Symantec Patent Grants

Consumption control of protected cloud resources by open authentication-based applications in end user devices

Granted: June 27, 2017
Patent Number: 9690925
A server computer system identifies a request from an application hosted on a mobile device to consume a protected resource hosted by a cloud. The request is transmitted via a resource authorization protocol. The server computer system identifies a token state of an application on the mobile device. The token state is stored in a policy data store that is separate from expiration data that is stored on an access token on the mobile device. The server computer system determines whether…

Systems and methods for protecting computing devices from imposter accessibility services

Granted: June 27, 2017
Patent Number: 9690934
The disclosed computer-implemented method for protecting computing devices from imposter accessibility services may include (1) registering a security application with the computing device as an accessibility service that has special permissions on the computing device that are not available to other applications, (2) ensuring that the security application is the first registered accessibility service on the computing device, and (3) performing, by the security application, a security…

Confidence level threshold selection assistance for a data loss prevention system using machine learning

Granted: June 27, 2017
Patent Number: 9691027
Machine-learning based detection (MLD) profiles can be used to identify sensitive information in documents. The MLD profile can be used to generate a confidence value for the document that expresses the degree of confidence with which the MLD profile can classify the document as sensitive or not. In one embodiment, a data loss prevention system provides or suggests a confidence level threshold to a user of the data loss prevention system by providing a confidence level threshold for the…

Dynamic updates to a network server

Granted: June 27, 2017
Patent Number: 9692640
Techniques are disclosed for configuring a server to establish a secure network communication session. An application monitors one or more resource utilization metrics of the server. Upon determining that at least one of the monitored resource metrics satisfies a specified condition, an optimization algorithm is selected based on the resource metrics and a configuration of the server. The optimization algorithm determines an updated configuration of the server while maintaining the…

System and method for distributing heuristics to network intermediary devices

Granted: June 27, 2017
Patent Number: 9692656
A policy distribution server provides, on a subscription basis, policy updates to effect desired behaviors of network intermediary devices. The policy updates may specify caching policies, and may in some instances, include instructions for data collection by the network intermediary devices. Data collected in accordance with such instructions may be used to inform future policy updates distributed to the network intermediary devices.

Remote signing wrapped applications

Granted: June 27, 2017
Patent Number: 9692741
A method for signing a wrapped computer application is described. In some embodiments, methods may include receiving a wrapped computer application via a first secure communication connection from a first remote server, authenticating the first secure communication connection, modifying the wrapped computer application based at least in part on the authenticating, and transmitting the wrapped computer application via a second secure communication connection to a second remote server…

Sharing confidential graph data using multi-level graph summarization with varying data utility and privacy protection

Granted: June 27, 2017
Patent Number: 9692768
A first graph comprises multiple nodes and edges. At least one successive summary graph is created, using the original graph as a predecessor. To create a second graph from a first, nodes of the first graph are grouped into a plurality of subsets, and each subset becomes a super-node. For each super-node, the edges of each corresponding node are replaced with one or more super-edges. Each super-edge represents a relationship between a pair of super-nodes. The nodes of the successor graph…

System and method for estimating typicality of names and textual data

Granted: June 27, 2017
Patent Number: 9692771
According to one aspect, a method of assessing typicality of a first name that includes a plurality of characters includes obtaining the first name, determining at least a first N-gram size, and extracting a first plurality of N-grams of the first N-gram size from the first name. The first plurality of N-grams is analyzed with respect to a model. Analyzing the first plurality of N-grams with respect to the model includes obtaining a first score. Finally, the method includes determining…

Detection of malware using time spans and periods of activity for network requests

Granted: June 27, 2017
Patent Number: 9692772
A method to identify machines infected by malware is provided. The method includes determining whether a universal resource locator in a network request is present in a first cache and determining whether a fully qualified domain name from the uniform resource locator is present in a second cache. The method includes evaluating a parent hostname as to suspiciousness. The method includes indicating the computing device has a likelihood of infection, responsive to one of: the universal…

Systems and methods for identifying detection-evasion behaviors of files undergoing malware analyses

Granted: June 27, 2017
Patent Number: 9692773
The disclosed computer-implemented method for identifying detection-evasion behaviors of files undergoing malware analyzes may include (1) monitoring, by a plurality of monitor components related to an automated execution environment, a file that is undergoing a malware analysis in the automated execution environment, (2) detecting a suspicious discrepancy among the monitor components with respect to computing activity observed in connection with the malware analysis by (A) identifying a…

Systems and methods for evaluating content provided to users via user interfaces

Granted: June 27, 2017
Patent Number: 9692776
The disclosed computer-implemented method for evaluating content provided to users via user interfaces may include (1) monitoring, as part of a security application via an accessibility application program interface provided by an operating system of a computing device, accessibility events that indicate state transitions in user interfaces of applications running on the computing device, (2) receiving, at the security application, an accessibility event that indicates that a user of the…

Method and system to prioritize vulnerabilities based on contextual correlation

Granted: June 27, 2017
Patent Number: 9692778
A method for prioritizing vulnerabilities of an asset in a virtual computing environment is provided. The method includes determining a vulnerability score for the asset, based on at least one of a base vulnerability score or a temporal vulnerability score and receiving information about a threat. The method includes correlating the information about the threat with information about the open vulnerabilities on the asset and also about the asset to determine a threat score for the asset…

Display screen with a graphical user interface

Granted: June 20, 2017
Patent Number: D789943

Systems and methods for clustering data

Granted: June 20, 2017
Patent Number: 9684705
A computer-implemented method for clustering data may include (1) identifying a plurality of samples, (2) locating a sample, from within the plurality of samples, that is a centroid of a cluster, (3) locating another sample that is, among the plurality of samples, next closest to the centroid relative to a most-recently located sample, (4) determining whether an attribute of the next-closest sample matches an attribute of the centroid, (5) determining whether to adjust a radius of the…

Encrypted universal resource identifier (URI) based messaging

Granted: June 20, 2017
Patent Number: 9686243
A method and apparatus for encrypted universal resource identifier (URI) based messaging is described. In one embodiment of the method, a server computing system receives an encrypted message from a first client computing system over a network, decrypts the encrypted message, stores the decrypted message in a message data store, and generates a shortened uniform resource locator (URL) for subsequent retrieval of the stored message. The server computing system sends the shortened URL to…

Systems and methods for healing infected document files

Granted: June 20, 2017
Patent Number: 9686304
A computer-implemented method for healing infected document files may include (1) receiving an electronic message directed to a target client computing system, the electronic message including a document file, (2) in response to receiving the electronic message, discovering, by a security program, that the document file is infected with potentially malicious content by, parsing the document file into separate objects and detecting that one of the separate objects is infected with…

Locating a lost device using crowd GPS

Granted: June 20, 2017
Patent Number: 9686686
A method for lost device location is disclosed. The method includes transmitting a last known location from the lost device, receiving a command to lock the lost device at the lost device and locking the lost device. Machine identification data and current location data is transmitted from the lost device, that is accessible by a backend server, to a second device that is located within a designated proximity to the lost device.

Systems and methods for detecting display-controlling malware

Granted: June 13, 2017
Patent Number: 9679134
A computer-implemented method for detecting display-controlling malware may include (1) identifying a software program that is controlling a display of the computing device, (2) detecting one or more measures taken by the software program to prevent loss of control of the computing device display, (3) performing an analysis of the software program that may include determining, based on the measure taken by the software program to prevent loss of control of the computing device display,…

Systems and methods for maintaining encrypted search indexes on third-party storage systems

Granted: June 13, 2017
Patent Number: 9679160
A computer-implemented method for maintaining encrypted search indexes on third-party storage systems may include (1) identifying a plurality of encrypted files, (2) identifying a plurality of keywords contained in the plurality of encrypted files, and (3) generating an encrypted search index for searching the plurality of encrypted files by (i) identifying, for each keyword in the plurality of keywords, a list of encrypted files in the plurality of encrypted files that contain the…

Method and system for co-termination of digital certificates

Granted: June 13, 2017
Patent Number: 9680819
A method of renewing a plurality of digital certificates includes receiving, at a first time, a request from a user to renew a first digital certificate and determining an expiration date for the first digital certificate. The method also includes receiving, at a second time, a request from the user to renew a second digital certificate and determining an expiration date for the second digital certificate. The expiration date for the second certificate is later than the expiration date…