Patents Assigned to Symantec
-
Patent number: 9794278Abstract: A method for modeling or monitoring a control system is provided. The method includes deriving a plurality of message prototypes from a plurality of messages of the control system, the plurality of messages gathered from the control system during operation of the control system. The method includes deriving relationships among the plurality of message prototypes and constructing a model of the control system, based upon the derived message prototypes and the derived relationships among the plurality of message prototypes, wherein at least one method operation is executed through a processor.Type: GrantFiled: December 19, 2013Date of Patent: October 17, 2017Assignee: Symantec CorporationInventors: Corrado Leita, Jakob Fritz
-
Patent number: 9794275Abstract: Methods, computer program products, computer systems, and the like, which provide security in cloud-based services using lightweight replicas, are disclosed. The methods, computer program products, computer systems, and the like include detecting an intrusion into an application server, dynamically provisioning a replica application server in a server system in response to the detecting the intrusion, and transitioning a datastream from the application server to the replica application server, where the application server is provisioned in the server system, the intrusion is an attack on the application server, and the attack is conducted via a datastream between a first computing system and the application server. The replica application server is a replica of at least a portion of the application server.Type: GrantFiled: June 28, 2013Date of Patent: October 17, 2017Assignee: Symantec CorporationInventors: Azzedine Benameur, Nathan S. Evans
-
Patent number: 9792436Abstract: Techniques for remediating an infected file are disclosed. In one embodiment, a method may have the steps of maintaining a plurality of file identities within a remediation repository each associated with a file, wherein for each file identity one or more regions of interest of the associated file are selectively identified, the one or more regions of interest for each file collectively representing less than all of the file; in response, selecting a file associated with a file identity from the remediation repository that matches the infected file; selectively comparing the one or more regions of interest of the matching file with one or more corresponding regions of the infected file; and based on comparing the regions, replacing at least one portion of the one or more regions of the infected file with at least one corresponding portion of the one or more regions of interest of the matching file.Type: GrantFiled: April 29, 2013Date of Patent: October 17, 2017Assignee: Symantec CorporationInventor: Anand D. Sankruthi
-
Patent number: 9794289Abstract: A workload to be provided by one or more network resources may be identified. The workload may be analyzed to determine one or more attributes of the workload. Furthermore, a general policy may be identified based on the one or more attributes of the workload. One or more security policies may be applied to a network resource that provides the workload. The one or more security policies may satisfy one or more requirements of the general policy.Type: GrantFiled: April 30, 2014Date of Patent: October 17, 2017Assignee: Symantec CorporationInventors: Deb Banerjee, Sheetal Venkatesh Yelimeli, Smita Gadre
-
Patent number: 9794258Abstract: Techniques for managing authorization are disclosed. In one embodiment, the techniques may be realized as a method including receiving, from a centralized authorization service, authorization logic for an application; determining the identity of a user; and, based on the identity of the user, authorizing the use of a particular feature of the application using the received authorization logic.Type: GrantFiled: October 31, 2014Date of Patent: October 17, 2017Assignee: Symantec CorporationInventor: John Mears
-
Patent number: 9788153Abstract: Techniques for mobile geofencing may be realized as a method including: receiving geofence parameters comprising at least one target, wherein the at least one target includes a mobile target; receiving updated position data associated with the mobile target and updating the position of the mobile target in response to the updated position data; monitoring a position of a client device; and determining that the monitored position of the client device transgresses the geofence parameters, wherein the determination includes determining that a distance between the updated position of the mobile target and the monitored position of the client device is greater than a first threshold distance.Type: GrantFiled: March 28, 2014Date of Patent: October 10, 2017Assignee: Symantec CorporationInventors: Keith Newstadt, Ilya Sokolov
-
Patent number: 9787672Abstract: A method and system for emulating a smartcard which includes receiving a one time password and a container PIN for a container, validating the container PIN, upon validating the container PIN, and sending a request to validate the one time password to an authentication server based on a credential ID and a user ID, wherein the request includes the credential ID, the user ID, and the one time password. Upon validation of the one time password by the authentication server, a response is received from the authentication server, and the response includes at least one of: at least a portion of a private key or an authorization to access a at least a portion of the private key stored locally.Type: GrantFiled: June 14, 2013Date of Patent: October 10, 2017Assignee: Symantec CorporationInventors: Alan Dundas, Eirik Herskedal
-
Patent number: 9787719Abstract: A trusted third party broker collects information concerning successful computer security practices from multiple organizations, and privately shares collected information at an inter-organizational level. Information concerning empirically successful computer security practices is received from multiple source organizations. The information concerning empirically successful computer security practices received from the multiple source organizations is amalgamated and analyzed. Based on the analysis, specific information concerning empirically successful computer security practices is identified to share with specific target organizations. Once information to share with a target organization has been identified, any explicit and/or implicit source information that could identify the organization(s) from which the information originated is removed.Type: GrantFiled: February 26, 2015Date of Patent: October 10, 2017Assignee: Symantec CorporationInventor: Petros Efstathopoulos
-
Patent number: 9788160Abstract: Dynamic location tracking may be performed by a mobile app executing on a mobile computing device. A first geo-fence of a predefined size is set on a mobile operating system of a mobile computing device to notify a mobile app when the first geo-fence is crossed by the mobile computing device. The notification occurs even when the mobile app is suspended or not running. Notification is received from the mobile operating system that the mobile computing device has crossed the first geo-fence. A location of the mobile computing device is received. A second geo-fence is set on a mobile operating system of the mobile computing device based on the location of the mobile computing device.Type: GrantFiled: March 24, 2017Date of Patent: October 10, 2017Assignee: Symantec CorporationInventors: Lei Gu, Abhilash Raipally, Dinesh Ramaswamy Ganesh, Andrew Davis Emerson, Anand Elumalai
-
Patent number: 9785488Abstract: A method for learning aspects of messages in an industrial control system is provided. The method includes obtaining a plurality of messages. The method includes starting at a first message field, proceeding via recursion to each next message field, and identifying message values at that message field as constant when constant in messages in a group, as random when random in messages in a group, as length when expressive of a shared length of messages in a group, as opcode when correlated with a shared structure of messages in a group, and otherwise as parameter. The method includes subdividing message groups into subgroups according to the identified message values at that message field, with the recursion applied to each subgroup. A method and system for monitoring messages in an industrial control system is provided.Type: GrantFiled: June 21, 2016Date of Patent: October 10, 2017Assignee: SYMANTEC CORPORATIONInventors: Corrado Leita, Marc Dacier
-
Patent number: 9787477Abstract: Embodiments presented herein provide a validation service used to validate a certificate chain for both public facing servers as well as internal, non-public facing servers. To validate a certificate chain, the client generates a request with the network address and sends it to the validation service. In response, the validation service attempts to establish a connection with the server at the network address. If successful, the validation service receives a certificate chain from the server and can verify that the certificate chain is complete, valid, and chains to a trusted root. If the validation service cannot connect to the network address identified in the request, then the validation service sends a local validation component to the requesting client. The local validation component executes from the client and validates the certificate chain presented by the network server.Type: GrantFiled: September 5, 2014Date of Patent: October 10, 2017Assignee: Symantec CorporationInventors: Padam Singal, Deepa Priya Ramachandran
-
Patent number: 9785779Abstract: A method and apparatus submitting information to be protected before permitting an outbound data transfer with the information is described. A DLP agent, incorporating a DLP submission tool, receives information of an outbound data transfer by the client computing system. The DLP agent can temporarily block the outbound data transfer and send a request to update a DLP policy to protect the information before permitting the outbound data transfer. The DLP agent subsequently receives receiving an indication that the DLP policy is updated to protect the information. After receiving the indication, the DLP agent permits the outbound data transfer.Type: GrantFiled: February 4, 2015Date of Patent: October 10, 2017Assignee: Symantec CorporationInventors: Ajil Koshy, Milind Torney, Manish V. Pai
-
Patent number: 9786138Abstract: A method and system for detecting an intruder is provided. The method includes monitoring received signal strength in a wireless router and creating a profile of the received signal strength as monitored during a learn mode. The method includes comparing activity of the received signal strength in the wireless router, during an intruder detection mode, to the profile and issuing a notification, based on the comparing, wherein at least one step of the method is performed by a processor.Type: GrantFiled: March 21, 2014Date of Patent: October 10, 2017Assignee: SYMANTEC CORPORATIONInventors: Anand Kashyap, Qiyan Wang
-
Patent number: 9785775Abstract: According to at least one embodiment, a computer-implemented method for managing malware for a computing device is described. In one embodiment, an attempt by a process to modify at least one file on the computing device may be identified. The identified process may be analyzed to estimate an age value associated with the identified process. The estimated age value of the identified process may be compared to an age value associated with the at least one file. The attempt to modify the at least one file may be prevented based at least in part on the comparison.Type: GrantFiled: September 15, 2014Date of Patent: October 10, 2017Assignee: Symantec CorporationInventor: George R. Turner
-
Patent number: 9781143Abstract: A computer-implemented method for detecting near field communication risks may include (1) identifying a mobile device capable of near field communication, (2) identifying an attempted near field communication involving the mobile device, (3) tracking at least one contextual behavior relating to the attempted near field communication; and (4) determining, based at least in part on the contextual behavior, that the attempted near field communication poses a risk to the mobile device. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: October 13, 2016Date of Patent: October 3, 2017Assignee: Symantec CorporationInventor: Qu Bo Song
-
Patent number: 9781151Abstract: Techniques for identifying malicious downloadable applications are disclosed. In one particular exemplary embodiment, the techniques may be realized as a method for identifying malicious downloadable applications comprising receiving a signature of a downloadable application, identifying, using at least one computer processor, a known good application having at least one attribute in common with the downloadable application and having a signature different from the signature of the downloadable application, analyzing the downloadable application to evaluate one or more risk factors based at least in part on the at least one common attribute and the difference in signatures, and determining, based on the evaluated one or more risk factors, one or more responsive actions.Type: GrantFiled: October 11, 2011Date of Patent: October 3, 2017Assignee: Symantec CorporationInventors: Bruce E. McCorkendale, Sourabh Satish, Xuefeng Tian, Jingnan Si, Jun Mao, Xiaole Zhu, Sheng Gong
-
Patent number: 9781604Abstract: The disclosed computer-implemented method for detecting illegitimate devices on wireless networks may include (1) identifying a baseline signal strength for a wireless network, (2) monitoring a signal strength of the wireless network to obtain at least one additional signal strength measurement, (3) determining that the additional signal strength measurement varies from the baseline signal strength beyond a threshold, (4) determining, in response to determining that the additional signal strength measurement varies from the baseline signal strength, that an illegitimate device is present on the wireless network, and (5) initiating, in response to determining that the illegitimate device is present on the wireless network, a security action. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: February 9, 2015Date of Patent: October 3, 2017Assignee: Symantec CorporationInventors: Michael Shavell, Matt Boucher, Christopher Robichaud
-
Patent number: 9781159Abstract: A method, apparatus and system for using login information includes an account where login information is used to access the account, a login information usage data for storing the login information used on the account and a manager application coupled to the accounts through a network. The manager application is configured to access the login information and determine at least one potentially or actually compromised account, determine login information related to the at least one potentially or actually compromised account, determine at least one other account having similar login information and notify a user regarding a potential threat to the at least one other account.Type: GrantFiled: September 28, 2007Date of Patent: October 3, 2017Assignee: Symantec CorporationInventors: Brian Hernacki, Sourabh Satish, Michael Spertus
-
Patent number: 9781019Abstract: A computer-implemented method for managing network communication may include (1) identifying a pattern of network communication between a network node and a network service, (2) creating a representation of the network communication pattern, (3) querying, using the representation of the communication pattern, a network communication pattern database that associates network communication patterns with computer programs responsible for generating the patterns, (4) receiving, in response to querying the database, identification of a computer program associated with the network communication pattern, and then, (5) applying a network communication management policy assigned to the computer program associated with the pattern to network communication between the network node and network service. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: August 15, 2013Date of Patent: October 3, 2017Assignee: Symantec CorporationInventor: Shaun Cooley
-
Patent number: 9780950Abstract: A method and system for authenticating a credential via a one time password which includes receiving a user ID, a client ID, and the one time password from a client device, and then validating the one time password based on the user ID and the credential ID. Upon validating the one time password, a response is sent to the client device, and the response includes at least one of an authorization to access a private key stored on the client device or at least a portion of the private key.Type: GrantFiled: June 14, 2013Date of Patent: October 3, 2017Assignee: Symantec CorporationInventors: Alan Dundas, Eirik Herskedal
