Patents Assigned to Symantec
-
Publication number: 20120124660Abstract: A Virtual Private Network (VPN) node information processing method and a VPN node information processing device are provided, in which the method comprises: receiving an access request message sent by a node, in which the access request message at least carries authentication information, a current real Internet Protocol (IP) address, a node name and information indicating whether to accept extranet connection of the node; allocating a virtual IP address for the node when the authentication information of the node is correct; and registering the current real IP address, the node name, the information indicating whether to accept the extranet connection, and the virtual IP address of the node as registration information. Through the method and the device, when a node is added into a VPN, configuration of other nodes does not need to be adjusted.Type: ApplicationFiled: November 4, 2011Publication date: May 17, 2012Applicant: CHENGDU HUAWEI SYMANTEC TECHNOLOGIES CO., LTD.Inventor: Yuchen WANG
-
Patent number: 8180872Abstract: System and method for providing a common data model for SAN discovery and/or SAN monitoring information collected from heterogeneous SAN components. In one embodiment, a SAN management server may execute on a host computer and may translate data in one or more vendor-specific languages obtained from a heterogeneous vendor population into canonical data in a uniform language. In one embodiment, the SAN management server may execute a set of rules to convert heterogeneous SAN data obtained from heterogeneous interfaces into canonical data conforming to the common data model. In one embodiment, the canonical data may be stored in a persistent store, which may be queried for information that may be provided to the requestor in the canonical form of the common data model.Type: GrantFiled: June 26, 2002Date of Patent: May 15, 2012Assignee: Symantec Operating CorporationInventors: Robert J. Marinelli, Leonid M. Yaroslavsky, Sung-Wook Ryu, Paul A. Scammell
-
Patent number: 8180734Abstract: Various embodiments of a system and method for initiating backup tasks to backup data from a plurality of client computer systems are described. The backup tasks may be initiated in an order specified by a ranking of the client computer systems according to their respective network transmission speeds. For example, the backup tasks may be prioritized so that backup tasks for client computer systems with faster transmission speeds are initiated before backup tasks for client computer systems with slower transmission speeds.Type: GrantFiled: February 24, 2009Date of Patent: May 15, 2012Assignee: Symantec CorporationInventors: Duane David Thilmony, Nicholas G. Nelson
-
Patent number: 8181028Abstract: In one embodiment, a key list entry corresponding to a user's private key is securely deleted from a key list of a user device on shutdown of the user device. Subsequently, input of the user's private key will not allow decryption of an encrypted partition storing encrypted data on the user device. In another embodiment, a key list entry corresponding to a user's private key is automatically and securely re-provisioned on boot up of the user device. Subsequently, input of the user's private key will allow decryption of the encrypted partition on the user device.Type: GrantFiled: June 17, 2008Date of Patent: May 15, 2012Assignee: Symantec CorporationInventors: Brian Hernacki, Sourabh Satish
-
Patent number: 8181251Abstract: A method for detecting malware is disclosed. The method may include examining a plurality of metadata fields of a plurality of known-clean-executable files. The method may also include examining a plurality of metadata fields of a plurality of known-malicious-executable files. The method may further include deducing, based on information obtained from examining the plurality of metadata fields of the plurality of known-clean- and known-malicious-executable files, metadata-field attributes indicative of malware. Corresponding systems and computer-readable media are also disclosed.Type: GrantFiled: December 18, 2008Date of Patent: May 15, 2012Assignee: Symantec CorporationInventor: Mark Kennedy
-
Patent number: 8180761Abstract: A computer, computer program product, and method prioritize a web crawler target link queue using referrer context information associated with a remote object link. An access statistics collection module detects links to remote objects and retrieves referrer context information for the links. An access statistics back end module receives and stores the referrer context information from the access statistics collection module. The referrer context information is analyzed by a target list prioritization module that uses the results of the analysis to prioritize a target queue of a web crawler. The referrer context information is an important resource in identifying information about how a link spreads, e.g., for threat detection or identification of popular links for indexing to produce more relevant search results.Type: GrantFiled: December 27, 2007Date of Patent: May 15, 2012Assignee: Symantec CorporationInventors: Shaun Cooley, Bruce McCorkendale
-
Patent number: 8181036Abstract: Techniques are disclosed that enable extrusion detection (i.e., outgoing confidential information from an enterprise or other entity). The techniques operate to detect outgoing confidential information at the gateway and/or the client, even if that confidential information is encrypted, compressed, or otherwise obfuscated before transmission (e.g., via email or to a portable storage media such as a memory stick).Type: GrantFiled: September 29, 2006Date of Patent: May 15, 2012Assignee: Symantec CorporationInventor: Carey Nachenberg
-
Patent number: 8180811Abstract: A list of data structures (e.g., inodes) can be accessed, and the data structures in the list can be examined. If a data structure is examined, a counter value associated with the data structure is changed to a generation number that is associated with the examination. Subsequently, the counter values can be used to identify unreferenced data structures. More specifically, the counter value for an unreferenced data structure will be different from the generation number for the most recently performed examination.Type: GrantFiled: October 19, 2010Date of Patent: May 15, 2012Assignee: Symantec CorporationInventors: Nagaraj Shyam, Craig Keatley Harmer, George Matthew
-
Patent number: 8177125Abstract: A graphical checkout identifier is used to facilitate automatic checkout of a user on a webstore. A graphical identifier checkout system receives a request from a webstore for a onetime use graphical checkout identifier. In response to the received request, a onetime use graphical checkout identifier to be displayed by the webstore is generated. A request for checkout completion information by the webstore is encoded in the graphical checkout identifier, which is transmitted to the webstore for display. The onetime use graphical checkout identifier being displayed by the webstore is captured by a registered user operated computing device. In response, the requested checkout completion information is transmitted to the webstore, such that the user is automatically checked out on the webstore, without the user manually logging in to the webstore or entering the requested checkout completion information.Type: GrantFiled: December 15, 2010Date of Patent: May 15, 2012Assignee: Symantec CorporationInventors: Shaun Cooley, Charles Andrew Payne
-
Patent number: 8180893Abstract: Component-level sandboxing is implemented in the example context of an enterprise rights management system. A policy enforcement module monitors an application executing on a client to detect and evaluate data access requests in view of a rights policy. The policy enforcement module determines how to handle the request based on the whether the policy permits the request. If the request is permitted, the policy enforcement module allows the requests and sandboxes it using virtualization. The sandbox virtualizes the thread making the request and/or a data access component involved in the request. Other aspects of the application that do not implicate the rights policy are not sandboxed. In this way, sandboxing is used to enforce the rights policy in a manner that is transparent to the user and consumes relatively few resources of the client.Type: GrantFiled: March 15, 2010Date of Patent: May 15, 2012Assignee: Symantec CorporationInventor: Michael Spertus
-
Publication number: 20120117650Abstract: A security module on a client monitors file download activities at the client and reports hosting website data to a security server. A download analysis module at the security server receives a hosting website data report from the client, where the hosting website data report describes a domain name and an IP address of a website hosting a file the client is attempting to download. The download analysis module analyzes the domain name and IP address of the website to generate file download control data indicating whether to allow downloading of the file to the client. The download analysis module reports the file download control data to the security module of the client. The security module uses the file download control data to selectively block downloading of the file.Type: ApplicationFiled: November 10, 2010Publication date: May 10, 2012Applicant: Symantec CorporationInventor: Carey S. Nachenberg
-
Publication number: 20120117035Abstract: A file system that includes multiple logical devices can be subdivided into multiple containers. The containers each include respective non-overlapping sets of the logical devices. An amount of memory allocated to a container is dynamic. A set of the containers can be selected for a file system consistency check. The file system consistency check is performed on only the set of the containers instead of on the entire file system.Type: ApplicationFiled: November 9, 2010Publication date: May 10, 2012Applicant: SYMANTEC CORPORATIONInventors: Dilip Madhusudan Ranade, Kedar Shrikrishna Patwardhan
-
Patent number: 8176554Abstract: A security module identifies symbols within an executable file. The security module compares these identified symbols to a set of symbols expected to be present in a legitimate executable file. Based at least in part on an identified symbol not being within the set of expected symbols, the security module determines that the executable file poses a heightened security risk. In one embodiment, a remediation module takes an appropriate response to prevent potential malware exploits by the executable file.Type: GrantFiled: May 30, 2008Date of Patent: May 8, 2012Assignee: Symantec CorporationInventor: Mark Kennedy
-
Patent number: 8176480Abstract: A system and method for instrumenting program instructions. A processing system includes a compiler and a profiler. The profiler is configured to instrument an application by inserting one or more instrumentation instructions in the application. During execution of the application, execution is monitored and a particular condition is detected. Responsive to the condition, a portion of the code which corresponds to the detected condition is identified. A request is conveyed for recompilation of code which corresponds to code. Prior to recompilation of the code, the profiler instruments the portion of code. Execution and monitoring of the execution continue, and instrumentation/recompilation may be repeated. Initially, relatively little of the application code may be instrumented. As execution and monitoring continues, more and more of the application code may be dynamically instrumented during execution.Type: GrantFiled: February 27, 2006Date of Patent: May 8, 2012Assignee: Symantec Operating CorporationInventor: Michael P. Spertus
-
Patent number: 8176015Abstract: A method and apparatus for selectively storing data on a server. The method operates by accessing a computer file and defining a data block as a current block of data. The current block is subsequently checksummed using a rolling error identification code. The method then determines if the calculated checksum for the current block has been previously stored in a database. If a matching checksum for the data is found in the database, then a duplicate of the current block already exists and the process repeats by selecting a new block of data. Alternatively, if the calculated checksum is absent from the checksum and the process has advanced one block length, the process moves back one block length and stores the current block in an archive. Otherwise, the checksum advances one byte forward to form a new current block of data and the process repeats.Type: GrantFiled: June 14, 2004Date of Patent: May 8, 2012Assignee: Symantec Operating CorporationInventor: Robert Somerville
-
Patent number: 8176482Abstract: A computer-implemented method may include identifying an image of a first storage device, identifying a software application, and inserting the software application into the image. The method may also include inserting a software virtualization layer into the image. The method may include inserting a software package into the image. Various other methods, systems, and computer-readable media for inserting software applications into images are also disclosed.Type: GrantFiled: March 28, 2008Date of Patent: May 8, 2012Assignee: Symantec CorporationInventor: Gregory Felix
-
Patent number: 8176562Abstract: A remote access manager protects the privacy of identified local file system content while a local computer is being accessed by a remote administrator. A local user inputs a privacy policy which identifies restricted access levels for specified files, file types and folders. During remote administration sessions, the remote access manager intercepts attempts to access the local file system, and enforces the privacy policy. Thus, the remote administrator's access to the local file system content is restricted according to the security policy.Type: GrantFiled: December 21, 2007Date of Patent: May 8, 2012Assignee: Symantec CorporationInventors: Brian Hernacki, Sourabh Satish, Timothy G. Brown
-
Patent number: 8176555Abstract: A computer-implemented method for detecting a malicious process using file-name heuristics may comprise: 1) identifying a process, 2) identifying a process name for the process, 3) identifying a list of process names for non-malicious processes, and 4) determining, by comparing the process name for the process with the list of process names for non-malicious processes, whether to allow the process to execute. A method for maintaining a database containing information about non-malicious processes is also disclosed. Corresponding systems and computer-readable media are also disclosed.Type: GrantFiled: May 30, 2008Date of Patent: May 8, 2012Assignee: Symantec CorporationInventors: Anthony Schreiner, Brian Hernacki, Christopher Peterson, William E. Sobel, Mark Kennedy
-
Patent number: 8176556Abstract: A computer-implemented method for tracing attacks. The method may include identifying a first website and determining that the first website loads an attack remotely through a second website. The method may also include determining that the second website hosts the attack. The method may include performing a security action, such as blocking downloads from the second website, with respect to the second website. The attack may be a drive-by download. Corresponding systems and computer-readable media are also disclosed.Type: GrantFiled: October 31, 2008Date of Patent: May 8, 2012Assignee: Symantec CorporationInventors: Kamron Farrokh, Jamie Jooyoung Park, Joseph Chen
-
Patent number: 8176338Abstract: Methods are provided for detecting the processing status of data blocks in systems having intermittent connections. A hash value is used at times in place of a block's data content, thereby reducing processing of the block. Hash values may be maintained locally. Blocks collected locally may be stored locally at least until a connection to a server becomes available again. Systems and configured storage media are also provided.Type: GrantFiled: March 31, 2009Date of Patent: May 8, 2012Assignee: Symantec CorporationInventor: Russell R. Stringham
