公开(公告)号：WO2018190954A1

公开(公告)日：2018-10-18

申请号：PCT/US2018/018890

申请日：2018-02-21

Applicant: QUALCOMM INCORPORATED

Inventor： NANDHA PREMNATH, Sriram ,  AHMADZADEH, Seyed Ali ,  DAS, Saumitra Mohan

IPC: H04L29/06 ,  H04W12/12 ,  H04W64/00

Abstract: Various embodiments include systems and methods of determining whether media access control (MAC) address spoofing is present in a network by a wireless communication device. A processor of the wireless communication device may determine an anticipated coherence interval based on a beacon frame received from an access point. The processor may schedule an active scan request and may determine whether a response frame corresponding to the scheduled active request is received within the anticipated coherence interval. The processor may calculate a first correlation coefficient in response to the response frame being received within the anticipated coherence interval and may determine that MAC address spoofing is not present in the network when the first correlation coefficient is greater than a first predetermined threshold.

公开(公告)号：WO2018038991A1

公开(公告)日：2018-03-01

申请号：PCT/US2017/047104

申请日：2017-08-16

Applicant: QUALCOMM INCORPORATED

Inventor： SALAJEGHEH, Mastooreh ,  GATHALA, Sudha Anil Kumar ,  DAS, Saumitra Mohan ,  ISLAM, Nayeem

IPC: G06F21/56

CPC classification number: H04L63/1433 ,  G06F1/28 ,  G06F21/564 ,  H04L63/1408

Abstract: Various embodiments include methods and a memory data collection processor for performing online memory data collection for memory forensics. Various embodiments may include determining whether an operating system executing in a computing device is trustworthy. In response to determining that the operating system is not trustworthy, the memory data collection processor may collect memory data directly from volatile memory. Otherwise, the operating system to collect memory data from volatile memory. Memory data may be collected at a variable memory data collection rate determined by the memory data collection processor. The memory data collection rate may depend upon whether an available power level of the computing device exceeds a threshold power level, whether an activity state of the processor of the computing device equals a sleep state whether a security risk exists on the computing device, and whether a volume of memory traffic in the volatile memory exceeds a threshold volume.

Abstract translation: 各种实施例包括用于执行存储器取证的在线存储器数据收集的方法和存储器数据收集处理器。 各种实施例可以包括确定在计算设备中执行的操作系统是否可信。 响应于确定操作系统不可信，存储器数据收集处理器可以直接从易失性存储器收集存储器数据。 否则，操作系统从易失性存储器中收集内存数据。 存储器数据可以以由存储器数据收集处理器确定的可变存储器数据收集速率收集。 存储器数据收集速率可以取决于计算设备的可用功率水平是否超过阈值功率水平，计算设备的处理器的活动状态是否等于睡眠状态，无论计算设备上是否存在安全风险，以及是否 易失性存储器中的内存流量超过阈值。

公开(公告)号：WO2018026440A1

公开(公告)日：2018-02-08

申请号：PCT/US2017/038545

申请日：2017-06-21

Applicant: QUALCOMM INCORPORATED

Inventor： LI, Dong ,  CHEN, Yin ,  DAS, Saumitra Mohan

IPC: G06F21/56

CPC classification number: G06F21/566 ,  G06F21/56 ,  G06F21/562 ,  G06F2221/033 ,  H04W12/00505 ,  H04W12/00508 ,  H04W12/1208

Abstract: A computing device may be protected from non-benign behavior, malware, and cyber attacks by using a combination of predictive and real-time behavior-based analysis techniques. A computing device may be configured to identify anticipated behaviors of a software application before runtime, analyze the anticipated behaviors before runtime to generate static analysis results, commencing execution of the software application, analyze behaviors of the software application during runtime via a behavior-based analysis system, and control operations of the behavior-based analysis system based on the static analysis results.

Abstract translation: 通过使用基于预测和基于行为的分析技术的组合，可以保护计算设备免于非良性行为，恶意软件和网络攻击。 计算设备可以被配置成在运行时间之前识别软件应用程序的预期行为，在运行时间之前分析预期行为以生成静态分析结果，开始执行软件应用程序，通过基于行为的分析在运行时期间分析软件应用程序的行为 系统和基于行为的分析系统的控制操作。

公开(公告)号：WO2017165074A1

公开(公告)日：2017-09-28

申请号：PCT/US2017/019403

申请日：2017-02-24

Applicant: QUALCOMM INCORPORATED

Inventor： GUPTA, Rajarshi ,  DAS, Saumitra Mohan ,  KRISHNAMURTHI, Govindarajan ,  AHMADZADEH, Seyed Ali

IPC: G06F21/50 ,  B60W50/14

Abstract: Various embodiments include methods, and computing devices implementing the methods, for analyzing sensor information to identify an abnormal vehicle behavior. A computing device may monitor sensors (e.g., a closely-integrated vehicle sensor, a loosely-integrated vehicle sensor, a non-vehicle sensor, etc.) in the vehicle to collect the sensor information, analyze the collected sensor information to generate an analysis result, and use the generated analysis result to determine whether a behavior of the vehicle is abnormal. The computing device may also generate a communication message in response to determining that the behavior of the vehicle is abnormal, and send the generated communication message to an external entity.

Abstract translation: 各种实施例包括实现这些方法的方法和计算设备，用于分析传感器信息以识别异常车辆行为。 计算设备可以监测车辆中的传感器（例如，紧密集成的车辆传感器，松散集成的车辆传感器，非车辆传感器等）以收集传感器信息，分析收集的传感器信息以生成分析 结果，并使用生成的分析结果来确定车辆的行为是否异常。 计算设备还可以响应于确定车辆的行为异常而生成通信消息，并将生成的通信消息发送给外部实体。

公开(公告)号：WO2017165059A1

公开(公告)日：2017-09-28

申请号：PCT/US2017/019068

申请日：2017-02-23

Applicant: QUALCOMM INCORPORATED

Inventor： AHMADZADEH, Seyed Ali ,  DAS, Saumitra Mohan ,  GUPTA, Rajarshi

IPC: H04L12/26 ,  H04W24/06 ,  H04W88/06

Abstract: Various embodiments provide methods, devices, and non-transitory processor-readable storage media enabling network probing with a communication device based on the communication device sending a probe via a first network connection and receiving the probe via a second network connection. By leveraging a capability of a communication device to establish two network connections at the same time, various embodiments may enable a single communication device to act as both a probing client and a probing server. In this manner, various embodiments may enable standalone network probing, i.e., network probing that may not require a remote dedicated probing server to act as a probe generator or a probe sink.

Abstract translation: 各种实施例提供了基于通信设备经由第一网络连接发送探测并且经由第一网络连接来接收探测的方法，设备和非暂时性处理器可读存储介质，其使得能够与通信设备进行网络探测 第二个网络连接。 通过利用通信设备的能力来同时建立两个网络连接，各种实施例可以使单个通信设备能够充当探测客户端和探测服务器。 以这种方式，各种实施例可以实现独立网络探测，即可以不需要远程专用探测服务器充当探测器发生器或探测器接收器的网络探测。

公开(公告)号：WO2017003593A1

公开(公告)日：2017-01-05

申请号：PCT/US2016/034060

申请日：2016-05-25

Applicant: QUALCOMM INCORPORATED

Inventor： DAS, Saumitra Mohan ,  MAHMOUDI, Mona ,  SRIDHARA, Vinay ,  GUPTA, Rajarshi ,  CHEN, Yin

IPC: H04L12/26 ,  G06F21/50 ,  H04L29/06

CPC classification number: H04L63/1425 ,  G06F21/552 ,  H04L41/0631 ,  H04L43/0817 ,  H04L63/1416

Abstract: Systems, methods, and devices of the various aspects enable identification of anomalous application behavior. A computing device processor may detect network communication activity of an application on the computing device. The processor may identify one or more device states of the computing device, and one or more categories of the application. The processor may determine whether the application is behaving anomalously based on a correlation of the detected network communication activity of the application, the identified one or more device states of the computing device, and the identified one or more categories of the application.

Abstract translation: 各个方面的系统，方法和设备能够识别异常的应用行为。 计算设备处理器可以检测计算设备上的应用的网络通信活动。 处理器可以识别计算设备的一个或多个设备状态，以及应用的一个或多个类别。 处理器可以基于检测到的应用的网络通信活动，所识别的计算设备的一个或多个设备状态与所识别的一个或多个应用类别之间的相关性，来确定应用是否是异常行为。

公开(公告)号：WO2016137661A1

公开(公告)日：2016-09-01

申请号：PCT/US2016/015624

申请日：2016-01-29

Applicant: QUALCOMM INCORPORATED

Inventor： VENKATRAMAN, Sai Pradeep ,  MARRI SRIDHAR, Subash ,  DAS, Saumitra Mohan ,  ALDANA, Carlos Horacio

IPC: H04W64/00 ,  G01S5/00

CPC classification number: H04W64/003 ,  G01R29/10 ,  G01S5/0252 ,  H04W24/08 ,  H04W64/00 ,  H04W88/08

Abstract: Disclosed are methods, devices, systems, apparatus, servers, computer- / processor-readable media, and other implementations, including a method, performed at a processor-based device, that includes obtaining antenna information for one or more wireless nodes, and generating based, at least in part, on the antenna information for the one or more wireless nodes, a heatmap representative of values measurable at a plurality of locations from signals transmitted by the one or more wireless nodes.

Abstract translation: 公开的方法，设备，系统，设备，服务器，计算机/处理器可读介质和包括在基于处理器的设备执行的方法的其他实现方式包括获得一个或多个无线节点的天线信息，以及生成 至少部分地基于用于所述一个或多个无线节点的天线信息，代表根据由所述一个或多个无线节点发送的信号在多个位置处可测量的值的热图。

公开(公告)号：WO2016109051A1

公开(公告)日：2016-07-07

申请号：PCT/US2015/061604

申请日：2015-11-19

Applicant: QUALCOMM INCORPORATED

Inventor： CHEN, Jiajian ,  DAS, Saumitra Mohan ,  MOHAMMAD MIRZAEI, Faraz

IPC: G01S5/02 ,  G01S5/14 ,  G01S11/06

CPC classification number: G01S5/0252 ,  G01S5/0236 ,  G01S5/14 ,  G01S11/06

Abstract: Methods and apparatus for processing positioning data are provided. In an example, a method for processing positioning data associated with one or more access points includes choosing, for inclusion in the positioning data, one or both of: (1) ranging model parameters to enable a mobile device to compute first heatmap data for multiple points in a ranging region of a heatmap, or (2) second heatmap data for a plurality of points in a non-ranging region of the heatmap. The method can also include transmitting the positioning data, such as to a mobile device. The positioning data can also include both the ranging model parameters and the second heatmap data when the ranging region and the non-ranging region fully or partially overlap, in which case the second heatmap data provides correction data to enable the mobile device to modify the computed heatmap data in the area where the two regions overlap.

Abstract translation: 提供了处理定位数据的方法和装置。 在一个示例中，用于处理与一个或多个接入点相关联的定位数据的方法包括：为了包括在定位数据中，选择以下中的一个或两个：（1）测距模型参数，以使移动设备能够计算多个第一热图数据 在热图的测距区域中的点，或（2）热图中的非测距区域中的多个点的第二热图数据。 该方法还可以包括将定位数据发送到移动设备。 当测距区域和非测距区域完全或部分重叠时，定位数据还可以包括测距模型参数和第二热图数据，在这种情况下，第二热图数据提供校正数据，以使移动设备能够修改计算出的 两个区域重叠的区域中的热图数据。

公开(公告)号：WO2016018951A4

公开(公告)日：2016-02-04

申请号：PCT/US2015/042543

申请日：2015-07-28

Applicant: QUALCOMM INCORPORATED

Inventor： TEMBEY, Priyanka ,  DAS, Saumitra Mohan ,  BHAVSAR, Vrajesh ,  DA SILVA, Dilma

IPC: H04N21/222 ,  H04N21/414 ,  H04N21/4363 ,  H04N21/442 ,  H04N21/45 ,  H04N21/4788 ,  H04N21/482 ,  H04N21/81 ,  H04N21/84 ,  H04W88/04

Abstract: A computing device operates to receive, from at least a first peer device, a set of metadata that includes one or more identifiers to media playback resources. The computing device operates to determine one or more filters for the set of metadata. A metadata from the set of metadata is selected based on the one or more filters. A search request is provided to a network service for a media playback resource based on the selected metadata.

Abstract translation: 计算设备用于从至少第一对等设备接收包括对媒体回放资源的一个或多个标识符的一组元数据。 该计算设备操作以确定该组元数据的一个或多个过滤器。 基于一个或多个过滤器来选择来自该组元数据的元数据。 根据所选元数据向网络服务提供搜索请求以获得媒体回放资源。

公开(公告)号：WO2015119804A1

公开(公告)日：2015-08-13

申请号：PCT/US2015/013093

申请日：2015-01-27

Applicant: QUALCOMM INCORPORATED

Inventor： DAS, Saumitra Mohan ,  CHAO, Hui ,  NAGUIB, Ayman Fawzy

IPC: H04W4/02

CPC classification number: H04W4/021 ,  G06F3/04842 ,  G06F17/30061 ,  G06F17/30277 ,  H04M1/72522 ,  H04W64/00

Abstract: Methods, apparatus, and techniques for provisioning geofences are disclosed. In one aspect, a map comprising one or more selectable geographic entities is displayed. In response to a selection by a user of at least one geographic entity of the one or more geographic entities, a geofence corresponding to the selected at least one geographic entity is created. In another aspect, a user may provide an input including one or more keywords. In response to determining that a first geographic entity has attributes that match the one or more keywords, a geofence corresponding to the first geographic entity is created.

Abstract translation: 公开了用于提供地理围栏的方法，装置和技术。 一方面，显示包括一个或多个可选地理实体的地图。 响应于用户对一个或多个地理实体的至少一个地理实体的选择，创建与所选择的至少一个地理实体相对应的地理围栏。 在另一方面，用户可以提供包括一个或多个关键字的输入。 响应于确定第一地理实体具有与一个或多个关键字匹配的属性，创建与第一地理实体相对应的地理围栏。