公开(公告)号：US11368465B2

公开(公告)日：2022-06-21

申请号：US16796802

申请日：2020-02-20

Applicant: Avast Software s.r.o.

Inventor： Karel Fuka ,  Matús Baniar

IPC: G06F7/04 ,  H04L9/40 ,  H04L67/1097 ,  H04L9/06

Abstract: Systems and methods provide an entity identifier (EID) for use in distributed systems, where the entity identifier includes inherent privacy features and where an estimate of the distinct count of the entity identifiers in a distributed system can be determined. A unique identifier (e.g., a GUID) for an entity is received. A hash value can be generated for the unique identifier using a hash function that is not guaranteed to generate unique values. An EID is created using a portion of the bits of the hash value and stored in a database. An estimated distinct count of entities based on a count of EIDs in the database can be determined based on the count of EIDs in the database and the size of the EID space.

公开(公告)号：US11316880B2

公开(公告)日：2022-04-26

申请号：US16571945

申请日：2019-09-16

Applicant: Avast Software s.r.o.

Inventor： Deepali Garg ,  Armin Wasicek

IPC: H04L29/06

Abstract: A method of identifying cryptocurrency mining on a networked computerized device includes intercepting network traffic between the networked computerized device and a public network, and extracting Internet Protocol (IP) packet data of the intercepted network traffic. The IP packet data of the intercepted network traffic is evaluated such that if the intercepted network traffic is determined to be characteristic of communication with a cryptocurrency mining pool it is determined that the networked computerized device is mining cryptocurrency. One or more remedial actions are taken if it is determined that the networked computerized device is mining cryptocurrency, such as blocking traffic between the networked computerized device and the mining pool or notifying a user.

公开(公告)号：US11258812B2

公开(公告)日：2022-02-22

申请号：US16450368

申请日：2019-06-24

Applicant: Avast Software s.r.o.

Inventor： Rajarshi Gupta

IPC: H04L29/06 ,  G06F21/55 ,  G06K9/62

Abstract: A method of identifying malicious activity in a sequence of computer instructions includes monitoring data flows from a public network to one or more networked devices on a private network and to one or more honeypots that appear to the public network to be devices on the private network, representing each such data flow as a word, and the sequence of data flows as comprising an n-gram of two or more words. The data flows are characterized with a likelihood of being malicious based on their statistical association with the one or more honeypots relative to their statistical association with one or more networked devices. Identified malicious activity is used to train a network device to identify malicious data flows and prevent them from reaching devices on the private network.

公开(公告)号：US11206543B2

公开(公告)日：2021-12-21

申请号：US16293152

申请日：2019-03-05

Applicant: Avast Software s.r.o.

Inventor： Juyong Do ,  Rajarshi Gupta ,  Ond{hacek over (r)}ej Vl{hacek over (c)}ek

IPC: H04W12/37 ,  G06F21/55 ,  H04L29/06 ,  G06N20/00

Abstract: A method includes monitoring data security events on mobile computing devices and positions of the mobile computing devices when the plurality of data security events occurred. A plurality of demographic information of the plurality of geographic positions are determined and a classifier is trained based on the data security events and demographic information. A particular mobile computing device is determined to be located at a particular geographic location and particular demographic information of the particular geographic location is determined. The classifier is applied to the particular demographic information and a particular security risk prediction of the particular geographic location is generated. A particular security measure is activated on the particular mobile computing device based on the particular security risk prediction.

公开(公告)号：US11140168B2

公开(公告)日：2021-10-05

申请号：US15213817

申请日：2016-07-19

Applicant: Avast Software s.r.o.

Inventor： Cees Wesseling ,  Jaroslav Nix ,  Vojt{hacek over (e)}ch Vobr ,  Shareen Racké-Bodha

IPC: H04L29/06 ,  G06F16/951 ,  G06F21/56

Abstract: To provide validation information to web publishers indicative of the presence of operational malicious software protection systems on user computing devices, an evaluation system resident on a web publisher server can cause web content, including validation request data, to be transmitted from the publisher server to a computing device. A submission system resident on the computing device can analyze the web content for the validation request data, and can cause the validation information to be transmitted from the computing device to the evaluation system based on the analysis. Upon receiving the validation information, the evaluation system can analyze it to determine the likelihood that content delivered to the computing device will be viewed by a real user (and not by automated computer programs).

公开(公告)号：US20210264233A1

公开(公告)日：2021-08-26

申请号：US16799738

申请日：2020-02-24

Applicant: Avast Software s.r.o.

Inventor： Petr Gronát ,  Petr Kaderábek ,  Jakub Sanojca

IPC: G06N3/04 ,  G06N3/08 ,  G06K9/62 ,  H04L29/06

Abstract: A method of generating receiving a valid domain name comprises evaluating a received valid domain name in a neural network trained to generate similar domain names, and providing an output comprising at least one domain name similar to the received valid domain name generated by the neural network. In a further example, a recurrent neural network is trained using valid domain names and observed malicious similar domain names and/or linguistic rules. In another example, the output of the recurrent neural network further comprises a similarity score reflecting a degree of similarity between the valid domain name and the similar domain name, such that the similarity score can be used to generate a ranked list of domain names similar to the valid domain name.

公开(公告)号：US20210248247A1

公开(公告)日：2021-08-12

申请号：US16784222

申请日：2020-02-06

Applicant: Avast Software s.r.o.

Inventor： John Poothokaran ,  Armin Wasicek

IPC: G06F21/62 ,  G06F9/445 ,  G06F16/9535 ,  G06F16/242 ,  G06F16/955 ,  G06F16/958 ,  G06K9/62 ,  G06N3/08

Abstract: A method for enabling website access is provided. The method includes detecting an attempt to access a particular website by a computing device via a network, the particular website including one or more webpages, and accessing a particular data privacy policy for the particular website. Scores of the particular data privacy policy are determined based on text of the particular data privacy policy, and a particular multidimensional coordinate is determined based on the scores of the particular data privacy policy. A map including the particular multidimensional coordinate is displayed via the computing device. An instruction from a user is received via the computing device to enable accessing of the particular website, and the accessing by the computing device of the particular website is enabled in response to the instruction from the user.

公开(公告)号：US20210224390A1

公开(公告)日：2021-07-22

申请号：US16745230

申请日：2020-01-16

Applicant: Avast Software s.r.o.

Inventor： Peter Kovác ,  Jan Piskácek

IPC: G06F21/56

Abstract: A method of generating a similarity hash for an executable includes extracting a plurality of characteristics for one or more classes in the executable, and transforming the plurality of characteristics into a set of one or more class fingerprint strings corresponding to the one or more classes. The set of class fingerprint strings is transformed into a hash string using minwise hashing, such that a difference between hash strings for different executables is representative of the degree of difference between the executables. The hash of a target executable is compared with hashes of known malicious executables to determine whether the target executable is likely malicious.

公开(公告)号：US11003744B2

公开(公告)日：2021-05-11

申请号：US15122870

申请日：2015-03-03

Applicant: AVAST SOFTWARE S.R.O.

Inventor： Tomas Rosa ,  Petr Dvorak

IPC: H04W12/06 ,  G06F21/12 ,  G06Q20/32 ,  G06Q20/38 ,  G06F21/35 ,  H04W12/041 ,  H04L9/08 ,  H04L9/14 ,  H04L9/30 ,  H04L9/32 ,  H04L29/06 ,  H04M1/72412

Abstract: Methods, systems and devices for securing a bank account against an unauthorized access from a portable electronic device include or include using an auxiliary security device and a portable electronic device. The portable electronic device is adapted for controlling the bank account via the Internet. The auxiliary security device and the portable electronic device communicate via a Bluetooth protocol. Secure access to the bank account with the portable electronic device is based on a combination of information that is indicative of a key that is stored in the portable electronic device and data that is indicative of the key stored in the auxiliary security device that has been transmitted to the portable electronic device.

公开(公告)号：US20210112093A1

公开(公告)日：2021-04-15

申请号：US16601341

申请日：2019-10-14

Applicant: Avast Software s.r.o.

Inventor： Hana Dusíková

IPC: H04L29/06 ,  H04L29/12

Abstract: ARP spoofing success for a network security device is measured by inserting the network security device between a router or gateway and one or more private network clients by using ARP spoofing, and sending a ping from the private network device to the private network clients using the IP address of the router or gateway. Private network clients are identified as successfully ARP spoofed if a ping response is received. If a ping response is not received from one or more clients, a ping is sent from the security device to the missing client using the security device's own source IP address. If a response to the ping is received it is determined that the ARP spoofing was unsuccessful, and if response to the ping is not received it is determined that the client device is not present in the private network.