公开(公告)号：US20230247010A1

公开(公告)日：2023-08-03

申请号：US17592254

申请日：2022-02-03

Applicant: Avast Software s.r.o.

Inventor： Christopher Joseph O’Connell ,  Barna Csukas ,  Gabor Miklos ,  Vitalii Sydorovych ,  Rui Santos ,  Michal Hojsík

IPC: H04L9/40 ,  H04L9/14 ,  H04L9/30 ,  H04L9/32 ,  H04L9/06

CPC classification number: H04L63/0457 ,  H04L9/14 ,  H04L9/065 ,  H04L9/3073 ,  H04L9/3242 ,  H04L63/166 ,  H04L63/0435

Abstract: A system, computer-readable storage medium, and method for secure network communication. A first device employs a first secret to establish a stream between the first and a second device. A third key, first ciphertext based on a first key, and hash of the first key are received from the second device by the first. A second key is applied to recover a second secret from the first ciphertext. The third key is encrypted to generate a second ciphertext including a third secret. Fourth and fifth keys are derived based on the first, second, and third secrets. A message authentication code is generated based on the fourth and third keys, first ciphertext, hash of the first key, and second ciphertext. The second ciphertext and message authentication code are transmitted by the first to the second device, and the fifth key is employed by the first device to modify the stream.

公开(公告)号：US20230131525A1

公开(公告)日：2023-04-27

申请号：US17512015

申请日：2021-10-27

Applicant: Avast Software s.r.o.

Inventor： Bretislav {hacek over (S)}opík ,  Fabrizio Biondi ,  Jakub Kroustek ,  Olga Petrova

IPC: H04L29/06

Abstract: A method and system for updating and applying a ruleset used for determining and mitigating malware threats. Communications of computing devices are monitored and first data file extracted. A first and second set of features are extracted. A first rule is applied to the first set of features of the first data file to determine a non-match. A second rule is applied to the second set of features to determine a match. A third rule is generated based on the first set of features, non-match, and match. Communications of a particular computing device are monitored and second data file extracted. A first set of features of the second data file are extracted. The third rule is applied to the first set of features of the second data file to determine a match. The second data file is disabled, blocked, or deleted based the match determination by the third rule.

公开(公告)号：US11477202B2

公开(公告)日：2022-10-18

申请号：US15857433

申请日：2017-12-28

Applicant: Avast Software s.r.o.

Inventor： Jeroen De Knijf ,  David Makovsky

IPC: H04L9/40 ,  G06F16/20 ,  H04L67/30 ,  H04W4/70 ,  H04L67/12 ,  H04W12/122 ,  G06F21/52 ,  G06F21/55 ,  G06F21/56 ,  H04L41/50 ,  H04L43/0876

Abstract: In order to identify an unknown IoT device type, behavioral or statistical data of the device is collected and analyzed. A functional group may be created using behavioral data of devices of a known type. A behavior profile for the functional group may be generated and stored in a database. The behavioral data of the device of an unknown type is compared to the behavior profile of the functional group. When the similarity of the behavioral data of the device of an unknown type and the behavior profile exceeds a predetermined or configurable threshold, a device type associated with the functional group can be assigned to the device of a previously unknown type.

公开(公告)号：US20220239657A1

公开(公告)日：2022-07-28

申请号：US17687235

申请日：2022-03-04

Applicant: Avast Software s.r.o.

Inventor： Rajarshi Gupta

IPC: H04L9/40 ,  G06F17/16 ,  H04L67/50 ,  G06F3/0482 ,  G06F21/62

Abstract: A method for controlling application enabling includes receiving from a particular user an indication of data for sharing and an indication of one or more recipients with which to share the data. A multidimensional zone is determined based on the indication of the data and the indication of the one or more recipients. A request from the particular user to enable a particular application via a computing device is detected. Data permission requirements of the particular application are accessed, and a multidimensional coordinate is determined based on the data permission requirements of the particular application. The multidimensional zone is compared to the multidimensional coordinate, and the particular user is notified via the computing device of the comparing of the multidimensional zone to the multidimensional coordinate. An affirmation of the request is received from the particular user via the computing device, and the particular application is enabled responsive to the affirmation of the request.

公开(公告)号：US20220237289A1

公开(公告)日：2022-07-28

申请号：US17159909

申请日：2021-01-27

Applicant: Avast Software s.r.o.

Inventor： Tomas Pevny ,  Viliam Lisy ,  Branislav Bosansky ,  Michal Pechoucek ,  Vaclav Smidl ,  Petr Somol ,  Jakub Kroustek ,  Fabrizio Biondi

IPC: G06F21/56 ,  G06F21/53 ,  G06N3/08 ,  G06N3/04

Abstract: A malware classification is generated for an input data set with a human-readable explanation of the classification. An input data set having a hierarchical structure is received in a neural network that has an architecture based on a schema determined from a plurality of second input data sets and that is trained to classify received input data sets into one or more of a plurality of classes. An explanation is provided with the output of the neural network, the explanation comprising a subset of at least one input data set that caused the at least one input data set to be classified into a certain class using the schema of the generated neural network. The explanation may further be derived from the statistical contribution of one or more features of the input data set that caused the at least one input data set to be classified into a certain class.

公开(公告)号：US20220231990A1

公开(公告)日：2022-07-21

申请号：US17153657

申请日：2021-01-20

Applicant: Avast Software s.r.o.

Inventor： Wicher Thomas Maarseveen ,  Jirí Suska

IPC: H04L29/06 ,  H04L29/12

Abstract: A private network device such as a security device is inserted in a local network and is operable to isolate networked devices on the local network. The networked security device uses Internet Protocol spoofing to intercept network traffic between at least two networked devices on the same local network as the networked security device, and selectively blocks intercepted network traffic between the at least two networked devices on the local network.

公开(公告)号：US20220207170A1

公开(公告)日：2022-06-30

申请号：US17135989

申请日：2020-12-28

Applicant: Avast Software s.r.o.

Inventor： John Poothokaran ,  Juyong Do ,  Rajarshi Gupta

IPC: G06F21/62 ,  G06F21/60 ,  G06F21/31 ,  H04L29/08

Abstract: A data managing method. Metadata including a sharing policy is applied to a data file on a computing device. A sharing of the data file from the computing device via a network to a platform hosted by a computing system is detected. It is determined whether the platform is in compliance with the sharing policy, and it is reported whether the platform is in compliance with the sharing policy.

公开(公告)号：US11363065B2

公开(公告)日：2022-06-14

申请号：US16857924

申请日：2020-04-24

Applicant: Avast Software s.r.o.

Inventor： Dan Martinec

IPC: H04L29/06 ,  H04L9/40 ,  G06F16/953 ,  H04L67/02 ,  H04L67/01

Abstract: A method of identifying network devices such as a router includes accessing an HTTP server on at least one network device, and evaluating a web page served by the device's HTTP server. The web page is evaluated to determine whether it is similar to a page group from a plurality of page groups, where each of the plurality of page groups comprises a group of web pages similar to other pages in the page group. If the evaluated web page is determined similar to a page group, the page group most similar to the evaluated web page is identified as corresponding to the identity of the network device.

公开(公告)号：US11297096B2

公开(公告)日：2022-04-05

申请号：US16584552

申请日：2019-09-26

Applicant: Avast Software s.r.o.

Inventor： Petr Gronát ,  Mikulá{hacek over (s)} Zelinka

IPC: H04L29/06 ,  G06N3/08 ,  G06K9/62

Abstract: A method of identifying malicious activity in a computer data sequence includes providing provided the computer data sequence to a network configured to convert the computer data sequence from a high-dimensional space to a low-dimensional space, and processing the computer data sequence in the low-dimensional space to generate an approximately Gaussian distribution. The processed computer data sequence converted to the low dimensional space is evaluated relative to the approximately Gaussian distribution to determine whether the computer data sequence is likely malicious or likely benign, and an output is provided indicating whether the computer data sequence is likely malicious or likely benign.

公开(公告)号：US20220092198A1

公开(公告)日：2022-03-24

申请号：US17028182

申请日：2020-09-22

Applicant: Avast Software s.r.o.

Inventor： Sadia Afroz ,  Armin Wasicek

IPC: G06F21/62 ,  G06K9/62 ,  G06F21/60 ,  G06F16/51

Abstract: A data sharing control method. The method includes detecting a plurality of images on one or more devices operated by a first user, the one or more devices comprising a particular device. A plurality of tags are determined for the plurality of images, and a plurality of settings are received based on the plurality of tags from a second user. A particular image is detected on the particular device. One or more particular tags of the particular image on the particular device are determined, and a sharing action of the particular image by the particular device is blocked based on the plurality of settings and the one or more particular tags.