Patents Assigned to Symantec
-
Patent number: 9740876Abstract: A cloud based system receives multiple types of security telemetry from multiple participating organizations. The received security telemetry can be pseudonymized by replacing fields containing sensitive information with corresponding pseudonyms. Two data stores can be maintained, a first for raw telemetry, and a second for pseudonymized telemetry. Each data store can comprise a directory structure organized according to factors such as originating organization, administrative unit, telemetry type, schema, format and/or version and receipt time. Raw telemetry is stored in directories of the first data store, and pseudonymized security telemetry is stored in directories of the second data store, both organized according to the above-described factors.Type: GrantFiled: September 15, 2015Date of Patent: August 22, 2017Assignee: Symantec CorporationInventors: Carey S Nachenberg, Paul M Agbabian, Abubakar A Wawda, Andrew Collingwood Watson
-
Patent number: 9740920Abstract: The disclosed computer-implemented method for securely authenticating users via facial recognition may include (1) identifying a request from a user to complete an authentication process on the computing device via a facial-recognition system, (2) sending the user a randomized unique identifier to display to a camera on the computing device, (3) simultaneously observing, via the camera on the computing device, both the user and the randomized unique identifier that was sent to the user, and (4) authenticating the observed user in response to determining both that the observed user's facial characteristics match facial characteristics of the user stored in the facial-recognition system and that the observed randomized unique identifier matches the randomized unique identifier sent to the user. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: September 10, 2015Date of Patent: August 22, 2017Assignee: Symantec CorporationInventors: Andrew Chang, Ilya Sokolov
-
Patent number: 9742759Abstract: Techniques are presented herein for authenticating local process to a web service, both executing on a common host computer server. The local process may present a self-signed certificate to the web service. In response, the web service may identify a file system directory on the first computer server containing a file storing the self-signed certificate. If the subject information identifying the owner of the process matches file system metadata indicating an owner of the file, then the web service may consider the process as being authenticated to the web service.Type: GrantFiled: June 2, 2014Date of Patent: August 22, 2017Assignee: Symantec CorporationInventors: Pandu Vangara, Priyanka Luthra, Prada Venkatachalam
-
Patent number: 9742801Abstract: A computer-implemented method for preventing the execution of online malvertising may include (1) maintaining a database of software version information for at least one client device, (2) detecting a request from the client device to access a website that contains active advertising content, (3) identifying, by querying the database of software version information, a vulnerability in at least one software element on the client device that may be used to deliver the active advertising content, and (4) preventing delivery of the active advertising content to the client device. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: September 25, 2015Date of Patent: August 22, 2017Assignee: Symantec CorporationInventor: Spencer Smith
-
Patent number: 9736178Abstract: The disclosed computer-implemented method for detecting suspicious Internet addresses may include (1) monitoring Internet communications of an entity (e.g., an organization or individual), (2) compiling an Internet-address history for the entity that includes one or more Internet addresses involved in the Internet communications of the entity, (3) detecting, after compiling the Internet-address history for the entity, an additional Internet address that may be used in future Internet communications involving the entity, (4) computing a similarity metric between the additional Internet address and at least one Internet-address in the Internet-address history, (5) determining that the similarity metric indicates that the additional Internet address is suspicious, and (6) performing a security action in response to determining that the similarity metric indicates that the additional Internet address is suspicious. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: April 5, 2016Date of Patent: August 15, 2017Assignee: Symantec CorporationInventor: Peter Ashley
-
Patent number: 9734312Abstract: The disclosed computer-implemented method for detecting when users are uninstalling applications may include (1) monitoring, as part of an application installed on a computing device via an accessibility API provided by an operating system of the computing device, accessibility events that indicate state transitions in user interfaces of applications running on the computing device, (2) detecting, based on an analysis of at least one accessibility event, an attempt by a user to uninstall an application from the computing device, and (3) in response to detecting the attempt to uninstall the application, prompting the user to perform at least one action before allowing the application to be uninstalled. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: August 12, 2015Date of Patent: August 15, 2017Assignee: Symantec CorporationInventor: Jonathon Salehpour
-
Patent number: 9733929Abstract: A method for restoring applications may include: 1) identifying an installation file that includes an application; 2) monitoring the installation file to identify a set of application files generated as a result of installing the application from the installation file; 3) assigning, to each application file in the set of application files, an application identifier that associates each application file in the set of application files with the application; 4) backing up the application by copying each application file in the set of application files to a backup storage system; 5) receiving a request to restore each application file in the set of application files; and 6) restoring the application by using the application identifier to locate each application file in the set of application files within the backup storage system. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: July 20, 2010Date of Patent: August 15, 2017Assignee: Symantec CorporationInventors: Nicholas Graf, Adam Glick, Spencer Smith
-
Patent number: 9734037Abstract: Applications on a mobile device are sampled for detecting applications causing performance problems on the device. The method includes periodically logging performance information for a mobile device suspected to be having performance problems. The method further includes periodically logging identifying information about multiple applications on the mobile device. The method also includes periodically providing to a security server the logged performance information for the mobile device and the logged identifying information about the applications. In addition, the method includes, in response to a request from the security server for more information about one of the applications, providing a copy of the application to the security server for analysis of the impact by the application on performance of the mobile device. The method can further include receiving from the security server an indication that the application for which the copy was provided is causing a performance problem on the mobile device.Type: GrantFiled: September 15, 2009Date of Patent: August 15, 2017Assignee: Symantec CorporationInventors: Bruce McCorkendale, John P. Kelly, Brian Hernacki
-
Patent number: 9734341Abstract: A computer-implemented method for protecting computing systems from peripheral devices may include (1) identifying a peripheral device configured to perform a charging function and at least one non-charging function, (2) configuring an endpoint protection application with an endpoint protection rule that allows the charging function of the peripheral device and does not allow the non-charging function of the peripheral device, (3) detecting that the peripheral device is connected to a computing system that is provisioned with the endpoint protection application, and (4) applying the endpoint protection rule on the computing system to allow the charging function of the peripheral device so that the peripheral device is able to charge via the computing system and block the non-charging function of the peripheral device from being performed on the computing system. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: April 18, 2014Date of Patent: August 15, 2017Assignee: Symantec CorporationInventor: Cui Cheng
-
Patent number: 9735965Abstract: The disclosed computer-implemented method for protecting notification messages may include (1) identifying at least a portion of a notification message to be protected from modification, (2) using a hash function to calculate a hash of the portion of the notification message, (3) encrypting the hash, (4) adding the encrypted hash to the notification message, and (5) transmitting the notification message to a client that is configured to verify that the portion of the message has not been modified by (a) decrypting the encrypted hash, (b) using the hash function to recalculate the hash of the portion of the notification message, and (c) verifying that the decrypted hash is the same as the recalculated hash. Various other methods, systems, and computer-readable media are also disclosed. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: April 16, 2015Date of Patent: August 15, 2017Assignee: Symantec CorporationInventor: Michael Shavell
-
Patent number: 9734229Abstract: A computer-implemented method for mining data in a data warehouse may include (1) identifying a parent table in a data warehouse, (2) identifying a child table in the data warehouse that depends from the parent table, (3) generating a rule family including rules based on the parent table and the child table, each of the rules in the rule family correlating a potential value of a field of the parent table with a potential value of a field of the child table, (4) determining a level of support for each rule in the rule family, and (5) evaluating quality of incoming data according to a rule in the rule family based on the determined level of support for the rule. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: September 10, 2013Date of Patent: August 15, 2017Assignee: Symantec CorporationInventors: Biao Gao, George Chassiakos
-
Patent number: 9730071Abstract: The disclosed computer-implemented method for connecting purpose-built appliances to secure wireless networks may include (1) receiving, via an unsecured wireless network, an identifier from a network device that is not connected to a secure wireless network associated with the computing device, (2) sending, via the unsecured wireless network, a token to the network device, (3) receiving confirmation from a user of the network device that the network device correctly displayed the token and that the user would like to connect the network device to the secure wireless network, and (4) in response to the confirming that the user would like to connect the network device to the secure wireless network, sending, via the unsecured wireless network, network credentials for the secure wireless network to the network device to enable the network device to connect to the secure wireless network. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: March 5, 2015Date of Patent: August 8, 2017Assignee: Symantec CorporationInventor: Fanglu Guo
-
Patent number: 9729620Abstract: A server receives a data request from a client. The request contains contextual information which can be used at a server/datacenter level for providing the requested data. The server uses the contextual information to prepare a response to the request. The server stores the received contextual information in association with the specific client in a data grid, such that an identifier of the client can be used by any server in the datacenter to access the stored information. Subsequent to the storing of the contextual information in the data grid, a second request from the same client is received by any server with access to the data grid. The second request contains the client identifier, but not the contextual information. The server uses the identifier to access the stored contextual information in the data grid, and uses the contextual information to prepare a response to the second request.Type: GrantFiled: December 15, 2014Date of Patent: August 8, 2017Assignee: Symantec CorporationInventors: Michael Shavell, Keith Newstadt
-
Patent number: 9729579Abstract: A computer-implemented method for increasing security on computing systems that launch application containers may include (1) authenticating an application container that facilitates launching at least one application on a host computing system by verifying that the application container meets a certain trustworthiness threshold, (2) intercepting, via a policy-enforcement proxy, a command to perform a deployment action on the host computing system in connection with the authenticated application container, (3) determining that the deployment action potentially violates a security policy applied to the authenticated application container, and then in response to determining that the deployment action potentially violates the security policy, (4) modifying, via the policy-enforcement proxy, the command to prevent the potential violation of the security policy. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: April 27, 2015Date of Patent: August 8, 2017Assignee: Symantec CorporationInventors: Daniel Marino, Petros Efstathopoulos, Mingwei Zhang
-
Patent number: 9730066Abstract: A network access point secures a WiFi network, and acts as a picocell, by identifying applications running on computer-based devices, such as mobile phones, tablet computers, and the like, that seek to access the Internet (or another network) via the access point and applying network access policies to data communications by those applications according to application, location, context, device and/or user characteristics.Type: GrantFiled: April 4, 2013Date of Patent: August 8, 2017Assignee: SYMANTEC CORPORATIONInventors: Qing Li, Gregory S. Clark
-
Patent number: 9730075Abstract: The disclosed computer-implemented method for detecting illegitimate devices on wireless networks may include (1) generating a fake network identification string that uniquely identifies a fake wireless network, (2) transmitting a request to connect to the fake wireless network, (3) receiving, in response to the request, a response from a network device that indicates the fake wireless network is available, and (4) determining, based on receiving the response that indicates the fake wireless network is available, that the network device is illegitimate. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: February 9, 2015Date of Patent: August 8, 2017Assignee: Symantec CorporationInventors: Michael Shavell, Matt Boucher, Christopher Robichaud, Kevin Jiang
-
Patent number: 9712532Abstract: A method of providing web site verification information to a user can include receiving a DNS query including a host name and a seal verification site name, parsing the DNS query, and extracting the host name from the DNS query. The method also can include accessing a DNS zone file including a list of Trust Services customers and determining if the host name is associated with a Trust Services customer in the list of Trust Services customers. The method further can include transmitting a positive identifier to the requester if the host name is associated with a Trust Services customer and transmitting a negative identifier to the requester if the host name is not associated with a Trust Services customer. In a specific embodiment, the Trust Services include issuance of digital certificates.Type: GrantFiled: June 3, 2013Date of Patent: July 18, 2017Assignee: Symantec CorporationInventors: Gary Krall, Barry Ferg, David M'Raihi, Nicolas Popp
-
Patent number: 9704158Abstract: Techniques are disclosed for authenticating transactions conducted over computer networks, e.g., online banking transactions or other transactions performed by a financial institution at a customer's request. After receiving a transaction request (and associated transaction details), the transaction signing service signs the transaction data and sends the resulting blob to the user requesting the transaction. After being transmitted to the user, the signed transaction data itself is then signed using PKI credentials of the user, which then returns the twice-signed bundle to the financial institution. Rather than rely on the cryptographic signature of the client, the financial intuition (or other replying party) validates that the transaction data signed using its own highly trusted key has not been altered prior to being signed and returned by the client.Type: GrantFiled: March 15, 2013Date of Patent: July 11, 2017Assignee: Symantec CorporationInventors: Alan Dundas, Oanh Hoang, Eirik Herskedal
-
Patent number: 9705977Abstract: In one embodiment, an electronic device receives a request; obtains a current state from each of a plurality of electronic devices; and selects one of the plurality of electronic devices to service the request based on the current state of each of the plurality of electronic devices. The current state of each of the plurality of electronic devices is one of a plurality of states in a state model. Each of the plurality of states in the state model indicates a discrete level of workload for the plurality of electronic devices.Type: GrantFiled: April 20, 2011Date of Patent: July 11, 2017Assignee: Symantec CorporationInventor: Kevin Porter
-
Patent number: D795232Type: GrantFiled: July 15, 2016Date of Patent: August 22, 2017Assignee: Symantec CorporationInventors: Michel Billard, Ameer Karim, Scot Herbst, Will Hunter, Rob Swinton, Chris Gaul, Ranjit Sidhu