Analyzing requests from authenticated computing devices to detect and estimate the size of network address translation systems
Granted: December 31, 2019
Patent Number:
10523715
A NAT system is identified as operating in conjunction with a specific IP address, in response to a threshold number of different authenticated computing devices making requests to the web service from the specific IP address during a given time period. The total number of computing devices operating from behind the identified NAT system is estimated, based on how many separate authenticated computing devices make requests to the web service from the IP address during the period of time.…
System and method for identity-based fraud detection
Granted: December 31, 2019
Patent Number:
10521857
A method for determining a likelihood of fraud associated with an input identity record is disclosed herein. The disclosed method contemplates determining characteristics of the input identity record by examining content of one or more fields of the input identity record. Historical identity records related to the input identity record may then be retrieved so as to define a set of linked identity records. The method further includes computing one or more network-based features of the…
Artificial intelligence (AI) techniques for learning and modeling internal networks
Granted: December 24, 2019
Patent Number:
10515187
Introduced here are techniques for modeling networks in a discrete manner. More specifically, various embodiments concern a virtual machine that collects data regarding a network and applies algorithms to the data to discover network elements, which can be used to discover the topology of the network and model the network. The algorithms applied by the virtual machine may also recognize patterns within the data corresponding to naming schemes, subnet structures, application logic, etc.…
Systems and methods for enforcing data loss prevention (DLP) policies during web conferences
Granted: December 3, 2019
Patent Number:
10498767
A computer-implemented method for enforcing data loss prevention (DLP) policies during web conferences may include (i) detecting, by a computing device, an attempt by a presenter to initiate a web conference, (ii) determining that at least one item of content that a participant of the web conference attempts to share during the web conference contains sensitive data, (iii) identifying a DLP policy associated with the sensitive data, and (iv) securing the web conference against…
Systems and methods for dynamically varying web application firewall security processes based on cache hit results
Granted: December 3, 2019
Patent Number:
10498701
A computer-implemented method for dynamically varying web application firewall security processes based on cache hit results may include (i) identifying, at a computing device, a request directed to a web application resource protected by the computing device, (ii) determining, in response to identifying the request, whether a response to the request will be served from a cache stored on the computing device, (iii) determining, based at least in part on whether the response to the…
Systems and methods of dynamic obfuscation pattern generation for preventing smudge attacks on touch screen devices
Granted: December 3, 2019
Patent Number:
10496852
Systems and methods for dynamic guided obfuscation pattern generation for preventing smudge attacks on touch screen devices are provided. One method may include receiving a user access pattern associated with a matrix displayed on the user interface; wherein, the system generates an obfuscation pattern based upon the user access pattern. For example, the system may generate edges of the obfuscation pattern by determining potential lines that may be drawn from the first and last points of…
Mitigation of malicious actions associated with graphical user interface elements
Granted: November 26, 2019
Patent Number:
10489593
Mitigating malicious actions associated with graphical user interface elements may be performed by a computing device. A user interface element is monitored in a graphical user interface environment executing on the computing device. An association between the user interface element and a malicious action is determined. Access to the user interface element is blocked to prevent the malicious action.
Systems and methods for evaluating wireless network connection security
Granted: November 26, 2019
Patent Number:
10492072
The disclosed computer-implemented method for evaluating wireless network connection security may include (i) detecting a wireless network connection from an Internet-of-Things device through sniffing, (ii) automatically selecting the wireless network connection as the wireless network connection to be evaluated in an analysis of network connection security, (iii) performing, in response to the automatic selecting of the wireless network connection as the wireless network connection to…
Dynamically ranking and presentation of endpoints based on age of symptoms and importance of the endpoint in the environment
Granted: November 26, 2019
Patent Number:
10491626
The present disclosure provides methods for an endpoint ranking system that can take endpoint importance, symptom importance, and symptom timing into account when determining endpoint hygiene scores for endpoints in a network. A list of endpoints that is ranked or sorted according to hygiene score can by dynamically generated and can change over time due to the manner in which symptom timing is taken into account. The list can also evolve as parameters for endpoint importance and system…
Image data identifiers and validators for data loss prevention
Granted: November 26, 2019
Patent Number:
10489685
Techniques for data loss prevention in an image-specific domain using image data identifiers and validators are described. According to some embodiments, a method may include defining an image data identifier and a data identifier validator, the image data identifier specifying one or more prohibited object types, and the data identifier validator specifying one or more prohibited object sub-types. The method may include receiving an image, identifying one or more objects in the image…
Creating an execution safety container for unreliable exploits
Granted: November 26, 2019
Patent Number:
10489592
The present disclosure relates to executing software within an execution safety container. An example method generally includes detecting that a memory address referenced by a stack pointer has changed from a first memory address to a second memory address. An execution safety container compares the referenced memory address to a memory address range associated with an application, and upon determining that the referenced memory address is not within the memory address range associated…
Systems and methods for classifying files as specific types of malware
Granted: November 26, 2019
Patent Number:
10489587
The disclosed computer-implemented method for classifying files as specific types of malware may include (i) identifying an unknown file on a computing device, (ii) performing an analysis of the unknown file by applying, to the unknown file, a machine-learning heuristic that employs at least one decision tree, (iii) classifying the unknown file as malicious based on the analysis, and (iv) after classifying the unknown file as malicious, using the same decision tree employed by the…
Optimizing data loss prevention performance during file transfer operations by front loading content extraction
Granted: November 26, 2019
Patent Number:
10489370
Latency of DLP policy application during file transfer operations is decreased, by front loading the extraction of file content. The potential extraction latencies of files are quantified based on attributes such as size and/or type. Files with potential extraction latencies that meet a given threshold are identified for pre-transfer content extraction, and their content is extracted and stored. An index of the stored extracted content is maintained, tracking all files from which content…
Systems and methods for selecting questions for knowledge-based authentication based on social entropy
Granted: November 19, 2019
Patent Number:
10482223
The disclosed computer-implemented method for selecting questions for knowledge-based authentication based on social entropy may include (1) identifying a potential question to ask a user of a computing system during a KBA process in an attempt to verify the user's identity, (2) determining whether any information suggestive of a correct answer to the potential question is available to anyone other than the user of the computing system, (3) calculating a social entropy of the potential…
Systems and methods for detecting low-density training regions of machine-learning classification systems
Granted: November 19, 2019
Patent Number:
10484399
The disclosed computer-implemented method for detecting low-density training regions of machine-learning classification systems may include (i) receiving a training dataset that is used to train a classifier of a machine-learning classification system, (ii) calculating a density estimate of a distribution of the training dataset, (iii) receiving a sample that is to be classified by the classifier, (iv) using the density estimate to determine that the sample falls within a low-density…
Identifying, marking and erasing sensitive information in screen captures for data loss prevention
Granted: November 19, 2019
Patent Number:
10482284
Sensitive information displayed on a screen is protected against leakage and loss. A section of a bitmap containing sensitive information is defined as a protection region. A protection marker identifying the protection region is embedded into the bitmap. The defined protection region is divided into multiple sub-regions, and a separate sub-region protection marker is embedded in each sub-region of the original protection region. The defining, embedding and dividing are performed before…
Structured text and pattern matching for data loss prevention in object-specific image domain
Granted: November 19, 2019
Patent Number:
10482280
Structured text and pattern matching may be performed for data loss prevention in object-specific image domain. According to some embodiments, a method may include receiving an image, identifying one or more objects in the image based on attributes of the one or more objects, and determining an object type of a first object of the one or more objects by a computing device. The method may include identifying, by the computing device, one or more specific regions of the first object for…
In-line filtering of insecure or unwanted mobile device software components or communications
Granted: November 19, 2019
Patent Number:
10482260
Techniques for in-line filtering of insecure or unwanted mobile components or communications (e.g., insecure or unwanted behaviors associated with applications for mobile devices (“apps”), updates for apps, communications to/from apps, operating system components/updates for mobile devices, etc.) for mobile devices are disclosed. In some embodiments, in-line filtering of apps for mobile devices includes intercepting a request for downloading an application to a mobile device; and…
Using a common account to block malware on multiple devices
Granted: November 19, 2019
Patent Number:
10482250
A method for preventing malware is described. The method may include identifying a malicious application running on a first computing device, determining that the malicious application is installed on a second computing device based on the identifying, and performing a single operation including uninstalling the malicious application from the first computing device and the second computing device.
Systems and methods for efficiently matching files
Granted: November 19, 2019
Patent Number:
10482244
The disclosed computer-implemented method for efficiently matching files may include (i) analyzing a file to identify a set of functions within the file and relationships between functions within the set of functions, (ii) creating a set of representations for the set of functions by, for each function, combining a representation of a size of the function with a representation of a size of each function identified, when analyzing the file, as having a relationship to the function, (iii)…