Patents by Inventor Ronald A Franczyk

Ronald A Franczyk has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 8769673
    Abstract: Methods for identifying potentially harmful, malicious, or unwanted content based upon associations with known offenders are provided. Executable content associated with a domain is identified. The executable content URL and the domain are compared to URLs/domains known to be associated with malicious content. If the URL and/or the domain has been identified as associated with offending code, the remaining domain contents and any available associated information are examined to identify any referencing domains, referenced domains, linking domains, affiliated entities, etc. Each identified domain, affiliate, etc. is subsequently examined in a similar manner to identify any domain, entity, etc. having an association with malicious content. Each identified domain, entity, etc. is assigned a suspicion level based upon proximity to the source of the offending code. If desired, relationships among the domains, entities, and the like may be relationally mapped to render associations easier to identify.
    Type: Grant
    Filed: February 28, 2007
    Date of Patent: July 1, 2014
    Assignee: Microsoft Corporation
    Inventors: Jeffrey S. Williams, Ronald A. Franczyk, Tony Lee
  • Patent number: 8646038
    Abstract: Systems, methods, and/or techniques (“tools”) that relate to an automated service for blocking malware hosts are described herein. In different implementations, the tools receive network addresses identifying hosts that are discovered to contain malware. The tools also provide the network addresses to a collection and storage service. Other components provided by the tools receive the network addresses from, for example, a plurality of reporting clients. These components may aggregate the network addresses across the reporting clients, and store instances of the malware and associated malware addresses.
    Type: Grant
    Filed: September 15, 2006
    Date of Patent: February 4, 2014
    Assignee: Microsoft Corporation
    Inventors: Anthony Blumfield, Ronald Franczyk, Andrew Newman, Anatoly Koretsky
  • Patent number: 7730040
    Abstract: Embodiments of a feedback-driven malware detector are directed to protecting a computer from programs that perform actions that are malicious or not expected by a user. In one embodiment, the feedback-driven malware detector performs a method that initially determines whether the state of an application program scheduled to be added to an extensibility point on a computer is already known. If the state of the object is not already known, the user is informed that an application program is being installed on the computer and that the application program is being added to an extensibility point. Then, input is obtained from the user that assists in determining whether the application program is malware.
    Type: Grant
    Filed: July 27, 2005
    Date of Patent: June 1, 2010
    Assignee: Microsoft Corporation
    Inventors: Sterling M Reasor, Andrew J Newman, Ronald A Franczyk, Jason Garms, Christopher Ryan Jones
  • Publication number: 20080209552
    Abstract: Methods for identifying potentially harmful, malicious, or unwanted content based upon associations with known offenders are provided. Executable content associated with a domain is identified. The executable content URL and the domain are compared to URLs/domains known to be associated with malicious content. If the URL and/or the domain has been identified as associated with offending code, the remaining domain contents and any available associated information are examined to identify any referencing domains, referenced domains, linking domains, affiliated entities, etc. Each identified domain, affiliate, etc. is subsequently examined in a similar manner to identify any domain, entity, etc. having an association with malicious content. Each identified domain, entity, etc. is assigned a suspicion level based upon proximity to the source of the offending code. If desired, relationships among the domains, entities, and the like may be relationally mapped to render associations easier to identify.
    Type: Application
    Filed: February 28, 2007
    Publication date: August 28, 2008
    Applicant: MICROSOFT CORPORATION
    Inventors: Jeffrey S. Williams, Ronald A. Franczyk, Tony Lee
  • Publication number: 20080127306
    Abstract: Systems, methods, and/or techniques (“tools”) that relate to an automated service for blocking malware hosts are described herein. In different implementations, the tools receive network addresses identifying hosts that are discovered to contain malware. The tools also provide the network addresses to a collection and storage service. Other components provided by the tools receive the network addresses from, for example, a plurality of reporting clients. These components may aggregate the network addresses across the reporting clients, and store instances of the malware and associated malware addresses.
    Type: Application
    Filed: September 15, 2006
    Publication date: May 29, 2008
    Applicant: Microsoft Corporation
    Inventors: Anthony Blumfield, Ronald Franczyk, Andrew Newman, Anatoly Koretsky
  • Publication number: 20070162975
    Abstract: Generally described, a method, software system, and computer-readable medium are provided for efficiently collecting data this useful in developing software systems to identify and protect against malware. In accordance with one embodiment, a method for collecting data to determine whether a malware is propagating in a networking environment is provided. More specifically, the method includes receiving preliminary data sets at a server computer from a plurality of client computers that describes attributes of a potential malware. Then a determination is made regarding whether secondary data is needed to implement systems for protecting against the potential malware. If secondary data is needed, the method causes the secondary data to be collected when an additional preliminary data set is received from a client computer.
    Type: Application
    Filed: January 6, 2006
    Publication date: July 12, 2007
    Applicant: Microssoft Corporation
    Inventors: Adam Overton, Alexey Polyakov, Andrew Newman, Jason Garms, Ronald Franczyk, Scott Field, Sterling Reasor
  • Publication number: 20070038677
    Abstract: Embodiments of a feedback-driven malware detector are directed to protecting a computer from programs that perform actions that are malicious or not expected by a user. In one embodiment, the feedback-driven malware detector performs a method that initially determines whether the state of an application program scheduled to be added to an extensibility point on a computer is already known. If the state of the object is not already known, the user is informed that an application program is being installed on the computer and that the application program is being added to an extensibility point. Then, input is obtained from the user that assists in determining whether the application program is malware.
    Type: Application
    Filed: July 27, 2005
    Publication date: February 15, 2007
    Applicant: Microsoft Corporation
    Inventors: Sterling Reasor, Andrew Newman, Ronald Franczyk, Jason Garms, Christopher Jones