Patents Assigned to McAfee, LLC
  • Publication number: 20210377312
    Abstract: An apparatus, related devices and methods, having a memory element operable to store instructions; and a processor operable to execute the instructions, such that the apparatus is configured to determine, based on operating system workload demands, whether a high-demand application is running and, based on a determination that a high-demand application is running, apply an optimization policy that modifies a security application, wherein the optimization policy modification includes reducing a protection applied by the security application.
    Type: Application
    Filed: May 29, 2020
    Publication date: December 2, 2021
    Applicant: McAfee, LLC
    Inventors: Shuborno Biswas, Junmin Qiu, Siddaraya B. Revashetti
  • Patent number: 11182480
    Abstract: Particular embodiments described herein provide for a system that can be configured to identify cryptomining malware. The electronic device can be configured to identify a website, determine one or more uniform resource locators associated with the website, determine scripts associated with the website, obtain a string format of each of the determined scripts associated with the website, analyze each of the of the string formats to determine if a specific script is related to malware, and block the website if the specific script is related to malware. In an example, the system can also be configured to determine if usage of the computer processing unit and/or system resources increase more than a threshold amount during access to the website and send the one or more uniform resource locators associated with the website to a network security engine for further analysis.
    Type: Grant
    Filed: September 28, 2018
    Date of Patent: November 23, 2021
    Assignee: McAfee, LLC
    Inventors: William Park, Jason Chan, Wilson Shing-Hay Li
  • Patent number: 11182870
    Abstract: A technique includes providing real-time collective and collaborative navigation for one or more users to navigate to a destination. Each computing device associated with a member includes navigation objects that is pooled in a server and updated on each client device of users as one or more users navigate to a destination. A set of navigation objects may be created and distributed to the members within the group for the session, whereby the navigation objects are data structures that may be managed by a server. Based on a contextual trigger, the navigation object may be created or modified and used to provide a context to the navigation session. Navigation objects may continuously analyze user context and user situations to detect anomalies for one or more members in the group.
    Type: Grant
    Filed: December 10, 2015
    Date of Patent: November 23, 2021
    Assignee: McAfee, LLC
    Inventors: Dattatraya Kulkarni, Srikanth Nalluri, Raja Sinha, Susmita Nayak, Krishnapur Venkatasubrahmanyam, Anjan Nayak, Raghuvir Songhela, Bhaavika Panjwani
  • Patent number: 11184373
    Abstract: There is disclosed in one example a computing apparatus, including: a processor; and logic encoded into one or more computer-readable mediums, the logic to instruct the processor to: capture first data from an intermediate data source across a first temporal interval; perform partial signal processing on the first data to classify the first temporal interval as either suspicious or not suspicious, wherein the first temporal interval is classified as suspicious if it is determined to potentially represent at least a portion of a cryptomining operation; classify second through N temporal intervals as either suspicious or not suspicious; based on the first through N temporal intervals, classify the apparatus as either operating a cryptomining function or not; and upon classifying the apparatus as operating a cryptomining function and determining that the cryptomining function is not authorized, take remedial action on the apparatus.
    Type: Grant
    Filed: August 9, 2018
    Date of Patent: November 23, 2021
    Assignee: McAfee, LLC
    Inventors: German Lancioni, Kunal Mehta, Carl Woodward
  • Patent number: 11176249
    Abstract: There is disclosed in one example a computing apparatus, including: a network interface; a hardware platform, including at least a processor and a memory; and instructions encoded in the memory to instruct the processor to: identify an executable object to be run on the apparatus, the executable object to provision a plurality of local files or objects with unknown local reputations; query via the network interface a remote service with an identification of the executable object; responsive to the query, receive from the remote service a reputation batch for the local files or object; and selectively permit installation of the executable object and/or the plurality of local files or objects based at least in part on individual reputations within the reputation batch.
    Type: Grant
    Filed: March 28, 2019
    Date of Patent: November 16, 2021
    Assignee: McAfee, LLC
    Inventors: Craig Schmugar, Jyothi Mehandale
  • Publication number: 20210350361
    Abstract: An attempted transaction is identified involving a customer device and the first customer device is redirected to a security broker. A security report for the first customer device is received from the security broker. The security report is based on security data transmitted from the customer device to the security broker. An action can be performed in association with the attempted transaction based at least in part on the received security report. In some aspects, the security broker receives security data describing security conditions on the customer device in connection with the transaction between the customer device and a transaction partner. A risk tolerance policy is identified that corresponds to the transaction partner, such as an ecommerce provider. A security report is generated based on a comparison of the risk tolerance policy and the security data and the security report.
    Type: Application
    Filed: May 24, 2021
    Publication date: November 11, 2021
    Applicant: McAfee, LLC
    Inventors: Michael Condry, Sven Schrecker
  • Patent number: 11171895
    Abstract: Particular embodiments described herein provide for a system that can be configured to communicate chat session data during a chat session to a first display of a first electronic device, communicate the chat session data during the chat session to a second display of a second electronic device, receive sensitive data during the chat session from the first electronic device, and protect the sensitive data from being displayed on the second display during the chat session without breaking continuity of the chat session.
    Type: Grant
    Filed: October 6, 2020
    Date of Patent: November 9, 2021
    Assignee: McAfee, LLC
    Inventors: Robert L. Vaughn, David M. Durham, Cedric Cochin, Jonathan B. King
  • Patent number: 11171984
    Abstract: Embodiments are configured to receive metadata of a process intercepted on an end host when attempting to access a network. The metadata includes a hash of an application associated with the process and an endpoint reputation score of the application. Embodiments are configured to request a threat intelligence reputation score based on the hash of the application, to determine an action to be taken by the end host based, at least in part, on one or more policies and at least one of the threat intelligence reputation score and the endpoint reputation score, and to send a response indicating the action to be taken by the end host. Further embodiments request another threat intelligence reputation score based on another hash of a dynamic link library module loaded by the process on the end host, and the action is determined based, at least in part, on the other threat intelligence score.
    Type: Grant
    Filed: March 30, 2020
    Date of Patent: November 9, 2021
    Assignee: McAfee, LLC
    Inventors: Chandan CP, Srinivasan Narasimhan
  • Publication number: 20210344696
    Abstract: A method including receiving a feature vector of an unknown sample, computing a MinHash of the unknown sample based on Jaccard-compatible features, querying a Locality Sensitive Hashing forest of known samples with the MinHash of the unknown sample to identify a first subset of known samples that are similar to the unknown sample, receiving for each individual known sample in the first subset, a feature vector including non-Jaccard distance-compatible features, computing a first sub-distance and a second sub-distance between the unknown sample and the known samples in the first subset, calculating a total distance for each known sample in the first subset by combining the first and the second sub-distances, identifying, based on the calculated total distances, a second subset of known samples that are most similar to the unknown sample, and classifying the unknown sample based on the second subset.
    Type: Application
    Filed: April 30, 2020
    Publication date: November 4, 2021
    Applicant: McAfee, LLC
    Inventors: German Lancioni, Jonathan B. King, Steven Grobman
  • Publication number: 20210342446
    Abstract: An apparatus, related devices and methods, having memory; and a processor operable to execute instructions stored in the memory configured to cache a first data object and a second data object received from a source in a cache group based on metadata received from the source, where the metadata identifies the first and second data objects as related and the first data object as a trigger object; receive a request from a client for the first data object; identify, based on a determination that the first data object is invalid and is the trigger object, the first data object and the second data object as invalid; request a valid first data object and a valid second data object from the source; and cache the valid first and second data objects, received from the source, in the cache group.
    Type: Application
    Filed: April 30, 2020
    Publication date: November 4, 2021
    Applicant: McAfee, LLC
    Inventors: Arthur S. Zeigler, Eric Donald Wuehler, Jonathan B. King
  • Publication number: 20210344692
    Abstract: A method in an embodiment includes detecting a change for a virtual machine in a virtual server of a virtual network infrastructure, determining whether a virtual security appliance is configured in the virtual server, and sending a request to create the virtual security appliance in the virtual server. The method further includes allowing the virtual machine to initiate when the virtual security appliance is created in the virtual machine. The virtual security appliance performs security inspections on network packets sent from the virtual machine. In more specific embodiments, the method further includes creating an intercept mechanism in the virtual server to intercept the network packets from the virtual machine. In further embodiments, one or more security policies identify one or more virtual security appliances to process the network packets from the virtual machine.
    Type: Application
    Filed: May 13, 2021
    Publication date: November 4, 2021
    Applicant: McAfee, LLC
    Inventors: Geoffrey Howard Cooper, Manuel Nedbal, Hemang Satish Nadkarni
  • Publication number: 20210344651
    Abstract: There is disclosed in one example a computing apparatus, including: a hardware platform including a processor and a memory; a network interface; an operating system including a native internet protocol (IP) stack; and a security agent, including instructions encoded within the memory to instruct the processor to: establish a split virtual private network (VPN) tunnel with a remote VPN service; receive outgoing network traffic; direct a first portion of the outgoing traffic to the VPN tunnel, including determining that the first portion includes an outgoing domain name service (DNS) request; and direct a second portion of the outgoing traffic to the native IP stack.
    Type: Application
    Filed: June 26, 2020
    Publication date: November 4, 2021
    Applicant: McAfee, LLC
    Inventors: Harsha Ramamurthy Joshi, Shashank Jain, Himanshu Srivastava, Dattatraya Kulkarni, Srikanth Nalluri
  • Patent number: 11165694
    Abstract: Methods, systems, articles of manufacture and apparatus to identify an application (app) are disclosed. An example apparatus includes a data labeler to associate first router data with application identification data, a metrics manager to generate metric values associated with a segment of the first router data and generate histograms of the metric values, a classification engine to generate a signature model based on the histograms, and an application identifier to identify the application based on second router data by applying the second router data to the signature model.
    Type: Grant
    Filed: July 31, 2018
    Date of Patent: November 2, 2021
    Assignee: MCAFEE, LLC
    Inventors: Ameya Mahesh Sanzgiri, Yi Zheng
  • Patent number: 11165781
    Abstract: Technologies for a distributed Internet of Things (IoT) system including a plurality of IoT devices are disclosed. An example IoT device includes an input device to receive an input from a user and a processor to determine if a pattern is recognized in the input. The example IoT device also includes a communication circuit to: in response to a determination that a pattern is not recognized in the input, communicate a first message indicative of the input over a universal bus; and in response to a determination that a pattern is recognized in the input, communicate a second message indicative of the input directly to another IoT device without using the universal bus.
    Type: Grant
    Filed: June 13, 2019
    Date of Patent: November 2, 2021
    Assignee: McAfee, LLC
    Inventors: Gabriel G. Infante-Lopez, Robert J. Firby
  • Patent number: 11166170
    Abstract: A technique for collecting and using signal reputation data, comprising obtaining a plurality of signal reputation data corresponding to a plurality of locations, categorizing the signal reputation data into groups, calculating signal circles for at least some of the groups based on a representative signal value for the corresponding group, calculating a signal reputation score for each signal circle, determining a best signal circle for a user mobile device within a predetermined distance of dead zones, and sending the best signal circle to the user mobile device based at least in part on the signal reputation score and a location of the user mobile device. In some embodiments, the technique may include some but not all of these actions and additional actions, such as suspending obtaining signal reputation data based on battery status.
    Type: Grant
    Filed: September 28, 2018
    Date of Patent: November 2, 2021
    Assignee: MCAFEE, LLC
    Inventors: Raja Sinha, Dattatraya Kulkarni, Srikanth Nalluri, Anjan Kumar Nayak, Tirumaleswar Reddy Konda, Susmita Nayak, Purushothaman B, Harsha R. Joshi
  • Patent number: 11157617
    Abstract: In accordance with one embodiment of the present disclosure, a method for determining the similarity between a first data set and a second data set is provided. The method includes performing an entropy analysis on the first and second data sets to produce a first entropy result, wherein the first data set comprises data representative of a first one or more computer files of known content and the second data set comprises data representative of a one or more computer files of unknown content; analyzing the first entropy result; and if the first entropy result is within a predetermined threshold, identifying the second data set as substantially related to the first data set.
    Type: Grant
    Filed: September 19, 2019
    Date of Patent: October 26, 2021
    Assignee: McAfee, LLC
    Inventors: David Neill Beveridge, Abhishek Ajay Karnik, Kevin A. Beets, Tad M. Heppner, Karthik Raman
  • Patent number: 11157616
    Abstract: Code of a particular application is analyzed against a semantic model of a software development kit of a particular platform. The semantic model associates a plurality of application behaviors with respective application programming interface (API) calls of the particular platform. A set of behaviors of the particular application is identified based on the analysis of the code and a particular one of the set of behaviors is identified as an undesired behavior. The particular application can be automatically modified to remediate the undesired behavior. The particular application can be assigned to one of a plurality of device modes, and access to the particular application on a user device can be based on which of the plurality of device modes is active on the user device.
    Type: Grant
    Filed: September 21, 2018
    Date of Patent: October 26, 2021
    Assignee: McAfee, LLC
    Inventors: Srikanth Nalluri, Dattatraya Kulkarni, Raja Sinha, Venkatasubrahmanyam Krishnapur, Kaushal Kumar Dhruw, Kamlesh Halder
  • Patent number: 11159558
    Abstract: A query is received from a particular endpoint device identifying a particular wireless access point encountered by the particular endpoint device. Pre-existing risk assessment data is identified for the identified particular wireless access point and query result data is sent to the particular endpoint device characterizing pre-assessed risk associated with the particular wireless access point. In some instances, the query result data is generated based on the pre-existing risk assessment data. In some instances, pre-existing risk assessment data can be the result of an earlier risk assessment carried-out at least in part by an endpoint device interfacing with and testing the particular wireless access point.
    Type: Grant
    Filed: May 8, 2020
    Date of Patent: October 26, 2021
    Assignee: McAfee, LLC
    Inventors: Prasanna Ganapathi Basavapatna, Satish Kumar Gaddala, Sven Schrecker, David Moshe Goldschlag
  • Patent number: 11153150
    Abstract: Dynamically identifying and utilizing an opportunistic device by performing at least the following within a discovery offloading module: receive an offloading alert message from a service device, wherein the offloading alert message indicates the service device is unable to provide one or more services to the client device, receive a discovery message from a candidate device, wherein the discovery message indicates the candidate device is capable of performing the services provided to the client device, select, using the dedicated execution environment, an opportunistic service device based on the discovery message from the candidate device; and trigger the restart of host execution instruction within the client device by obtaining the one or more services from the opportunistic service device, wherein the discovery offloading module operates independently from the host execution instructions within the client device.
    Type: Grant
    Filed: July 15, 2019
    Date of Patent: October 19, 2021
    Assignee: McAfee, LLC
    Inventors: Ned Smith, Thiago Macieira, Zheng Zhang, Glen J. Anderson, Tobias Kohlenberg
  • Patent number: 11144345
    Abstract: Methods, apparatus, systems and articles of manufacture are disclosed. An example apparatus includes a detector to detect a user-initiated switch between a closed operating system type and an open operating system type; an adapter to, in response to a notification, from the detector, of the switch, transition activation from a first interface to a second interface; and a scanner including a first scanning engine to operate via the first interface when the detector detects that the operating system is in the closed operating system type and the second interface when the detector detects that the operating system is in the open operating system type.
    Type: Grant
    Filed: March 27, 2019
    Date of Patent: October 12, 2021
    Assignee: McAfee, LLC
    Inventors: Vishnu Varadaraj, Li Xiao, Kathryn Young