公开(公告)号：US20240193592A1

公开(公告)日：2024-06-13

申请号：US18063284

申请日：2022-12-08

Applicant: Avast Software s.r.o.

Inventor： Drummond Reed ,  Brent Zundel ,  Martin Mesrsmid ,  Allan Thomson

IPC: G06Q20/38 ,  G06Q20/40

CPC classification number: G06Q20/3825 ,  G06Q20/3821 ,  G06Q20/401 ,  G06Q2220/00

Abstract: Systems and methods for transacting over a network. A first agent and a second agent are provided. The second agent is operable to transact with a third agent for use of a network-enabled service based on a first transaction policy from a fourth agent, the third agent enabled to communicate with a fifth agent. The first agent is operable to communicate with the second agent to facilitate the transacting by the second agent with the third agent for the use of the network-enabled service based on the first transaction policy and communicate with the fifth agent to facilitate the transacting by the second agent with the third agent for the use of the network-enabled service.

公开(公告)号：US11924228B2

公开(公告)日：2024-03-05

申请号：US17356356

申请日：2021-06-23

Applicant: Avast Software s.r.o.

Inventor： Jakub K{hacek over (r)}oustek ,  Luká{hacek over (s)} Zobal

IPC: H04L9/40

CPC classification number: H04L63/1416

Abstract: A method includes enabling a messaging server and providing credentials for the messaging server. A computing system is enabled and a malware application is received by the computing system. The malware application is executed by the computing system. The credentials are rendered accessible to the malware application via the computing system, and the malware application is enabled to transmit the credentials via network transmission from the computing system to a computer. An actor is enabled to access the messaging server over a network in response to the actor applying the credentials, and a first electronic message transmitted by the actor is received by the messaging server, the first electronic message including first content.

公开(公告)号：US11895090B2

公开(公告)日：2024-02-06

申请号：US17508414

申请日：2021-10-22

Applicant: Avast Software s.r.o.

Inventor： Allan Thomson

IPC: H04L9/40

CPC classification number: H04L63/0272 ,  H04L63/029 ,  H04L63/0254 ,  H04L63/0421 ,  H04L63/1433

Abstract: A method includes accessing a first intelligence feed including a plurality of cybersecurity incidents. A second intelligence feed is generated including a plurality of technical indicators defined on one or more virtual private network internet point of presence (“VPN internet PoP”) that connects a plurality of VPN tunnels to an internet. The first and second intelligence feeds are compared, a particular incident is determined, and a time frame of the particular incident is determined. Use of a particular VPN internet PoP by a plurality of sources including a plurality of clients is monitored to determine a plurality of time-based behaviors. The plurality of time-based behaviors are compared to the particular incident and to the time frame to determine a match. A particular source is blocked at the particular VPN internet PoP based on the determination of the match.

公开(公告)号：US11799894B2

公开(公告)日：2023-10-24

申请号：US16566449

申请日：2019-09-10

Applicant: Avast Software s.r.o.

Inventor： Alain G. Sauve ,  Syed Kamran Bilgrami

IPC: H04L9/40 ,  G06F16/28

CPC classification number: H04L63/1433 ,  G06F16/285

Abstract: A method of determining the security condition of a network includes executing an agent program on one or more computerized devices coupled to the network. Each executing agent program executes one or more security tests and reports the results of such tests to a network assessment engine, and the network assessment engine determines an authoritative security test score and a configurable security test score for the network based on a weighted combination of the security test results.

公开(公告)号：US20230291751A1

公开(公告)日：2023-09-14

申请号：US17691930

申请日：2022-03-10

Applicant: Avast Software s.r.o.

Inventor： Armin Wasicek ,  Fabrizio Biondi ,  Thomas Salomon

IPC: H04L9/40 ,  H04L41/16 ,  G06F16/955

CPC classification number: H04L63/1408 ,  G06F16/955 ,  H04L41/16

Abstract: A system and method for preventing access to potentially malicious network destinations. The method includes determining a plurality of network destinations and indicators of the plurality of network destinations including an indicator of a first network destination. A plurality of feature vectors are generated based on the plurality of network destinations including a first feature vector based on the first network destination. Access by a user via a computing device to a second network destination is detected. A second feature vector is generated, and an indicator is determined based on the second network destination. The second feature vector is compared to the plurality of feature vectors. The access by the user to the second network destination is blocked based on the indicator of the first network destination, the indicator of the second network destination, and the comparison of the second feature vector to the plurality of feature vectors.

公开(公告)号：US20230283632A1

公开(公告)日：2023-09-07

申请号：US17653379

申请日：2022-03-03

Applicant: Avast Software s.r.o.

Inventor： David Jursa ,  Jirí Sembera ,  Peter Kovác ,  Tomás Trnka ,  Elnaz Babayeva

IPC: H04L9/40 ,  G06F16/955

CPC classification number: H04L63/1483 ,  G06F16/9566

Abstract: Malicious redirects in a redirect chain as a result of loading a web address are detected and blocked. A suspicion score is determined for a subject redirection domain based at least in part on the subject redirection domain's web address, and a rate of occurrence of the subject redirection domain in redirect chains leading to a malicious landing domain is calculated. Loading the subject redirection domain is blocked if the suspicion score exceeds a suspicion threshold or the rate of occurrence of the subject redirection domain exceeds a rate of occurrence threshold.

公开(公告)号：US11736528B2

公开(公告)日：2023-08-22

申请号：US17138473

申请日：2020-12-30

Applicant: Avast Software s.r.o.

Inventor： Michal Vaner ,  Ji{hacek over (r)}í Horkÿ

IPC: H04L9/40 ,  H04L67/5682

CPC classification number: H04L63/20 ,  H04L63/0236 ,  H04L63/1408 ,  H04L67/5682

Abstract: Latency in a cloud security service provided via a network security device is reduced by receiving in the network security device a new network connection request for a connection between a local network device and a remote server. If a locally cached rule is applicable to the new network connection request, the applicable locally cached rule is applied to selectively allow the new network connection based on the rule. If no locally cached rule is applicable to the new network connection request, the new network connection request is forwarded to the remote server and to a cloud security service, and a response from the remote server is selectively forwarded to the local network device only upon receiving a determination by the cloud security device as to whether the new network connection is a security risk.

公开(公告)号：US11711372B2

公开(公告)日：2023-07-25

申请号：US16820005

申请日：2020-03-16

Applicant: Avast Software s.r.o.

Inventor： Sadia Afroz ,  Juyong Do ,  John Poothokaran

IPC: H04L29/06 ,  H04L9/40 ,  G06F21/62 ,  G06F16/9535

CPC classification number: H04L63/102 ,  G06F16/9535 ,  G06F21/6263

Abstract: A method for accessing a network resource including detecting an attempt by a user via a computing device to access a service enabled by a computing system via a network and transmitting via the network to the computing system a first request to access the service in response to detecting the attempt by the user to access the service, the first request including at least one empty personally identifiable data structure. A failure to access the service responsive to the first request is determined. A second request to access the service in response to the first failure to access the service is transmitted via the network to the computing system, the second request including artificial personally identifiable information, and access to the service from the computing system is received for the user.

公开(公告)号：US11646955B2

公开(公告)日：2023-05-09

申请号：US15930034

申请日：2020-05-12

Applicant: Avast Software s.r.o.

Inventor： Martin {hacek over (S)}marda ,  Pavel {hacek over (S)}rámek ,  Vojt{hacek over (e)}ch Tůma

IPC: G06F15/173 ,  H04L43/0817 ,  H04W24/02 ,  H04L43/06 ,  G06F11/34 ,  H04L43/04 ,  G06F11/00

CPC classification number: H04L43/0817 ,  G06F11/008 ,  G06F11/3476 ,  H04L43/04 ,  H04L43/06 ,  H04W24/02

Abstract: A system persistently presents consistent properties of devices on a local network based on observed values for the network devices, and values derived from the observed values. The observed values may be received from an agent based on scans of the local network. Even though some scans may be faulty resulting in missing or incorrect data, a user can be consistently presented with properties of the device, even when the missing or incorrect data would otherwise cause a change to the property. For instance, the system may replace a data value that is either missing or determined to be incorrect with a value that is determined, based on historical or lab observations, to be the likely correct value based on the assumed state or likely state of the observed device.

公开(公告)号：US20230130651A1

公开(公告)日：2023-04-27

申请号：US17511305

申请日：2021-10-26

Applicant: Avast Software s.r.o.

Inventor： Branislav Bosanský ,  Viliam Lisý ,  Michal Najman ,  Lada Hospodková

IPC: G06F21/56 ,  G06N3/04

Abstract: A malware classification system includes a first machine-learning model trained based on malware from a first plurality of prior time periods to predict malware in a first subsequent time period subsequent to the first plurality of prior time periods, and a second machine-learning model is trained based on malware from a second plurality of prior time periods offset by at least some time from the plurality of time periods used to train the first machine-learning model to predict malware in a second subsequent time period subsequent to the second plurality of prior time periods. The trained first and second machine-learning models are used to predict malware in a future time period, and a classifier is trained using the malware from a plurality of the prior time periods and predicted malware from a future time period to train the classifier to identify and/or classify malware.