| Patent application number | Description | Published |
|---|
| 20080240413 | CROSS-CORRELATION BASED ECHO CANCELLER CONTROLLERS - Cross-correlation based echo canceller controllers are described herein. By way of example, a system for controlling an echo canceller having one or more adaptive filters can include one or more adaptive filter controllers each corresponding to one of the one or more adaptive filters and each configured to halt adaptation of its corresponding adaptive filter according to the cross-correlation of its corresponding corrupted signal and its corresponding error signal of its corresponding adaptive filter. | 10-02-2008 |
| 20080240414 | HYBRID ECHO CANCELLER CONTROLLERS - Hybrid echo canceller controllers are described herein. By way of example, a system for controlling an echo canceller can include a signal indicator and an echo canceller controller. The signal indicator can be configured to indicate periods of near-end signal and to indicate periods of echo only with echo-path change in the corrupted signal based at least in part on cross-correlation between two signals associated with the echo canceller. The echo canceller controller can be configured to control the echo canceller according to indications from the signal indicator. | 10-02-2008 |
| 20080240415 | HYBRID ECHO CANCELLER CONTROLLERS - Hybrid echo canceller controllers are described herein. By way of example, a system for controlling an echo canceller can include a cross-correlator, a discriminator and an echo canceller controller. The cross-correlator can be configured to produce a cross-correlation based output that facilitates controlling the echo canceller by cross-correlating two signals associated with the echo canceller. The discriminator can be configured to produce a discriminator output that discriminates between near-end signal and echo in a corrupted signal. The echo canceller controller can be configured to control the echo canceller according to the cross-correlation based output and the discriminator output. | 10-02-2008 |
| 20090099988 | ACTIVE LEARNING USING A DISCRIMINATIVE CLASSIFIER AND A GENERATIVE MODEL TO DETECT AND/OR PREVENT MALICIOUS BEHAVIOR - A malicious behavior detection/prevention system, such as an intrusion detection system, is provided that uses active learning to classify entries into multiple classes. A single entry can correspond to either the occurrence of one or more events or the non-occurrence of one or more events. During a training phase, entries are automatically classified into one of multiple classes. After classifying the entry, a generated model for the determined class is utilized to determine how well an entry corresponds to the model. Ambiguous classifications along with entries that do not fit the model well for the determined class are selected for labeling by a human analyst The selected entries are presented to a human analyst for labeling. These labels are used to further train the classifier and the models. During an evaluation phase, entries are automatically classified using the trained classifier and a policy associated with determined class is applied. | 04-16-2009 |
| 20090265317 | CLASSIFYING SEARCH QUERY TRAFFIC - A method for classifying search query traffic can involve receiving a plurality of labeled sample search query traffic and generating a feature set partitioned into human physical limit features and query stream behavioral features. A model can be generated using the plurality of labeled sample search query traffic and the feature set. Search query traffic can be received and the model can be utilized to classify the received search query traffic as generated by a human or automatically generated. | 10-22-2009 |
| 20100192222 | MALWARE DETECTION USING MULTIPLE CLASSIFIERS - A method of identifying a malware file using multiple classifiers is disclosed. The method includes receiving a file at a client computer. The file includes static metadata. A set of metadata classifier weights are applied to the static metadata to generate a first classifier output. A dynamic classifier is initiated to evaluate the file and to generate a second classifier output. The method includes automatically identifying the file as potential malware based on at least the first classifier output and the second classifier output. | 07-29-2010 |
| 20100262693 | BOTTOM-UP ANALYSIS OF NETWORK SITES - An approach for identifying suspect network sites in a network environment entails using one or more malware analysis modules to identify distribution sites that host malicious content and/or benign content. The approach then uses a linking analysis module to identify landing sites that are linked to the distribution sites. These linked sites are identified as suspect sites for further analysis. This analysis can be characterized as “bottom up” because it is initiated by the detection of potentially problematic distribution sites. The approach can also perform linking analysis to identify a suspect network site based on a number of alternating paths between that network site and a set of distribution sites that are known to host malicious content. The approach can also train a classifier module to predict whether an unknown landing site is a malicious landing site or a benign landing site. | 10-14-2010 |
| 20110252032 | ANALYSIS OF COMPUTER NETWORK ACTIVITY BY SUCCESSIVELY REMOVING ACCEPTED TYPES OF ACCESS EVENTS - An analysis system is described for identifying potentially malicious activity within a computer network. It performs this task by interacting with a user to successively remove known instances of non-malicious activity, to eventually reveal potentially malicious activity. The analysis system interacts with the user by inviting the user to apply labels to identified examples of network behavior; upon response by the user, the analysis system supplies new examples of network behavior to the user. In one implementation, the analysis system generates such examples using a combination of feature-based analysis and graph-based analysis. The graph-based analysis relies on analysis of graph structure associated with access events, such as by identifying entropy scores for respective portions of the graph structure. | 10-13-2011 |
