公开(公告)号：US08984636B2

公开(公告)日：2015-03-17

申请号：US11194078

申请日：2005-07-29

申请人： Todd Brennan

发明人： Todd Brennan

IPC分类号： G06F21/00 ,  H04L9/32 ,  G06F21/55 ,  H04L29/06

CPC分类号： H04L9/3247 ,  G06F21/552 ,  H04L63/102 ,  H04L63/145 ,  H04L63/18 ,  H04L2209/60

摘要： A security system provides a defense from known and unknown viruses, worms, spyware, hackers, and unwanted software. The system can implement centralized policies that allow an administrator to approve, block, quarantine, and log file activities. The system can extract content of interest from a file container, repackage the content of interest as another valid file type, perform hashes on the content of interest, associate the hash of the container with the hash of the repackaged content, transfer the repackaged content, and store the hash with other security-related information.

摘要翻译： 安全系统提供来自已知和未知病毒，蠕虫，间谍软件，黑客和不需要的软件的防御。 系统可以实现集中的策略，允许管理员批准，阻止，隔离和记录文件活动。 该系统可以从文件容器提取感兴趣的内容，将感兴趣的内容重新包装为另一种有效的文件类型，对所关注的内容执行散列，将容器的散列与重新打包的内容的哈希相关联，传送重新包装的内容， 并将散列与其他安全相关的信息进行存储。

公开(公告)号：US08782800B2

公开(公告)日：2014-07-15

申请号：US13459957

申请日：2012-04-30

申请人： Todd F. Brennan ,  Allen Hillery

发明人： Todd F. Brennan ,  Allen Hillery

IPC分类号： H04L29/06

CPC分类号： H04L63/1408 ,  H04L63/145 ,  H04L63/20

摘要： A security system provides a defense from known and unknown viruses, worms, spyware, hackers, and social engineering attacks. The system can implement centralized policies that allow an administrator to approve, block, quarantine, or log file activities. The system can provide and update a security value that causes host computers to change security levels for a number of different policies. The policies are grouped into a master set of policies and options which are propagated to the hosts from a centralized server. The security value is stored on the hosts and the server, and changes of the value on the server are propagated to the hosts.

摘要翻译： 安全系统提供来自已知和未知病毒，蠕虫，间谍软件，黑客和社会工程攻击的防御。 系统可以实现允许管理员批准，阻止，隔离或记录文件活动的集中式策略。 该系统可以提供和更新一个安全值，导致主机更改多个不同策略的安全级别。 策略被分组成从集中式服务器传播到主机的主策略和选项集。 安全性值存储在主机和服务器上，并且将服务器上的值的更改传播到主机。

公开(公告)号：US09197663B1

公开(公告)日：2015-11-24

申请号：US14608999

申请日：2015-01-29

申请人： BIT9, Inc.

发明人： Mark Gilbert ,  Jeffrey J. Guy

IPC分类号： G06F12/14 ,  H04L29/06 ,  G06F21/56

CPC分类号： G06F21/552 ,  G06F3/04817 ,  G06F21/562 ,  G06F21/563 ,  G06F21/564 ,  G06F21/565 ,  G06F2221/033 ,  H04L63/08 ,  H04L63/145 ,  H04L63/20 ,  H04W12/12

摘要： Visual and non-visual elements associated with the candidate files are analyzed to determine whether the candidate files are malware. A visual element (e.g., icon) is extracted from the candidate file, and the icon's image is compared to a group of reference images associated with trusted entities. If the icon's image matches a reference image, the candidate file may be malware masquerading as trusted software. The non-visual elements associated with the candidate file are used, in combination with the visual elements, to determine whether the candidate file is malware.

摘要翻译： 分析与候选文件相关联的视觉和非可视元素以确定候选文件是否是恶意软件。 从候选文件中提取视觉元素（例如，图标），并将图标的图像与与可信实体相关联的一组参考图像进行比较。 如果图标的图像与参考图像匹配，候选文件可能是伪装成可信软件的恶意软件。 与候选文件相关联的非可视元素与视觉元素结合使用以确定候选文件是否是恶意软件。