Automated construction of network whitelists using host-based security controls
Granted: May 14, 2019
Patent Number:
10291654
Techniques are disclosed for constructing network whitelists in server endpoints using host-based security controls. Once constructed, the network whitelists are used to detect unauthorized communications at the server endpoints. In one embodiment, a method is disclosed for constructing a network whitelist. The method includes identifying at least a first application hosted on a computing system. The method also includes inspecting one or more configuration files associated with the…
System and method for prioritizing endpoints and detecting potential routes to high value assets
Granted: May 14, 2019
Patent Number:
10291644
A system and method for detecting potential system vulnerabilities to malicious attacks. A list of routes between computing devices and associated threat levels is maintained as network events occur between computing devices. The routes include bad hygiene endpoints, high value targets which are a variety of server types controlling access to sensitive data, and network connections. A list of routes connecting high value targets and bad hygiene endpoints are sorted by a priority level…
System and method for creating custom sequence detectors
Granted: May 14, 2019
Patent Number:
10291639
According to one embodiment, a method comprises presenting a graphical user interface that includes a plurality of user selectable buttons, each button corresponding to a customizable variable of a step in a sequence, and receiving, based on user input, a selection of one of the plurality of user selectable buttons. The method further comprises providing, based on the selection, a plurality of options for the variable corresponding to the selected button, determining a designation of at…
Method, system, and computer-readable medium for warning users about untrustworthy application payment pages
Granted: May 14, 2019
Patent Number:
10290033
The disclosed computer-implemented method for warning users about untrustworthy application payment pages may include (1) detecting, within an Internet browser, a payment page to purchase an application, (2) determining a source of origin of the payment page, (3) querying a reputation database to determine a reputation of the source of origin of the payment page, (4) receiving a response from the reputation database indicating that the source of origin of the payment page is…
Systems and methods for providing kinship-based accessibility to securely stored data
Granted: May 14, 2019
Patent Number:
10289865
A computer-implemented method for providing kinship-based accessibility to securely stored data may include (1) identifying encrypted data that is encrypted with a first cryptographic key which was derived from heritable biometric information obtained from a first person, (2) receiving heritable biometric information obtained from a second person related to the first person within a predetermined degree, (3) generating a second cryptographic key based at least in part on the heritable…
Systems and methods for preventing unauthorized access to computing devices implementing computer accessibility services
Granted: May 14, 2019
Patent Number:
10289839
The disclosed computer-implemented method for preventing unauthorized access to computing devices implementing computer accessibility services may include (i) detecting, at a client computing device, an instruction to perform a user interface action utilizing a computer accessibility service, (ii) determining, at the client computing device, whether the instruction was triggered based on a touch event initiated by a user of the client computing device, and (iii) performing, at the client…
Systems and methods for guiding users to network-enabled devices
Granted: May 14, 2019
Patent Number:
10288432
The disclosed computer-implemented method for guiding users to network-enabled devices may include (i) monitoring network communications within a wireless network, (ii) determining, based on monitoring network communications transmitted over the wireless network that involve a network-enabled device connected to the wireless network, that an end user requires guidance to a physical location of the network-enabled device, (iii) deriving the physical location of the network-enabled device…
Tree rotation in random classification forests to improve efficacy
Granted: May 7, 2019
Patent Number:
10284585
Methods and apparatus for optimizing computer detection of malware using pattern recognition by refreshing random classification forests are described. In one embodiment, one or more selected trees of a random forest on a computing system may be replaced by one or more new trees. As new categorized data becomes available, one or more new trees may be generated using the new categorized data. Once the one or more new trees are available, the performance of the one or more new trees may be…
Systems and methods for responding to electronic security incidents
Granted: May 7, 2019
Patent Number:
10284587
The disclosed computer-implemented method for responding to electronic security incidents may include (i) identifying a plurality of security incidents that each occurred within a computing environment and call for a security response, (ii) establishing relationships among the plurality of security incidents by, for each security incident, (a) calculating a feature vector indicating at least one feature of the security incident, (b) using the feature vector to calculate a degree of…
Data loss prevention techniques for applications with save to web functionality
Granted: May 7, 2019
Patent Number:
10284586
Techniques presented herein describe data loss prevention (DLP) methods for saving a file to a destination over a network via an application, such as a productivity application having such features. A DLP agent injects components to the productivity application intercept save operations initiated by a user. When the user initiates a save operation for a file, the components suspend the operation and store a current version of the file (including unsaved file data) in a temporary location…
Systems and methods for dynamically validating remote requests within enterprise networks
Granted: May 7, 2019
Patent Number:
10284564
The disclosed computer-implemented method for dynamically validating remote requests within enterprise networks may include (1) receiving, on a target system within an enterprise network, a request to access a portion of the target system from a remote system within the enterprise network, (2) performing a validation operation to determine whether the remote system is trustworthy to access the portion of the target system by (A) querying an enterprise security system to authorize the…
Systems and methods for verifying authentication requests using internet protocol addresses
Granted: May 7, 2019
Patent Number:
10284556
A computer-implemented method for verifying authentication requests using IP addresses may include (i) collecting, by a computing system, data on IP address changes from a set of endpoint devices, (ii) creating, by the computing system using the data on IP address changes, a virtual IP address distance map based on a likelihood of change from at least one origin IP address to at least one destination IP address, (iii) automatically detecting, by the computing system, a change in an IP…
Secure computer peripheral devices
Granted: May 7, 2019
Patent Number:
10284530
A method for improving security of peripheral devices is described. In one embodiment, the method includes sending, by a processor of a peripheral device, at least one packet of data to an operating system of a computing device, identifying, by the processor, execution of a software application on the computing device, performing, by the processor, a handshake protocol between the secure input device and the software application based at least in part on the execution of the software…
Grouped categorization of internet content
Granted: May 7, 2019
Patent Number:
10282368
In one embodiment, a device in a network classifies Internet content data using one or more classifiers to identify a plurality of content classes for the content data. Each content class has a corresponding classification score based on the classification. The device determines whether any of the classification scores exceed a threshold level. The device identifies a set of content groups, where each of the plurality of content classes is associated with one of the content groups. The…
Techniques for data classification based on sensitive data
Granted: April 30, 2019
Patent Number:
10275396
Techniques for data classification may be realized as a method including: selecting from a group of files a sample set representing fewer than all of the files; classifying each file in the sample set, wherein classifying each file includes identifying whether each file represents sensitive information; and providing an estimate for the group of files based on the classification of each file in the sample set, including an estimate of sensitive information within the group of files.
Systems and methods for securing computing systems on private networks
Granted: April 30, 2019
Patent Number:
10277625
The disclosed computer-implemented method for securing computing systems on private networks may include (i) identifying a set of computing systems that are connected via a private network, (ii) calculating, for each computing system in the set, a malware-vulnerability rating that reflects a probability of the computing system being compromised by a malware attack, a malware-exposure rating that is based on a relationship between the computing system and one or more other computing…
Systems and methods for reducing infection risk of computing systems
Granted: April 30, 2019
Patent Number:
10277624
The disclosed computer-implemented method for reducing infection risk of computing systems may include (i) determining a distance between a computing system that is connected to a local network and an additional computing system that is not connected to the local network but is connected to the computing system via a series of connected devices, (ii) detecting that the additional computing system is infected with malware, (iii) calculating an infection probability for the computing…
Controlling encrypted traffic flows using out-of-path analysis devices
Granted: April 30, 2019
Patent Number:
10277562
In one embodiment, a first device in a network receives intercepted traffic that has been encrypted. The first device decrypts the intercepted traffic and sends the decrypted traffic to one or more analysis devices in the network. The first device receives a message indicative of a result of analysis of the decrypted traffic by the one or more analysis devices.
Techniques for handling device inventories
Granted: April 30, 2019
Patent Number:
10275738
Techniques for handling device inventories are disclosed. In one embodiment, the techniques may be realized as a system for handling device inventories comprising one or more processors. The one or more processors may be configured to send an inventory request of a device. The inventory request may comprise identification information of the device. The one or more processors may further be configured to receive, in response to the inventory request, inventory information associated with…
Activating malicious actions within electronic documents
Granted: April 30, 2019
Patent Number:
10275596
A method and system for activating malicious actions within electronic documents is described. In one embodiment, the method may include receiving, by a processor of a computing device, the electronic document; identifying, by the processor, an object embedded within the electronic document; identifying, by the processor, an action associated with execution of the object; executing, by the processor, the action within a context of rules associated with the object; identifying, by the…
