Methods and Systems for Detecting Malware
Granted: June 24, 2010
Application Number:
20100162395
A method for detecting malware is disclosed. The method may include examining a plurality of metadata fields of a plurality of known-clean-executable files. The method may also include examining a plurality of metadata fields of a plurality of known-malicious-executable files. The method may further include deducing, based on information obtained from examining the plurality of metadata fields of the plurality of known-clean- and known-malicious-executable files, metadata-field…
Methods and Systems for Enabling Community-Tested Security Features for Legacy Applications
Granted: June 17, 2010
Application Number:
20100154027
A computer-implemented method for enabling community-tested security features for legacy applications may include: 1) identifying a plurality of client systems, 2) identifying a legacy application on a client system within the plurality of client systems, 3) identifying a security-feature-enablement rule for the legacy application, 4) enabling at least one security feature for the legacy application by executing the security-feature-enablement rule, 5) determining the impact of the…
Context-Aware Real-Time Computer-Protection Systems and Methods
Granted: June 17, 2010
Application Number:
20100154056
A computer-implemented method for determining, in response to an event of interest, whether to perform a real-time file scan by examining the full context of the event of interest may comprise: 1) detecting an event of interest, 2) identifying at least one file associated with the event of interest, 3) accessing contextual metadata associated with the event of interest, 4) accessing at least one rule that comprises criteria for determining, based on the event of interest and the…
Balanced Consistent Hashing for Distributed Resource Management
Granted: June 10, 2010
Application Number:
20100146122
A method, system, computer-readable storage medium and apparatus for balanced and consistent placement of resource management responsibilities within a multi-computer environment, such as a cluster, that are both scalable and make efficient use of cluster resources are provided. Embodiments reduce the time that a cluster is unavailable due to redistribution of resource management responsibilities by reducing the amount of redistribution of those responsibilities among the surviving…
METHOD, DEVICE AND SYSTEM FOR STORING DATA IN CACHE IN CASE OF POWER FAILURE
Granted: May 13, 2010
Application Number:
20100121992
A method, device and system for storing data in a cache in case of power failure are disclosed. The method includes: in case of power failure of a storage system, receiving configuration information from a central processing unit (CPU); establishing a mapping relationship between an address of data in the cache and an address in a storage device according to the configuration information; sending a signaling message that carries the mapping relationship to the cache, so that the cache…
METHOD AND APPARATUS FOR REDUCING FALSE POSITIVE DETECTION OF MALWARE
Granted: April 1, 2010
Application Number:
20100083376
Method and apparatus for detecting malware are described. In some examples, files of unknown trustworthiness are identified as potential threats on the computer. A trustworthiness level for each of the files is received from a backend. The trustworthiness level of each of the files is compared to a threshold level. Each of the files where the trustworthiness level thereof satisfies the threshold level is designated as a false positive threat. Each of the files where the trustworthiness…
METHOD AND APPARATUS FOR DETERMINING SOFTWARE TRUSTWORTHINESS
Granted: March 25, 2010
Application Number:
20100077479
Aspects of the invention relate to a method, apparatus, and computer readable medium for determining software trustworthiness. In some examples, a software package identified as including at least one file of unknown trustworthiness is installed on a clean machine. A report package including a catalog of files that have been installed or modified on the clean machine by the software package is generated. Identification attributes for each of the files in the catalog is determined. Each…
Graduated Enforcement of Restrictions According to an Application's Reputation
Granted: March 25, 2010
Application Number:
20100077445
Security software on a client observes a request for a resource from an application on the client and then determines the application's reputation. The application's reputation may be measured by a reputation score obtained from a remote reputation server. The security software determines an access policy from a graduated set of possible access policies for the application based on the application's reputation. The security software applies the access policy to the application's request…
SYSTEMS AND METHODS FOR CONTROLLING ACCESS TO DATA THROUGH APPLICATION VIRTUALIZATION LAYERS
Granted: March 11, 2010
Application Number:
20100064340
A computer-implemented method for controlling access to data is. A request to access data is received. A determination is made that an access-control policy of the data is satisfied. A virtualization layer is activated to allow access to the data after determining that the access-control policy is satisfied. Various other methods, systems, and computer-readable media are also disclosed.
METHOD AND APPARATUS FOR AUTOMATIC SNAPSHOT
Granted: February 25, 2010
Application Number:
20100049932
A method for automatic snapshot includes obtaining the amount of data written into a source Logical Unit Number (LUN) and performing increment accumulation; and taking a snapshot when a value of the increment accumulation exceeds the upper limit value. An apparatus for automatic snapshot is disclosed. In one embodiment of the invention, snapshots are taken according to the size of a data variable, only two characterizing parameters, an upper limit value and an increment value need to be…
Control of Website Usage Via Online Storage of Restricted Authentication Credentials
Granted: January 21, 2010
Application Number:
20100017889
A client communicates with a website usage server via a network to gain access to an account on a website. The client requests an indication of whether user access to the account on the website is permitted. The website usage server determines whether website usage is permitted based at least in part on a website usage policy associated with the website and the user. The website usage server provides restricted authentication credentials to the website responsive to determining that…
METHODS AND SYSTEMS FOR DETERMINING FILE CLASSIFICATIONS
Granted: January 21, 2010
Application Number:
20100017877
A computer-implemented method for determining file classifications. The method may include determining identification information of a first file stored on a first computing system. The method may also include querying a second computing system for classification information by sending the identification information of the first file to the second computing system. The first computing system may receive, in response to the query, identification information of a second file. The first…
METHOD, SYSTEM AND SERVER FOR FILE RIGHTS CONTROL
Granted: January 7, 2010
Application Number:
20100005514
A file rights control method, a file rights control system, and a server are described. The file rights control method includes: monitoring identity information of a file author; determining at least one authorization object of the file according to identity information of the file author; determining rights corresponding to different authorization objects of the file according to the identity information of the file author and the at least one authorization object of the file; and…
METHOD AND SYSTEM FOR CONTROLLING A TERMINAL ACCESS AND TERMINAL FOR CONTROLLING AN ACCESS
Granted: January 7, 2010
Application Number:
20100005181
A method and a system for controlling terminal access, and a terminal for controlling access are provided. The method includes: receiving a policy configuration sent by a server on a network side; modifying local setting according to the policy configuration; and controlling an access authority of the terminal according to the modified local setting. Thus, when terminal access control is needed for a terminal connected to the network, the policy configuration can be delivered to the…
Simplified Communication of a Reputation Score for an Entity
Granted: December 31, 2009
Application Number:
20090328209
A reputation server is coupled to multiple clients via a network. A security module in each client monitors client encounters with entities such as files, programs, and websites, and then computes a hygiene score based on the monitoring. The hygiene scores are then provided to the reputation server, which computes reputation scores for the entities based on the clients' hygiene scores and the interactions between the clients and the entity. When a particular client encounters an entity,…
METHOD AND SYSTEM FOR DETECTING A MALICIOUS CODE
Granted: December 31, 2009
Application Number:
20090327688
Embodiments of the present invention provide a method and a system for detecting a malicious code. The method includes obtaining first system information and second system information, and detecting the malicious code by identifying difference between the first system information and the second system information, which thus can detect an unknown malicious code, improve the system security, and can be easily implemented.
METHOD, DEVICE AND SYSTEM FOR NETWORK INTERCEPTION
Granted: December 31, 2009
Application Number:
20090323536
A method, a device, and a system for network interception are provided. The method for network interception includes the following steps. A matching rule obtained by parsing an interception policy. Received data are selected by adopting a deep packet inspection (DPI) according to the matching rule so as to obtain an interception result, in which the received data are obtained by adopting data preprocessing to filter packet data according to a service customizing rule obtained by parsing…
METHOD, SYSTEM AND APPARATUS FOR ACQUIRING INTERFACE
Granted: December 24, 2009
Application Number:
20090319985
A method, system and apparatus for acquiring an interface are provided. The method includes: acquiring, by an interface requester, an interface identification and an interface generation parameter in response to a request from a client, transmitting the interface identification and the interface generation parameter to an interface arranger, the interface identification being used to identify an interface generator that may generate an interface; generating, by an interface arranger, an…
METHOD AND SYSTEM FOR MANAGING PORT STATUSES OF A NETWORK DEVICE AND RELAY DEVICE
Granted: December 24, 2009
Application Number:
20090316572
A method, a system for managing port status of a network device, and a relay device are provided in the field of network management. The method includes the following steps. A relay device detects working status of ports in a logic group, and the ports are mounted on the relay device and connected to an upstream/downstream device. When it is detected that the working status of a port in the logic group is Down, the relay device sets the working status of the other ports in the logic…
METHOD, SYSTEM AND PROCESSOR FOR PROCESSING NETWORK ADDRESS TRANSLATION SERVICE
Granted: December 3, 2009
Application Number:
20090296706
A method, a system, and a processor for processing a network address translation (NAT) service are provided. The method includes: performing NAT service identification of a received message, and selecting a corresponding NAT service processor for processing a NAT service of a message that needs a NAT service processing from at least two NAT service processors. Through embodiments of the disclosure, a demand for the system to process a lot of NAT services within a short time is fulfilled,…
