公开(公告)号：JP2006285983A

公开(公告)日：2006-10-19

申请号：JP2006073364

申请日：2006-03-16

Applicant: Microsoft Corp ,  マイクロソフト コーポレーション

Inventor： THOMAS ANIL FRANCIS ,  HUDIS EFIM ,  KRAMER MICHAEL ,  COSTEA MIHAI ,  BAHL PRADEEP ,  DADHIA RAJESH K ,  EDERY YIGAL

IPC: G06F21/22 ,  G06F21/20

CPC classification number: G06F21/56 ,  G06F21/562 ,  G06F21/577

Abstract: PROBLEM TO BE SOLVED: To provide a system, a method, and a computer-readable medium for aggregating a knowledge base from a plurality of security services or another event collection system for protecting a computer from malware. SOLUTION: One embodiment of this invention is a method for protecting the computer from the malware. Specifically, using an anti-malware service or another event collection system, a doubtful event implicitly implying malware is observed, it is determined whether the doubtful event satisfies a previously decided threshold value or not, and a limitative security policy designed for preventing spread of the malware is applied when the doubtful event satisfies the previously decided threshold value. COPYRIGHT: (C)2007,JPO&INPIT

Abstract translation: 要解决的问题：提供用于从多个安全服务聚集知识库或用于保护计算机免受恶意软件的另一事件收集系统的系统，方法和计算机可读介质。 解决方案：本发明的一个实施例是用于保护计算机免受恶意软件的影响的方法。 具体来说，使用反恶意软件服务或其他事件收集系统，观察到隐含暗示恶意软件的可疑事件，确定可疑事件是否满足先前确定的阈值，以及设计用于防止恶意软件扩散的限制性安全策略 当可疑事件满足先前确定的阈值时，应用恶意软件。 版权所有（C）2007，JPO＆INPIT

公开(公告)号：WO2010005814A3

公开(公告)日：2010-04-01

申请号：PCT/US2009048898

申请日：2009-06-26

Applicant: MICROSOFT CORP

Inventor： EDERY YIGAL ,  NICE NIR ,  CROSS DAVID B

IPC: H04L12/22 ,  H04L9/32 ,  H04L12/14 ,  H04L12/66

CPC classification number: H04L63/205 ,  G06Q10/06375 ,  G06Q30/04 ,  H04L63/102 ,  H04L63/1433 ,  H04L63/145 ,  H04L63/1475

Abstract: A network protection solution is provided by which security capabilities of a client machine are communicated to a network security gateway so that a variety of processes can be automatically and dynamically distributed between the gateway and the client machine in a way that achieves a target level of security for the client while consuming the least possible amount of resources on the gateway. For example, for a client that is compliant with specified health and/or corporate governance policies and which is known to have A/V capabilities that are deployed and operational, the network security gateway will not need to perform additional A/V scanning on incoming network traffic to the client which can thus save resources at the gateway and lower operating costs.

Abstract translation: 提供了一种网络保护解决方案，通过该网络保护解决方案，客户端机器的安全能力被传送到网络安全网关，使得可以以实现目标安全级别的方式在网关和客户机之间自动和动态地分布各种进程 为客户端消耗网关上尽可能少的资源。 例如，对于符合指定的健康和/或公司治理策略并且已知具有部署和运行的A / V功能的客户端，网络安全网关将不需要在传入时执行附加的A / V扫描 网络流量到客户端，从而可以节省网关资源，降低运营成本。

公开(公告)号：WO2011139790A3

公开(公告)日：2012-01-26

申请号：PCT/US2011034183

申请日：2011-04-27

Applicant: MICROSOFT CORP

Inventor： EDERY YIGAL ,  SOUZA LIDIANE

IPC: G06F9/06 ,  G06F9/22 ,  G06F9/44

CPC classification number: G06F9/543 ,  G06F9/45545

Abstract: A system for executing a virtual application may use a virtualized operating system to execute an application. The application may be delivered to a host device through streaming, either to a streaming client in the virtual operating system or as a package that may include the virtualized operating system. The virtualized operating system may have a user interface connection to a host operating system to make the virtual application appear as a native application in the host operating system.

Abstract translation: 用于执行虚拟应用的系统可以使用虚拟操作系统来执行应用。 该应用可以通过流式传输到主机设备，或者被传送到虚拟操作系统中的流客户端，或作为可以包括虚拟操作系统的软件包。 虚拟化操作系统可以具有到主机操作系统的用户界面连接，以使虚拟应用在主机操作系统中显示为本地应用。

公开(公告)号：WO2008147737A3

公开(公告)日：2009-01-22

申请号：PCT/US2008063995

申请日：2008-05-16

Applicant: MICROSOFT CORP

Inventor： HOLOSTOV VLADIMIR ,  EDERY YIGAL

IPC: G06F3/12 ,  G06F3/14 ,  G06F17/00

CPC classification number: H04L63/145 ,  G06F21/562

Abstract: A client device transmits requests via a gateway to a server in a network environment. The requests indicate specific portions of a file on a server to be transmitted as part of the download process. The gateway receives into its memory the requested portions of the file and assembles the received portions into an assembly file. The gateway continuously scans the largest contiguous sequence of the portions in the assembly file for viruses while the requested portions of the file are being received and become available before feeding the received portions to the client computer. By scanning the largest consecutive sequence while new portions become available, the time to complete the scan is reduced thereby increasing the throughput of the gateway.

Abstract translation: 客户端设备通过网关向网络环境中的服务器发送请求。 这些请求指示要作为下载过程的一部分发送的服务器上的文件的特定部分。 网关在其存储器中接收文件的请求部分，并将接收的部分组装成汇编文件。 网关连续地扫描装配文件中部分的最大连续序列，同时文件的请求部分正在被接收并且在将接收到的部分馈送给客户端计算机之前变得可用。 通过在新部分变得可用的情况下扫描最大的连续序列，减少完成扫描的时间，从而增加网关的吞吐量。

公开(公告)号：WO2008150707A2

公开(公告)日：2008-12-11

申请号：PCT/US2008064396

申请日：2008-05-21

Applicant: MICROSOFT CORP

Inventor： HOLOSTOV VLADIMIR ,  EDERY YIGAL

IPC: G06F21/22 ,  G06F21/20 ,  G11B7/13

CPC classification number: H04L63/105 ,  H04L63/145

Abstract: A client transmits requests via a gateway to a server in a network environment. The requests indicate content on a server to be transmitted as part of download process. The gateway receives into its memory the requested content and also maintains characteristics of the server and the client. The gateway adjusts the depth of scanning of the content for malware based on the retrieved server and client characteristics in order to optimize a balance between effectiveness of anti-malware scanning and a resulting user experience.

Abstract translation: 客户端通过网关向网络环境中的服务器发送请求。 这些请求指示要作为下载过程的一部分传输的服务器上的内容。 网关在其内存中收到所请求的内容，并保持服务器和客户端的特性。 网关根据检索的服务器和客户端特性调整恶意软件内容的扫描深度，以优化反恶意软件扫描的有效性与最终用户体验之间的平衡。

公开(公告)号：EP2297899A4

公开(公告)日：2014-08-06

申请号：EP09794973

申请日：2009-06-26

Applicant: MICROSOFT CORP

Inventor： EDERY YIGAL ,  NICE NIR ,  CROSS DAVID B

IPC: H04L12/22 ,  H04L9/32 ,  H04L12/14 ,  H04L12/66 ,  H04L29/06

CPC classification number: H04L63/205 ,  G06Q10/06375 ,  G06Q30/04 ,  H04L63/102 ,  H04L63/1433 ,  H04L63/145 ,  H04L63/1475

公开(公告)号：EP2171570A4

公开(公告)日：2011-01-05

申请号：EP08755779

申请日：2008-05-16

Applicant: MICROSOFT CORP

Inventor： HOLOSTOV VLADIMIR ,  EDERY YIGAL

IPC: G06F3/12 ,  G06F3/14

CPC classification number: H04L63/145 ,  G06F21/562

Abstract: A client device transmits requests via a gateway to a server in a network environment. The requests indicate specific portions of a file on a server to be transmitted as part of the download process. The gateway receives into its memory the requested portions of the file and assembles the received portions into an assembly file. The gateway continuously scans the largest contiguous sequence of the portions in the assembly file for viruses while the requested portions of the file are being received and become available before feeding the received portions to the client computer. By scanning the largest consecutive sequence while new portions become available, the time to complete the scan is reduced thereby increasing the throughput of the gateway.