Patent application number | Description | Published |
20120151587 | Devices, Systems, and Methods for Detecting Proximity-Based Mobile Malware Propagation - Devices, systems, and methods are disclosed which leverage an agent that resides in a mobile communication device to detect Proximity based Mobile Malware Propagation (PMMP). The agent injects one or several trigger network connections in the candidate connection list. These connections appear as legitimate networks and devices. However, the triggers connect to an agent server on a service provider's network. Essentially, the method is based on the assumption that malware lacks the intelligence to differentiate the trigger network connection from a normal one. Therefore, by attempting to connect through the trigger network connection, the malware reveals itself. The system helps collect the malware signature within a short period of time after the malware outbreak in local areas, and such attacks typically bypass network based security inspection in the network. | 06-14-2012 |
20120151588 | Malware Detection for SMS/MMS Based Attacks - Devices, systems, and methods are disclosed which utilize lightweight agents on a mobile device to detect message-based attacks. In exemplary configurations, the lightweight agents are included as contacts on the mobile device addressed to an agent server on a network. A malware onboard the mobile device, intending to propagate, unknowingly addresses the lightweight agents, sending messages to the agent server. The agent server analyzes the messages received from the mobile device of the deployed lightweight agents. The agent server then generates attack signatures for the malware. Using malware propagation models, the system estimates how many active mobile devices are infected as well as the total number of infected mobile devices in the network. By understanding the malware propagation, the service provider can decide how to deploy a mitigation plan on crucial locations. In further configurations, the mechanism may be used to detect message and email attacks on other devices. | 06-14-2012 |
20130145425 | VERIFICATION SERVICE - Concepts and technologies are disclosed herein for verifying sender information. According to various embodiments of the concepts and technologies disclosed herein, a verification service can determine, receive a request, or receive a call to verify sender information associated with data. The server computer generates and delivers a verification message to a sender device in response to determining that sender information verification is to be provided. The server computer receives a response indicating if the data was sent by the sender device. If the response indicates that the sender device did not send the data, the server computer can block delivery of the data, generate alarms or alerts, take other actions, and/or take no action. If the response indicates that the sender device sent the data, the server computer can deliver the data, provide a verification response to the recipient device, take no action, and/or take other actions. | 06-06-2013 |
20130145465 | MULTILAYERED DECEPTION FOR INTRUSION DETECTION AND PREVENTION - Concepts and technologies are disclosed herein for multilayered deception for intrusion detection. According to various embodiments of the concepts and technologies disclosed herein, a multilayer deception system includes honey servers, honey files and folders, honey databases, and/or honey computers. A multilayer deception system controller generates honey activity between the honey entities and exposes a honey profile with contact information associated with a honey user. Contact directed at the honey user and/or activity at any of the honey entities can trigger alarms and/or indicate an attack, and can be analyzed to prevent future attacks. | 06-06-2013 |
20140006374 | METHOD AND APPARATUS FOR DERIVING AND USING TRUSTFUL APPLICATION METADATA | 01-02-2014 |
20140006375 | METHOD AND APPARATUS FOR ROBUST MOBILE APPLICATION FINGERPRINTING | 01-02-2014 |
20140006418 | METHOD AND APPARATUS FOR RANKING APPS IN THE WIDE-OPEN INTERNET | 01-02-2014 |
20140006440 | METHOD AND APPARATUS FOR SEARCHING FOR SOFTWARE APPLICATIONS | 01-02-2014 |
20140108799 | METHOD AND APPARATUS FOR PROVIDING SUBSCRIBER IDENTITY MODULE-BASED DATA ENCRYPTION AND REMOTE MANAGEMENT OF PORTABLE STORAGE DEVICES - Portable storage devices and methods for remotely managing such portable storage devices are disclosed. For example, a method receives a request from an endpoint device to send a command to a portable storage device. The method then authenticates the endpoint device that has sent the request. The method then transmits the command wirelessly to the portable storage device. Similarly, a portable storage device includes a processor and a computer-readable medium in communication with the processor, the computer-readable medium to store instructions. The instructions, when executed by the processor, cause the processor to perform operations that include: wirelessly receiving a command related to an access of a memory of the portable storage device, verifying an authenticity of the command and executing the command when the authenticity of the command is verified. | 04-17-2014 |
20140150102 | DETECTING ALTERED APPLICATIONS USING NETWORK TRAFFIC DATA - A method, computer readable medium and apparatus for detecting an altered application are disclosed. Network traffic data is obtained for a number of endpoint devices to determine a network traffic signature for a first application. The signature comprises a set of flows within a time window. Network traffic data is monitored to determine a network traffic signature for a second application. The signature for the second application comprises the network traffic signature of the first application plus a flow to an additional address. The method determines a ratio of endpoint devices having network traffic data that matches the signature for the second application as compared to a percentage of endpoint devices having network traffic data that matches the signature for the first application. When the percentage satisfies a threshold, the method determines that the second application is the altered application comprising an altered version of the first application. | 05-29-2014 |
20140250221 | Methods, Systems, and Computer Program Products for Detecting Communication Anomalies in a Network Based on Overlap Between Sets of Users Communicating with Entities in the Network - Anomalies are detected in a network by detecting communication between a plurality of entities and a set of users in the network, determining an overlap between subsets of the set of users that the entities comprising the plurality of entities communicated with, respectively, and determining whether the communication between the plurality of entities and the set of users is anomalous based on the overlap. | 09-04-2014 |