Patents by Inventor Chengyun Chu
Chengyun Chu has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20220407687Abstract: This disclosure relates to security assurance of cyber supply chains. An example method includes a downstream party obtaining information regarding a policy of an upstream party to be applied to data of the downstream party, and the downstream party generating credential criteria for trusted access to the data based on a representation of the policy. The example method also includes the downstream party providing to a security assurance facilitator the data in a form accessible in accordance with the credential criteria, and the downstream party obtaining a result from trusted computation implemented by the security assurance facilitator that applies the policy to the data.Type: ApplicationFiled: June 15, 2022Publication date: December 22, 2022Inventor: Chengyun Chu
-
Patent number: 10891378Abstract: Automated malware signature generation is disclosed. Automated malware signature generation includes monitoring incoming unknown files for the presence of malware and analyzing the incoming unknown files based on both a plurality of classifiers of file behavior and a plurality of classifiers of file content. An incoming file is classified as having a particular malware classification based on the analyzing of incoming unknown files and a malware signature is generated for the incoming unknown file based on the particular malware classification. Access is provided to the malware signature.Type: GrantFiled: May 29, 2018Date of Patent: January 12, 2021Assignee: Microsoft Technology Licensing, LLCInventors: Ning Sun, Patrick Winkler, Chengyun Chu, Hong Jia, Jason Geffner, Tony Lee, Jigar Mody, Frank Swiderski
-
Publication number: 20190073476Abstract: Automated malware signature generation is disclosed. Automated malware signature generation includes monitoring incoming unknown files for the presence of malware and analyzing the incoming unknown files based on both a plurality of classifiers of file behavior and a plurality of classifiers of file content. An incoming file is classified as having a particular malware classification based on the analyzing of incoming unknown files and a malware signature is generated for the incoming unknown file based on the particular malware classification. Access is provided to the malware signature.Type: ApplicationFiled: May 29, 2018Publication date: March 7, 2019Inventors: Ning Sun, Patrick Winkler, Chengyun Chu, Hong Jia, Jason Geffner, Tony Lee, Jigar Mody, Frank Swiderski
-
Patent number: 9996693Abstract: Automated malware signature generation is disclosed. Automated malware signature generation includes monitoring incoming unknown files for the presence of malware and analyzing the incoming unknown files based on both a plurality of classifiers of file behavior and a plurality of classifiers of file content. An incoming file is classified as having a particular malware classification based on the analyzing of incoming unknown files and a malware signature is generated for the incoming unknown file based on the particular malware classification. Access is provided to the malware signature.Type: GrantFiled: June 1, 2012Date of Patent: June 12, 2018Assignee: Microsoft Technology Licensing, LLCInventors: Ning Sun, Patrick Winkler, Chengyun Chu, Hong Jia, Jason Geffner, Tony Lee, Jigar Mody, Frank Swiderski
-
Patent number: 8667583Abstract: A malware analysis system is described that provides information about malware execution history on a client computer and allows automated back-end analysis for faster creation of identification signatures and removal instructions. The malware analysis system collects threat information on client computers and sends the threat information to a back-end analysis component for automated analysis. The back-end analysis component analyzes the threat information by comparing the threat information to information about known threats. The system builds a signature for identifying the threat family and a mitigation script for neutralizing the threat. The system sends the signature and mitigation data to client computers, which use the information to mitigate the threat. Thus, the malware analysis system detects and mitigates threats more quickly than previous systems by reducing the burden on technicians to manually create environments for reproducing the threats and manually analyze the threat behavior.Type: GrantFiled: September 22, 2008Date of Patent: March 4, 2014Assignee: Microsoft CorporationInventors: Alexey Polyakov, Marc Seinfeld, Jigar J. Mody, Ning Sun, Tony Lee, Chengyun Chu
-
Publication number: 20120260343Abstract: Automated malware signature generation is disclosed. Automated malware signature generation includes monitoring incoming unknown files for the presence of malware and analyzing the incoming unknown files based on both a plurality of classifiers of file behavior and a plurality of classifiers of file content. An incoming file is classified as having a particular malware classification based on the analyzing of incoming unknown files and a malware signature is generated for the incoming unknown file based on the particular malware classification. Access is provided to the malware signature.Type: ApplicationFiled: June 1, 2012Publication date: October 11, 2012Applicant: Microsoft CorporationInventors: Ning Sun, Patrick Winkler, Chengyun Chu, Hong Jia, Jason Geffner, Tony Lee, Jigar Mody, Frank Swiderski
-
Patent number: 8201244Abstract: Automated malware signature generation is disclosed. Automated malware signature generation includes monitoring incoming unknown files for the presence of malware and analyzing the incoming unknown files based on both a plurality of classifiers of file behavior and a plurality of classifiers of file content. An incoming file is classified as having a particular malware classification based on the analyzing of incoming unknown files and a malware signature is generated for the incoming unknown file based on the particular malware classification. Access is provided to the malware signature.Type: GrantFiled: September 19, 2006Date of Patent: June 12, 2012Assignee: Microsoft CorporationInventors: Ning Sun, Patrick Winkler, Chengyun Chu, Hong Jia, Jason Geffner, Tony Lee, Jigar Mody, Frank Swiderski
-
Patent number: 8095985Abstract: In a protected media path for delivering content from a source to a sink, a source authority (SOTA) on behalf of the source decides with regard to a policy corresponding to the content that a particular type of action with the content is to be refused, and provides a particular enabler to an application. The provided enabler includes information and methods necessary for the application to obtain data necessary to respond to the refusal. The application receives the enabler at an interface thereof and the interface applies a common interaction procedure to run the enabler to obtain the data necessary to respond to the refusal.Type: GrantFiled: October 11, 2007Date of Patent: January 10, 2012Assignee: Microsoft CorporationInventors: Geoffrey Dunbar, Chengyun Chu, James M. Alkove
-
Patent number: 7802299Abstract: A binary function database system is provided in which binary functions are extracted from compiled and linked program files and stored in a database as robust abstractions which can be matched with others using one or more function matching heuristics. Such abstraction allows for minor variations in function implementation while still enabling matching with an identical stored function in the database, or with a stored function with a given level of confidence. Metadata associated with each function is also typically generated and stored in the database. In an illustrative example, a structured query language database is utilized that runs on a central database server, and that tracks function names, the program file from which the function is extracted, comments and other associated information as metadata during an analyst's live analysis session to enable known function information that is stored in the database to be applied to binary functions of interest that are disassembled from the program file.Type: GrantFiled: April 9, 2007Date of Patent: September 21, 2010Assignee: Microsoft CorporationInventors: Jason Geffner, Ning Sun, Brad Albrecht, Tony Lee, Pat Winkler, Chengyun Chu
-
Publication number: 20100077481Abstract: A malware analysis system is described that provides information about malware execution history on a client computer and allows automated back-end analysis for faster creation of identification signatures and removal instructions. The malware analysis system collects threat information on client computers and sends the threat information to a back-end analysis component for automated analysis. The back-end analysis component analyzes the threat information by comparing the threat information to information about known threats. The system builds a signature for identifying the threat family and a mitigation script for neutralizing the threat. The system sends the signature and mitigation data to client computers, which use the information to mitigate the threat. Thus, the malware analysis system detects and mitigates threats more quickly than previous systems by reducing the burden on technicians to manually create environments for reproducing the threats and manually analyze the threat behavior.Type: ApplicationFiled: September 22, 2008Publication date: March 25, 2010Applicant: Microsoft CorporationInventors: Alexey Polyakov, Marc Seinfeld, Jigar J. Mody, Ning Sun, Tony Lee, Chengyun Chu
-
Patent number: 7500267Abstract: A list of computing components to be disabled can be distributed through a computer readable medium to computing devices. A process on these computing devices can read the list and disable listed components. The components can be permanently disabled, or disabled for a limited purpose. A list or list update may be provided with a digital media object that specifies a more or less stringent revocation policy for that object. A media object may also specify a maximum age for the list. This allows owners of digital media to control the stringency of media protection for their property. The process that accesses the list may prompt updates to the list, informing users of component disabling, and prompt replacement of disabled components. Finally, the invention provides techniques for securely transmitting and storing the list to protect it from alteration by unauthorized entities.Type: GrantFiled: April 30, 2004Date of Patent: March 3, 2009Assignee: Microsoft CorporationInventors: Jeffrey R. McKune, Chengyun Chu, James M. Alkove, Sumedh Barde, Alexandre Grigorovitch
-
Publication number: 20080250018Abstract: A binary function database system is provided in which binary functions are extracted from compiled and linked program files and stored in a database as robust abstractions which can be matched with others using one or more function matching heuristics. Such abstraction allows for minor variations in function implementation while still enabling matching with an identical stored function in the database, or with a stored function with a given level of confidence. Metadata associated with each function is also typically generated and stored in the database. In an illustrative example, a structured query language database is utilized that runs on a central database server, and that tracks function names, the program file from which the function is extracted, comments and other associated information as metadata during an analyst's live analysis session to enable known function information that is stored in the database to be applied to binary functions of interest that are disassembled from the program file.Type: ApplicationFiled: April 9, 2007Publication date: October 9, 2008Applicant: Microsoft CorporationInventors: Jason Geffner, Ning Sun, Brad Albrecht, Tony Lee, Pat Winkler, Chengyun Chu
-
Publication number: 20080127336Abstract: Automated malware signature generation is disclosed. Automated malware signature generation includes monitoring incoming unknown files for the presence of malware and analyzing the incoming unknown files based on both a plurality of classifiers of file behavior and a plurality of classifiers of file content. An incoming file is classified as having a particular malware classification based on the analyzing of incoming unknown files and a malware signature is generated for the incoming unknown file based on the particular malware classification. Access is provided to the malware signature.Type: ApplicationFiled: September 19, 2006Publication date: May 29, 2008Applicant: Microsoft CorporationInventors: Ning Sun, Patrick Winkler, Chengyun Chu, Hong Jia, Jason Geffner, Tony Lee, Jigar Mody, Frank Swiderski
-
Publication number: 20080092238Abstract: In a protected media path for delivering content from a source to a sink, a source authority (SOTA) on behalf of the source decides with regard to a policy corresponding to the content that a particular type of action with the content is to be refused, and provides a particular enabler to an application. The provided enabler includes information and methods necessary for the application to obtain data necessary to respond to the refusal. The application receives the enabler at an interface thereof and the interface applies a common interaction procedure to run the enabler to obtain the data necessary to respond to the refusal.Type: ApplicationFiled: October 11, 2007Publication date: April 17, 2008Applicant: Microsoft CorporationInventors: Geoffrey Dunbar, Chengyun Chu, James Alkove
-
Patent number: 7296296Abstract: In a protected media path for delivering content from a source to a sink, a source authority (SOTA) on behalf of the source decides with regard to a policy corresponding to the content that a particular type of action with the content is to be refused, and provides a particular enabler to an application. The provided enabler includes information and methods necessary for the application to obtain data necessary to respond to the refusal. The application receives the enabler at an interface thereof and the interface applies a common interaction procedure to run the enabler to obtain the data necessary to respond to the refusal.Type: GrantFiled: April 8, 2004Date of Patent: November 13, 2007Assignee: Microsoft CorporationInventors: Geoffrey Dunbar, Chengyun Chu, James M. Alkove
-
Publication number: 20050257251Abstract: A list of computing components to be disabled can be distributed through a computer readable medium to computing devices. A process on these computing devices can read the list and disable listed components. The components can be permanently disabled, or disabled for a limited purpose. A list or list update may be provided with a digital media object that specifies a more or less stringent revocation policy for that object. A media object may also specify a maximum age for the list. This allows owners of digital media to control the stringency of media protection for their property. The process that accesses the list may prompt updates to the list, informing users of component disabling, and prompt replacement of disabled components. Finally, the invention provides techniques for securely transmitting and storing the list to protect it from alteration by unauthorized entities.Type: ApplicationFiled: April 30, 2004Publication date: November 17, 2005Applicant: Microsoft CorporationInventors: Jeffrey McKune, Chengyun Chu, James Alkove, Sumedh Barde, Alexandre Grigorovitch
-
Publication number: 20050091488Abstract: In a protected media path for delivering content from a source to a sink, a source authority (SOTA) on behalf of the source decides with regard to a policy corresponding to the content that a particular type of action with the content is to be refused, and provides a particular enabler to an application. The provided enabler includes information and methods necessary for the application to obtain data necessary to respond to the refusal. The application receives the enabler at an interface thereof and the interface applies a common interaction procedure to run the enabler to obtain the data necessary to respond to the refusal.Type: ApplicationFiled: April 8, 2004Publication date: April 28, 2005Applicant: Microsoft CorporationInventors: Geoffrey Dunbar, Chengyun Chu, James Alkove