-
公开(公告)号:US12093391B2
公开(公告)日:2024-09-17
申请号:US18303108
申请日:2023-04-19
Applicant: Dell Products L.P.
Inventor: Philippe Armangau , Wai C. Yim , Nagasimha Haravu
CPC classification number: G06F21/568 , G06F21/561 , G06F21/566 , G06F21/577 , G06F21/60 , G06F2221/034
Abstract: A technique of protecting data from ransomware attacks identifies a set of blocks written to a data object between first and second points in time, determines a set of attributes of the set of blocks, and, in response to the set of attributes indicating a likelihood of a ransomware attack, secures a state of the data object as of the first point in time.
-
公开(公告)号:US20240303331A1
公开(公告)日:2024-09-12
申请号:US18475601
申请日:2023-09-27
Applicant: Booz Allen Hamilton Inc.
Inventor: Robert J. Joyce , Edward Simon Pastor Raff
IPC: G06F21/56 , G06N3/0442
CPC classification number: G06F21/561 , G06N3/0442 , G06F2221/034
Abstract: Provided are methods, systems, and non-transitory computer-readable media for generating a feature vector for malware, including storing, in memory of a computing device, program code for a trained neural network that produces embedded representations for antivirus scan data; executing, by a processor of the computing device, the program code for the trained neural network to perform the operations of: (a) receiving an antivirus scan report (AVSR) for a malware file; (b) normalizing each label in the AVSR by separating the label into a sequence of tokens including a set of token strings; (c) embedding a first token and plural second tokens to generate an input sequence for the malware file; (d) inputting the input sequence into a neural model for producing antivirus scan data; and (e) outputting the antivirus scan data produced by the neural model as one or more feature vectors.
-
公开(公告)号:US20240143756A1
公开(公告)日:2024-05-02
申请号:US18384017
申请日:2023-10-26
Applicant: SHARP KABUSHIKI KAISHA
Inventor: AKIRA OGAWA
IPC: G06F21/56
CPC classification number: G06F21/561 , G06F2221/034
Abstract: An information processing apparatus including: one or more controllers that detect a virus and perform a specific measure on a file infected with the virus; and a display that displays that the virus has been detected as display content based on control performed by the one or more controllers, in which the one or more controllers control display indicating that the virus has been detected in a case where the file from which the virus has been cleaned as a result of the specific measure corresponds to the file as a target of the display indicating that the virus has been detected.
-
公开(公告)号:US11960987B2
公开(公告)日:2024-04-16
申请号:US18096013
申请日:2023-01-12
Applicant: Guobiao Zhang
Inventor: Guobiao Zhang
IPC: G06N3/063 , G06F9/30 , G06F13/40 , G06F15/80 , G06F18/21 , G06F21/56 , G10L15/183 , G10L15/22 , H01L25/065 , H01L25/18
CPC classification number: G06N3/063 , G06F9/3001 , G06F13/4004 , G06F15/803 , G06F18/21 , G06F21/561 , G10L15/183 , G10L15/22 , H01L25/0657 , H01L25/18 , G06F2221/034 , H01L2224/08145 , H01L2225/06503 , H01L2225/06506 , H01L2225/06513 , H01L2225/06524 , H01L2225/06541
Abstract: A discrete three-dimensional (3-D) processor a plurality of storage-processing units (SPU's), each of which comprises a non-memory circuit and more than one 3-D memory (3D-M) array. The preferred 3-D processor further comprises communicatively coupled first and second dice. The first die comprises the 3D-M arrays and the in-die peripheral-circuit components thereof; whereas, the second die comprises the non-memory circuits and off-die peripheral-circuit components of the 3D-M arrays.
-
公开(公告)号:US11914701B2
公开(公告)日:2024-02-27
申请号:US17883281
申请日:2022-08-08
Applicant: Capital One Services, LLC
Inventor: Vincent Pham , Joseph Boayue , Lee Adcock , Geeta Shyamala , Ana Cruz , Christopher Camenares , Nahid Farhady Ghalaty
IPC: G06F21/53 , G06F21/56 , G06F9/4401 , G06F21/57 , H04L29/06
CPC classification number: G06F21/53 , G06F9/442 , G06F21/561 , G06F21/564 , G06F21/566 , G06F21/577
Abstract: To facilitate improved email and device security, embodiments of systems and methods include intercepting, by a processor associated with an entity, an internet request, where the internet request is produced by a link received in an email at a first computing device. The processor determines that the link is externally bound relative to an entity network. The processor determines an existence of a sandbox environment instance in a set of existing sandbox environment instances. The processor routes the link through the sandbox environment instance. The processor updates the sandbox log in the database based on the sandbox environment instance and the link. The processor causes to display on a screen of the first computing device a user interface for interacting with the link in the sandbox environment instance, and the processor logs activities associated with interacting with the link in a security log.
-
公开(公告)号:US20240012907A1
公开(公告)日:2024-01-11
申请号:US18369926
申请日:2023-09-19
Applicant: SONICWALL INC.
CPC classification number: G06F21/566 , G06F21/53 , G06F21/561
Abstract: Methods and apparatus consistent with the present disclosure may be performed by a Cloud computing device may use instrumentation code that remains transparent to an application program that the instrumentation code has been injected into, may perform deep packet inspection (DPI) on computer data, or identify a content rating associated with computer data. In certain instances, data sets that include executable code may be received via packetized communications or be received via other means, such as, receiving a file from a data store. The present technique allows one or more processors executing instrumentation code to monitor actions performed by the program code included in a received data set. Malware can be detected using exception handling to track memory allocations of the program code included in the received data set. Furthermore, access to content associated with malware, potential malware, or with inappropriate content ratings may be blocked.
-
公开(公告)号:US11809556B2
公开(公告)日:2023-11-07
申请号:US17412123
申请日:2021-08-25
Applicant: Endgame Systems, Inc.
Inventor: William Finlayson , Hyrum Anderson
CPC classification number: G06F21/561 , G06F21/562 , G06N3/04 , G06V30/40
Abstract: A system and a method for analyzing files using visual cues in the presentation of the file is provided. These visual aids may be extracted using a convolutional neural network, classified, and used in conjunction with file metadata to determine if a provided document is likely to be malicious. This methodology may be extended to detect a variety of social engineering-related attacks including phishing sites or malicious emails. A method for analyzing a received file to determine if the received file comprises malicious code begins with generating an image that would be displayed if the received file is opened by the native software program. Then the image is analyzed, and output is generated. Metadata is also extracted from the received file. Then, a maliciousness score is generated based on the output, the metadata, and a reference dataset.
-
公开(公告)号:US20230244916A1
公开(公告)日:2023-08-03
申请号:US17720294
申请日:2022-04-14
Applicant: MICROSOFT TECHNOLOGY LICENSING, LLC
Inventor: Jack Wilson STOKES, III , Jurijs NAZAROVS , Melissa TURCOTTE , Justin CARROLL , Itai GRADY ASHKENAZY
CPC classification number: G06N3/0472 , G06F21/561 , G06N3/08
Abstract: The techniques disclosed herein identify ransomware attacks as they are occurring, improving the security and functionality of computer systems. Ransomware attacks are identified using a new probabilistic machine learning model that better handles the unique properties of ransomware data. Ransomware data includes a list of computing operations, some of which are labeled as being associated with ransomware attacks. In contrast to deterministic machine learning techniques that learn weights, probabilistic machine learning techniques learn the parameters of a distribution function. In some configurations, a radial Spike and Slab distribution function is used within a Bayesian neural network framework to better handle sparse, missing, and imbalanced data. Once trained, the machine learning model may be provided with real-time operations, e.g., from a cloud service security module, from which to infer whether a ransomware attack is taking place.
-
9.发明公开
公开(公告)号:US20230222207A1
公开(公告)日:2023-07-13
申请号:US18186555
申请日:2023-03-20
Applicant: Digital Guardian LLC
Inventor: Dwayne A. Carson
IPC: G06F21/56
CPC classification number: G06F21/561 , G06F21/566 , G06F2221/034
Abstract: Provided herein are systems and methods for determining a likelihood that an executable comprises malware. A learning engine may determine a plurality of attributes of an executable identified in a computing environment, and a corresponding weight to assign to each of the plurality of attributes. Each of the plurality of attributes may be indicative of a level of risk for the computing environment. The learning engine may generate, according to the determined plurality of attributes and the corresponding weights, one or more scores indicative of a likelihood that the executable comprises malware. A rule engine may perform an action to manage operation of the executable, according to the generated one or more scores.
-
公开(公告)号:US11695001B2
公开(公告)日:2023-07-04
申请号:US17964888
申请日:2022-10-12
Applicant: Guobiao Zhang
Inventor: Guobiao Zhang
IPC: H01L25/18 , H01L25/065 , G06F15/80 , G06F9/30 , G06F21/56 , G10L15/22 , G06K9/62 , G10L15/183 , G06F18/21
CPC classification number: H01L25/18 , G06F9/3001 , G06F15/803 , G06F18/21 , G06F21/561 , G10L15/183 , G10L15/22 , H01L25/0657 , G06F2221/034 , H01L2225/06506 , H01L2225/06513 , H01L2225/06524 , H01L2225/06541
Abstract: A discrete three-dimensional (3-D) processor comprises first and second dice. The first die comprises 3-D memory (3D-M) arrays, whereas the second die comprises logic circuits and at least an off-die peripheral-circuit component of the 3D-M array(s). Typical off-die peripheral-circuit component could be an address decoder, a sense amplifier, a programming circuit, a read-voltage generator, a write-voltage generator, a data buffer, or a portion thereof.
