Patents by Inventor Bruce McCorkendale

Bruce McCorkendale has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 10169577
    Abstract: The disclosed computer-implemented method for detecting modification attacks on shared physical memory may include (i) identifying a page frame of physical memory that is shared by a plurality of virtual machines, (ii) calculating a first checksum for the page frame, (iii) calculating, while the page frame is shared by the plurality of virtual machines and before any of the plurality of virtual machines writes to a page of virtual memory that is mapped to the page frame, a second checksum for the page frame, (iv) detecting a modification attack (such as a rowhammer attack) on the page frame by one of the plurality of virtual machines by detecting that the first checksum does not equal the second checksum, and (v) performing a security action in response to detecting the modification attack. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: March 28, 2017
    Date of Patent: January 1, 2019
    Assignee: Symantec Corporation
    Inventors: William E. Sobel, Bruce McCorkendale
  • Patent number: 10122737
    Abstract: A router-level computer security component validates multiple endpoint computer security components on multiple endpoint devices in a local area network, based on whether given endpoints each have a specific anti-malware scanning engine and set of signatures used by the router-level component. To validate a given endpoint, the router-level component transmits a code sample which will trigger scanning by the specific anti-malware scanning engine in conjunction with a specific signature of the set, resulting in a specific detection result. In response to receiving the specific, expected detection result in return, the router-component validates the endpoint.
    Type: Grant
    Filed: June 28, 2016
    Date of Patent: November 6, 2018
    Assignee: Symantec Corporation
    Inventors: Bruce McCorkendale, Ramakrishnan Meenakshi Sundaram
  • Patent number: 10109171
    Abstract: The disclosed computer-implemented method for performing security actions based on people's actual reactions to interactions may include (i) detecting an interaction (e.g., an interaction with a digital communication) of a monitored person (e.g., a child), (ii) estimating the monitored person's expected reaction to the interaction, (iii) using contemporaneous sensor data to estimate the monitored person's actual reaction to the interaction, and (iv) performing a security action based at least in part on a comparison of the monitored person's expected reaction and the monitored person's actual reaction. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: June 20, 2017
    Date of Patent: October 23, 2018
    Assignee: Symantec Corporation
    Inventors: Arun Karthick M A M, Ramakrishnan Meenakshi Sundaram, Bruce McCorkendale
  • Patent number: 9888377
    Abstract: Ongoing analytics streams are received over time from mobile computing devices. An analytics stream comprises data corresponding to monitored activity that occurred on the originating mobile computing device. Dynamic, personalized knowledge based authentication questions are generated from analytics stream data. In response to an authentication request from a user, the user is prompted to answer a given number of current dynamic, personalized knowledge based authentication questions.
    Type: Grant
    Filed: May 25, 2016
    Date of Patent: February 6, 2018
    Assignee: Symantec Corporation
    Inventors: Bruce McCorkendale, Ilya Sokolov, Kevin Jiang
  • Patent number: 9860230
    Abstract: A computer-implemented method for digitally signing executables with reputation information is disclosed. This method may include (1) receiving a request for a reputation certificate for an executable file, (2) identifying reputation information associated with the executable file, (3) generating a digitally signed reputation certificate for the executable file that includes at least the reputation information associated with the executable file, and then (4) providing the reputation certificate in response to the request. Additional computer-implemented methods for evaluating the trustworthiness of executable files based at least in part on reputation information contained within such digitally signed reputation certificates, along with corresponding systems and computer-readable media, are also disclosed.
    Type: Grant
    Filed: August 17, 2010
    Date of Patent: January 2, 2018
    Assignee: Symantec Corporation
    Inventors: William E. Sobel, Bruce McCorkendale
  • Patent number: 9817958
    Abstract: The disclosed computer-implemented method for authenticating users may include (1) identifying at least one digital device with which a user interacts, (2) gathering information about how the user interacts with the digital device, (3) generating, based on the gathered information, an authentication protocol for authenticating the user, and (4) using the authentication protocol to authenticate the user. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: August 25, 2015
    Date of Patent: November 14, 2017
    Assignee: Symantec Corporation
    Inventor: Bruce McCorkendale
  • Patent number: 9734037
    Abstract: Applications on a mobile device are sampled for detecting applications causing performance problems on the device. The method includes periodically logging performance information for a mobile device suspected to be having performance problems. The method further includes periodically logging identifying information about multiple applications on the mobile device. The method also includes periodically providing to a security server the logged performance information for the mobile device and the logged identifying information about the applications. In addition, the method includes, in response to a request from the security server for more information about one of the applications, providing a copy of the application to the security server for analysis of the impact by the application on performance of the mobile device. The method can further include receiving from the security server an indication that the application for which the copy was provided is causing a performance problem on the mobile device.
    Type: Grant
    Filed: September 15, 2009
    Date of Patent: August 15, 2017
    Assignee: Symantec Corporation
    Inventors: Bruce McCorkendale, John P. Kelly, Brian Hernacki
  • Patent number: 9697660
    Abstract: The disclosed computer-implemented method for verifying user attributes may include (1) receiving a request to verify an attribute of a user who claims to be a particular person, (2) determining that the attribute can be verified using a trusted record that is associated with the particular person, (3) determining that the trusted record is associated with a vehicle to which the particular person has access rights, (4) confirming that the user has physical access to the vehicle by performing an access-validation check, and (5) in response to confirming that the user has physical access to the vehicle, using the trusted record to verify the attribute of the user. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: December 31, 2015
    Date of Patent: July 4, 2017
    Assignee: Symantec Corporation
    Inventors: Ilya Sokolov, Kevin Jiang, Bruce McCorkendale
  • Patent number: 9626511
    Abstract: Application authorization management is provided without installation of an agent at an operating system level. A component runs outside of the operating system, in an AMT environment. AMT is utilized to examine the operating system for applications. Identified applications are checked against a whitelist or a blacklist. Responsive to determining that an identified application is not authorized, AMT is used to redirect input/output requests targeting the application to an alternative image, which can, for example, warn the user that the application is not authorized.
    Type: Grant
    Filed: August 26, 2008
    Date of Patent: April 18, 2017
    Assignee: Symantec Corporation
    Inventors: Bruce McCorkendale, Matthew Steele, William E. Sobel
  • Patent number: 9621585
    Abstract: Computer security threats are increasing in customization and complexity of attacks, expanding the burden on security companies in addressing the wide-array of threats. Functional classification is used here to determine the likely role a client and its user play to personalize computer security according to client/user role. A security module analyzes the client to identify data or applications present on the client or activities performed using the client. Based on this analysis, the security module predicts the role of the client or a user of the client. The module further dynamically generates a security policy that is personalized to and optimized for the client or the user based on the role predicted and on computer security threats expected to affect the client or user based on the role. The module then applies the security policy generated to provide personalized security.
    Type: Grant
    Filed: July 25, 2011
    Date of Patent: April 11, 2017
    Assignee: SYMANTEC CORPORATION
    Inventors: Sourabh Satish, Bruce McCorkendale
  • Patent number: 9614826
    Abstract: A computer-implemented method for protecting sensitive data is described. In one embodiment, the method includes identifying data stored at a first storage system. The identified data is classified as sensitive data. The method includes copying at least a portion of the identified sensitive data from the first storage system, transferring the copied portion of the identified sensitive data from the first storage system to a file stored at a second storage system, and storing a virtual symbolic link at the first storage system. The virtual symbolic link includes information regarding the file stored at the second storage system.
    Type: Grant
    Filed: May 20, 2014
    Date of Patent: April 4, 2017
    Assignee: Symantec Corporation
    Inventor: Bruce McCorkendale
  • Patent number: 9569205
    Abstract: A computer-implemented method for remotely configuring applications may include (1) identifying a centrally administered application that includes a configuration specification that defines at least one setting available for the centrally administered application and that is prepared to provide the configuration specification, (2) identifying, by extracting the configuration specification for the centrally administered application, a settings field of the configuration specification, (3) creating a settings configuration policy that specifies a value for the settings field, (4) detecting an instance of the centrally administered application that includes the configuration specification, and (5) pushing the value for the settings field to the instance of the centrally administered application in accordance with the settings configuration policy. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: June 10, 2013
    Date of Patent: February 14, 2017
    Assignee: Symantec Corporation
    Inventors: Bruce McCorkendale, Thomas Enderwick
  • Patent number: 9565192
    Abstract: IoT devices are secured on multiple local area networks. Each local network contains a router which monitors activities of IoT devices, and transmits corresponding information to a backend server. The backend amalgamates this information, calculates dynamic reputation scores, and determines expected authorized activities for specific IoT devices. Based thereon, the backend creates a constraint profile for each IoT device, and transits the constraint profiles to the routers for enforcement. Enforcing a constraint profile can include creating multiples VLANs with varying levels of restricted privileges on a given local area network, and isolating various IoT devices in specific VLANs based on their reputation scores. Constraint profiles can specify to enforce specific firewall rules, and/or to limit an IoT device's communication to specific domains and ports, and/or to specific content.
    Type: Grant
    Filed: June 23, 2015
    Date of Patent: February 7, 2017
    Assignee: Symantec Corporation
    Inventors: Srinivas Chillappa, Bruce McCorkendale
  • Publication number: 20160381030
    Abstract: IoT devices are secured on multiple local area networks. Each local network contains a router which monitors activities of IoT devices, and transmits corresponding information to a backend server. The backend amalgamates this information, calculates dynamic reputation scores, and determines expected authorized activities for specific IoT devices. Based thereon, the backend creates a constraint profile for each IoT device, and transits the constraint profiles to the routers for enforcement. Enforcing a constraint profile can include creating multiples VLANs with varying levels of restricted privileges on a given local area network, and isolating various IoT devices in specific VLANs based on their reputation scores. Constraint profiles can specify to enforce specific firewall rules, and/or to limit an IoT device's communication to specific domains and ports, and/or to specific content.
    Type: Application
    Filed: June 23, 2015
    Publication date: December 29, 2016
    Inventors: Srinivas Chillappa, Bruce McCorkendale
  • Patent number: 9525664
    Abstract: A computer-implemented method for providing secure access to local network devices may include (1) identifying a local area network that provides Internet connectivity to at least one device within the local area network, (2) obtaining, from an identity assertion provider, (i) a shared secret for authenticating the identity of a guest user of the device and (ii) a permission for the guest user to access the device from outside the local area network, (3) storing the shared secret and the permission within the local area network, (4) receiving, via the Internet connectivity, a request by the guest user from outside the local area network to access the device, and (5) providing access to the device in response to validating the request based on the shared secret and the permission. Various other methods and systems are also disclosed.
    Type: Grant
    Filed: February 28, 2014
    Date of Patent: December 20, 2016
    Assignee: Symantec Corporation
    Inventors: William E. Sobel, Bruce McCorkendale
  • Patent number: 9495538
    Abstract: Security software on a client observes a request for a resource from an application on the client and then determines the application's reputation. The application's reputation may be measured by a reputation score obtained from a remote reputation server. The security software determines an access policy from a graduated set of possible access policies for the application based on the application's reputation. The security software applies the access policy to the application's request for the resource. In this way, the reputation-based system uses a graduated trust scale and a policy enforcement mechanism that restricts or grants application functionality for resource interactivity along a graduated scale.
    Type: Grant
    Filed: September 25, 2008
    Date of Patent: November 15, 2016
    Assignee: Symantec Corporation
    Inventors: Kenneth Schneider, Bruce McCorkendale
  • Patent number: 9450960
    Abstract: A method includes creating a virtual machine including a remote file system, a file system service, and a security application. Access to the remote file system is restricted with the security application upon an unknown malicious code outbreak. The more that is known about the threat, the more precise are the restrictions placed upon the file system thus reducing the impact on users of the file system to an absolute minimum.
    Type: Grant
    Filed: November 5, 2008
    Date of Patent: September 20, 2016
    Assignee: Symantec Corporation
    Inventors: Bruce McCorkendale, William E. Sobel
  • Patent number: 9396498
    Abstract: A computer-implemented method may include facilitating registration for a service capable of determining whether strangers who come in contact with one another share one or more characteristics in common. The computer-implemented method may also include obtaining, as part of the registration for the service, permission for the service to access at least a portion of one or more social-networking accounts associated with each of the strangers. The computer-implemented method may further include determining, subsequent to the registration for the service, that the strangers registered for the service have come in contact with one another and then providing the service to the strangers in response to this determination. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: November 22, 2011
    Date of Patent: July 19, 2016
    Assignee: Symantec Corporation
    Inventors: Xiaole Zhu, Xue Feng Tian, Bruce McCorkendale
  • Patent number: 9384654
    Abstract: Locations of animate and inanimate items are tracked over time. Tracking policies concerning the items are enforced, based on detected spatiotemporal events. Multiple routers each maintain a captive network to which mobile computing devices automatically connect. Users register mobile computing devices, which are associated with items to be tracked. A backend server maintains records concerning registered mobile computing devices. Records contain identifiers of registered mobile computing devices and their associated items, as well as categorization information and tracking policies concerning the items. Over time, registered mobile computing devices are moved around, causing them to connect to and disconnect from different captive networks. These connection events are reported to the backend, which uses this data to track locations of items over time.
    Type: Grant
    Filed: December 31, 2014
    Date of Patent: July 5, 2016
    Assignee: Symantec Corporation
    Inventors: Srinivas Chillappa, Bruce McCorkendale
  • Patent number: 9298914
    Abstract: Anomalous access activity is detected and managed. Access of enterprise data on multiple client computers is monitored and logged. The resulting log information identifies accessed units of enterprise data and corresponding access context. Log information concerning access of specific units of data on multiple client computers is received over a period of time and amalgamated. Statistical analysis is performed on amalgamated log information, thereby determining access baselines for data over the time period. Received log information concerning access of a specific unit of data on a specific client computer is compared to corresponding access baseline(s). Responsive to the comparison indicating that the access deviates from a baseline in excess of a threshold, the access is classified as being anomalous. Alerts are automatically output in response to detecting anomalous data access.
    Type: Grant
    Filed: December 3, 2013
    Date of Patent: March 29, 2016
    Assignee: Symantec Corporation
    Inventor: Bruce McCorkendale