Chinghsien Liao

8458261, Jun 4, 2013

Apr 7, 2006

11/401498

En-Yi Liao - Santa Clara CA, US
Cheng-Lin Hou - Cupertino CA, US
Chinghsien Liao - Cupertino CA, US

Trend Micro Incorporated - Tokyo

G06F 15/16

709206

In one embodiment, a method of generating a listing of valid email addresses in a private computer network includes monitoring of inbound emails and outbound delivery failure notification emails. Recipient email addresses of inbound emails may be indicated in the listing as valid email addresses. The delivery failure notification emails may be indicative of receipt in the private computer network of an undeliverable email. The recipient email address of the undeliverable email may be identified in the listing as an invalid email address. Comparing the recipient email addresses of undeliverable emails and inbound emails advantageously allows generation of the listing of valid email addresses in the private computer network without having to ask an email server for such a listing.

8601064, Dec 3, 2013

Apr 28, 2006

11/414120

En-Yi Liao - Santa Clara CA, US
Cheng-Lin Hou - Cupertino CA, US
Chinghsien Liao - Cupertino CA, US

Trend Micro Incorporated - Tokyo

G06F 15/16

709206

In one embodiment, a server computer determines whether an email entering a private computer network is malicious (e. g. , part of a directory harvest attack or bounce-source attack) by determining the recipient email address of the email and the Internet Protocol (IP) address of the source of the email. When the server computer determines that the email is malicious, the server computer may reject the email by sending a non-deterministic response to the source of the email. The non-deterministic response may include an error message that is different from the actual reason why the email is being rejected. The rejection may be sent as an immediate reply or postponed, for example.

8607342, Dec 10, 2013

May 3, 2011

13/100093

En-Yi Liao - Santa Clara CA, US
Chinghsien Liao - Cupertino CA, US

Trend Micro Incorporated - Tokyo

G06F 12/14

726 22, 726 27

In one embodiment, incremental backups containing information on modified addressable portions of a data storage device are evaluated for presence of malicious codes (“malwares”). Each modified addressable portion may be individually accessed and scanned for malicious codes. Each modified addressable portion may also be mapped to its associated file, allowing the associated file to be scanned for malicious codes. These allow an incremental backup to be evaluated even when it only contains portions, rather than the entirety, of several different files. A clean incremental backup may be selected for restoring the data storage device in the event of malicious code infection.

7962956, Jun 14, 2011

Nov 8, 2006

11/594546

En-Yi Liao - Santa Clara CA, US
Chinghsien Liao - Cupertino CA, US

Trend Micro Incorporated - Tokyo

G06F 12/14

726 22, 726 14, 726 13, 726 34, 726 27

In one embodiment, incremental backups containing information on modified addressable portions of a data storage device are evaluated for presence of malicious codes (“malwares”). Each modified addressable portion may be individually accessed and scanned for malicious codes. Each modified addressable portion may also be mapped to its associated file, allowing the associated file to be scanned for malicious codes. These allow an incremental backup to be evaluated even when it only contains portions, rather than the entirety, of several different files. A clean incremental backup may be selected for restoring the data storage device in the event of malicious code infection.