公开(公告)号：US10452840B2

公开(公告)日：2019-10-22

申请号：US15210815

申请日：2016-07-14

Applicant: QUALCOMM Incorporated

Inventor： Yin Chen ,  Dong Li ,  Vinay Sridhara

IPC: G06F21/55 ,  H04L29/06 ,  H04W12/12

Abstract: Methods, systems and devices compute and use the execution session contexts of software applications to perform behavioral monitoring and analysis operations. A mobile device may be configured to monitor user activity and system activity of a software application, generate a shadow feature value that identifies actual execution session context of the software application during that activity, generate a behavior vector that incorporates context into the values describing behaviors, and determine whether the activity is malicious or benign based, at least in part, on the generated behavior vector. The mobile device processor may also be configured to intelligently determine whether the execution session context of a software application is relevant to determining whether any of the monitored mobile device behaviors are malicious or suspicious, and monitor only the execution session contexts of the software applications for which such determinations are relevant.

公开(公告)号：US10447717B2

公开(公告)日：2019-10-15

申请号：US15418693

申请日：2017-01-28

Applicant: QUALCOMM Incorporated

Inventor： Seyed Ali Ahmadzadeh ,  Saumitra Mohan Das ,  Yin Chen ,  Sriram Nandha Premnath

IPC: H04L29/06 ,  H04L29/08 ,  H04W12/12

Abstract: Various embodiments provide methods, devices, and non-transitory processor-readable storage media enabling rogue access point detection with a communications device by sending multiple probes via different network connections to a remote server and receiving probe replies. Various embodiments may include a communication device transmitting a first probe addressed to a server via a first network connection and a second probe addressed to the server via a second network connection. Upon receiving a first probe reply from the server via the first network connection and a second probe reply from the server via the second network connection server, the communications device may analyze the received probe replies to determine whether an access point of either the first network or the second network is a rogue access point.

公开(公告)号：US10321269B2

公开(公告)日：2019-06-11

申请号：US15650093

申请日：2017-07-14

Applicant: QUALCOMM Incorporated

Inventor： Vrajesh Bhavsar ,  Yin Chen ,  Saumitra Mohan Das

IPC: H04W4/02 ,  G01S5/02 ,  G01S5/14 ,  H04L12/26 ,  H04W24/08 ,  H04W48/18

Abstract: Systems, apparatus and methods for selecting a base station or a set of base stations for RTT measurements, or other interactive radio localization technique, to determine a position fix of a device are presented. The method imposes a processing load on only inactive or less active base stations. Busy or busier base stations are not used in the interactive radio localization technique. By imposing a processing load on only less active base stations, transmitting devices may be under loaded and encounter a more uniform processing delay, and thus provide a more accurate measurement resulting in a more accurate position fix.

公开(公告)号：US20180107823A1

公开(公告)日：2018-04-19

申请号：US15432516

申请日：2017-02-14

Applicant: QUALCOMM Incorporated

Inventor： Ramin Samadani ,  Yin Chen ,  Joel Galenson ,  Nayeem Islam

IPC: G06F21/52 ,  G06F9/30

CPC classification number: G06F21/52 ,  G06F9/30098 ,  G06F9/30145

Abstract: Embodiments include computing devices and methods implemented by computing devices for using programmable hardware security counters for detecting malicious behavior. Various embodiments may include tracking the value of hardware instruction pointers, such as pointers tracking the memory address of each executing instruction. The computing device may identify a start and end of contiguous instruction segments using the tracked instruction pointer. For example, the computing device may analyze changes in value of the instruction pointer to detect “jumps” or large changes in the memory address of executing instructions. Based, at least in part, on the identified instruction segments, the computing device may determine whether the instruction segments represent malicious behavior. If the instruction segments represent malicious behavior, the computing device may terminate the requesting software application.

公开(公告)号：US20160381057A1

公开(公告)日：2016-12-29

申请号：US14753666

申请日：2015-06-29

Applicant: QUALCOMM Incorporated

Inventor： Saumitra Mohan Das ,  Mona Mahmoudi ,  Vinay Sridhara ,  Rajarshi Gupta ,  Yin Chen

IPC: H04L29/06

CPC classification number: H04L63/1425 ,  G06F21/552 ,  H04L41/0631 ,  H04L43/0817 ,  H04L63/1416

Abstract: Systems, methods, and devices of the various aspects enable identification of anomalous application behavior. A computing device processor may detect network communication activity of an application on the computing device. The processor may identify one or more device states of the computing device, and one or more categories of the application. The processor may determine whether the application is behaving anomalously based on a correlation of the detected network communication activity of the application, the identified one or more device states of the computing device, and the identified one or more categories of the application.

Abstract translation: 各个方面的系统，方法和设备能够识别异常的应用行为。 计算设备处理器可以检测计算设备上的应用的网络通信活动。 处理器可以识别计算设备的一个或多个设备状态，以及应用的一个或多个类别。 处理器可以基于检测到的应用的网络通信活动，所识别的计算设备的一个或多个设备状态与所识别的一个或多个应用类别之间的相关性，来确定应用是否是异常行为。

公开(公告)号：US20160337390A1

公开(公告)日：2016-11-17

申请号：US14849849

申请日：2015-09-10

Applicant: QUALCOMM Incorporated

Inventor： Vinay Sridhara ,  Yin Chen ,  Rajarshi Gupta

IPC: H04L29/06 ,  G06N99/00 ,  G06F3/0484

CPC classification number: H04L63/1425 ,  G06F3/0484 ,  G06F21/566 ,  G06F2221/033 ,  G06N99/005 ,  H04L63/101

Abstract: Various embodiments include methods of evaluating device behaviors in a computing device and enabling white listing of particular behaviors. Various embodiments may include monitoring activities of a software application operating on the computing device, and generating a behavior vector information structure that characterizes a first monitored activity of the software application. The behavior vector information structure may be applied to a machine learning classifier model to generate analysis results. The analysis results may be used to classify the first monitored activity of the software application as one of benign, suspicious, and non-benign. A prompt may be displayed to the user that requests that the user select whether to whitelist the software application in response to classifying the first monitored activity of the software application as suspicious or non-benign. The first monitored activity may be added to a whitelist of device behaviors in response to receiving a user input.

Abstract translation: 各种实施例包括评估计算设备中的设备行为并实现特定行为的白名单的方法。 各种实施例可以包括在计算设备上操作的软件应用程序的监视活动，以及生成表征软件应用程序的第一监视活动的行为向量信息结构。 行为矢量信息结构可以应用于机器学习分类器模型，以生成分析结果。 分析结果可用于将软件应用程序的第一个监视活动分类为良性，可疑和非良性之一。 可以向用户显示提示，要求用户选择是否将软件应用程序的第一被监视活动分类为可疑或非良性，以便将软件应用程序列入白名单。 响应于接收到用户输入，第一个被监视的活动可以被添加到设备行为的白名单中。

公开(公告)号：US09277368B2

公开(公告)日：2016-03-01

申请号：US13945705

申请日：2013-07-18

Applicant: QUALCOMM Incorporated

Inventor： Saumitra Mohan Das ,  Ravi Palanki ,  Yin Chen

IPC: H04W4/04 ,  G01S5/02 ,  G01S19/48 ,  G01S19/50

CPC classification number: H04W4/043 ,  G01S5/0236 ,  G01S5/0263 ,  G01S5/0284 ,  G01S19/48 ,  G01S19/50

Abstract: The disclosure is directed to determining whether or not a mobile device is indoors. The mobile device obtains a position fix based, at least in part, on an outdoor positioning system, and obtains one or more shape-files for one or more objects that are in proximity of the position fix.

Abstract translation: 本公开旨在确定移动设备是否在室内。 移动设备至少部分地基于户外定位系统获得位置锁定，并获得位于该位置附近的一个或多个对象的一个​​或多个形状文件。

公开(公告)号：US09247379B2

公开(公告)日：2016-01-26

申请号：US14165386

申请日：2014-01-27

Applicant: QUALCOMM Incorporated

Inventor： Yin Chen ,  Payam Pakzad ,  Eric K. Holm

IPC: H04W24/00 ,  H04W4/02

CPC classification number: H04W4/02 ,  H04W4/021

Abstract: A method for processing assistance data associated with positioning of a mobile device as described herein includes estimating an initial location of the mobile device within an area; designating the initial location of the mobile device as a focal point; retrieving a subset of hierarchical assistance data as a function of the focal point; and generating a multi-level assistance data structure for the area centered at the focal point.

Abstract translation: 用于处理与本文所描述的移动设备的定位相关联的辅助数据的方法包括估计移动设备在一个区域内的初始位置; 指定移动设备的初始位置作为焦点; 检索作为焦点的函数的分层辅助数据的子集; 并为以焦点为中心的区域生成多级辅助数据结构。

公开(公告)号：US20150148057A1

公开(公告)日：2015-05-28

申请号：US14089636

申请日：2013-11-25

Applicant: QUALCOMM Incorporated

Inventor： Payam Pakzad ,  Yin Chen

IPC: H04W64/00 ,  H04W52/02

CPC classification number: H04W52/0261 ,  G01C21/206 ,  G01S5/0236 ,  G01S5/0263 ,  H04W64/00 ,  Y02D70/1262 ,  Y02D70/1264 ,  Y02D70/142 ,  Y02D70/144 ,  Y02D70/146 ,  Y02D70/164 ,  Y02D70/26

Abstract: Various techniques are provided which may be implemented as methods, apparatuses and articles of manufacture for use by a mobile device or one or more computing devices to provide for or otherwise support motion state based mobile device positioning. In an example, a method may be implemented at a mobile device to identify two or more subsets of grid points corresponding to an electronic map representing a particular environment, select one of the two or more subsets of grid points for use in position estimation based, at least in part, on a motion state of the mobile device, and determine an estimated position of the mobile device based, at least in part, on the selected subset of grid points.

Abstract translation: 提供的各种技术可以被实现为用于由移动设备或一个或多个计算设备用于提供或以其他方式支持基于运动状态的移动设备定位的方法，设备和制品。 在一个示例中，可以在移动设备处实现一种方法来识别对应于表示特定环境的电子地图的两个或更多个网格点子集，选择两个或更多个网格点子集中的一个以用于基于位置估计的位置估计， 至少部分地基于移动设备的运动状态，并且至少部分地基于所选择的网格点子集来确定移动设备的估计位置。

公开(公告)号：US10368205B2

公开(公告)日：2019-07-30

申请号：US16274196

申请日：2019-02-12

Applicant: QUALCOMM Incorporated

Inventor： Hui Chao ,  Saumitra Mohan Das ,  Yin Chen

IPC: H04W24/00 ,  H04W4/029 ,  G01S5/02 ,  G06Q30/02 ,  G06Q10/06 ,  H04W4/021

Abstract: Methods and systems for providing information associated with a location history of a mobile device to one or more applications are disclosed. A mobile device generates one or more location history records based on one or more locations of the mobile device, each location history record comprising one or more points of interest and a duration at the one or more points of interest, receives an information request from at least one application, determines a subset of the one or more location history records that meet criteria from the information request, determines a level of permission for the at least one application based on the information request and the subset of the one or more location history records, and provides information associated with the subset of the one or more location history records to the at least one application based on the level of permission.