Systems and methods for providing integrated security management
Granted: March 26, 2019
Patent Number:
10242187
The disclosed computer-implemented method for providing integrated security management may include (1) identifying a computing environment protected by security systems and monitored by a security management system that receives event signatures from the security systems, where a first security system uses a first event signature naming scheme that differs from a second event signature naming scheme used by a second security system, (2) observing a first event signature that originates…
Securely launching files downloaded to potentially unsafe locations on a computer system
Granted: March 26, 2019
Patent Number:
10241696
The present disclosure relates to protecting computer systems from installation of rogue shared libraries when executable files are launched. An example method generally includes detecting that a downloaded file has been written to an insecure location on the computing device. A computing device determines that the downloaded file includes at least a first executable component and, upon determining that the downloaded file includes executable components, generates a copy of the…
Systems and methods of administering computer activities based upon emotional intelligence
Granted: March 19, 2019
Patent Number:
10237304
Systems and methods of administering computer activities based upon user emotional intelligence are provided. One method may include receiving a user request for a computer activity and sensing emotional context data associated with the user, such as voice stress analysis of use a communication, eye motion, pupil dilation, mood and stress changes, sporadic user movement, and video contexts indicating micro-expressions (i.e. anxiety, anger, amusement, and the like). The method may further…
Techniques of obfuscation for enterprise data center services
Granted: March 5, 2019
Patent Number:
10225284
Techniques of obfuscation for enterprise data center services are disclosed. In one embodiment, the techniques may be realized as a system for obfuscation comprising one or more processors. The one or more processors may be configured to receive a command from at least one of a user and an application and determine whether the command is authorized. If the command is determined to be unauthorized, the one or more processors may be further configured to generate a rewritten output of the…
Verifying that the influence of a user data point has been removed from a machine learning classifier
Granted: March 5, 2019
Patent Number:
10225277
Verifying that influence of a user data point has been removed from a machine learning classifier. In some embodiments, a method may include training a machine learning classifier using a training set of data points that includes a user data point, calculating a first loss of the machine learning classifier, updating the machine learning classifier by updating parameters of the machine learning classifier to remove influence of the user data point, calculating a second loss of the…
Secure verified attribute exchange between parties in physical proximity
Granted: February 26, 2019
Patent Number:
10219157
A first mobile device securely transmits selected verified attributes concerning the corresponding user to a second mobile device. The first device broadcasts verified, signed biometric information concerning its user, and the user's public key. The second device confirms the received broadcasted biometric information, based on sensor input. For example, sensors on the second device generate images of the first user, who is physically proximate, and information gleaned from the images is…
Systems and methods for determining whether malicious files are targeted
Granted: February 26, 2019
Patent Number:
10216933
The disclosed computer-implemented method for determining whether malicious files are targeted may include (i) applying, to a malware detection structure, a plurality of sample data points, each sample data point corresponding to at least one of a malicious file known to be targeted and a malicious file known to be non-targeted, (ii) identifying one or more boundaries of the sample data points within the malware detection structure, (iii) determining, after identifying the sample…
Systems and methods for detecting malicious processes that encrypt files
Granted: February 19, 2019
Patent Number:
10210330
The disclosed computer-implemented method for detecting malicious processes that encrypt files may include (i) identifying a backup file created by a backup process on the computing device, (ii) detecting an attempt to alter the backup file by a process that is not the backup process, (iii) determining, based at least in part on the attempt to alter the backup file being made by the process that is not the backup process, that the process is a malicious process designed to encrypt files…
Systems and methods for determining security reputations of wireless network access points
Granted: February 19, 2019
Patent Number:
10212602
A computer-implemented method for determining security reputations of wireless network access points may include (1) receiving a unique identifier for a wireless network access point to which a mobile device has connected and security information that identifies the security posture of the mobile device after connecting to the wireless network access point, (2) adding the unique identifier and the security information to a security database, (3) correlating the security information with…
Techniques for managing privacy of a network communication
Granted: February 19, 2019
Patent Number:
10210347
Techniques for managing privacy of a network communication may be realized as a computer-implemented system, including one or more processors that store instructions, and one or more computer processors that execute the instructions to receive a first network communication, extract information from the first network communication, identify a privacy rule based on the information, generate a second network communication based on the first network communication and the privacy rule, and…
Techniques for network security
Granted: February 12, 2019
Patent Number:
10206110
Techniques are described for network security. One method includes identifying a network-access boundary associated with a network for a location, generating a credential for the network based at least in part on the identified network-access boundary, receiving a request from a user equipment (UE) to access the network associated with the location, and transmitting the credential associated with the network based at least in part on the network-access boundary.
Geolocation-based two-factor authentication
Granted: February 12, 2019
Patent Number:
10206099
Techniques disclosed herein provide a geolocation-based two-factor authentication process. An authentication service receives a first authentication factor associated with an account. Upon validating the first authentication factor, the authentication service requests a second authentication factor from an application executing on a mobile device associated with the account. The second authentication factor identifies at least a location of the mobile device. The authentication service…
Anomaly based geofencing leveraging location duration
Granted: February 12, 2019
Patent Number:
10204499
A system and method for efficiently establishing patterns of behavior for location-aware monitoring applications. An administrator registers a trackable entity with a tracking service by providing identification of at least the trackable entity, a point of origin and a destination. To identify and select paths between the point of origin and the destination, the tracking service accesses crowdsourced information corresponding to the history of movements of trackable entities between the…
Systems and methods for dynamically customizing software programs
Granted: February 12, 2019
Patent Number:
10203944
The disclosed computer-implemented method for dynamically customizing software programs may include (i) receiving, from a client device, a request for a software program with client-specific customization requirements and (ii) providing, to the client device, a digitally signed download manager for downloading a client-specific version of the software program that satisfies the client-specific customization requirements, where the digitally signed download manager provides the…
Systems and methods for detecting obscure cyclic application-layer message sequences in transport-layer message sequences
Granted: February 5, 2019
Patent Number:
10200259
The disclosed computer-implemented method for detecting obscure cyclic application-layer message sequences in transport-layer message sequences may include (i) collecting a composite sequence of transport-layer messages that are exchanged between a first computing device and a second computing device over a single long-standing transport-layer connection, (ii) constructing a sequence graph from the composite sequence, (iii) traversing the sequence graph to discover a first obscure cyclic…
Systems and methods for reducing network traffic by using delta transfers
Granted: February 5, 2019
Patent Number:
10200499
The disclosed computer-implemented method for reducing network traffic by using delta transfers may include (1) receiving, from a client device, an original request message that requests at least one action from a server, (2) storing the original request message to serve as a foundation for a delta transfer that includes the original request message and at least one subsequent request message that builds upon the original request message, (3) receiving, from the client device, a…
Systems and methods for automated whitelisting of files
Granted: February 5, 2019
Patent Number:
10200395
The disclosed computer-implemented method for automated whitelisting of files may include (1) obtaining telemetry information that identifies files located on a set of computing systems, (2) establishing a whitelist of files for the set of computing systems by, for each file identified by the telemetry information, (A) calculating an amount by which a cost for using the whitelist will increase if the file is included in the whitelist, (B) calculating an amount by which whitelist coverage…
Techniques for detecting malicious files
Granted: February 5, 2019
Patent Number:
10200374
Techniques for detecting malicious files are disclosed. In one embodiment, the techniques may be realized as a system for detecting malicious files comprising one or more computer processors. The one or more computer processors may be configured to collect at least one of a file or an attribute of the file. The one or more computer processors may further be configured to determine if the file is malicious. The one or more computer processors may further be configured to identify, if the…
Systems and methods for dynamically validating remote requests within enterprise networks
Granted: February 5, 2019
Patent Number:
10200369
The disclosed computer-implemented method for dynamically validating remote requests within enterprise networks may include (1) receiving, on a target system within an enterprise network, a request to access a portion of the target system from a remote system within the enterprise network, (2) performing a validation operation to determine whether the remote system is trustworthy to access the portion of the target system by (A) querying an enterprise security system to authorize the…
Systems and methods for creating credential vaults that use multi-factor authentication to automatically authenticate users to online services
Granted: February 5, 2019
Patent Number:
10200359
The disclosed method for creating credential vaults that use multi-factor authentication to automatically authenticate users to online services may include (1) detecting a user account for an online service that uses multi-factor authentication comprising a token that generates a cryptographic authentication code, (2) creating a virtual representation of the token that is capable of generating the cryptographic authentication code, (3) storing the virtual representation of the token and…
