公开(公告)号：US11423175B1

公开(公告)日：2022-08-23

申请号：US16526514

申请日：2019-07-30

Applicant: Symantec Corporation

Inventor： Anant Mahajan ,  SriHarsha Angara

IPC: G06F21/62 ,  G06T5/00

Abstract: The disclosed computer-implemented method for protecting users may include (i) detecting, by a privacy-protecting security application, an attempt by a user to upload an item of media content, (ii) determining, by the privacy-protecting security application, that the item of media content matches a true identity signature for the user that the privacy-protecting security application generated based on other items of media content relating to the user, and (iii) prompting, by the privacy-protecting security application in response to determining that the item of media content matches the true identity signature, the user to perform a privacy-protecting security action to prevent exposing a true identity for the user. Various other methods, systems, and computer-readable media are also disclosed.

公开(公告)号：US11361084B1

公开(公告)日：2022-06-14

申请号：US16224416

申请日：2018-12-18

Applicant: SYMANTEC CORPORATION

Inventor： Geoffrey So ,  Melanie Beck ,  Jasjeet Dhaliwal ,  Andrew B. Gardner ,  Aleatha Parker-Wood

IPC: H04L29/06 ,  G06F21/60 ,  G06N20/00 ,  H04L9/40 ,  G06F21/55

Abstract: Identifying and protecting against a computer security threat while preserving privacy of individual client devices using differential privacy for text documents. In some embodiments, a method may include receiving, at the remote server device, text documents from one or more local client devices, generating, at the remote server device, a differential privacy document vector for each of the text documents, identifying, at the remote server device, a computer security threat to a first one of the one or more local client devices using the differential privacy document vectors, and, in response to identifying the computer security threat, protecting against the computer security threat by directing performance, at the first local client device or the remote server device, of a remedial action to protect the first local client device from the computer security threat.

公开(公告)号：US11316901B1

公开(公告)日：2022-04-26

申请号：US16538788

申请日：2019-08-12

Applicant: Symantec Corporation

Inventor： Qing Li ,  Samir Kapuria ,  Wenjing Wang ,  Howard Chen

IPC: H04L29/06 ,  G06F21/53

Abstract: The disclosed computer-implemented method for protecting users may include (i) intercepting, through a cloud-based security proxy service, network traffic originating from a mobile application at a mobile device connected to a local area network protected by the cloud-based security proxy service, (ii) detecting, by the cloud-based security proxy service, a threat indicator indicated by the mobile application, and (iii) modifying the network traffic originating from the mobile application at the mobile device by applying, by the cloud-based security proxy service based on detecting the threat indicator indicated by the mobile application, a security policy to protect the local area network from a candidate threat corresponding to the threat indicator. Various other methods, systems, and computer-readable media are also disclosed.

公开(公告)号：US11216565B1

公开(公告)日：2022-01-04

申请号：US16449582

申请日：2019-06-24

Applicant: Symantec Corporation

Inventor： David Silva ,  Johann Roturier ,  Pratyush Banerjee

IPC: G06F21/60 ,  H04L9/30 ,  H04L9/14 ,  G06F21/62 ,  H04L9/08 ,  H04L9/32

Abstract: The disclosed computer-implemented method for selectively encrypting controlled information for viewing by an augmented reality device may include (i) automatically identifying, at a computing device and using at least one of natural language processing and/or a pre-defined data loss prevention policy, a portion of a source text including controlled information, (ii) tokenizing the portion of the source text, and (iii) performing a security action that may include (A) generating a public key, (B) encrypting the tokenized portion of the source text with the public key to produce an encrypted marker, and (C) replacing the portion of the source text with the encrypted marker to produce a replacement document. Various other methods, systems, and computer-readable media are also disclosed.

公开(公告)号：US11176268B1

公开(公告)日：2021-11-16

申请号：US16202866

申请日：2018-11-28

Applicant: Symantec Corporation

Inventor： Daniel Kats ,  Petros Efstathopoulos ,  Chris Gates

IPC: G06F21/62 ,  H04L29/08 ,  G06F16/2458 ,  H04L29/06 ,  G06F16/335

Abstract: The disclosed computer-implemented method for generating user profiles may include (i) analyzing a data set of user profiles for services, (ii) detecting a measurement of obfuscation that was applied to a specific attribute across multiple user profiles for a specific service, (iii) applying the measurement of obfuscation to true data for a new user by fuzzing the true data to create a fuzzed value, and (iv) generating automatically a new user profile for the specific service by populating the specific attribute within the new user profile with the fuzzed value. Various other methods, systems, and computer-readable media are also disclosed.

公开(公告)号：US11122040B1

公开(公告)日：2021-09-14

申请号：US16233366

申请日：2018-12-27

Applicant: Symantec Corporation

Inventor： Yuqiong Sun ,  Xueqiang Wang ,  Susanta Nanda ,  Yun Shen ,  Pierre-Antoine Vervier ,  Petros Efstathopoulos

IPC: H04L29/06

Abstract: The disclosed computer-implemented method for fingerprinting devices may include (i) detecting that a new device has attempted to connect to a network gateway, (ii) attempting to fingerprint the new device as an instance of a known candidate device type by (a) transmitting to the new device, from a security application, a set of network messages that mimic network messages that a second application is configured to transmit to instances of the known candidate device type and (b) confirming, by the security application based on a response from the new device to the set of network messages, that the new device is the instance of the known candidate device type, and (iii) performing a security action to protect a network corresponding to the network gateway based on confirming that the new device is the instance of the known candidate device type. Various other methods, systems, and computer-readable media are also disclosed.

公开(公告)号：US11120169B1

公开(公告)日：2021-09-14

申请号：US16721164

申请日：2019-12-19

Applicant: Symantec Corporation

Inventor： Bruce McCorkendale

IPC: G06F11/14 ,  G06F21/78 ,  G06F21/56 ,  G06F21/55

Abstract: The disclosed computer-implemented method for identifying malware locations based on analyses of backup files may include (i) identifying a presence of a backup file set and (ii) performing a security action that may include (a) detecting, based on a scan of the backup file set, malware in the backup file set, (b) determining, based on a location of the malware in a system file structure of the backup file set, a subgraph of the system file structure of the backup file set that includes the malware, (c) identifying a string prefix for the subgraph of the system file structure of the backup file set, (d) using an index to cross-reference the string prefix to a pointer identifying a subgraph of an original file set, and (e) scanning a file in the subgraph of the original file set for the malware. Various other methods, systems, and computer-readable media are also disclosed.

公开(公告)号：US11095636B1

公开(公告)日：2021-08-17

申请号：US16139490

申请日：2018-09-24

Applicant: Symantec Corporation

Inventor： Ilya Sokolov ,  Keith Newstadt

IPC: H04L29/06 ,  H04L9/32 ,  H04L29/08

Abstract: The disclosed computer-implemented method for protecting passwords may include (i) intercepting network traffic indicating an attempted login procedure at a workload device to login to a protected resource, (ii) prompting a user, in response to intercepting the network traffic, and at an authentication device that has been registered to the user, to indicate whether to approve the attempted login procedure, (iii) collecting, at the authentication device, a credential for the attempted login procedure that was stored in a protected vault of the authentication device, (iv) providing, by the authentication device to the workload device, an authentication decision based on the collected credential, and (v) injecting, at the workload device, the authentication decision into a browser session to enable the user to complete the attempted login procedure to login to the protected resource. Various other methods, systems, and computer-readable media are also disclosed.

公开(公告)号：US11048809B1

公开(公告)日：2021-06-29

申请号：US16130254

申请日：2018-09-13

Applicant: Symantec Corporation

Inventor： Yuqiong Sun ,  Sandeep Bhatkar ,  Susanta Nanda ,  Mingliang Pei

IPC: H04L29/06 ,  G06F21/62 ,  H04L29/08

Abstract: The disclosed computer-implemented method for detecting misuse of online service access tokens may include (1) receiving a user permission token to access an online service that manages one or more user resources, (2) monitoring, based on utilization of the user permission token, usage data associated with an access token issued to a relying party for accessing the user resources managed by the online service, (3) identifying, based on the usage data, activity associated with the access token being misused by the relying party, and (4) performing, a security action that protects the user resources against the activity associated with the access token being misused by the relying party. Various other methods, systems, and computer-readable media are also disclosed.

公开(公告)号：US11032319B1

公开(公告)日：2021-06-08

申请号：US16119168

申请日：2018-08-31

Applicant: Symantec Corporation

Inventor： Kevin Roundy ,  Sandeep Bhatkar ,  Michael Rinehart ,  Xiaolin Wang

IPC: H04L29/06 ,  G06F21/62 ,  G06F21/55 ,  G06N20/00 ,  G06F16/951

Abstract: The disclosed computer-implemented method for preparing honeypot computer files may include (1) identifying, at a computing device, a search term used by a cyber attacker in an electronic search request, (2) identifying, without regard to a search access restriction, a sensitive computer document in search results stemming from the electronic search request, (3) creating, as a security action in response to the electronic search request, a honeypot computer file based on the sensitive computer document and including the identified search term, and (4) placing the honeypot computer file in the search results. Various other methods, systems, and computer-readable media are also disclosed.