公开(公告)号：EP3090584B1

公开(公告)日：2019-08-07

申请号：EP14876801.3

申请日：2014-12-24

申请人： McAfee, LLC

发明人： KULKARNI, Dattatraya ,  NALLURI, Srikanth ,  KRISHNAPUR, Venkatasubrahmanyam ,  DHRUW, Kaushal ,  SINHA, Raja ,  JAIN, Yogesh ,  DOSS, Aravind ,  NAYAK, Susmita

IPC分类号： H04W4/16 ,  H04W4/60 ,  H04M3/436

公开(公告)号：EP2630611B1

公开(公告)日：2019-06-05

申请号：EP11834976.0

申请日：2011-10-18

申请人： McAfee, LLC

发明人： CARTER III, Russell Bertrand ,  LALL, Pravat Kumar ,  OITMENT, Geoff ,  MAHA, Davoud ,  HASAN, Javed

IPC分类号： H04L29/06 ,  G06F21/51 ,  H04L29/08 ,  G06F17/30

公开(公告)号：EP2840753B1

公开(公告)日：2019-05-15

申请号：EP13196135.1

申请日：2009-05-21

申请人： McAfee, LLC

发明人： Sherlock, Kieran Gerard ,  Valente, Luis Filipe Pereira ,  Pearcy, Derek Patton ,  Cooper, Geoffrey Howard

IPC分类号： H04L29/06 ,  H04L12/26 ,  H04L12/24 ,  G06F21/55

公开(公告)号：EP3363149A1

公开(公告)日：2018-08-22

申请号：EP16855930.0

申请日：2016-09-22

申请人： McAfee, LLC

发明人： SMITH, Ned M. ,  SCHRECKER, Sven

IPC分类号： H04L9/08 ,  H04L29/08

CPC分类号： H04L63/06 ,  H04L9/0891 ,  H04L9/14 ,  H04L9/32 ,  H04L9/3234 ,  H04L63/065 ,  H04L67/10 ,  H04L67/12 ,  H04L67/125 ,  H04W4/70 ,  H04W12/04 ,  H04W12/06

摘要： A method for migrating logical devices from one Internet of Things (IoT) device to another includes: receiving, by a first IoT device having a first platform group key, a request to migrate a first logical device from the first IoT device to a second IoT device having a second platform group key; removing a first logical device platform group private key associated with the first logical device from a storage of the first IoT device; sending an encrypted state of the first logical device to the second IoT device; and binding the first logical device to the second IoT device by receiving a second logical device platform group private key for the first logical device from a zone controller; and storing the second logical device platform group private key in a storage of the second IoT device.

公开(公告)号：EP2839406B1

公开(公告)日：2018-08-08

申请号：EP13778473.2

申请日：2013-04-17

申请人： McAfee, LLC

发明人： DAS, Sudeep ,  DIVAKARLA, Jayasankar ,  SHARMA, Pramod

IPC分类号： G06F21/56 ,  G06F21/44 ,  H04L29/06 ,  G06F21/51

CPC分类号： H04L63/1441 ,  G06F17/30876 ,  G06F21/51 ,  G06F2221/033 ,  H04W12/12

摘要： A combination of shim and back-end server applications may be used to identify and block the installation of malicious applications on mobile devices. In practice, a shim application registers with a mobile device's operating system to intercept application installation operations. Upon intercepting an attempted installation operation, the shim application identifies the application seeking to be installed, generates a key uniquely identifying the application, and transmits the key over a network connection to a back-end server. The back-end server may be configured to crawl the Internet to identify malicious applications and compile and maintain a database of such applications. Upon receiving a key from the shim application, the back-end server can search its database to locate a matching application and, if found, respond to the mobile device with the application's status (e.g., malicious or not). The shim application can utilize this information to allow or block installation of the application.

公开(公告)号：EP2769509B1

公开(公告)日：2018-08-08

申请号：EP12842144.3

申请日：2012-09-26

申请人： McAfee, LLC

发明人： COOPER, Geoffrey ,  GREEN, Michael W. ,  GUZIK, John Richard

IPC分类号： H04L12/26 ,  H04L12/70 ,  H04L9/00 ,  H04L12/801 ,  G06F11/22 ,  H04L29/06

CPC分类号： H04L63/0227 ,  G06F2221/2101 ,  H04L43/10 ,  H04L63/0209 ,  H04L63/0442

摘要： A method is provided in one example embodiment that includes receiving metadata from a host over a metadata channel. The metadata may be correlated with a network flow and a network policy may be applied to the connection. In other embodiments, a network flow may be received from a host without metadata associated with the flow, and a discovery redirect may be sent to the host. Metadata may then be received and correlated with the flow to identify a network policy action to apply to the flow.

公开(公告)号：EP3231128A4

公开(公告)日：2018-06-20

申请号：EP15859379

申请日：2015-03-27

申请人： MCAFEE LLC

发明人： KAUL NEERAJ ,  BHARATHAPUDI PAVAN KUMAR V ,  REVASHETTI SIDDARAYA B ,  NARJALA RANJIT S ,  VENKATACHARY RAMKUMAR RAM CHARY ,  MOSTAFA SAHAR ,  YALAPALLI VANI ,  SLATE CHARLES ,  MCDOWELL JOHN R

IPC分类号： H04L9/32 ,  H04L29/06

CPC分类号： H04L63/08 ,  H04L9/321 ,  H04L9/3231 ,  H04L63/0815 ,  H04L63/0884 ,  H04L63/102 ,  H04L63/105 ,  H04L2463/082

摘要： The present disclosure relates to a system and method for providing conditional login promotion. An example system includes at least one processor and at least one memory element, wherein the system is configured for receiving an indication of a local operating system login by a user from a client device associated with the user; receiving one or more authentication factors associated with the user from the client device; and determining whether the local operating system login is to be promoted to a relying party entity based upon the one or more authentication factors associated with the user.

公开(公告)号：EP3198800A4

公开(公告)日：2018-06-20

申请号：EP15843535

申请日：2015-08-25

申请人： MCAFEE LLC

发明人： MONDIGUING STEPHEN ,  CRUZ BENJAMIN

IPC分类号： H04L29/06 ,  H04L29/12

CPC分类号： H04L63/1416 ,  H04L61/1511 ,  H04L2463/142 ,  H04L2463/144 ,  H05K999/99

摘要： In an example, a detection engine identifies potential malware objects according to behavior. In order to circumvent blacklists and fingerprint-based detection, a malware server may frequently change domain names, and change the fingerprints of distributed malware agents. A malware agent may perform only an initial DNS lookup, and thereafter communicate with the malware command-and-control server via “naked” HTTP packets using the raw IP address of the server. The detection engine identifies malware agents by this behavior. In one example, if an executable object makes repeated HTTP requests to an address after the DNS lookup “time to live” has expired, the object may be flagged as potential malware.

公开(公告)号：EP3198506A4

公开(公告)日：2018-05-30

申请号：EP15844964

申请日：2015-08-26

申请人： MCAFEE LLC

发明人： CROWE SIMON

IPC分类号： G06F21/54 ,  G06F21/52 ,  G06F21/56

CPC分类号： G06F21/54 ,  G06F2221/033

摘要： In an example, a stack protection engine is disclosed for preventing or ameliorating stack corruption attacks. The stack protection engine may operate transparently to user-space processes. After a call to a subroutine from a parent routine, the stack protection engine encodes the return address on the stack, such as with an exclusive or cipher and a key selected from a key array. After the subroutine returns control to the main routine, the stack protection engine decodes the address, and returns control. If a stack corruption attack occurs, the malicious return address is not properly encoded, so that when decoding occurs, the program may simply crash rather than returning control to the malicious code.

公开(公告)号：EP3318042A1

公开(公告)日：2018-05-09

申请号：EP16818420.8

申请日：2016-05-30

申请人： McAfee, LLC

发明人： STECHER, Martin ,  SABBAN, Andre

IPC分类号： H04L29/06 ,  H04L29/08 ,  H04L12/26

CPC分类号： H04L63/10 ,  G06F8/65 ,  H04L43/50 ,  H04L63/0281 ,  H04L63/102 ,  H04L67/02 ,  H04W12/0027

摘要： Particular embodiments described herein provide for a network element that can be configured to receive, from an electronic device, a request to access a network service. In response to the request, the network element can send data related to the network service to the electronic device and add a test link to the data related to the network service. The network element can also be configured to determine if the test link was successfully executed and classify the electronic device as untrusted if the test link was not successfully executed.