Patents by Inventor Keith Newstadt

Keith Newstadt has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 11140145
    Abstract: The disclosed computer-implemented method for providing single sign-on capability may include intercepting, during an authentication session with a network resource, a single sign-on request generated by an application executing on a computing device, redirecting the single sign-on request to a separate computing device for execution, receiving, in response to authentication of at least one user credential from the separate computing device, an authentication decision that the separate computing device obtained from an identity provider (IDP) by executing the single sign-on request and injecting the authentication decision received from the separate computing device into the application where the single sign-on request was originally generated to complete the authentication session.
    Type: Grant
    Filed: June 25, 2018
    Date of Patent: October 5, 2021
    Assignee: NortonLifeLock Inc.
    Inventors: Ilya Sokolov, Keith Newstadt
  • Patent number: 11095636
    Abstract: The disclosed computer-implemented method for protecting passwords may include (i) intercepting network traffic indicating an attempted login procedure at a workload device to login to a protected resource, (ii) prompting a user, in response to intercepting the network traffic, and at an authentication device that has been registered to the user, to indicate whether to approve the attempted login procedure, (iii) collecting, at the authentication device, a credential for the attempted login procedure that was stored in a protected vault of the authentication device, (iv) providing, by the authentication device to the workload device, an authentication decision based on the collected credential, and (v) injecting, at the workload device, the authentication decision into a browser session to enable the user to complete the attempted login procedure to login to the protected resource. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: September 24, 2018
    Date of Patent: August 17, 2021
    Assignee: NortonLifeLock Inc.
    Inventors: Ilya Sokolov, Keith Newstadt
  • Patent number: 11068876
    Abstract: Purchasing related activity that is executed on computing devices on a LAN is monitored. Information is identified concerning purchases of IoT devices on the LAN, based on the monitoring of the purchasing related activity. For example, a specific purchase of a specific device (or specific device type) can be identified, or identifying information concerning a purchased device can be inferred, based on monitored purchasing related activity. IoT devices are discovered on the LAN and identified. Identifying a discovered device can further comprise interrogating the discovered device, monitoring activities of the discovered device, and/or analyzing information concerning purchases of IoT devices on the LAN. Gleaned identifying information concerning a discovered device can be used to determine or disambiguate the device's identity.
    Type: Grant
    Filed: March 30, 2018
    Date of Patent: July 20, 2021
    Assignee: Norton LifeLock
    Inventors: Ilya Sokolov, Bruce McCorkendale, Keith Newstadt
  • Patent number: 11030150
    Abstract: The disclosed computer-implemented method for classifying electronic files may include (i) identifying an electronic file that is being evaluated for importance by a file-categorization system, (ii) collecting, via at least one user-state monitoring device, information about a physical state of at least one user while the user is interacting with the electronic file, (iii) determining, based on the information about the physical state of the user while the user was interacting with the electronic file, whether the user considers the electronic file to be important, and (iv) classifying, by the file-categorization system and based at least in part on determining whether the user considers the electronic file to be important, the electronic file as an important file. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: May 1, 2017
    Date of Patent: June 8, 2021
    Assignee: NortonLifeLock Inc.
    Inventors: Ilya Sokolov, Lei Gu, Keith Newstadt
  • Patent number: 10924513
    Abstract: Systems of the present disclosure can detect user activities on endpoint devices based on the interference patterns those actions produce in wireless transmissions between those endpoint devices and another device (e.g., an edge device operating as a web security gateway). A web security gateway sends time-series data describing interference on wireless transmissions sent from, or received by, an agentless endpoint device to a network security service. In response, the network security service uses a machine-learning model to infer a type of an action that occurred on the agentless endpoint device concurrently with the wireless transmissions. The network security service sends an indication of the action type to the web security gateway. The web security gateway applies a network security policy to the action or a network communication associated therewith.
    Type: Grant
    Filed: March 30, 2018
    Date of Patent: February 16, 2021
    Assignee: NORTONLIFELOCK INC.
    Inventors: Ilya Sokolov, Keith Newstadt
  • Patent number: 10924880
    Abstract: The present disclosure includes a method for maintaining a dynamic geofence. The method receives a set of digital IDs and data pairs from a monitored user credential. Each digital ID was received by the monitored user credential as part of a wireless transmission from a node device, and each digital ID includes one or more attributes. The method retrieves a user policy that includes a required attribute and a threshold distance. The method determines whether at least one of the digital IDs includes an attribute matching the required attribute, and verifies any digital id containing the attribute matching the required attribute. The method determines the distance between the monitored user credential and the node device using the data paired with the digital ID, and determines whether the distance between the monitored user credential and the node device is less than the threshold distance.
    Type: Grant
    Filed: February 16, 2017
    Date of Patent: February 16, 2021
    Assignee: NORTONLIFELOCK INC.
    Inventors: Ilya Sokolov, Keith Newstadt
  • Patent number: 10887307
    Abstract: The disclosed computer-implemented method for identifying users may include (i) detecting that a user at an endpoint computing device is connecting to an identity provider, (ii) detecting, after detecting that the user at the endpoint computing device is connecting to the identity provider, that a mobile device has received a second-factor authentication message, (iii) discovering, by a security service, that the user at the endpoint computing device matches a known user profile registered to the mobile device by correlating the user at the endpoint computing device connecting to the identity provider with the mobile device receiving the second-factor authentication message, and (iv) applying a security policy to the user at the endpoint computing device based on the known user profile matched to the user by the security service. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: June 25, 2018
    Date of Patent: January 5, 2021
    Assignee: CA, INC.
    Inventors: Keith Newstadt, Ilya Sokolov
  • Patent number: 10819707
    Abstract: The disclosed computer-implemented method for validating a user's physical location may include (i) identifying a plurality of sensor-equipped devices that are connected to a local network, wherein the local network is associated with a physical location, (ii) receiving a request to validate that a user is present at the physical location that is associated with the local network, (iii) instructing, in response to receiving the request, the user to interact with at least one sensor-equipped device in the plurality of sensor-equipped devices, (iv) confirming, based on observing a response of the sensor-equipped device, that the user has interacted with the at least one sensor-equipped device, and (v) validating, in response to confirming that the user has interacted with the at least one sensor-equipped device, that the user is present at the physical location. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: October 31, 2017
    Date of Patent: October 27, 2020
    Assignee: NortonLifeLock, Inc.
    Inventors: Ilya Sokolov, Keith Newstadt
  • Patent number: 10820137
    Abstract: Techniques are disclosed to predict whether a current location of a mobile device corresponds to a user of that mobile device. To do so, the mobile device may evaluate information from sensors that indicate a current state of the device or device surroundings. Based on the probability, the mobile device may send the current location and the probability to a user of the mobile device, an application on the device, or another party.
    Type: Grant
    Filed: August 16, 2016
    Date of Patent: October 27, 2020
    Assignee: NortonLifeLock, Inc.
    Inventors: Keith Newstadt, Ilya Sokolov
  • Patent number: 10812981
    Abstract: The disclosed computer-implemented method for certifying geolocation coordinates of computing devices may include (i) receiving, from a client computing device, a set of geolocation coordinates that purport to identify the physical location of the client computing device, (ii) identifying, in response to receiving the geolocation coordinates, at least one cooperating geolocation device that is within physical proximity to the geolocation coordinates provided by the client computing device, (iii) performing a proximity validation check that demonstrates that the client computing device is within physical proximity to the cooperating geolocation device, and (iv) certifying, based on the proximity validation check, the geolocation coordinates as valid geolocation coordinates. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: March 22, 2017
    Date of Patent: October 20, 2020
    Assignee: NortonLifeLock, Inc.
    Inventors: Ilya Sokolov, Keith Newstadt
  • Patent number: 10778839
    Abstract: A method for detecting and preventing phishing phone calls through verified attribute analysis is described. The method may comprise receiving, by a receiving device, a phone call from a sending device and receiving identification data in parallel with the phone call, the identification data describing context of the phone call. The method may then identify an attribute assertion from the identification data. The attribute assertion may comprise a signed attribute of the phone call and may be signed by a trusted authority. The method may comprise determining content of the phone call, analyzing the content of the phone call against the signed attribute, and performing a defined operation based on a result of the analysis of the content against the signed attribute.
    Type: Grant
    Filed: March 30, 2018
    Date of Patent: September 15, 2020
    Assignee: NORTONLIFELOCK, INC.
    Inventors: Keith Newstadt, Ilya Sokolov, Venkadesan Marimuthu
  • Patent number: 10764060
    Abstract: The disclosed computer-implemented method for authenticating a multimedia stream may include generating a metadata transcript based on at least a portion of a multimedia stream and digitally signing the metadata transcript. The method may also include transmitting both the digitally signed metadata transcript and the multimedia stream to a recipient device to enable the recipient device to authenticate the multimedia stream. The recipient device may authenticate the multimedia stream based on a comparison of the digitally signed metadata transcript with an observed metadata transcript. The observed metadata transcript may be locally generated by the recipient device based on the multimedia stream. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: April 6, 2018
    Date of Patent: September 1, 2020
    Assignee: NortonLifeLock Inc.
    Inventors: Ilya Sokolov, Keith Newstadt
  • Patent number: 10693998
    Abstract: The disclosed computer-implemented method for creating application ratings may include (i) determining that a user device has downloaded an application, (ii) monitoring the usage of the application on the user device, (iii) deducing a value of the application based at least in part on the monitored usage, and (iv) creating a rating for the application that indicates the deduced value of the application. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: August 15, 2016
    Date of Patent: June 23, 2020
    Assignee: NortonLifeLock Inc.
    Inventors: Lei Gu, Keith Newstadt
  • Patent number: 10657971
    Abstract: The disclosed computer-implemented method for detecting suspicious voice calls may include (i) identifying an incoming voice call, (ii) extracting, from audio of the incoming voice call, a plurality of characteristics, (iii) calculating a trustworthiness score of the plurality of the characteristics based on a response by a recipient of the incoming voice call, and (iv) storing the trustworthiness score of the plurality of characteristics in a reputation database that (a) receives a request for the trustworthiness score, the request originating from an additional computing device and including an additional plurality of characteristics extracted from an additional incoming voice call, (b) determines that the additional plurality of characteristics matches the plurality of characteristics, and (c) enables the additional computing device to perform a security action on the additional incoming voice call by sending the trustworthiness to the additional computing device.
    Type: Grant
    Filed: December 15, 2017
    Date of Patent: May 19, 2020
    Assignee: NortonLifeLock Inc.
    Inventors: Keith Newstadt, Ilya Sokolov
  • Patent number: 10609030
    Abstract: The disclosed computer-implemented method for identifying untrusted devices in peer-to-peer communication may include (i) collecting first communication protocol MAC addresses and second communication protocol MAC addresses, (ii) determining which of the first communication protocol MAC addresses corresponds to which of the second communication protocol MAC addresses, and (iii) storing correlations between the first communication protocol MAC addresses and the second communication protocol MAC addresses. A correlation between a first communication protocol MAC address and a second communication protocol MAC address may indicate a single device having both addresses. The method may also include (i) detecting a communication on the second communication protocol, (ii) determining whether the detected communication is from an untrusted device, and (iii) performing a security action when the detected communication is from the untrusted device.
    Type: Grant
    Filed: September 28, 2017
    Date of Patent: March 31, 2020
    Assignee: CA, Inc.
    Inventors: Keith Newstadt, Ilya Sokolov
  • Patent number: 10600130
    Abstract: A user creates dynamic meta-communities that span membership of multiple existing third-party online communities, based on profile attributes. This allows the user to create targeted sub-communities for specific purposes without recreating or duplicating community information. The user can communicate with members of created meta-communities by leveraging the mechanisms provided by the third party online communities.
    Type: Grant
    Filed: August 22, 2008
    Date of Patent: March 24, 2020
    Assignee: Symantec Corporation
    Inventors: Keith Newstadt, Timothy G. Brown
  • Patent number: 10581781
    Abstract: The disclosed computer-implemented method for facilitating negotiation and exchange of information between parties may include (i) receiving, at a backend computing system from an initiating computing device, an attribute of an initiating user of the initiating computing device and a designation of a specified attribute condition, (ii) receiving, at the backend computing system from a responding computing device, an attribute of a responding user of the responding computing device, (iii) determining, at the backend computing system, whether the attribute of the responding user satisfies the specified attribute condition, and (iv) based on the attribute of the responding user satisfying the specified attribute condition, sending, from the backend computing system, the attribute of the responding user to the initiating computing device and the attribute of the responding user to the initiating computing device. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: September 27, 2016
    Date of Patent: March 3, 2020
    Assignee: CA, Inc.
    Inventors: Keith Newstadt, Ilya Sokolov
  • Patent number: 10573020
    Abstract: A method for location validation through physical surroundings is described. In one embodiment, the method includes receiving a location of a user device, transmitting to the user device, a request for additional information, receiving the additional information from the user device in response to the request, the second identifier matching the first identifier, comparing the received additional information with stored data pre-associated with the received location, and verifying the received location based at least in part on the comparing. In some embodiments, the request for additional information includes at least one of a request for a first image captured at a first direction, a request for a second image captured at a second direction, a request for a third image captured at a pre-determined tilt angle, a request for a stream of images captured in a pre-determined pattern, or any combination thereof.
    Type: Grant
    Filed: May 3, 2017
    Date of Patent: February 25, 2020
    Assignee: Symantec Corporation
    Inventors: Ilya Sokolov, Keith Newstadt
  • Patent number: 10492072
    Abstract: The disclosed computer-implemented method for evaluating wireless network connection security may include (i) detecting a wireless network connection from an Internet-of-Things device through sniffing, (ii) automatically selecting the wireless network connection as the wireless network connection to be evaluated in an analysis of network connection security, (iii) performing, in response to the automatic selecting of the wireless network connection as the wireless network connection to be evaluated, the analysis of network connection security to determine whether the wireless network connection is secure, and (iv) automatically reporting, through a physical output of the computing device and in response to performing the analysis of network connection security, a result of the analysis of network connection security to inform a user about the safety of the Internet-of-Things device. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: December 22, 2016
    Date of Patent: November 26, 2019
    Assignee: Symantec Corporation
    Inventors: Ilya Sokolov, Gopi Bhagavathula, Ning Chai, Keith Newstadt
  • Patent number: 10469457
    Abstract: A computer-implemented method for securely sharing cloud-service credentials within a network of computing devices may include (i) identifying, by a central computing device, a set of networked devices, (ii) encrypting, by the central computing device, at least one user credential for a cloud service, (iii) dividing, by the central computing device, a decryption key for decrypting the user credential into a set of fragments such that a minimum number of fragments, as defined by a security policy, is required to decrypt the user credential, and (iv) securing the user credential by distributing the set of fragments of the decryption key from the central computing device to the set of networked devices in compliance with the security policy. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: September 26, 2016
    Date of Patent: November 5, 2019
    Assignee: Symantec Corporation
    Inventors: Ilya Sokolov, Keith Newstadt