专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US09805115B1 Systems and methods for updating generic file-classification definitions 有权
公开(公告)号：US09805115B1
公开(公告)日：2017-10-31
申请号：US14210364
申请日：2014-03-13
申请人： Symantec Corporation
发明人： Sourabh Satish
IPC分类号： G06F17/30
CPC分类号： G06F17/30705
摘要： A computer-implemented method for updating generic file-classification definitions may include (1) identifying at least one generic file-classification definition deployed in a software product installed on a client device, (2) classifying at least one data sample encountered by the client device based at least in part on the generic file-classification definition, (3) querying at least one verification server in an attempt to verify the correctness of the classification of the data sample, (4) determining that the classification of the data sample is incorrect based at least in part on the query, and then (5) modifying the generic file-classification definition deployed in the software product based at least in part on the data sample. Various other methods, systems, and computer-readable media are also disclosed.

2. 发明授权

US09684705B1 Systems and methods for clustering data 有权
公开(公告)号：US09684705B1
公开(公告)日：2017-06-20
申请号：US14214581
申请日：2014-03-14
申请人： Symantec Corporation
发明人： Sourabh Satish , Govind Salinas
IPC分类号： G06F17/30 , G06F21/56
CPC分类号： G06F17/30598 , G06F17/30705 , G06F17/30713 , G06F21/56 , G06F21/564
摘要： A computer-implemented method for clustering data may include (1) identifying a plurality of samples, (2) locating a sample, from within the plurality of samples, that is a centroid of a cluster, (3) locating another sample that is, among the plurality of samples, next closest to the centroid relative to a most-recently located sample, (4) determining whether an attribute of the next-closest sample matches an attribute of the centroid, (5) determining whether to adjust a radius of the cluster based on whether the attribute of the next-closest sample matches the attribute of the centroid, and (6) repeating the steps of locating the next-closest sample, determining whether the attributes match, and determining whether to adjust the radius of the cluster, until the attribute of the next-closest sample does not match the attribute of the centroid. Various other methods, systems, and computer-readable media are also disclosed.

3. 发明授权

US09245123B1 Systems and methods for identifying malicious files 有权
标题翻译：用于识别恶意文件的系统和方法
公开(公告)号：US09245123B1
公开(公告)日：2016-01-26
申请号：US14301985
申请日：2014-06-11
申请人： Symantec Corporation
发明人： Sourabh Satish
IPC分类号： G06F21/56
CPC分类号： G06F21/50 , G06F17/30595 , G06F21/51 , G06F21/561 , G06F21/566 , H04L63/102 , H04L63/1416 , H04L63/20
摘要： The disclosed computer-implemented method for identifying malicious files may include (1) identifying different instances of a file that is subject to a security evaluation, (2) identifying, within a field for each of the different instances, an attribute of the different instance that associates the different instance with a respective application, (3) determining that the respective applications to which the different instances of the file are associated are distinct applications and are known to be safe, (4) adjusting a security policy for the file, by increasing an estimation that the file is malicious, based on the determination that the respective applications are distinct applications and are known to be safe, and (5) classifying, in a software security system, the file as malicious based on the adjusted security policy that increased the estimation that the file is malicious. Various other methods, systems, and computer-readable media are also disclosed.
摘要翻译：用于识别恶意文件的公开的计算机实现的方法可以包括（1）识别经受安全性评估的文件的不同实例，（2）在每个不同实例的字段内识别不同实例的属性将不同的实例与相应的应用相关联，（3）确定文件的不同实例相关联的各个应用是不同的应用，并且已知是安全的，（4）通过以下方式调整文件的安全策略：基于各个应用程序是不同的应用程序的确定并且已知是安全的，增加对该文件是恶意的估计，以及（5）在软件安全系统中，基于经调整的安全策略将该文件分类为恶意的，增加了文件恶意的估计。还公开了各种其它方法，系统和计算机可读介质。

4. 发明授权

US09171253B1 Identifying predictive models resistant to concept drift 有权
标题翻译：识别抵抗概念漂移的预测模型
公开(公告)号：US09171253B1
公开(公告)日：2015-10-27
申请号：US13755443
申请日：2013-01-31
申请人： Symantec Corporation
发明人： Adam Wright , Sourabh Satish , Jeffrey Wilhelm
IPC分类号： G06N5/02
CPC分类号： G06N5/02 , G06F21/564 , G06F2221/2101
摘要： A plurality of classifiers is identified. A set of test cases is selected based on time. The set of test cases are grouped into a plurality of datasets based on time where each of the plurality of datasets is associated with a corresponding interval of time. Each of the plurality of classifiers is applied to each of the plurality of datasets to generate classifications for test cases in each of the plurality of datasets. For each of the plurality of classifiers, a classification performance score is determined for each of the plurality of datasets based on the classifications generated for the test cases of each dataset. A classifier is selected from among the plurality of classifiers for production based on the classification performance scores of each of the plurality of classifiers across the plurality of datasets.
摘要翻译：识别多个分类器。基于时间选择一组测试用例。基于多个数据集中的每一个与对应的时间间隔相关联的时间将该组测试用例分组为多个数据集。将多个分类器中的每一个应用于多个数据集中的每一个以生成多个数据集中的每一个中的测试用例的分类。对于多个分类器中的每一个，基于为每个数据集的测试用例生成的分类，为多个数据集中的每一个确定分类性能分数。基于多个数据集中的多个分类器中的每个分类器的分类性能分数，从用于生产的多个分类器中选择分类器。

5. 发明授权

US08887277B1 Secure network cache content 有权
标题翻译：安全的网络缓存内容
公开(公告)号：US08887277B1
公开(公告)日：2014-11-11
申请号：US14049474
申请日：2013-10-09
申请人： Symantec Corporation
发明人： William E. Sobel , Sourabh Satish
IPC分类号： G06F21/00 , H04L29/06 , G06F21/56
CPC分类号： H04L63/1408 , G06F21/56 , H04L63/1416 , H04L67/2852
摘要： A security module on a computing device applies security rules to examine content in a network cache and identify suspicious cache content. Cache content is identified as suspicious according to security rules, such as a rule determining whether the cache content is associated with modified-time set into the future, and a rule determining whether the cache content was created in a low-security environment. The security module may establish an out-of-band connection with the websites from which the cache content originated through a high security access network to receive responses from the websites, and use the responses to determine whether the cache content is suspicious cache content. Suspicious cache content is removed from the network cache to prevent the suspicious cache content from carrying out malicious activities.
摘要翻译：计算设备上的安全模块应用安全规则来检查网络缓存中的内容并识别可疑缓存内容。缓存内容根据安全规则被识别为可疑，诸如确定缓存内容是否与未来设置的修改时间相关联的规则，以及确定高速缓存内容是否在低安全性环境中创建的规则。安全模块可以建立与网站的带外连接，网站通过高安全性接入网络从缓存内容发起接收来自网站的响应，并使用响应来确定缓存内容是否是可疑缓存内容。从网络缓存中删除可疑缓存内容，以防止可疑缓存内容进行恶意活动。

6. 发明授权

US09846772B1 Systems and methods for detecting misplaced applications using functional categories 有权
公开(公告)号：US09846772B1
公开(公告)日：2017-12-19
申请号：US14315312
申请日：2014-06-25
申请人： Symantec Corporation
发明人： Sourabh Satish
IPC分类号： G06F17/00 , G06F21/50 , H04L29/06
CPC分类号： G06F21/50 , G06F17/30595 , G06F21/51 , G06F21/561 , G06F21/566 , H04L63/102 , H04L63/1416 , H04L63/20
摘要： A computer-implemented method for detecting misplaced applications using functional categories may include (1) identifying a functional category assigned to an application located on a computing system, the functional category describing a field of functionality that the application performs, (2) identifying an additional functional category assigned to at least one of the computing system and another application located on the computing system, (3) applying a security policy to both the functional category assigned to the application and the additional functional category to determine whether the application belongs on the computing system according to the security policy, and (4) performing a security action to protect users based on the application of the security policy to the functional category assigned to the application and the additional functional category. Various other methods, systems, and computer-readable media are also disclosed.

7. 发明授权

US09622081B1 Systems and methods for evaluating reputations of wireless networks 有权
公开(公告)号：US09622081B1
公开(公告)日：2017-04-11
申请号：US14025730
申请日：2013-09-12
申请人： Symantec Corporation
发明人： Sourabh Satish
IPC分类号： H04L29/06 , H04W12/10 , H04W12/12
CPC分类号： H04W12/10 , H04W12/12
摘要： A computer-implemented method for evaluating reputations of wireless networks may include (1) identifying an endpoint computing system that is connected to a wireless network, (2) receiving, by a backend security server from the endpoint computing system, information that identifies the wireless network and that indicates in part a security state of the wireless network, (3) calculating, by the backend security server, a reputation of the wireless network based at least in part on the received information that identifies the wireless network and that indicates in part the security state of the wireless network, and (4) transmitting information about the calculated reputation of the wireless network to another endpoint computing system that is within range of the same wireless network. Various other methods, systems, and computer-readable media are also disclosed.

8. 发明授权

US09412066B1 Systems and methods for predicting optimum run times for software samples 有权
标题翻译：用于预测软件样本的最佳运行时间的系统和方法
公开(公告)号：US09412066B1
公开(公告)日：2016-08-09
申请号：US13794720
申请日：2013-03-11
申请人： Symantec Corporation
发明人： Sourabh Satish
IPC分类号： G06F7/60 , G06N5/02
CPC分类号： G06N5/02 , G06F11/3423 , G06F11/3452 , G06F11/3612 , G06F2201/81
摘要： A computer-implemented method for predicting optimum run times for software samples may include (1) identifying a set of training data that identifies (i) a plurality of static characteristics of at least one previously executed software sample and (ii) an amount of time taken by a software-analysis mechanism to observe a threshold level of run-time behaviors of the previously executed software sample, (2) identifying a plurality of static characteristics of an additional software sample, (3) determining that the static characteristics of the additional software sample and the previously executed software sample exceed a threshold level of similarity, and then (4) predicting an optimum run time for the additional software sample based at least in part on the amount of time taken by the software-analysis mechanism to observe the threshold level of run-time behaviors of the previously executed software sample. Various other methods, systems, and computer-readable media are also disclosed.
摘要翻译：用于预测软件样本的最佳运行时间的计算机实现的方法可以包括（1）识别一组训练数据，所述训练数据识别（i）至少一个先前执行的软件样本的多个静态特征，以及（ii）时间量通过软件分析机制来观察先前执行的软件样本的运行时行为的阈值水平，（2）识别附加软件样本的多个静态特性，（3）确定附加的软件样本的静态特性软件样本和先前执行的软件样本超过相似度的阈值水平，然后（4）至少部分地基于软件分析机制观察的时间量来预测附加软件样本的最佳运行时间先前执行的软件样本的运行时行为的阈值级别。还公开了各种其它方法，系统和计算机可读介质。

9. 发明授权

US09332033B2 Methods and systems for enabling community-tested security features for legacy applications 有权
标题翻译：用于实现遗留应用程序的社区测试安全功能的方法和系统
公开(公告)号：US09332033B2
公开(公告)日：2016-05-03
申请号：US14163071
申请日：2014-01-24
申请人： Symantec Corporation
发明人： William E. Sobel , Sourabh Satish
IPC分类号： G06F12/14 , H04L29/06 , G06F21/60 , G06F21/55 , G06F21/57 , G06F21/12
CPC分类号： H04L63/20 , G06F21/125 , G06F21/126 , G06F21/552 , G06F21/577 , G06F21/604 , H04L63/1433 , H04L63/145
摘要： A computer-implemented method for enabling community-tested security features for legacy applications may include: 1) identifying a plurality of client systems, 2) identifying a legacy application on a client system within the plurality of client systems, 3) identifying a security-feature-enablement rule for the legacy application, 4) enabling at least one security feature for the legacy application by executing the security-feature-enablement rule, 5) determining the impact of the security-feature-enablement rule on the health of the legacy application, and then 6) relaying the impact of the security-feature-enablement rule on the health of the legacy application to a server. Various other methods, systems, and computer-readable media are also disclosed.
摘要翻译：用于实现遗留应用的经社区测试的安全特征的计算机实现的方法可以包括：1）识别多个客户端系统，2）识别多个客户端系统内的客户端系统上的遗留应用; 3）用于遗留应用的特征启用规则，4）通过执行安全特征启用规则来为遗留应用启用至少一个安全特征，5）确定安全特征使能规则对遗产的健康的影响应用程序，然后6）将安全功能启用规则的影响中继到传统应用程序的运行状况到服务器。还公开了各种其它方法，系统和计算机可读介质。

10. 发明授权

US09323930B1 Systems and methods for reporting security vulnerabilities 有权
标题翻译：报告安全漏洞的系统和方法
公开(公告)号：US09323930B1
公开(公告)日：2016-04-26
申请号：US14462833
申请日：2014-08-19
申请人： Symantec Corporation
发明人： Sourabh Satish
IPC分类号： G06F21/56 , H04L29/06
CPC分类号： H04L63/308 , G06F21/566 , G06F2221/2101 , H04L63/1408 , H04L63/1433
摘要： A computer-implemented method for reporting security vulnerabilities may include (1) detecting that a malware application is present on an endpoint computing system, (2) determining a window of time during which the malware application was present in a specified condition on the endpoint computing system, (3) logging a list of sensitive data items accessed during the window of time, and (4) conditioning performance of a security action to report the list of sensitive data items on a determination that both (A) a length of the window of time is longer than a security threshold length and is indicative of the malware application being located on the endpoint computing system long enough to potentially compromise a sensitive data item and (B) the malware application was accessed during the window of time. Various other methods, systems, and computer-readable media are also disclosed.
摘要翻译：用于报告安全漏洞的计算机实现的方法可以包括（1）检测到端点计算系统上存在恶意软件应用程序，（2）确定恶意软件应用程序在端点计算上的指定条件下存在的时间窗口系统，（3）记录在时间窗口期间访问的敏感数据项的列表，以及（4）调节性能的安全动作以报告敏感数据项的列表，确定（A）窗口的长度的时间长于安全阈值长度，并指示恶意软件应用程序位于端点计算系统上足够长的时间以潜在地危及敏感数据项，并且（B）在时间窗口期间访问恶意软件应用程序。还公开了各种其它方法，系统和计算机可读介质。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式