Patents Assigned to McAfee, LLC
-
Patent number: 10642976Abstract: Particular embodiments described herein provide for an electronic device that can be configured to analyze data related to a digital certificate and assign a reputation to the digital certificate, where the reputation includes an indication if the data is proper. The analysis of the data can include determining if code signing for the digital certificate matches binary code for the digital certificate, if the digital certificate has been grafted to the data by modifying a portable executable file header, or the digital certificate is the same as another trusted digital certificate associated with different data.Type: GrantFiled: June 27, 2015Date of Patent: May 5, 2020Assignee: McAfee, LLCInventors: Joel R. Spurlock, Ramnath Venugopalan
-
Publication number: 20200137060Abstract: Particular embodiments described herein provide for a network element that can be configured to receive, from an electronic device, a request to access a network service. In response to the request, the network element can send data related to the network service to the electronic device and add a test link to the data related to the network service. The network element can also be configured to determine if the test link was successfully executed and classify the electronic device as untrusted if the test link was not successfully executed.Type: ApplicationFiled: December 23, 2019Publication date: April 30, 2020Applicant: McAfee, LLCInventors: Martin Stecher, Andre Sabban
-
Patent number: 10628334Abstract: An adapter is configured to sit between an external storage device and another device configured to read and write to the external storage device. The adapter encrypts data written to the external storage device and decrypts data read from the external device. The adapter determines whether to allow reading from or writing to the external storage device responsive to instructions received from an authenticating device.Type: GrantFiled: December 29, 2017Date of Patent: April 21, 2020Assignee: McAfee, LLCInventors: Fernando Ruiz Altamirano, German Lancioni
-
Publication number: 20200120123Abstract: There is disclosed in one example an enterprise data server to provide regulated access of enterprise data to non-enterprise third parties, including: a hardware platform including a processor and a memory; a network interface; an enterprise data store, or an interface to access the enterprise data store; a reputation engine to receive a third-party script via the network interface and to assign a reputation to the third-party script; an ingress analyzer to scrutinize the third-party script according to the reputation and determine whether the third-party script may run; and a data collector to collect enterprise data from the enterprise data repository if the third-party script may run.Type: ApplicationFiled: November 12, 2019Publication date: April 16, 2020Applicant: McAfee, LLCInventor: Igor G. Muttik
-
Patent number: 10621977Abstract: Embodiments include a system, method, and apparatus for creating a trusted speech transcription. Transcription logic can receive a signal of audible speech from an audio source and convert the audible speech signal into text. Sampling logic can receive the signal of the audible speech and record a portion of the of the audible speech as a digital audio recording of the audible speech. Packaging logic can create a trusted speech transcription data record that includes the text and the digital audio recording and to digitally sign the transcription file to securely associate the text with the digital audio recording.Type: GrantFiled: October 30, 2015Date of Patent: April 14, 2020Assignee: McAfee, LLCInventors: Oleg Pogorelik, Alex Nayshtut, Igor Muttik, Adi Shaliv
-
Patent number: 10623438Abstract: A technique for detecting malware uses hardware capabilities of the processing element of a programmable device to detect modification of executable code during execution. By monitoring a dirty bit in page tables, pages that have been modified can be detected, allowing analysis of those pages during execution. An indication may then be passed to an anti-malware software to analyze the executable further.Type: GrantFiled: December 28, 2016Date of Patent: April 14, 2020Assignee: McAfee, LLCInventors: Venkata Ramanan Sambandam, Carl D. Woodward, Dmitri Rubakha, Steven L. Grobman
-
Publication number: 20200104489Abstract: Particular embodiments described herein provide for a system that can be configured to identify cryptomining malware. The electronic device can be configured to identify a website, determine one or more uniform resource locators associated with the website, determine scripts associated with the website, obtain a string format of each of the determined scripts associated with the website, analyze each of the of the string formats to determine if a specific script is related to malware, and block the website if the specific script is related to malware. In an example, the system can also be configured to determine if usage of the computer processing unit and/or system resources increase more than a threshold amount during access to the website and send the one or more uniform resource locators associated with the website to a network security engine for further analysis.Type: ApplicationFiled: September 28, 2018Publication date: April 2, 2020Applicant: McAfee, LLCInventors: William Park, Jason Chan, Wilson Shing-Hay Li
-
Patent number: 10609088Abstract: In an example, a security-connected platform is provided on a data exchange layer (DXL), which provides messaging on a publish-subscribe model. The DXL provides a plurality of DXL endpoints connected via DXL brokers. DXL endpoints communicate via DXL messages divided by topics. An asset management engine may be provided to use DXL messaging to query DXL endpoints so as to logically and physically map a network.Type: GrantFiled: September 28, 2014Date of Patent: March 31, 2020Assignee: McAfee, LLCInventor: Ofir Arkin
-
Patent number: 10604251Abstract: Particular embodiments described herein provide for modular device assemblies and methods for enabling maintenance and servicing, particularly by an unmanned aerial vehicle. A device assembly comprises a plurality of modules, each module having control circuitry, a communications port and contact points to couple the modules. When the modules are coupled, the communications ports are connected to create a bus for communications between the modules. The modular device structure where modules are removable and replaceable allows for an unmanned aerial vehicle to perform maintenance on the device.Type: GrantFiled: September 29, 2016Date of Patent: March 31, 2020Assignee: McAfee, LLCInventors: Mark E. Scott-Nash, Glen J. Anderson, Ned M. Smith, Cedric Cochin, Igor G. Muttik
-
Publication number: 20200097656Abstract: Particular embodiments described herein provide for an electronic device that can be configured to identify a binary file, identify strings in the binary file, determine that at least one string in the binary file is larger than one kilobytes of data, identify at least one substring from each of the at least one strings in the binary file is larger than one kilobytes of data, and analyze each of the at least one substrings to determine if each of the at least one substrings are suspicious and related to malware.Type: ApplicationFiled: September 26, 2018Publication date: March 26, 2020Applicant: McAfee, LLCInventor: Daniel L. Burke
-
Publication number: 20200099515Abstract: Particular embodiments described herein provide for a system that can be configured to receive a notification that a client device is requesting, to modify original data associated with an online application, wherein the original data is stored in encrypted format in a cloud; decrypt the original data using a first client encryption key; store the decrypted data in a location accessible by the online application; enable editing capability of the decrypted data; receive a notification that the client device is finished modifying the data in decrypted format; determine whether the original data in decrypted format was modified; encrypt, based on a determination that the original data was modified, the modified data using a second client encryption key; and upload the modified data in encrypted format to the cloud.Type: ApplicationFiled: September 25, 2018Publication date: March 26, 2020Applicant: McAfee, LLCInventor: Roy Douglas Hopkins
-
Patent number: 10599662Abstract: Embodiments are disclosed herein for remote retrieval of information from endpoints and comprise receiving a master query at an endpoint in a network environment and executing a set of one or more subqueries defined in the master query. Embodiments also comprise an execution of a first subquery that includes executing a function to produce a first output, applying one or more conditions to the first output to determine a second output, and determining a result of the master query based, at least in part, on the second output. In specific embodiments, the master query is received from another node over a network connection. In more specific embodiments, the function is executed on the endpoint to collect real-time information based on one or more parameters. In further embodiments, the function is one of a plug-in or a script.Type: GrantFiled: June 26, 2015Date of Patent: March 24, 2020Assignee: McAfee, LLCInventors: Leandro Ignacio Costantino, Cristian A. Sanchez, Juan M. Olle, Diego Naza Pamio
-
Patent number: 10599846Abstract: Systems, computer readable media, apparatuses, and methods are disclosed for segregating executable files exhibiting network activity. An example apparatus includes at least one processor and memory including instructions which, when executed, cause the at least one processor to launch an executable file in a segmented portion of a computing system to load one or more dynamically linked libraries (DLLs) associated with the executable file into a process environment block (PEB) of the segmented portion, enumerate the PEB to generate an address list of the one or more DLLs, scan the one or more DLLs to determine whether the one or more DLLs are to perform network activity, and perform malware analysis on the executable file when at least one of the one or more DLLs are to perform network activity.Type: GrantFiled: August 23, 2018Date of Patent: March 24, 2020Assignee: MCAFEE, LLCInventors: Neeraj Thakar, Amit Malik
-
Publication number: 20200084227Abstract: There is disclosed in one example, a computing apparatus, including: a hardware platform including a processor and a memory; a network interface; a data exchange layer (DXL) application programming interface (API), the DXL API including instructions to communicatively couple the apparatus to a DXL bus and provide a DXL abstraction layer on top of a TCP/IP-based communication network; and a reputation engine including instructions encoded within memory to instruct the processor to: receive a plurality of DXL messages from a first DXL endpoint; compute a composite reputation for the first DXL endpoint; receive from a second DXL endpoint a DXL message requesting a reputation for the first DXL endpoint; establish a private topic on the DXL bus between the computing apparatus and the second DXL endpoint; and publish the composite reputation to the private topic.Type: ApplicationFiled: November 15, 2019Publication date: March 12, 2020Applicant: McAfee, LLCInventors: Christopher Smith, Edward T. McDonald, Don R. Hanson
-
Patent number: 10587576Abstract: The present disclosure combines Software Defined Networks (SDN) concepts with Security concepts. The coordination between SDN and Security provides a myriad of advantageous use cases. One exemplary use case involves providing a fast path at network speeds using SDN by routing network traffic to bypass a security appliance once the security appliance determines that the security appliance no longer needs to inspect the network traffic. Another exemplary use case involves remote provisioning of security zones.Type: GrantFiled: December 10, 2013Date of Patent: March 10, 2020Assignee: McAfee, LLCInventors: Geoffrey Howard Cooper, John Richard Guzik
-
Patent number: 10588005Abstract: A collection of wearable communicating devices generates signals that may be detected and analyzed to produce a fingerprint of the collection of wearable devices. An analysis unit may recognize patterns or other information in detected signals and generate a fingerprint of a body area network corresponding to the collection of wearable devices. The fingerprint may be fuzzy fingerprint, matchable with a fingerprint of a similar, but not necessarily identical, collection of wearable devices that has been previously generated or obtained. The fingerprint may be used for tracking or other purposes. Some embodiments may allow the generation of additional signals that modify the fingerprint.Type: GrantFiled: September 26, 2014Date of Patent: March 10, 2020Assignee: McAfee, LLCInventors: Igor Muttik, Martin Stecher
-
Patent number: 10579544Abstract: Particular embodiments described herein provide for an electronic device that can be configured to receive a request from a process to access data is a system, determine if the data is in a virtualized protected area of memory in the system, and allow access to the data if the data is in the virtualized protected area of memory and the process is a trusted process. The electronic device can also be configured to determine if new data should be protected, store the new data in the virtualized protected area of memory in the system if the new data should be protected, and store the new data in an unprotected area of memory in the system if the new data should not be protected.Type: GrantFiled: December 12, 2018Date of Patent: March 3, 2020Assignee: McAfee, LLCInventors: Joel R. Spurlock, Zheng Zhang, Aditya Kapoor, Jonathan L. Edwards, Khai N. Pham
-
Patent number: 10582021Abstract: A computer readable storage medium, system and method for improving automated testing systems to include a first and second behavioral data. The first behavioral data is collected periodically and the second behavioral data is collected in real time. The receipt of the first behavioral data and a second behavioral data are followed by the receipt of a system configuration template. A test case is updated based on the first and second behavioral data, and an automated test environment is reconfigured based on the first behavioral data, second behavioral data, and the system configuration template. The test executes in the automated test environment producing a test result.Type: GrantFiled: July 1, 2016Date of Patent: March 3, 2020Assignee: McAfee, LLCInventor: James Tischart
-
Patent number: 10581617Abstract: A technique for secure network storage includes generating, by a trusted execution environment in a first device, an encryption key and a certificate for a document, wherein the certificate comprises expiry information for the document and the encryption key, encrypting, by a general execution environment in the first device, the document with the encryption key, transmitting the encryption key to a remote key manager, and transmitting the document to a remote network storage device, wherein a second device is allowed to decrypt the document based on the expiry information.Type: GrantFiled: December 23, 2015Date of Patent: March 3, 2020Assignee: McAfee, LLCInventors: Hormuzd M. Khosravi, Alex Nayshtut, Igor Muttik
-
Publication number: 20200067947Abstract: Particular embodiments described herein provide for an electronic device that can be configured to receive data in a data flow, extract a data visa from the data flow, wherein the data visa is related to the data, and determine a reputation of the data from the data visa. The data visa can include reputation determination information obtained by previous network elements in the data flow. In addition, the electronic device can update the data visa, and communicate the updated data visa and data to a next network element in the data flow.Type: ApplicationFiled: October 29, 2019Publication date: February 27, 2020Applicant: McAfee, LLCInventors: Michael Schneider, Paul Gartside, David Oxley, Ramon Peypoch