DOCSLIB.ORG

(12) United States Patent (10) Patent No.: US 7,574.433 B2 Engel (45) Date of Patent: Aug

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
(12) United States Patent (10) Patent No.: US 7,574.433 B2 Engel (45) Date of Patent: Aug US007574.433B2 (12) United States Patent (10) Patent No.: US 7,574.433 B2 Engel (45) Date of Patent: Aug. 11, 2009 (54) CLASSIFICATION-EXPANDED INDEXING 6,598,046 B1* 7/2003 Goldberg et al. ............... 707/5 AND RETRIEVAL OF CLASSIFIED 6,625,596 B1 9/2003 Nunez ........................... 707/3 DOCUMENTS 6,711,585 B1* 3/2004 Copperman et al. ...... TO7 104.1 6,778,979 B2 * 8/2004 Grefenstette et al. ........... 707/3 (75)75 Inventor: Alan Kent Engel, Villanova, PA (US) 6,928,4256,820,075 B2 * 1 8/20051/2004 GrefenstetteShanahan et al.et al............... ........... 707/2707/3 7,031,961 B2 * 4/2006 Pitkow et al. .................. 7O7/4 (73) Assignee: Paterra, Inc., Kerrville, TX (US) 7, 177,904 B1* 2/2007 Mathur et al. ............... TO9.204 2002/0147738 A1 10, 2002 Read (*) Notice: Subject to any disclaimer, the term of this 2003,0229626 A1 12/2003 s patent is extended or adjusted under 35 2004/01770.15 A1 9, 2004 Galai et al. U.S.C. 154(b) by 566 days. FOREIGN PATENT DOCUMENTS (21) Appl. No.: 10/960,725 JP 2003-345950 A 12/2003 (22) Filed: Oct. 8, 2004 * cited by examiner (65) Prior Publication Data Primary Examiner Shahid A. Alam (74) Attorney, Agent, or Firm Gianna Julian-Arnold; Miles US 2006/0242118A1 Oct. 26, 2006 & Stockbridge P.C. (51) Int. Cl. 57 ABSTRACT G06F 7/30 (2006.01) (57) (52) U.S. Cl. ................. 707/4; 707/3; 707/5; 707/104.1 Document classification systems are valuable tools for (58) Field of Classification Search ..................... 707/3, Searching and retrieving classified documents but can be pro 707/5, 4, 104.1: 709/201, 204; 715/209 hibitively complex and cumbersome for users. See application file for complete search history. (56) References Cited A system for the indexing and retrieval of classified docu ments inserts keywords, titles or definitions of previously U.S. PATENT DOCUMENTS applied classifications into the document record and provides the resulting record to a search engine. Searchers are able to 5,765,176 A * 6/1998 Bloomberg ................. 715,514 retrieve documents by searching on keywords from the clas 5,835,087 A * 1 1/1998 Herz et al. .................. T15,810 6,038,560 A 3/2000 Wical ............................ 707/5 sification system without looking up class coding. RE36,653 E 4/2000 Heckel et al. 6,105,022 A 8/2000 Takahashi et al. 30 Claims, 12 Drawing Sheets P100 LoadXML record from stream P10 P102 Add class titles P103 from database Convert to HTM P104.html and Save to document store U.S. Patent Aug. 11, 2009 Sheet 1 of 12 US 7,574.433 B2 200 402 100 405 FIG. 1 U.S. Patent Aug. 11, 2009 Sheet 2 of 12 US 7,574.433 B2 100 P O. O. O. c isD Ron OeP 120 O O O D D 140 131 133 FIG 2 Typical Document Server Web Site U.S. Patent US 7,574.433 B2 9deOSION O SlapdSÁÐAQOVQ Gae)£"OIH U.S. Patent Aug. 11, 2009 Sheet 4 of 12 US 7,574.433 B2 Uhited States Patent Application 20040177088 Kind Oode A1 Jeffrey, Joel September 9, 2004 Wode-spectrum information search engine Abstract A method and computer program product for comparing documents includes segmenting a judgment matrix into a plurality of information sub-matrices where each submatrix has a plurality of classifications and a plurat it y of terms relevant to each classification; evaluating a relevance of each term of the plurality of terms with respect to each classification of each information submatrix of the information submatrices; calculating an information spectrum for a first document based upon at least some of the plurality of terms; calculating an information spectrum for a second document based upon at least Some of the plurality of terms; and identifying the second document as relevant to the first document based upon a comparison of the calculated information spectrums. Inventors: Jeffrey, Joel; (Weat on, IL) Correspondence Name and Address; FSH & ROHARDSON P. C. 3300 DAN RAUSOHER PLAZA MNNEAPOS MN 55402 US Assignee Name and Adress: H5 Technologies, Inc., a California Corporation Serial No.: 800217 Series Code: 10 Filed; March 12, 2004 U. S. Ourrent O ass: 707 102 U. S. Oass at Publication: 707/102 Intern I O aSS: GO6F 017/30 FIG. 4 U.S. Patent Aug. 11, 2009 Sheet 5 of 12 US 7,574.433 B2 Uhi ted States Patent Application 20040177088 Kind Obde A Jeffrey, Joel September 9, 2004 Wode-spectrum information search engine Abstract A method and computer program product for comparing documents includes segmenting a judgment matrix into a plurality of information sub-matrices where each submatrix has a plurality of classifications and a plurality of terms relevant to each classification; evaluating a relevance of each term of the plurality of terms with respect to each classification of each information submatrix of the information submatrices, calculating an information spectrum for a first document based upon at east some of the plurality of terms; calculating an information spectrum for a second docurrent based upon at least some of the plurality of terms; and identifying the second document as relevant to the first document based upon a comparison of the calculated information spect runs. inventors: Jeffrey, Joel; (Wheaton, L) Correspondence Name and Address: FSH & RCHARDSON P. C. 3300 DAN RASOHER PLAZA MNNEAPOS Assignee Nate and Adress: H5 Technologies, Inc., a California corporation Serial Nb, : 800217 Series Obde: 10 Filed: March 12, 2004 U. S. Current Class: 7071102 - Oass 707 DATA PROCESSNG DATABASE AND FLE MANAGEMENT OR DATA STRUCTURES - 100 DAABASE SCHEMA OR DATASTRUCTURE - 102 Generating database or data structure (e.g., via user interface) U. S. Oass at Publication: 707 102 Intern' O ass: GO6F 017130 FIG. 5 U.S. Patent Aug. 11, 2009 Sheet 6 of 12 US 7,574.433 B2 United States Patent Application 20040177088 Krd Obde A Jeffrey, Joel September 9, 2004 Wole-spectrum information search engine Abstract A method and computer program product for comparing documents includes segmenting a judgment matrix into a plurality of information sub-matrices where each submatrix has a plurality of classifications and a plurality of terms relevant to each classification; evaluating a relevance of each term of the plurality of terms with respect to each classification of each information submatrix of the information submatrices; calculating an information spectrum for a first document based upon at east some of the plurality of terms; calculating an information spectrum for a second document based upon at least some of the plurality of terms; and identifying the second document as relevant to the first document based upon a comparison of the calculated information spect runs. inventors: Jeffrey, Joel; (Weat on, ) Obrrespondence Nante and Address: FSH & R OHARDSON P. C. 33OO DAN RASOHER PLAZA MNNEAPOS MN 554.02 US Assignee Name and Adress: H5 Technologies, Inc., a California Corporation Serial Nb, : 800217 Series Code: 10 Fied: March 12, 2004 U. S. Current O ass: 7071102 - 27 707 is : 7-2-M-777 MJSid:7-5-liik - 100 -3-M-2. Zs-it-s-s - 102 7-5-M-Art:7-2-likofER (Big l-t-. 1 st 7t-2 (s) ) U. S. Oass at Rublication: 707l 102 Intern' OaSS: CD6F 0730 FIG. 6 U.S. Patent Aug. 11, 2009 Sheet 7 of 12 US 7,574.433 B2 FIG. 7 U.S. Patent Aug. 11, 2009 Sheet 8 of 12 US 7,574.433 B2 title O COO2SOOOOOO Class 2 APPAREL MSCELLANEOUS GUARD OR PROTECTOR Body COver 5 3 COO2S457000 457 Hazardous material body cover FIG. 8a. Classid ancestroid U.S. Patent Aug. 11, 2009 Sheet 9 of 12 US 7,574.433 B2 P100 LOadXML record from Stream P10 Add class titles from database P103 P104 Save to document Store FIG. 9 U.S. Patent Aug. 11, 2009 Sheet 10 of 12 US 7,574.433 B2 Get subclass Code from m spDOM P103.1 Set append target to <USCS/> P103.2 Load class hierarchy for Subclass (spGetSubclassHierarchy) For each row in roWSet UCStree element with Create/insert new same classid in target? USCtree element in classid sequence P103.8 P103.7 Set append target Set append target to existing element to new element FIG 10 U.S. Patent Aug. 11, 2009 Sheet 11 of 12 US 7,574.433 B2 P100 LoadXML record from Stream P101 Add class titles from database P103 Convert to HM P104.html and Save to document Store U.S. Patent Aug. 11, 2009 Sheet 12 of 12 US 7,574.433 B2 P100 loadXML record from Stream P101 P104 Save to document Store US 7,574.433 B2 1. 2 CLASSIFICATION-EXPANDED INDEXING As a result the advantages of classification and indexing AND RETRIEVAL OF CLASSIFIED systems are beyond the grasp of more casual users and infor DOCUMENTS mation professionals. On the other hand, the rapid recent growth of fulltext-base TECHNICAL FIELD 5 patent retrieval services on the Internet has led lay persons and information professionals alike to rely increasingly on keyword searching. While keyword searching has its advan This invention relates to the indexing and retrieval of docu tages and is easy to use, variations in terminology can easily ments to which classification codes and Schemes have been lead to missed documents. Moreover, the intellectual product applied and, in particular, relates to the indexing and retrieval 10 embodied in the classifications applied to the documents is of patent documents. totally lost. In related art, D & B Duns Market Identifiers database on BACKGROUND DIALOG (http://library.dialog.com/bluesheets/html/ bI0516.html) provides for searching SIC descriptors as a It is standard practice for intellectual property authorities 15 search field.
Load more

Recommended publications
  • Vbscript Programmer's Reference
    Table of Contents VBScript Programmer's Reference...................................................................................................................1 Introduction.........................................................................................................................................................6 Who is this Book For?............................................................................................................................6 How to Use this Book.............................................................................................................................6 What is VBScript?..................................................................................................................................7 What Can You Do With VBScript?......................................................................................................11 What Tools Do You Need to Use VBScript?.......................................................................................14 What's New in VBScript 5?..................................................................................................................15 Code Conventions.................................................................................................................................17 Tell Us What You Think.......................................................................................................................17 Customer Support.................................................................................................................................18
    [Show full text]
  • Xcentrisity® BIS Addpack for Visual COBOL
    Xcentrisity® BIS AddPack for Visual COBOL User's Guide Micro Focus The Lawn 22-30 Old Bath Road Newbury, Berkshire RG14 1QN UK http://www.microfocus.com © Copyright 2009-2020 Micro Focus or one of its affiliates. MICRO FOCUS, the Micro Focus logo and Visual COBOL are trademarks or registered trademarks of Micro Focus or one of its affiliates. All other marks are the property of their respective owners. 2020-06-17 ii Contents Xcentrisity Business Information Server for Visual COBOL User's Guide ............................................................................................................................. 5 Copyright and Trademarks .................................................................................................. 5 Introducing the Business Information Server ...................................................................... 5 Overview .................................................................................................................. 6 Installation on Windows ............................................................................................7 Installation on UNIX ..................................................................................................9 Testing the Installation ............................................................................................11 Uninstalling BIS for IIS ........................................................................................... 11 Uninstalling BIS for Apache ....................................................................................12
    [Show full text]
  • HTTP Cookie - Wikipedia, the Free Encyclopedia 14/05/2014
    HTTP cookie - Wikipedia, the free encyclopedia 14/05/2014 Create account Log in Article Talk Read Edit View history Search HTTP cookie From Wikipedia, the free encyclopedia Navigation A cookie, also known as an HTTP cookie, web cookie, or browser HTTP Main page cookie, is a small piece of data sent from a website and stored in a Persistence · Compression · HTTPS · Contents user's web browser while the user is browsing that website. Every time Request methods Featured content the user loads the website, the browser sends the cookie back to the OPTIONS · GET · HEAD · POST · PUT · Current events server to notify the website of the user's previous activity.[1] Cookies DELETE · TRACE · CONNECT · PATCH · Random article Donate to Wikipedia were designed to be a reliable mechanism for websites to remember Header fields Wikimedia Shop stateful information (such as items in a shopping cart) or to record the Cookie · ETag · Location · HTTP referer · DNT user's browsing activity (including clicking particular buttons, logging in, · X-Forwarded-For · Interaction or recording which pages were visited by the user as far back as months Status codes or years ago). 301 Moved Permanently · 302 Found · Help 303 See Other · 403 Forbidden · About Wikipedia Although cookies cannot carry viruses, and cannot install malware on 404 Not Found · [2] Community portal the host computer, tracking cookies and especially third-party v · t · e · Recent changes tracking cookies are commonly used as ways to compile long-term Contact page records of individuals' browsing histories—a potential privacy concern that prompted European[3] and U.S.
    [Show full text]
  • Aspects of AJAX
    Aspects of AJAX Aspects of AJAX Published online at http://www.mathertel.de/AJAX/AJAXeBook.aspx By Matthias Hertel, 2005•2007 Version 1.2 published 1. May 2007 1 Aspects of AJAX About this book This book is about an AJAX Framework and an AJAX Engine for JavaScript, XML, SOAP, WSDL und ASP.NET using standard Web Services on the server. This book is containing the updated articles and samples from my Blog "Aspects of AJAX", available at http://ajaxaspects.blogspot.com/ together with some new and rewritten articles. The implementation of the Samples, the AJAX Engine and a lot of web controls can be found on http://www.mathertel.de/AJAXEngine/. The License This book and all the articles on my blog are licensed under a Creative Commons Attribution 2.0 License that can be found at http://creativecommons.org/licenses/by/2.0/de/. The software itself is licensed under a BSD style license that can be found at http://www.mathertel.de/License.aspx. State of this book This book is still not finished and will be updated and extended from time to time. You will find more information when reading the Blog or downloading a new copy of this book. There are still a lot of aspects undocumented or undiscovered. State of the Software The AJAX engine is working fine in many projects I do myself and I’ve heard about and you can use it where ever you want. The license model I’ve chosen to publish the information and the source code allows also a commercial use of it.
    [Show full text]
  • Market-Driven Framework for Guiding Optimisation Decisions in Embedded Systems Master of Science Thesis in the Software Engineering Programme
    Market-Driven Framework for Guiding Optimisation Decisions in Embedded Systems Master of Science Thesis in the Software Engineering Programme Sofia Charalampidou Paschalis Tsolakidis Chalmers University of Technology University of Gothenburg Department of Computer Science and Engineering Göteborg, Sweden, August 2013 The Author grants to Chalmers University of Technology and University of Gothenburg the non- exclusive right to publish the Work electronically and in a non-commercial purpose make it accessible on the Internet. The Author warrants that he/she is the author to the Work, and warrants that the Work does not contain text, pictures or other material that violates copyright law. The Author shall, when transferring the rights of the Work to a third party (for example a publisher or a company), acknowledge the third party about this agreement. If the Author has signed a copyright agreement with a third party regarding the Work, the Author warrants hereby that he/she has obtained any necessary permission from this third party to let Chalmers University of Technology and University of Gothenburg store the Work electronically and make it accessible on the Internet. Market-Driven Framework for Guiding Optimisation Decisions in Embedded Systems Sofia Charalampidou, Paschalis Tsolakidis © Sofia Charalampidou, August 2013. © Paschalis Tsolakidis, August 2013. Examiner: Richard Torkar Supervisors: Christian Berger (Chalmers), Tobjörn Mattsson (Mecel AB) Chalmers University of Technology University of Gothenburg Department of Computer Science and Engineering SE-412 96 Göteborg Sweden Telephone + 46 (0)31-772 1000 Department of Computer Science and Engineering Göteborg, Sweden August 2013 Market Driven Framework for Guiding Optimisation Decisions in Embedded Systems CHALMERS UNIVERSITY OF TECHNOLOGY Department of Computer Science and Engineering Abstract The recent need for web connectivity in the embedded systems domain and in particular the In-Vehicle Infotainment (IVI), has fired discussions about the integration of HTML components in these systems.
    [Show full text]
  • Technologies for Connecting and Using Databases and Server Applications on the World Wide Web
    Technologies for Connecting and Using Databases and Server Applications on the World Wide Web by Adolfo G. Castellon Jr. Submitted to the Department of Electrical Engineering and Computer Science on May 23, 1997, in partial fulfillment of the requirements for the degree of Bachelor of Science in Computer Science Abstract This paper presents a study of current technologies used to build applications that make use of the World Wide Web. In particular, this paper discusses three different technologies (Java Beans, OLE/ActiveX and CORBA) born of very different heritage, that are evolving towards a common goal. The emphasis is on technologies that have been recently developed to connect databases to Web applications. Two applications created by the author are used to demonstrate specific types of emerging web technologies. Thesis Supervisor: Dr. Amar Gupta Title: Co-Director, Productivity from Information Technology (PROFIT) Initiative Table of Contents 1 Introduction..............................................................................................................................................................3 1.1 Overview...................................................................................................................................................... ..................................................................................................................................................................3 1.2 Conventions: How to Read This Document.........................................................................................
    [Show full text]
  • Vbscript Programmer’S Reference Third Edition
    VBScript Programmer’s Reference Third Edition Adrian Kingsley-Hughes Kathie Kingsley-Hughes Daniel Read Wiley Publishing, Inc. ffirs.indd iii 8/28/07 9:41:21 AM ffirs.indd vi 8/28/07 9:41:22 AM VBScript Programmer’s Reference Third Edition Introduction . xxv Chapter 1: A Quick Introduction to Programming . 1 Chapter 2: What VBScript Is — and Isn’t! . 31 Chapter 3: Data Types . 45 Chapter 4: Variables and Procedures . 83 Chapter 5: Control of Flow . 109 Chapter 6: Error Handling and Debugging . 129 Chapter 7: The Scripting Runtime Objects . 183 Chapter 8: Classes in VBScript (Writing Your Own COM Objects) . 209 Chapter 9: Regular Expressions . 233 Chapter 10: Client-Side Web Scripting . 261 Chapter 11: Windows Sidebars and Gadgets . 287 Chapter 12: Task Scheduler Scripting . 309 Chapter 13: PowerShell . 345 Chapter 14: Super-Charged Client-Side Scripting . 375 Chapter 15: Windows Script Host . 405 Chapter 16: Windows Script Components . 465 Chapter 17: Script Encoding . 489 Chapter 18: Remote Scripting . 509 Chapter 19: HTML Applications . 517 Chapter 20: Server-Side Web Scripting . 535 Chapter 21: Adding VBScript to Your VB and .NET Applications . 569 (Continued) ffirs.indd i 8/28/07 9:41:21 AM Appendix A: VBScript Functions and Keywords . 603 Appendix B: Variable Naming Convention . 675 Appendix C: Coding Conventions . 677 Appendix D: Visual Basic Constants Supported in VBScript . 681 Appendix E: VBScript Error Codes and the Err Object . 687 Appendix F: The Scripting Runtime Library Object Reference . 703 Appendix G: The Windows Script Host Object Model . 715 Appendix H: Regular Expressions . 723 Appendix I: The Variant Subtypes .
    [Show full text]
  • Discontinued Browsers List
    Discontinued Browsers List Look back into history at the fallen windows of yesteryear. Welcome to the dead pool. We include both officially discontinued, as well as those that have not updated. If you are interested in browsers that still work, try our big browser list. All links open in new windows. 1. Abaco (discontinued) http://lab-fgb.com/abaco 2. Acoo (last updated 2009) http://www.acoobrowser.com 3. Amaya (discontinued 2013) https://www.w3.org/Amaya 4. AOL Explorer (discontinued 2006) https://www.aol.com 5. AMosaic (discontinued in 2006) No website 6. Arachne (last updated 2013) http://www.glennmcc.org 7. Arena (discontinued in 1998) https://www.w3.org/Arena 8. Ariadna (discontinued in 1998) http://www.ariadna.ru 9. Arora (discontinued in 2011) https://github.com/Arora/arora 10. AWeb (last updated 2001) http://www.amitrix.com/aweb.html 11. Baidu (discontinued 2019) https://liulanqi.baidu.com 12. Beamrise (last updated 2014) http://www.sien.com 13. Beonex Communicator (discontinued in 2004) https://www.beonex.com 14. BlackHawk (last updated 2015) http://www.netgate.sk/blackhawk 15. Bolt (discontinued 2011) No website 16. Browse3d (last updated 2005) http://www.browse3d.com 17. Browzar (last updated 2013) http://www.browzar.com 18. Camino (discontinued in 2013) http://caminobrowser.org 19. Classilla (last updated 2014) https://www.floodgap.com/software/classilla 20. CometBird (discontinued 2015) http://www.cometbird.com 21. Conkeror (last updated 2016) http://conkeror.org 22. Crazy Browser (last updated 2013) No website 23. Deepnet Explorer (discontinued in 2006) http://www.deepnetexplorer.com 24. Enigma (last updated 2012) No website 25.
    [Show full text]
  • All Your Iframes Point to Us
    All Your iFRAMEs Point to Us Niels Provos Panayiotis Mavrommatis Moheeb Abu Rajab Fabian Monrose Google Inc. Johns Hopkins University {niels, panayiotis}@google.com {moheeb, fabian}@cs.jhu.edu Abstract tacks are being replaced by other mechanisms. Chief As the web continues to play an ever increasing role among these is the exploitation of the web, and the ser- in information exchange, so too is it becoming the pre- vices built upon it, to distribute malware. vailing platform for infecting vulnerable hosts. In this This change in the playing field is particularly alarm- paper, we provide a detailed study of the pervasiveness ing, because unlike traditional scanning attacks that use of so-called drive-by downloads on the Internet. Drive- push-based infection to increase their population, web- by downloads are caused by URLs that attempt to exploit based malware infection follows a pull-based model. For their visitors and cause malware to be installed and run the most part, the techniques in use today for deliver- automatically. Over a period of 10 months we processed ing web-malware can be divided into two main cate- billions of URLs, and our results shows that a non-trivial gories. In the first case, attackers use various social en- amount, of over 3 million malicious URLs, initiate drive- gineering techniques to entice the visitors of a website by downloads. An even more troubling finding is that to download and run malware. The second, more de- approximately 1.3% of the incoming search queries to vious case, involves the underhanded tactic of targeting Google’s search engine returned at least one URL labeled various browser vulnerabilities to automatically down- as malicious in the results page.
    [Show full text]
  • Hands-On Laboratory on Web Content Injection Attacks
    TALLINN UNIVERSITY OF TECHNOLOGY Faculty of Information Technology Department of Computer Science TUT Centre for Digital Forensics and Cyber Security Hands-on laboratory on web content injection attacks Master’s thesis ITC70LT Anti Räis 121973IVCMM Supervisors Elar Lang, MSc Rain Ottis, PhD Tallinn 2015 Declaration I declare that this thesis is the result of my own research except as cited in the refer- ences. The thesis has not been accepted for any degree and is not concurrently submitted in candidature of any other degree. Anti Räis May 22, 2015 ........................ (Signature) Abstract This thesis focuses on explaining web application injection attacks in a practical hands-on laboratory. It is an improvement on Lang’s [1] master’s thesis about web appli- cation security. One of the main contributions of this thesis is gathering and structuring information about Cross Site Scripting (XSS) attacks and defenses and then presenting them in a practical learning environment. This is done to better explain the nuances and details that are involved in attacks against web applications. A thorough and clear under- standing of how these attacks work is the foundation for defense. The thesis is in English and contains 95 pages of text, 6 chapters, 4 figures, 27 tables. Annotatsioon Magistritöö eesmärk on selgitada kuidas töötavad erinevad kaitsemeetmed veebi- rakenduste rünnete vastu. Töö täiendab osaliselt Langi [1] magistritööd veebirakenduse rünnete kohta. Põhiline panus antud töös on koguda, täiendada ja struktureerida teavet XSS rünnete kohta ning luua õppelabor, kus on võimalik antud teadmisi praktikas rak- endada. See aitab kinnistada ja paremini mõista teemat. Selge ning täpne arusaamine, kuidas ründed toimuvad, on korrektse kaitse aluseks.
    [Show full text]
  • What Are Kernel-Mode Rootkits?
    www.it-ebooks.info Hacking Exposed™ Malware & Rootkits Reviews “Accessible but not dumbed-down, this latest addition to the Hacking Exposed series is a stellar example of why this series remains one of the best-selling security franchises out there. System administrators and Average Joe computer users alike need to come to grips with the sophistication and stealth of modern malware, and this book calmly and clearly explains the threat.” —Brian Krebs, Reporter for The Washington Post and author of the Security Fix Blog “A harrowing guide to where the bad guys hide, and how you can find them.” —Dan Kaminsky, Director of Penetration Testing, IOActive, Inc. “The authors tackle malware, a deep and diverse issue in computer security, with common terms and relevant examples. Malware is a cold deadly tool in hacking; the authors address it openly, showing its capabilities with direct technical insight. The result is a good read that moves quickly, filling in the gaps even for the knowledgeable reader.” —Christopher Jordan, VP, Threat Intelligence, McAfee; Principal Investigator to DHS Botnet Research “Remember the end-of-semester review sessions where the instructor would go over everything from the whole term in just enough detail so you would understand all the key points, but also leave you with enough references to dig deeper where you wanted? Hacking Exposed Malware & Rootkits resembles this! A top-notch reference for novices and security professionals alike, this book provides just enough detail to explain the topics being presented, but not too much to dissuade those new to security.” —LTC Ron Dodge, U.S.
    [Show full text]
  • Secure Input for Web Applications
    Secure Input for Web Applications Martin Szydlowski, Christopher Kruegel, Engin Kirda Secure Systems Lab Technical University Vienna Vienna, Austria {msz,chris,ek}@seclab.tuwien.ac.at Abstract technical sophistication and understanding of many web users have also attracted miscreants who aim to make easy The web is an indispensable part of our lives. Every day, financial profits. The attacks these people have been been millions of users purchase items, transfer money, retrieve launching range from simple social engineering attempts information and communicate over the web. Although the (e.g., using phishing sites) to more sophisticated attacks that web is convenient for many users because it provides any- involve the installation of Trojan horses on client machines time, anywhere access to information and services, at the (e.g., by exploiting vulnerabilities in browsers in so-called same time, it has also become a prime target for miscreants drive-by attacks [19]). who attack unsuspecting web users with the aim of making An important web security research problem is how to an easy profit. The last years have shown a significant rise effectively enable a user who is running a client on an un- in the number of web-based attacks, highlighting the impor- trusted platform (i.e., a platform that may be under the con- tance of techniques and tools for increasing the security of trol of an attacker) to securely communicate with a web ap- web applications. plication. More precisely, can we ensure the confidentiality An important web security research problem is how to and integrity of sensitive data that the user sends to the web enable a user on an untrusted platform (e.g., a computer application even if the user’s platform is compromised by an that has been compromised by malware) to securely trans- attacker? Clearly, this is an important, but difficult problem.
    [Show full text]