38th week of 2013 patent applcation highlights part 79 |
Patent application number | Title | Published |
20130247093 | EARLY WARNING SYSTEM, SERVER AND METHOD - An early warning system is provided. The early warning system includes a plurality of sensors, a server, and an information appliance device. The sensors produce status information. The server produces event information according to the status information of the sensors, transforms the event information into a first multimedia signal, and transmits the first multimedia signal to the information appliance device through a computer network. The information appliance device is connected to a display device, wherein the information appliance device transforms the first multimedia signal into a second multimedia signal capable of displaying through the display device. The disclosure further provides an early warning server, an early warning method, and a computer program product for report information. | 2013-09-19 |
20130247094 | EMERGENCY ALERT SYSTEM METHODS AND APPARATUS - Methods and apparatus for delivering emergency alert system message content to customer premise devices without requiring them to tune to an emergency message channel and having to encode information into frames of regular program content being delivered to customer premise devices, e.g., set top boxes, are described. An emergency management server receives emergency alert messages from a federal government system and generates emergency alert control messages which are sent to one or more switching devices located at one or more regional hubsites/headends to which the emergency alert message applies. The emergency alert control message instructs the switching device to output an emergency alert content stream in place of a standard program. The switching device outputs the emergency content message stream in place of the standard program content to, e.g., a QAM modulator, which modulates the content stream on the frequency being used to deliver the standard program content being replaced. | 2013-09-19 |
20130247095 | System And Method Of Scheduling Advertising Content For Dynamic Insertion During Playback Of Video On Demand Assets - Described are computer-based methods and apparatuses, including computer program products, for scheduling advertising content for dynamic insertion during play of video on demand assets. A virtual linear program channel is generated that is associated with a plurality of video on demand assets, the virtual linear program channel comprising data defining a plurality of predetermined time bins and a forecast number of views of the virtual channel assets within each of the time bins. The virtual linear program channel data is transmitted to a remote scheduling server. Advertising content and linear program channel scheduling instructions are received from the remote scheduling server, the linear program channel scheduling instructions identifying the virtual linear program channel and a selected time bin for insertion of the advertising content. The linear program channel scheduling instructions are translated into scheduling criteria for dynamically inserting the advertising content during playback of any of the virtual channel assets within the selected time bin. | 2013-09-19 |
20130247096 | User Interfaces For Web-Based Video Player - A system, method and various user interfaces enable association of advertising content with requested shared video content for access via a web-based video player. Advertising content is provided selectively in conjunction with playback of video content. Selection of how and where advertising is displayed is based on a flexibly managed balance between providing sufficiently noticeable opportunities to access advertising information and preserving a satisfying viewer experience in watching requested video content. | 2013-09-19 |
20130247097 | System and Method for an Interactive Internet Radio Application in an Internet Protocol Television System - A set-top box for an Internet protocol television (IPTV) network includes a radio interface module, a remote control interface module, and a display interface module. The radio interface module accesses an Internet radio service on the IPTV network and outputs a list of Internet radio stations received from the Internet radio service to a particular IPTV channel on the display interface module, receives a selection of an Internet radio station from the remote control interface module, retrieves an Internet radio stream associated with the selected Internet radio station from the Internet radio service in response to receiving the first selection, and outputs the Internet radio steam on the particular IPTV channel of the display interface module. | 2013-09-19 |
20130247098 | VIDEO DISTRIBUTION SYSTEM, VIDEO DISTRIBUTION APPARATUS, VIDEO DISTRIBUTION METHOD AND MEDIUM - According to one embodiment, distribution system includes live distributor and time-shifted distributor. Live distributor distributes live content by streaming. Time-shifted distributor accumulates live content distributed by streaming, and redistributes video content from reproduction position requested by viewer. Time-shifted distributor includes digest generator, menu creator and distributor. Digest generator divides video content from start time of streaming distribution to present time when streaming distribution is continuing into chapters, extracts representative frame from each of chapters, and generates digest movie including representative frame. Menu creator creates menu screen. Distributor distributes digest movie selected on presented menu screen. | 2013-09-19 |
20130247099 | INTERACTIVE TELEVISION SYSTEMS WITH DIGITAL VIDEO RECORDING AND ADJUSTABLE REMINDERS - An interactive television system is provided in which an interactive television application is used to support network-based or local personal video recorder capabilities. A user may use this application to view lists of program listings. The user may select a program listing of interest. The interactive television application may allow the user to set a reminder for the selected program at the scheduled broadcast time. This application may also allow the user to set a reminder for the selected program at a later time at which the program is not scheduled to be broadcast. The user may be provided with a reminder at this later time. In response, the user may direct the network-based or local personal video recorder to play back the program or may defer the reminder again. The interactive television application may collect information on program usage and popularity to determine how long to retain certain programming. | 2013-09-19 |
20130247100 | METHOD AND APPARATUS FOR PROVIDING A PROGRAMMING GUIDE VIA MULTIPLE RECEIVING DEVICES - A system utilizing one or more auxiliary or scanning tuners provides real time information for providing programming guides. The one or more auxiliary tuner scans or tunes across the band of television signals to gather information relevant to metadata, programming guides, and or message alerts. For example, this information is converted to text, graphic, and or audio form for displaying or listening. | 2013-09-19 |
20130247101 | Video Output Device and Video Output Method - According to one embodiment, a video output device includes a receiver, a program guide obtaining module, an output signal processor, a user identification module, a view history storage module, and a program advice module. The receiver receives a broadcast signal of a program. The program guide obtaining module obtains program guide data. The output signal processor outputs a video signal of the broadcast signal to an output module. The user identification module identifies a user who is viewing the program. The view history storage module stores the program as view history in association with the user. The program advice module searches the program guide data for a recommended program similar to programs viewed by the user in the past using a keyword based on the view history and creates a program advice message suggesting the recommended program. The output signal processor outputs the program advice message to the output module. | 2013-09-19 |
20130247102 | METHOD AND SYSTEM TO REQUEST AUDIOVISUAL CONTENT ITEMS MATCHED TO PROGRAMS IDENTIFIED IN A PROGRAM GRID - A method to obtain visual content items matched to scheduled programs comprising: providing a program guide display that includes a grid with grid locations that identify scheduled programs, and that correspond to respective a scheduled program air times and a respective program sources; wherein the program guide extends over a time frame prior to the current date; providing an icon associated with a grid location that indicates that a visual content item matched to the program identified by the grid location currently is available; providing an identifier that is encoded in computer readable storage device and that is associated with the grid location and that indicates a location where the visual content item can be obtained; and accessing the location indicated by the identifier in response to a user selection of the grid location associated with the icon. | 2013-09-19 |
20130247103 | SYSTEMS AND METHODS FOR SELECTING MEDIA ASSETS FOR DISPLAY IN A SCREEN OF AN INTERACTIVE MEDIA GUIDANCE APPLICATION - A method and system of selecting assets for display in an interactive media guidance application includes receiving a user input indicating interest in a media item; generating a list of media assets related to the media item, selecting, based on priority rules, a subset of the media assets to display in an interactive media guidance application, and displaying an identifier for each of the subset of media assets in the interactive media guidance application screen. The priority rules may assign a first priority to one type of media asset and a second priority to a second type of media asset, and may be based on: whether the media asset has been viewed, and a respective time associated with the media asset. | 2013-09-19 |
20130247104 | INFORMATION DESCRIPTOR AND EXTENDED INFORMATION DESCRIPTOR DATA STRUCTURES FOR DIGITAL TELEVISION SIGNALS - According to an aspect, there is provided a digital television (DTV) data stream including program and system information protocol (PSIP) data associated with content of the DTV data stream, the PSIP data including a virtual channel table (VCT) and an event information table (EIT), the EIT comprising: a source identification field identifying a source of an associated event in a DTV data stream; an event identification field indicating an identification of the event; a start time field indicating a star time of the event; a title field indicating a title of the event; and a descriptor comprising: a descriptor tag identifying the descriptor as a genre descriptor, a descriptor length indicating a total length of the descriptor; and at least one category code for an associated event in a DTV data stream, each category code specifying genre, program type, or category information of the associated event, wherein the at least one category code specifies at least one of a set of basic categories. | 2013-09-19 |
20130247105 | SMART SUBSCRIBE BUTTON ON WATCH - A smart subscribe button on watch is presented. In response to a user request for a watch page, a channel associated with the watch page requested by a user is identified. Subscription information of the user is obtained. A determination is made of whether the user is subscribed to the channel associated with the watch page based on the subscription information of the user. If the user is subscribed to the channel, the watch page is modified to reflect the user subscription to the channel associated with the watch page, wherein the modified watch page is to be presented to the user in response to the user request. | 2013-09-19 |
20130247106 | ELECTRONIC PROGRAMMING GUIDE - An indication of user interest of a program of a particular television channel may be identified based on user interaction with a programming guide that displays first content. A selectable icon positioned in association with a descriptor that identifies the particular television channel may be generated in response to identifying the indication of user interest and for display within the programming guide. An interactive pane that identifies at least one particular program that is stored within an omnibus channel file containing a plurality of programs broadcast consecutively on the particular television channel over a predefined period of time may be generated in response to user selection of the selectable icon for display within the programming guide. | 2013-09-19 |
20130247107 | EPG REALIGNMENT - Arrangements detailed may cause a television channel received via the tuner to be recorded for a period of time to create a channel-specific file. The channel-specific file may include multiple television programs. User input that requests playback of a first television program of the plurality of television programs from the channel-specific file may be received. A front-end adjustment time period for playback of the first television program may be determined. A start time from which playback commences in the channel-specific file may be at least partially based on the front-end adjustment time period and a scheduled start time of the television program. | 2013-09-19 |
20130247108 | Method and system of using intelligent mobile terminal for controlling the broadcasting of network multi-media broadcasting device - The present application is directed to a method and system of controlling the broadcasting of network multi-media broadcasting device comprising the steps of, adding at least one channel or application on a main user interface; determining whether the user has selected one of the channels or applications, if so, setting the channel or application as selected by the user as an auto launch item; if not, selecting the channel or application with the highest priority as the auto launch item; determining whether the channel or application possessing the highest CTR or longest broadcasted time; if so, selecting among the channels or applications having the highest CTR or longest broadcasted time and setting it as an auto launch item; if not, giving the highest priority to the sole channel or application having the highest CTR or longest broadcasted time and setting it as the auto launch item. | 2013-09-19 |
20130247109 | Advanced Television System - A digital television recording method comprising: broadcasting a television program associated with a broadcaster set of parameters enabling access to a first set of predetermined portions of the program; operating an agent for determining whether to record the program and for associating with the program, upon recording of the program, an agent set of parameters enabling access to a second set of predetermined portions of the program; storing the program together with the broadcaster set of parameters and the agent set of parameters to generate an addressable program; retrieving at least a portion of the addressable program; displaying the at least a portion of the addressable program to a user; receiving from the user a user set of parameters enabling access to a third set of predetermined portions of the addressable program; editing the addressable program to include the user set of parameters enabling access to the third set of predetermined portions of the addressable program thereby generating an edited addressable program; and storing the edited addressable program. | 2013-09-19 |
20130247110 | IMAGE PROCESSING APPARATUS AND IMAGE PROCESSING METHOD - An image processing apparatus includes a receiving unit configured to receive image data of program content and genre information relating to the program content, a selection unit configured to select a size selection parameter for causing the genre information received by the receiving unit to be reflected in a block size, a determination unit configured to determine a block size in accordance with the size selection parameter selected by the selection unit, the block size being used for orthogonal transformation, and an orthogonal transformation unit configured to perform orthogonal transformation on the image data received by the receiving unit at the block size determined by the determination unit. | 2013-09-19 |
20130247111 | TRANSFER OF TELEVISION PROGRAMS FROM CHANNEL-SPECIFIC FILES TO PROGRAM-SPECIFIC FILES - A television receiver including a tuner and one or more processors may be presented. The television receiver may be configured to tune the tuner to a television channel. The television receiver may be configured to create and store an omnibus channel file containing a plurality of television programs broadcast consecutively on the television channel over a period of time. The television receiver may be configured to, after a predefined period of time, select the omnibus channel file for deletion. The television receiver may be configured to determine a television program to receive extended storage. The television receiver may be configured to store a portion of the omnibus channel file as an individual program file, wherein the portion of the omnibus channel file corresponds to the television program. The television receiver may be configured to, after storing the portion of the omnibus channel file, delete the omnibus channel file. | 2013-09-19 |
20130247112 | ELECTRONIC PROGRAM GUIDE WITH DIGITAL STORAGE - An interactve television program guide system with digital storage is provided. The program guide gives users the ability to store information associated with recorded programs in a directory in the digital storage device thereby providing easy access to program information. The program guide may also provide a global media library for indicating the programs stored on removable storage media used with the program guide. The guide may also allow the user to manage ad maintain a user media library to do the same. Non-time-sensitive data associated with recorded programs may be stored in a way that allows the user to interact with the data on playback as if the program were being originally aired. The program guide also allows the user to define “super-programs”for playback of a sequence of stored programs or program segments. | 2013-09-19 |
20130247113 | MULTI-IMAGE SWITCHING METHOD AND SYSTEM - A multi-image switching method is provided. The switching method includes steps of: establishing a connection between a portable device and a smart device, and fetching a program source list from the smart device; transmitting a watch request message to the smart device according to a user-selected program source from the program source list, wherein the watch request message includes program source identification information; and receiving program information, which is corresponding to the program source identification information and replied by the smart device in response to the watch request message, and providing the program information to the portable device for display. Therefore, according to the embodiments, the same or different program information may be simultaneously viewed on the portable device and the smart device after establishing the connection between the portable device and the smart device through a handshake protocol. | 2013-09-19 |
20130247114 | VIDEO DISTRIBUTION SYSTEM, AND VIDEO DISTRIBUTION METHOD - A video distribution system of the present invention distributes a digitally captured video, and includes an imaging device, a server device, and a playback terminal. The imaging device includes: an imager that captures an omnidirectional video using a wide-angle lens; and a controller that transmits a group of frame data constituting the video captured by the imager to the server device. The server device includes: a calculator that divides an image represented by each frame data of the group of frame data from the imaging device into a plurality of regions, converts an image of each region into a normal image, and obtains a group of partial data classified by region; a storage unit that accumulates the group of frame data from the imaging device and accumulates the group of partial data classified by region; and a controller that selects a group of frame data of a video requested from the terminal device and a group of partial data for a region requested from the terminal device in relation to the video from the storage unit and transmits them to the terminal device. The terminal device includes: a display instrument that plays back a video; an attitude sensor that detects rotation angle information of the terminal device; and a controller that transmits, to the server device, identification information of a video to be played back and identification information of a region in relation to the video, the region designated by a user based on the rotation angle information. | 2013-09-19 |
20130247115 | RECORDING OF MULTIPLE TELEVISION CHANNELS - In various embodiments, a selection of a television program to record may be received by a television receiver. The television program may be broadcast on a first television channel and as part of a first transponder stream. A plurality of television channels that are transmitted as part of the first transponder stream may be determined. A user interface may be presented that permits a user to select from the plurality of television channels transmitted on the first transponder stream. A selection of a second television channel from the plurality of television channels may be received. In response to the selection of the first television program to record and the selection of the second television channel from the plurality of television channels, record the first television channel and the second television channel via a single tuner. | 2013-09-19 |
20130247116 | DECENTRALIZED MEDIA DELIVERY NETWORK - A decentralized approach to delivering a media file to a requesting subscriber in a network of subscribers comprises the steps of segmenting the media file into a plurality of segments and distributing the segments of the media file among the network of subscribers, and responding to a request from the requesting subscriber by directing to that requesting subscriber al of the plurality of segments of the media file. All of the segments are assembled into the media file and displayed or stored by the requesting subscriber. | 2013-09-19 |
20130247117 | COMMUNICATION DEVICE - A mobile device includes a position sensing unit, a remote control information obtainment unit, and a storage unit. Position information obtained by the position sensing unit is stored in the storage unit in association with remote control information. The mobile device further includes a directional space obtainment unit and an apparatus specification unit. The mobile device recognizes a direction pointed by a user using the mobile device, and enables operation of a terminal apparatus existing in the pointing direction. | 2013-09-19 |
20130247118 | MULTICAST BROADCAST MULTIMEDIA SERVICE-ASSISTED CONTENT DISTRIBUTION - Embodiments provide methods, systems, and apparatuses for multicast broadcast multimedia service (MBMS)-assisted content distribution in a wireless communication network. A proxy terminal may include an MBMS access client configured to receive and cache an MBMS transmission including media data and metadata. The proxy terminal may further include a hypertext transfer protocol (HTTP) server module configured to transmit at least a portion of the media data to a user equipment (UE) of the wireless communication network via an HTTP transmission. The media data and metadata may be in a dynamic adaptive streaming over HTTP (DASH) format. The proxy terminal may be included in an evolved Node B (eNB), the UE, or another UE of the wireless communication network. | 2013-09-19 |
20130247119 | METHOD OF PROCESSING NON-REAL TIME SERVICE AND BROADCAST RECEIVER - A method of receiving and processing a Non-Real Time (NRT) service and a broadcast receiver are disclosed herein. A method of processing an NRT service in a broadcast receiver includes receiving and processing a signaling information table including detail information of each content in the NRT service and indication information indicating whether the content is available on internet, acquiring internet access information of each file belonging to content available on the internet through File Delivery Table (FDT) of File Delivery over Unidirection Transport (FLUTE) based on the indication information, and downloading files belonging to the content by accessing the internet based on the acquired internet access information. | 2013-09-19 |
20130247120 | LIVE STREAM DETECTION AND NOTIFICATION SERVICE - Systems, apparatus and methods are provided to detect live video data satisfying user specified criteria and consolidate live broadcasting management, analysis of detected video data, and notification of potential viewers. | 2013-09-19 |
20130247121 | INTERACTION METHOD BETWEEN DIGITAL TELEVISION RECEPTION TERMINAL AND MOBILE TERMINAL, TERMINAL AND SYSTEM - An interaction method between a digital television reception terminal and a mobile terminal, the terminal and a system are provided. The method includes the following steps: the mobile terminal acquires a first swinging control instruction of a user by a vector sensor; the mobile terminal transmits the title and the link address information of the current online playing video to the digital television reception terminal, according to said first swinging control instruction; and said digital television reception terminal acquires said playing video to play, according to said title and link address information. By means that the user swings the mobile terminal to initiate a video playing handoff, the invention realizes the video handoff between the mobile terminal and the digital television reception terminal by a convenient operation, and improves experience of the user while being user-friendly. | 2013-09-19 |
20130247122 | METHOD, SYSTEM AND MOBILE TERMINAL FOR SWITCHING WORKING STATE OF MOBILE TERMINAL - A method for switching the working state of a mobile terminal comprises that: the mobile terminal detects the swinging state of a user; when the swinging state matches a predetermined rule, the mobile terminal sends a playing instruction used for the current online playing video to a digital television receiving terminal, and switches the working state to a remote controller state; and the digital television receiving terminal obtains the playing video to play according to the playing instruction. The present invention conveniently switches the mobile terminal to the remote controller for users to use, after the digital television receiving terminal has continued to play the online video being played by the mobile terminal, which is convenient to the users and improves the experience of the users. | 2013-09-19 |
20130247123 | SYSTEM AND METHOD FOR DELIVERING COMPRESSED APPLICATIONS - An indication is obtained that consumer premises equipment needs to obtain at least one file from a file system. Responsive to the indication, an uncompressed framework portion of the at least one file is obtained at the consumer premises equipment from the file system. The uncompressed framework portion of the at least one file is executed on the consumer premises equipment to: (i) obtain compressed portions of the at least one file at the consumer premises equipment, from the file system; and (ii) decompress and execute the compressed portions of the at least one file on the consumer premises equipment. | 2013-09-19 |
20130247124 | CONTENTS RECEPTION DEVICE AND METHOD, CONTENTS TRANSMISSION DEVICE AND METHOD, PROGRAM, AND RECORDING MEDIUM - The present invention relates to a contents reception device and method, a contents transmission device and method, a program, and a recording medium, whereby a Push-type NRT service can be realized. | 2013-09-19 |
20130247125 | System for Recursive Recombination of Streaming Interactive Video - A plurality of servers whose video output is coupled to video compression apparatus that transmits streaming interactive video to a plurality of users, with a feedback loop whereby the streaming interactive video is recursively combined within the video output of the plurality of servers. | 2013-09-19 |
20130247126 | METHOD AND DEVICE FOR BUFFERING DATA FOR MULTIPLEXING - The invention relates to a method and device for buffering data for multiplexing. The invention also relates to a method of multiplexing and to a multiplexer arrangement using the method and device for buffering data for multiplexing. In one embodiment the invention can be applied to the buffering of non-traffic data, such as firmware updates or other supplementary information, before multiplexing the non-traffic data with traffic data, such as television data of television channels, to form a satellite broadcast channel. In embodiments of the invention, non-traffic data for multiplexing is buffered and then read out again for multiplexing at a rate which is a function of buffer fullness. The non-traffic data may be multiplexed with at least one traffic data channel. A multiplexer can view the non-traffic data channel as another multiplexing input and can allocate the available bit rate between the traffic data channels and the non-traffic data accordingly. | 2013-09-19 |
20130247127 | MEDIA STREAM PLAYING METHOD AND SET-TOP BOX - The present invention provides a media stream playing method and a set-top box. In the present invention, in a process that a guidance unit of a set-top box initializes a platform system, the guidance unit obtains a channel identifier of a channel to be played and obtains, by using the channel identifier, a media stream that corresponds to the channel identifier, so that the guidance unit can send the media stream to a playing unit of the set-top box for playing. Because the technical solution is independent of the platform system of the set-top box, a problem in the prior art that, the set-top box cannot perform a television play service in an initialization process of the set-top box and the set-top box can perform the television play service by using the platform system only after the initialization of the set-top box is completed, can be avoided. | 2013-09-19 |
20130247128 | Distribution of security policies for small to medium-sized organizations - A security policy distribution system encapsulates parameters for a security policy and instructions for applying the parameters to a corresponding security program into a self-contained configuration file. When the self-contained configuration file is executed on behalf of a computer, the corresponding security program on the computer is updated with the parameters, thus distributing the security policy to the computer. | 2013-09-19 |
20130247129 | System, method and computer program product for obtaining a reputation associated with a file - A reputation system, method and computer program product are provided. In use, a file associated with a first computer is identified. Thereafter, a reputation associated with the file stored at a second computer is obtained. | 2013-09-19 |
20130247130 | SYSTEM, METHOD AND COMPUTER PROGRAM PRODUCT FOR UPDATING A SECURITY SYSTEM DEFINITION DATABASE BASED ON PRIORITIZED INSTANCES OF KNOWN UNWANTED DATA - A prioritized update system, method, and computer program product are provided. In use, a priority is assigned to a plurality of instances of known unwanted data. In addition, information associated with at least one of the instances of known unwanted data is communicated over a network for updating a system, based on the priority. In one embodiment, the prioritized update system may be provided for updating a security system definition database, based on prioritized instances of known unwanted data. | 2013-09-19 |
20130247131 | SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT FOR PREVENTING SCANNING OF A COPY OF A MESSAGE - A system, method, and computer program product are provided for preventing scanning of a copy of a message. In use, it is determined whether an identifier of a message is stored in a data structure. Further, the scanning of a copy of the message is prevented, based on the determination. | 2013-09-19 |
20130247132 | SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT FOR SELECTING A WIRELESS NETWORK BASED ON SECURITY INFORMATION - A system, method, and computer program product are provided for selecting a wireless network based on security information. In use, a plurality of wireless networks is identified. Further, security information associated with each of the wireless networks is collected, such that one of the wireless networks is selected based on the security information. | 2013-09-19 |
20130247133 | SECURITY ASSESSMENT OF VIRTUAL MACHINE ENVIRONMENTS - Each virtual machine in a set of virtual machines managed by the virtual machine manager is identified. For each virtual machine in the set, it is determined whether the respective virtual machine is online. For at least the virtual machines determined to be offline, a machine image is collected for each offline virtual machine. Security of the offline virtual machines is assessed from the collected images. For virtual machines identified as online, an agent is loaded on each online virtual machine in the set via the virtual machine manager. The loaded agents are used to assess security of the online virtual machines in the set. | 2013-09-19 |
20130247134 | Method And Apparatus For A Distributed Security Service In A Cloud Network - Various embodiments provide a method and apparatus of providing a distributed security service that runs light instances in a number of security devices and central instances of the security services in select security devices. A received or transmitted client content segment is directed to a light instance which either applies a security policy corresponding to the client content segment if the client content segment has been previously analyzed and has a valid security policy, or else, the light instance sends the client content segment to a central instance to be analyzed. The central instance may then provide a complete security analysis on the client content segment, determine a security policy corresponding to the client content segment and push the determined security policy to one or more of the light instances. Advantageously, a distributed security service delivery may provide highly secure, network efficient and cost effective security service delivery. | 2013-09-19 |
20130247135 | METHOD AND APPARATUS FOR SECURITY-AWARE ELASTICITY OF APPLICATION AND SERVICES - In a method for scaling up/down security (non-functional) components of an application, determine (a) types of interactions and a number of each type of interaction each non-security (functional) component has with security components for a plurality of requests. Determine, based on (a) and an expected number of incoming requests to the application, (b) types of requests to and interactions with the security components involving the non-security components and (c) a number of requests to and interactions with the security components involving non-security components for each type of request to the security components involving non-security components. Determine, for each security component, a capacity required for each type of request involving the non-security components and a capacity required for each type of interaction involving the non-security components. Change the capacities of the security components to new capacities, wherein the new capacities are based on (a), (c) and the determined capacities. | 2013-09-19 |
20130247136 | Automated Validation of Configuration and Compliance in Cloud Servers - A method, an apparatus and an article of manufacture for automated validation of compliance in a cloud server. The method includes remotely accessing a target cloud server to discover at least one configuration setting of the target cloud server, integrating the at least one configuration setting from the target cloud server with information from at least one back-end tool to produce compliance evidence, and automatically answering a set of at least one checklist question for activation compliance validation of the target cloud server based on the compliance evidence. | 2013-09-19 |
20130247137 | METHODS AND SYSTEMS FOR AUTOMATICALLY CONFIGURING AND RE-CONFIGURING ELECTRONIC SECURITY INTERFACES - A scalable and flexible system and method for automatically configuring and re-configuring electronic security interfaces comprising video, audio, wireless hardware and software capable of capturing video and audio designed to be a true “plug-n-play” for an end-user. The system is configured to incorporate almost any type of camera, battery technology, storage device, wifi or cellular technology, microphone and provides access to the web in real-time to add applications, for example, facial recognition web services, real-time comparing of any previously identified and stored object etc. In addition, the system and method is capable of taking inputs of most custom user-deployment application requirement and generating a set of hardware to fulfill a user's particular requirements. | 2013-09-19 |
20130247138 | METHOD AND SYSTEM FOR REGULATING HOST SECURITY CONFIGURATION - A recommendation engine coupled to a server computer in communication with a plurality of hosts is described. The recommendation engine includes computer readable intrusion-protection instructions stored in a memory device, which cause a processor of said server computer to determine a current host-protection configuration for a target host; detect discrepancy between said current host-protection configuration and a prior host-protection configuration; install said current host-protection configuration in said target host upon detecting said discrepancy; record successive host-reconfiguration periods, a host reconfiguration period being a difference between successive instants of time at which a current host-protection configuration differs from a prior host-protection configuration; determine a monitoring period according to a value of at least one of said successive host-reconfiguration periods; and a scheduler for activating said intrusion-protection instructions according to said monitoring period. | 2013-09-19 |
20130247139 | APPLICATION IDENTITY DESIGN - Methods and apparatus, including computer program products, implementing and using techniques for providing user credentials over a network to a remote computer application. User credentials for the remote computer application are stored in a central repository that is accessible through the network. A request is sent to a service to perform, on behalf of a user, a particular task involving the remote computer application. It is determined whether the service has been granted permission to act on behalf of the user with respect to the remote computer application. When the service has permission to act on behalf of the user, the service is used to retrieve the user's credentials for the remote computer application from the central repository and to supply the retrieved user credentials to the remote computer application, | 2013-09-19 |
20130247140 | METHOD OF PROTECTING AN INDIVIDUAL'S PRIVACY WHEN PROVIDING SERVICE BASED ON ELECTRONIC TAG - A technology for providing a service based on an electronic tag. A personalized service provider issues a new code that replaces a code recorded on an electronic tag which is attached to a product purchased by a purchaser, sets a privacy policy of the purchaser, authenticates the new code and purchaser information, and provides a service associated with the product in a limited manner according to the set privacy policy when a person who accesses the personalized service provider is not the purchaser of the product | 2013-09-19 |
20130247141 | METHOD AND APPARATUS FOR PROVIDING MOBILE AND SOCIAL SERVICES VIA VIRTUAL INDIVIDUAL SERVERS - A method, computer readable medium and apparatus for providing a virtual individual server service within a communications network are disclosed. For example, the method receives a request from a subscriber of the communications network to subscribe to the virtual individual server service, provides a virtual individual server to the subscriber in response to the request and executes at least one application via the virtual individual server using at least one piece of personal information associated with the subscriber. | 2013-09-19 |
20130247142 | AUTHENTICATION FEDERATION SYSTEM AND ID PROVIDER DEVICE - According to one embodiment, the ID provider device stores pieces of policy information for each service provider ID. The ID provider device outputs a policy evaluation request including the user ID used in the log-in processing and the service provider ID in the authentication federation request when the log-in processing is successful. The ID provider device reads the policy information in accordance with the service provider ID in the policy evaluation request. The ID provider device judges whether to permit the transmission of the service data in accordance with whether environmental conditions of the user for the execution of a service conform to the read policy information. | 2013-09-19 |
20130247143 | SYSTEM AND METHOD FOR CONFIGURING DEVICES FOR SECURE OPERATIONS - Systems and methods for establishing a security-related mode of operation for computing devices. A policy data store contains security mode configuration data related to the computing devices. Security mode configuration data is used in establishing a security-related mode of operation for the computing devices. | 2013-09-19 |
20130247144 | Controlling Access to Resources on a Network - Disclosed are various embodiments for controlling access to data on a network. Upon receiving a request comprising a device identifier and at least one user credential to access a remote resource, the request may be authenticated according to at least one compliance policy. If the request is authenticated, a resource credential associated with the remote resource may be provided. | 2013-09-19 |
20130247145 | TEMPERATURE-PROFILED DEVICE FINGERPRINT GENERATION AND AUTHENTICATION FROM POWER-UP STATES OF STATIC CELLS - A method, system and computer program product for generating device fingerprints and authenticating devices uses initial states of internal storage cells after each of a number multiple power cycles for each of a number of device temperatures to generate a device fingerprint. The device fingerprint may include pairs of expected values for each of the internal storage cells and a corresponding probability that the storage cell will assume the expected value. Storage cells that have expected values varying over the multiple temperatures may be excluded from the fingerprint. A device is authenticated by a similarity algorithm that uses a match of the expected values from a known fingerprint with power-up values from an unknown device, weighting the comparisons by the probability for each cell to compute a similarity measure. | 2013-09-19 |
20130247146 | AUTHENTICATION SYSTEM AND METHOD - Various embodiments of authentication and information verification methods and apparatus are disclosed herein. In one embodiment, a server is described, comprising a communication interface for sending and receiving information to/from consumers and third parties, a memory for storing processor-executable instructions and one or more accounts, and a processor for executing the processor-executable instructions that cause the server to, receive electronic instructions, from a consumer, to create an account for a consumer, the account comprising a number of data fields, create an account in response to receiving instructions over the communication interface to create the account, the account comprising a number of data fields, store the account in the memory, assign an overall security level to the account, and increase the overall security level of the account in response to receiving an indication from a third party that the information provided to the third party is true. | 2013-09-19 |
20130247147 | CREATING A VIRTUAL PRIVATE NETWORK (VPN) FOR A SINGLE APP ON AN INTERNET-ENABLED DEVICE OR SYSTEM - An Internet-enabled device, such as a smartphone, tablet, PC, wearable sensor, or household appliance, executes an application (or “app”) has its own VPN connection with a VPN gateway device. The app does not use the device-level or system VPN to connect with the gateway. The app, which may be security wrapped, is made more secure by having its own VPN tunnel with the gateway, wherein the VPN tunnel is not used by other apps running on the device. The conventional (or device-level) VPN connection is not used by the app(s). The app has its own IP stack, an HTTP proxy layer, an IPsec module, and a virtual data link layer which it uses to build IP packets, encapsulate them, and transmit them to a transport module in the device operating system, for example, a UDP module. | 2013-09-19 |
20130247148 | SYSTEM AND METHOD FOR CORRELATING NETWORK IDENTITIES AND ADDRESSES - The system and method for correlating network identities and addresses described herein may include a log correlation engine distributed on a network that identifies relationships between certain network identities and Internet Protocol (IP) and Ethernet addresses in the network. In particular, the log correlation engine may analyze various event logs that describe activity in a network to learn relationships between network identities and network addresses and generate alerts in response to discovering changes in the learned relationships. For example, the log correlation engine may identify authentication events described in the logs to map network identities to IP addresses, and may further analyze the logs to map the IP addresses to Ethernet addresses. Thus, the log correlation engine may discover new and changed relationships between the network identities, the IP addresses, and the Ethernet addresses. | 2013-09-19 |
20130247149 | Internet protocol address authentication method - A method for secure authentication is provided which includes having a user who wishes to gain access to a computer or computer network have the IP address associated with the device to which the user wishes to gain access be in a whitelist of IP addresses associated with the user computer account. If the IP address is not associated initially with the user's computer account, the user is presented with a contact address, e.g., a telephone number, which a user uses to be presented with secondary authentication questions. Upon the user answering the secondary authentication question(s) correctly, the IP address of the user is added to the whitelist of IP addresses associated with the user's computer account and the user is provided access to the user account. | 2013-09-19 |
20130247150 | WIRELESS COMMUNICATION USING CONCURRENT RE-AUTHENTICATION AND CONNECTION SETUP - A method includes generating at least one of a re-authorization request or a re-authentication with an extensible authentication protocol. The method also includes generating an upper layer message. The method further includes bundling the upper layer message and the least one of the re-authorization request or the re-authentication request as an association request. The method further includes transmitting the association request to an access point. | 2013-09-19 |
20130247151 | Communication Privacy - An apparatus comprises: one or more terminals coupled to a packet-based network, installed with a first instance of a communication client application of a first user and a second instance of the communication client application of said first user, the communication client application being configured so as when executed to enable the first user to communicate with other users by means of a first communication system implemented over the packet-based network. The apparatus comprises a controller coupled to the packet-based network and arranged to maintain separate privacy settings for each of the first and second instances, and thereby control the privacy of the first user in relation to the other users within the first communication system in dependence on which of the first and second instances is active. | 2013-09-19 |
20130247152 | ACCESS DEVICE, ACCESS SYSTEM AND COMPUTER PROGRAM PRODUCT - According to an embodiment, an access device includes a first obtaining unit configured to obtain a first authorization as user authorization; and a second obtaining unit configured to obtain a second authorization as authorization other than the user authorization through communication with a server via an external network. The access device also includes an accessing unit configured to access a function of an access target device via a local network by using the first authorization and the second authorization. | 2013-09-19 |
20130247153 | ELECTRONIC APPARATUSES AND METHODS FOR ACCESS CONTROL AND FOR DATA INTEGRITY VERIFICATION - Improved access control systems ( | 2013-09-19 |
20130247154 | MANAGING CONNECTIONS IN A DATA STORAGE SYSTEM - Described in detail herein are systems and methods for managing connections in a data storage system. For example, the systems and methods may be used to manage connections between two or more computing devices for purposes of performing storage operations on the data of one of the computing devices. The data storage system includes at least two computing devices. A first computing device includes an unauthorized connection data structure and a connection manager component. The connection manager component receives a connection request from a second computing device. If the second computing device is not identified on the unauthorized connection data structure, the connection manager component can request that an authentication manager authenticate the second computing device and/or determine whether the second computing device is properly authorized. If so, the connection manager component can allow the second computing device to connect to the first computing device. | 2013-09-19 |
20130247155 | APPLICATION IDENTITY DESIGN - Methods and apparatus, including computer program products, implementing and using techniques for providing user credentials over a network to a remote computer application. User credentials for the remote computer application are stored in a central repository that is accessible through the network. A request is sent to a service to perform, on behalf of a user, a particular task involving the remote computer application. It is determined whether the service has been granted permission to act on behalf of the user with respect to the remote computer application. When the service has permission to act on behalf of the user, the service is used to retrieve the user's credentials for the remote computer application from the central repository and to supply the retrieved user credentials to the remote computer application. | 2013-09-19 |
20130247156 | Method For Setting Up An Access Level For Use Of A Software Sytem, And Computer Program Products And Processor Devices Thereof - A method for setting up an access level for use of a software system including different levels of user accesses. The method includes the steps of: using a first user login to log in to the software system, the first user login having a first access level including a first set of permissions; using a second user login to log in to the software system, the second user login having a second access level including a second set of permissions; and combining the permissions of the first set of permissions and the second set of permissions in the software system, thereby setting up the access level for the use of the software system, the access level including the combined permissions of the first set of permissions and the second set of permissions. The invention also relates to computer program products and processor means. | 2013-09-19 |
20130247157 | METHOD OF CONNECTING A DEVICE TO A NETWORK USING DIFFERENT SERVICE PROVIDERS - The present invention comprises a method and apparatus for simplifying the process of access to a network for a roaming computer user, divides the responsibility of servicing a given user wanting to access the network between multiple parties wanting to access the network between multiple parties and minimizes the possibility of improper dissemination of email header data as well as improper use of network resources (including server systems) by non-clients. | 2013-09-19 |
20130247158 | Secure Group Communications - A device for use in a system with multiple receiving units, and multiple intermediate units each configured to communicate with the device and at least some of the multiple receiving units, includes a communication module configured to send information toward and receive information from the receiving units and the intermediate units, a memory, and a processor coupled to the memory and the communication module. The processor is configured to: cause the communication module to send information toward each of the receiving units sufficient for the receiving units to obtain a key chain corresponding to that receiving unit, each key chain containing a plurality of keys, each key in each key chain being related to other keys in the respective key chains by at least one inverse of a one-way function; select a key from a key chain associated with a particular receiving unit and stored in the memory; and cause the communication module to send the selected key, and an indication of which receiving unit the selected key is associated with, toward the intermediate unit associated with the particular receiving unit. | 2013-09-19 |
20130247159 | METHOD AND SYSTEM FOR ONLINE THIRD-PARTY AUTHENTICATION OF IDENTITY ATTRIBUTES - A method for online authentication includes receiving membership authenticating information specific to members of a particular affiliation from the members and from one or more remote databases. The information is aggregated and stored in an aggregate database. An individual is authenticated, via a widget at least one of integrated into, and accessible by, at least one of a mobile application and a website of a provider of at least one of a particular program and a particular service, as a member of the particular affiliation based on a comparison of authenticating indicia provided online by the individual and the information stored in at least one of the aggregate database and the remote databases. Digital credentials are provided to the individual for access to the at least one of the particular program and the particular service when the individual is authenticated. The credentials include a unique identifier, a login and password. | 2013-09-19 |
20130247160 | Method and System for User Authentication Over a Communication Network - A system and method for user authentication over a communication network are disclosed. The system includes a first device having a contact application and a second device having a contact application. A second device is authenticated by transmitting a first security key associated with the first device from the second device to the first device. The system and method provide a means for users of a communication network to uniquely identify one another, which allows users to be uniquely identified and authenticated independent of a device, network, and/or application used for communication. | 2013-09-19 |
20130247161 | METHOD AND APPARATUS FOR SUBSCRIPTION SHARING - A method, apparatus and computer program product are provided for enabling multiple mobile terminals to access a subscription service. The method may further include causing a client certificate to be issued to the first mobile terminal as a result of the certificate enrollment procedure. In some example embodiments, the client certificate comprises a subscription identifier and a flag indicating whether the client certificate is to be sharable with a second mobile terminal. The method may further include causing a certificate enrollment procedure to be initiated by a second mobile terminal with the first mobile terminal in an instance in which the first mobile terminal possesses one or more credentials that are configured to be shared with another mobile terminal. The method may further include the second mobile terminal receiving at least one credential in the form of a client certificate from the first mobile terminal. | 2013-09-19 |
20130247162 | SINGLE AUTHENTICATION CONTEXT FOR NETWORK AND APPLICATION ACCESS - Methods, systems, and computer readable media for a single authentication context for network and application access are described. An embodiment can include a method for using a single authentication context for network and application access. The method can include generating, using one or more processors, an authentication context. The method can also include providing, using the one or more processors, the authentication context to one or more application programs. The method can further include determining an application access level for each of the one or more applications based on the authentication context. | 2013-09-19 |
20130247163 | METHOD FOR PROVIDING A USER WITH AN AUTHENTICATED REMOTE ACCESS TO A REMOTE SECURE DEVICE - The invention relates to a method for providing a user with an authenticated remote access to a remote secure device ( | 2013-09-19 |
20130247164 | MULTIPLE ACCESS POINT ZERO SIGN-ON - The ability to connect a device to the Internet or another type of network from various network access points in a convenient manner is contemplated. The device may be conveniently connected to the desired network without requiring user input of a username and password when connecting to the various network access points. | 2013-09-19 |
20130247165 | OFFLINE AUTHENTICATION - A computer system determines whether the computer system is able to access an authentication server. If the computer system is able to access the authentication server, the computer system requesting a first set of credentials from a user. If the first set of credentials is valid, the computer system assigns the user a first role for performing operations on the computer system based on the first set of credentials. If the computer system is unable to access the authentication server, the computer system requests another set of credentials from the user. If the other set of credentials is valid, the computer system assigns the user another role for performing operations on the computer system based on the other set of credentials. | 2013-09-19 |
20130247166 | MOBILE DEVICE MANAGEMENT - Methods and apparatuses that enroll a wireless device into an enterprise service with a management server addressed in a management profile are described. The enrollment may grant a control of configurations of the wireless device to the management server via the management profile. In response to receiving a notification from the management server, a trust of the notification may be verified against the management profile. If the trust is verified, a network session may be established with the management server. The network session may be secured via a certificate in the management profile. Management operations may be performed for management commands received over the secure network session to manage the configurations transparently to a user of the wireless device according to the control. | 2013-09-19 |
20130247167 | SYSTEM, METHOD, AND COMPUTER PROGRAM FOR PREVENTING INFECTIONS FROM SPREADING IN A NETWORK ENVIRONMENT USING DYNAMIC APPLICATION OF A FIREWALL POLICY - A method for containing a threat in network environment using dynamic firewall policies is provided. In one example embodiment, the method can include detecting a threat originating from a first node having a source address in a network, applying a local firewall policy to block connections with the source address, and broadcasting an alert to a second node in the network. In more particular embodiments, an alert may be sent to a network administrator identifying the source address and providing remedial information. In yet other particular embodiments, the method may also include applying a remote firewall policy to the first node blocking outgoing connections from the first node. | 2013-09-19 |
20130247168 | Scalable Virtual Appliance Cloud (SVAC) and Devices Usable in an SVAC - According to one embodiment, a system includes a scalable virtual appliance cloud (SVAC) comprising: at least one distributed line card (DLC); at least one switch fabric coupler (SFC) in communication with the at least one DLC; and at least one controller in communication with the at least one DLC, wherein one or more of the at least one DLC is an appliance DLC, wherein one or more of the at least one SFC is a central SFC, and wherein the SVAC appears to a device external of the SVAC as a single appliance device applying various services to a traffic flow. | 2013-09-19 |
20130247169 | METHOD AND SYSTEM FOR MANAGEMENT OF SECURITY RULE SET - There are provided a method of automated managing an ordered set of security rules implemented at a plurality of security gateways and a system thereof. The method comprises obtaining data characterizing a connectivity request which may become allowable only upon changes of an initial rule-set, thus giving rise to an unfitting connectivity request; analyzing routing tables of the plurality of the security gateways; generating ranking the security gateways in accordance with their relevance to the unfitting connectivity request; selecting one or more security gateways with the highest ranking; and implementing a configuration change required in order to facilitate allowance of the unfitting connectivity request at the one or more selected security gateways. | 2013-09-19 |
20130247170 | HOST TRUST REPORT BASED FILTERING MECHANISM IN A REVERSE FIREWALL - Disclosed is a computer implemented method to report a bad host. A receiver host receives a packet from a sender host. The receiver host detects that the packet contains suspect hostile content. The receiver host transmits a negative trust report. | 2013-09-19 |
20130247171 | IMAGE-BASED UNLOCK FUNCTIONALITY ON A COMPUTING DEVICE - Utilizing an image on a computing device to serve as a template for locking/unlocking the computing device. The image includes a plurality of portions that are defined and thereafter identified and presented to a user via a touch screen. A user selects portions/zones that are defined within the image in a specified sequence and this sequence is stored as a lock/unlock code for unlocking the computing device. In an embodiment, in addition to the specified sequence of selections, a movement or sequence of movements may be also be stored as part of the lock/unlock code. | 2013-09-19 |
20130247172 | INFORMATION PROCESSING DEVICE WITH USER AUTHENTICATION THAT RESTORES PREVIOUS OPERATION CONDITION - An information processing device includes an authenticating part to authenticate a user; an operating part for setting information, an authentication canceling part to cancel an authentication of the user, an operation condition memory part to cause a second memory part to memorize the setting information memorized in a first memory part, and a reproducing part to confirm whether or not the setting information is memorized in the second memory part when the authenticating part authenticates the user. In a case where memorized, the reproducing part reads the setting information from the second memory part, and to reproduce an operation condition based on the read setting information. In a case where not memorized, the reproducing part displays a non-user condition specification screen for the user's selecting one of multiple functions. | 2013-09-19 |
20130247173 | SYSTEM AND METHODS FOR SECURE ENTRY OF A PERSONAL IDENTIFICATION NUMBER (PIN) - Systems and methods for credential character selection are provided. The system includes one or more sensors configured to detect a character selection and generate a character selection signal, and detect a character selection completion and generate a character selection completion signal. The system also includes one or more processors coupled to the one or more sensors, the one or more processors configured to receive the character selection signal and the character selection completion signal, and generate an output signal based on the received character selection signal that includes components of a credential. The system also includes a network interface component configured to transmit the output signal. The credential characters may be components of a PIN or password. Moreover, the credential character selections may be made on one device, but displayed on a separate coupled device. The character selections may be a selection of a character or a modification of character. | 2013-09-19 |
20130247174 | AUTHENTICATION SYSTEM, PROCESSOR, AND COMPUTER-READABLE RECORDING MEDIUM STORING THEREIN PROGRAM - An authentication system including: an authenticator that collates an object that is to be authenticated to determine whether the object is valid and sets, when the object is determined to be valid, an authentication state for the object; a detector that continuously detects, after the setting by the authenticator, the presence of the object; and an authentication canceller that cancels, when the detector detects the absence of the object, the authentication state set for the object. This configuration makes it possible to avoid an unauthorized use of the authentication system. | 2013-09-19 |
20130247175 | FACIAL FEATURE DETECTION - An example method includes capturing, by a camera of a computing device, an image including at least a face of a user, calculating a face template of the face of the user in the image, and analyzing the face template to determine whether the face includes at least one of a removable facial feature that decreases a level of distinctiveness between two faces and a non-removable facial feature that decreases a level of distinctiveness between two faces. When the face includes the removable facial feature, the method further includes outputting a notification for the user to remove the removable facial feature. When the face includes the non-removable facial feature, the method further includes adjusting a first similarity score threshold to a second similarity score threshold. | 2013-09-19 |
20130247176 | NON-TRANSITORY COMPUTER READABLE MEDIUM STORING ACCESS RIGHTS UPDATE PROGRAM, ACCESS RIGHTS MANAGEMENT SYSTEM, AND ACCESS RIGHTS UPDATE METHOD - Provided is a non-transitory computer readable medium storing an access rights update program causing a computer to be executed as: an acquisition unit that acquires access rights update information, which includes information specifying an object of personnel changes, a type of personnel changes, a changed organization, a delegatee of access rights for a storage unit that stores a document, and an effective period of the access rights, before the personnel changes; a search unit that searches for the storage unit, for which access rights information including the effective period of the access rights is set and which needs to be updated, on the basis of the acquired access rights update information; and an update unit that updates the access rights information, which is set for the searched storage unit, before the personnel changes on the basis of the acquired access rights update information. | 2013-09-19 |
20130247177 | APPARATUS AND METHOD OF CONTROLLING PERMISSION TO APPLICATIONS IN A PORTABLE TERMINAL - An apparatus and method of controlling permission to an application in a portable terminal, the apparatus including a controller for, when requested for an invocation of a specific function provided by a framework during an execution of a specific application, determining whether a permission for the specific function is obtained using the specific application's user ID and process ID, and if the permission for the specific function is determined to be restricted, displaying a first message indicating that the permission is restricted. | 2013-09-19 |
20130247178 | SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT FOR MAKING A SCAN DECISION DURING COMMUNICATION OF DATA OVER A NETWORK - A system, method, and computer program product are provided for scanning data during communication of the data over a network. In use, a process is initiated for determining whether to scan data, during communication of the data over the network. Further, the data is conditionally scanned based on the determination. | 2013-09-19 |
20130247179 | SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT FOR SENDING DATA ASSOCIATED WITH CONTENT TO A SERVER FOR ANALYSIS - A system, method, and computer program product are provided for sending data associated with content to a server for analysis. In use, tracking information associated with content stored on a client is identified. Further, data associated with the content is sent from the client to a server for analysis. | 2013-09-19 |
20130247180 | SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT FOR COMPARING AN OBJECT WITH OBJECT ENUMERATION RESULTS TO IDENTIFY AN ANOMALY THAT AT LEAST POTENTIALLY INDICATES UNWANTED ACTIVITY - A system, method, and computer program product are provided for comparing an object with object enumeration results to identify at least potentially unwanted activity. In use, a change in a state of an object is identified. Additionally, the object is compared with results of an object enumeration. Further, at least potentially unwanted activity is identified based on the comparison. | 2013-09-19 |
20130247181 | Method of and system for computer system denial-of-service protection - A method of and system for protecting a computer system against denial-of-service attacks or other exploitation. The method comprises collecting network data and analyzing the network data using statistical and heuristic techniques to identify the source of the exploitation upon receiving an indication of exploitation. Upon identifying the network source, the network data associated with the network is blocked, redirected, or flow controlled. Preferably, the method also includes identifying when the system is being exploited. | 2013-09-19 |
20130247182 | SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT FOR IDENTIFYING HIDDEN OR MODIFIED DATA OBJECTS - A system, method, and computer program product are provided for detecting hidden or modified data objects. In use, a first set of data objects stored in a device is enumerated, where the enumeration of the first set of data objects is performed within an operating system of the device. Additionally, a second set of data objects stored in the device is enumerated, where the enumeration of the second set of data objects is performed outside of the operating system of the device. Further, the first set of data objects and the second set of data objects are compared for identifying hidden or modified data objects. | 2013-09-19 |
20130247183 | SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT FOR PREVENTING A MODIFICATION TO A DOMAIN NAME SYSTEM SETTING - A system, method, and computer program product are provided for preventing a modification to a domain name system setting. In use, an attempt to modify a domain name system setting is detected. Additionally, a source of the attempt and an attribute of the modification are verified. Further, the modification to the domain name system setting is prevented, based on the verification. | 2013-09-19 |
20130247184 | Stealth Network Attack Monitoring - Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for stealth attack monitoring. In one aspect, a method includes monitoring a network for failed connection attempts in the network, wherein each failed internal connection attempt is initiated by a source asset and is an attempt to connect to a destination asset; and only in response to detecting a failed connection attempt initiated by a source asset, instantiating a source asset tracking instance in a computer memory, and for each source asset tracking instance in the computer memory: monitoring the corresponding source asset for a threshold number of failed connection attempts to destination assets during a time period; and in response to detecting the threshold number of failed connection attempts from the source asset during the time period for the source asset tracking instance, designating the source asset as a security risk. | 2013-09-19 |
20130247185 | SYSTEMS AND METHODS FOR TRACKING AND RECORDING EVENTS IN A NETWORK OF COMPUTING SYSTEMS - A security client can be configured to operate on the one or more computing systems and record all events occurring on the one or more computing systems. The security client can operate as a “security camera” for the computing systems by identifying and retaining data and information that describes and details different events that occur on the computing systems. The security client can be configured to generate event records for the events that are uniquely associated with the process that requested or performed event. Likewise, the security client can be configured to uniquely associate the event records with the specific computing system associated with the event. | 2013-09-19 |
20130247186 | System to Bypass a Compromised Mass Storage Device Driver Stack and Method Thereof - A method to circumvent malicious software via a system configured to bypass a device driver stack and, consequently, also bypass the malicious software that may be adversely affecting the device driver stack by using an alternative stack such as a crash dump I/O stack. The crash dump I/O stack is poorly documented relative to the device driver stack and functions independently from the device driver stack. | 2013-09-19 |
20130247187 | Computing device to detect malware - Disclosed is an apparatus and method for a computing device to determine if an application is malware. The computing device may include: a query logger to log the behavior of the application on the computing device to generate a log; a behavior analysis engine to analyze the log from the query logger to generate a behavior vector that characterizes the behavior of the application; and a classifier to classify the behavior vector for the application as benign or malware. | 2013-09-19 |
20130247188 | Mobile Point-Of-Presence for On Demand Network Client Services and Security - Devices, systems and methods are disclosed which relate to implementing a point-of-presence system on a mobile service network. Such a point-of-presence system includes a mobile device communications network; a mobile device; a point-of-presence logic installed on a mobile device; and an application server in communication with the point-of-presence logic via the communications network. Communications between the point-of-presence logic and the network and application server include network data, configuration, and/or installation of connection and device management applications. This point-of-presence system constitutes a mechanism for the service provider to best optimize network resources, even at the device level, while providing optimum network service to mobile users—even for mobile devices that have not been pre-configured for the mobile service network. | 2013-09-19 |
20130247189 | SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT FOR REACTING IN RESPONSE TO A DETECTION OF AN ATTEMPT TO STORE A CONFIGURATION FILE AND AN EXECUTABLE FILE ON A REMOVABLE DEVICE - A system, method, and computer program product are provided for reacting in response to a detection of an attempt to store a configuration file and an executable file on a removable device. In use, a first device removably coupled to a second device is identified. Additionally, an attempt to store on the first device a configuration file for the first device and an executable file is detected. Further, a reaction is performed in response to the detection of the attempt. | 2013-09-19 |
20130247190 | SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT FOR UTILIZING A DATA STRUCTURE INCLUDING EVENT RELATIONSHIPS TO DETECT UNWANTED ACTIVITY - A system, method, and computer program product are provided for utilizing a data structure including event relationships to detect unwanted activity. In use, a plurality of events is identified. Additionally, a data structure including objects associated with the plurality of events and relationships associated with the plurality of events is generated. Further, unwanted activity is detected utilizing the data structure. | 2013-09-19 |
20130247191 | SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT FOR PERFORMING A REMEDIAL ACTION WITH RESPECT TO A FIRST DEVICE UTILIZING A SECOND DEVICE - A system, method, and computer program product are provided for performing a remedial action with respect to a first device utilizing a second device. In use, data is received from a first device at a second device via a network. Additionally, it is determined whether the data is unwanted, utilizing the second device. Furthermore, a remedial action is performed utilizing the second device at least partially blocking the first device from accessing the network, based on the determination. | 2013-09-19 |
20130247192 | SYSTEM AND METHOD FOR BOTNET DETECTION BY COMPREHENSIVE EMAIL BEHAVIORAL ANALYSIS - A method is provided in one example embodiment that includes receiving message sender traits associated with email senders, and receiving a dataset of known malware identifiers and network addresses from a spamtrap. The message sender traits may include behavior features and/or content resemblance factors in various embodiments. The method further includes classifying the email senders as malicious or benign based on the behavior features, and further classifying the malicious senders by malware identifiers based on similarity of content resemblance factors and the dataset of known malware identifiers and network addresses. In certain specific embodiments, a supervised classifier, such as a support vector machine, may be used to classify the malicious senders by malware identifiers. | 2013-09-19 |