Abstract: Method and apparatus for template-based processing of electronic documents is described. In some examples, text content of the electronic documents is analyzed to identify whether each of the electronic documents matches any of a plurality of document templates. A template index is generated that relates at least one of the electronic documents with at least one of the plurality of document templates associated therewith. A search query is generated using at least one of the plurality of document templates as a respective at least one search parameter. An archive having the electronic documents is searched using the template index to locate any of the electronic documents that match the at least one document template of the search query.
Type:
Grant
Filed:
September 26, 2008
Date of Patent:
August 27, 2013
Assignee:
Symantec Corporation
Inventors:
Bijaya Laxmi Nanda, Navin Kabra, Basant Rajan
Abstract: A storage management device can receive a request for a modification history for a location within a data store, determine one or more times at which at least a portion of data stored at the location was modified, and transmit the one or more determined times.
Abstract: Embodiments of the present invention are directed to a method and system for filesystem deduplication that uses both small fingerprint granularity and variable length sharing techniques. The method includes accessing, within an electronic system, a plurality of files in a primary storage filesystem and determining a plurality of fingerprints for the plurality of files. Each respective fingerprint may correspond to a respective portion of a respective file of the plurality of files. The method further includes determining a plurality of portions of the plurality of files where each of the plurality of portions has the same corresponding fingerprint and accessing a list comprising a plurality of portions of files previously deduplicated. A portion of a file of the plurality of files not present in the list may then be deduplicated. Consecutive portions of variables lengths having the same corresponding fingerprints may also be deduplicated.
Abstract: Techniques for network bandwidth management are disclosed. In one particular exemplary embodiment, the techniques may be realized as a method for network bandwidth management comprising determining, using at least one computer processor, a throughput measurement for a first network client of a plurality of network clients, determining if throughput for the first network client is adequate for a first task based at least on the throughput measurement, in the event throughput is not adequate, negotiating for a different amount of network bandwidth, wherein the negotiation comprises sending a first task priority for the first network client and the throughput measurement to at least one second network client of the plurality of network clients, and receiving an allocation of network bandwidth based on a comparison of the first task priority with at least one second task priority for the at least one second network client.
Type:
Grant
Filed:
December 2, 2010
Date of Patent:
August 27, 2013
Assignee:
Symantec Corporation
Inventors:
Jeremy Howard Wartnick, Jeremy Dean Swift
Abstract: A computer-implemented method for securing information in an electronic file is described. Data in the electronic file is automatically scanned. Sensitive information in the electronic file is identified. The sensitive information is extracted from the electronic file. The sensitive information is encrypted. The encrypted sensitive information is stored.
Abstract: Techniques for classifying unknown files taking into account temporal proximity between unknown files and files with known classifications are disclosed. In response to a classification request for a target file, client systems hosting (or hosted) instances of the target file are identified. For each system, files created around the time the target file was created on the system are identified. Within the identified files, files with known classifications are identified, and a score is determined for each such file to measure temporal proximity between the creation of the file and the creation of the target file. Local temporal proximity scores aggregate the scores for the client system. Global temporal proximity scores measures an aspect of the local temporal proximity scores for all identified client systems. The global temporal proximity scores are fed into a classifier to determine a classification, which is returned in response to the classification request.
Abstract: Techniques for optimizing data migration are disclosed. In one particular embodiment, the techniques may be realized as a method for optimizing data migration may comprise receiving a request for initiating a data migration application and migrating, via at least one computer processor, at least one data file from a migration list during the data migration application. The method for optimizing data migration may also comprise monitoring the migration of the at least one data file and determining whether the at least one data file is active during the migration of the at least one data file. The method for optimizing data migration may further comprise deferring the migration of the at least one data file based at least in part on a determination that the at least one data file is active and recording information associated with the at least one data file if the at least one data file is active.
Abstract: A method and apparatus for optimizing computer network bandwidth usage to prevent congestion is described. In one embodiment, the method comprises comparing a permissible bandwidth usage with a data transfer rate to produce a comparison result and adjusting the data transfer rate for performing at least one data transfer operation based on the comparison result.
Type:
Grant
Filed:
June 30, 2008
Date of Patent:
August 20, 2013
Assignee:
Symantec Corporation
Inventors:
Nilesh Girish Telang, Kevin Elliott Jordan, Nitin Suresh Supekar
Abstract: A method and apparatus for detecting system message misrepresentation using a keyword analysis is described. In one embodiment, the method of using one or more processors for detecting system message misrepresentation in memory by performing a keyword analysis, comprising monitoring visual representation object creation within a user interface, accessing keyword information comprising commonly used text for misrepresenting system messages, examining internet activity using the keyword information to produce an examination result, wherein the internet activity is for the created visual representation objects, identifying deceptive text within at least one of the created visual representation objects based on the examination result and producing indicia of detection as to the deceptive text.
Abstract: A method for calculating a risk score of a data object may include obtaining a severity level associated with a data object. The severity level may be calculated based on presence of confidential information in the data object. The data object may be a file or a folder. The severity level may be calculated using a data loss prevention policy. The method may further include obtaining metadata associated with the data object. The metadata may comprise at least one of access permission data for the data object and access usage data for the data object. The method may further include calculating a risk score for the data object based on the severity level and the metadata associated with the data object.
Type:
Grant
Filed:
March 1, 2011
Date of Patent:
August 20, 2013
Assignee:
Symantec Corporation
Inventors:
Pritesh Sharma, Adam Jackson, Jeremy Mailen, Harold Byun
Abstract: A system comprises a plurality of nodes coupled via a network. The plurality of nodes are configured to communicate by transmitting and receiving messages between the plurality of nodes. Each message comprises a first version identifier indicative of a first version of an object in a first node of the plurality of nodes, wherein the first node is the transmitter of the message. A second node of the plurality of nodes receives the message, and is configured to upgrade to the first version of the object responsive to the first version identifier indicating that the first version is newer than a second version in the second node (as indicated by a second version identifier in the second node). The second node is configured to include the first version identifier in subsequent messages transmitted by the second node.
Type:
Grant
Filed:
December 16, 2002
Date of Patent:
August 20, 2013
Assignee:
Symantec Corporation
Inventors:
Hans F. van Rietschote, Marc P. Kwiatkowski, Mahesh Joshi
Abstract: A computing system invokes a proxy agent in a virtual environment hosted by the computing system to obtain configuration change data for a virtualized application from an agent residing in a physical environment hosted by the computing system. The proxy agent changes a configuration of the virtualized application based on the configuration change data to cause the virtualized application to load a plug-in in the virtual environment. The computing system launches the virtualized application and the virtualized application loads the plug-in in the virtual environment to utilize a function of the plug-in in the virtual environment.
Abstract: Method and apparatus for monitoring identity misrepresentation by a user on a network are described. In one example, validated identity information for the user is received from a trusted source. Data exchanged between a network client on a device associated with the user and the network is monitored. An identity misrepresentation by the user is detected based on the validated identity information. A notification of the identity misrepresentation is sent to the trusted source.
Abstract: A method, an apparatus, and a system for processing packets are disclosed. The method is applied to a distributed architecture of multiple service boards; the distributed architecture includes a main control board, at least one service board, and at least one interface board. The method includes: determining a specified CPU corresponding to a received packet; and, by the service board corresponding to the CPU, processing the received packet. Through the embodiments of the present invention, the received packets are processed in the service board corresponding to the specified CPU. Therefore, the packets are evenly distributed to all service boards for being processed, the workload of the main control board is relieved, the service throughput is increased significantly, and the packet processing efficiency of the whole architecture is improved.
Abstract: A system uses one or more processors and an interface to a backup repository to generate a set of backup objects for a point in time, store the set of backup objects in the backup repository, and store mapping information usable to retrieve appropriate backup objects when desired. A first map relates one or more applications to objects used by the applications. A second map relates the objects to corresponding data blocks or other data locations on volumes. A third map relates the data locations to corresponding backup objects for the point in time.
Type:
Grant
Filed:
March 30, 2009
Date of Patent:
August 13, 2013
Assignee:
Symantec Corporation
Inventors:
Ynn-Pyng A. Tsaur, Lokesha Krishnamurthy, Baishen Zhu
Abstract: Various methods and systems for automatically ranking electronic communications such as emails based on both content and social factors are disclosed. One method assigns a rank to an electronic communication, where assigning the rank involves both assigning a content-based rank to the electronic communication and assigning a social rank to the electronic communication. The rank assigned to the electronic communication can include both the content-based and social rank. Alternatively, the rank can be derived from the content-based and social ranks (e.g., the rank can be an average of the content-based and social ranks).
Type:
Grant
Filed:
December 29, 2006
Date of Patent:
August 13, 2013
Assignee:
Symantec Operating Corporation
Inventors:
Subramanyam Venkata Gurajada, Ankur P. Panchbudhe, Amol S. Katkar
Abstract: A method and apparatus for a virtual storage device is provided. In one example, data to be stored at a removable storage device is received. A virtual storage agent is executed on the removable storage device. An interlace is established with at least one remote storage location. The data is stored at the at least one remote storage location. In another example, a request to access data associated with a removable storage device is received. A virtual storage agent on the removable storage device is executed. An interface is established with at least one remote storage location. The data is fetched from the at least one remote storage location.
Type:
Grant
Filed:
March 2, 2007
Date of Patent:
August 13, 2013
Assignee:
Symantec Corporation
Inventors:
Hans van Reitschote, Tommi Salli, C W Hobbs
Abstract: A method and apparatus for dynamically populating an identity-correlation data store and using the identity-correlation data store to correlate external identifiers and unique internal identifiers are described.
Abstract: A medium, system, and method are disclosed for implementing an in-memory inode cache. The cache stores inodes that include respective file metadata. The system includes a replacement module that prioritizes the inodes for replacement according to retention priorities for the inodes. The system also includes a prioritization module that is configured to increase the retention priority of a given inode in the cache in response to detecting a cache hit on the given inode and that the given inode meets one or more longevity criteria.
Type:
Grant
Filed:
January 31, 2011
Date of Patent:
August 13, 2013
Assignee:
Symantec Corporation
Inventors:
Avinash Ramesh Patil, Colin Peter Eldridge
Abstract: To detect possible malicious code that is unpacked at runtime before it is executed, antivirus software requires that any dynamically created code be scanned before it can be executed by a host computer system. This requirement may be enforced by requiring memory pages to be either executable or writable, but not both. Before changing from writable but not executable to executable but not writable, the page is scanned for malicious code. To prevent packers from evading this scanning, the software may enforce the execution exception to prevent packers from changing whether a page is executable and thereby evading the scanning of dynamically created code. The software may also include exception handlers to allow a program to write to a page that contains the code being executed, but also limit such an operation (e.g., to a single step) to avoid evasion of the antivirus software.