Patents Assigned to Symantec
-
Patent number: 9202050Abstract: A computer-implemented method for detecting malicious files may include determining that a file on a client system may be subject to a security assessment, generating an initial fingerprint of the file, the generation of the initial fingerprint excluding at least part of the file, sending the initial fingerprint to a server and receiving a response from the server including an indication that the initial fingerprint matches at least one known malicious file but that the file from which the initial fingerprint was generated may not match the malicious file, generating an additional hash of the file on the client system based at least in part on the part of the file excluded in the generation of the initial fingerprint, sending the additional hash to the server, and receiving a response indicating that the file on the client system is malicious. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: December 14, 2012Date of Patent: December 1, 2015Assignee: Symantec CorporationInventor: Carey Nachenberg
-
Patent number: 9202076Abstract: A computer-implemented method for sharing data stored on secure third-party storage platforms may include (1) identifying a request from a client system for a token that provides temporary access to an encrypted file stored under a user account, (2) identifying, in response to the request, an asymmetric key pair designated for the user account that includes an encryption key and a decryption key that has been encrypted with a client-side key, (3) receiving, from the client system, the client-side key, (4) decrypting the decryption key with the client-side key, (5) using the decryption key to generate temporary decryption data that facilitates the decryption of the encrypted file and that is set to expire, (6) generating the token and designating the temporary decryption data as available in exchange for the token, and (7) providing the token to the client system. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: July 26, 2013Date of Patent: December 1, 2015Assignee: Symantec CorporationInventors: Steve Chazin, Walter Bogorad, Phil Polishuk
-
Patent number: 9203850Abstract: A computer-implemented method for detecting private browsing mode may include (1) determining that a browser application is operating as a foreground application on the computing device, (2) detecting computing activity occurring on the computing device while the browser is operating in the foreground, (3) determining that no new entry has been made in the browser's history, (4) in response to determining that no new entry has been made in the browser's history, incrementing a certainty level score that identifies a level of certainty that the browser is executing in private browsing mode, (5) determining that the certainty level score has exceeded a certainty threshold, indicating that the browser is likely to be executing in private browsing mode, and (6) performing a security action in response to determining that the browser is likely to be executing in private browsing mode. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: February 12, 2014Date of Patent: December 1, 2015Assignee: Symantec CorporationInventors: Jimmy Chen, Charles Trinh
-
Patent number: 9202063Abstract: A method and apparatus for monitoring network-based printing for data loss prevention (DLP). A DLP system may monitor outbound data transfers performed by a computing system, and detect a network print request in a current one of the outbound data transfers being sent to a network-based printer over a network, the network print request identifying data to be printed by the network-based printer. The DLP system determines whether the identified data of the current outbound data transfer violates a DLP policy and prevents the current outbound data transfer when the current outbound data transfer violates the DLP policy.Type: GrantFiled: April 23, 2012Date of Patent: December 1, 2015Assignee: SYMANTEC CORPORATIONInventors: Prasad D. Ekke, Milind Torney
-
Publication number: 20150341342Abstract: Techniques are disclosed for rapidly securing a server in response to request for a high-assurance digital certificate. As described, a CA may issue a basic tier certificate after performing a verification process to confirm that a party requesting a certificate for a given network domain, in fact, has control of that domain. Once issued and provisioned on the server, the server can establish secure connections with clients. At the same time, the CA continues to perform progressive identity verification processes for progressively higher tiers of certificates. Once the identity verification process at each tier is complete, the CA issues a new certificate for the corresponding tier, which may then be provisioned on the server. After performing all of the identity verification processes, the server can issue the requested high-assurance certificate.Type: ApplicationFiled: May 23, 2014Publication date: November 26, 2015Applicant: Symantec CorporationInventor: Michael KLIEMAN
-
Patent number: 9195528Abstract: A computer-implemented method for managing failover clusters. The method may include maintaining a failover cluster comprising first and second cluster nodes, identifying a first instance of a service group on the first cluster node, and initiating failover of the first cluster node to the second cluster node. The method may also include bringing at least a portion of a second instance of the service group online before taking the first instance of the service group completely offline. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: February 24, 2010Date of Patent: November 24, 2015Assignee: Symantec CorporationInventor: Pooja Sarda
-
Patent number: 9197711Abstract: A computer-implemented method for detecting the presence of web tracking may include identifying an Internet resource that may be retrieved from an initial domain and that may trigger a hypertext transfer protocol request directed to an additional domain that may be different from the initial domain, determining, based on a difference between the initial domain and the additional domain, that the hypertext transfer protocol request may include a third-party hypertext transfer protocol request, identifying a hypertext transfer protocol cookie that may be sent from the additional domain in response to the third-party hypertext transfer protocol request and determining, based on an expiration date of the hypertext transfer protocol cookie and the difference between the initial domain and the additional domain, that the hypertext transfer protocol cookie may include a third-party tracking cookie. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: February 22, 2013Date of Patent: November 24, 2015Assignee: Symantec CorporationInventors: Petros Efstathopoulos, Tai-Ching Li
-
Patent number: 9197662Abstract: A computer-implemented method for optimizing scans of pre-installed applications may include (1) identifying, on a client device, a plurality of applications that are subject to scan-based assessments, (2) determining that the plurality of applications were pre-installed on the client device via a system image for the client device, (3) generating a fingerprint that represents the system image, and (4) fulfilling the scan-based assessments for the plurality of applications by transmitting the fingerprint that represents the system image to an assessment server and receiving, in response, an assessment of the system image. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: February 26, 2014Date of Patent: November 24, 2015Assignee: Symantec CorporationInventor: Jun Mao
-
Patent number: 9191381Abstract: A computing system of an authentication service provider receives a federated identity protocol request triggered by a relying party to validate a user. The federated identity protocol request includes a user identifier of an authenticated identity. The computing system searches mapping data stored in a data store that is coupled to the computing system to identify a type of virtual token associated with the user identifier and authenticates the user by requesting the identified type of virtual token from a user device and verifying a virtual token received from the user device using the mapping data. The computing system sends second-factor authentication results to the relying party via the federated identity protocol.Type: GrantFiled: August 25, 2011Date of Patent: November 17, 2015Assignee: Symantec CorporationInventors: Nicolas Popp, Alan Dundas, Siddharth Bajaj, Mingliang Pei, Liyu Yi, John Smith
-
Patent number: 9189629Abstract: A computer-implemented method for discouraging polymorphic malware may comprise: 1) receiving a request to register a file in a registration database, 2) applying a registration tax to the file, 3) determining, based on whether the registration tax for the file has been satisfied, whether to register the file in the registration database, and then 4) determining, based at least in part on whether the file has been registered in the registration database, whether to add the file to an approved-file database. A method for determining whether to allow files on a computing device to execute using such an approved-file database is also disclosed. Corresponding systems and computer-readable media are also disclosed.Type: GrantFiled: August 28, 2008Date of Patent: November 17, 2015Assignee: Symantec CorporationInventors: Carey S. Nachenburg, Michael Spertus
-
Patent number: 9191279Abstract: A computer-implemented method for data loss prevention may include 1) identifying a file hierarchy within a file system (where, e.g., the file hierarchy includes a plurality of files and folders), 2) identifying a defined file hierarchy structure that is associated with a data loss prevention policy (where, e.g., the defined file hierarchy structure identifies the relative locations of files and folders), 3) determining that the file hierarchy is implicated in the data loss prevention policy by determining that the defined file hierarchy structure corresponds to the file hierarchy, and 4) applying the data loss prevention policy to at least a portion of the file hierarchy based on determining that the file hierarchy is implicated in the data loss prevention policy. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: May 31, 2012Date of Patent: November 17, 2015Assignee: Symantec CorporationInventors: Milind Torney, Piyush Sharma
-
Patent number: 9189626Abstract: Techniques for detecting malicious code are disclosed. In one particular embodiment, the techniques may be realized as a method for detecting malicious code comprising the steps of identifying a query to a domain name service that resolves to a local address; identifying the process that originated the identified query; and designating the identified process as infected based on identifying the process as having originated the query that resolved to a local address.Type: GrantFiled: September 24, 2013Date of Patent: November 17, 2015Assignee: Symantec CorporationInventors: Adam Overfield, Kevin Roundy, Jie Fu, Tao Cheng, Zhi Kai Li
-
Patent number: 9183205Abstract: Various systems and methods for creating a user-based backup. For example, one method can involve receiving a request to perform a backup operation. The request includes information that identifies a user. The method also involves selecting a set of data objects based on detecting that the set of data objects is associated with the user. The set of data objects is a subset of the objects stored on one or more storage devices. The generated user-based backup will include only the data objects in the set, that is, only data objects that are associated with the user identified in the request to perform the backup operation.Type: GrantFiled: October 5, 2012Date of Patent: November 10, 2015Assignee: Symantec CorporationInventors: Abhijit Subhash Kurne, Pillai Biju Shanmugham, Mandar Raghunath Upadhye
-
Patent number: 9183377Abstract: A possibly pre-infected system is inspected for the existence of tracked application-specific accounts. In a tracked application-specific account is found, the system is further audited to verify that only authorized processes are using the account and that the authorized account creation application is installed on the host computer system.Type: GrantFiled: June 18, 2008Date of Patent: November 10, 2015Assignee: Symantec CorporationInventors: William E. Sobel, Brian Hernacki, Mark Kennedy
-
Patent number: 9185119Abstract: The disclosed computer-implemented method for detecting malware using file clustering may include (1) identifying a file with an unknown reputation, (2) identifying at least one file with a known reputation that co-occurs with the unknown file, (3) identifying a malware classification assigned to the known file, (4) determining a probability that the unknown file is of the same classification as the known file, and (5) assigning, based on the probability that the unknown file is of the same classification as the known file, the classification of the known file to the unknown file. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: May 8, 2014Date of Patent: November 10, 2015Assignee: Symantec CorporationInventors: Acar Tamersoy, Kevin A. Roundy, Daniel Marino
-
Patent number: 9185108Abstract: A scalable system and method for authenticating entities such as consumers to entities with a diverse set of authentication requirements, such as merchants, banks, vendors, other consumers, and so on. An authentication credential such as a token can be shared among several resources as a way to authenticate the credential owner.Type: GrantFiled: May 5, 2006Date of Patent: November 10, 2015Assignee: Symantec CorporationInventors: David M'Raihi, Siddharth Bajaj, Nicolas Popp
-
Patent number: 9183127Abstract: A region of memory is logically divided into a number of segments, each of which is logically divided into a number of blocks. Blocks are allocated sequentially. A head pointer and a tail pointer demarcate the section of allocated blocks. As allocated blocks are added, the tail pointer is moved so that it remains at the end of the section of allocated blocks. If the tail pointer is within a threshold distance of the head pointer, then the head pointer is moved from its current position to a new position, and the allocated blocks between the current and new positions are freed (deallocated and/or erased). Thus, writes to the memory can be performed sequentially, and blocks can be freed in advance of when they are actually needed.Type: GrantFiled: June 20, 2012Date of Patent: November 10, 2015Assignee: Symantec CorporationInventors: Dilip Madhusudan Ranade, Niranjan Pendharkar, Anindya Banerjee
-
Patent number: 9183094Abstract: Various systems and methods for configuring a duplication operation. For example, a method involves specifying a duplication window, a source storage device, and a target storage device. When a duplication operation is executed, data is copied from the source storage device to the target storage device during the duplication window. The method also involves calculating a predicted duplication rate, where the predicted duplication rate is an estimate of a rate at which data can be copied from the source storage device to the target storage device.Type: GrantFiled: May 25, 2012Date of Patent: November 10, 2015Assignee: Symantec CorporationInventor: Thomas G. Clifford
-
Patent number: 9183384Abstract: A method and apparatus for automatically training a data loss prevention (DLP) agent deployed on an endpoint device is described. In one embodiment, the method includes monitoring information content on a client computer system for violations of a policy. The method further includes determining, with the client computer system, whether a violation of the policy has occurred for the information content based on a classifier. The method may also include transmitting monitored data indicative of a policy decision and the information content to a remote system and receiving a response from the remote system including an updated classifier, wherein the updated classifier was automatically generated by the remote system utilizing fingerprint matching.Type: GrantFiled: November 2, 2009Date of Patent: November 10, 2015Assignee: Symantec CorporationInventor: Lawrence Bruhmuller
-
Patent number: D744518Type: GrantFiled: December 13, 2012Date of Patent: December 1, 2015Assignee: Symantec CorporationInventors: Theodore J Kaiser, IV, Gregory R. Dowers, II, Bradley I Willadsen, James R. Talton, Jessica Rich