公开(公告)号：US20160232353A1

公开(公告)日：2016-08-11

申请号：US14616794

申请日：2015-02-09

Applicant: QUALCOMM Incorporated

Inventor： Rajarshi Gupta ,  Bjorn Marcus Jakobsson ,  Vinay Sridhara

IPC: G06F21/56

CPC classification number: G06F21/566 ,  G06F21/552 ,  G06F21/56 ,  G06F21/564

Abstract: Methods, systems and devices for identifying, classifying, modeling, and responding to mobile device behaviors may include using lightweight processes to monitor and analyze various conditions and device behaviors to detect an instance of a non-benign behavior, increasing a level of security or scrutiny to identify other instances of non-benign behavior, and notifying select computing devices of the increased security risk so that they may also increase their security/scrutiny levels. For example, a computing device may be configured to perform a first type of analysis operations (e.g., lightweight analysis operations) to determine whether there is an increased security risk, and perform a second type of analysis operations (e.g., robust analysis operations) in response to determining that there is an increased security risk to determine whether there are additional security risks that are different from the security risk detected via the performance of the first type of analysis operations.

Abstract translation: 用于识别，分类，建模和响应移动设备行为的方法，系统和设备可能包括使用轻量级进程监视和分析各种条件和设备行为，以检测非良性行为的实例，增加安全级别或审查 识别非良性行为的其他情况，并通知选择计算设备增加的安全风险，使其也可以增加其安全性/审查级别。 例如，计算设备可以被配置为执行第一类型的分析操作（例如，轻量级分析操作）以确定是否存在增加的安全风险，并且执行第二类型的分析操作（例如，稳健的分析操作） 确定确定是否存在增加的安全风险以确定是否存在不同于通过执行第一类型的分析操作而检测到的安全风险的附加安全风险。

公开(公告)号：US09349001B2

公开(公告)日：2016-05-24

申请号：US13749948

申请日：2013-01-25

Applicant: QUALCOMM Incorporated

Inventor： Sudha Anil Kumar Gathala ,  Rajarshi Gupta ,  Saumitra Das

IPC: G06F21/55 ,  G06F21/56 ,  G06F11/14 ,  G06F11/30 ,  H04W52/02 ,  H04W24/08 ,  G06F11/34 ,  H04W12/12 ,  H04W88/02 ,  H04L29/06

CPC classification number: G06F21/552 ,  G06F11/1433 ,  G06F11/1458 ,  G06F11/3006 ,  G06F11/3082 ,  G06F11/3409 ,  G06F11/3466 ,  G06F11/3476 ,  G06F21/554 ,  G06F21/56 ,  G06F2201/86 ,  G06N99/005 ,  H04L63/1433 ,  H04W12/12 ,  H04W24/08 ,  H04W52/0251 ,  H04W52/0258 ,  H04W88/02 ,  Y02D10/34 ,  Y02D70/1242 ,  Y02D70/1262 ,  Y02D70/142 ,  Y02D70/144 ,  Y02D70/146 ,  Y02D70/164 ,  Y02D70/166 ,  Y02D70/21 ,  Y02D70/22

Abstract: The various aspects include methods, systems, and devices configured to make use of caching techniques and behavior signature caches to improve processor performance and/or reduce the amount of power consumed by the computing device by reducing analyzer latency. The signature caching system may be configured to adapt to rapid and frequent changes in behavioral specifications and models and provide a multi-fold improvement in the scalability of behavioral analysis operations performed on the mobile device.

Abstract translation: 各个方面包括被配置为利用缓存技术和行为签名高速缓存来提高处理器性能和/或通过减少分析器延迟来减少计算设备消耗的功率量的方法，系统和设备。 签名缓存系统可以被配置为适应行为规范和模型中的快速和频繁的改变，并且提供在移动设备上执行的行为分析操作的可扩展性的多重改进。

公开(公告)号：US09326213B2

公开(公告)日：2016-04-26

申请号：US14738604

申请日：2015-06-12

Applicant: QUALCOMM Incorporated

Inventor： Amer Catovic ,  Parag Arun Agashe ,  Rajarshi Gupta ,  Gavin Bernard Horn ,  Rajat Prakash ,  Fatih Ulupinar

IPC: H04W36/30 ,  H04W36/00 ,  H04W76/02 ,  H04W24/02

CPC classification number: H04W36/30 ,  H04W24/02 ,  H04W36/0094 ,  H04W76/18

Abstract: Handover parameter settings are automatically adapted in access points in a system to improve handover performance. Reactive detection techniques are employed for identifying different types of handover-related failures and adapting handover parameters based on this detection. Messaging schemes are also employed for providing handover-related information to access points. Proactive detection techniques also may be used for identifying conditions that may lead to handover-related failures and then adapting handover parameters in an attempt to prevent such handover-related failures. Ping-ponging may be mitigated by adapting handover parameters based on analysis of access terminal visited cell history acquired by access points in the system. In addition, configurable parameters (e.g., timer values) may be used to detect handover-related failures.

公开(公告)号：US09323929B2

公开(公告)日：2016-04-26

申请号：US14090200

申请日：2013-11-26

Applicant: QUALCOMM Incorporated

Inventor： David Fiala ,  Mihai Christodorescu ,  Vinay Sridhara ,  Rajarshi Gupta ,  Kassem Fawaz

IPC: G06F21/56

CPC classification number: G06F21/56 ,  G06F21/566

Abstract: The various aspects provide for a computing device and methods implemented by the device to ensure that an application executing on the device and seeking root access will not cause malicious behavior while after receiving root access. Before giving the application root access, the computing device may identify operations the application intends to execute while having root access, determine whether executing the operations will cause malicious behavior by simulating execution of the operations, and pre-approve those operations after determining that executing those operations will not result in malicious behavior. Further, after giving the application root access, the computing device may only allow the application to perform pre-approved operations by quickly checking the application's pending operations against the pre-approved operations before allowing the application to perform those operations. Thus, the various aspects may ensure that an application receives root access without compromising the performance or security integrity of the computing device.

Abstract translation: 各种方面提供了一种计算设备和由设备实现的方法，以确保在接收根访问之后在设备上执行并寻求root访问的应用不会引起恶意行为。 在给予应用程序根访问之前，计算设备可以识别应用程序在具有root访问的同时执行的操作，确定执行操作是否会通过模拟操作的执行而导致恶意行为，并且在确定执行这些操作之后预先批准这些操作 操作不会导致恶意行为。 此外，在给予应用程序根访问之后，计算设备可以仅允许应用程序通过在允许应用程序执行这些操作之前快速检查应用程序针对预先批准的操作的待处理操作来执行预先批准的操作。 因此，各个方面可以确保应用程序接收根访问，而不会影响计算设备的性能或安全完整性。

公开(公告)号：US20160088009A1

公开(公告)日：2016-03-24

申请号：US14957850

申请日：2015-12-03

Applicant: QUALCOMM Incorporated

Inventor： Rajarshi Gupta ,  Soorgoli Ashok Halambi ,  Yoram Rimoni

IPC: H04L29/06

CPC classification number: H04L63/1425 ,  G06F21/554 ,  G06F21/57 ,  H04L63/1466 ,  H04W12/12 ,  H04W24/02 ,  H04W24/08

Abstract: Systems and methods for recognizing and reacting to malicious or performance-degrading behaviors in a mobile computing device include observing mobile device behaviors in an observer module within a privileged-normal portion of a secure operating environment to identify a suspicious mobile device behavior. The observer module may generate a behavior vector based on the observations, and provide the vector to an analyzer module in an unprivileged-secure portion of the secure operating environment. The vector may be analyzed in the unprivileged-secure portion to determine whether the mobile device behavior is benign, suspicious, malicious, or performance-degrading. If the behavior is found to be suspicious, operations of the observer module may be adjusted, such as to perform deeper observations. If the behavior is found to be malicious or performance-degrading behavior the user and/or a client module may be alerted in a secure, tamper-proof manner.

Abstract translation: 用于识别和响应移动计算设备中的恶意或性能降级行为的系统和方法包括观察安全操作环境的特权正常部分内的观察者模块中的移动设备行为，以识别可疑移动设备行为。 观察者模块可以基于观察结果生成行为向量，并将向量提供给安全操作环境的非特权安全部分中的分析器模块。 可以在非特权安全部分中分析向量，以确定移动设备行为是否是良性的，可疑的，恶意的或性能降级的。 如果发现行为是可疑的，则可以调整观察者模块的操作，例如执行更深的观察。 如果行为被发现是恶意的或降低性能的行为，则用户和/或客户端模块可能以安全，防篡改的方式被提醒。

公开(公告)号：US09292685B2

公开(公告)日：2016-03-22

申请号：US13747115

申请日：2013-01-22

Applicant: QUALCOMM Incorporated

Inventor： Rajarshi Gupta ,  Nayeem Islam ,  Saumitra Das

IPC: G06F11/00 ,  G06F21/55 ,  G06F21/56 ,  G06F11/14 ,  G06F11/30 ,  H04W52/02 ,  H04W24/08 ,  G06F11/34 ,  H04W12/12 ,  H04W88/02 ,  H04L29/06

CPC classification number: G06F21/552 ,  G06F11/1433 ,  G06F11/1458 ,  G06F11/3006 ,  G06F11/3082 ,  G06F11/3409 ,  G06F11/3466 ,  G06F11/3476 ,  G06F21/554 ,  G06F21/56 ,  G06F2201/86 ,  G06N99/005 ,  H04L63/1433 ,  H04W12/12 ,  H04W24/08 ,  H04W52/0251 ,  H04W52/0258 ,  H04W88/02 ,  Y02D10/34 ,  Y02D70/1242 ,  Y02D70/1262 ,  Y02D70/142 ,  Y02D70/144 ,  Y02D70/146 ,  Y02D70/164 ,  Y02D70/166 ,  Y02D70/21 ,  Y02D70/22

Abstract: Aspect methods, systems and devices may be configured to create/capture checkpoints without significantly impacting the performance, power consumption, or responsiveness of the mobile device. An observer module of the mobile device may instrument or coordinate various application programming interfaces (APIs) at various levels of the mobile device system and constantly monitor the mobile device (via a low power process, background processes, etc.) to identify the normal operation patterns of the mobile device and/or to identify behaviors that are not consistent with previously computed normal operation patterns. The mobile device may store mobile device state information in a memory as a stored checkpoint when it determines that the mobile device behaviors are consistent with normal operation patterns, and upload a previously stored checkpoint to a backup storage system when it determines that the mobile device behaviors are not consistent with normal operation patterns.

Abstract translation: 方面方法，系统和设备可以被配置为创建/捕获检查点，而不会显着影响移动设备的性能，功耗或响应性。 移动设备的观察者模块可以在移动设备系统的各个级别对各种应用编程接口（API）进行仪器或协调，并且不断监视移动设备（经由低功率过程，后台进程等）来识别正常操作 移动设备的模式和/或识别与先前计算的正常操作模式不一致的行为。 当确定移动设备的行为与正常操作模式一致时，移动设备可以将存储器中的移动设备状态信息存储在存储器中，并且当它确定移动设备行为时将先前存储的检查点上传到备份存储系统 与正常的操作模式不一致。

公开(公告)号：US20160029221A1

公开(公告)日：2016-01-28

申请号：US14338838

申请日：2014-07-23

Applicant: QUALCOMM Incorporated

Inventor： Dario Suarez Garcia ,  Rajarshi Gupta ,  Alexander Gantman

IPC: H04W12/10 ,  H04L29/06 ,  G06F21/56

CPC classification number: H04W12/10 ,  G06F21/561 ,  G06F21/566 ,  G06F21/577 ,  G06F2221/033 ,  H04L63/1416 ,  H04L63/1433 ,  H04W12/12 ,  H04W24/06

Abstract: A behavior-based security system of a computing device may be protected from non-benign behavior, malware, and cyber attacks by configuring the device to work in conjunction with another component (e.g., a server) to monitor the accuracy and performance of the security system, and determine whether the system is working correctly, efficiently, or as expected. This may be accomplished via the server generating artificial attack software, sending the generated artificial attack software to the mobile device to simulate non-benign behavior in the mobile device, such as a cyber attack, and determining whether the behavior-based security system of the mobile device responded adequately to the simulated non-benign behavior. The sever may send a dead-man signal to the mobile device in response to determining that the behavior-based security system of the mobile device did not respond adequately to the simulated non-benign behavior.

Abstract translation: 计算设备的基于行为的安全系统可以通过将该设备与另一个组件（例如，服务器）配合工作来监视安全性的准确性和性能，从而防止非良性行为，恶意软件和网络攻击 系统，并确定系统是否正常，有效或正常工作。 这可以通过产生人造攻击软件的服务器来实现，将生成的人造攻击软件发送到移动设备以模拟移动设备中的非良性行为，例如网络攻击，以及确定是否基于行为的安全系统 移动设备对模拟的非良性行为作出了充分的反应。 响应于确定移动设备的基于行为的安全系统对模拟的非良性行为没有充分响应，服务器可以向移动设备发送死人信号。

公开(公告)号：US09243917B2

公开(公告)日：2016-01-26

申请号：US14254797

申请日：2014-04-16

Applicant: QUALCOMM Incorporated

Inventor： Rajarshi Gupta ,  Saumitra Mohan Das

IPC: G01C21/20 ,  H04L29/08

CPC classification number: G01C21/203 ,  G01C21/20 ,  G01C21/206 ,  H04L67/125

Abstract: The subject matter disclosed herein relates to systems, methods, apparatuses, articles, and means for determining at least one navigational coordinate system to be utilized in conjunction with transports and/or mobile devices. For certain example implementations, a method by a mobile device that is at least proximate to a transport may comprise identifying a first navigational coordinate system, with the first navigational coordinate system being associated with the transport and enabling navigation within at least one navigable area of the transport. A second navigational coordinate system may also be identified. The mobile device may determine to utilize at least one of the first navigational coordinate system or the second navigational coordinate system based, at least in part, on one or more predetermined conditions. Other example implementations are described herein.

Abstract translation: 本文公开的主题涉及用于确定要与传送和/或移动设备结合使用的至少一个导航坐标系统的系统，方法，设备，物品和装置。 对于某些示例性实施方式，移动设备至少邻近传输的方法可以包括识别第一导航坐标系，其中第一导航坐标系与传输和启用导航在至少一个可导航区域内相关联 运输。 还可以识别第二导航坐标系。 至少部分地基于一个或多个预定条件，移动设备可以确定利用第一导航坐标系或第二导航坐标系中的至少一个。 本文描述了其他示例实现。

公开(公告)号：US09202047B2

公开(公告)日：2015-12-01

申请号：US13627401

申请日：2012-09-26

Applicant: QUALCOMM Incorporated

Inventor： Rajarshi Gupta ,  Sudha Anil Gathala ,  Soorgoli Ashok Halambi

IPC: H04W24/00 ,  G06F21/55 ,  G06F21/56 ,  G06F11/14 ,  G06F11/30 ,  H04W52/02 ,  H04W24/08 ,  G06F11/34 ,  H04W12/12 ,  H04W88/02 ,  H04L29/06

CPC classification number: G06F21/552 ,  G06F11/1433 ,  G06F11/1458 ,  G06F11/3006 ,  G06F11/3082 ,  G06F11/3409 ,  G06F11/3466 ,  G06F11/3476 ,  G06F21/554 ,  G06F21/56 ,  G06F2201/86 ,  G06N99/005 ,  H04L63/1433 ,  H04W12/12 ,  H04W24/08 ,  H04W52/0251 ,  H04W52/0258 ,  H04W88/02 ,  Y02D10/34 ,  Y02D70/1242 ,  Y02D70/1262 ,  Y02D70/142 ,  Y02D70/144 ,  Y02D70/146 ,  Y02D70/164 ,  Y02D70/166 ,  Y02D70/21 ,  Y02D70/22

Abstract: Methods, devices and systems for detecting suspicious or performance-degrading mobile device behaviors intelligently, dynamically, and/or adaptively determine computing device behaviors that are to be observed, the number of behaviors that are to be observed, and the level of detail or granularity at which the mobile device behaviors are to be observed. The various aspects efficiently identify suspicious or performance-degrading mobile device behaviors without requiring an excessive amount of processing, memory, or energy resources. Various aspects may correct suspicious or performance-degrading mobile device behaviors. Various aspects may prevent identified suspicious or performance-degrading mobile device behaviors from degrading the performance and power utilization levels of a mobile device over time. Various aspects may restore an aging mobile device to its original performance and power utilization levels.

Abstract translation: 用于智能地，动态地和/或自适应地检测待观察的计算设备行为，要观察的行为的数量以及细节或粒度的级别来检测可疑或降级性能的移动设备行为的方法，设备和系统 在那里要观察移动设备的行为。 各个方面有效地识别可疑或降低性能的移动设备行为，而不需要过多的处理，存储器或能量资源。 各方面可能纠正可疑或降低性能的移动设备行为。 各个方面可以防止识别的可疑或降级的性能降低的移动设备行为随着时间的推移降低移动设备的性能和功率利用水平。 各个方面可以将老化的移动设备恢复到其原始性能和功率利用水平。

公开(公告)号：US20150148109A1

公开(公告)日：2015-05-28

申请号：US14609113

申请日：2015-01-29

Applicant: QUALCOMM Incorporated

Inventor： Rajarshi Gupta ,  Sudha Anil Gathala ,  Soorgoli Ashok Halambi

IPC: H04W52/02

CPC classification number: G06F21/552 ,  G06F11/1433 ,  G06F11/1458 ,  G06F11/3006 ,  G06F11/3082 ,  G06F11/3409 ,  G06F11/3466 ,  G06F11/3476 ,  G06F21/554 ,  G06F21/56 ,  G06F2201/86 ,  G06N99/005 ,  H04L63/1433 ,  H04W12/12 ,  H04W24/08 ,  H04W52/0251 ,  H04W52/0258 ,  H04W88/02 ,  Y02D10/34 ,  Y02D70/1242 ,  Y02D70/1262 ,  Y02D70/142 ,  Y02D70/144 ,  Y02D70/146 ,  Y02D70/164 ,  Y02D70/166 ,  Y02D70/21 ,  Y02D70/22

Abstract: Methods, devices and systems for detecting suspicious or performance-degrading mobile device behaviors intelligently, dynamically, and/or adaptively determine computing device behaviors that are to be observed, the number of behaviors that are to be observed, and the level of detail or granularity at which the mobile device behaviors are to be observed. The various aspects efficiently identify suspicious or performance-degrading mobile device behaviors without requiring an excessive amount of processing, memory, or energy resources. Various aspects may correct suspicious or performance-degrading mobile device behaviors. Various aspects may prevent identified suspicious or performance-degrading mobile device behaviors from degrading the performance and power utilization levels of a mobile device over time. Various aspects may restore an aging mobile device to its original performance and power utilization levels.

Abstract translation: 用于智能地，动态地和/或自适应地检测待观察的计算设备行为，要观察的行为的数量以及细节或粒度的级别来检测可疑或降级性能的移动设备行为的方法，设备和系统 在那里要观察移动设备的行为。 各个方面有效地识别可疑或降低性能的移动设备行为，而不需要过多的处理，存储器或能量资源。 各方面可能纠正可疑或降低性能的移动设备行为。 各个方面可以防止识别的可疑或降级的性能降低的移动设备行为随着时间的推移降低移动设备的性能和功率利用水平。 各个方面可以将老化的移动设备恢复到其原始性能和功率利用水平。