Patents Assigned to McAfee, Inc.
  • Patent number: 10417579
    Abstract: In an example, there is disclosed a computing apparatus, including one or more logic elements comprising a classification engine operable to identify at least one overlapping class pair comprising at least two classes selected from a class group, wherein the overlapping class pair may be characterized by a substantial mutual false positive rate; and assign an object to at least one assigned class selected from the class group.
    Type: Grant
    Filed: September 25, 2015
    Date of Patent: September 17, 2019
    Assignee: McAfee, Inc.
    Inventors: Nidhi Singh, Craig Philip Olinsky
  • Patent number: 10325329
    Abstract: A technique allows a smart meter to receive a mask. The smart meter may receive the mask from a utility company or an escrow service. The smart meter may apply the mask to original metered data on a continuous schedule, on a periodic schedule, or on a determined schedule, or on a randomized schedule to conceal the original metered data. The smart meter may apply different masks at different times. The smart meter transmits the concealed metered data as augmented metered data remotely to an electric utility via a communication network.
    Type: Grant
    Filed: December 12, 2014
    Date of Patent: June 18, 2019
    Assignee: McAfee, Inc.
    Inventors: Igor Tatourian, Rita H. Wouhaybi, Hong C. Li, Tobias M. Kohlenberg
  • Patent number: 10185550
    Abstract: Updating computer program(s) installed on a programmable device using a distributed ledger that is based on cryptography and blockchain technology is described. A distributed ledger logic/module can commit, to the distributed ledger, a first configuration of a computer program installed on a device. The logic/module can also receive requests to apply a first update and a second update to the first configuration. The logic/module can receive a second configuration of the computer program that is based on the first update and the first configuration, and also commit the second configuration to the distributed ledger. Furthermore, the logic/module can determine that the second update cannot be applied to the first configuration and receive a third configuration of the computer program that is based on the second update and the second configuration. The logic/module can also commit the third configuration to the distributed ledger. Other advantages and embodiments are described.
    Type: Grant
    Filed: September 28, 2016
    Date of Patent: January 22, 2019
    Assignee: McAfee, Inc.
    Inventors: Ned M. Smith, Zheng Zhang, Thiago J. Macieira
  • Patent number: 9954883
    Abstract: A set of attributes of a particular asset of a computing environment is identified that are determined from data collected by one or more utilities in the computing environment. A criticality rating is automatically determined for the particular asset based at least in part on the set of attributes. A security activity is caused to be performed relating to the particular asset based on the automatically determined criticality rating of the particular asset.
    Type: Grant
    Filed: December 18, 2012
    Date of Patent: April 24, 2018
    Assignee: McAfee, Inc.
    Inventors: Ratinder Paul Singh Ahuja, Sven Schrecker
  • Publication number: 20180097829
    Abstract: In an example, there is disclosed a computing apparatus having: a processor; a memory; a data interface; and one or more logic elements providing a verification engine to: receive via the data interface an input script including a request to access enterprise data; analyze the input script to determine that the input script complies with a data request criterion; apply an application programming interface (API) to the input script to collect the enterprise data; and send the enterprise data via the data interface.
    Type: Application
    Filed: September 30, 2016
    Publication date: April 5, 2018
    Applicant: McAfee, Inc
    Inventor: Igor G. Muttik
  • Publication number: 20180089041
    Abstract: Disclosed herein are distributed ledger systems and methods for efficiently creating and updating a query optimized distributed ledger. In particular, the present disclosure introduces methods and apparatuses for efficiently updating indexes when new blocks are added to the distributed ledger by using snapshots of data and appending new snapshot tables and indexes to previous snapshot tables and indexes.
    Type: Application
    Filed: September 28, 2016
    Publication date: March 29, 2018
    Applicant: McAfee, Inc
    Inventors: Ned M. Smith, Vincent J. Zimmer, Rajesh Poornachandran, Cedric Cochin, Igor G. Muttik
  • Publication number: 20180089014
    Abstract: Technologies are provided in embodiments to monitor and analyze networks. The embodiments can cause a bit in a first bit sequence of a device filter to indicate a failure state based on not receiving a message from a node in a network during a reporting time interval, and upon the reporting time interval expiring, to combine the first bit sequence with a corresponding bit sequence of a shadow filter. The combination preserves, in the shadow filter, an indication of the failure state from the bit in the first bit sequence and any other indications of failure states from bits of the corresponding bit sequence of the shadow filter. More specific embodiments cause, upon the reporting interval expiring, a bit in a second bit sequence of the device filter to indicate a no failure state based on an indication of another no failure state in the first bit sequence.
    Type: Application
    Filed: September 28, 2016
    Publication date: March 29, 2018
    Applicant: McAfee, Inc.
    Inventors: Ned M. Smith, Thiago Jose Macieira, Zheng Zhang, Tobias M. Kohlenberg, Igor G. Muttik
  • Publication number: 20180063091
    Abstract: There is disclosed in an example a computing apparatus, comprising: a network interface; a messaging application to communicate via the network interface; and one or more logic elements comprising a security layer, discrete from the messaging application, to: generate a message; secure the message; and send the message via the messaging application.
    Type: Application
    Filed: December 28, 2016
    Publication date: March 1, 2018
    Applicant: McAfee, Inc.
    Inventors: German Lancioni, Carl D. Woodward, Mario Leandro Bertogna
  • Patent number: 9898340
    Abstract: Computing platform security methods and apparatus are disclosed. An example apparatus includes a security application to configure a security task, the security task to detect a malicious element on a computing platform, the computing platform including a central processing unit and a graphics processing unit; and an offloader to determine whether the central processing unit or the graphics processing unit is to execute the security task; and when the graphics processing unit is to execute the security task, offload the security task to the graphics processing unit for execution.
    Type: Grant
    Filed: June 23, 2017
    Date of Patent: February 20, 2018
    Assignee: MCAFEE, INC.
    Inventors: Paritosh Saxena, Adrian M. M. T. Dunbar, Michael S. Hughes, John Teddy, David Michael Durham, Balaji Vembu, Prashant Dewan, Debra Cablao, Nicholas D. Triantafillou, Jason M. Surprise
  • Publication number: 20180048643
    Abstract: Technologies are provided in embodiments to establish trust between a trusted execution environment (TEE) and a peripheral device. Embodiments are configured to communicate with an attestation server to generate an encryption key, and to establish, using the encryption key, a secure connection with an authentication server to enable communication between the authentication server and the peripheral device. Embodiments are also configured to receive a pairwise master key if the peripheral device is authenticated and to receive a trusted communication from the peripheral device based, at least in part, on the pairwise master key. Embodiments may also be configured to identify a connection to the peripheral device before the peripheral device is authenticated to the authentication server, receive an identifier from the peripheral device, and establish a connection to an attestation server based on at least a portion of the identifier.
    Type: Application
    Filed: June 21, 2017
    Publication date: February 15, 2018
    Applicant: McAfee, Inc.
    Inventors: Avishay Sharaga, Alex Nayshtut, Oleg Pogorelik, Igor Muttik, Ned M. Smith
  • Publication number: 20180025030
    Abstract: A mobile device including: a position locator; a user data engine; and a reputation engine client configured to: receive a location from the position locator; operate the user data engine to provide a user profile, intent, and context data for a user, the context data including dynamic factors about the user, and the profile including relative factors about the user that are relatively static with respect to the context data from the user data engine; and determine a reputation for the location, wherein the reputation is based at least in part on a combination of the user profile, intent, and context.
    Type: Application
    Filed: October 2, 2017
    Publication date: January 25, 2018
    Applicant: McAfee, Inc.
    Inventors: Joydeb Mukherjee, Saravana Kumar Subramanian, Raj Vardhan, Rangaswamy Narayana, Shankar Subramanian, Dattatraya Kulkarni, Javed Hasan
  • Publication number: 20180018458
    Abstract: Particular embodiments described herein provide for an electronic device that can be configured to allow for the mitigation of ransomware. For example, the system can determine that an application begins to execute, determine that the application attempts to modify a file, determine a file type for the file, and create a security event if the application is not authorized to modify the file type. In another example, the system determines an entropy value between the file and the attempted modification of the file, and create a security event if the entropy value satisfies a threshold or determine a system entropy value that includes a rate at which other files on the system are being modified by the application, and create a security event if the system entropy value satisfies a threshold.
    Type: Application
    Filed: July 14, 2016
    Publication date: January 18, 2018
    Applicant: McAfee, Inc.
    Inventors: Craig D. Schmugar, Cedric Cochin, Andrew Furtak, Adam James Carrivick, Yury Bulygin, John J. Loucaides, Oleksander Bazhaniuk, Christiaan Beek, Carl D. Woodward, Ronald Gallella, Gregory Michael Heitzmann, Joel R. Spurlock
  • Publication number: 20180018476
    Abstract: Particular embodiments described herein provide for an electronic device that can be configured to receive untrusted input data at an enclave in an electronic device, isolate the untrusted input data from at least a portion of the enclave, communicate at least a portion of the untrusted data to an integrity verification module using an attestation channel, and receive data integrity verification of the untrusted input data from the integrity verification module. The integrity verification module can perform data integrity attestation functions to verify the untrusted data and the data integrity attestation functions include a data attestation policy and a whitelist.
    Type: Application
    Filed: July 24, 2017
    Publication date: January 18, 2018
    Applicant: MCAFEE, INC.
    Inventors: Ned Smith, Esteban Gutierrez, Andrew Woodruff, Aditya Kapoor
  • Patent number: 9870466
    Abstract: There is disclosed in one example, a computing apparatus, including: first one or more logic elements providing a code module, the code module comprising a member having a branching policy designating either a public or private member; second one or more logic elements providing a policy engine, operable to: receive a first branch instruction to the member; determine that the branch instructions does not meet the policy; and take a security action. There is also disclosed a method of providing a policy engine, and a computer-readable medium having stored thereon executable instructions for providing a policy engine.
    Type: Grant
    Filed: September 26, 2015
    Date of Patent: January 16, 2018
    Assignee: McAfee, Inc.
    Inventors: Carl D. Woodward, Jennifer Eligius Mankin, Jeremy Bennett
  • Patent number: 9870469
    Abstract: In an example, a stack protection engine is disclosed for preventing or ameliorating stack corruption attacks. The stack protection engine may operate transparently to user-space processes. After a call to a subroutine from a parent routine, the stack protection engine encodes the return address on the stack, such as with an exclusive or cipher and a key selected from a key array. After the subroutine returns control to the main routine, the stack protection engine decodes the address, and returns control. If a stack corruption attack occurs, the malicious return address is not properly encoded, so that when decoding occurs, the program may simply crash rather than returning control to the malicious code.
    Type: Grant
    Filed: September 26, 2014
    Date of Patent: January 16, 2018
    Assignee: McAfee, Inc.
    Inventor: Simon Crowe
  • Patent number: 9864629
    Abstract: A technique allows for memory bounds checking for dynamically generated code by using transactional memory support in a processor. The memory bounds checking includes creating output code, identifying read-only memory regions in the output code and creating a map that is provided to a security monitoring thread. The security monitoring thread executes as a transaction and determines if a transactional conflict occurs to the read-only memory region during parallel execution of a monitored thread in the output code.
    Type: Grant
    Filed: October 28, 2016
    Date of Patent: January 9, 2018
    Assignee: McAfee, Inc.
    Inventors: Igor Muttik, Alex Nayshtut, Yuriy Bulygin, Andrew A. Furtak, Roman Dementiev
  • Publication number: 20180007070
    Abstract: Particular embodiments described herein provide for an electronic device that can be configured to acquire a string, convert the string to an image, compare the image of the string to an image of a test string, and determine a similarity score. The similarity score provides an indication as to how visually similar the string is to the test string. In an example, the string is part of an attempt to spoof the test string.
    Type: Application
    Filed: July 1, 2016
    Publication date: January 4, 2018
    Applicant: McAfee, Inc.
    Inventors: Hrushikesh Narendra Kulkarni, Eric James Peterson
  • Publication number: 20180004951
    Abstract: Systems and methods are provided in example embodiments for mitigating malicious calls. The system can be configured to receive a function call, determine the location of a memory page that initiated the function call, determine if the memory page is associated with a trusted module, and block the function call if the memory page is not associated with the trusted module. In addition, the system can determine the return address for the function call and block the function call if the return address does not belong to the trusted module. Further, the system can determine a parameter for the function call, determine if the parameter is a known parameter used by the process that called the function, and block the function call if the parameter is not the known parameter used by the process that called the function.
    Type: Application
    Filed: September 18, 2017
    Publication date: January 4, 2018
    Applicant: McAfee, Inc.
    Inventors: Peter Szor, Rachit Mathur
  • Publication number: 20180007061
    Abstract: A method for applying policies to an email message includes receiving, by an inbound policy module in a protected network, message metadata of an email message. The method also includes determining, based on the message metadata, whether receiving the email message in the protected network is prohibited by at least one metadata policy. The method further includes blocking the email message from being forwarded to the protected network if receiving the email message in the protected network is prohibited by the metadata policy. In specific embodiments, the method includes requesting scan results data for the email message if receiving the email message in the protected network is not prohibited by one or more metadata policies. In further embodiments, the method includes receiving the scan results data and requesting the email message if receiving the email message in the protected network is not prohibited by one or more scan policies.
    Type: Application
    Filed: June 12, 2017
    Publication date: January 4, 2018
    Applicant: McAfee, Inc.
    Inventors: Nicholas Liebmann, Peter Neal, Michael G. Bishop, Justin Cragin, Michael Driscoll
  • Publication number: 20180007068
    Abstract: Particular embodiments described herein provide for an electronic device that can be configured to receive data related to execution of a sandboxed process, determine if a high privileged process was created by the sandboxed process, and block the sandboxed process from executing if the high privileged process was created by the sandboxed process and the data indicates the sandboxed process is attempting a sandbox bypass attack. In an example, the high privileged process was created by the sandboxed process if a resource folder is associated with a sandbox folder. In another example, the high privileged process was created by the sandboxed process if a resource folder was created by a broker process in response to a request by the sandboxed process.
    Type: Application
    Filed: July 1, 2016
    Publication date: January 4, 2018
    Applicant: McAfee, Inc.
    Inventors: Xiaoning Li, Haifei Li, Bing Sun, Lu Deng