公开(公告)号：US20140317734A1

公开(公告)日：2014-10-23

申请号：US14319471

申请日：2014-06-30

Applicant: QUALCOMM INCORPORATED

Inventor： Andres VALENCIA ,  Mastooreh SALAJEGHEH ,  Vinay SRIDHARA ,  Mihai CHRISTODORESECU ,  Rajarshi GUPTA

IPC: G06F21/55

CPC classification number: G06F21/552 ,  G06F21/316 ,  G06F2221/2111

Abstract: Methods, devices and systems for detecting suspicious or performance-degrading mobile device behaviors intelligently, dynamically, and/or adaptively determine computing device behaviors that are to be observed, the number of behaviors that are to be observed, and the level of detail or granularity at which the mobile device behaviors are to be observed. The various aspects efficiently identify suspicious or performance-degrading mobile device behaviors without requiring an excessive amount of processing, memory, or energy resources.

Abstract translation: 用于智能地，动态地和/或自适应地检测待观察的计算设备行为，要观察的行为的数量以及细节或粒度的级别来检测可疑或降级性能的移动设备行为的方法，设备和系统 在那里要观察移动设备的行为。 各个方面有效地识别可疑或降低性能的移动设备行为，而不需要过多的处理，存储器或能量资源。

公开(公告)号：US20160078347A1

公开(公告)日：2016-03-17

申请号：US14483800

申请日：2014-09-11

Applicant: QUALCOMM Incorporated

Inventor： Mastooreh SALAJEGHEH ,  Yin CHEN

IPC: G06N5/04 ,  G06N99/00

CPC classification number: G06N5/04 ,  G06F8/443 ,  G06F11/3003 ,  G06F11/3017 ,  G06F11/3447 ,  G06F11/3452 ,  G06F11/3466 ,  G06F11/3476 ,  G06F21/00 ,  G06F21/552 ,  G06F2201/865 ,  G06N99/005

Abstract: A computing device processor may be configured with processor-executable instructions to implement methods of using behavioral analysis and machine learning techniques to evaluate the collective behavior of two or more software applications operating on the device. The processor may be configured to monitor the activities of a plurality of software applications operating on the device, collect behavior information for each monitored activity, generate a behavior vector based on the collected behavior information, apply the generated behavior vector to a classifier model to generate analysis information, and use the analysis information to classify a collective behavior of the plurality of software applications.

Abstract translation: 计算设备处理器可以配置有处理器可执行指令，以实现使用行为分析和机器学习技术来评估在设备上操作的两个或多个软件应用的集体行为的方法。 处理器可以被配置为监视在设备上操作的多个软件应用的活动，针对每个被监控的活动收集行为信息，基于所收集的行为信息生成行为向量，将生成的行为向量应用于分类器模型以产生 分析信息，并使用分析信息对多个软件应用的集体行为进行分类。

公开(公告)号：US20170286066A1

公开(公告)日：2017-10-05

申请号：US15085415

申请日：2016-03-30

Applicant: QUALCOMM Incorporated

Inventor： Sudha Anil Kumar GATHALA ,  Mihai CHRISTODORESCU ,  Mastooreh SALAJEGHEH

IPC: G06F9/44

CPC classification number: G06F8/30 ,  G06F8/54 ,  G06F9/44521 ,  G06F9/44557 ,  G06F11/3466 ,  G06F11/3624 ,  G06F11/3644

Abstract: Various embodiments include methods for dynamically modifying shared libraries on a client computing device. Various embodiment methods may include receiving a first set of code segments and a first set of code sites associated with a first application. Each code in the first set of code sites may include an address within a compiled shared library stored on the client computing device. The compiled shared library may include one or more dummy instructions inserted at each code site in the first set of code sites, and each code segment in the first set of code segments may be associated with a code site in the first set of code sites. The client computing device may insert each code segment in the first set of code segments at its associated code site in the compiled shared library.

公开(公告)号：US20160261465A1

公开(公告)日：2016-09-08

申请号：US14638602

申请日：2015-03-04

Applicant: QUALCOMM Incorporated

Inventor： Rajarshi GUPTA ,  Mastooreh SALAJEGHEH ,  Mihai CHRISTODORESCU ,  Vinay SRIDHARA ,  Govindarajan KRISHNAMURTHI

IPC: H04L12/24 ,  H04L12/26

CPC classification number: H04L41/14 ,  H04L12/2816 ,  H04L41/0654 ,  H04L41/12 ,  H04L41/145 ,  H04L41/5061 ,  H04L43/04 ,  H04L43/08

Abstract: The disclosure generally relates to behavioral analysis to automate monitoring Internet of Things (IoT) device health in a direct and/or indirect manner. In particular, normal behavior associated with an IoT device in a local IoT network may be modeled such that behaviors observed at the IoT device may be compared to the modeled normal behavior to determine whether the behaviors observed at the IoT device are normal or anomalous. Accordingly, in a distributed IoT environment, more powerful “analyzer” devices can collect behaviors locally observed at other (e.g., simpler) “observer” devices and conduct behavioral analysis across the distributed IoT environment to detect anomalies potentially indicating malicious attacks, malfunctions, or other issues that require customer service and/or further attention. Furthermore, devices with sufficient capabilities may conduct (local) on-device behavioral analysis to detect anomalous conditions without sending locally observed behaviors to another aggregator device and/or analyzer device.

Abstract translation: 本公开通常涉及以直接和/或间接方式自动监视物联网（IoT）设备健康状况的行为分析。 特别地，可以建模与本地IoT网络中的IoT设备相关联的正常行为，使得可以将在IoT设备处观察到的行为与建模的正常行为进行比较，以确定在IoT设备处观察到的行为是正常还是异常。 因此，在分布式IoT环境中，更强大的“分析器”设备可以收集在其他（例如更简单的）“观察者”设备本地观察到的行为，并在分布式IoT环境中进行行为分析，以检测潜在地指示恶意攻击，故障或 其他需要客户服务和/或进一步关注的问题。 此外，具有足够能力的设备可以进行（本地）设备上行为分析以检测异常情况，而不将本地观察到的行为发送到另一聚合器设备和/或分析仪设备。

公开(公告)号：US20160247164A1

公开(公告)日：2016-08-25

申请号：US14627389

申请日：2015-02-20

Applicant: QUALCOMM Incorporated

Inventor： Mastooreh SALAJEGHEH ,  Vinay SRIDHARA ,  Rajarshi GUPTA

IPC: G06Q30/00 ,  H04L29/08 ,  H04L12/26

CPC classification number: G06Q30/016 ,  G06Q10/10 ,  G06Q50/06 ,  H04L43/065 ,  H04L67/12

Abstract: Systems and methods are disclosed for automating customer service for a monitored device (MD). A method for an Internet of Everything management device to automate customer service for a monitored device comprises collecting sensor data from a plurality of sensors, wherein the plurality of sensors comprises a first sensor that is not included in the MD, determining whether the MD is exhibiting abnormal behavior based on an analysis of the collected sensor data, and transmitting a report to a customer service entity associated with the MD in response to a determination that the MD is exhibiting abnormal behavior.

Abstract translation: 公开了用于自动化被监视设备（MD）的客户服务的系统和方法。 一种用于所有管理设备的因特网自动化用于被监视设备的客户服务的方法包括从多个传感器收集传感器数据，其中所述多个传感器包括不包括在MD中的第一传感器，确定MD是否正在展示 基于对收集的传感器数据的分析的异常行为，以及响应于确定MD呈现异常行为而将报告发送到与MD相关联的客户服务实体。