Patents Assigned to Symantec
  • Patent number: 9740876
    Abstract: A cloud based system receives multiple types of security telemetry from multiple participating organizations. The received security telemetry can be pseudonymized by replacing fields containing sensitive information with corresponding pseudonyms. Two data stores can be maintained, a first for raw telemetry, and a second for pseudonymized telemetry. Each data store can comprise a directory structure organized according to factors such as originating organization, administrative unit, telemetry type, schema, format and/or version and receipt time. Raw telemetry is stored in directories of the first data store, and pseudonymized security telemetry is stored in directories of the second data store, both organized according to the above-described factors.
    Type: Grant
    Filed: September 15, 2015
    Date of Patent: August 22, 2017
    Assignee: Symantec Corporation
    Inventors: Carey S Nachenberg, Paul M Agbabian, Abubakar A Wawda, Andrew Collingwood Watson
  • Patent number: 9740920
    Abstract: The disclosed computer-implemented method for securely authenticating users via facial recognition may include (1) identifying a request from a user to complete an authentication process on the computing device via a facial-recognition system, (2) sending the user a randomized unique identifier to display to a camera on the computing device, (3) simultaneously observing, via the camera on the computing device, both the user and the randomized unique identifier that was sent to the user, and (4) authenticating the observed user in response to determining both that the observed user's facial characteristics match facial characteristics of the user stored in the facial-recognition system and that the observed randomized unique identifier matches the randomized unique identifier sent to the user. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: September 10, 2015
    Date of Patent: August 22, 2017
    Assignee: Symantec Corporation
    Inventors: Andrew Chang, Ilya Sokolov
  • Patent number: 9742759
    Abstract: Techniques are presented herein for authenticating local process to a web service, both executing on a common host computer server. The local process may present a self-signed certificate to the web service. In response, the web service may identify a file system directory on the first computer server containing a file storing the self-signed certificate. If the subject information identifying the owner of the process matches file system metadata indicating an owner of the file, then the web service may consider the process as being authenticated to the web service.
    Type: Grant
    Filed: June 2, 2014
    Date of Patent: August 22, 2017
    Assignee: Symantec Corporation
    Inventors: Pandu Vangara, Priyanka Luthra, Prada Venkatachalam
  • Patent number: 9742801
    Abstract: A computer-implemented method for preventing the execution of online malvertising may include (1) maintaining a database of software version information for at least one client device, (2) detecting a request from the client device to access a website that contains active advertising content, (3) identifying, by querying the database of software version information, a vulnerability in at least one software element on the client device that may be used to deliver the active advertising content, and (4) preventing delivery of the active advertising content to the client device. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: September 25, 2015
    Date of Patent: August 22, 2017
    Assignee: Symantec Corporation
    Inventor: Spencer Smith
  • Patent number: 9736178
    Abstract: The disclosed computer-implemented method for detecting suspicious Internet addresses may include (1) monitoring Internet communications of an entity (e.g., an organization or individual), (2) compiling an Internet-address history for the entity that includes one or more Internet addresses involved in the Internet communications of the entity, (3) detecting, after compiling the Internet-address history for the entity, an additional Internet address that may be used in future Internet communications involving the entity, (4) computing a similarity metric between the additional Internet address and at least one Internet-address in the Internet-address history, (5) determining that the similarity metric indicates that the additional Internet address is suspicious, and (6) performing a security action in response to determining that the similarity metric indicates that the additional Internet address is suspicious. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: April 5, 2016
    Date of Patent: August 15, 2017
    Assignee: Symantec Corporation
    Inventor: Peter Ashley
  • Patent number: 9734312
    Abstract: The disclosed computer-implemented method for detecting when users are uninstalling applications may include (1) monitoring, as part of an application installed on a computing device via an accessibility API provided by an operating system of the computing device, accessibility events that indicate state transitions in user interfaces of applications running on the computing device, (2) detecting, based on an analysis of at least one accessibility event, an attempt by a user to uninstall an application from the computing device, and (3) in response to detecting the attempt to uninstall the application, prompting the user to perform at least one action before allowing the application to be uninstalled. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: August 12, 2015
    Date of Patent: August 15, 2017
    Assignee: Symantec Corporation
    Inventor: Jonathon Salehpour
  • Patent number: 9733929
    Abstract: A method for restoring applications may include: 1) identifying an installation file that includes an application; 2) monitoring the installation file to identify a set of application files generated as a result of installing the application from the installation file; 3) assigning, to each application file in the set of application files, an application identifier that associates each application file in the set of application files with the application; 4) backing up the application by copying each application file in the set of application files to a backup storage system; 5) receiving a request to restore each application file in the set of application files; and 6) restoring the application by using the application identifier to locate each application file in the set of application files within the backup storage system. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: July 20, 2010
    Date of Patent: August 15, 2017
    Assignee: Symantec Corporation
    Inventors: Nicholas Graf, Adam Glick, Spencer Smith
  • Patent number: 9734037
    Abstract: Applications on a mobile device are sampled for detecting applications causing performance problems on the device. The method includes periodically logging performance information for a mobile device suspected to be having performance problems. The method further includes periodically logging identifying information about multiple applications on the mobile device. The method also includes periodically providing to a security server the logged performance information for the mobile device and the logged identifying information about the applications. In addition, the method includes, in response to a request from the security server for more information about one of the applications, providing a copy of the application to the security server for analysis of the impact by the application on performance of the mobile device. The method can further include receiving from the security server an indication that the application for which the copy was provided is causing a performance problem on the mobile device.
    Type: Grant
    Filed: September 15, 2009
    Date of Patent: August 15, 2017
    Assignee: Symantec Corporation
    Inventors: Bruce McCorkendale, John P. Kelly, Brian Hernacki
  • Patent number: 9734341
    Abstract: A computer-implemented method for protecting computing systems from peripheral devices may include (1) identifying a peripheral device configured to perform a charging function and at least one non-charging function, (2) configuring an endpoint protection application with an endpoint protection rule that allows the charging function of the peripheral device and does not allow the non-charging function of the peripheral device, (3) detecting that the peripheral device is connected to a computing system that is provisioned with the endpoint protection application, and (4) applying the endpoint protection rule on the computing system to allow the charging function of the peripheral device so that the peripheral device is able to charge via the computing system and block the non-charging function of the peripheral device from being performed on the computing system. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: April 18, 2014
    Date of Patent: August 15, 2017
    Assignee: Symantec Corporation
    Inventor: Cui Cheng
  • Patent number: 9735965
    Abstract: The disclosed computer-implemented method for protecting notification messages may include (1) identifying at least a portion of a notification message to be protected from modification, (2) using a hash function to calculate a hash of the portion of the notification message, (3) encrypting the hash, (4) adding the encrypted hash to the notification message, and (5) transmitting the notification message to a client that is configured to verify that the portion of the message has not been modified by (a) decrypting the encrypted hash, (b) using the hash function to recalculate the hash of the portion of the notification message, and (c) verifying that the decrypted hash is the same as the recalculated hash. Various other methods, systems, and computer-readable media are also disclosed. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: April 16, 2015
    Date of Patent: August 15, 2017
    Assignee: Symantec Corporation
    Inventor: Michael Shavell
  • Patent number: 9734229
    Abstract: A computer-implemented method for mining data in a data warehouse may include (1) identifying a parent table in a data warehouse, (2) identifying a child table in the data warehouse that depends from the parent table, (3) generating a rule family including rules based on the parent table and the child table, each of the rules in the rule family correlating a potential value of a field of the parent table with a potential value of a field of the child table, (4) determining a level of support for each rule in the rule family, and (5) evaluating quality of incoming data according to a rule in the rule family based on the determined level of support for the rule. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: September 10, 2013
    Date of Patent: August 15, 2017
    Assignee: Symantec Corporation
    Inventors: Biao Gao, George Chassiakos
  • Patent number: 9730071
    Abstract: The disclosed computer-implemented method for connecting purpose-built appliances to secure wireless networks may include (1) receiving, via an unsecured wireless network, an identifier from a network device that is not connected to a secure wireless network associated with the computing device, (2) sending, via the unsecured wireless network, a token to the network device, (3) receiving confirmation from a user of the network device that the network device correctly displayed the token and that the user would like to connect the network device to the secure wireless network, and (4) in response to the confirming that the user would like to connect the network device to the secure wireless network, sending, via the unsecured wireless network, network credentials for the secure wireless network to the network device to enable the network device to connect to the secure wireless network. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: March 5, 2015
    Date of Patent: August 8, 2017
    Assignee: Symantec Corporation
    Inventor: Fanglu Guo
  • Patent number: 9729620
    Abstract: A server receives a data request from a client. The request contains contextual information which can be used at a server/datacenter level for providing the requested data. The server uses the contextual information to prepare a response to the request. The server stores the received contextual information in association with the specific client in a data grid, such that an identifier of the client can be used by any server in the datacenter to access the stored information. Subsequent to the storing of the contextual information in the data grid, a second request from the same client is received by any server with access to the data grid. The second request contains the client identifier, but not the contextual information. The server uses the identifier to access the stored contextual information in the data grid, and uses the contextual information to prepare a response to the second request.
    Type: Grant
    Filed: December 15, 2014
    Date of Patent: August 8, 2017
    Assignee: Symantec Corporation
    Inventors: Michael Shavell, Keith Newstadt
  • Patent number: 9729579
    Abstract: A computer-implemented method for increasing security on computing systems that launch application containers may include (1) authenticating an application container that facilitates launching at least one application on a host computing system by verifying that the application container meets a certain trustworthiness threshold, (2) intercepting, via a policy-enforcement proxy, a command to perform a deployment action on the host computing system in connection with the authenticated application container, (3) determining that the deployment action potentially violates a security policy applied to the authenticated application container, and then in response to determining that the deployment action potentially violates the security policy, (4) modifying, via the policy-enforcement proxy, the command to prevent the potential violation of the security policy. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: April 27, 2015
    Date of Patent: August 8, 2017
    Assignee: Symantec Corporation
    Inventors: Daniel Marino, Petros Efstathopoulos, Mingwei Zhang
  • Patent number: 9730066
    Abstract: A network access point secures a WiFi network, and acts as a picocell, by identifying applications running on computer-based devices, such as mobile phones, tablet computers, and the like, that seek to access the Internet (or another network) via the access point and applying network access policies to data communications by those applications according to application, location, context, device and/or user characteristics.
    Type: Grant
    Filed: April 4, 2013
    Date of Patent: August 8, 2017
    Assignee: SYMANTEC CORPORATION
    Inventors: Qing Li, Gregory S. Clark
  • Patent number: 9730075
    Abstract: The disclosed computer-implemented method for detecting illegitimate devices on wireless networks may include (1) generating a fake network identification string that uniquely identifies a fake wireless network, (2) transmitting a request to connect to the fake wireless network, (3) receiving, in response to the request, a response from a network device that indicates the fake wireless network is available, and (4) determining, based on receiving the response that indicates the fake wireless network is available, that the network device is illegitimate. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: February 9, 2015
    Date of Patent: August 8, 2017
    Assignee: Symantec Corporation
    Inventors: Michael Shavell, Matt Boucher, Christopher Robichaud, Kevin Jiang
  • Patent number: 9712532
    Abstract: A method of providing web site verification information to a user can include receiving a DNS query including a host name and a seal verification site name, parsing the DNS query, and extracting the host name from the DNS query. The method also can include accessing a DNS zone file including a list of Trust Services customers and determining if the host name is associated with a Trust Services customer in the list of Trust Services customers. The method further can include transmitting a positive identifier to the requester if the host name is associated with a Trust Services customer and transmitting a negative identifier to the requester if the host name is not associated with a Trust Services customer. In a specific embodiment, the Trust Services include issuance of digital certificates.
    Type: Grant
    Filed: June 3, 2013
    Date of Patent: July 18, 2017
    Assignee: Symantec Corporation
    Inventors: Gary Krall, Barry Ferg, David M'Raihi, Nicolas Popp
  • Patent number: 9704158
    Abstract: Techniques are disclosed for authenticating transactions conducted over computer networks, e.g., online banking transactions or other transactions performed by a financial institution at a customer's request. After receiving a transaction request (and associated transaction details), the transaction signing service signs the transaction data and sends the resulting blob to the user requesting the transaction. After being transmitted to the user, the signed transaction data itself is then signed using PKI credentials of the user, which then returns the twice-signed bundle to the financial institution. Rather than rely on the cryptographic signature of the client, the financial intuition (or other replying party) validates that the transaction data signed using its own highly trusted key has not been altered prior to being signed and returned by the client.
    Type: Grant
    Filed: March 15, 2013
    Date of Patent: July 11, 2017
    Assignee: Symantec Corporation
    Inventors: Alan Dundas, Oanh Hoang, Eirik Herskedal
  • Patent number: 9705977
    Abstract: In one embodiment, an electronic device receives a request; obtains a current state from each of a plurality of electronic devices; and selects one of the plurality of electronic devices to service the request based on the current state of each of the plurality of electronic devices. The current state of each of the plurality of electronic devices is one of a plurality of states in a state model. Each of the plurality of states in the state model indicates a discrete level of workload for the plurality of electronic devices.
    Type: Grant
    Filed: April 20, 2011
    Date of Patent: July 11, 2017
    Assignee: Symantec Corporation
    Inventor: Kevin Porter
  • Patent number: D795232
    Type: Grant
    Filed: July 15, 2016
    Date of Patent: August 22, 2017
    Assignee: Symantec Corporation
    Inventors: Michel Billard, Ameer Karim, Scot Herbst, Will Hunter, Rob Swinton, Chris Gaul, Ranjit Sidhu