Patents Assigned to Symantec
-
Patent number: 9230099Abstract: A computer-implemented method for combining static and dynamic code analysis may include 1) identifying executable code that is to be analyzed to determine whether the executable code is capable of leaking sensitive data, 2) performing a static analysis of the executable code to identify one or more objects which the executable code may use to transfer sensitive data, the static analysis being performed by analyzing the executable code without executing the executable code, 3) using a result of the static analysis to tune a dynamic analysis to track the one or more objects identified during the static analysis, and 4) performing the dynamic analysis by, while the executable code is being executed, tracking the one or more objects identified during the static analysis to determine whether the executable code leaks sensitive data via the one or more objects. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: March 31, 2014Date of Patent: January 5, 2016Assignee: Symantec CorporationInventors: Bruce McCorkendale, Sheng Gong, Wei Guo Eric Hu, Ge Hua Huang, Jun Mao, Qingchun Meng, Xue Feng Tian, Xiaole Zhu
-
Patent number: 9231769Abstract: A computer-implemented method for providing interfaces for creating transport layer security certificates may include (1) displaying a user interface for configuring a proposed digital certificate for use in a transport layer security protocol, (2) receiving user input via the user interface that specifies a certificate configuration feature for the proposed digital certificate, (3) assessing a projected impact of the certificate configuration feature on a security metric of the proposed digital certificate, and (4) presenting the projected impact of the certification configuration feature on the security metric via the user interface. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: May 29, 2013Date of Patent: January 5, 2016Assignee: Symantec CorporationInventor: Navin Naidu
-
Patent number: 9231833Abstract: Various systems and methods for detecting a deviation of an existing connectivity of a data center from a pre-determined connectivity are presented. One method involves detecting a deviation of an existing connectivity of a data center from a pre-determined connectivity by defining a start node. The start node is defined based on a condition of a component of the data center. The condition is determined based on an explicit relationship between a node and another node of the data center. The method involves conditionally matching a sub-graph and a portion of a main graph by identifying the deviation. The conditional matching is begun at the start node. A failure to conditionally match a portion of the sub-graph and a portion of the main-graph indicates that the deviation exists.Type: GrantFiled: December 30, 2013Date of Patent: January 5, 2016Assignee: Symantec CorporationInventor: Tushar Bandopadhyay
-
Patent number: 9229626Abstract: A system and method for notification management includes collecting information for a number of objects within a management tool for security assets. The display of the information is displayed on a window of a graphical user interface of the management tool. In response to user interaction with the graphical user interface, a notification tool window of a notification tool is displayed. The notification tool window is layered over at least a portion of the window of the graphical user interface. In response to user interaction with the notification tool window, notification instructions are created for at least one of the number of objects based on a portion of the information of the window of the graphical user interface. The notification instructions are operable to cause the notification tool to communicate at least one notification communication to at least one recipient concerning at least one object.Type: GrantFiled: March 15, 2011Date of Patent: January 5, 2016Assignee: Symantec CorporationInventors: Fei Xing Tuang, Maryam Najafi, Christopher David Lawson, Alexander Antido Cayetano
-
Patent number: 9230111Abstract: A computer-implemented method for protecting document files from macro threats may include (1) identifying a document file that contains an embedded macro, (2) locating an event-driven programming language module that stores the embedded macro for the document file, and (3) cleaning the event-driven programming language module by removing procedures for the embedded macro within the event-driven programming language module and retaining variable definitions within the event-driven programming language module. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: November 6, 2013Date of Patent: January 5, 2016Assignee: Symantec CorporationInventors: Susanta Nanda, Sandeep Bhatkar, Fanglu Guo
-
Patent number: 9231969Abstract: The creations of objects by files that have not been previously identified as malware are tracked. The security reputations of specific created objects are determined. Based on the determined security reputations of specific created objects, the security risks concerning the specific files that created the objects are determined. Responsive to whether a determined security risk concerning a specific creating file meets a given threshold, it is determined whether the specific creating file comprises malware. Responsive to determining that a specific creating file comprises malware, the creating file is blocked from performing the activity associated with the creation of the associated object. Responsive to determining that a creating file comprises malware, the creating file can be disabled, and an alert concerning the creating file can be transmitted to a central security server.Type: GrantFiled: May 28, 2010Date of Patent: January 5, 2016Assignee: Symantec CorporationInventor: Sourabh Satish
-
Patent number: 9231913Abstract: Techniques for secure browsing may be realized as a method including: in response to a non-browser instruction to resolve a first resource reference, submitting the first resource reference to a server; receiving a response from the server indicating approval of the first resource reference; directing the first resource reference to a browser application based on the approval response; in response to a non-browser instruction to resolve a second resource reference, submitting the second resource reference to the server; receiving a response from the server indicating disapproval of the second resource reference; and determining not to direct the second resource reference to a browser application based on the disapproval response.Type: GrantFiled: February 25, 2014Date of Patent: January 5, 2016Assignee: Symantec CorporationInventors: Xiaochuan Tang, Jinfu Chen
-
Patent number: 9231936Abstract: A computer-implemented method for authenticating messages in a control area network is described. In one embodiment, a message identifier for a data message is ascertained. Each device is associated with one or more message identifiers. The data message is sent from a first device to a second device. The data message is associated with the ascertained message identifier. An authentication code computed by the first device is sent to the second device. The authentication code is sent by the first device in the data message or in an authentication message.Type: GrantFiled: February 12, 2014Date of Patent: January 5, 2016Assignee: Symantec CorporationInventors: Qiyan Wang, Shankar Somasundaram
-
Patent number: 9223606Abstract: A process running on a virtual machine determines an application level specified SLA, according to which an application is to be made available. The virtual machine level process transmits the SLA to a process running on a cluster infrastructure. The cluster infrastructure level process uses high-availability cluster functionality to configure the cluster infrastructure to make the application available as specified by the SLA. Where the SLA specifies failover support for the virtual machine on which the application is running, nodes of the cluster infrastructure are made available for this purpose. The application is thus made available as specified by the SLA. This can be done without requiring an application administrator to have access to the cluster infrastructure, or participation by an infrastructure administrator.Type: GrantFiled: November 30, 2011Date of Patent: December 29, 2015Assignee: Symantec CorporationInventors: Anish Vaidya, Venkeepuram Satish
-
Patent number: 9225735Abstract: A computer-implemented method for blocking flanking attacks on computing systems may include (1) detecting a denial-of-service attack targeting a computing network, (2) inferring, based at least in part on detecting the denial-of-service attack, a secondary attack targeting at least one computing resource within the computing network, (3) determining that the computing resource is subject to additional protection based on inferring the secondary attack targeting the computing resource, and (4) protecting the computing resource against the secondary attack by adding an authentication requirement for accessing the computing resource. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: December 23, 2013Date of Patent: December 29, 2015Assignee: Symantec CorporationInventor: Deb Banerjee
-
Patent number: 9223562Abstract: The risk of inadvertent introduction of software bugs to a large number of users during a software update is minimized by controlling updates using a uniform mechanism of sending updates to seed users. A value-generating module generates a value for a computer, the value falling within a population range of values. A sampling range-generating module generates a sampling range of values as a proper subset of the population range, the probability of the random value falling within the sampling range being predetermined. An eligibility determination module determines whether the computer is eligible to receive a software update, the computer being determined eligible when the random value for the computer falls within the sampling range, and an update module provides the software update to the computer based on the eligibility determination. In some embodiments, a problem review module determines whether the update has caused a problem for computers receiving the update.Type: GrantFiled: December 18, 2007Date of Patent: December 29, 2015Assignee: Symantec CorporationInventor: William E. Sobel
-
Patent number: 9223661Abstract: A method and apparatus for automatically archiving data items from backup storage without having to first restore the data items is provided. In one embodiment, the method comprises processing at least one data item in backup storage using a mapping, wherein the mapping indicates at least one location of the at least one data item and ingesting the at least one data item into an archive database.Type: GrantFiled: August 6, 2012Date of Patent: December 29, 2015Assignee: Symantec CorporationInventors: Angshuman Bezbaruah, Ankur Panchbudhe, Srineet Sridharan, Niels S. van Ingen
-
Patent number: 9225736Abstract: Techniques for detecting anomalous network traffic are disclosed. In one particular embodiment, the techniques may be realized as a method for detecting anomalous network traffic comprising the steps of receiving a list including a plurality of processes and, for each process, a list of approved types of network traffic; monitoring network traffic of each process on the list of processes; upon detecting network traffic for a process on the list of processes, determining that the type of network traffic detected is not on the list of approved types for that process; and identifying the process as infected based on determining that the type of network traffic detected is not on the list of approved types for that process.Type: GrantFiled: June 27, 2013Date of Patent: December 29, 2015Assignee: Symantec CorporationInventors: Kevin Alejandro Roundy, Jie Fu, Tao Cheng, Zhi Kai Li, Fanglu Guo, Sandeep Bhatkar
-
Patent number: 9223966Abstract: The disclosed computer-implemented method for replicating computing system environments may include (1) identifying each application installed on a plurality of computing systems, (2) creating, within a virtual machine image, virtual containers that store each application installed on the plurality of computing systems, (3) determining that a potentially malicious file is directed to a target computing system within the plurality of computing systems, (4) identifying each application installed on the target computing system, (5) in response to determining that the file is directed to the target computing system, replicating a configuration of the target computing system within the virtual machine image by, for each application installed on the target computing system, activating a virtual container that stores the application, and (6) determining how the file would affect the target computing system by sending the file to the virtual machine image and analyzing how the file impacts the virtual machine image.Type: GrantFiled: May 4, 2014Date of Patent: December 29, 2015Assignee: Symantec CorporationInventors: Sourabh Satish, Abubakar A. Wawda
-
Patent number: 9223961Abstract: A computer-implemented method for performing security analyses of applications configured for cloud-based platforms may include 1) identifying an online platform that hosts an online service and that is capable of hosting a plurality of third-party applications integrated with the online service and configured to operate on the online platform, 2) identifying at least one third-party application that is integrated with the online service and configured to operate on the online platform, 3) identifying metadata describing at least one characteristic of the third-party application, and 4) performing a security analysis of the third-party application based at least in part on the metadata. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: April 4, 2012Date of Patent: December 29, 2015Assignee: Symantec CorporationInventor: Ilya Sokolov
-
Patent number: 9223980Abstract: The disclosed computer-implemented method for indicating malware statuses of electronic messages may include (1) determining that a user is attempting to distribute an electronic message, (2) scanning the electronic message to determine a malware status of the electronic message, (3) before distributing the electronic message, including, with the electronic message, an indication of the malware status of the electronic message, and (4) after including the indication of the malware status with the electronic message, distributing the electronic message to a recipient system, where the recipient system uses the malware status included with the electronic message to determine the malware status of the electronic message. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: June 11, 2014Date of Patent: December 29, 2015Assignee: Symantec CorporationInventor: Linjiang Bao
-
Patent number: 9225743Abstract: A method and apparatus for automatically generating policies from a set of cryptographic certificates is described. An automated policy generator, executing on a computing system, receives information from a set of one or more cryptographic certificates deployed in a network. The automated policy generator automatically generates a policy from the information of the set of cryptographic certificates.Type: GrantFiled: April 12, 2012Date of Patent: December 29, 2015Assignee: Symantec CorporationInventor: Alok Naik
-
Patent number: 9223788Abstract: A file system that includes multiple logical devices can be subdivided into multiple containers. The containers each include respective non-overlapping sets of the logical devices. An amount of memory allocated to a container is dynamic. A set of the containers can be selected for a file system consistency check. The file system consistency check is performed on only the set of the containers instead of on the entire file system.Type: GrantFiled: November 9, 2010Date of Patent: December 29, 2015Assignee: Symantec CorporationInventors: Dilip Madhusudan Ranade, Kedar Shrikrishna Patwardhan
-
Patent number: 9219611Abstract: A computer-implemented method for automating cloud-based code-signing services may include identifying, at a cloud-based code-signing service, an automatically generated request from a signing automation agent on a remote client to sign at least one file. The method may further include verifying a security credential that authorizes the remote client to access the cloud-based code-signing service. The method may also include receiving, at the cloud-based code-signing service, the file from the signing automation agent. The method may additionally include signing, by the cloud-based code-signing service, the file. The method may further include sending the signed file from the cloud-based code-signing service to the remote client. Various other methods, systems, and computer-readable media are disclosed.Type: GrantFiled: February 20, 2014Date of Patent: December 22, 2015Assignee: Symantec CorporationInventor: Alok Naik
-
Patent number: D745875Type: GrantFiled: December 13, 2012Date of Patent: December 22, 2015Assignee: Symantec CorporationInventors: Kirk Freiheit, Gregory R. Dowers, II, Robert Santiago, Jessica Rich