Patents by Inventor Yuqiong Sun
Yuqiong Sun has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20220290044Abstract: Room temperature phosphorescent metal-free carbon dots (CDs) embedded in a continuous SiO2 network (CDs@SiO2) are made by a method comprising in part grinding biomass and a source of SiO2 into a powder and soaking the powder with an acidic aqueous solution; washing the powder with deionized water; reacting the powder with an alkaline aqueous solution to form an aqueous solution of CDs from the biomass and Na2SiO3 from the source of SiO2; lowering the pH of the aqueous solution to a value sufficient to cause gelation; and aging the aqueous solution so that the Na2SiO3 forms mono-silicic acid (H4SiO4), which polymerizes to form a continuous SiO2 network composed of Si—O tetrahedrons (gel). The method can further comprise calcination of the CDs, wherein the CDs are multi-confined by a continuous SiO2 network composed of Si—O tetrahedrons. The metal-free CDs are useful in anti-counterfeiting encryption and fingerprint detection systems.Type: ApplicationFiled: March 8, 2022Publication date: September 15, 2022Inventors: Mingtao ZHENG, Yingliang LIU, Yuqiong SUN, Shuting LIU, Luyi SUN
-
Patent number: 11283881Abstract: A method to manage Internet of Things (IoT) devices is described. In one embodiment, the method includes detecting a presence of a first IoT device in a network associated with the computing device, managing access to the first IoT device based at least in part on authentication information associated with the first IoT device, identifying one or more updates associated with the first IoT device, and applying at least one update to the first IoT device based at least in part on identifying the one or more updates. In one embodiment, the method further includes analyzing a packet stream to determine one or more identifiers associated with the first IoT device, and identifying the first IoT device based at least in part on the one or more determined identifiers.Type: GrantFiled: February 27, 2018Date of Patent: March 22, 2022Assignee: NortonLifeLock Inc.Inventors: Susanta K Nanda, Yuqiong Sun
-
Patent number: 11184162Abstract: Privacy preserving secure task automation. A method may include generating, by a first section of a platform, a pair of encryption keys (private and shared secret keys); receiving, by a second section of the platform, platform user data, trigger service user data; and action service user data, wherein the user of the services and platform are the same; sending the shared secret key to the services; storing the private key in the first section; receiving from the trigger service, by the second section, a first communication encrypted with the shared secret key, regarding occurrence of a trigger; determining, by the first section, that the trigger corresponds to the user of the platform; encrypting a second message with the shared secret key, requesting invocation of the action based on the trigger; and transmitting the second encrypted message to the action service without the data related to the user of the platform.Type: GrantFiled: September 28, 2018Date of Patent: November 23, 2021Assignee: NORTONLIFELOCK INC.Inventors: Sandeep Bhatkar, Susanta K. Nanda, Yuqiong Sun, Saurabh Shintre
-
Patent number: 11132447Abstract: Determining security vulnerabilities of smart home devices.Type: GrantFiled: March 28, 2019Date of Patent: September 28, 2021Assignee: NORTONLIFELOCK INC.Inventors: Yuqiong Sun, Xueqiang Wang, Susanta K. Nanda, Petros Efstathopoulos
-
Patent number: 11122040Abstract: The disclosed computer-implemented method for fingerprinting devices may include (i) detecting that a new device has attempted to connect to a network gateway, (ii) attempting to fingerprint the new device as an instance of a known candidate device type by (a) transmitting to the new device, from a security application, a set of network messages that mimic network messages that a second application is configured to transmit to instances of the known candidate device type and (b) confirming, by the security application based on a response from the new device to the set of network messages, that the new device is the instance of the known candidate device type, and (iii) performing a security action to protect a network corresponding to the network gateway based on confirming that the new device is the instance of the known candidate device type. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: December 27, 2018Date of Patent: September 14, 2021Assignee: NortonLifeLock Inc.Inventors: Yuqiong Sun, Xueqiang Wang, Susanta Nanda, Yun Shen, Pierre-Antoine Vervier, Petros Efstathopoulos
-
Patent number: 11048809Abstract: The disclosed computer-implemented method for detecting misuse of online service access tokens may include (1) receiving a user permission token to access an online service that manages one or more user resources, (2) monitoring, based on utilization of the user permission token, usage data associated with an access token issued to a relying party for accessing the user resources managed by the online service, (3) identifying, based on the usage data, activity associated with the access token being misused by the relying party, and (4) performing, a security action that protects the user resources against the activity associated with the access token being misused by the relying party. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: September 13, 2018Date of Patent: June 29, 2021Assignee: NortonLifeLock Inc.Inventors: Yuqiong Sun, Sandeep Bhatkar, Susanta Nanda, Mingliang Pei
-
Patent number: 10887351Abstract: A method for implementing security of Internet of Things (IoT) home voice assistants is described. In one embodiment, a computer-implemented method for implementing a security policy with a voice assistant includes obtaining, by one or more computing devices, encrypted traffic from a voice assistant; identifying, by the one or more computing devices, a user voice command in the encrypted traffic based at least in part on one or more identifiable attributes of the encrypted traffic; determining, by the one or more computing devices, the user voice command triggers at least one security policy; and upon determining the user voice command triggers the at least one security policy, performing, by the one or more computing devices, a security action that implements the at least one security policy. In some cases, the method may include obtaining an audio recording of the user voice command with a microphone built into the router.Type: GrantFiled: May 2, 2018Date of Patent: January 5, 2021Assignee: NortonLifeLock Inc.Inventors: Susanta K. Nanda, Yuqiong Sun, Saurabh Shintre
-
Patent number: 10534933Abstract: Encrypting and decrypting sensitive files on a network device. In one embodiment, a method may include determining that a file stored on a network device is a sensitive file, encrypting the sensitive file, sending, to an authentication server, an encryption key, initializing, at the network device, a Software Guard Extension (SGX) enclave, loading, into the SGX enclave, a retrieval application, receiving, at the retrieval application, an attestation from the authentication server that the retrieval application is authentic, receiving, at the retrieval application, the encryption key from the authentication server, receiving, at the retrieval application, a user request to decrypt the encrypted sensitive file, authenticating, at the retrieval application, the user request, decrypting, at the network device, the particular encrypted sensitive file, and providing the sensitive file to the user.Type: GrantFiled: December 27, 2017Date of Patent: January 14, 2020Assignee: Symantec CorporationInventors: Kevin Alejandro Roundy, Yuqiong Sun, Christopher Gates, Michael Hart, Saurabh Shintre, Brian T. Witten
-
Publication number: 20190342339Abstract: A method for implementing security of Internet of Things (IoT) home voice assistants is described. In one embodiment, a computer-implemented method for implementing a security policy with a voice assistant includes obtaining, by one or more computing devices, encrypted traffic from a voice assistant; identifying, by the one or more computing devices, a user voice command in the encrypted traffic based at least in part on one or more identifiable attributes of the encrypted traffic; determining, by the one or more computing devices, the user voice command triggers at least one security policy; and upon determining the user voice command triggers the at least one security policy, performing, by the one or more computing devices, a security action that implements the at least one security policy. In some cases, the method may include obtaining an audio recording of the user voice command with a microphone built into the router.Type: ApplicationFiled: May 2, 2018Publication date: November 7, 2019Inventors: Susanta K. Nanda, Yuqiong Sun, Saurabh Shintre
-
Patent number: 10447663Abstract: Decrypting network traffic on a middlebox device using a trusted execution environment (TEE).Type: GrantFiled: June 28, 2018Date of Patent: October 15, 2019Assignee: SYMANTEC CORPORATIONInventors: Yuqiong Sun, Daniel Marino, Susanta K. Nanda, Saurabh Shintre, Brian T. Witten, Ronald A. Frederick, Qing Li
-
Publication number: 20190253398Abstract: Decrypting network traffic on a middlebox device using a trusted execution environment (TEE).Type: ApplicationFiled: June 28, 2018Publication date: August 15, 2019Inventors: Yuqiong Sun, Daniel Marino, Susanta K. Nanda, Saurabh Shintre, Brian T. Witten, Ronald A. Frederick, Qing Li
-
Patent number: 10264020Abstract: A computer-implemented method for scalable network monitoring in virtual data centers may include (1) identifying a plurality of network monitoring agents executing on a plurality of virtual machine host systems within a virtual data center, (2) intercepting, at a receiving virtual machine host system, a traffic flow within a virtual network within the virtual data center, (3) determining a processor load on each of the plurality of virtual machine host systems, (4) selecting, based on the processor load on the receiving virtual machine host system exceeding an established threshold, an alternate virtual machine host system that executes a second network monitoring agent for inspecting the traffic flow, and (5) limiting the processor load on the receiving virtual machine host system by designating the second network monitoring agent executing on the alternate virtual machine host system to inspect the traffic flow. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: February 5, 2015Date of Patent: April 16, 2019Assignee: Symantec CorporationInventors: Susanta K. Nanda, Yuqiong Sun
-
Patent number: 10044691Abstract: Decrypting network traffic on a middlebox device using a trusted execution environment (TEE).Type: GrantFiled: February 12, 2018Date of Patent: August 7, 2018Assignee: SYMANTEC CORPORATIONInventors: Yuqiong Sun, Daniel Marino, Susanta K. Nanda, Saurabh Shintre, Brian T. Witten, Ronald A. Frederick, Qing Li
-
Patent number: 9961105Abstract: The disclosed computer-implemented method for monitoring virtual networks may include (1) identifying a virtual network containing at least one virtualized switching device that routes network traffic from a source port within the virtual network to a destination port, (2) providing, within the virtualized switching device, a set of software-defined network rules containing criteria for identifying packets having at least one predetermined property associated with a security policy, (3) intercepting, at the source port, a packet destined for the destination port, (4) determining that at least one characteristic of the packet satisfies at least one of the rules, and (5) in response to determining that the characteristic of the packet satisfies at least one of the rules, forwarding a copy of the packet to a virtual tap port that analyzes the packet for security threats. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: December 31, 2014Date of Patent: May 1, 2018Assignee: Symantec CorporationInventors: Susanta K. Nanda, Yuqiong Sun
-
Publication number: 20160191545Abstract: The disclosed computer-implemented method for monitoring virtual networks may include (1) identifying a virtual network containing at least one virtualized switching device that routes network traffic from a source port within the virtual network to a destination port, (2) providing, within the virtualized switching device, a set of software-defined network rules containing criteria for identifying packets having at least one predetermined property associated with a security policy, (3) intercepting, at the source port, a packet destined for the destination port, (4) determining that at least one characteristic of the packet satisfies at least one of the rules, and (5) in response to determining that the characteristic of the packet satisfies at least one of the rules, forwarding a copy of the packet to a virtual tap port that analyzes the packet for security threats. Various other methods, systems, and computer-readable media are also disclosed.Type: ApplicationFiled: December 31, 2014Publication date: June 30, 2016Inventors: Susanta K. Nanda, Yuqiong Sun