Patents Assigned to Symantec Corporation
-
Patent number: 8707107Abstract: A computer-implemented method may include monitoring a computing system for evidence of potential data failures within the computing system. The computer-implemented method may also include detecting evidence that indicates a potential data failure while monitoring the computing system and identifying data implicated in the potential data failure based on the detected evidence. The computer-implemented method may further include initiating an action configured to proactively facilitate restoration of at least a portion of the data implicated in the potential data failure prior to determining whether the data implicated in the potential data failure needs to be restored. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: December 9, 2011Date of Patent: April 22, 2014Assignee: Symantec CorporationInventors: Arindam Panna, Nilesh Dhakras
-
Patent number: 8707433Abstract: Fake exception handlers resulting from malicious stack buffer overflows that overwrite an exception handling record on the stack are detected. The operating system exception processing logic is monitored. Responsive to an exception occurring, an exception handler to be called by the monitored operating system exception processing logic is identified. A specific number of the first bytes of the identified exception handler are scanned to determine whether a return instruction is present therein. Instructions of the identified exception handler that are positioned prior to the return instruction are analyzed to determine whether they modify the value of the stack pointer so as to shrink the stack. The identified exception handler is adjudicated as being fake, responsive to determining that a return instruction is present in the first specific number of bytes of the exception handler and/or that the instructions positioned prior to the return instruction shrink the stack.Type: GrantFiled: May 3, 2011Date of Patent: April 22, 2014Assignee: Symantec CorporationInventor: Uri Mann
-
Patent number: 8707426Abstract: A method and apparatus for resolving a cousin domain name to detect web-based fraud is described. In one embodiment, the method for resolving cousin domain names of a legitimate domain name comprising applying at least one rule to a domain name to generate one or more candidate cousin domain names and comparing the at least one candidate cousin domain name with legitimate domain information to identify the legitimate domain name that is imitated by at least one portion of the domain name.Type: GrantFiled: May 28, 2008Date of Patent: April 22, 2014Assignee: Symantec CorporationInventors: Zulfikar Ramzan, Shaun Cooley
-
Patent number: 8706745Abstract: A computer-implemented method for determining a file set may include identifying a file set and identifying a key file for the file set. The method may also include transmitting a key-file identifier to a second computing system. A first computing system may receive first and second file identifiers from a second computing system. The first computing system may determine whether the file set comprises a file identified by the first file identifier, and whether the file set comprises a file identified by the second file identifier. The method also includes transmitting a result of the determination to the second computing system. A method for determining a file set on a second computing device is also disclosed. Corresponding systems and computer-readable media are also disclosed.Type: GrantFiled: May 30, 2008Date of Patent: April 22, 2014Assignee: Symantec CorporationInventors: Shaun Cooley, William E. Sobel, Bruce McCorkendale
-
Patent number: 8707082Abstract: A key set is registered. The registering the key set includes registering a first shared data resource key. The first shared data resource key includes a first identifier associating a first process with a first shared data resource. The registering the key set further includes registering a second shared data resource key, and the second shared data resource key includes a second identifier associating a second process with a second shared data resource. A failure of a first process is detected, and in response to the detecting the failure of the first process, the first shared data resource key is de-registered. The second shared data resource key remains registered after the de-registering the first shared data resource key.Type: GrantFiled: October 29, 2009Date of Patent: April 22, 2014Assignee: Symantec CorporationInventors: Grace Chen, Indumathi Shankar
-
Patent number: 8707299Abstract: A method and apparatus for preserving virtual desktops for e-discovery using an agent-less solution is provided. In one embodiment, the method for providing an agent-less solution to prevent at least one virtual desktop from expiration comprises processing a directory to identify at least one virtual machine used by at least one data custodian as at least one virtual desktop and automatically communicating at least one snapshot of the at least one virtual machine to preserve the at least one virtual desktop.Type: GrantFiled: November 14, 2008Date of Patent: April 22, 2014Assignee: Symantec CorporationInventors: Angshuman Bezbaruah, Chirag Dalal
-
Patent number: 8700570Abstract: Various systems and methods for migrating replicated storage arrays. For example, one method can involve transferring a set of data from a first storage device to a second storage device. The method also involves terminating a replication relationship between the first storage device and establishing a new replication relationship between the second storage device and either the third storage device or a fourth storage device. Between the time that the replication relationship with the first storage device is terminated and the new replication relationship with the second storage device is established, the second storage device receives a plurality of change operations. The method involves applying the change operations to either the third storage device or fourth storage device.Type: GrantFiled: April 8, 2011Date of Patent: April 15, 2014Assignee: Symantec CorporationInventors: Shailesh Vaman Marathe, Niranjan Pendharkar
-
Patent number: 8701192Abstract: Behavior based signatures for identifying applications are generated. An application is monitored as it runs. Specific behaviors concerning the execution of the application are detected, and a behavior based signature representing detected behaviors is created, such that the behavior based signature can be used subsequently to identify instances of the application. Behavior based signatures identifying known malicious and/or non-malicious applications can be used to determine whether other applications comprise malware. To do so, a running application is monitored, and specific behaviors concerning the execution of the application are detected. The detected behaviors are compared to one or more behavior based signatures. Responsive to whether the detected behaviors match, a behavior based signature, it can be determined whether the application comprises malware.Type: GrantFiled: June 30, 2009Date of Patent: April 15, 2014Assignee: Symantec CorporationInventors: Adam Glick, Spencer Dale Smith, Nicholas Robert Graf
-
Patent number: 8700726Abstract: Systems and methods for information storage replication are presented. In one embodiment a storage flow control method includes estimating in a primary data server what an outstanding request backlog trend is for a remote secondary data server; determining a relationship of an outstanding request backlog trend to a threshold; and notifying a client that the primary data server can not service additional requests if the trend exceeds the threshold. In one embodiment the estimating comprises: sampling a number of outstanding messages at a plurality of fixed time intervals; and determining if there is a trend in the number of outstanding messages over the plurality of fixed time intervals. It is appreciated the estimating can be performed in a variety of ways, (e.g., utilizing an average, a moving average, etc). Determining the trend can include determining if values monotonically increase. The estimating in the primary server can be performed without intruding on operations of the remote secondary data server.Type: GrantFiled: December 15, 2009Date of Patent: April 15, 2014Assignee: Symantec CorporationInventor: Tariq Saeed
-
Patent number: 8700896Abstract: Techniques for automatic management of file system encryption drivers are disclosed.Type: GrantFiled: August 25, 2010Date of Patent: April 15, 2014Assignee: Symantec CorporationInventor: William E. Sobel
-
Patent number: 8700670Abstract: A method, in one embodiment, can include receiving a key and associated data via a computing device. Furthermore, the method can include searching a B+ tree data structure using the key to find a leaf node. The B+ tree data structure is stored by a persistent storage coupled to the computing device. The B+ tree data structure can include a first plurality of nodes that each contains a key-value entry that is not maintained in a sorted order based on its key. In addition, the key and associated data are appended to the leaf node. A sector that includes the leaf node and the key and associated data can be flushed to the persistent storage.Type: GrantFiled: April 12, 2010Date of Patent: April 15, 2014Assignee: Symantec CorporationInventors: Shilesh Marathe, Rajesh Chepuri, Niranjan Pendharkar
-
Patent number: 8701156Abstract: A method and apparatus for determining whether a second computing system meets a minimum level of protection for a DLP policy of a first computing system are described. A DLP agent may monitor outbound data transfers performed by the first computing system, and determines a violation of a DLP policy in a current one of the outbound data transfers to a second computing system. The DLP agent initiates a handshake protocol with the second computing system to determine whether the second computing system meets a minimum protection level for the DLP policy. If the second computing system does not meet the minimum protection level for the DLP policy, the DLP agent prevents the current data transfer to the second computing system; otherwise, the DLP agent permits the current data transfer.Type: GrantFiled: September 23, 2011Date of Patent: April 15, 2014Assignee: Symantec CorporationInventor: Mukund Agrawal
-
Patent number: 8700903Abstract: The process of acquiring SSL certificates for enterprise SSL customers is improved by reducing the number of steps used to acquire the SSL certificate and streamlining the process. An on-line CSR generator on the certificate enrollment form is used to submit the customer information (i.e. Common Name, Organizational Unit, Organization, City/Locality, State/Province, and Country Code) and generate the CSR. By making the CSR generation part of the enrollment process, the administrator can use the same enrollment form to submit the customer information along with the contact information pertinent to the enterprise.Type: GrantFiled: July 26, 2011Date of Patent: April 15, 2014Assignee: Symantec CorporationInventors: Steve Hsueh, Zhengwen Ju, Yutong Wang, John Yun
-
Patent number: 8701190Abstract: The probability of a computer file being malware is inferred by iteratively propagating domain knowledge among computer files, related clients, and/or related source domains. A graph is generated to include machine nodes representing clients, file nodes representing files residing on the clients, and optionally domain nodes representing source domains hosting the files. The graph also includes edges connecting the machine nodes with the related file nodes, and optionally edges connecting the domain nodes with the related file nodes. Priors and edge potentials are set for the nodes and the edges based on related domain knowledge. The domain knowledge is iteratively propagated and aggregated among the connected nodes through exchanging messages among the connected nodes. The iteration process ends when a stopping criterion is met.Type: GrantFiled: November 15, 2012Date of Patent: April 15, 2014Assignee: Symantec CorporationInventors: Duen Hong Chau, Adam Wright
-
Publication number: 20140101113Abstract: The present disclosure provides for implementing a two-level fingerprint caching scheme for a client cache and a server cache. The client cache hit ratio can be improved by pre-populating the client cache with fingerprints that are relevant to the client. Relevant fingerprints include fingerprints used during a recent time period (e.g., fingerprints of segments that are included in the last full backup image and any following incremental backup images created for the client after the last full backup image), and thus are referred to as fingerprints with good temporal locality. Relevant fingerprints also include fingerprints associated with a storage container that has good spatial locality, and thus are referred to as fingerprints with good spatial locality. A pre-set threshold established for the client cache (e.g., threshold Tc) is used to determine whether a storage container (and thus fingerprints associated with the storage container) has good spatial locality.Type: ApplicationFiled: October 8, 2012Publication date: April 10, 2014Applicant: SYMANTEC CORPORATIONInventors: Xianbo Zhang, Haibin She, Chao Lei, Xiaobing Song, Shuai Cheng
-
Patent number: 8694468Abstract: A computer-implemented method for performing backups may include identifying a volume of data targeted for backup. The computer-implemented method may also include identifying at least one data object within the volume of data. The computer-implemented method may further include locating a copy of the data object within an archival data store. The computer-implemented method may additionally include backing up a reference to the copy of the data object within the archival data store instead of backing up the data object. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: June 9, 2010Date of Patent: April 8, 2014Assignee: Symantec CorporationInventors: Kuldeep Nagarkar, Dulipsinh Deshmukh, Laxmikant Gunda
-
Patent number: 8694659Abstract: A computer-implemented method for enhancing domain-name-server responses may include: 1) receiving a domain-name-system request, 2) identifying a domain of the domain-name-system request, 3) retrieving classification information relating to the domain from a third-party system, and 4) including the classification information in a response to the domain-name-system request. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: April 6, 2010Date of Patent: April 8, 2014Assignee: Symantec CorporationInventors: George Stahl, Shaun Cooley
-
Patent number: 8695090Abstract: A method and apparatus for classifying behavior of an application based on its data access pattern is described. In one embodiment, the method includes monitoring file access events associated with an application, and determining whether at least one of the file access events indicates the application's attempt to manipulate data of a file. If at least one file access event indicates the application's attempt to manipulate the data within the file, then at least one action is caused to be performed.Type: GrantFiled: October 31, 2008Date of Patent: April 8, 2014Assignee: Symantec CorporationInventors: Ian Barile, Bruce Wootton, Dirk Kessler, Rajesh Upadhyay
-
Patent number: 8694983Abstract: A computer-implemented method for determining the impact of a software change on the health of a computing system or an application installed on the computing system may comprise identifying the software change, performing a first health evaluation, allowing the software change to occur, performing a second health evaluation, and then determining the impact of the new application by comparing the results of the second health evaluation with the results of the first health evaluation. Exemplary methods for providing guidance on the potential impact of a software change and for determining the health impact of a software change based on information obtained from a plurality of computing systems are also disclosed. Corresponding systems and computer-readable media are also disclosed.Type: GrantFiled: May 16, 2012Date of Patent: April 8, 2014Assignee: Symantec CorporationInventors: William E. Sobel, Sourabh Satish
-
Patent number: 8694745Abstract: A virtual disk can be created by using data from critical sectors of a primary physical disk. The creation of a virtual disk involves receiving sector numbers and corresponding data for critical sectors of a primary physical disk on a primary computing system, creating a virtual disk that comprises sectors, and writing data from the critical sectors of the primary physical disk into respective sectors of the virtual disk.Type: GrantFiled: September 15, 2010Date of Patent: April 8, 2014Assignee: Symantec CorporationInventors: Check A. Sabjan, Kirk L. Searls, Lokesha B. Krishnamurthy