219 patents
Page 3 of 11
Utility
System for extracting, classifying, and enriching cyber criminal communication data
4 Jul 23
An apparatus, including systems and methods, for classifying, mapping, and predicting cybercriminal activity is disclosed herein.
Johannes Everardus Fokker
Filed: 28 Sep 20
Utility
Methods and apparatus to analyze network traffic for malicious activity
27 Jun 23
Methods, apparatus, systems and articles of manufacture are disclosed to analyze network traffic for malicious activity.
Yonghong Huang, Armando Rodriguez, Adam Wosotowsky, John Wagener, Joanna Negrete, Eric Peterson, Celeste Fralick
Filed: 13 Mar 20
Utility
Detection of ransomware
27 Jun 23
An apparatus, including systems and methods, for detecting ransomware is disclosed herein.
Oliver G. Devane, Abhishek Karnik, Sriram P
Filed: 17 Jun 20
Utility
Fuzzy hash algorithms to calculate file similarity
30 May 23
Methods, apparatus, systems and articles of manufacture to classify a first file are disclosed herein.
Di Tian
Filed: 17 May 21
Utility
Systems, methods, and media for securing connections to Internet of Things devices
30 May 23
Mechanisms (which can include systems, methods, and media) for securing connections to IoT devices are provided.
Sameer D. Karkhanis
Filed: 15 Mar 19
Utility
System, methods, and media for protecting network devices from malicious rich text format (RTF) files
23 May 23
Mechanisms, which can include systems, method, and media, for protecting network devices from malicious rich text format (RTF) files are provided, the mechanisms comprising: intercepting an RTF file destined for a network device; parsing the RTF file to identify a plurality of objects in the RTF file; checking a first object of the plurality of objects for a first heuristic; based upon an outcome of the checking of the first object for the first heuristic, increasing a cumulative weight by a first weight value; comparing the cumulative weight against at least one threshold to classify the RTF file; and based on the classification of the RTF file, taking a protective action on the RTF file.
Chintan Shah
Filed: 20 Nov 20
Utility
Methods and apparatus to accelerate security threat investigation
16 May 23
Methods, apparatus, systems and articles of manufacture are disclosed herein to accelerate security threat investigation.
Wayne Anderson
Filed: 30 Apr 20
Utility
System, method, and computer program product for preventing access to data with respect to a data access attempt associated with a remote data sharing session
9 May 23
A system, method, and computer program product are provided for preventing access to data associated with a data access attempt.
Gopi Krishna Chebiyyam, Prasanna Ganapathi Basavapatna
Filed: 4 Jan 18
Utility
Home or enterprise router-based secure domain name services
18 Apr 23
There is disclosed in one example a home router, including: a hardware platform including a processor and a memory; a local area network (LAN) interface; a data store including rules for domain name-based services; and instructions encoded within the memory to instruct the processor to: provision a certificate and key pair to provide domain name system (DNS) over hypertext transfer protocol secure (DoH) or DNS over transport layer security (DoT) services; receive on the LAN interface an encrypted DNS request; decrypt the DNS request; query the data store according to the DNS request; receive a rule for the DNS request; and execute the rule.
Tirumaleswar Reddy Konda, Shashank Jain, Himanshu Srivastava
Filed: 12 Jun 20
Utility
Detection of malicious scripted activity in fileless attacks
18 Apr 23
There is disclosed in one example a computing apparatus, including: a processor and memory; and instructions encoded within the memory to instruct the processor to: identify a scripted process for security analysis; hook application programming interface (API) calls of the scripted process to determine a plurality of pre-execution parameters and runtime parameters; assign individual scores to the pre-execution parameters and runtime parameters; compute a sum of the individual scores; compare the sum to a threshold; and detect malicious or suspicious activity if the sum is above the threshold.
Debasish Mandal, Abhishek Karnik
Filed: 30 Sep 19
Utility
Determining a reputation of data using a data visa including information indicating a reputation
11 Apr 23
Particular embodiments described herein provide for an electronic device that can be configured to receive data in a data flow, extract a data visa from the data flow, wherein the data visa is related to the data, and determine a reputation of the data from the data visa.
Michael Schneider, Paul Gartside, David Oxley, Ramon Peypoch
Filed: 29 Oct 19
Utility
Methods and apparatus for detecting anomalous activity of an IoT device
28 Mar 23
Methods, apparatus, systems, and articles of manufacture for detecting anomalous activity of an IoT device are disclosed.
Ameya Sanzgiri, Yi Zheng
Filed: 23 Aug 19
Utility
Large scale malware sample identification
28 Mar 23
A method including receiving a feature vector of an unknown sample, computing a MinHash of the unknown sample based on Jaccard-compatible features, querying a Locality Sensitive Hashing forest of known samples with the MinHash of the unknown sample to identify a first subset of known samples that are similar to the unknown sample, receiving for each individual known sample in the first subset, a feature vector including non-Jaccard distance-compatible features, computing a first sub-distance and a second sub-distance between the unknown sample and the known samples in the first subset, calculating a total distance for each known sample in the first subset by combining the first and the second sub-distances, identifying, based on the calculated total distances, a second subset of known samples that are most similar to the unknown sample, and classifying the unknown sample based on the second subset.
German Lancioni, Jonathan B. King, Steven Grobman
Filed: 30 Apr 20
Utility
System and method for notification of listening devices
21 Mar 23
There is disclosed in one example a computing apparatus, including: a hardware platform including a processor and a memory; a transceiver; a local user display; and instructions encoded within the memory to instruct the processor to: locate via the transceiver at least one nearby device; receive observational profile information for the nearby device; and display on the local user display information about the nearby device's observation abilities.
Rodney Derrick Cambridge
Filed: 12 Jun 20
Utility
Asynchronous data objects for an event driven programming language
21 Mar 23
A method for increasing scalability of asynchronous data processing includes interpreting a computer program for reading data from an input data stream, wherein the input data stream is defined in the program as an object having a function for obtaining more data from the input data stream; determining that additional data from the input data stream is required to continue execution of the function in a thread of the interpreted computer program; suspending execution of the thread responsive to a determination that the additional data is unavailable; saving a state information for the suspended thread, wherein the saved state information includes information to allow resumption of the suspended thread; generating an event indication upon availability of at least some of the additional data; and resuming execution of the suspended thread of execution and providing the additional data as a result of the function.
Olaf Bonorden
Filed: 4 Jan 18
Utility
Securing sensitive user data stored locally by an application
21 Mar 23
An apparatus, related devices and methods, having a memory element operable to store instructions; and a processor operable to execute the instructions, such that the apparatus is configured to identify sensitive user data stored in the memory by a first application, determine a risk exposure score for the sensitive user data, apply, based on a determination that the risk exposure score is above a threshold, a security policy to restrict access to the sensitive user data, receive a request from a second application to access the sensitive user data, determine whether the first application and the second application are similar applications, and allow access based on a determination that the first application and the second application are similar applications.
Shashank Jain, Urmil Mahendra Parikh, Dattatraya Kulkarni, Srikanth Nalluri
Filed: 29 May 20
Utility
System for tuning a device having security software for security and performance
14 Mar 23
An apparatus, related devices and methods, having a memory element operable to store instructions; and a processor operable to execute the instructions, such that the apparatus is configured to determine, based on operating system workload demands, whether a high-demand application is running and, based on a determination that a high-demand application is running, apply an optimization policy that modifies a security application, wherein the optimization policy modification includes reducing a protection applied by the security application.
Shuborno Biswas, Junmin Qiu, Siddaraya B. Revashetti
Filed: 29 May 20
Utility
Methods and apparatus to improve detection of malware based on ecosystem specific data
7 Mar 23
Methods, apparatus, systems, and articles of manufacture are disclosed that improve detection of malware based on ecosystem specific data.
Andres More, Celeste Fralick, Amanda House, Sherin Mathews
Filed: 30 Jun 20
Utility
Detecting data leakage to websites accessed using a remote browsing infrastructure
7 Mar 23
An apparatus, related devices and methods, having memory to store instructions; and a processor to execute the instructions, and the apparatus is configured to receive, by a remote browser isolation (RBI) proxy from a client device, a transfer request to send data to a destination application, wherein the client device is running an RBI agent and includes a Data Loss Prevention endpoint (DLPe) module, and wherein communications between the client device and the destination application are routed through the RBI proxy; receive a plurality of inputs to the client device associated with the transfer request; create a submission request that includes the plurality of inputs and metadata; send the submission request to the DLPe module; receive a response from the DLPe module, wherein the response includes an instruction to allow, to disallow, or to amend and allow the submission request; and process the submission request according to the instruction.
Andrew Naidley Juniper, Maayan Tal, Justin Timothy Cragin, Brandon Beau Adkins, Matan Gillon
Filed: 30 Sep 20
Utility
Self-organizing trusted networks
28 Feb 23
Disclosed examples include during basic discovery, provide information from a local device to a first remote trusted device, the information to indicate the local device supports trusted discovery and to establish the local device as a second remote trusted device; during the trusted discovery, access, by the local device, a trusted discovery message received from the first remote trusted device; in response to verifying security credentials identified in the trusted discovery message for the first remote trusted device: add the first remote trusted device to a trusted network including the local device; and index, by the local device, a first service hosted by the first remote trusted device in a registry, the registry to identify second services available to the local device and corresponding locations of the second services.
Ned M. Smith, Venkata Ramanan Sambandam
Filed: 29 Apr 20