公开(公告)号：US20160110528A1

公开(公告)日：2016-04-21

申请号：US14514662

申请日：2014-10-15

Applicant: QUALCOMM Incorporated

Inventor： Rajarshi Gupta ,  Satyajit Prabhakar Patne

IPC: G06F21/31 ,  G06F21/57

CPC classification number: G06F21/31 ,  G06F21/316 ,  G06F21/577 ,  G06F2221/034 ,  H04L63/08 ,  H04L63/105 ,  H04L63/1425 ,  H04L63/1433 ,  H04L63/145 ,  H04L2463/082 ,  H04W12/06 ,  H04W12/08

Abstract: A computing device processor may be configured with processor-executable instructions to implement methods of using behavioral analysis and machine learning techniques to identify, prevent, correct, and/or otherwise respond to malicious or performance-degrading behaviors of the computing device. As part of these operations, the processor may perform multifactor authentication operations that include determining one or more of a transaction type criticality value, a user confidence value, a software integrity confidence value, and a historical behavior value, using the one or more of these values to determine a number of authentication factors that are be evaluated when authenticating a user of the computing device, and authenticating the user by evaluating the determined number of authentication factors.

Abstract translation: 计算设备处理器可以配置有处理器可执行指令，以实现使用行为分析和机器学习技术来识别，防止，纠正和/或以其他方式响应计算设备的恶意或性能降级行为的方法。 作为这些操作的一部分，处理器可以执行多因素认证操作，其包括使用这些中的一个或多个来确定事务类型临界值，用户置信度值，软件完整性置信度值和历史行为值中的一个或多个 值，以确定在认证计算设备的用户时评估的认证因子的数量，以及通过评估所确定的认证因素的数量来认证用户。

公开(公告)号：US09189624B2

公开(公告)日：2015-11-17

申请号：US14268547

申请日：2014-05-02

Applicant: QUALCOMM Incorporated

Inventor： Anil Gathala ,  Rajarshi Gupta

IPC: G06F21/00 ,  G06F21/55 ,  G06F21/56 ,  G06F11/14 ,  G06F11/30 ,  H04W52/02 ,  H04W24/08 ,  G06F11/34 ,  H04W12/12 ,  H04W88/02 ,  H04L29/06

CPC classification number: G06F21/552 ,  G06F11/1433 ,  G06F11/1458 ,  G06F11/3006 ,  G06F11/3082 ,  G06F11/3409 ,  G06F11/3466 ,  G06F11/3476 ,  G06F21/554 ,  G06F21/56 ,  G06F2201/86 ,  G06N99/005 ,  H04L63/1433 ,  H04W12/12 ,  H04W24/08 ,  H04W52/0251 ,  H04W52/0258 ,  H04W88/02 ,  Y02D10/34 ,  Y02D70/1242 ,  Y02D70/1262 ,  Y02D70/142 ,  Y02D70/144 ,  Y02D70/146 ,  Y02D70/164 ,  Y02D70/166 ,  Y02D70/21 ,  Y02D70/22

Abstract: Methods, devices and systems for monitoring behaviors of a mobile computing device include observing in a non-master processing core a portion of a mobile device behavior that is relevant to the non-master processing core, generating a behavior signature that describes the observed portion of the mobile device behavior, and sending the generated behavior signature to a master processing core. The master processing core combines two or more behavior signatures received from the non-master processing cores to generate a global behavior vector, which may be used by an analyzer module to determine whether a distributed software application is not benign.

Abstract translation: 用于监测移动计算设备的行为的方法，设备和系统包括在非主处理核心中观察与非主处理核心相关的移动设备行为的一部分行为，生成描述观察部分的行为签名 移动设备行为，并将生成的行为签名发送到主处理核心。 主处理核心组合从非主处理核心接收的两个或多个行为签名以生成全局行为向量，分析器模块可以使用该行为向量来确定分布式软件应用程序是否不是良性的。

公开(公告)号：US20150286820A1

公开(公告)日：2015-10-08

申请号：US14247400

申请日：2014-04-08

Applicant: QUALCOMM Incorporated

Inventor： Vinay SRIDHARA ,  Rajarshi Gupta ,  Bohuslav Rychlik

IPC: G06F21/56 ,  G06F9/48 ,  G06F1/32

CPC classification number: G06F21/566 ,  G06F1/3206 ,  G06F9/4893

Abstract: Methods, systems and devices compute and use the actual execution states of software applications to implement power saving schemes and to perform behavioral monitoring and analysis operations. A mobile device may be configured to monitor an activity of a software application, generate a shadow feature value that identifies actual execution state of the software application during that activity, generate a behavior vector that associates the monitored activity with the shadow feature value, and determine whether the activity is malicious or benign based on the generated behavior vector, shadow feature value and/or operating system execution states. The mobile device processor may also be configured to intelligently determine whether the execution state of a software application is relevant to determining whether any of the monitored mobile device behaviors are malicious or suspicious, and monitor only the execution states of the software applications for which such determinations are relevant.

Abstract translation: 方法，系统和设备计算和使用软件应用程序的实际执行状态来实现节电方案并执行行为监测和分析操作。 移动设备可以被配置为监视软件应用的活动，生成在该活动期间识别软件应用的实际执行状态的阴影特征值，生成将所监视的活动与阴影特征值相关联的行为向量，并且确定 基于生成的行为矢量，阴影特征值和/或操作系统执行状态，活动是否是恶意的或良性的。 移动设备处理器还可以被配置为智能地确定软件应用的执行状态是否与确定所监视的移动设备行为中的任何一个是恶意的还是可疑的，并且仅监视这些确定的软件应用的执行状态 是相关的

公开(公告)号：US09147072B2

公开(公告)日：2015-09-29

申请号：US14064437

申请日：2013-10-28

Applicant: QUALCOMM Incorporated

Inventor： Kassem Fawaz ,  Vinay Sridhara ,  Rajarshi Gupta ,  Mihai Christodorescu

IPC: G06F7/04 ,  G06F17/30 ,  H04N7/16 ,  G06F21/56 ,  G06F21/55

CPC classification number: G06F21/566 ,  G06F21/552

Abstract: Methods, systems and devices use operating system execution states while monitoring applications executing on a mobile device to perform comprehensive behavioral monitoring and analysis include configuring a mobile device to monitor an activity of a software application, generate a shadow feature value that identifies an operating system execution state of the software application during that activity, generate a behavior vector that associates the monitored activity with the shadow feature value, and determine whether the activity is malicious or benign based on the generated behavior vector, shadow feature value and/or operating system execution states. The mobile device may also be configured to intelligently determine whether the operating system execution state of a software application is relevant to determining whether any of the monitored mobile device behaviors are malicious or suspicious, and monitor only the operating system execution states of the software applications for which such determinations are relevant.

Abstract translation: 方法，系统和设备使用操作系统执行状态，同时监视在移动设备上执行的执行综合行为监控和分析的应用程序，包括配置移动设备来监视软件应用程序的活动，生成标识操作系统执行的阴影特征值 在该活动期间生成软件应用程序的状态，生成将所监视的活动与影子特征值相关联的行为向量，并基于生成的行为向量，阴影特征值和/或操作系统执行状态来确定活动是恶意还是良性 。 移动设备还可以被配置为智能地确定软件应用的操作系统执行状态是否与确定所监视的移动设备行为是否是恶意的或可疑的相关，并且仅监视软件应用的操作系统执行状态 这些确定是相关的。

公开(公告)号：US09125021B2

公开(公告)日：2015-09-01

申请号：US14309838

申请日：2014-06-19

Applicant: QUALCOMM Incorporated

Inventor： Rajarshi Gupta ,  Eric Holm

IPC: H04W24/00 ,  H04W4/04 ,  G01S5/02 ,  H04W64/00

CPC classification number: H04W4/04 ,  G01S5/0236 ,  H04W4/043 ,  H04W64/00

Abstract: Methods and apparatuses are provided which may be implemented in various devices for to determine or assist in determining that a mobile station is at one or more particular indoor regions and to provide positioning assistance data and/or the like to the mobile station with regard to at least the one or more particular indoor regions.

Abstract translation: 提供了可以在各种设备中实现的方法和装置，用于确定或协助确定移动台位于一个或多个特定室内区域，并且针对移动台提供定位辅助数据和/或类似物 至少一个或多个特定室内区域。

公开(公告)号：US20150181474A1

公开(公告)日：2015-06-25

申请号：US14639373

申请日：2015-03-05

Applicant: QUALCOMM Incorporated

Inventor： Gavin Bernard Horn ,  Parag Arun Agashe ,  Rajarshi Gupta ,  Rajat Prakash

IPC: H04W36/00 ,  H04W12/08

CPC classification number: H04W36/0038 ,  H04W8/20 ,  H04W12/08 ,  H04W36/08 ,  H04W48/08

Abstract: Access control for an access point (e.g., a cell of the access point) may be based on an access mode associated with the access point. For example, depending on the access mode, access control may involve performing a membership check for the access point. Such a membership check may be performed at a network entity, a source access point, or some other suitable location in a network. In some aspects, access control may involve performing a membership check for an access point in conjunction with a context fetch procedure. Such a procedure may be performed, for example, when an access terminal arrives at the access point after experiencing RLF at another access point.

Abstract translation: 接入点（例如接入点的小区）的接入控制可以基于与接入点相关联的接入模式。 例如，根据访问模式，访问控制可以包括执行接入点的成员资格检查。 这样的成员资格检查可以在网络实体，源接入点或网络中的某个其他合适的位置执行。 在一些方面，访问控制可以包括结合上下文获取过程执行接入点的成员资格检查。 这样的过程可以例如在接入终端在另一接入点经历RLF之后到达接入点时执行。

公开(公告)号：US20150101048A1

公开(公告)日：2015-04-09

申请号：US14044956

申请日：2013-10-03

Applicant: QUALCOMM Incorporated

Inventor： Vinay Sridhara ,  Satyajit Prabhakar Patne ,  Rajarshi Gupta

IPC: G06F21/55

CPC classification number: G06F21/55 ,  G06F9/30145 ,  G06F9/3861 ,  G06F11/3612 ,  G06F21/125 ,  G06F21/52 ,  G06F21/54 ,  G06F21/566 ,  G06F21/577 ,  H04L63/1425 ,  H04L63/1433 ,  H04L63/145 ,  H04W12/12

Abstract: The various aspects provide a method for recognizing and preventing malicious behavior on a mobile computing device before it occurs by monitoring and modifying instructions pending in the mobile computing device's hardware pipeline (i.e., queued instructions). In the various aspects, a mobile computing device may preemptively determine whether executing a set of queued instructions will result in a malicious configuration given the mobile computing device's current configuration. When the mobile computing device determines that executing the queued instructions will result in a malicious configuration, the mobile computing device may stop execution of the queued instructions or take other actions to preempt the malicious behavior before the queued instructions are executed.

Abstract translation: 各方面提供了一种用于在移动计算设备发生之前通过监视和修改在移动计算设备的硬件流水线中挂起的指令（即，排队的指令）来识别和防止恶意行为的方法。 在各个方面，移动计算设备可以预先确定在给定移动计算设备的当前配置的情况下，是否执行一组排队指令将导致恶意配置。 当移动计算设备确定执行排队的指令将导致恶意配置时，移动计算设备可以在排队的指令被执行之前停止执行排队的指令或采取其他动作来抢占恶意行为。

公开(公告)号：US20140362773A1

公开(公告)日：2014-12-11

申请号：US14468150

申请日：2014-08-25

Applicant: QUALCOMM Incorporated

Inventor： Peerapol Tinnakornsrisuphap ,  Fatih Ulupinar ,  John Nasielski ,  Jun Wang ,  Parag Agashe ,  Rajarshi Gupta ,  Ramin Rezaiifar

IPC: H04W40/02 ,  H04L12/56 ,  H04L29/12

CPC classification number: H04W40/02 ,  H04L12/2889 ,  H04L12/4641 ,  H04L29/12028 ,  H04L29/12952 ,  H04L45/741 ,  H04L61/103 ,  H04L61/2061 ,  H04L61/6077 ,  H04W8/082 ,  H04W48/18 ,  H04W80/04 ,  H04W84/045 ,  H04W88/08

Abstract: Local IP access is provided in a wireless network to facilitate access to one or more local services. In some implementations, different IP interfaces are used for accessing different services (e.g., local services and operator network services). A list that maps packet destinations to IP interfaces may be employed to determine which IP interface is to be used for sending a given packet. In some implementations an access point provides a proxy function (e.g., a proxy ARP function) for an access terminal. In some implementations an access point provides an agent function (e.g., a DHCP function) for an access terminal. NAT operations may be performed at an access point to enable the access terminal to access local services. In some aspects, an access point may determine whether to send a packet from an access terminal via a protocol tunnel based on the destination of the packet.

Abstract translation: 在无线网络中提供本地IP接入以便于访问一个或多个本地服务。 在一些实现中，不同的IP接口用于访问不同的服务（例如，本地服务和运营商网络服务）。 可以使用将分组目的地映射到IP接口的列表来确定将哪个IP接口用于发送给定分组。 在一些实现中，接入点为接入终端提供代理功能（例如，代理ARP功能）。 在一些实现中，接入点为接入终端提供代理功能（例如，DHCP功能）。 可以在接入点执行NAT操作，以使得接入终端能够访问本地业务。 在一些方面，接入点可以基于分组的目的地来确定是否经由协议隧道从接入终端发送分组。

公开(公告)号：US20140315581A1

公开(公告)日：2014-10-23

申请号：US14309798

申请日：2014-06-19

Applicant: QUALCOMM Incorporated

Inventor： Rajarshi Gupta ,  Eric Holm

IPC: H04W4/04

CPC classification number: H04W4/029 ,  G01S5/0236 ,  H04W4/024 ,  H04W4/33 ,  H04W64/00

Abstract: Methods and apparatuses are provided which may be implemented in various devices for to determine or assist in determining that a mobile station is at one or more particular indoor regions and to provide positioning assistance data and/or the like to the mobile station with regard to at least the one or more particular indoor regions.

公开(公告)号：US20140245306A1

公开(公告)日：2014-08-28

申请号：US14268547

申请日：2014-05-02

Applicant: QUALCOMM Incorporated

Inventor： Anil GATHALA ,  Rajarshi Gupta

IPC: G06F9/46

CPC classification number: G06F21/552 ,  G06F11/1433 ,  G06F11/1458 ,  G06F11/3006 ,  G06F11/3082 ,  G06F11/3409 ,  G06F11/3466 ,  G06F11/3476 ,  G06F21/554 ,  G06F21/56 ,  G06F2201/86 ,  G06N99/005 ,  H04L63/1433 ,  H04W12/12 ,  H04W24/08 ,  H04W52/0251 ,  H04W52/0258 ,  H04W88/02 ,  Y02D10/34 ,  Y02D70/1242 ,  Y02D70/1262 ,  Y02D70/142 ,  Y02D70/144 ,  Y02D70/146 ,  Y02D70/164 ,  Y02D70/166 ,  Y02D70/21 ,  Y02D70/22

Abstract: Methods, devices and systems for monitoring behaviors of a mobile computing device include observing in a non-master processing core a portion of a mobile device behavior that is relevant to the non-master processing core, generating a behavior signature that describes the observed portion of the mobile device behavior, and sending the generated behavior signature to a master processing core. The master processing core combines two or more behavior signatures received from the non-master processing cores to generate a global behavior vector, which may be used by an analyzer module to determine whether a distributed software application is not benign.

Abstract translation: 用于监测移动计算设备的行为的方法，设备和系统包括在非主处理核心中观察与非主处理核心相关的移动设备行为的一部分行为，生成描述观察部分的行为签名 移动设备行为，并将生成的行为签名发送到主处理核心。 主处理核心组合从非主处理核心接收的两个或多个行为签名以生成全局行为向量，分析器模块可以使用该行为向量来确定分布式软件应用程序是否不是良性的。