Patents Assigned to McAfee, Inc.
  • ACCOUNT RECOVERY PROTOCOL
    Publication number: 20160140335
    Abstract: The present disclosure relates to receiving a request for recovery of an account associated with a user, sending a CAPTCHA challenge to a user device associated with the user, receiving an answer to the CAPTCHA challenge and a confirmation code wrapped by an encryption key derived from a provisional master password, sending a notification of the request for recovery to one or more trusted entities associated with the user, and receiving a confirmation of the request from one or more of the trusted entities. The confirmation includes a recovery token associated with the particular trusted entity and an encrypted confirmation code.
    Type: Application
    Filed: October 30, 2015
    Publication date: May 19, 2016
    Applicant: McAfee, Inc.
    Inventors: François Proulx, Richard Reiner, Mathieu René, Gregory Whiteside
  • System and method for correlating security events with subscriber information in a mobile network environment
    Patent number: 9338657
    Abstract: A method is provided in one example embodiment and includes receiving a subscriber accounting start packet for a subscriber device in a mobile network environment. The method also includes extracting, from the subscriber accounting start packet, subscriber device information and a network address of the subscriber device. The method further includes mapping the network address to the subscriber device information, and then correlating the subscriber device information and a security event when the security event is detected in subscriber data network traffic associated with the subscriber device. In a specific embodiment, the subscriber device information includes at least one of an International Mobile Equipment Identity (IMEI), an International Mobile Subscriber Identity (IMSI), a Mobile Station International Subscriber Directory Number (MSISDN), and an access point name (APN).
    Type: Grant
    Filed: October 16, 2012
    Date of Patent: May 10, 2016
    Assignee: McAfee, Inc.
    Inventors: Bikram Kumar Gupta, Elanthiraiyan Ammoor Anbalagan, Sakthikumar Subramanian, Manish Gupta
  • SECURITY ORCHESTRATION FRAMEWORK
    Publication number: 20160119379
    Abstract: In an example, there is disclosed a computing apparatus, including: a network interface; one or more logic elements providing a security orchestration server engine operable for: receiving contextual data from a client via a network interface; providing the contextual data to a security orchestration state machine, the security orchestration state machine operable for deriving a policy decision from the contextual data; and receiving the policy decision from the policy orchestration state machine. There is also disclosed one or more tangible, non-transitory computer-readable mediums having stored thereon executable instructions for providing a security orchestration engine, and a method of providing a security orchestration engine.
    Type: Application
    Filed: June 27, 2015
    Publication date: April 28, 2016
    Applicant: McAfee, Inc.
    Inventor: Hemang Nadkarni
  • Data loss prevention for mobile computing devices
    Patent number: 9326134
    Abstract: System calls to a kernel of a mobile computing device are monitored. A particular system call is intercepted relating to input/output (I/O) functionality of the mobile computing device. A data loss prevention (DLP) policy is identified that is applicable to the particular system call. An action is performed on the particular system call based at least in part on the DLP policy.
    Type: Grant
    Filed: October 18, 2013
    Date of Patent: April 26, 2016
    Assignee: McAfee Inc.
    Inventors: Ratinder Paul Singh Ahuja, Balbir Singh, Rajbir Bhattacharjee, Dattatraya Kulkarni
  • User device security profile
    Patent number: 9323935
    Abstract: Attribute data of an endpoint computing device is collected that describes attributes of the endpoint computing device. The attribute data is communicated to a security score generator and security score data is received for the endpoint computing device. A graphical dashboard interface is caused to be presented on a display device, the dashboard interface presenting a plurality of security ratings based on the security score data, each security rating representing an amount of risk determined to be associated with a corresponding user activity on the endpoint device in a plurality of user activities.
    Type: Grant
    Filed: December 18, 2012
    Date of Patent: April 26, 2016
    Assignee: McAfee, Inc.
    Inventors: Michael Condry, Sven Schrecker
  • System and method for non-signature based detection of malicious processes
    Patent number: 9323928
    Abstract: Systems and methods for detecting malicious processes in a non-signature based manner are disclosed. The system and method may include gathering features of processes running on an electronic device, applying a set of rules to the features, and applying a statistical analysis to the results of the rules application to determine whether a process should be classified into one or more of a plurality of process categories.
    Type: Grant
    Filed: June 1, 2011
    Date of Patent: April 26, 2016
    Assignee: McAfee, Inc.
    Inventors: Romanch Agarwal, Prabhat Kumar Singh, Nitin Jyoti, Harinath Ramachetty Vishwanath, Palasamudram Ramagopal Prashanth
  • MOBILE RISK ASSESSMENT
    Publication number: 20160112450
    Abstract: A query is received from a particular endpoint device identifying a particular wireless access point encountered by the particular endpoint device. Pre-existing risk assessment data is identified for the identified particular wireless access point and query result data is sent to the particular endpoint device characterizing pre-assessed risk associated with the particular wireless access point. In some instances, the query result data is generated based on the pre-existing risk assessment data. In some instances, pre-existing risk assessment data can be the result of an earlier risk assessment carried-out at least in part by an endpoint device interfacing with and testing the particular wireless access point.
    Type: Application
    Filed: August 17, 2015
    Publication date: April 21, 2016
    Applicant: MCAFEE, INC.
    Inventors: Prasanna Ganapathi Basavapatna, Satish Kumar Gaddala, Sven Schrecker, David Moshe Goldschlag
  • System and method for firmware based anti-malware security
    Patent number: 9317690
    Abstract: A system for securing an electronic device includes a non-volatile memory, a processor coupled to the non-volatile memory, a resource of the electronic device, firmware residing in the non-volatile memory and executed by the processor, and a firmware security agent residing in the firmware. The firmware is communicatively coupled to the resource of an electronic device. The firmware security agent is configured to, at a level below all of the operating systems of the electronic device accessing the resource, intercept a request for the resource and determine whether the request is indicative of malware.
    Type: Grant
    Filed: March 28, 2011
    Date of Patent: April 19, 2016
    Assignee: McAfee, Inc.
    Inventor: Ahmed Said Sallam
  • Method and system for protecting against unknown malicious activities by determining a reputation of a link
    Patent number: 9317680
    Abstract: A method and system for protecting against unknown malicious activities by determining a reputation of a link are disclosed. A reputation server queries a database including reputation information associated with a plurality of links to retrieve a reputation of a redirected link. The reputation information may indicate whether the links are associated with a malicious activity. The reputation of the redirected link may be associated with the original link to create a reputation of the original link.
    Type: Grant
    Filed: October 20, 2010
    Date of Patent: April 19, 2016
    Assignee: McAfee, Inc.
    Inventors: Russell Bertrand Carter, III, Pravat Kumar Lall, Geoff Oitment, Davoud Maha, Javed Hasan
  • Identifying rootkits based on access permissions
    Patent number: 9317687
    Abstract: A method for monitoring for malware includes, during a boot process on an electronic device, determining a portion of memory, determining that the portion of memory is reserved for exclusive access by an entity on the electronic device, and, based on the determination that a portion of memory is reserved for exclusive access during the boot process, determining that the reservation is indicative of malware.
    Type: Grant
    Filed: May 21, 2012
    Date of Patent: April 19, 2016
    Assignee: McAfee, Inc.
    Inventors: Jonathan L. Edwards, Aditya Kapoor, Michael S. Hughes
  • ENFORCING ALIGNMENT OF APPROVED CHANGES AND DEPLOYED CHANGES IN THE SOFTWARE CHANGE LIFE-CYCLE
    Publication number: 20160105444
    Abstract: On a host, host content change requests are intercepted in real-time. In a tracking mode, the change requests are logged and allowed to take effect on the host. In an enforcement mode, the change requests are logged and additionally compared against authorized change policies and a determination is made whether to allow the change to take effect or to block the changes, thereby enforcing the authorized change policies on the host. Tracking and enforcement can be done in real-time. In either mode and at any time, the logged changes can be reconciled against a set of approved change orders in order to identify classes of changes, including changes that were deployed but not approved and changes that were approved but not deployed.
    Type: Application
    Filed: September 9, 2015
    Publication date: April 14, 2016
    Applicant: MCAFEE, INC.
    Inventors: Rahul Roy-Chowdhury, E. John Sebes, Jay Vaishnav
  • System and method for virtual partition monitoring
    Patent number: 9311126
    Abstract: A method is provided in one example embodiment that includes rebasing a module in a virtual partition to load at a fixed address and storing a hash of a page of memory associated with the fixed address. An external handler may receive a notification associated with an event affecting the page. An internal agent within the virtual partition can execute a task and return results based on the task to the external handler, and a policy action may be taken based on the results returned by the internal agent. In some embodiments, a code portion and a data portion of the page can be identified and only a hash of the code portion is stored.
    Type: Grant
    Filed: July 27, 2011
    Date of Patent: April 12, 2016
    Assignee: McAfee, Inc.
    Inventors: Jonathan L. Edwards, Gregory W. Dalcher, John D. Teddy
  • Server-assisted anti-malware client
    Patent number: 9311480
    Abstract: An antimalware support system is provided to support one or more host-based antimalware clients. A query is received from a particular host device that identifies a file detected by an antimalware tool local to the particular host device. Reputation data is determined for the file, and a response to the query is sent to the particular host device. The query response includes the reputation data determined for the file.
    Type: Grant
    Filed: March 15, 2013
    Date of Patent: April 12, 2016
    Assignee: McAfee, Inc.
    Inventors: John D. Teddy, James Douglas Bean, Gregory William Dalcher, Jeff Hetzler, Andrew Arlin Woodruff
  • System and method for data mining and security policy management
    Patent number: 9313232
    Abstract: A method is provided in one example and includes generating a query for a database for information stored in the database. The information relates to data discovered through a capture system. The method further includes generating an Online Analytical Processing (OLAP) element to represent information received from the query. A rule based on the OLAP element is generated and the rule affects data management for one or more documents that satisfy the rule. In more specific embodiments, the method further includes generating a capture rule that defines items the capture system should capture. The method also includes generating a discovery rule that defines objects the capture system should register. In still other embodiments, the method includes developing a policy based on the rule, where the policy identifies how one or more documents are permitted to traverse a network.
    Type: Grant
    Filed: December 19, 2014
    Date of Patent: April 12, 2016
    Assignee: McAfee, Inc.
    Inventors: Ratinder Ahuja, Faizel Lakhani
  • Behavioral tracking system, method, and computer program product for undoing events based on user input
    Patent number: 9311478
    Abstract: A behavioral tracking system, method, and computer program product are provided for undoing events based on user input. In use, a plurality of unclassified events is identified on a system utilizing behavioral tracking. Additionally, input associated with at least one of the unclassified events is received from a user of the system for classifying the at least one of the unclassified events as an unwanted event. Further, the at least one unwanted event is undone in response to the receipt of the input.
    Type: Grant
    Filed: June 10, 2014
    Date of Patent: April 12, 2016
    Assignee: McAfee, Inc.
    Inventors: Jonathan L. Edwards, Joel R. Spurlock, Gregory William Dalcher
  • Systems and methods for risk rating and pro-actively detecting malicious online ads
    Patent number: 9306968
    Abstract: Methods and systems for risk rating and pro-actively detecting malicious online ads are described. In one example embodiment, a system for risk rating and pro-actively detecting malicious online ads includes an extraction module, an analysis engine, and a filter module. The extraction module is configured to extract a SWF file from a web page downloaded by the system. The analysis engine is communicatively coupled to the extraction module. The analysis engine is configured to determine a risk rating for the SWF file and send the risk rating to a web application for display. In an example, determining the risk rating includes locating an embedded redirection URL and determining a risk rating for the embedded redirection URL. The filter module is configured to determine, based on the risk rating, whether to block the SWF file and send a warning to the web application for display.
    Type: Grant
    Filed: July 30, 2014
    Date of Patent: April 5, 2016
    Assignee: McAfee, Inc.
    Inventors: Jayesh Sreedharan, Rahul Mohandas
  • System, method, and computer program product for dynamically configuring a virtual environment for identifying unwanted data
    Patent number: 9306796
    Abstract: A system, method, and computer program product are provided for dynamically configuring a virtual environment for identifying unwanted data. In use, a virtual environment located on a first device is dynamically configured based on at least one property of a second device. Further, unwanted data is identified, utilizing the virtual environment.
    Type: Grant
    Filed: March 18, 2008
    Date of Patent: April 5, 2016
    Assignee: McAfee, Inc.
    Inventors: Igor G. Muttik, Mikhail Yu. Vorozhtsov
  • Multi-ring encryption approach to securing a payload using hardware modules
    Patent number: 9305172
    Abstract: Disclosed are systems and methods of employing a multi-ring encryption approach to secure a data payload. Each ring of encryption may be encrypted from a key derived from a password, such that each subsequent ring of protection is protected by a key derived from the key used to encrypt the previous ring of protection. Further, hardware-based encryption may be employed in one or more of the rings of protection to bind the encrypted payload to the hardware. Such systems and methods may be used to reduce the ability to parallelize an attack on encrypted data while also permitting password-related data to be synchronized across a network.
    Type: Grant
    Filed: March 15, 2013
    Date of Patent: April 5, 2016
    Assignee: McAfee, Inc.
    Inventor: David Webb
  • CONTEXT-AWARE REPUTATION OF A PLACE
    Publication number: 20160092469
    Abstract: In an example, one or more computing devices operate to provide a context-aware reputation of a place, such as in relation to a human user. Context may include the user's identity and purpose, as well as environmental factors such as time of day, weather, and political drivers. The device may communicate with a server to receive globalized safety intelligence. When the user enters a zone, the device may determine a context-sensitive reputation, such as “Green,” “Yellow,” or “Red.” Depending on the reputation, the device may then take an appropriate action, such as warning the user or providing additional information.
    Type: Application
    Filed: September 26, 2014
    Publication date: March 31, 2016
    Applicant: McAfee, Inc.
    Inventors: Joydeb Mukherjee, Saravana Kumar Subramanian, Raj Vardhan, Rangaswamy Narayana, Shankar Subramanian, Dattatraya Kulkarni, Javed Hasan
  • System and method for virtual partition monitoring
    Patent number: 9298910
    Abstract: A method is provided in one example embodiment that includes receiving in an external handler an event notification associated with an event in a virtual partition. A thread in the process in the virtual partition that caused the event can be parked. Other threads and processes may be allowed to resume while a security handler evaluates the event for potential threats. A helper agent within the virtual partition may be instructed to execute a task, such as collecting and assembling event context within the virtual partition, and results based on the task can be returned to the external handler. A policy action can be taken based on the results returned by the helper agent, which may include, for example, instructing the helper agent to terminate the process that caused the event.
    Type: Grant
    Filed: June 8, 2011
    Date of Patent: March 29, 2016
    Assignee: McAfee, Inc.
    Inventors: Gregory W. Dalcher, Jonathan L. Edwards