公开(公告)号：US20130304869A1

公开(公告)日：2013-11-14

申请号：US13796595

申请日：2013-03-12

Applicant: QUALCOMM INCORPORATED

Inventor： Rajarshi Gupta ,  Soorgoli Ashok Halambi ,  Sudha A. Gathala ,  Vinay Sridhara

IPC: G06F9/54

CPC classification number: G06F9/541 ,  G06F21/44 ,  G06F21/554 ,  G06F21/564

Abstract: Methods, systems and devices for communicating behavior analysis information using an application programming interface (API) may include receiving data/behavior models from one or more third-party network servers in a client module of a mobile device and communicating the information to a behavior observation and analysis system via a behavior API. The third-party servers may be maintained by one or more partner companies that have domain expertise in a particular area or technology that is relevant for identifying, analyzing, classifying, and/or reacting to mobile device behaviors, but that do not have access to (or knowledge of) the various mobile device sub-systems, interfaces, configurations, modules, processes, drivers, and/or hardware systems required to generate effective data/behavior models suitable for use by the mobile device. The behavior API and/or client modules allow the third-party server to quickly and efficiently access the most relevant and important information on the mobile device.

Abstract translation: 用于使用应用编程接口（API）传达行为分析信息的方法，系统和设备可以包括从移动设备的客户端模块中的一个或多个第三方网络服务器接收数据/行为模型，并将该信息传达到行为观察 并通过行为API分析系统。 第三方服务器可能由一个或多个合作伙伴公司维护，这些合作公司在特定领域或技术方面具有与移动设备行为的识别，分析，分类和/或响应相关的领域专长，但无法访问 （或知道）生成适合于移动设备使用的有效数据/行为模型所需的各种移动设备子系统，接口，配置，模块，过程，驱动程序和/或硬件系统。 行为API和/或客户端模块允许第三方服务器快速有效地访问移动设备上最相关和重要的信息。

公开(公告)号：US10536867B2

公开(公告)日：2020-01-14

申请号：US14620341

申请日：2015-02-12

Applicant: QUALCOMM Incorporated

Inventor： Mastooreh Salajegheh ,  Govindarajan Krishnamurthi ,  Rajarshi Gupta ,  Mihai Christodorescu ,  Vinay Sridhara ,  Patrick Hughes

IPC: H04W24/08 ,  H04W4/029 ,  H04W16/28 ,  H04B7/0417 ,  H04W16/18 ,  H04W16/22 ,  H04B7/0452 ,  H04B7/06 ,  H04B15/00 ,  H04B17/345 ,  H04B17/27 ,  H04B17/391 ,  H04B17/17 ,  G06F1/3215 ,  G06F1/16 ,  H04W72/08 ,  H04W52/24 ,  H04W64/00 ,  H04B7/0413 ,  G01S7/02

Abstract: Systems, methods, and devices of the various aspects enable detecting a malfunction caused by radio frequency (RF) interference. A computing device processor may identify a location of the computing device based on a plurality of real-time data inputs received by the computing device. The processor may characterize an RF environment of the computing device based on the identified location and the plurality of real-time data inputs. The processor may determine at least one RF emissions threshold based on the characterization of the RF environment. The processor may compare the characterization of the RF environment to the at least one RF emissions threshold, and may perform an action in response to determining that the characterization of the RF environment exceeds the at least one RF emissions threshold.

公开(公告)号：US10480945B2

公开(公告)日：2019-11-19

申请号：US13658717

申请日：2012-10-23

Applicant: QUALCOMM Incorporated

Inventor： Saumitra Mohan Das ,  Vinay Sridhara ,  Rajarshi Gupta

IPC: G01C5/06 ,  G01C21/00 ,  G01S5/00

Abstract: A method of disambiguating a location of a mobile station within a structure includes: obtaining, at the mobile station, regional pressure indications and corresponding region indications indicating regions within a structure that are vertically displaced with respect to each other, each of the regional pressure indications indicating atmospheric pressure information associated with the corresponding region; determining mobile station pressure information associated with a present location of the mobile station; comparing the mobile station pressure information with the regional pressure indications; and based on the comparing, determining in which of the regions the mobile station presently resides.

公开(公告)号：US09721212B2

公开(公告)日：2017-08-01

申请号：US14295561

申请日：2014-06-04

Applicant: QUALCOMM Incorporated

Inventor： Rajarshi Gupta ,  Vinay Sridhara ,  Satyajit Prabhakar Patne ,  Mihai Christodorescu

IPC: G06N5/00 ,  G06F1/00 ,  G06N99/00 ,  G06F21/55

CPC classification number: G06N99/005 ,  G06F21/552

Abstract: Various aspects provide methods implemented by at least one processor executing on a mobile communication device to efficiently identify, classify, model, prevent, and/or correct the non-benign (e.g., performance degrading) conditions and/or behaviors that are related to an application operating on the device. Specifically, in various aspects, the mobile computing device may derive or extract application-specific features by performing a binary analysis of an application and may determine the application's category (e.g., a “games,” “entertainment,” or “news” category) based on the application-specific features. The mobile computing device may also obtain a classifier model associated with the application's category that includes various conditions, features, behaviors and corrective actions that may be used to quickly identify and correct non-benign behaviors (e.g., undesirable, malicious, and/or performance-degrading behaviors) occurring on the mobile computing device that are related to the application.

公开(公告)号：US09703962B2

公开(公告)日：2017-07-11

申请号：US14510772

申请日：2014-10-09

Applicant: QUALCOMM Incorporated

Inventor： Mastooreh Salajegheh ,  Vinay Sridhara ,  Yin Chen ,  Rajarshi Gupta

IPC: G06F21/31 ,  H04L29/06 ,  G06F21/56 ,  G06F21/57 ,  G06F11/30 ,  G06F11/34 ,  G06F21/55

CPC classification number: G06F21/577 ,  G06F11/3024 ,  G06F11/3438 ,  G06F21/316 ,  G06F21/552 ,  H04L63/1425 ,  H04L63/145

Abstract: A computing device processor may be configured with processor-executable instructions to implement methods of using behavioral analysis and machine learning techniques to identify, prevent, correct, or otherwise respond to malicious or performance-degrading behaviors of the computing device. As part of these operations, the processor may generate user-persona information that characterizes the user based on that user's activities, preferences, age, occupation, habits, moods, emotional states, personality, device usage patterns, etc. The processor may use the user-persona information to dynamically determine the number of device features that are monitored or evaluated in the computing device, to identify the device features that are most relevant to determining whether the device behavior is not consistent with a pattern of ordinary usage of the computing device by the user, and to better identify or respond to non-benign behaviors of the computing device.

公开(公告)号：US09684787B2

公开(公告)日：2017-06-20

申请号：US14247400

申请日：2014-04-08

Applicant: QUALCOMM Incorporated

Inventor： Vinay Sridhara ,  Rajarshi Gupta ,  Bohuslav Rychlik

IPC: G06F21/56 ,  G06F9/48 ,  G06F1/32

CPC classification number: G06F21/566 ,  G06F1/3206 ,  G06F9/4893

Abstract: Methods, systems and devices compute and use the actual execution states of software applications to implement power saving schemes and to perform behavioral monitoring and analysis operations. A mobile device may be configured to monitor an activity of a software application, generate a shadow feature value that identifies actual execution state of the software application during that activity, generate a behavior vector that associates the monitored activity with the shadow feature value, and determine whether the activity is malicious or benign based on the generated behavior vector, shadow feature value and/or operating system execution states. The mobile device processor may also be configured to intelligently determine whether the execution state of a software application is relevant to determining whether any of the monitored mobile device behaviors are malicious or suspicious, and monitor only the execution states of the software applications for which such determinations are relevant.

公开(公告)号：US09578049B2

公开(公告)日：2017-02-21

申请号：US14706099

申请日：2015-05-07

Applicant: QUALCOMM Incorporated

Inventor： Vinay Sridhara ,  Yin Chen ,  Rajarshi Gupta

IPC: H04L29/06 ,  G06F21/56

CPC classification number: H04L63/1425 ,  G06F21/566

Abstract: A computing device processor may be configured with processor-executable instructions to implement methods of detecting and responding non-benign behaviors of the computing device. The processor may be configured to monitor device behaviors to collect behavior information, generate a behavior vector information structure based on the collected behavior information, apply the behavior vector information structure to a classifier model to generate analysis results, use the analysis results to classify a behavior of the device, use the analysis results to determine the features evaluated by the classifier model that contributed most to the classification of the behavior, and select the top “n” (e.g., 3) features that contributed most to the classification of the behavior. The computing device may display the selected features on an electronic display of the computing device.

Abstract translation: 计算设备处理器可以配置有处理器可执行指令，以实现检测和响应计算设备的非良性行为的方法。 处理器可以被配置为监视设备行为以收集行为信息，基于收集的行为信息生成行为向量信息结构，将行为向量信息结构应用于分类器模型以生成分析结果，使用分析结果对行为进行分类 的设备，使用分析结果来确定由分类器模型评估的功能，对行为的分类最有贡献，并选择对行为分类最有贡献的顶部“n”（例如，3）特征。 计算设备可以在计算设备的电子显示器上显示所选择的特征。

公开(公告)号：US20170024660A1

公开(公告)日：2017-01-26

申请号：US14806882

申请日：2015-07-23

Applicant: QUALCOMM Incorporated

Inventor： Yin Chen ,  Vinay Sridhara ,  Nima Noorshams

IPC: G06N99/00

CPC classification number: G06N20/00 ,  G06F21/552 ,  G06F21/566 ,  G06N5/025 ,  G06N5/045 ,  G06N7/005 ,  H04L63/1425 ,  H04L63/1433

Abstract: A computing device processor may be configured with processor-executable instructions to implement methods that include using expectation-maximization (EM) machine learning techniques to continuously, repeatedly, or recursively generate, train, improve, focus, or refine the machine learning classifier models that are used by a behavior-based monitoring and analysis system (or behavior-based security system) of the computing device to better identify and respond to various conditions or behaviors that may have a negative impact on its performance, power utilization levels, network usage levels, security and/or privacy over time.

Abstract translation: 计算设备处理器可以配置有处理器可执行指令，以实现包括使用期望最大化（EM）机器学习技术来持续，重复地或递归地生成，训练，改进，聚焦或改进机器学习分类器模型的机器学习分类器模型的方法， 被基于行为的监视和分析系统（或基于行为的安全系统）用于计算设备，以更好地识别和响应可能对其性能，功率利用水平，网络使用水平产生负面影响的各种条件或行为 ，安全和/或隐私。

公开(公告)号：US09519533B2

公开(公告)日：2016-12-13

申请号：US14607251

申请日：2015-01-28

Applicant: QUALCOMM Incorporated

Inventor： Man Ki Yoon ,  Mastooreh Salajegheh ,  Mihai Christodorescu ,  Yin Chen ,  Vinay Sridhara ,  Rajarshi Gupta

IPC: G06F11/00 ,  G06F11/07 ,  G06F9/54 ,  G06F11/36 ,  G06F21/57 ,  G06F21/52

CPC classification number: G06F11/0751 ,  G06F9/54 ,  G06F11/073 ,  G06F11/36 ,  G06F11/3604 ,  G06F11/3612 ,  G06F11/366 ,  G06F11/3668 ,  G06F21/52 ,  G06F21/577

Abstract: Methods and devices for tracking data flows in a computing device include monitoring memory in a hardware component of the computing device to identify a read operation that reads information from a tainted memory address, using heuristics to identify a first, second, and third number of operations performed after the identified read operation, marking memory addresses of write operations performed after first number of operations and before the second number of operations as tainted, and marking memory addresses of write operations performed after the third number of operations and before the second number of operations as untainted.

Abstract translation: 用于在计算设备中跟踪数据流的方法和设备包括监视计算设备的硬件组件中的存储器，以识别从污染的存储器地址读取信息的读取操作，使用启发式来识别第一，第二和第三数量的操作 在所识别的读取操作之后执行，标记在第一次操作之后和在第二次操作之前执行的写入操作的存储器地址，并且标记在第三次操作之后和在第二个操作次数之前执行的写入操作的存储器地址 没有了。

公开(公告)号：US09448859B2

公开(公告)日：2016-09-20

申请号：US14028914

申请日：2013-09-17

Applicant: QUALCOMM Incorporated

Inventor： Sudha Anil Kumar Gathala ,  Vinay Sridhara ,  Rajarshi Gupta

IPC: G06F9/54

CPC classification number: G06F9/541 ,  G06F21/566 ,  G06F2221/033 ,  G06F2221/2101 ,  G06F2221/2151 ,  H04L63/1441 ,  H04W12/12

Abstract: Methods and devices for detecting suspicious or performance-degrading mobile device behaviors may include performing behavior monitoring and analysis operations to intelligently, dynamically, and/or adaptively determine the mobile device behaviors that are to be observed, the number of behaviors that are to be observed, and the level of detail or granularity at which the behaviors are to be observed. Such behavior monitoring and analysis operations may be performed continuously (or near continuously) in a mobile device without consuming an excessive amount of processing, memory, or energy resources of the mobile device by identifying hot application programming interfaces (APIs) and hot action patterns that are invoked or used most frequently by software applications of the mobile device and storing information regarding these hot APIs and hot action patterns separately and more efficiently.

Abstract translation: 用于检测可疑或降低性能的移动设备行为的方法和设备可以包括执行行为监视和分析操作以智能地，动态地和/或自适应地确定要观察的移动设备行为，将被观察的行为的数量 ，以及要观察行为的细节或粒度级别。 这样的行为监视和分析操作可以在移动设备中连续（或接近连续地）执行，而不需要消耗移动设备的过多量的处理，存储器或能量资源，通过识别热应用编程接口（API）和热动作模式， 被移动设备的软件应用最频繁地调用或使用，并且分别且更有效地存储关于这些热API和热动作模式的信息。