Patents Assigned to McAfee, LLC
-
Patent number: 9955001Abstract: In an example, a mobile device is configured to automatically lock when a detector, such as a GPS receiver, determines that the device is in motion above a certain speed threshold, such as 10 mph. Additional detectors may be used to determine whether the device is operated by the user or by a passenger, so that intelligent decisions can be made about whether to lock the device. During the lock, certain selected apps such as a GPS navigation system or music player may be enabled, with limited controls as appropriate. In some cases, hands-free operations may be available. The mobile device may also be configured to provide an automated response to incoming calls and messages.Type: GrantFiled: August 25, 2015Date of Patent: April 24, 2018Assignee: McAfee, LLCInventors: John Ying, Eming Saung, Yi Zheng
-
Patent number: 9946562Abstract: A system and method for rootkit protection in a hypervisor environment includes modules for creating a soft whitelist having entries corresponding to each guest kernel page of a guest operating system in a hypervisor environment, wherein each entry is a duplicate page of the corresponding guest kernel page, generating a page fault when a process attempts to access a guest kernel page, and redirecting the process to the corresponding duplicate page. If the page fault is a data page fault, the method includes fixing the page fault, and marking a page table entry corresponding to the guest kernel page as non-executable and writeable. If the page fault is an instruction page fault, the method includes marking a page table entry corresponding to the guest kernel page as read-only. Redirecting changing a machine page frame number in a shadow page table of the hypervisor to point to the corresponding duplicate page.Type: GrantFiled: June 24, 2015Date of Patent: April 17, 2018Assignee: McAfee, LLCInventors: Amit Dang, Preet Mohinder, Vivek Srivastava
-
Patent number: 9948468Abstract: In an example, a DHN (DHN) is provided for enabling grantees to access digitally-controlled assets of a principal. The principal (level 0) establishes a digital testament (DT), identifying one or more grantees on levels 1-n. Each grantee receives a digital heritage certificate (DHC), which may be based on the PKI certificate definition. The DHC includes a “PREDECESSORS” field, identifying one or more predecessor certificates that must be revoked before the DHC is valid. All grantee DHCs have the principal's level 0, DHC as a predecessor certificate. Level n certificates may also be valid only if all certificates at level n?1, have been revoked. In practice, a DHC may be revoked when a user of the certificate passes away, so that nth generation grantees inherit only when generation n?1, has passed away.Type: GrantFiled: December 23, 2014Date of Patent: April 17, 2018Assignee: McAfee, LLCInventors: Alex Nayshtut, Oleg Pogorelik, Avishay Sharaga, Ned M. Smith, Igor Muttik
-
Publication number: 20180096260Abstract: Disclosed herein are cloud-based machine learning systems and methods for monitoring networked devices to identify and classify characteristics, to infer typical or atypical behavior and assign reputation profiles across various networked devices, and to make remediation recommendations. In some embodiments, a cloud-based machine learning system may learn the typical operation and interfacing of a plurality of reputable devices that are known to be free from malicious software and other threats. In some embodiments, a cloud-based machine learning system may learn the typical operation and interfacing of a device, and may identify atypical operations or interfaces associated with that device by comparing the operations and interfaces to those of a plurality of networked devices or to those of a defined standard reference device.Type: ApplicationFiled: September 30, 2016Publication date: April 5, 2018Applicant: McAfee, LLCInventors: Vincent J. Zimmer, Joel R. Spurlock, Ramnath Venugopalan, Ned M. Smith, Igor G. Muttik, Rajesh Poornachandran
-
Patent number: 9934380Abstract: In an example, there is provided a system and method for execution profiling detection of malicious software objects. An execution profiling (EXP) engine may be provided in conjunction with a binary translation engine (BTE). Both may operate within a trusted execution environment (TEE). Because many malware objects make assumptions about memory usage of host applications, they may cause exceptions when those assumptions prove untrue. The EXP engine may proactively detect such exceptions via the BTE when the BTE performs its translation function. Thus, malicious behavior may be detected before a binary runs on a system, and remedial measures may be provided.Type: GrantFiled: December 23, 2014Date of Patent: April 3, 2018Assignee: McAfee, LLCInventors: Greg W. Dalcher, Koichi Yamada, Palanivel Rajan Shanmugavelayutham, Jitendra P. Singh
-
Patent number: 9936018Abstract: To provide a more seamless experience across multiple devices, task streaming systems and methods allow a user to create “task-contexts” and manage metadata of files stored across multiple data storage devices and user preferences associated with capabilities of the multiple devices for operating on the file. Furthermore, the task streaming systems and methods are provided to allow task-contexts to be shared from one device to another device. A task-context specifies one or more files and one or more operations to be performed on the one or more files. By providing a task-context from one device to the other device, a user can accomplish a task with a particular file and seamlessly transition between devices with minimal disruption and effort.Type: GrantFiled: December 14, 2013Date of Patent: April 3, 2018Assignee: McAfee, LLCInventors: Dattatraya Kulkarni, Srikanth Nalluri, Kamlesh Halder, Venkatasubrahmanyam Krishnapur, Shailaja Shankar, Kaushal Kumar Dhruw, Kranthikumar Gadde
-
Patent number: 9935995Abstract: A technique allows a client computer with a web browser to receive a web page having active content in response to transmitting a request for content. The active content includes a signature and a set of attributes associated with a web domain. The web browser can interpret the signature and the set of attributes as formatted in the active content. Validation of the signature and the set of attributes can be in a secure mode through a secure enclave module.Type: GrantFiled: December 23, 2014Date of Patent: April 3, 2018Assignee: McAfee, LLCInventors: Venkata Ramanan Sambandam, Simon Hunt
-
Publication number: 20180089670Abstract: An attempted transaction is identified involving a customer device and the first customer device is redirected to a security broker. A security report for the first customer device is received from the security broker. The security report is based on security data transmitted from the customer device to the security broker. An action can be performed in association with the attempted transaction based at least in part on the received security report. In some aspects, the security broker receives security data describing security conditions on the customer device in connection with the transaction between the customer device and a transaction partner. A risk tolerance policy is identified that corresponds to the transaction partner, such as an ecommerce provider. A security report is generated based on a comparison of the risk tolerance policy and the security data and the security report.Type: ApplicationFiled: August 21, 2017Publication date: March 29, 2018Applicant: McAfee, LLCInventors: Michael Condry, Sven Schrecker
-
Publication number: 20180086453Abstract: Particular embodiments described herein provide for modular device assemblies and methods for enabling maintenance and servicing, particularly by an unmanned aerial vehicle. A device assembly comprises a plurality of modules, each module having control circuitry, a communications port and contact points to couple the modules. When the modules are coupled, the communications ports are connected to create a bus for communications between the modules. The modular device structure where modules are removable and replaceable allows for an unmanned aerial vehicle to perform maintenance on the device.Type: ApplicationFiled: September 29, 2016Publication date: March 29, 2018Applicant: McAfee, LLCInventors: Mark E. Scott-Nash, Glen J. Anderson, Ned M. Smith, Cedric Cochin, Igor G. Muttik
-
Publication number: 20180091975Abstract: A first computing device is detected as substantially collocated with a wireless token device, using a short-range wireless communication network, and a connection is established between the first computing device and the wireless token device over the short-range wireless network. Authentication data stored in memory of the wireless token device is sent from the wireless token device to the first computing device over the short-range wireless network. The first computing device is authenticated to a particular computing session based on the authentication data and authenticating the first computing device permits the first computing device to participate in the particular computing session.Type: ApplicationFiled: June 5, 2017Publication date: March 29, 2018Applicant: McAfee, LLCInventor: Sven Schrecker
-
Patent number: 9928236Abstract: Systems, apparatus, computer-readable media, and methods to provide translation of words or phrases from an initial language to a target language using multiple pathways are disclosed. The multiple pathways may have independent or near independent errors and the use of multiple pathways may reduce the errors that may be encountered in semantic vector based language translation. Cost values may be determined for translation to various potential words in the target language based at least in part on the multiple translation pathways between the initial language and the final language. The cost values may be used to select from among the various potential words in the target language.Type: GrantFiled: September 18, 2015Date of Patent: March 27, 2018Assignee: MCAFEE, LLCInventors: Edward Dixon, Marcin Dziduch, Craig Olinsky
-
Patent number: 9929991Abstract: A system allows just-in-time checking of information about an email in which a hyperlink is embedded. Upon receipt of the email containing the hyperlink, the resource locator of the hyperlink is modified to allow checking the reputation of the email upon traversal of the hyperlink. At traversal of the hyperlink, the current reputation of the resource locator and the current reputation of the email are both determined, and one or more actions are performed responsive to the determination.Type: GrantFiled: September 16, 2016Date of Patent: March 27, 2018Assignee: McAfee, LLCInventors: Nicholas Liebmann, Martin Stecher, Paul Gartside, Michael G. Bishop, Simon Hunt
-
Patent number: 9930047Abstract: Associating a website with a credential manager includes identifying the launch of a first instance of a website to be associated with a credential manager in a web browser, displaying, along with the first instance of the website in the web browser, an overlay prompting a user to enter login data for the website, receiving, through the overlay in the web browser, the login data for the website, accessing a second instance of the website in a headless browser, utilizing the login data to attempt gain access to the second instance of the website, and in response to gaining access to the second instance of the website utilizing the login data, storing the login data in secure storage.Type: GrantFiled: September 24, 2015Date of Patent: March 27, 2018Assignee: McAfee, LLCInventor: Olivier Beaulieu
-
Patent number: 9928360Abstract: An opportunity for a computing device to participate in a secure session with a particular domain is identified. A domain identifier of the particular domain is received and a secured microcontroller of the computing device is used to identify a secured, persistent hardware identifier of the computing device stored in secured memory of the computing device. A secure identifier is derived for a pairing of the computing device and the particular domain based on the hardware identifier and domain identifier of the particular domain and the secure identifier is transmitted over a secured channel to the particular domain. The particular domain can verify identity of the computing device from the secure identifier and apply security policies to transactions involving the computing device and the particular domain based at least in part on the secure identifier.Type: GrantFiled: February 19, 2016Date of Patent: March 27, 2018Assignee: McAfee, LLCInventors: Vincent Edward Von Bokern, Purushottam Goel, Sven Schrecker, Ned McArthur Smith
-
Publication number: 20180083983Abstract: An opportunity to assist with remediation of a file at a remote particular host device is identified. One or more remediation techniques are identified that can be applied to assist with remediation of the file at the particular host device. In one aspect, one or more remediation scripts are identified from a plurality of remediation scripts for remediation of the file and provided to the particular host device for execution on the particular host device. In another aspect, a remediation tool is identified and launched on a computing device remote from the particular host device with operations of the remediation tool applied to resources of the particular host device. In another aspect, at least a portion of the remediation techniques are remotely initiated to be performed locally at the particular host device.Type: ApplicationFiled: May 25, 2017Publication date: March 22, 2018Applicant: McAfee, LLCInventors: John D. Teddy, James Douglas Bean, Gregory William Dalcher, Jeff Hetzler
-
Patent number: 9923881Abstract: In one embodiment, an apparatus comprises a processor to execute instructions and having at least a first logic to execute in a trusted execution environment, a secure storage to store a platform group credential, and a first logical device comprising at least one hardware logic. The platform group credential may be dynamically provisioned into the apparatus and corresponding to an enhanced privacy identifier associated with the apparatus. The first logical device may have a first platform group private key dynamically provisioned into the first logical device and corresponding to an enhanced privacy identifier associated with the first logical device, to bind the first logical device to the apparatus. Other embodiments are described and claimed.Type: GrantFiled: December 21, 2015Date of Patent: March 20, 2018Assignee: McAfee, LLCInventors: Ned M. Smith, Sven Schrecker
-
Patent number: 9917863Abstract: A method is provided for implementing a mandatory access control model in operating systems which natively use a discretionary access control scheme. A method for implementing mandatory access control in a system comprising a plurality of computers, the system comprising a plurality of information assets, stored as files on the plurality of computers, and a network communicatively connecting the plurality of computers, wherein each of the plurality of computers includes an operating system that uses a discretionary access control policy, and wherein each of a subset of the plurality of computers includes a software agent component operable to perform the steps of intercepting a request for a file operation on a file from a user of one of the plurality of computers including the software agent, determining whether the file is protected, if the file is protected, altering ownership of the file from the user to another owner, and providing access to the file based on a mandatory access control policy.Type: GrantFiled: May 20, 2016Date of Patent: March 13, 2018Assignee: McAfee, LLCInventors: Oren Tirosh, Eran Werner
-
Patent number: 9914460Abstract: In an example, there is disclosed a computing apparatus, including: a driver identity detector to detect the identity of a driver; and one or more logic elements providing a driver competency engine, operable to: detect the identity of the driver; evaluate the driver's operation of a vehicle; and build a driver competency profile based at least in part on the evaluating. The driver competency engine may further be operable to detect a context of the operation, such as environmental factors. There is also described a method of providing a driver competency engine, and one or more computer readable mediums having stored thereon executable instructions for providing a driver competency engine.Type: GrantFiled: September 25, 2015Date of Patent: March 13, 2018Assignee: McAfee, LLCInventors: Simon Hunt, Venkata Ramanan Sambandam, Prasanna Venkateswaran
-
Patent number: 9917775Abstract: There is disclosed a network device having a network interface; and one or more logic elements comprising a flow table engine operable to: receive a network packet via the network interface; perform a logging action to make the network packet traceable; and notify a software-defined networking (SDN) controller of the logging action via the network interface. There is also disclosed an SDN controller having a network interface; first one or more logic elements comprising a software-defined networking (SDN) controller engine to provide SDN controller services; and second one or more logic elements comprising a route tracing engine, operable to: receive a logging action for a network packet from a network device via the network interface; and update a logging table from the logging action. There is further disclosed a method of providing the foregoing, and computer-readable mediums for providing the foregoing.Type: GrantFiled: December 22, 2015Date of Patent: March 13, 2018Assignee: McAfee, LLCInventors: Shivakrishna Anandam Mulka, Jayakrishnan Nair
-
Patent number: 9912528Abstract: There is disclosed in one example, a computing apparatus, having: first one or more logic elements comprising at least a processor and a memory to provide an operational environment; and second one or more logic elements providing an out-of-band management engine to function independently of the operational environment, and to: provide an out-of-band communication driver; determine that the operational environment has encountered an error that inhibits network communication; receive security content from a server via the out-of-band communication driver into a third-party storage area; and apply the security content to the computing apparatus. There is also disclosed a method of providing an out-of-band management engine, and one or more tangible, non-transitory computer-readable storage mediums having stored instructions for providing an out-of-band management engine.Type: GrantFiled: December 22, 2015Date of Patent: March 6, 2018Assignee: McAfee, LLCInventors: Ward Coburn, Harvir Singh