1. A method, comprising:
using a processor to perform an inversion on data from a surface electromagnetic survey acquired using an electromagnetic survey system, wherein performing the inversion comprises using the processor to run a forward model of the surface electromagnetic survey without a target reservoir to estimate a value of a primary field resulting from coupling between a transmitter and a receiver of the electromagnetic survey system, and using the processor to subtract the primary field from a total field obtained during the surface electromagnetic survey to define a starting point for the inversion;
using the processor to constrain a model search space by providing constraints on anisotropy; and
using the processor to output results based on the inversion subject to the constraints.
2. The method as recited in claim 1, wherein constraining comprises estimating both a macro anisotropy and an intrinsic anisotropy of an overburden and providing constraints on the macro anisotropy and the intrinsic anisotropy.
3. The method as recited in claim 2, wherein constraining comprises estimating a vertical resistivity, a horizontal resistivity, and a layer dip.
4. The method as recited in claim 3, wherein constraining comprises assigning a value of horizontal resistivity and vertical resistivity for each layer of a layered resistivity model exhibiting micro anisotropy.
5. The method as recited in claim 1, wherein constraining comprises using a layered model of the overburden.
6. The method as recited in claim 1, wherein constraining comprises performing a resistivity inversion with at least one of a seismic data inversion or a gravity data inversion.
7. The method as recited in claim 1, wherein outputting comprises delineating a reservoir body buried below an overburden on a display.
8. A system comprising:
an electromagnetic survey system for acquiring data from a surface electromagnetic survey, the electromagnetic survey system having a transmitter and a receiver;
a processor to:
perform an inversion of the surface electromagnetic survey data by running a forward model of the surface electromagnetic survey without a target reservoir to estimate a value of a primary field resulting from coupling between the transmitter and the receiver, and subtracting the primary field from a total field obtained during the surface electromagnetic survey to define a starting point for the inversion;
constrain a model search space by providing constraints on anisotropy; and
output results based on the inversion subject to the constraints on anisotropy.
9. The system of claim 8, wherein constraining comprises estimating both a macro anisotropy and an intrinsic anisotropy of an overburden and providing constraints on the macro anisotropy and the intrinsic anisotropy.
10. The system of claim 9, wherein constraining comprises estimating a vertical resistivity, a horizontal resistivity, and a layer dip.
11. The system of claim 10, wherein constraining comprises assigning a value of horizontal resistivity and vertical resistivity for each layer of a layered resistivity model exhibiting micro anisotropy.
The claims below are in addition to those above.
All refrences to claim(s) which appear below refer to the numbering after this setence.
1. A method of updating currently existing malicious code patterns of an antivirus in a client computer, the method to be performed by the client computer and comprising:
making a first domain name system (DNS) query for a first DNS record of a first fully qualified domain name (FQDN);
receiving a first DNS result responsive to the first DNS query;
obtaining from a payload of the first DNS result information on obtaining an updated malicious code pattern for the antivirus in the client computer;
making a second DNS query for a second DNS record of a second FQDN;
receiving a second DNS result responsive to the second DNS query; and
obtaining from a payload of the second DNS result a portion of the updated malicious code pattern, the updated malicious code pattern being divided into several portions for transmission in several DNS results; and updating the currently existing malicious code patterns in the client computer with a portion of the updated malicious code pattern extracted from the payload of the second DNS result;
wherein the first and second DNS results are cached in a public DNS server computer when the first and second DNS records were published by a private DNS server computer operated for a vendor of the antivirus in the client computer and wherein the first DNS record includes information on a number of portions the updated malicious code pattern has been divided into.
2. The method of claim 1 further comprising:
making additional DNS queries for DNS records of additional FQDN’s;
obtaining portions of the updated malicious code pattern from payloads of additional DNS results responsive to the additional DNS queries; and
combining the portions of the updated malicious code pattern back together in the client computer.
3. The method of claim 2 further comprising:
merging the updated malicious code pattern with the currently existing malicious code patterns in the client computer.
4. The method of claim 3 wherein integrity of the updated malicious code pattern is verified prior to merging with the currently existing malicious code patterns in the client computer.
5. The method of claim 4 wherein the integrity of the updated malicious code pattern is verified by checking its checksum.
6. The method of claim 4 wherein the integrity of the updated malicious code pattern is verified by checking its digital signature.
7. The method of claim 1 wherein the first and second DNS results are provided to the client computer by the public DNS server computer.
8. The method of claim 1 wherein the public DNS server computer provides the first and second DNS results to other client computers different from the client computer.
9. The method of claim 1 wherein the portions of the updated malicious code pattern are encrypted.
10. A system comprising a processor for updating malicious code patterns of an antivirus, the system comprising:
a private DNS server computer operated for a vendor of an antivirus and configured to publish contents of DNS records containing portions of an updated malicious code pattern of the antivirus;
a public DNS server computer configured to cache DNS results having payloads containing the contents of the DNS records including the updated malicious code pattern of the antivirus; and
an update client running in a client computer configured to receive DNS results from the public DNS server computer, at least one of the DNS results including information on a number of portions the updated malicious code pattern has been divided into, the update client being configured to extract portions of the updated malicious code pattern from payloads of the DNS results and to use the updated malicious code pattern to update a currently existing malicious code pattern in the client computer.
11. A method of providing malicious code pattern updates, the method comprising:
generating an updated malicious code pattern of an antivirus;
dividing the updated malicious code pattern into several chunks;
including the chunks of the updated malicious code pattern into several DNS records;
publishing contents of the DNS records from a private DNS server operated for a vendor of the antivirus, at least one of the DNS records containing information on a number of chunks the malicious code pattern has been divided into;
in a client computer, receiving DNS results from a public DNS server that cached the contents of the DNS records, the DNS results including the contents of the DNS records; and
updating a current malicious code pattern of an antivirus in the client computer with the updated malicious code pattern extracted from payloads of the DNS results.
12. The method of claim 11 wherein each of the DNS records is accessible using an FQDN.
13. The method of claim 11 wherein at least one record in the DNS records include information on a latest malicious code pattern version number.