会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 1. 发明申请
    • METHODS AND SYSTEMS FOR CONTEXT BASED ANOMALY MONITORING
    • 基于上下文的异常监测方法和系统
    • WO2017218159A1
    • 2017-12-21
    • PCT/US2017/034496
    • 2017-05-25
    • QUALCOMM INCORPORATED
    • AHMADZADEH, Seyed AliDAS, Saumitra MohanGUPTA, RajarshiKRISHNAMURTHI, Govindarajan
    • H04W4/04
    • Various embodiments include methods, and computing devices configured to implement the methods, for anomaly monitoring using context-based sensor output correlation. A computing device may obtain output of a first sensor and may determine that an anomaly is likely to occur based on the obtained output of the first sensor. The computing device may transmit a message indicating that the anomaly is likely to occur, causing receiving computing devices to begin logging output of sensors of the receiving computing devices. The computing device may determine whether the anomaly did occur. If the anomaly did occur, the computing device may transmit a sensor output request. Nearby computing devices may receive this sensor output request and may transmit collected sensor data to the first computing device. The first computing device may receive the sensor output collected by the various receiving devices and may correlate the first sensor output with the received sensor output.
    • 各种实施例包括被配置为实施所述方法的方法和计算设备,用于使用基于上下文的传感器输出相关性进行异常监测。 计算设备可以获得第一传感器的输出并且可以基于获得的第一传感器的输出确定可能发生异常。 计算设备可以传输指示异常可能发生的消息,使得接收计算设备开始记录接收计算设备的传感器的输出。 计算设备可以确定异常是否确实发生。 如果异常确实发生,则计算设备可以发送传感器输出请求。 附近的计算设备可以接收该传感器输出请求并且可以将收集的传感器数据传输到第一计算设备。 第一计算设备可以接收由各种接收设备收集的传感器输出,并且可以使第一传感器输出与接收到的传感器输出相关。
    • 2. 发明申请
    • DYNAMIC HONEYPOT SYSTEM
    • 动态HONEYPOT系统
    • WO2017083043A1
    • 2017-05-18
    • PCT/US2016/056438
    • 2016-10-11
    • QUALCOMM INCORPORATED
    • AHMADZADEH, Seyed AliISLAM, NayeemCHRISTODORESCU, MihaiGUPTA, RajarshiDAS, Saumitra Mohan
    • H04L29/06G06F21/56G06F21/55G06F21/57
    • H04L63/1416G06F21/552G06F21/554G06F21/566G06F21/577G06F2221/033H04L63/1425H04L63/1433H04L63/1491
    • Various embodiments include a honeypot system configured to trigger malicious activities by malicious applications using a behavioral analysis algorithm and dynamic resource provisioning. A method performed by a processor of a computing device, which may be a mobile computing device, may include determining whether or not a target application currently executing on the computing device is potentially malicious based, at least in part, on the analysis, predicting a triggering condition of the target application in response to determining the target application is potentially malicious, provisioning one or more resources based, at least in part, on the predicted triggering condition, monitoring activities of the target application corresponding to the provisioned one or more resources, and determining whether or not the target application is a malicious application based, at least in part, on the monitored activities. The resources may be device components (e.g., network interface(s), sensor(s), etc.) and/or data (e.g., files, etc.).
    • 各种实施例包括配置成使用行为分析算法和动态资源供应由恶意应用触发恶意活动的蜜罐系统。 由计算设备的处理器(其可以是移动计算设备)执行的方法可以包括:至少部分地基于分析来确定当前在计算设备上执行的目标应用程序是否潜在恶意,预测 响应于确定目标应用程序可能是恶意的,触发目标应用程序的条件;至少部分地基于所预测的触发条件来提供一个或多个资源;监视与所提供的一个或多个资源相对应的目标应用程序的活动; 以及至少部分地基于所监视的活动来确定目标应用程序是否是恶意应用程序。 资源可以是设备组件(例如,网络接口,传感器等)和/或数据(例如,文件等)。
    • 3. 发明申请
    • METHODS AND SYSTEMS FOR BEHAVIOR-SPECIFIC ACTUATION FOR REAL-TIME WHITELISTING
    • 用于实时白名单的行为特定启动的方法和系统
    • WO2016182668A1
    • 2016-11-17
    • PCT/US2016/027462
    • 2016-04-14
    • QUALCOMM INCORPORATED
    • SRIDHARA, VinayCHEN, YinGUPTA, Rajarshi
    • G06F21/56
    • H04L63/1425G06F3/0484G06F21/566G06F2221/033G06N99/005H04L63/101
    • Various embodiments include methods of evaluating device behaviors in a computing device and enabling white listing of particular behaviors. Various embodiments may include monitoring activities of a software application operating on the computing device, and generating a behavior vector information structure that characterizes a first monitored activity of the software application. The behavior vector information structure may be applied to a machine learning classifier model to generate analysis results. The analysis results may be used to classify the first monitored activity of the software application as one of benign, suspicious, and non-benign. A prompt may be displayed to the user that requests that the user select whether to whitelist the software application in response to classifying the first monitored activity of the software application as suspicious or non-benign. The first monitored activity may be added to a whitelist of device behaviors in response to receiving a user input.
    • 各种实施例包括评估计算设备中的设备行为并实现特定行为的白名单的方法。 各种实施例可以包括在计算设备上操作的软件应用程序的监视活动,以及生成表征软件应用程序的第一监视活动的行为向量信息结构。 行为矢量信息结构可以应用于机器学习分类器模型,以生成分析结果。 分析结果可用于将软件应用程序的第一个监视活动分类为良性,可疑和非良性之一。 可以向用户显示提示,要求用户选择是否将软件应用程序的第一被监视活动分类为可疑或非良性,以便将软件应用程序列入白名单。 响应于接收到用户输入,第一个被监视的活动可以被添加到设备行为的白名单中。
    • 4. 发明申请
    • METHODS AND SYSTEMS FOR USING CAUSAL ANALYSIS FOR BOOSTED DECISION STUMPS TO IDENTIFY AND RESPOND TO NON-BENIGN BEHAVIORS
    • 使用基于分析的分析方法和系统来识别和应对非竞争行为
    • WO2016178789A1
    • 2016-11-10
    • PCT/US2016/026328
    • 2016-04-07
    • QUALCOMM INCORPORATED
    • SRIDHARA, VinayCHEN, YinGUPTA, Rajarshi
    • G06F21/56
    • H04L63/1425G06F21/566
    • A computing device processor may be configured with processor-executable instructions to implement methods of detecting and responding non-benign behaviors of the computing device. The processor may be configured to monitor device behaviors to collect behavior information, generate a behavior vector information structure based on the collected behavior information, apply the behavior vector information structure to a classifier model to generate analysis results, use the analysis results to classify a behavior of the device, use the analysis results to determine the features evaluated by the classifier model that contributed most to the classification of the behavior, and select the top "n" (e.g., 3) features that contributed most to the classification of the behavior. The computing device may display the selected features on an electronic display of the computing device.
    • 计算设备处理器可以配置有处理器可执行指令,以实现检测和响应计算设备的非良性行为的方法。 处理器可以被配置为监视设备行为以收集行为信息,基于收集的行为信息生成行为向量信息结构,将行为向量信息结构应用于分类器模型以生成分析结果,使用分析结果对行为进行分类 的设备,使用分析结果来确定由分类器模型评估的功能,对行为的分类最有贡献,并选择对行为分类最有贡献的顶部“n”(例如,3)特征。 计算设备可以在计算设备的电子显示器上显示所选择的特征。
    • 6. 发明申请
    • METHODS AND SYSTEMS FOR BEHAVIORAL ANALYSIS OF MOBILE DEVICE BEHAVIORS BASED ON USER PERSONA INFORMATION
    • 基于用户个人信息的移动设备行为的行为分析方法与系统
    • WO2016057111A1
    • 2016-04-14
    • PCT/US2015/044578
    • 2015-08-11
    • QUALCOMM INCORPORATED
    • SALAJEGHEH, MastoorehSRIDHARA, VinayCHEN, YinGUPTA, Rajarshi
    • G06F21/31H04L29/06G06F21/55
    • G06F21/577G06F11/3024G06F11/3438G06F21/316G06F21/552H04L63/1425H04L63/145
    • A computing device processor may be configured with processor-executable instructions to implement methods of using behavioral analysis and machine learning techniques to identify, prevent, correct, or otherwise respond to malicious or performance-degrading behaviors of the computing device. As part of these operations, the processor may generate user-persona information that characterizes the user based on that user's activities, preferences, age, occupation, habits, moods, emotional states, personality, device usage patterns, etc. The processor may use the user-persona information to dynamically determine the number of device features that are monitored or evaluated in the computing device, to identify the device features that are most relevant to determining whether the device behavior is not consistent with a pattern of ordinary usage of the computing device by the user, and to better identify or respond to non-benign behaviors of the computing device.
    • 计算设备处理器可以配置有处理器可执行指令,以实现使用行为分析和机器学习技术来识别,防止,纠正或以其他方式响应计算设备的恶意或性能降级的行为的方法。 作为这些操作的一部分,处理器可以基于该用户的活动,偏好,年龄,职业,习惯,情绪,情绪状态,个性,设备使用模式等来生成表征用户的用户角色信息。处理器可以使用 用户角色信息以动态地确定在计算设备中被监视或评估的设备特征的数量,以识别与确定设备行为是否与计算设备的普通使用模式最相关的设备特征 并且更好地识别或响应计算设备的非良性行为。
    • 7. 发明申请
    • MEASUREMENTS FOR INDOOR NAVIGATION
    • 室内导航测量
    • WO2014126673A1
    • 2014-08-21
    • PCT/US2014/011793
    • 2014-01-16
    • QUALCOMM INCORPORATED
    • SRIDHARA, VinayGUPTA, RajarshiZHANG, Gengsheng
    • G01C21/20G01S5/02H04W64/00G01S5/14G01S11/06
    • H04W4/02G01C21/206G01S5/0257G01S5/0268G01S5/14G01S11/06H04W64/00
    • A method of obtaining and using access point signal information includes: receiving signals at a mobile device from a first set of access points during a passive measurement; and performing a first active measurement at the mobile device for the first set of the access points, including: sending at least one first communication each sent toward a respective one of the access points of the first set; and receiving at least one second communication each corresponding to, and responsive to, one of the at least one first communication and received from a corresponding one of the access points of the first set; where the passive measurement and the first active measurement is each performed repeatedly with the first set of the access points being reestablished at each repeat performance of the passive measurement, and with the passive measurement being performed less often than the first active measurement.
    • 一种获取和使用接入点信号信息的方法包括:在被动测量期间从移动设备接收来自第一组接入点的信号; 以及针对所述第一组接入点在所述移动设备处执行第一主动测量,包括:发送至少一个第一通信,每个至少一个第一通信被发送到所述第一组的接入点中的相应一个; 以及接收至少一个第二通信,每个对应于并且响应于所述至少一个第一通信中的一个并且从所述第一组的所述接入点中的相应一个接收点接收; 其中被动测量和第一主动测量被重复执行,在被动测量的每个重复执行时,第一组接入点被重新建立,并且被动测量的执行频率低于第一有源测量值。
    • 8. 发明申请
    • LOCATION BASED PROCESS-MONITORING
    • 基于位置的过程监控
    • WO2014120409A1
    • 2014-08-07
    • PCT/US2014/010947
    • 2014-01-10
    • QUALCOMM INCORPORATED
    • GUPTA, RajarshiDAS, Saumitra MohanNAGUIB, Ayman Fawzy
    • G06F21/50H04M1/725
    • G06F21/552G06F21/52G06F21/577G06F2221/034H04L63/107H04L63/1416H04L63/1433H04M1/72572H04W4/02H04W12/12
    • Disclosed are systems, apparatus, devices, methods, computer program products, and other implementations, including a method that includes determining location of a device, and controlling monitoring of behavior of one or more processes executing on the device based on the determined location of the device to identify potential one or more security-risky processes from the monitored one or more executing processes. In some embodiments, controlling the monitoring of the behavior of the one or more processes may include one or more of, for example, adjusting frequency of the monitoring of the one or more processes based on the determined location of the device, adjusting level of detail obtained for the monitored behavior of the one or more processes based on the determined location of the device, and/or adjusting features being observed for the monitored one or more processes based on the determined location of the device.
    • 公开了系统,装置,设备,方法,计算机程序产品和其他实施方式,包括包括确定设备的位置的方法,以及基于所确定的位置来控制在设备上执行的一个或多个进程的行为的监视 从所监视的一个或多个执行过程中识别潜在的一个或多个安全风险过程。 在一些实施例中,控制对一个或多个进程的行为的监视可以包括例如基于所确定的设备位置来调整一个或多个进程的监视的频率中的一个或多个,调整详细程度 基于所确定的设备的位置来监视所述一个或多个进程的监视行为,和/或基于所确定的设备的位置来调整针对所监视的一个或多个进程的特征。