Patents by Inventor Jigar J. Mody
Jigar J. Mody has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 8707436Abstract: A system and method for defining code by its functionality is disclosed. The technology initially accesses a portion of code. Once the portion of code is accessed at least one functional operation embedded in the code is determined. When the functional operation in the code is determined, the portion of code is then defined by the functional operation. In so doing, the portion of code can be defined by functional operation without requiring the consideration of any semantics related to the portion of code.Type: GrantFiled: April 1, 2011Date of Patent: April 22, 2014Assignee: Microsoft CorporationInventors: Jigar J. Mody, Neil A. Cowie
-
Patent number: 8667583Abstract: A malware analysis system is described that provides information about malware execution history on a client computer and allows automated back-end analysis for faster creation of identification signatures and removal instructions. The malware analysis system collects threat information on client computers and sends the threat information to a back-end analysis component for automated analysis. The back-end analysis component analyzes the threat information by comparing the threat information to information about known threats. The system builds a signature for identifying the threat family and a mitigation script for neutralizing the threat. The system sends the signature and mitigation data to client computers, which use the information to mitigate the threat. Thus, the malware analysis system detects and mitigates threats more quickly than previous systems by reducing the burden on technicians to manually create environments for reproducing the threats and manually analyze the threat behavior.Type: GrantFiled: September 22, 2008Date of Patent: March 4, 2014Assignee: Microsoft CorporationInventors: Alexey Polyakov, Marc Seinfeld, Jigar J. Mody, Ning Sun, Tony Lee, Chengyun Chu
-
Patent number: 8214895Abstract: Aspects of the subject matter described herein relate to identifying good files and malware based on whitelists and blacklists. In aspects, a node starts a scan of files on a data store. In conjunction with starting the scan, the node creates a data structure that indicates the directories on the data store. The node sends the data structure to a whitelist server and a blacklist server and an indication of a last successful time of communication. The whitelist and blacklist servers respond to the node with information about any new files that have been added to the directories since the last successful communication. The node may subsequently use the information to identify known good files and malware.Type: GrantFiled: September 26, 2007Date of Patent: July 3, 2012Assignee: Microsoft CorporationInventors: Chengi Jimmy Kuo, Jigar J. Mody
-
Publication number: 20110191757Abstract: A system and method for defining code by its functionality is disclosed. The technology initially accesses a portion of code. Once the portion of code is accessed at least one functional operation embedded in the code is determined. When the functional operation in the code is determined, the portion of code is then defined by the functional operation. In so doing, the portion of code can be defined by functional operation without requiring the consideration of any semantics related to the portion of code.Type: ApplicationFiled: April 1, 2011Publication date: August 4, 2011Applicant: MICROSOFT CORPORATIONInventors: Jigar J. Mody, Neil A. Cowie
-
Patent number: 7945956Abstract: A system and method for defining code by its functionality is disclosed. The technology initially accesses a portion of code. Once the portion of code is accessed at least one functional operation embedded in the code is determined. When the functional operation in the code is determined, the portion of code is then defined by the functional operation. In so doing, the portion of code can be defined by functional operation without requiring the consideration of any semantics related to the portion of code.Type: GrantFiled: May 18, 2006Date of Patent: May 17, 2011Assignee: Microsoft CorporationInventors: Jigar J. Mody, Neil A. Cowie
-
Patent number: 7809670Abstract: The present invention is directed to a method and system for automatically classifying an application into an application group which is previously classified in a knowledge base. More specifically, a runtime behavior of an application is captured as a series of events which are monitored and recorded during the execution of the application. The series of events are analyzed to find a proper application group which shares common runtime behavior patterns with the application. The knowledge base of application groups is previously constructed based on a large number of sample applications. The construction of the knowledge base is done in such a manner that each sample application can be classified into application groups based on a set of classification rules in the knowledge base. The set of classification rules are applied to a new application in order to classify the new application into one of the application groups.Type: GrantFiled: December 8, 2006Date of Patent: October 5, 2010Assignee: Microsoft CorporationInventors: Tony Lee, Jigar J. Mody, Ying Lena Lin, Adrian M. Marinescu, Alexey A. Polyakov
-
Publication number: 20100077481Abstract: A malware analysis system is described that provides information about malware execution history on a client computer and allows automated back-end analysis for faster creation of identification signatures and removal instructions. The malware analysis system collects threat information on client computers and sends the threat information to a back-end analysis component for automated analysis. The back-end analysis component analyzes the threat information by comparing the threat information to information about known threats. The system builds a signature for identifying the threat family and a mitigation script for neutralizing the threat. The system sends the signature and mitigation data to client computers, which use the information to mitigate the threat. Thus, the malware analysis system detects and mitigates threats more quickly than previous systems by reducing the burden on technicians to manually create environments for reproducing the threats and manually analyze the threat behavior.Type: ApplicationFiled: September 22, 2008Publication date: March 25, 2010Applicant: Microsoft CorporationInventors: Alexey Polyakov, Marc Seinfeld, Jigar J. Mody, Ning Sun, Tony Lee, Chengyun Chu
-
Publication number: 20090083852Abstract: Aspects of the subject matter described herein relate to identifying good files and malware based on whitelists and blacklists. In aspects, a node starts a scan of files on a data store. In conjunction with starting the scan, the node creates a data structure that indicates the directories on the data store. The node sends the data structure to a whitelist server and a blacklist server and an indication of a last successful time of communication. The whitelist and blacklist servers respond to the node with information about any new files that have been added to the directories since the last successful communication. The node may subsequently use the information to identify known good files and malware.Type: ApplicationFiled: September 26, 2007Publication date: March 26, 2009Applicant: MICROSOFT CORPORATIONInventors: Chengi Jimmy Kuo, Jigar J. Mody
-
Publication number: 20070288894Abstract: A system and method for defining code by its functionality is disclosed. The technology initially accesses a portion of code. Once the portion of code is accessed at least one functional operation embedded in the code is determined. When the functional operation in the code is determined, the portion of code is then defined by the functional operation. In so doing, the portion of code can be defined by functional operation without requiring the consideration of any semantics related to the portion of code.Type: ApplicationFiled: May 18, 2006Publication date: December 13, 2007Applicant: Microsoft CorporationInventors: Jigar J. Mody, Neil A. Cowie