公开(公告)号：US10447717B2

公开(公告)日：2019-10-15

申请号：US15418693

申请日：2017-01-28

Applicant: QUALCOMM Incorporated

Inventor： Seyed Ali Ahmadzadeh ,  Saumitra Mohan Das ,  Yin Chen ,  Sriram Nandha Premnath

IPC: H04L29/06 ,  H04L29/08 ,  H04W12/12

Abstract: Various embodiments provide methods, devices, and non-transitory processor-readable storage media enabling rogue access point detection with a communications device by sending multiple probes via different network connections to a remote server and receiving probe replies. Various embodiments may include a communication device transmitting a first probe addressed to a server via a first network connection and a second probe addressed to the server via a second network connection. Upon receiving a first probe reply from the server via the first network connection and a second probe reply from the server via the second network connection server, the communications device may analyze the received probe replies to determine whether an access point of either the first network or the second network is a rogue access point.

公开(公告)号：US20190230103A1

公开(公告)日：2019-07-25

申请号：US15878074

申请日：2018-01-23

Applicant: QUALCOMM Incorporated

Inventor： Kevin Hart ,  Sriram Nandha Premnath ,  Shyama Prasad Mondal ,  Dineel Sule ,  Pankaj Garg

IPC: H04L29/06 ,  H04W12/12

Abstract: Various methods for detecting a summoning attack by a malicious access point (AP) may include generating a random service set identifier (SSID), transmitting a probe request including the random SSID, determining whether a probe response including the random SSID is received, identifying an AP as a rogue AP in response to receiving a probe response including the random SSID, and in response to not receiving a probe response including the random SSID: generating a second SSID comprising a random selection of a plurality of words; transmitting a second probe request including the second SSID; determining whether a probe response including the second SSID is received; identifying an AP as a rogue AP in response to determining that a probe response including the second SSID is received; and determining that no rogue AP is present in response to determining that a probe response including the second SSID is not received.

公开(公告)号：US10095305B2

公开(公告)日：2018-10-09

申请号：US15186444

申请日：2016-06-18

Applicant: QUALCOMM Incorporated

Inventor： Sriram Nandha Premnath ,  Sudha Anil Kumar Gathala ,  Saumitra Mohan Das

IPC: G06F1/32 ,  G06F9/50 ,  G06F9/48 ,  H04W52/02

Abstract: Embodiments include computing devices, apparatus, and methods implemented by the apparatus for implementing wake lock aware scheduling. The apparatus may receive a wake lock request by a wake lock profiler and acquire wake lock information of a wake lock event associated with the wake lock request. The wake lock information may include a wake lock time parameter. The apparatus may send a hint having the wake lock time parameter. The apparatus may receive the hint, determine whether ready jobs can execute during the wake lock event, and send a request for permission to schedule the ready jobs for execution during the wake lock event in response to determining that the ready jobs can execute during the wake lock event.

公开(公告)号：US20180205749A1

公开(公告)日：2018-07-19

申请号：US15408629

申请日：2017-01-18

Applicant: QUALCOMM Incorporated

Inventor： Sriram Nandha Premnath ,  Seyed Ali Ahmadzadeh ,  Saumitra Mohan Das

IPC: H04L29/06 ,  G06N99/00

CPC classification number: H04L63/1416 ,  G06N20/00 ,  H04L63/10 ,  H04L63/1408 ,  H04W12/12 ,  H04W76/10 ,  H04W88/08

Abstract: Embodiments include systems and methods of detecting a rogue access point by a computing device. A processor of the computing device may determine one or more features of a purported access point. The processor may calculate delta features of the purported access point based on the determined one or more features and an access point profile. The processor may apply the calculated delta features to a machine-learning model. The processor may generate an access point classification based on the application of the calculated delta features to the machine-learning model. The processor may prevent the computing device from associating with the purported access point in response to determining that the purported access point is a rogue access point, and permit associating with the access point otherwise.

公开(公告)号：US20170364136A1

公开(公告)日：2017-12-21

申请号：US15186444

申请日：2016-06-18

Applicant: QUALCOMM Incorporated

Inventor： Sriram Nandha Premnath ,  Sudha Anil Kumar Gathala ,  Saumitra Mohan Das

IPC: G06F1/32 ,  G06F9/50 ,  H04W52/02

CPC classification number: G06F1/329 ,  G06F9/4893 ,  G06F9/5027 ,  H04W52/0264

Abstract: Embodiments include computing devices, apparatus, and methods implemented by the apparatus for implementing wake lock aware scheduling. The apparatus may receive a wake lock request by a wake lock profiler and acquire wake lock information of a wake lock event associated with the wake lock request. The wake lock information may include a wake lock time parameter. The apparatus may send a hint having the wake lock time parameter. The apparatus may receive the hint, determine whether ready jobs can execute during the wake lock event, and send a request for permission to schedule the ready jobs for execution during the wake lock event in response to determining that the ready jobs can execute during the wake lock event.

公开(公告)号：US10979906B2

公开(公告)日：2021-04-13

申请号：US15484356

申请日：2017-04-11

Applicant: QUALCOMM Incorporated

Inventor： Sriram Nandha Premnath ,  Seyed Ali Ahmadzadeh ,  Saumitra Mohan Das

IPC: G06F11/00 ,  H04W12/12 ,  H04L29/06

Abstract: Various embodiments include systems and methods of determining whether media access control (MAC) address spoofing is present in a network by a wireless communication device. A processor of the wireless communication device may determine an anticipated coherence interval based on a beacon frame received from an access point. The processor may schedule an active scan request and may determine whether a response frame corresponding to the scheduled active request is received within the anticipated coherence interval. The processor may calculate a first correlation coefficient in response to the response frame being received within the anticipated coherence interval and may determine that MAC address spoofing is not present in the network when the first correlation coefficient is greater than a first predetermined threshold.

公开(公告)号：US20180295519A1

公开(公告)日：2018-10-11

申请号：US15484356

申请日：2017-04-11

Applicant: QUALCOMM Incorporated

Inventor： Sriram Nandha Premnath ,  Sayed Ali Ahmadzadeh ,  Saumitra Mohan Das

IPC: H04W12/12 ,  H04L29/06

Abstract: Various embodiments include systems and methods of determining whether media access control (MAC) address spoofing is present in a network by a wireless communication device. A processor of the wireless communication device may determine an anticipated coherence interval based on a beacon frame received from an access point. The processor may schedule an active scan request and may determine whether a response frame corresponding to the scheduled active request is received within the anticipated coherence interval. The processor may calculate a first correlation coefficient in response to the response frame being received within the anticipated coherence interval and may determine that MAC address spoofing is not present in the network when the first correlation coefficient is greater than a first predetermined threshold.

公开(公告)号：US20170308701A1

公开(公告)日：2017-10-26

申请号：US15135855

申请日：2016-04-22

Applicant: QUALCOMM Incorporated

Inventor： Sriram Nandha Premnath ,  Saumitra Mohan Das ,  Rajarshi Gupta

IPC: G06F21/56 ,  G06F21/53 ,  G06F21/60

CPC classification number: G06F21/566 ,  G06F21/53 ,  G06F21/606 ,  G06F2221/033 ,  H04L63/1425 ,  H04L63/1433 ,  H04L63/145 ,  H04W4/60 ,  H04W12/1208

Abstract: A network and its devices may be protected from non-benign behavior, malware, and cyber attacks caused by downloading software by configuring a server computing device to work in conjunction with the devices in the network. The server computing device may be configured to receive a software application from an application download service, establish a secure communication link to a client computing device in the network, receive exercise information from the client computing device via the secure communication link, use the received exercise information to exercise the received software application in a client computing device emulator to identify one or more behaviors, and determine whether the identified behaviors are benign. The server computing device may send the software application to the client computing device in response to determining that the identified behaviors are benign, and quarantine the software application in response to determining that the identified behaviors are not benign.

公开(公告)号：US20180219885A1

公开(公告)日：2018-08-02

申请号：US15418693

申请日：2017-01-28

Applicant: QUALCOMM Incorporated

Inventor： Seyed Ali Ahmadzadeh ,  Saumitra Mohan Das ,  Yin Chen ,  Sriram Nandha Premnath

IPC: H04L29/06 ,  H04L29/08

Abstract: Various embodiments provide methods, devices, and non-transitory processor-readable storage media enabling rogue access point detection with a communications device by sending multiple probes via different network connections to a remote server and receiving probe replies. Various embodiments may include a communication device transmitting a first probe addressed to a server via a first network connection and a second probe addressed to the server via a second network connection. Upon receiving a first probe reply from the server via the first network connection and a second probe reply from the server via the second network connection server, the communications device may analyze the received probe replies to determine whether an access point of either the first network or the second network is a rogue access point.

公开(公告)号：US20180054449A1

公开(公告)日：2018-02-22

申请号：US15240721

申请日：2016-08-18

Applicant: QUALCOMM Incorporated

Inventor： Sriram Nandha Premnath ,  Yin Chen ,  Saumitra Mohan Das ,  Nayeem Islam

IPC: H04L29/06 ,  G06F21/56

CPC classification number: H04L63/145 ,  G06F21/56 ,  G06F21/566 ,  G06F2221/033

Abstract: A network and its devices may be protected from non-benign behavior, malware, and cyber attacks by configuring a server computing device to work in conjunction with a multitude of client computing devices in the network. The server computing device may be configured to receive data that was collected from independent executions of different instances of the same software application on different client computing devices. The server computing device may combine the received data, and use the combined data to identify unexplored code space or potential code paths for evaluation. The server computing device may then exercise the software application through the identified unexplored code space or identified potential code paths in a client computing device emulator to generate analysis results, and use the generated analysis results to determine whether the software application is non-benign.