专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

WO2019236170A1 SYSTEMS AND METHODS FOR IDENTIFYING DATA BREACHES 审中-公开
公开(公告)号：WO2019236170A1
公开(公告)日：2019-12-12
申请号：PCT/US2019/023863
申请日：2019-03-25
申请人： SYMANTEC CORPORATION
发明人： ANGARA, SriHarsha , LO, Michael , CHILLAPPA, Srini , TIKU, Simon , MEHTA, Viral , MEEHAN, John
IPC分类号： G06F21/62 , H04L29/06
摘要： The disclosed computer-implemented method for detecting unauthorized data shares may include (1) providing a user of an anonymized inbox with an email alias to use for a particular online entity, (2) identifying one or more emails sent to the email alias from one or more different entities that are different from the particular online entity, (3) determining, based on the one or more emails having been sent by the different entities, that the particular online entity has shared the user's email alias with other entities, and (4) creating a privacy score for the particular online entity based at least in part on the determination that the particular online entity has shared the user's email alias with other entities. Various other methods, systems, and computer-readable media are also disclosed.

2. 发明申请

WO2018052510A1 SYSTEMS AND METHODS FOR DETECTING MALICIOUS PROCESSES ON COMPUTING DEVICES 审中-公开
标题翻译：用于检测计算设备上的恶意进程的系统和方法
公开(公告)号：WO2018052510A1
公开(公告)日：2018-03-22
申请号：PCT/US2017/041169
申请日：2017-07-07
申请人： SYMANTEC CORPORATION
发明人： FERRIE, Peter
IPC分类号： G06F21/56
摘要： The disclosed computer-implemented method for detecting malicious processes on computing devices may include (i) identifying a portion of data on a computing device that is stored in an unrestricted section of memory and accessed by processes while running on the computing device, (ii) allocating a restricted section of memory within the computing device and indicating that the portion of data is located in the restricted section of memory, (iii) detecting an attempt by a process running on the computing device to access the portion of data within the restricted section of memory using an unexpected access method, (iv) determining, based at least in part on the process attempting to access the portion of data within the restricted section of memory using the unexpected access method, that the process is malicious, and (v) performing a security action on the computing device to prevent the malicious process from harming the computing device.
摘要翻译：用于检测计算设备上的恶意进程的所公开的计算机实现的方法可以包括（i）识别计算设备上的数据的一部分，该数据存储在存储器的不受限制的部分中并且在运行时由进程访问在所述计算设备上，（ii）在所述计算设备内分配存储器的限制部分并且指示所述数据部分位于所述存储器的受限制部分中，（iii）检测在所述计算设备上运行的进程的尝试以访问（iv）至少部分基于尝试使用所述意外访问方法访问所述存储器的所述受限区段内的所述数据的所述部分的所述过程来确定所述存储器的所述受限区段内的所述数据的所述部分，过程是恶意的，以及（v）在计算设备上执行安全行为以防止恶意过程危害计算设备。

3. 发明申请

WO2017196463A1 SYSTEMS AND METHODS FOR DETERMINING SECURITY RISK PROFILES 审中-公开
标题翻译：确定安全风险特征的系统和方法
公开(公告)号：WO2017196463A1
公开(公告)日：2017-11-16
申请号：PCT/US2017/026181
申请日：2017-04-05
申请人： SYMANTEC CORPORATION
发明人： RANJAN, Gyan
IPC分类号： G06F21/50
摘要： A computer-implemented method for determining security risk profiles may include (1) detecting a security breach of an entity within a set of entities, (2) constructing a peer-similarity graph that identifies an incentive to attack the entity in comparison to other entities within the set of entities, (3) creating, using the peer-similarity graph, a security risk profile for each entity in the set of entities, (4) automatically adjusting at least one security risk profile based on the detected security breach, and (5) updating a security database with the adjusted security risk profile. Various other methods, systems, and computer-readable media are also disclosed.
摘要翻译：用于确定安全风险简档的计算机实现的方法可以包括（1）检测一组实体内的实体的安全违规，（2）构建识别对（3）使用同级相似度图创建该组实体中的每个实体的安全风险简档，（4）自动调整至少一个安全风险简档基于检测到的安全漏洞，以及（5）用调整后的安全风险简档更新安全数据库。还公开了各种其他方法，系统和计算机可读介质。

4. 发明申请

WO2017171954A1 SYSTEMS AND METHODS FOR DETECTING SECURITY THREATS 审中-公开
标题翻译：用于检测安全威胁的系统和方法
公开(公告)号：WO2017171954A1
公开(公告)日：2017-10-05
申请号：PCT/US2016/069027
申请日：2016-12-28
申请人： SYMANTEC CORPORATION
发明人： ROUNDY, Kevin Alejandro , HART, Michael , GATES, Christopher
IPC分类号： H04L29/06 , G06F21/55
摘要： The disclosed computer-implemented method for detecting security threats may include (1) detecting, by a software security program, a security incident at a client device such that the software security program generates a signature report to identify the security incident, (2) querying an association database with the signature report to deduce another signature report that a different software security program would have predictably generated at the client device, the different software security program having been unavailable at the client device at a time of detecting the security incident, and (3) performing at least one protective action to protect the client device from a security threat associated with the security incident based on the other signature report deduced by querying the association database. Various other methods, systems, and computer-readable media are also disclosed.
摘要翻译：所公开的用于检测安全威胁的计算机实现的方法可以包括（1）由软件安全程序检测客户端设备处的安全事件，使得软件安全程序生成签名报告以识别（2）用签名报告查询关联数据库以推导出另一个签名报告，即另一个软件安全程序将在客户端设备处预测地产生，不同的软件安全程序一次在客户端设备处不可用（3）基于通过查询关联数据库推导出的另一个签名报告来执行至少一个保护动作以保护客户端设备免受与安全事件相关联的安全威胁。还公开了各种其他方法，系统和计算机可读介质。

5. 发明申请

WO2017147346A1 SYSTEM AND METHOD FOR SERVICE ASSISTED MOBILE PAIRING OF PASSWORD-LESS COMPUTER LOGIN 审中-公开
标题翻译：用于无密码计算机登录的服务辅助移动配对的系统和方法
公开(公告)号：WO2017147346A1
公开(公告)日：2017-08-31
申请号：PCT/US2017/019213
申请日：2017-02-23
申请人： SYMANTEC CORPORATION
发明人： PEI, Mingliang , GATTANI, Shantanu , ANTONYRAJ, Rosarin Jolly
IPC分类号： H04L9/32 , H04L9/30 , G06K19/06
CPC分类号： H04L63/083 , G09C5/00 , H04L9/0822 , H04L9/0825 , H04L9/0894 , H04L9/14 , H04L9/3226 , H04L9/3228 , H04L9/3234 , H04L63/0428 , H04L63/061 , H04L63/0838 , H04L63/0853 , H04L67/10 , H04L2209/80 , H04L2463/062 , H04W12/04 , H04W12/06
摘要： A system and method for pairing a mobile device with a computer for password-less login using a network service is provided. The method may include sending a pairing request to a network server from a computing device, wherein the pairing request includes computer authentication data and a computer public key. The network server may pair the mobile device with the computing device; wherein, the computing device may generate a pairing secret key and an associated QR image, which the user is prompted to scan using the mobile device. A pairing agent within the mobile device may validate the computer authentication data and parse the computer public key therefrom. In some embodiments a PIN could be displayed by the computer and entered by the user into the mobile device or silently exchanged between the computer and the mobile device, when proximate to each other, for the mutual authentication data validation. The method may further include registering the user mobile and computer devices for administrative management at the network server for an enterprise deployment or end user self-service management.
摘要翻译：提供了一种用于使移动设备与计算机配对以使用网络服务进行无密码登录的系统和方法。该方法可以包括从计算设备向网络服务器发送配对请求，其中配对请求包括计算机认证数据和计算机公钥。网络服务器可以将移动设备与计算设备配对; 其中，计算设备可以生成配对秘密密钥和相关QR图像，用户被提示使用移动设备进行扫描。移动设备内的配对代理可以验证计算机认证数据并从中解析计算机公钥。在一些实施例中，PIN可以由计算机显示并且由用户输入到移动设备中或者在彼此靠近时在计算机和移动设备之间静默交换以用于相互验证数据验证。该方法可以进一步包括在用于企业部署或最终用户自助服务管理的网络服务器处注册用户移动和计算机设备用于管理管理。

6. 发明申请

WO2017091292A1 SYSTEMS AND METHODS FOR IDENTIFIYING COMPROMISED DEVICES WITHIN INDUSTRIAL CONTROL SYSTEMS 审中-公开
标题翻译：用于在工业控制系统中识别经过压缩的设备的系统和方法
公开(公告)号：WO2017091292A1
公开(公告)日：2017-06-01
申请号：PCT/US2016/054002
申请日：2016-09-27
申请人： SYMANTEC CORPORATION
发明人： CORRALES, Ignacio Bermudez , TONGAONKAR, Alok
IPC分类号： G05B19/418 , H04L29/06
CPC分类号： H04L63/1425 , G05B19/4185 , H04L63/1441
摘要： The disclosed computer--implemented method for identifying compromised devices within industrial control systems may include monitoring (302) network traffic within a network that facilitates communication for an industrial control system that includes an industrial device, creating (304), based at least in part on the network traffic, a message protocol profile for the industrial device that describes a network protocol used to communicate with the industrial device and normal communication patterns of the industrial device, detecting (306) at least one message that involves the industrial device and at least one other computing device included in the industrial control system, determining (308), by comparing the message with the message protocol profile, that the message represents an anomaly, and then determining (310), based at least in part on the message representing the anomaly, that the other computing device has likely been compromised. Various other methods, systems, and computer-readable media are also disclosed.
摘要翻译：用于识别工业控制系统内的受损设备的所公开的计算机实现的方法可以包括监视（302）网络内的网络流量，该网络流量促进用于包括工业设备的工业控制系统的通信，创建（302）至少部分地基于所述网络业务，确定用于所述工业设备的消息协议简档，所述消息协议简档描述用于与所述工业设备通信的网络协议和所述工业设备的正常通信模式;检测（306）至少一个消息其涉及所述工业设备和包括在所述工业控制系统中的至少一个其它计算设备，通过将所述消息与所述消息协议简档进行比较来确定（308）所述消息表示异常，并且然后基于至少部分地基于表示异常的消息，其他计算设备可能已经被损害。还公开了各种其他方法，系统和计算机可读介质。

7. 发明申请

WO2017083023A1 SYSTEMS AND METHODS FOR PROTECTING BACKED-UP DATA FROM RANSOMWARE ATTACKS 审中-公开
标题翻译：用于保护来自RANSOMWARE攻击的备份数据的系统和方法
公开(公告)号：WO2017083023A1
公开(公告)日：2017-05-18
申请号：PCT/US2016/053983
申请日：2016-09-27
申请人： SYMANTEC CORPORATION
发明人： GU, Lei , BOUCHER, Matt
IPC分类号： G06F21/56 , G06F11/14
CPC分类号： G06F21/602 , G06F11/1446 , G06F11/1451 , G06F21/554 , G06F21/566 , G06F2221/034
摘要： The disclosed computer-implemented method for may include (1) determining that a backup system periodically backs up at least one file stored at a computing device to a remote storage system by storing a copy of the file at the remote storage system, (2) identifying one or more characteristics of the file backed up by the backup system, (3) storing a tripwire file with the one or more characteristics at the computing device, (4) determining that the file stored at the computing device has likely been encrypted by ransomware executing on the computing device by detecting that the tripwire file has been modified, (5) performing an action that prevents the backup system from replacing the copy of the file at the remote storage system with a copy of the encrypted file. Various other methods, systems, and computer-readable media are also disclosed.
摘要翻译：所公开的计算机实现的方法可以包括（1）确定备份系统通过将文件的副本存储在存储在计算设备处的至少一个文件周期性地备份到远程存储系统远程存储系统，（2）识别由备份系统备份的文件的一个或多个特征，（3）在计算设备处存储具有一个或多个特征的tripwire文件，（4）确定存储在计算设备可能已经被在计算设备上执行的勒索软件通过检测到tripwire文件已被修改而被加密，（5）执行动作以防止备份系统用远程存储系统替换该文件的副本的加密文件。还公开了各种其他方法，系统和计算机可读介质。

8. 发明申请

WO2017074632A1 TECHNIQUES FOR AUTOMATED APPLICATION ANALYSIS 审中-公开
标题翻译：自动应用分析技术
公开(公告)号：WO2017074632A1
公开(公告)日：2017-05-04
申请号：PCT/US2016/053966
申请日：2016-09-27
申请人： SYMANTEC CORPORATION
发明人： KENNEDY, Mark , GARDNER, Andrew, B. , CHEONG, Vincent
IPC分类号： G06F21/56 , G06F21/57
CPC分类号： G06F21/51 , G06F21/56 , G06F21/57 , G06F2221/033 , H04L63/1425 , H04L63/20
摘要： Techniques for automated application analysis are disclosed. In one embodiment, the techniques may be realized as a method comprising detecting a code creation activity; detecting the presence of a previously-unknown application; associating the detected application with the code creation activity; and permitting the application to run based on associating the detected application with the code creation activity.
摘要翻译：公开了用于自动应用分析的技术。在一个实施例中，可以将这些技术实现为包括检测代码创建活动的方法; 检测先前未知的应用程序的存在; 将检测到的应用与代码创建活动相关联; 并且基于将检测到的应用与代码创建活动相关联来允许应用运行。

9. 发明申请

WO2017027103A1 SYSTEMS AND METHODS FOR DETECTING UNKNOWN VULNERABILITIES IN COMPUTING PROCESSES 审中-公开
标题翻译：用于检测计算过程中未知的易受攻击的系统和方法
公开(公告)号：WO2017027103A1
公开(公告)日：2017-02-16
申请号：PCT/US2016/038299
申请日：2016-06-20
申请人： SYMANTEC CORPORATION
发明人： CHEN, Joseph , RESURRECCION, Rei Kristian
IPC分类号： G06F21/55 , G06F21/57 , G06F21/56
CPC分类号： G06F21/577 , G06F21/54 , G06F21/552 , G06F21/566 , G06F21/568 , G06F2221/033 , G06F2221/034 , G06F2221/2149 , H04L63/1433
摘要： The disclosed computer-implemented method for detecting unknown vulnerabilities in computing processes may include (1) monitoring a computing environment that facilitates execution of a computing process by logging telemetry data related to the computing process while the computing process is running within the computing environment, (2) determining that the computing process crashed while running within the computing environment, (3) searching the telemetry data for evidence of any vulnerabilities that potentially led the computing process to crash while running within the computing environment, (4) identifying, while searching the telemetry data, evidence of at least one vulnerability of the computing process that is not yet known to exist within the computing process and then in response to identifying the evidence of the computing process's vulnerability, (5) performing at least one security action to hinder any potentially malicious exploitation of the computing process's vulnerability. Various other methods, systems, and computer-readable media are also disclosed.
摘要翻译：所公开的用于检测计算过程中的未知漏洞的计算机实现的方法可以包括（1）通过在计算环境中运行计算过程时记录与计算过程相关的遥测数据来监视促进计算过程执行的计算环境（ 2）确定计算过程在计算环境中运行时崩溃，（3）搜索遥测数据以证明在计算环境中运行时可能导致计算过程崩溃的任何漏洞，（4）在搜索遥测数据，计算过程至少有一个脆弱性的证据，在计算过程中尚不知道，然后响应于识别计算过程的漏洞的证据，（5）执行至少一个安全措施来阻止任何潜在地恶意利用计算过程的漏洞 ility。还公开了各种其它方法，系统和计算机可读介质。

10. 发明申请

WO2016176373A1 SYSTEMS AND METHODS FOR EVALUATING CONTENT PROVIDED TO USERS VIA USER INTERFACES 审中-公开
标题翻译：用于通过用户界面评估提供给用户的内容的系统和方法
公开(公告)号：WO2016176373A1
公开(公告)日：2016-11-03
申请号：PCT/US2016/029637
申请日：2016-04-27
申请人： SYMANTEC CORPORATION
发明人： SAVANT, Anubhav
IPC分类号： G06F21/62
CPC分类号： H04L63/1425 , G06F3/04842 , G06F21/6218 , G06F2221/2119 , G06F2221/2149 , H04L63/20
摘要： The disclosed computer-implemented method for evaluating content provided to users via user interfaces may include (1) monitoring, as part of a security application via an accessibility application program interface provided by an operating system of a computing device, accessibility events that indicate state transitions in user interfaces of applications running on the computing device, (2) receiving, at the security application, an accessibility event that indicates that a user of the computing device is viewing a user interface of an application running on the computing device, (3) identifying, as part of the security application via the accessibility application program interface, content that the user is attempting to access via the application, (4) determining, as part of the security application, that the content is harmful, and (5) performing, as part of the security application, at least one security action in response to determining that the content is harmful.
摘要翻译：所公开的用于评估通过用户界面提供给用户的内容的计算机实现的方法可以包括（1）通过由计算设备的操作系统提供的可访问性应用程序接口来监视作为安全应用程序的一部分，指示状态转换的可访问性事件（2）在安全应用处接收指示计算设备的用户正在观看在计算设备上运行的应用的用户界面的可访问性事件;（3）在所述计算设备上运行的应用的用户界面中，通过可访问性应用程序接口识别用户尝试通过应用程序访问的内容，（4）确定内容是有害的，作为安全应用的一部分，以及（5）执行作为安全应用程序的一部分，响应于确定内容是有害的至少一个安全措施。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式