Two-way authentication using two-dimensional codes
Granted: May 22, 2018
Patent Number:
9979725
A system for two-way authentication using two-dimensional codes is provided. The system includes a memory and a processor coupled to the memory. The processor is to generate a two-dimensional code to be used by a user of a mobile device for accessing a remote resource. The processor is to generate the code in response to a request from the remote resource for the code. The processor is further to receive an authentication request from the mobile device to authenticate the remote…
System and method for building intelligent and distributed L2-L7 unified threat management infrastructure for IPV4 and IPV6 environments
Granted: May 15, 2018
Patent Number:
9973540
A security gateway appliance is configured to evaluate network traffic according to security rules that classify traffic flows according to specifically identified application programs responsible for producing and/or consuming the network traffic and to enforce policies in accordance with network traffic classifications. The appliance includes an on-box anti-virus/anti-malware engine, on-box data loss prevention engine and on-box authentication engine. One or more of these engines is…
Systems and methods for determining the risk of information leaks from cloud-based services
Granted: May 15, 2018
Patent Number:
9973525
The disclosed computer-implemented method for determining the risk of information leaks from cloud-based services may include (1) identifying a cloud-based service that provides remote software-services to client organizations, (2) extracting, from a publicly accessible page of the cloud-based service, a list of customers that use the cloud-based service, (3) retrieving, for each customer in the list of customers, at least one link to a customer page on the cloud-based service that…
System and method of traffic inspection and stateful connection forwarding among geographically dispersed network alliances organized as clusters
Granted: May 15, 2018
Patent Number:
9973387
A peering relationship among two or more network appliances is established through an exchange of control messages among the network appliances. The peering relationship defines a cluster of peered network appliances, and at each network appliance of the cluster traffic flow state information for all the network appliances of the cluster is maintained. Network traffic associated with traffic flows of the network appliances of the cluster is managed according to the state information for…
Wireless router configured to detect an intruder
Granted: May 15, 2018
Patent Number:
9972177
A wireless router configured to detect an intruder. In one embodiment, a method may include monitoring received signal strength in a wireless router and creating a profile of the received signal strength as monitored during a learn mode. The method may also include comparing activity of the received signal strength in the wireless router, during an intruder detection mode, to the profile and issuing a notification, based on the comparing.
Systems and methods for handling fraudulent uses of brands
Granted: May 15, 2018
Patent Number:
9971878
The disclosed computer-implemented method for handling fraudulent uses of brands may include (1) enabling a subscriber of a brand-protection service to select an action to perform when a fraudulent use of a brand is detected in Internet traffic that is transmitted via any of a plurality of Internet-traffic chokepoints that are managed by the brand-protection service, (2) monitoring, at each of the plurality of Internet-traffic chokepoints, Internet traffic for fraudulent uses of brands,…
Systems and methods for searching unstructured documents for structured data
Granted: May 15, 2018
Patent Number:
9971809
The disclosed computer-implemented method for searching unstructured documents for structured data may include (1) receiving a request to search unstructured documents for a document that contains data (e.g., sensitive data) from a structured dataset, (2) generating a secure search index (e.g., a Bloom filter) for searching the unstructured documents for the sensitive data, (3) extracting a first token and a second token from an unstructured document, (4) generating a hashed key from the…
Systems and methods for identifying compromised devices within industrial control systems
Granted: May 8, 2018
Patent Number:
9967274
The disclosed computer-implemented method for identifying compromised devices within industrial control systems may include (1) monitoring network traffic within a network that facilitates communication for an industrial control system that includes an industrial device, (2) creating, based at least in part on the network traffic, a message protocol profile for the industrial device that describes (A) a network protocol used to communicate with the industrial device and (B) normal…
Systems and methods for automatically verifying default printing selections
Granted: May 8, 2018
Patent Number:
9965232
The disclosed computer-implemented method for automatically verifying default printing selections may include (1) receiving a digital printing request from a user of the computing device to print a document, (2) identifying, in response to receiving the digital printing request, a default printer to which the computing device is configured to transmit instructions to print the document, (3) determining that the default printer is not within a designated area of the computing device, (4)…
Systems and methods for monitoring virtual networks
Granted: May 1, 2018
Patent Number:
9961105
The disclosed computer-implemented method for monitoring virtual networks may include (1) identifying a virtual network containing at least one virtualized switching device that routes network traffic from a source port within the virtual network to a destination port, (2) providing, within the virtualized switching device, a set of software-defined network rules containing criteria for identifying packets having at least one predetermined property associated with a security policy, (3)…
Apparatus and method for characterizing the risk of a user contracting malicious software
Granted: May 1, 2018
Patent Number:
9961091
A non-transitory computer readable storage medium includes executable instructions to identify specified network interactions initiated by a client machine. The specified network interactions are compared to normative values to produce a promiscuity score indicative of the risk of the client machine contracting malicious software. Depending upon the promiscuity score, prophylactic actions are optionally applied to the client machine.
Context aware intruder detection using WIFI MAC addresses
Granted: May 1, 2018
Patent Number:
9961079
A method and system for intruder detection is provided. The method includes generating a whitelist of media access control (MAC) addresses of a plurality of wireless devices that are acceptable in a detection zone of a wireless router and detecting, by the wireless router, a further wireless device. The method includes issuing a notification in response to absence, on the whitelist, of a media access control address of the further wireless device, the notification indicating a physical…
Systems and methods for identifying potentially malicious singleton files
Granted: May 1, 2018
Patent Number:
9959407
A computer-implemented method for identifying potentially malicious singleton files may include (1) identifying a set of benign singleton files and a set of malicious singleton files, (2) obtaining, for each singleton file in the sets of benign and malicious singleton files, file identification information that identifies the singleton file, (3) using the file identification information of the singleton files from the sets of benign and malicious singleton files to train a classifier to…
Methods and systems for creating and updating approved-file and trusted-domain databases
Granted: May 1, 2018
Patent Number:
9959404
Computer-implemented methods and systems for creating or updating approved-file and trusted-domain databases and verifying the legitimacy of files are disclosed. A method for creating or updating an approved-file database may include intercepting a first file, identifying a source domain associated with the first file, identifying a trusted-domain database, determining whether a database record for the source domain associated with the first file exists within the trusted-domain…
Detection of mutated apps and usage thereof
Granted: April 24, 2018
Patent Number:
9954874
System, method and product for detection of mutated apps and usage thereof. A method comprises obtaining features of an Application Under Check (AUC); comparing the features with sets of features of applications to determine a host application of the AUC; determining that the AUC is a mutated application of the host application, wherein said determined comprises comparing the AUC with the host application; and in response to said determining, performing a predetermined action. A server…
Systems and methods for enforcing secure software execution
Granted: April 24, 2018
Patent Number:
9953158
The disclosed computer-implemented method for enforcing secure software execution may include (1) providing at least one known benign input to an executable file that is susceptible to abnormal code execution, (2) observing a series of function calls made by the executable file as the executable file processes the known benign input, (3) storing the series of function calls as a control flow graph that represents known safe function call pathways for the executable file, and (4) forcing…
Commodity hardware based parental control device
Granted: April 17, 2018
Patent Number:
9946852
A portable hardware device such as a USB memory stick is used to provide parental locking functionality to a computer. When the device is coupled to the computer, the computer is unlocked and allowed to operate normally. When the device is not coupled to the computer, the computer is locked, and some or all of the computing functionality is blocked. This enables parents to lock and unlock a child's computer with a “key.” A detecting module detects the coupling and uncoupling of…
Automatic shared personal image privacy level detection and management
Granted: April 17, 2018
Patent Number:
9948651
Network traffic is monitored, and activities concerning posting images to sharing sites are detected. Detected activities can be attempts to login to sharing sites, or attempts to post images. Privacy concerns associated with sharing images on target sites are identified. In the case of detecting a successful attempt to login to a known sharing site, the site is scanned for the privacy settings in effect for the user, and it is determined whether the settings are below a given threshold.…
System and method of constructing dynamic namespaces in the internet of things
Granted: April 17, 2018
Patent Number:
9948603
A method, performed by a network device, for communication with Internet of Things (IoT) devices is provided. The method includes receiving a communication relevant to Internet of Things devices, wherein the communication is in accordance with a naming scheme that has conventions for objects, context, data and commands and is agnostic as to a plurality of addressing schemes of the Internet of Things devices. The method includes resolving names in the communication, in accordance with the…
Techniques for application code obfuscation
Granted: April 17, 2018
Patent Number:
9946853
Techniques for application code obfuscation are disclosed. In one embodiment, the techniques may be realized as a method including receiving application code and testing data associated with the application; automatically generating obfuscated application code from the received application code; automatically testing the obfuscated application code by running the obfuscated application code and inputting at least the recorded inputs from the testing data while recording associated…
