-
公开(公告)号:US10530809B1
公开(公告)日:2020-01-07
申请号:US15266483
申请日:2016-09-15
Applicant: Symantec Corporation
Inventor: Michael Hart , Chris Gates
Abstract: The disclosed computer-implemented method for remediating computer stability issues may include (i) determining that a device has experienced a computer stability problem, (ii) obtaining, from the device, one or more computer-generated log lines that potentially include information pertaining to a cause of the computer stability problem, (iii) directly analyzing text included within the computer-generated log lines, (iv) identifying information relating to the computer stability problem based on the direct analysis of the text, and (v) remediating the device to resolve the computer stability problem. Various other methods, systems, and computer-readable media are also disclosed.
-
公开(公告)号:US11176268B1
公开(公告)日:2021-11-16
申请号:US16202866
申请日:2018-11-28
Applicant: Symantec Corporation
Inventor: Daniel Kats , Petros Efstathopoulos , Chris Gates
IPC: G06F21/62 , H04L29/08 , G06F16/2458 , H04L29/06 , G06F16/335
Abstract: The disclosed computer-implemented method for generating user profiles may include (i) analyzing a data set of user profiles for services, (ii) detecting a measurement of obfuscation that was applied to a specific attribute across multiple user profiles for a specific service, (iii) applying the measurement of obfuscation to true data for a new user by fuzzing the true data to create a fuzzed value, and (iv) generating automatically a new user profile for the specific service by populating the specific attribute within the new user profile with the fuzzed value. Various other methods, systems, and computer-readable media are also disclosed.
-
公开(公告)号:US10721264B1
公开(公告)日:2020-07-21
申请号:US16286774
申请日:2019-02-27
Applicant: Symantec Corporation
Inventor: Matteo Dell'Amico , Chris Gates , Michael Hart , Kevin Roundy
Abstract: The disclosed computer-implemented method for categorizing security incidents may include (i) generating, within a training dataset, a feature vector for each of a group of security incidents, the feature vector including features that describe the security incidents and the features including categories that were previously assigned to the security incidents as labels to describe the security incidents, (ii) training a supervised machine learning function on the training dataset such that the supervised machine learning function learns how to predict an assignment of future categories to future security incidents, (iii) assigning a category to a new security incident by applying the supervised machine learning function to a new feature vector that describes the new security incident, and (iv) notifying a client of the new security incident and the category assigned to the new security incident. Various other methods, systems, and computer-readable media are also disclosed.
-
公开(公告)号:US10574700B1
公开(公告)日:2020-02-25
申请号:US15281130
申请日:2016-09-30
Applicant: Symantec Corporation
Inventor: Matteo Dell'Amico , Kevin Roundy , Chris Gates , Michael Hart
Abstract: A computer-implemented method for managing computer security of client computing machines may include (i) monitoring a set of client computing devices, (ii) receiving security data on sets of security-related events from each client computing device in the set of client computing devices, (iii) clustering the sets of security-related events by calculating a dissimilarity value, for each set of security-related events, that indicates a uniqueness of the set of security-related events in relation to other sets of security-related events using a dissimilarity function and adjusting the dissimilarity function based on a homogeneity of clusters of sets of security-related events, (iv) determining, based on clustering the sets of security-related events by the dissimilarity value, that a set of security-related events comprises an anomaly, and (v) performing a security action in response to determining that the set of security-related events comprises the anomaly. Various other methods, systems, and computer-readable media are also disclosed.
-
公开(公告)号:US11025666B1
公开(公告)日:2021-06-01
申请号:US16207431
申请日:2018-12-03
Applicant: Symantec Corporation
Inventor: Yufei Han , Yuzhe Ma , Kevin Roundy , Chris Gates , Yun Shen
Abstract: The disclosed computer-implemented method for preventing decentralized malware attacks may include (i) receiving, by a computing device, node data from a group of nodes over a network, (ii) training a machine learning model by shuffling the node data to generate a set of outputs utilized for predicting malicious data, (iii) calculating a statistical deviation for each output in the set of outputs from an aggregated output for the set of outputs, and (iv) identifying, based on the statistical deviation, an anomalous output in the set of outputs that is associated with one or more of the malicious nodes, the one or more malicious nodes hosting the malicious data. Various other methods, systems, and computer-readable media are also disclosed.
-
Patent Agency Ranking
公开(公告)号:US10341377B1
公开(公告)日:2019-07-02
申请号:US15292918
申请日:2016-10-13
Applicant: Symantec Corporation
Inventor: Matteo Dell'Amico , Chris Gates , Michael Hart , Kevin Roundy
Abstract: The disclosed computer-implemented method for categorizing security incidents may include (i) generating, within a training dataset, a feature vector for each of a group of security incidents, the feature vector including features that describe the security incidents and the features including categories that were previously assigned to the security incidents as labels to describe the security incidents, (ii) training a supervised machine learning function on the training dataset such that the supervised machine learning function learns how to predict an assignment of future categories to future security incidents, (iii) assigning a category to a new security incident by applying the supervised machine learning function to a new feature vector that describes the new security incident, and (iv) notifying a client of the new security incident and the category assigned to the new security incident. Various other methods, systems, and computer-readable media are also disclosed.
-
公开(公告)号:US10091231B1
公开(公告)日:2018-10-02
申请号:US15266320
申请日:2016-09-15
Applicant: Symantec Corporation
Inventor: Chris Gates , Stanislav Miskovic , Michael Hart , Kevin Roundy
IPC: H04L29/06
Abstract: The disclosed computer-implemented method for detecting security blind spots may include (i) detecting, via an endpoint security program, a threat incident at a set of client machines associated with a security vendor server, (ii) obtaining an indication of how the set of client machines will respond to the detecting of the threat incident, (iii) predicting how a model set of client machines would respond to the threat incident, (iv) determining that a delta exceeds a security threshold, and (v) performing a security action by the security vendor server, in response to determining that the delta exceeds the security threshold, to protect the set of client machines at least in part by electronically notifying the set of client machines of information about the prediction of how the model set of client machines would respond to the threat incident. Various other methods, systems, and computer-readable media are also disclosed.
-
公开(公告)号:US10542017B1
公开(公告)日:2020-01-21
申请号:US15292874
申请日:2016-10-13
Applicant: Symantec Corporation
Inventor: Chris Gates , Michael Hart , Kevin Roundy
Abstract: The disclosed computer-implemented method for personalizing security incident reports may include (i) generating, within a training dataset, a feature vector for each of a group of security incidents, the feature vector including features that describe the security incidents and the features including response codes that a set of clients previously assigned to the security incidents as labels, (ii) training a supervised machine learning function on the training dataset using the response codes that the set of clients previously assigned to the security incidents, (iii) applying the supervised machine learning function to a feature vector that describes a new security incident on the set of clients to predict that the set of clients will ignore the new security incident, and (iv) personalizing a list of security incidents that is electronically reported to the set of clients by deprioritizing the new security incident. Other methods, systems, and computer-readable media are also disclosed.
-
公开(公告)号:US10242201B1
公开(公告)日:2019-03-26
申请号:US15292837
申请日:2016-10-13
Applicant: Symantec Corporation
Inventor: Shang-Tse Chen , Chris Gates , Yufei Han , Michael Hart , Kevin Roundy
Abstract: A computer-implemented method for predicting security incidents triggered by security software may include (i) collecting, by a computing device, telemetry data from a set of security products deployed by a set of client machines, (ii) identifying, by the computing device, a selected security product within the set of security products that is missing telemetry data for a target client machine, (iii) building a classifier, by the computing device using the telemetry data, that predicts information about security incidents triggered by the selected security product, (iv) determining, by the computing device and based on the classifier, that the selected security product triggers a new security incident on the target client machine, and (v) performing a security action, by the computing device, to secure the target client machine against the new security incident. Various other methods, systems, and computer-readable media are also disclosed.
-
公开(公告)号:US10242187B1
公开(公告)日:2019-03-26
申请号:US15265750
申请日:2016-09-14
Applicant: Symantec Corporation
Inventor: Kevin Roundy , Matteo Dell'Amico , Chris Gates , Michael Hart , Stanislav Miskovic
Abstract: The disclosed computer-implemented method for providing integrated security management may include (1) identifying a computing environment protected by security systems and monitored by a security management system that receives event signatures from the security systems, where a first security system uses a first event signature naming scheme that differs from a second event signature naming scheme used by a second security system, (2) observing a first event signature that originates from the first security system and uses the first event signature naming scheme, (3) determine that the first event signature is equivalent to a second event signature that uses the second event signature naming scheme, and (4) performing, in connection with observing the first event signature, a security action associated with the second event signature and directed to the computing environment. Various other methods, systems, and computer-readable media are also disclosed.
-
-
-
-
-
-
-
-
-
Search Results
10
records
(took 0.014 seconds)
