Patent · US Active

Securing a network device by automatically identifying files belonging to an application

US10579794B1 · kind B1 · utility

3Cited by

1References

20Claims

0Family size

Assignee

Symantec Corporation · US

Inventors

Christopher Gates · Culver City, US
Kyle Soska · Pittsburgh, US
Kevin Roundy · El Segundo, US

Key dates

Filing date	Jun 26, 2017
Grant date	Mar 3, 2020
Priority date	—
Expiry date	Aug 9, 2038

Classification

Technology area (CPC H)Electricity
CPC primaryH04L67/1097
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Securing a network device by automatically identifying files belonging to an application. In one embodiment, a method may include collecting file attributes for multiple files from multiple network devices, examining a hash of file contents of each of the multiple files to identify multiple unique files in the multiple files, summarizing the file attributes for each of the multiple unique files to generate a sketch of file attributes for each of the multiple unique files, clustering the multiple unique files into multiple applications, making a security action decision for one application of the multiple applications, and performing a security action on a network device based on the security action decision.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.