Patent application number | Description | Published |
20100107257 | SYSTEM, METHOD AND PROGRAM PRODUCT FOR DETECTING PRESENCE OF MALICIOUS SOFTWARE RUNNING ON A COMPUTER SYSTEM - A system, method and program product for detecting presence of malicious software running on a computer system. The method includes locally querying the system to enumerate a local inventory of tasks and network services running on the system for detecting presence of malicious software running on the system and remotely querying the system from a remote system via a network to enumerate a remote inventory of tasks and network services running on the system for detecting presence of malicious software running on the system, where the local inventory enumerates ports in use on the system and where the remote inventory enumerates ports in use on the system. Further, the method includes collecting the local inventory and the remote inventory and comparing the local inventory with the remote inventory to identify any discrepancies between the local and the remote inventories for detecting presence of malicious software running on the system. | 04-29-2010 |
20110167495 | METHOD AND SYSTEM FOR DETECTING MALWARE - A system and method of analysis. NX domain names are collected from an asset in a real network. The NX domain names are domain names that are not registered. The real network NX domain names are utilized to create testing vectors. The testing vectors are classified as benign vectors or malicious vectors based on training vectors. The asset is then classified as infected if the NX testing vector created from the real network NX domain names is classified as a malicious vector. | 07-07-2011 |
20110283361 | METHOD AND SYSTEM FOR NETWORK-BASED DETECTING OF MALWARE FROM BEHAVIORAL CLUSTERING - A computerized system and method for performing behavioral clustering of malware samples, comprising: executing malware samples in a controlled computer environment fbr a predetermined time to obtain HTTP traffic; clustering the malware samples into at least one cluster based on network behavioral information from the HTTP traffic; and extracting, using the at least one processor, network signatures from the HTTP traffic information for each cluster, the network signatures being indicative of malware infection. | 11-17-2011 |
20120084862 | Detecting Malicious Use of Computer Resources by Tasks Running on a Computer System - A method, apparatus, and computer program product for identifying malware is disclosed. The method identifies processes in a running process list on a host computer system. The method identifies ports assigned to the processes in the running process list on the host computer system. The method determines whether any one of ports that is currently in use in the host computer system is not assigned to any of the processes in the running process list. The method then makes a record that a hidden, running process is present as a characteristic of an attack in response to a determination that one of the ports is currently in use but is not assigned to any of the processes in the running process list in the host computer system. | 04-05-2012 |
20140101759 | METHOD AND SYSTEM FOR DETECTING MALWARE - A system and method of analysis. NX domain names are collected from an asset in a real network. The NX domain names are domain names that are not registered. The real network NX domain names are utilized to create testing vectors. The testing vectors are classified as benign vectors or malicious vectors based on training vectors. The asset is then classified as infected if the NX testing vector created from the real network NX domain names is classified as a malicious vector. | 04-10-2014 |
20150026808 | METHOD AND SYSTEM FOR NETWORK-BASED DETECTING OF MALWARE FROM BEHAVIORAL CLUSTERING - A computerized system and method for performing behavioral clustering of malware samples, comprising: executing malware samples in a controlled computer environment for a predetermined time to obtain HTTP traffic; clustering the malware samples into at least one cluster based on network behavioral information from the HTTP traffic; and extracting, using the at least one processor, network signatures from the HTTP traffic information for each cluster, the network signatures being indicative of malware infection. | 01-22-2015 |
Patent application number | Description | Published |
20100154032 | System and Method for Classification of Unwanted or Malicious Software Through the Identification of Encrypted Data Communication - A method for identifying malware or unauthorized software communications implemented within a computer infrastructure, the method including detecting an encrypted communication and determining identification data for the encrypted communication. Additionally, the method includes comparing the detected encrypted communication to at least one of a list of applications authorized for encrypted communications using the identification data and a list of authorized destinations of encrypted communications using the identification data. Furthermore, the method includes identifying the detected encrypted communication as an unauthorized encrypted communication in response to a determination that at least one of the detected encrypted communication is from an unauthorized application, which is not on the list of applications authorized for encrypted communications, based on the comparing and the detected encrypted communication is to an unauthorized destination, which is not on the list of authorized destinations. | 06-17-2010 |
20100154061 | SYSTEM AND METHOD FOR IDENTIFYING MALICIOUS ACTIVITIES THROUGH NON-LOGGED-IN HOST USAGE - A method for identifying malware activities, implemented within a computer infrastructure, includes receiving a data communication via a data channel and determining a user is not interactively logged in to a host. Additionally, the method includes identifying the data communication as a potential malware communication in response to the determining the user is not interactively logged in to the host. | 06-17-2010 |
20120096556 | SYSTEM AND METHOD FOR IDENTIFYING MALICIOUS ACTIVITIES THROUGH NON-LOGGED-IN HOST USAGE - A method for identifying malware activities, implemented within a computer infrastructure, includes receiving a data communication via a data channel and determining a user is not interactively logged in to a host. Additionally, the method includes identifying the data communication as a potential malware communication in response to the determining the user is not interactively logged in to the host. | 04-19-2012 |
20140130169 | IDENTIFICATION OF MALICIOUS ACTIVITIES THROUGH NON-LOGGED-IN HOST USAGE - A system and associated computer program product for identifying malware. The system includes one or more processors, one or more computer-readable memories, one or more computer-readable storage devices, and program instructions stored on the one or more storage devices for execution by the one or more processors via the one or more memories. The program instructions include program instructions to receive a data communication simulating manual interaction between a user of the computer and the computer. The program instructions may determine that no user was interactively logged on to the computer approximately at a time the data communication was received by the computer, and in response, classify the data communication as a potential malware communication. | 05-08-2014 |
20150074812 | Detecting Malicious Use of Computer Resources by Tasks Running on a Computer System - A method, apparatus, and computer program product for identifying malware is disclosed. The method identifies processes in a running process list on a host computer system. The method identifies ports assigned to the processes in the running process list on the host computer system. The method determines whether any one of ports that is currently in use in the host computer system is not assigned to any of the processes in the running process list. The method then makes a record that a hidden, running process is present as a characteristic of an attack in response to a determination that one of the ports is currently in use but is not assigned to any of the processes in the running process list in the host computer system. | 03-12-2015 |
Patent application number | Description | Published |
20080229349 | Recordable optical data storage disc - A recordable data storage disc comprises a substrate having a spirally or concentrically shaped groove pattern. A groove depth of the groove pattern is greater than 90 nanometers, and a track pitch provided by the groove pattern is less than 500 nanometers. The data storage disc further comprises a write-once recording layer formed on the groove pattern, and a reflector layer formed on the recording layer opposite the substrate. The groove depth of greater than 90 nanometers allows a thicker coating of dye to be used for the recording layer compared to other recordable data storage discs with a groove pattern with a groove depth of 90 nanometers or less. The thicker coating of dye allows a lower write power, better modulation when reading a data signal from the disc. The groove depth of greater than 90 nanometers may also allow for more precise push-pull tracking. | 09-18-2008 |
20120168690 | NANOWIRE RECOVERY METHODS, COMPOSITIONS, AND ARTICLES - Methods of recovering compositions comprising nanowires and the product compositions are disclosed and claimed. The product compositions produced by these methods are able to provide equivalent performance to virgin raw materials in transparent conductive film manufacturing processes. | 07-05-2012 |
20120207644 | NANOWIRE PREPARATION METHODS, COMPOSITIONS, AND ARTICLES - Methods of producing metal nanowires employing tubular continuous-flow reactors and their products are described and claimed. Such methods can provide superior nanowire uniformity without agglomeration. Such nanowires are useful for electronic applications. | 08-16-2012 |
20120298931 | VISCOSITY MODIFIER COMPOSITIONS AND METHODS - Disclosed are conductive coatings that exhibit improved clarity, uniformity, and mechanical strength. Such coatings comprising volatile viscosity modifiers are useful for electronics applications. | 11-29-2012 |
20120301737 | TRANSPARENT CONDUCTIVE FILMS, METHODS, AND ARTICLES - Disclosed are compositions and methods that provide flexible transparent conductive films that exhibit low levels of oligomer migration and haze development, without making use of costly substrates based on PEN film or PET films having low oligomer content. Such flexible transparent conductive films are useful in electronic and optical applications. | 11-29-2012 |
20130343950 | NANOWIRE PREPARATION METHODS, COMPOSITIONS, AND ARTICLES - Methods of producing metal nanowires employing tubular continuous-flow reactors and their products are described and claimed. Such methods can provide superior nanowire uniformity without agglomeration. Such nanowires are useful for electronic applications. | 12-26-2013 |
20140099486 | PATTERNED FILMS AND METHODS - Methods of patterning films that enable visual identification of patterned films and the patterned regions on them, while still achieving minimally discernible optical differences between the patterned and unpatterned regions in devices incorporating the patterned films. Such methods can exhibit wide successful manufacturing operating windows and the patterned films are useful in electronic applications. | 04-10-2014 |