Patents by Inventor Jason Geffner
Jason Geffner has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10891378Abstract: Automated malware signature generation is disclosed. Automated malware signature generation includes monitoring incoming unknown files for the presence of malware and analyzing the incoming unknown files based on both a plurality of classifiers of file behavior and a plurality of classifiers of file content. An incoming file is classified as having a particular malware classification based on the analyzing of incoming unknown files and a malware signature is generated for the incoming unknown file based on the particular malware classification. Access is provided to the malware signature.Type: GrantFiled: May 29, 2018Date of Patent: January 12, 2021Assignee: Microsoft Technology Licensing, LLCInventors: Ning Sun, Patrick Winkler, Chengyun Chu, Hong Jia, Jason Geffner, Tony Lee, Jigar Mody, Frank Swiderski
-
Publication number: 20190073476Abstract: Automated malware signature generation is disclosed. Automated malware signature generation includes monitoring incoming unknown files for the presence of malware and analyzing the incoming unknown files based on both a plurality of classifiers of file behavior and a plurality of classifiers of file content. An incoming file is classified as having a particular malware classification based on the analyzing of incoming unknown files and a malware signature is generated for the incoming unknown file based on the particular malware classification. Access is provided to the malware signature.Type: ApplicationFiled: May 29, 2018Publication date: March 7, 2019Inventors: Ning Sun, Patrick Winkler, Chengyun Chu, Hong Jia, Jason Geffner, Tony Lee, Jigar Mody, Frank Swiderski
-
Patent number: 9996693Abstract: Automated malware signature generation is disclosed. Automated malware signature generation includes monitoring incoming unknown files for the presence of malware and analyzing the incoming unknown files based on both a plurality of classifiers of file behavior and a plurality of classifiers of file content. An incoming file is classified as having a particular malware classification based on the analyzing of incoming unknown files and a malware signature is generated for the incoming unknown file based on the particular malware classification. Access is provided to the malware signature.Type: GrantFiled: June 1, 2012Date of Patent: June 12, 2018Assignee: Microsoft Technology Licensing, LLCInventors: Ning Sun, Patrick Winkler, Chengyun Chu, Hong Jia, Jason Geffner, Tony Lee, Jigar Mody, Frank Swiderski
-
Publication number: 20150033339Abstract: The techniques described herein identify, and/or distinguish between, legitimate code and/or irrelevant code in programs so that an analyst does not have to spend additional time sifting through and/or considering the irrelevant code when viewing the code of the program. Therefore, the analyst can be more efficient when determining a type of a program (e.g., malware) and/or when determining the actions of the program. For instance, a security researcher may be tasked with identifying the malware and/or determining the harmful or deceptive actions the malware executes on a computer (e.g., deletion of a file, the targeting of sensitive information such as social security numbers or credit card numbers, etc.).Type: ApplicationFiled: July 29, 2013Publication date: January 29, 2015Applicant: CrowdStrike, Inc.Inventor: Jason Geffner
-
Publication number: 20120260343Abstract: Automated malware signature generation is disclosed. Automated malware signature generation includes monitoring incoming unknown files for the presence of malware and analyzing the incoming unknown files based on both a plurality of classifiers of file behavior and a plurality of classifiers of file content. An incoming file is classified as having a particular malware classification based on the analyzing of incoming unknown files and a malware signature is generated for the incoming unknown file based on the particular malware classification. Access is provided to the malware signature.Type: ApplicationFiled: June 1, 2012Publication date: October 11, 2012Applicant: Microsoft CorporationInventors: Ning Sun, Patrick Winkler, Chengyun Chu, Hong Jia, Jason Geffner, Tony Lee, Jigar Mody, Frank Swiderski
-
Patent number: 8201244Abstract: Automated malware signature generation is disclosed. Automated malware signature generation includes monitoring incoming unknown files for the presence of malware and analyzing the incoming unknown files based on both a plurality of classifiers of file behavior and a plurality of classifiers of file content. An incoming file is classified as having a particular malware classification based on the analyzing of incoming unknown files and a malware signature is generated for the incoming unknown file based on the particular malware classification. Access is provided to the malware signature.Type: GrantFiled: September 19, 2006Date of Patent: June 12, 2012Assignee: Microsoft CorporationInventors: Ning Sun, Patrick Winkler, Chengyun Chu, Hong Jia, Jason Geffner, Tony Lee, Jigar Mody, Frank Swiderski
-
Patent number: 7802299Abstract: A binary function database system is provided in which binary functions are extracted from compiled and linked program files and stored in a database as robust abstractions which can be matched with others using one or more function matching heuristics. Such abstraction allows for minor variations in function implementation while still enabling matching with an identical stored function in the database, or with a stored function with a given level of confidence. Metadata associated with each function is also typically generated and stored in the database. In an illustrative example, a structured query language database is utilized that runs on a central database server, and that tracks function names, the program file from which the function is extracted, comments and other associated information as metadata during an analyst's live analysis session to enable known function information that is stored in the database to be applied to binary functions of interest that are disassembled from the program file.Type: GrantFiled: April 9, 2007Date of Patent: September 21, 2010Assignee: Microsoft CorporationInventors: Jason Geffner, Ning Sun, Brad Albrecht, Tony Lee, Pat Winkler, Chengyun Chu
-
Publication number: 20080250018Abstract: A binary function database system is provided in which binary functions are extracted from compiled and linked program files and stored in a database as robust abstractions which can be matched with others using one or more function matching heuristics. Such abstraction allows for minor variations in function implementation while still enabling matching with an identical stored function in the database, or with a stored function with a given level of confidence. Metadata associated with each function is also typically generated and stored in the database. In an illustrative example, a structured query language database is utilized that runs on a central database server, and that tracks function names, the program file from which the function is extracted, comments and other associated information as metadata during an analyst's live analysis session to enable known function information that is stored in the database to be applied to binary functions of interest that are disassembled from the program file.Type: ApplicationFiled: April 9, 2007Publication date: October 9, 2008Applicant: Microsoft CorporationInventors: Jason Geffner, Ning Sun, Brad Albrecht, Tony Lee, Pat Winkler, Chengyun Chu
-
Publication number: 20080127336Abstract: Automated malware signature generation is disclosed. Automated malware signature generation includes monitoring incoming unknown files for the presence of malware and analyzing the incoming unknown files based on both a plurality of classifiers of file behavior and a plurality of classifiers of file content. An incoming file is classified as having a particular malware classification based on the analyzing of incoming unknown files and a malware signature is generated for the incoming unknown file based on the particular malware classification. Access is provided to the malware signature.Type: ApplicationFiled: September 19, 2006Publication date: May 29, 2008Applicant: Microsoft CorporationInventors: Ning Sun, Patrick Winkler, Chengyun Chu, Hong Jia, Jason Geffner, Tony Lee, Jigar Mody, Frank Swiderski
-
Publication number: 20070079366Abstract: A system and a method for redirecting data packets, the system comprising a stateless bi-directional proxy for redirecting data packets, said data packets including a header and a body, said header including a source address that identifies the source of the data packet and a destination address that identifies the destination of the data packet. The stateless bi-directional proxy comprises: a first and second input/output interfaces for receiving and sending data packets; a storage component for storing source and destination addresses; and a processing component for changing the source and destination addresses of the received data packets to stored source and destination addresses.Type: ApplicationFiled: October 3, 2005Publication date: April 5, 2007Applicant: Microsoft CorporationInventor: Jason Geffner