Patents Assigned to McAfee, LLC
-
Patent number: 11575708Abstract: An apparatus for detecting a phishing website based on website icons is disclosed. A disclosed example apparatus includes a parser to locate a first website icon corresponding to a first website, an icon hasher to generate a first hash of the first website icon, and a hash checker to determine whether the first hash matches a second hash of a second website icon corresponding to a second website in an icon hash database, the hash checker to, in response to the first hash matching the second hash, determine whether a first portion of a first Uniform Resource Locator (URL) corresponding to the first website matches a second portion of a second URL corresponding to the second website, the hash checker to, in response to the first portion not matching the second portion, identify the first website as a phishing website.Type: GrantFiled: May 29, 2020Date of Patent: February 7, 2023Assignee: McAfee, LLCInventors: Oliver Devane, Rafael Pena, Abhishek Karnik
-
Patent number: 11568049Abstract: Methods, apparatus, systems and articles of manufacture to defend against adversarial machine learning are disclosed. An example apparatus includes a model trainer to train a classification model based on files with expected classifications; and a model modifier to select a convolution layer of the trained classification model based on an analysis of the convolution layers of the trained classification model; and replace the convolution layer with a tree-based structure to generate a modified classification model.Type: GrantFiled: September 27, 2019Date of Patent: January 31, 2023Assignee: McAfee, LLCInventors: Sherin M. Mathews, Celeste R. Fralick
-
Publication number: 20230021885Abstract: There is disclosed a method of providing passive phishing remediation for an enterprise, including: displaying, to a user of a mobile device, an email; receiving from the user a one-click request to perform additional analysis of the email; providing the email to a phishing mitigation service; assigning the email a reputation score, generating a human-readable reputation display for the email, wherein the human-readable reputation display includes at least three grades comprising safe, unknown or unreliable, and unsafe or malicious; and providing the human-readable reputation display as a push notification to the mobile device.Type: ApplicationFiled: October 5, 2022Publication date: January 26, 2023Applicant: McAfee, LLCInventors: Davoud Maha, Mykhaylo Melnyk, Lior Rudnik
-
Patent number: 11562254Abstract: Example apparatus disclosed herein generate blocks of a blockchain, the blockchain to store a neural network that has input nodes, hidden nodes and output nodes, with respective ones of the blocks of the blockchain including respective code and respective data to represent corresponding ones of the output nodes of the neural network, a first one of the blocks including first code and first data to implement operations to be performed by a first one of the output nodes, the hidden nodes and the input nodes on input data applied to the neural network to determine an output of the first one of the output nodes. Disclosed example apparatus also train the neural network to determine at least portions of the respective data to include in the respective ones of the blocks of the blockchain, and forward the blockchain to a server that is to distribute the neural network to client(s).Type: GrantFiled: July 30, 2019Date of Patent: January 24, 2023Assignee: McAfee, LLCInventors: Amanda House, Celeste R. Fralick, Eric Wuehler, Sherin Mathews
-
Publication number: 20230020523Abstract: A computing includes a hardware platform having a processor and a memory; and instructions encoded within the memory to instruct the processor to: on behalf of a human user, scan a social media platform for which the user has an account, and compute a proactive privacy risk score, wherein the proactive privacy risk score is a quantitative value based at least in part on an inherent risk of the social media platform according to data types that may be collected and exposed by the social media platform, and at least in part on privacy settings for the social media platform in relation to the data types; and recommend or initiate an action to improve the proactive privacy risk score.Type: ApplicationFiled: October 26, 2021Publication date: January 19, 2023Applicant: McAfee, LLCInventors: Dattatraya Kulkarni, Urmil Mahendra Parikh, Jitesh Dattani, Himanshu Srivastava
-
Patent number: 11556649Abstract: Methods, apparatus, systems and articles of manufacture are disclosed to facilitate malware detection using compressed data. An example apparatus includes an input processor to obtain a model, the model identifying a first sequence associated with a first trace of data known to be repetitive, a sequence identifier to identify a second sequence associated with a second trace of data, a comparator to compare the first sequence with the second sequence, and an output processor to when the first sequence matches the second sequence, transmit an encoded representation of the second sequence to the central processing facility using a first channel of communication, and when the first sequence fails to match the second sequence, transmit the second sequence to the central processing facility using a second channel of communication, the second sequence to be analyzed by the central processing facility to identify whether the second sequence is indicative of malware.Type: GrantFiled: December 23, 2019Date of Patent: January 17, 2023Assignee: MCAFEE, LLCInventors: German Lancioni, Pablo A. Michelis
-
Patent number: 11558355Abstract: There is disclosed in one example a gateway apparatus to operate on an intranet, including: a hardware platform; and an access proxy engine to operate on the hardware platform and configured to: intercept an incoming packet; determine that the incoming packet is an access request directed to an access interface of a resource of the intranet; present an access checkpoint interface; receive an authentication input response; validate the authentication input response; and provide a redirection to the access interface of the device.Type: GrantFiled: June 23, 2020Date of Patent: January 17, 2023Assignee: McAfee, LLCInventors: German Lancioni, Eric Donald Wuehler
-
Patent number: 11552967Abstract: Systems and methods for performing graph-based analysis of computing system threats and incidents, and determining response and/or mitigation actions for the threats and incidents, are described. In some embodiments, the systems and methods generate node graphs of computing system threat artifacts, and perform actions to identify recommended resolutions to the threats, based on information derived from the generated node graphs.Type: GrantFiled: December 22, 2020Date of Patent: January 10, 2023Assignee: McAfee, LLCInventors: Elisabeth Maida, Roselle Safran
-
Patent number: 11539738Abstract: Mechanisms for mitigating damage resulting from a website being an intermediary in a cyberattack, comprising: detecting a domain name server query made to the website; making a request to the website; receiving a header in response to the request; inspecting the header to identify a software stack component of the website; cross-referencing the software stack component to a common vulnerabilities and exposures (CVE) database to identify a CVE that applies to the software stack component; applying a rule to determine the impact of the CVE on whether the website is a possible intermediary in a cyberattack; determining that the website is a possible intermediary in a cyberattack; and taking action on the website to mitigate damage resulting from the website being an intermediary in a cyberattack.Type: GrantFiled: March 24, 2020Date of Patent: December 27, 2022Assignee: McAfee, LLCInventors: German Lancioni, Joseph Padron
-
Patent number: 11531759Abstract: There is disclosed in one example a computing apparatus, including: a hardware platform including a processor and a memory; and instructions encoded within the memory to instruct the processor to: provide a permission list; allocate an executable, the executable to have permissions according to the permission list; designate a child object of the executable; allocate a certificate for the child object; and after a system reboot, grant the child object permissions of the executable after validating the certificate.Type: GrantFiled: February 22, 2021Date of Patent: December 20, 2022Assignee: McAfee, LLCInventors: Preet Mohinder, Ratnesh Pandey, Jaskaran Singh Khurana, Amritanshu Johri
-
Patent number: 11531626Abstract: An example authentication device disclosed herein is to access a message received via a wireless interface from an adapter, the message to indicate that a host device has connected to the adapter, the host device different from the authentication device. The disclosed example authentication device is also to determine whether to allow the host device to access a storage device. The disclosed example authentication device is further to transmit authentication data to the adapter via the wireless interface, the authentication data to specify whether the host device is allowed to access the storage device.Type: GrantFiled: April 16, 2020Date of Patent: December 20, 2022Assignee: McAfee, LLCInventors: Fernando Ruiz Altamirano, German Lancioni
-
Patent number: 11531757Abstract: There is disclosed in one example a computing apparatus, including: a hardware platform including a processor and a memory; a system profile store; and a ransomware detection engine including instructions encoded within the memory to instruct the processor to: detect an operation, by a process, that results in an operation on a file, wherein the operation includes newly creating the file including a file type identifier, or where the file is an existing file, changing a file type identifier for the file; querying the system profile store with a combination of the file type identifier and metadata about the file; based at least in part on the querying, determining that the process is a suspected ransomware attack; and taking a remedial action.Type: GrantFiled: December 12, 2019Date of Patent: December 20, 2022Assignee: McAfee, LLCInventors: Abhishek Karnik, Xiaobing Lin, Asheer Malhotra, Oliver G. Devane
-
Patent number: 11531933Abstract: There is disclosed in one example a malware analysis server, including: a hardware platform including a processor and a memory; a machine learning model; a store of known objects previously classified by the machine learning model; and instructions encoded within the memory to instruct the processor to: receive a test sample; apply the machine learning model to the test sample to provide the test sample with classified features; compute pairwise distances between the test sample and a set of known objects from the store of known objects; select a group of near neighbor samples from the set of known objects; select a group of far neighbor samples from the set of known objects; and generate an explanation for the test sample according to the near neighbor samples and far neighbor samples.Type: GrantFiled: March 23, 2020Date of Patent: December 20, 2022Assignee: McAfee, LLCInventor: German Lancioni
-
Patent number: 11533324Abstract: Systems and methods for utilizing statistical relational learning techniques in order to predict factors for nodes of a node graph, such as a node graph that represents attacks and incidents to a computing system, are described. In some embodiments, the systems and methods identify certain nodes (of a node graph) as representing malicious attributes of an email or other threat artifact received by a computing system or network and utilize relational learning to predict the maliciousness of attributes represented by other nodes (of the node graph).Type: GrantFiled: September 21, 2020Date of Patent: December 20, 2022Assignee: McAfee, LLCInventors: Connor Walsh, Elisabeth Maida
-
Patent number: 11528291Abstract: Methods, apparatus, systems and articles of manufacture are disclosed for defending against exploitation of vulnerable software. An example apparatus comprises an inventory controller to identify a vulnerable application corresponding to one or more files including a security defect, an origination identifying generator to identify an origination source of incoming data, the origination source tagged as suspicious, a workload analyzing controller to query, in response to the suspicious origination source, an inventory datastore to determine if the incoming data is to be accessed by the vulnerable application, and a policy application executor to, in response to determining the incoming data is to be accessed by the vulnerable application, apply a policy action to the vulnerable application to protect the vulnerable application from exposing the security defect to malicious data in the incoming data.Type: GrantFiled: November 25, 2019Date of Patent: December 13, 2022Assignee: McAfee, LLCInventors: Jyothi Mehandale, Craig Schmugar
-
Publication number: 20220391927Abstract: In an example, there is disclosed an end-user computing apparatus, including a hardware platform, having a processor and a memory; and instructions encoded within the memory to provide two or more network activity scanners for a user's network activity; operate the two or more network activity scanners to locally analyze the user's network activity, identify a plurality of online accounts associated with the user, and compute respective account identities and usage contexts for the accounts; and send the account identities and usage contexts to an analysis service for identification of accounts to modify.Type: ApplicationFiled: August 12, 2021Publication date: December 8, 2022Applicant: McAfee, LLCInventors: Shashank Jain, Srikanth Nalluri, Dattatraya Kulkarni, Ram Sharan Singh
-
Patent number: 11520888Abstract: There is disclosed in one example a computing apparatus, including: a hardware platform, including a processor, a memory, and a network interface; a bucketized reputation modifier table; and instructions encoded within the memory to instruct the processor to: perform a feature-based malware analysis of an object; assign the object a malware reputation according to the feature-based malware analysis; query and receive via the network interface a complementary score for a complementary property of the object; query the bucketized reputation modifier table according to the complementary score to receive a reputation modifier for the object; adjust the object's reputation according to the reputation modifier; and take a security action according to the adjusted reputation.Type: GrantFiled: October 29, 2020Date of Patent: December 6, 2022Assignee: McAfee, LLCInventors: Steven Grobman, Jonathan B. King, Yonghong Huang, Amit Kumar
-
Publication number: 20220385695Abstract: There is disclosed in one example a computing apparatus, including: a hardware platform including a processor and a memory; a network interface; a user-space application including instructions to interact with a web site via a uniform resource locator (URL); and a security agent including instructions to: intercept an interaction of the user-space application with the web site; determine that the intercepted interaction is to send sensitive information to the web site; suspend the interaction; and assign a reputation to the URL.Type: ApplicationFiled: August 5, 2022Publication date: December 1, 2022Applicant: McAfee, LLCInventors: Oliver G. Devane, Abhishek Karnik
-
Patent number: 11514161Abstract: Methods, apparatus, systems and articles of manufacture for detecting malware via analysis of a screen capture are disclosed. An example apparatus includes a process detector to detect execution of a macro-executing process. An image capturer is to, in response to detection of the macro-execution process, capture an image of a user interface of the macro-executing process. A similarity analyzer is to analyze the image to determine an image similarity to a stored image in a repository of malicious macro interfaces. A responder is to perform a responsive action in response to the image similarity meeting or exceeding a similarity threshold.Type: GrantFiled: September 11, 2020Date of Patent: November 29, 2022Assignee: MCAFEE, LLCInventor: Hardik Shah
-
Patent number: 11516181Abstract: A non-transitory, processor-readable medium includes code representing instructions to cause a processor to perform a method. The method includes receiving, from a traffic filter at a boundary of a network, a network communication and determining the network communication is a first anomalous communication associated with a service that does not exist within the network, uses a non-readable character set, or includes a malicious payload. The method further includes, at least partially based on the determining, generating a first rule, at least partially based on an analysis of a subset of partial or exact fingerprints of the first anomalous communication. The first rule is communicated to the traffic filter for the traffic filter to filter, from network communications external to the network, a second anomalous communication.Type: GrantFiled: June 26, 2020Date of Patent: November 29, 2022Assignee: McAfee, LLCInventor: Christopher J. Jordan