公开(公告)号：US20170286677A1

公开(公告)日：2017-10-05

申请号：US15474007

申请日：2017-03-30

Applicant: Avast Software s.r.o.

Inventor： Libor Morkovský

IPC: G06F21/56 ,  G06F17/30 ,  G06N5/04

CPC classification number: G06F21/562 ,  G06F16/22 ,  G06F16/2379 ,  G06N5/04

Abstract: Systems and methods are described which integrate file properties that in conventional systems has been considered weaker evidence of malware and analyzes the information to produce reliable results. Properties such as file paths, file names, source domains, IP protocol ASNs, section checksums, digital signatures that are not always present and not always reliable can be integrated into the classification process using a graph. A 1-neighborhood of object values in the graph may be created and analyzed to suggest a malware family label based on files having similar properties.

公开(公告)号：US20170169214A1

公开(公告)日：2017-06-15

申请号：US15374670

申请日：2016-12-09

Applicant: Avast Software s.r.o.

Inventor： Martin Vejmelka

IPC: G06F21/53 ,  G06F17/30 ,  G06F21/56

CPC classification number: G06F21/53 ,  G06F16/2246 ,  G06F16/2358 ,  G06F21/552

Abstract: Systems and methods index and search log files created after execution of binaries. A plurality of log files each have one or more sequences. An index tree is created for the log files. A first log file is placed into a bucket of the index tree according to the lengths of the one or more sequences of the first log file. Remaining logs files are placed the index tree according to their respective sequence lengths. Each log becomes a representative in the bucket or associated with a representative in the bucket. The index tree can be searched, where an incurred distance and a remaining distance is maintained during the search. Nodes are pruned based, at least in part, on the incurred distance and the remaining distance.

公开(公告)号：US20170132413A1

公开(公告)日：2017-05-11

申请号：US15349506

申请日：2016-11-11

Applicant: Avast Software s.r.o.

Inventor： Michal Augustýn

IPC: G06F21/56 ,  G06F17/30

CPC classification number: G06F21/565 ,  G06F17/30091 ,  G06F17/3012 ,  G06F17/30126 ,  G06F2221/034

Abstract: Systems and method classify a file using filters. A file event can be determined for the file. In response to the file event, metadata is received for the file. In response to receiving the metadata, a filter of a plurality of filters is selected based on the metadata. One or more rules in the selected filter can classify the file to determine an action to be performed with respect to the file.

公开(公告)号：US20250106225A1

公开(公告)日：2025-03-27

申请号：US18472620

申请日：2023-09-22

Applicant: Avast Software s.r.o.

Inventor： Bretislav Šopík

IPC: H04L9/40

Abstract: An electronic threat mitigation method is provided. A first rule for identifying application code is obtained, and a rule update for identifying application code is generated. An abstract syntax tree of the first rule is generated, the abstract syntax tree including a plurality of nodes. The rule update is incorporated into a first node of the plurality of nodes to generate a second rule for identifying application code, the first node at a first depth on the abstract syntax tree. The second rule is applied to a plurality of application code samples to determine a coverage of the second rule, and the first rule is updated as the second rule based on the coverage of the second rule and the first depth. A notification is provided or a data file is disabled, blocked, or deleted based on application of the second rule.

公开(公告)号：US20250030654A1

公开(公告)日：2025-01-23

申请号：US18355396

申请日：2023-07-19

Applicant: Avast Software s.r.o.

Inventor： Iskander Sanchez Rola

IPC: H04L51/063 ,  G06F40/166 ,  G06F40/279

Abstract: An electronic tracking protection system and method enable receiving a particular electronic message, detecting in the particular electronic message a link including a particular uniform resource locator (“URL”) including a parameter including a value. A uniqueness of the value is determined and the parameter is removed from the particular URL based on the uniqueness of the value to generate a modified URL. The particular URL is replaced with the modified URL in the particular electronic message based on the uniqueness of the value to generate a modified electronic message.

公开(公告)号：US12174994B2

公开(公告)日：2024-12-24

申请号：US17654166

申请日：2022-03-09

Applicant: Avast Software s.r.o.

Inventor： Martin Mesrsmid

IPC: G06Q30/02 ,  G06F21/62 ,  G06Q30/0203

Abstract: A method of collecting user device data includes receiving a probabilistic cardinality estimator data structure in the user device from a server, the probabilistic cardinality estimator data structure associated with a survey question. An answer to the survey question associated with the probabilistic cardinality estimator data structure is determined, and one or more elements are selectively added to the probabilistic cardinality estimator data structure based on the determined answer to the survey question. The probabilistic cardinality estimator data structure is sent back to the server, which calculates the survey result from the probabilistic cardinality estimator data structure.

公开(公告)号：US20240154815A1

公开(公告)日：2024-05-09

申请号：US18052752

申请日：2022-11-04

Applicant: Avast Software s.r.o.

Inventor： Allan Thomson ,  Drummond Reed ,  Jamie Smith

IPC: H04L9/32

CPC classification number: H04L9/3247

Abstract: Systems and methods for transacting over a network. A first agent operating on a first computing system is operable to transact on behalf of a first entity. The first agent transacts with a second agent operating on a second computing system for a first cryptographically verifiable credential, transmits the first cryptographically verifiable credential to a third agent, and transacts with the third agent based on the first cryptographically verifiable credential for a second cryptographically verifiable credential to facilitate transacting with a fourth agent for a service. The second agent is operable to receive telemetry data of the first computing system which is configured to monitor the telemetry data, determine an assessment of the first entity based on the telemetry data, generate the first cryptographically verifiable credential based on the assessment of the first entity by the second agent, and transmit the first cryptographically verifiable credential to the first agent.

公开(公告)号：US11968202B2

公开(公告)日：2024-04-23

申请号：US16422591

申请日：2019-05-24

Applicant: Avast Software s.r.o.

Inventor： Karel Fuka ,  Vojt{hacek over (e)}ch Tůma

IPC: H04L29/06 ,  H04L9/40

CPC classification number: H04L63/083

Abstract: A method of authenticating a user to a computer in an adverse environment includes receiving the user's password in a trusted user device, such as by the user typing the password, and encoding a keyword with a hash of the entered password to create an encoded keyword. The encoded keyword is sent from the trusted user device to the computer using a physical communication channel perceivable by the user; and the encoded keyword is compared in the computer with a keyword encoded with a known hash of the user's password in the computer to authenticate the user.

公开(公告)号：US11968175B2

公开(公告)日：2024-04-23

申请号：US17568370

申请日：2022-01-04

Applicant: Avast Software s.r.o.

Inventor： Hai Tung Nguyen ,  Christopher Joseph O'Connell ,  Barna Csukas ,  Thomas Salomon

IPC: H04L9/40 ,  H04L47/78 ,  H04L67/02

CPC classification number: H04L63/0236 ,  H04L47/781 ,  H04L63/20 ,  H04L67/02

Abstract: A method of filtering a URL against a blacklist includes receiving at least a portion of a Uniform Resource Locator (URL), and determining which of a plurality of XOR filters is applicable to the received at least a portion of a URL, where each of the plurality of XOR filters represents a different portion of a URL blacklist. At least a portion of a URL is forwarded to the applicable one of the plurality of XOR filters, and the at least a portion of the URL is processed in the applicable one of the plurality of XOR filters to produce an output indicating whether the URL is likely on the blacklist.

公开(公告)号：US11765413B2

公开(公告)日：2023-09-19

申请号：US17940066

申请日：2022-09-08

Applicant: Avast Software s.r.o.

Inventor： B{hacek over (r)}etislav {hacek over (S)}opik

IPC: H04N21/24 ,  H04N21/258 ,  H04L65/612

CPC classification number: H04N21/2407 ,  H04L65/612 ,  H04N21/2408 ,  H04N21/25841

Abstract: A method of providing a content feed. The method includes monitoring a plurality of user content streams of a plurality of users on a plurality of computing devices, the plurality of user content streams including a plurality of content instances accessible via a network. A plurality of archetypes are generated based on the plurality of user content streams. A selection of a particular archetype of the plurality of archetypes from a particular user is received on a particular computing device. A particular content stream is determined based on the particular archetype, and the particular content stream is delivered to the particular user via the particular computing device.