Loading...
Docoh

NortonLifeLock (NLOK)

206 patents

Page 9 of 11
Utility
Systems and methods for creating application ratings
22 Jun 20
The disclosed computer-implemented method for creating application ratings may include (i) determining that a user device has downloaded an application, (ii) monitoring the usage of the application on the user device, (iii) deducing a value of the application based at least in part on the monitored usage, and (iv) creating a rating for the application that indicates the deduced value of the application.
Lei Gu, Keith Newstadt
Filed: 14 Aug 16
Utility
Insider threat detection under user-resource bi-partite graphs
15 Jun 20
A method for insider threat detection under user-resource bi-partite graphs is described.
Saurabh Shintre, Sandeep Bhatkar, Ashwin Kumar Kayyoor
Filed: 27 Sep 17
Utility
Systems and methods for evaluating unfamiliar executables
8 Jun 20
The disclosed computer-implemented method for evaluating unfamiliar executables may include (i) identifying, on the computing device, (a) a code object that is generated from source code written in a programming language, that is specified in an intermediate language different from the programming language, and that can be compiled into an executable file by a just-in-time compiler on the computing device and (b) an executable file that lacks an assigned reputation in a reputation system that distinguishes benign and malicious files, (ii) determining that the executable file was produced by the just-in-time compiler compiling the code object on the computing device, (iii) retrieving, from the reputation system, a reputation for the code object, and (iv) performing a security action on the executable file that is based on the reputation of the code object.
Brian T. Witten, Christopher Gates
Filed: 28 Nov 17
Utility
Securing a network device from a malicious embedded script hosted on a third-party domain
8 Jun 20
Securing a network device from a malicious embedded script hosted on a third-party domain.
David Luz Silva, Petros Efstathopoulos
Filed: 28 Nov 17
Utility
Systems and methods for enforcing access-control policies
1 Jun 20
The disclosed computer-implemented method for enforcing access-control policies may include (1) detecting, at a network device capable of configuring networks according to access-control policies, an attempt to connect a client to an access-controlled network, (2) identifying an access-control policy that applies to the access-controlled network, (3) configuring the access-controlled network according to the access-control policy, and (4) notifying the client that the access-controlled network is available.
Justin Harmon
Filed: 16 May 16
Utility
Systems and methods for detecting suspicious voice calls
18 May 20
The disclosed computer-implemented method for detecting suspicious voice calls may include (i) identifying an incoming voice call, (ii) extracting, from audio of the incoming voice call, a plurality of characteristics, (iii) calculating a trustworthiness score of the plurality of the characteristics based on a response by a recipient of the incoming voice call, and (iv) storing the trustworthiness score of the plurality of characteristics in a reputation database that (a) receives a request for the trustworthiness score, the request originating from an additional computing device and including an additional plurality of characteristics extracted from an additional incoming voice call, (b) determines that the additional plurality of characteristics matches the plurality of characteristics, and (c) enables the additional computing device to perform a security action on the additional incoming voice call by sending the trustworthiness to the additional computing device.
Keith Newstadt, Ilya Sokolov
Filed: 14 Dec 17
Utility
User-directed identity verification over a network
27 Apr 20
User-directed identity verification over a network.
Daniel Kats, Petros Efstathopoulos
Filed: 13 Jul 17
Utility
Systems and methods for protecting users
20 Apr 20
The disclosed computer-implemented method for protecting users may include (i) receiving, at an online social network from a first member of the online social network, a request to delegate an access right to an Internet-of-Things device possessed by the first member to a second member within the online social network to which the first member is connected as a social contact and (ii) granting, through the online social network, the request to delegate the access right to the Internet-of-Things device to the second member to provide the second member with at least a limited ability to interact with the Internet-of-Things device possessed by the first member of the online social network.
Qing Li, Samir Kapuria
Filed: 11 Aug 19
Utility
Systems and methods for detecting nonfunctional endpoint devices
13 Apr 20
The disclosed computer-implemented method for detecting nonfunctional endpoint devices may include (i) identifying, at a networking device, an endpoint device, (ii) identifying, at the networking device, a behavioral profile of the endpoint device that may include (a) a functional pattern of network behavior of the endpoint device that occurs while the endpoint device is in a functional state and/or (b) a nonfunctional pattern of network behavior of the endpoint device that occurs while the endpoint device is in a nonfunctional state, (iii) passively monitoring, at the networking device, network traffic of the endpoint device, (iv) determining, at the networking device, that the endpoint device is nonfunctional by detecting (a) an absence of the functional pattern in the network traffic and/or (b) a presence of the nonfunctional pattern in the network traffic, and (v) performing a security action.
Bruce McCorkendale, William E. Sobel
Filed: 27 Sep 16
Utility
Building a ground truth dataset for a machine learning-based security application
13 Apr 20
Building a ground truth dataset for a machine learning-based security application.
Leylya Yumer, Petros Efstathopoulos
Filed: 13 Jul 17
Utility
Systems and methods for preventing loss of possession factors
6 Apr 20
The disclosed computer-implemented method for preventing loss of possession factors may include (i) identifying an account of a user that is associated with a possession factor that is used by the user to perform a multi-factor authentication procedure that is required when accessing the account of the user, (ii) monitoring one or more attributes of at least one of the user and the possession factor, (iii) determining, based at least in part on the one or more attributes of at least one of the user and the possession factor, that the possession factor has likely been lost, and (iv) performing a security action in response to determining that the possession factor has likely been lost to prevent the user from being unable to perform the multi-factor authentication procedure.
Kevin Jiang, Ilya Sokolov
Filed: 8 Nov 16
Utility
Systems and methods for tagging client devices
23 Dec 19
The disclosed computer-implemented method for tagging client devices may include (i) receiving from a router at least one network packet that indicates that a client device has attempted to connect to the router and that includes device information identifying the client device, (ii) prompting, automatically in response to receiving the network packet indicating that the client device has attempted to connect to the router, a user to tag the client device with a descriptive name to facilitate management of the client device, (iii) receiving, in response to prompting the user to tag the client device, a tag that indicates a specific descriptive name for the client device, and (iv) transmitting, automatically in response to receiving the tag, the specific descriptive name to at least one of the router and a cloud security server.
Jin Lu, Ramakrishnan Meenakshi Sundaram
Filed: 26 Sep 17
Utility
Systems and methods for assessing cyber risks using incident-origin information
23 Dec 19
A computer-implemented method for assessing cyber risks using incident-origin information may include (1) receiving a request for a cyber-risk assessment of an entity of interest, (2) using an Internet-address data source that maps identifiers of entities to public Internet addresses of the entities to translate an identifier of the entity into a set of Internet addresses of the entity, (3) using an incident-origin data source that maps externally-detected security incidents to public Internet addresses from which the security incidents originated to translate the set of Internet addresses into a set of security incidents that originated from the entity, and (4) using the set of security incidents to generate the cyber-risk assessment of the entity.
Pierre-Antoine Vervier, Leylya Bilge, Yufei Han, Matteo Dell'Amico
Filed: 21 Jun 16
Utility
Systems and methods for chaining virtual private networks
28 Oct 19
The disclosed computer-implemented method for chaining virtual private networks may include (i) establishing a virtual private network client that routes network traffic to a virtual private network, (ii) establishing an additional virtual private network client that routes the network traffic to an additional virtual private network, (iii) configuring the virtual private network client for split routing such that the virtual private network client routes different ranges of incoming network traffic to respective different network addresses, (iv) configuring the additional virtual private network client to route all incoming network traffic according to a default route, and (v) chaining the virtual private network client and the additional virtual private network client such that they process incoming network traffic in series.
Qu Bo Song, Shaun Aimoto, Joseph Chen
Filed: 28 Jun 18
Utility
Systems and methods for reporting the attempted transmission of sensitive information
28 Oct 19
The disclosed computer-implemented method for reporting the attempted transmission of sensitive information may include (1) identifying an attempt by at least one software program running on a computing device to transmit data to one or more intended recipients, (2) determining that the data of the attempted transmission includes sensitive information, (3) identifying an intended recipient of the attempted transmission, and (4) notifying a user of the computing device both that the attempted transmission includes sensitive information and of the intended recipient of the attempted transmission.
Anubhav Savant
Filed: 11 Jun 15
Utility
Systems and methods for securing push authentications
28 Oct 19
The disclosed computer-implemented method for securing push authentications may include (i) receiving, by a security service and from a security service relying party, a push authentication for a user that the security service relying party encrypted using a public key assigned to a client device of the user, (ii) forwarding, by the security service, the push authentication to the client device of the user, (iii) receiving, by the security service, a response to the push authentication from the client device of the user, and (iv) forwarding, by the security service, the response to the push authentication from the client device of the user to the security service relying party.
Srinath Venkataramani
Filed: 26 Sep 17
Utility
Systems and methods for enforcing access-control policies in an arbitrary physical space
28 Oct 19
The disclosed computer-implemented method for enforcing access-control policies in an arbitrary physical space may include (i) identifying a collection of devices that are located within a predetermined physical space, (ii) determining the physical location of each device in the collection of devices, (iii) establishing, based on the collection of devices, (a) a list of controlled devices that are subject to an access-control policy and (b) a list of monitoring devices that are capable of monitoring user activity within a physical proximity, (iv) matching each controlled device with at least one monitoring device that is capable of monitoring user activity within physical proximity to the controlled device, and (v) monitoring, for each controlled device and by each monitoring device matched to the controlled device, user activity within proximity to the controlled device.
Lei Gu, Ilya Sokolov, Bruce McCorkendale
Filed: 27 Jun 16
Utility
Systems and methods for managing wireless-network deauthentication attacks
28 Oct 19
The disclosed computer-implemented method for managing wireless-network deauthentication attacks may include (1) detecting, at the wireless access point, a deauthentication signal, transmitted over a wireless network that is managed at least in part by the wireless access point, that prompts a target computing device to disconnect from the wireless network, (2) determining both that the deauthentication signal is directed to the target computing device and that the deauthentication signal was not initiated by the wireless access point, (3) determining, based at least in part on the determination that the deauthentication signal was not initiated by the wireless access point, that the deauthentication signal represents an illegitimate deauthentication signal, and (4) performing, in response to determining that the deauthentication signal represents an illegitimate deauthentication signal, a security action to mitigate effects of the illegitimate deauthentication signal on the target computing device.
Ramakrishnan Meenakshi Sundaram, Bruce McCorkendale, Justin Harmon, Srini Chillappa
Filed: 29 Sep 16
Utility
Providing joint access to an isolated computer object by both an isolated computer application and a non-isolated computer application
21 Oct 19
Providing joint access to an isolated computer object by both an isolated computer application and a non-isolated computer application.
Mark Kennedy
Filed: 26 Jul 17
Utility
Cascade classifier ordering
21 Oct 19
A method for improving cascade classifier ordering is described.
Ryan Curtin, Aleatha Parker-Wood, Reuben Feinman
Filed: 8 Dec 16
Patents are sorted by USPTO publication date, most recent first