公开(公告)号：US08949187B1

公开(公告)日：2015-02-03

申请号：US12130786

申请日：2008-05-30

申请人： Sourabh Satish ,  William E. Sobel

发明人： Sourabh Satish ,  William E. Sobel

IPC分类号： G06F7/00 ,  G06F17/30

CPC分类号： G06F11/1461 ,  G01R31/3679 ,  G06F11/1441

摘要： A computer-implemented method may include performing an evaluation of the computing system's health. The computer-implemented method may also include comparing results of the evaluation with the results of at least one prior evaluation of the computing system's health and then determining, based on the comparison, that a current state of health of the computing system is healthier than at least one prior state of health of the computing system. In addition, the computer-implemented method may include creating a backup of the computing system. A computer-implemented method for managing backups of a computing system based on health information is also disclosed. Corresponding systems and computer-readable media are also disclosed.

摘要翻译： 计算机实现的方法可以包括对计算系统的健康进行评估。 计算机实现的方法还可以包括将评估的结果与计算系统的健康的至少一个先前评估的结果进行比较，然后基于比较来确定计算系统的当前健康状况比在 至少一个计算系统的健康状况。 此外，计算机实现的方法可以包括创建计算系统的备份。 还公开了一种用于管理基于健康信息的计算系统的备份的计算机实现的方法。 还公开了相应的系统和计算机可读介质。

公开(公告)号：US08667592B2

公开(公告)日：2014-03-04

申请号：US13048380

申请日：2011-03-15

申请人： William E. Sobel ,  Sourabh Satish

发明人： William E. Sobel ,  Sourabh Satish

IPC分类号： G06F11/00

CPC分类号： G06F21/564

摘要： A computer-implemented method for looking up anti-malware metadata may include identifying a plurality of executable objects to be scanned for malware before execution. The computer-implemented method may also include, for each executable object within the plurality of executable objects, assessing an imminence of execution of the executable object. The computer-implemented method may further include prioritizing, based on the assessments, a retrieval order for anti-malware metadata corresponding to the plurality of executable objects. The computer-implemented method may additionally include retrieving anti-malware metadata corresponding to an executable object within the plurality of executable objects based on the retrieval order. Various other methods, systems, and computer-readable media are also disclosed.

摘要翻译： 用于查找反恶意软件元数据的计算机实现的方法可以包括在执行之前识别要扫描恶意软件的多个可执行对象。 对于多个可执行对象中的每个可执行对象，计算机实现的方法还可以包括执行可执行对象的即将来临。 计算机实现的方法还可以包括基于评估来优先考虑与多个可执行对象相对应的反恶意软件元数据的检索顺序。 计算机实现的方法可以另外包括基于检索顺序检索对应于多个可执行对象内的可执行对象的反恶意软件元数据。 还公开了各种其它方法，系统和计算机可读介质。

公开(公告)号：US08499063B1

公开(公告)日：2013-07-30

申请号：US12059258

申请日：2008-03-31

申请人： Sourabh Satish ,  William E. Sobel

发明人： Sourabh Satish ,  William E. Sobel

IPC分类号： G06F15/173

CPC分类号： G06F21/552 ,  G06F8/62 ,  G06F11/3419 ,  G06F2201/81 ,  G06F2201/86 ,  G06F2201/865 ,  G06F2221/2135

摘要： Installation events associated with a software application are received from a plurality of clients. A rate at which the software application was uninstalled on the plurality of clients is determined based on the installation events. A reputation score is generated based on the rate at which the software application was uninstalled on the plurality of clients. A reputation score is generated for the software application responsive to the installation event and the performance data. The reputation score storied in association with the software application.

摘要翻译： 从多个客户端接收与软件应用相关联的安装事件。 基于安装事件确定在多个客户端上卸载软件应用程序的速率。 基于在多个客户端上卸载软件应用程序的速率生成信誉分数。 响应于安装事件和性能数据，为软件应用程序生成声誉分数。 信誉评分与软件应用程序相关联。

公开(公告)号：US08468608B1

公开(公告)日：2013-06-18

申请号：US12414466

申请日：2009-03-30

申请人： Brian Hernacki ,  Sourabh Satish ,  William E. Sobel

发明人： Brian Hernacki ,  Sourabh Satish ,  William E. Sobel

IPC分类号： G06F7/04

CPC分类号： G06F21/10 ,  G06F2221/0728

摘要： A DRM server parses a request received from a client for a content identifier and client classification information. The content identifier identifies the requested content and client classification information describes the capabilities of the client. The DRM server determines a policy for the requested content. The policy specifies rules for determining access rights for the content responsive to the capabilities of the client. The DRM server determines access rights for the requested content responsive to the capabilities of the client and the policy. The DRM manager then provides the requested content and the determined access rights to the client.

摘要翻译： DRM服务器解析从客户端接收到的用于内容标识符和客户端分类信息的请求。 内容标识符识别所请求的内容，并且客户端分类信息描述客户端的能力。 DRM服务器确定所请求内容的策略。 该策略指定响应于客户端的能力确定内容的访问权限的规则。 响应于客户端的能力和策略，DRM服务器确定所请求的内容的访问权限。 然后，DRM管理器向客户端提供所请求的内容和确定的访问权限。

公开(公告)号：US08424007B1

公开(公告)日：2013-04-16

申请号：US12242685

申请日：2008-09-30

申请人： Brian Hernacki ,  Sourabh Satish ,  William E. Sobel

发明人： Brian Hernacki ,  Sourabh Satish ,  William E. Sobel

IPC分类号： G06F9/46

CPC分类号： G06F9/4881 ,  G06F9/485 ,  G06F2209/503

摘要： A computer-implemented method for prioritizing virtual machine tasks may include receiving a request to perform a first task from a virtual machine. The request may include information relevant to determining a priority of the task. The method may include determining the priority of the task based on the information. The method may further include scheduling the first task based on the priority of the task. The method may include selecting the first task for execution based on the scheduling. The method may include notifying the virtual machine that the first task has been selected for execution. Various related methods, computer-readable media, and systems are also disclosed.

摘要翻译： 用于对虚拟机任务进行优先级的计算机实现的方法可以包括从虚拟机接收执行第一任务的请求。 该请求可以包括与确定任务的优先级有关的信息。 该方法可以包括基于该信息确定任务的优先级。 该方法还可以包括基于任务的优先级调度第一任务。 该方法可以包括基于调度来选择用于执行的第一任务。 该方法可以包括通知虚拟机第一任务已经被选择用于执行。 还公开了各种相关方法，计算机可读介质和系统。

公开(公告)号：US08332570B1

公开(公告)日：2012-12-11

申请号：US12242734

申请日：2008-09-30

申请人： Randall R. Cook ,  Brian Hernacki ,  Sourabh Satish ,  William E. Sobel

发明人： Randall R. Cook ,  Brian Hernacki ,  Sourabh Satish ,  William E. Sobel

IPC分类号： G06F12/02 ,  G06F9/455

CPC分类号： G06F3/0613 ,  G06F3/0646 ,  G06F3/0676 ,  G06F9/45558 ,  G06F2009/45579 ,  G06F2206/1004

摘要： A computer-implemented method for defragmenting virtual machine prefetch data. The method may include obtaining prefetch information associated with prefetch data of a virtual machine. The method may also include defragmenting, based on the prefetch information, the prefetch data on physical storage. The prefetch information may include a starting location and length of the prefetch data on a virtual disk. The prefetch information may include a geometry specification of the virtual disk. Defragmenting on physical storage may include placing the prefetch data contiguously on physical storage, placing the prefetch data in a fast-access segment of physical storage, and/or ordering the prefetch data according to the order in which it is accessed at system or application startup.

摘要翻译： 用于对虚拟机预取数据进行碎片整理的计算机实现的方法。 该方法可以包括获得与虚拟机的预取数据相关联的预取信息。 该方法还可以包括基于预取信息对物理存储器上的预取数据进行碎片整理。 预取信息可以包括虚拟磁盘上的预取数据的起始位置和长度。 预取信息可以包括虚拟磁盘的几何规格。 物理存储上的碎片整理可能包括将预取数据连续地放置在物理存储上，将预取数据放置在物理存储的快速访问段中，和/或根据系统或应用程序启动时访问顺序对预取数据进行排序 。

公开(公告)号：US08745742B1

公开(公告)日：2014-06-03

申请号：US12264101

申请日：2008-11-03

申请人： Sourabh Satish ,  William E. Sobel ,  Bruce McCorkendale

发明人： Sourabh Satish ,  William E. Sobel ,  Bruce McCorkendale

IPC分类号： G06F12/14 ,  G06F7/00 ,  G06F17/30

CPC分类号： G06F7/00 ,  G06F17/30 ,  G06F21/00 ,  G06F21/568

摘要： A computer-implemented method for processing web content may comprise receiving web content encoded with malicious steganographic code. Before presenting the web content, the method may comprise modifying the web content to create modified content such that information conveyed by the malicious steganographic code is at least partially corrupted in the modified content. Additionally, a functionality of the modified content may be at least substantially similar to a functionality of the web content following modification of the web content to create the modified content. Various other methods, computer-readable media, and systems are also disclosed.

摘要翻译： 用于处理网页内容的计算机实现的方法可以包括接收用恶意隐写代码编码的网络内容。 在呈现网络内容之前，该方法可以包括修改网络内容以创建修改的内容，使得恶意隐身代码传达的信息在修改的内容中至少部分地被破坏。 此外，修改的内容的功能可以至少基本上类似于web内容的修改之后的web内容的功能，以创建修改的内容。 还公开了各种其它方法，计算机可读介质和系统。

公开(公告)号：US08713687B2

公开(公告)日：2014-04-29

申请号：US12336668

申请日：2008-12-17

申请人： William E. Sobel ,  Sourabh Satish

发明人： William E. Sobel ,  Sourabh Satish

IPC分类号： G06F7/04 ,  G06F21/12

CPC分类号： H04L63/20 ,  G06F21/125 ,  G06F21/126 ,  G06F21/552 ,  G06F21/577 ,  G06F21/604 ,  H04L63/1433 ,  H04L63/145

摘要： A computer-implemented method for enabling community-tested security features for legacy applications may include: 1) identifying a plurality of client systems, 2) identifying a legacy application on a client system within the plurality of client systems, 3) identifying a security-feature-enablement rule for the legacy application, 4) enabling at least one security feature for the legacy application by executing the security-feature-enablement rule, 5) determining the impact of the security-feature-enablement rule on the health of the legacy application, and then 6) relaying the impact of the security-feature-enablement rule on the health of the legacy application to a server. Various other methods, systems, and computer-readable media are also disclosed.

摘要翻译： 用于实现遗留应用的经社区测试的安全特征的计算机实现的方法可以包括：1）识别多个客户端系统，2）识别多个客户端系统内的客户端系统上的遗留应用; 3） 用于遗留应用的特征启用规则，4）通过执行安全特征启用规则来为遗留应用启用至少一个安全特征，5）确定安全特征使能规则对遗产的健康的影响 应用程序，然后6）将安全功能启用规则的影响中继到传统应用程序的运行状况到服务器。 还公开了各种其它方法，系统和计算机可读介质。

公开(公告)号：US08353058B1

公开(公告)日：2013-01-08

申请号：US12410166

申请日：2009-03-24

申请人： Bruce McCorkendale ,  Sourabh Satish ,  William E. Sobel

发明人： Bruce McCorkendale ,  Sourabh Satish ,  William E. Sobel

IPC分类号： G08B29/00 ,  G08B23/00 ,  G06F12/14 ,  G06F15/173 ,  H04L9/00

CPC分类号： G06F21/55 ,  G06F21/56 ,  H04L63/1416

摘要： A computer-implemented method for detecting rootkits is disclosed. The computer-implemented method may include sending periodic security communications from a privileged-processor-mode region of a computing device. The computer-implemented method may also include identifying at least one of the periodic security communications. The computer-implemented method may further include determining, based on the periodic security communications, whether the privileged-processor-mode region of the computing device has been compromised. Various other methods, systems, and computer-readable media are also disclosed.

摘要翻译： 公开了一种用于检测rootkit的计算机实现方法。 计算机实现的方法可以包括从计算设备的特权处理器模式区域发送周期性安全通信。 计算机实现的方法还可以包括识别周期性安全通信中的至少一个。 计算机实现的方法还可以包括基于周期性安全通信来确定计算设备的特权处理器模式区域是否已被破坏。 还公开了各种其它方法，系统和计算机可读介质。

公开(公告)号：US08353021B1

公开(公告)日：2013-01-08

申请号：US12242625

申请日：2008-09-30

申请人： Sourabh Satish ,  William E. Sobel

发明人： Sourabh Satish ,  William E. Sobel

IPC分类号： H04L29/06

CPC分类号： H04L63/0263 ,  H04L63/0218

摘要： A security system monitors the trustworthiness and firewall configurations of a set of clients, where a firewall configuration comprises a set of firewall rules that control access by an application to network communication functionalities of a client. Based on the firewall rules used by other clients and the reputation of those clients, the system determines a set of default firewall rules by selecting one or more rules that are used by the more trustworthy clients. The default firewall rules are made available to other clients, which may use these default rules. This leverages community knowledge about how much network access to allow for a particular application.

摘要翻译： 安全系统监视一组客户机的可信赖性和防火墙配置，其中防火墙配置包括控制应用程序对客户端的网络通信功能的访问的一组防​​火墙规则。 根据其他客户端使用的防火墙规则和这些客户端的声誉，系统通过选择一个或多个更可信赖的客户端使用的规则来确定一组默认防火墙规则。 默认防火墙规则对其他客户端可用，可能使用这些默认规则。 这有助于社区关于允许特定应用程序访问多少网络的知识。