Patents Assigned to McAfee, LLC
-
Patent number: 10348709Abstract: Techniques are disclosed for providing an authentication service that performs authentication of users on behalf of a relying party. The authentication service receives authentication requirements from the relying party and compares those requirements with authentication capabilities of the user and user equipment. If the authentication requirements are met, the authentication service may perform authentication using the corresponding authentication factors. If the available authentication factors are insufficient or the user fails authentication using the authentication factors used by the authentication service, the relying party may be notified that authentication failed. Upon successful authentication, the authentication service notifies the requiring party that the user has been authenticated.Type: GrantFiled: September 25, 2015Date of Patent: July 9, 2019Assignee: McAfee, LLCInventors: Gilad Gitlin, Richard Reiner, John McDowell
-
Patent number: 10348742Abstract: A system, method, and computer program product are provided for dynamically configuring a virtual environment for identifying unwanted data. In use, a virtual environment located on a first device is dynamically configured based on at least one property of a second device. Further, unwanted data is identified, utilizing the virtual environment.Type: GrantFiled: March 15, 2016Date of Patent: July 9, 2019Assignee: McAfee, LLCInventors: Igor G. Muttik, Mikhail Yu Vorozhtsov
-
Patent number: 10339014Abstract: Disclosed herein are distributed ledger systems and methods for efficiently creating and updating a query optimized distributed ledger. In particular, the present disclosure introduces methods and apparatuses for efficiently updating indexes when new blocks are added to the distributed ledger by using snapshots of data and appending new snapshot tables and indexes to previous snapshot tables and indexes.Type: GrantFiled: September 28, 2016Date of Patent: July 2, 2019Assignee: McAfee, LLCInventors: Ned M. Smith, Vincent J. Zimmer, Rajesh Poornachandran, Cedric Cochin, Igor G. Muttik
-
Patent number: 10339303Abstract: Particular embodiments described herein provide for an electronic device that includes a binder kernel driver. The binder kernel driver can be configured to receive an application program interface (API) call, extract metadata from the API call, determine that the API call should be hooked based on the extracted metadata, and hook the API call.Type: GrantFiled: January 22, 2015Date of Patent: July 2, 2019Assignee: McAfee, LLCInventors: Kunal Mehta, Balbir Singh, Rajbir Bhattacharjee
-
Patent number: 10339288Abstract: Usage patterns of an authentic user of a mobile device are generated from data collected representing usage by the authentic user. These usage patterns may then be compared to monitored usage of the mobile device. If usage of the mobile device exceeds a threshold based on one or more of the usage patterns, access to data on the mobile device can be prevented.Type: GrantFiled: December 12, 2013Date of Patent: July 2, 2019Assignee: MCAFEE, LLCInventors: Joshua Cajetan Rebelo, Jeyasekar Marimuthu
-
Patent number: 10333926Abstract: A secure identifier is derived, using a secured microcontroller of a computing device, that is unique to a pairing of the computing device and a particular domain. Secure posture data corresponding to attributes of the computing device is identified in secured memory of the computing device. The secure identifier and security posture is sent in a secured container to a management device of the particular domain. The particular domain can utilize the information in the secured container to authenticate the computing device and determine a security task to be performed relating to interactions of the computing device with the particular domain.Type: GrantFiled: July 12, 2016Date of Patent: June 25, 2019Assignee: McAfee, LLCInventors: Vincent Edward Von Bokern, Purushottam Goel, Sven Schrecker, Ned McArthur Smith
-
Patent number: 10326856Abstract: A system provides a way for a person to control access to digital assets, including financial accounts, through a common gateway that can interact on the person's behalf with service providers that manage the digital assets. Brokers may act as intermediaries between the gateway and the service providers, providing a common interface to the gateway and a specific interface to a service provider. Trigger events can cause the gateway to interact with the service providers, causing the service providers to take a desired action. The trigger events may include notification sent by the person, timed events, and other detected events.Type: GrantFiled: June 25, 2015Date of Patent: June 18, 2019Assignee: McAfee, LLCInventors: Sumithra Dhandayuthapani, Sumithira Rasappa Gounder, Rohit Jain, Simon Hunt
-
Patent number: 10318746Abstract: There is disclosed in an example, a computing apparatus, including: a trusted execution environment (TEE); and one or more logic elements providing a collaboration engine within the TEE, operable to: receive a change to a secured document via a trusted channel; apply a change to the secured document; log the change to a ledger; and display the document to a client device via a protected audio-video path (PAVP). There is also disclosed a method of providing a collaboration engine, and a computer-readable medium having stored thereon executable instructions for providing a collaboration engine.Type: GrantFiled: September 25, 2015Date of Patent: June 11, 2019Assignee: McAfee, LLCInventors: Oleg Pogorelik, Alex Nayshtut, Ned M. Smith, Igor Muttik, Omer Ben-Shalom
-
Patent number: 10320830Abstract: A set of attributes of a particular asset of a computing environment is identified that are determined from data collected by one or more utilities in the computing environment. A criticality rating is automatically determined for the particular asset based at least in part on the set of attributes. A security activity is caused to be performed relating to the particular asset based on the automatically determined criticality rating of the particular asset.Type: GrantFiled: April 23, 2018Date of Patent: June 11, 2019Assignee: McAfee, LLCInventors: Ratinder Paul Singh Ahuja, Sven Schrecker
-
Patent number: 10318743Abstract: Assessing ransomware impact includes receiving an indication of a first plurality of files stored on a user device and a classification for each of the first plurality of files, determining a second plurality of files stored in a remote storage, wherein the second plurality of files corresponds to an indication of files stored on the user device at a first prior time, wherein each of the second plurality of files are associated with a second classification, determining a third plurality of files comprising files included in the first plurality of files and not included in the second plurality of files, and calculating a risk assessment based on classifications for each of the third plurality of files.Type: GrantFiled: December 28, 2016Date of Patent: June 11, 2019Assignee: McAfee, LLCInventors: Bidan Sinha, Arun Chundiriyil Pullat, Arpit Pradhan, German Lancioni, Priyadarshini Rao Rajan, Cedric Cochin, Craig Schumgar
-
Publication number: 20190171510Abstract: There is disclosed in one example a network device, including: a hardware platform including at least a processor and a memory; a communication interface; and stored instructions on the memory to instruct the processor to provide a health monitoring engine (HME) configured to: communicatively couple to a network via the network interface; construct a reference template during a training period; observe watchdog behavior on the network during an observation period; identify an abnormality in the watchdog behavior including a substantial variance from the reference template; and trigger a resilience response to the substantial variance.Type: ApplicationFiled: January 29, 2019Publication date: June 6, 2019Applicant: McAfee, LLCInventors: Ned M. Smith, Thiago Jose Macieira, Zheng Zhang, Tobias M. Kohlenberg, Igor G. Muttik
-
Publication number: 20190173861Abstract: There is disclosed in one example a sentinel device, including: a hardware platform including at least a processor and configured to provide a trusted execution environment (TEE); and a security engine operable to instruct the hardware platform to: determine that an internet of things (IoT) device in a first realm R1 requires a secure communication channel with a second device in a second realm R2; query a key server for a service appliance key for the secure communication channel; establish a secure communication channel with the endpoint device using the service appliance key and the TEE; and provide a security service function within R1 including brokering communication via the secure communication channel between the IoT device and the second device.Type: ApplicationFiled: February 12, 2019Publication date: June 6, 2019Applicant: McAfee, LLCInventors: Ned M. Smith, Simon Hunt, Venkata Ramanan Sambandam
-
Publication number: 20190173891Abstract: Embodiments are configured to receive metadata of a process intercepted on an end host when attempting to access a network. The metadata includes a hash of an application associated with the process and an endpoint reputation score of the application. Embodiments are configured to request a threat intelligence reputation score based on the hash of the application, to determine an action to be taken by the end host based, at least in part, on one or more policies and at least one of the threat intelligence reputation score and the endpoint reputation score, and to send a response indicating the action to be taken by the end host. Further embodiments request another threat intelligence reputation score based on another hash of a dynamic link library module loaded by the process on the end host, and the action is determined based, at least in part, on the other threat intelligence score.Type: ApplicationFiled: February 7, 2019Publication date: June 6, 2019Applicant: McAfee, LLCInventors: Chandan CP, Srinivasan Narasimhan
-
Patent number: 10311233Abstract: By hooking application programming interfaces in an execution environment, the return address for hooked application programming interface calls can be logged and used to determine when a packed binary has been unpacked. In one approach, memory allocations are detected and the return address is checked against the memory regions allocated. In another approach, the contents of memory at the return address in a pre-execution copy of the executable binary is compared with the contents of memory at the return address in the executing copy of the binary. This allows efficient detection of the completion of unpacking without knowledge of the unpacking technique. The unpacked binary may then be analyzed for possible malware.Type: GrantFiled: December 23, 2014Date of Patent: June 4, 2019Assignee: McAfee, LLCInventors: Amit Malik, Vikas Taneja, Benjamin Cruz
-
Patent number: 10313343Abstract: Context-based authentication in a secure network comprised of multiple interconnected programmable devices is described. One technique includes receiving, from a programmable device, identity data and contextual data associated with a current authentication of a user attempting to access a secure network. The user is associated with the programmable device. The technique may include determining, based on the identity data and the contextual data, one or more patterns associated with the current authentication of the user. Furthermore, a risk level associated with the current authentication of the user may be determined based on the identity data, the contextual data, and the one or more patterns. In at least one scenario, access is granted to the secure network in response to the determined risk level. Other advantages and embodiments are described.Type: GrantFiled: December 28, 2016Date of Patent: June 4, 2019Assignee: MCAFEE, LLCInventors: James Tischart, Jonathan Anderson
-
Patent number: 10313337Abstract: A method in one example implementation includes extracting a plurality of data elements from a record of a data file, tokenizing the data elements into tokens, and storing the tokens in a first tuple of a registration list. The method further includes selecting one of the tokens as a token key for the first tuple, where the token is selected because it occurs less frequently in the registration list than each of the other tokens in the first tuple. In specific embodiments, at least one data element is an expression element having a character pattern matching a predefined expression pattern that represents at least two words and a separator between the words. In other embodiments, at least one data element is a word defined by a character pattern of one or more consecutive essential characters. Other specific embodiments include determining an end of the record by recognizing a predefined delimiter.Type: GrantFiled: September 11, 2017Date of Patent: June 4, 2019Assignee: McAfee, LLCInventors: Ratinder Paul Singh Ahuja, William J. Deninger
-
Publication number: 20190166136Abstract: An opportunity to assist with remediation of a file at a remote particular host device is identified. One or more remediation techniques are identified that can be applied to assist with remediation of the file at the particular host device. In one aspect, one or more remediation scripts are identified from a plurality of remediation scripts for remediation of the file and provided to the particular host device for execution on the particular host device. In another aspect, a remediation tool is identified and launched on a computing device remote from the particular host device with operations of the remediation tool applied to resources of the particular host device. In another aspect, at least a portion of the remediation techniques are remotely initiated to be performed locally at the particular host device.Type: ApplicationFiled: January 30, 2019Publication date: May 30, 2019Applicant: McAfee, LLCInventors: John D. Teddy, James Douglas Bean, Gregory William Dalcher, Jeff Hetzler
-
Patent number: 10305929Abstract: According to one example, a system and method are disclosed for malware and grayware remediation. For example, the system is operable to identify applications that have some legitimate behavior but that also exhibit some undesirable behavior. A remediation engine is provided to detect malware behavior in otherwise useful applications, and allow the useful parts of the application to run while blocking the malware behavior. In an example method of “healing,” this may involve modifying the application binary to remove undesirable behavior. In an example method of “personalization,” this may involve inserting control hooks through the operating system to prevent certain subroutines from taking effect.Type: GrantFiled: December 21, 2013Date of Patent: May 28, 2019Assignee: McAfee, LLCInventors: Dattatraya Kulkarni, Srikanth Nalluri, Raja Sinha, Venkatasubrahmanyam Krishnapur
-
Patent number: 10303876Abstract: A technique for detecting malware looks at startup hooks that may be created by malware to assist in ensuring that the malware is started upon a reboot of a programmable device. After enumerating startup hooks in the system, startup hooks associated with untrusted executables are deleted. If the startup hook is restored, that is an indication that the untrusted executable may be malware. An indication may then be passed to an anti-malware software to analyze the executable further.Type: GrantFiled: December 27, 2016Date of Patent: May 28, 2019Assignee: McAfee, LLCInventors: Craig Schmugar, John Teddy, Cedric Cochin
-
Publication number: 20190158461Abstract: A custody transfer of a device can include sending a start of transfer request to an attestation device over a short range wireless communication channel, a nonce is received from the attestation device in association with the start of transfer request, and the nonce is signed at the particular gateway device. The signed nonce is sent to the attestation device, a transfer confirmation message is received from the attestation device, and a transfer message is sent to a management system to report a transfer in custody of the attestation device involving the particular gateway device and another gateway device.Type: ApplicationFiled: January 14, 2019Publication date: May 23, 2019Applicant: McAfee, LLCInventors: Jesse Randall Walker, Howard C. Herbert, Kirk D. Brannock, Geoffrey H. Cooper, David A. deVries, David M. Amols, Sven Schrecker, Stephen H. Price