and method for proactive detection of malware device drivers via kernel forensic behavioral monitoring and a back-end reputation system
US8327441B2 (en) 2011-02-17 2012-12-04 Taasera, Inc. System and method for application attestation
US9106680B2 (en) * 2011-06-27 2015-08-11 Mcafee, Inc. System and method for protocol fingerprinting and reputation correlation
US9262624B2 (en) 2011-09-16 2016-02-16 Mcafee, Inc. Device-tailored whitelists
US9235706B2 (en) * 2011-12-02 2016-01-12 Mcafee, Inc. Preventing execution of task scheduled malware
US8769676B1 (en) * 2011-12-22 2014-07-01 Symantec Corporation Techniques for identifying suspicious applications using requested permissions
US8918881B2 (en) * 2012-02-24 2014-12-23 Appthority, Inc. Off-device anti-malware protection for mobile devices
US8914886B2 (en) 2012-10-29 2014-12-16 Mcafee, Inc. Dynamic quarantining for malware detection
US9614865B2 (en) * 2013-03-15 2017-04-04 Mcafee, Inc. Server-assisted anti-malware client
WO2014143000A1 (en) * 2013-03-15 2014-09-18 Mcafee, Inc. Server-assisted anti-malware
WO2014143012A1 (en) * 2013-03-15 2014-09-18 Mcafee, Inc. Remote malware remediation
US9639693B2 (en) 2013-06-28 2017-05-02 Symantec Corporation Techniques for detecting a security vulnerability
US9363282B1 (en) * 2014-01-28 2016-06-07 Infoblox Inc. Platforms for implementing an analytics framework for DNS security
US9009827B1 (en) * 2014-02-20 2015-04-14 Palantir Technologies Inc. Security sharing system
US9411959B2 (en) * 2014-09-30 2016-08-09 Juniper Networks, Inc. Identifying an evasive malicious object based on a behavior delta
US10079846B2 (en) * 2015-06-04 2018-09-18 Cisco Technology, Inc. Domain name system (DNS) based anomaly detection
US10063571B2 (en) * 2016-01-04 2018-08-28 Microsoft Technology Licensing, Llc Systems and methods for the detection of advanced attackers using client side honeytokens
CN105578455B (zh) * 2016-01-27 2020-06-09 哈尔滨工业大学深圳研究生院 一种机会网络中分布式动态信誉评估方法
US10237293B2 (en) * 2016-10-27 2019-03-19 Bitdefender IPR Management Ltd. Dynamic reputation indicator for optimizing computer security operations
US10681070B2 (en) * 2017-05-26 2020-06-09 Qatar Foundatiion Method to identify malicious web domain names thanks to their dynamics

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070240222A1 (en) * 2006-04-06 2007-10-11 George Tuvell System and Method for Managing Malware Protection on Mobile Devices
US20080209552A1 (en) * 2007-02-28 2008-08-28 Microsoft Corporation Identifying potentially offending content using associations
RU2011138462A (ru) * 2011-09-20 2013-04-10 Закрытое акционерное общество "Лаборатория Касперского" Использование решений пользователей для обнаружения неизвестных компьютерных угроз
US20150096018A1 (en) * 2013-09-27 2015-04-02 Bitdefender IPR Management Ltd. Systems and Methods for Using a Reputation Indicator to Facilitate Malware Scanning

Also Published As

Publication number Publication date
KR20190067820A (ko) 2019-06-17
CN109891422B (zh) 2023-03-10
CA3037453A1 (en) 2018-05-03
JP2019533258A (ja) 2019-11-14
CA3037453C (en) 2021-04-27
WO2018077996A1 (en) 2018-05-03
KR102116573B1 (ko) 2020-06-03
CN109891422A (zh) 2019-06-14
EP3516572A1 (en) 2019-07-31
US20180124078A1 (en) 2018-05-03
IL266200A (en) 2019-06-30
JP7068294B2 (ja) 2022-05-16
AU2017350292A1 (en) 2019-04-04
ES2871898T3 (es) 2021-11-02
IL266200B (en) 2021-01-31
EP3516572B1 (en) 2021-03-24
AU2017350292B2 (en) 2021-08-26
US10237293B2 (en) 2019-03-19
SG11201903491XA (en) 2019-05-30

Similar Documents

Publication Publication Date Title
RU2723665C1 (ru) Динамический индикатор репутации для оптимизации операций по обеспечению компьютерной безопасности
US11562071B2 (en) Detecting malware via scanning for dynamically generated function pointers in memory
US10599841B2 (en) System and method for reverse command shell detection
RU2646352C2 (ru) Система и способ для применения индикатора репутации для облегчения сканирования на наличие вредоносных программ
EP3123311B1 (en) Malicious code protection for computer systems based on process modification
US9596257B2 (en) Detection and prevention of installation of malicious mobile applications
EP2745229B1 (en) System and method for indirect interface monitoring and plumb-lining
US7665139B1 (en) Method and apparatus to detect and prevent malicious changes to tokens
KR20180032566A (ko) 다수 소프트웨어 개체들에 걸쳐서 악성 행동을 트래킹하기 위한 시스템들 및 방법들
JP2019521400A (ja) 推測的なエクスプロイトの試みの検出
US20250124130A1 (en) Identifying malware based on system api function pointers
WO2024184646A1 (en) File-system protection
HK40004203B (en) Dynamic reputation indicator for optimizing computer security operations
HK40004203A (en) Dynamic reputation indicator for optimizing computer security operations

Legal Events

Date Code Title Description
PD4A Correction of name of patent owner