Risk information output device, information output system, risk information output method, and recording medium
US-2024414180-A1 · Dec 12, 2024 · US
IoT and PoS anti-malware strategy
US10079845B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10079845-B2 |
| Application number | US-201615087110-A |
| Country | US |
| Kind code | B2 |
| Filing date | Mar 31, 2016 |
| Priority date | Mar 31, 2016 |
| Publication date | Sep 18, 2018 |
| Grant date | Sep 18, 2018 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Providing security to a device includes detecting, in a first device, a first function call, determining whether the first function call is forbidden for the first device, and in response to determining that the particular function is forbidden for the first device, preventing the function call from executing.
First claim
Opening claim text (preview).
What is claimed is: 1. A non-transitory machine readable medium comprising instructions that, when executed, cause a device to at least: detect, in the device, a combination of function calls; determine whether the combination of function calls is a forbidden combination of function calls for the device based on a limited intended functionality of the device, wherein the limited intended functionality of the device represents a subset of overall capabilities of an operating system of the device, the forbidden combination of function calls including a first function call and a second function call, wherein either or both the first function call or the second function call is allowed in isolation from the other; and in response to determining that the combination of function calls is forbidden for the device, prevent the combination of function calls from executing. 2. The non-transitory machine readable medium of claim 1 , wherein the instructions, when executed, cause the machine to at least determine whether the combination of function calls is forbidden by determining that the combination of function calls is associated with a function that is forbidden for the device based on the function being outside the limited intended functionality of the device. 3. The non-transitory machine readable medium of claim 1 , wherein the instructions, when executed, cause the machine to at least determine whether the combination of function calls is forbidden by determining that the combination of function calls is associated with a forbidden parameter for the device, the forbidden parameter to cause the combination of function calls to represent functionality outside the limited intended functionality of the device. 4. The non-transitory machine readable medium of claim 1 , wherein the instructions, when executed, cause the machine to at least: generate a notification regarding a determination that the combination of function calls is forbidden; and transmit the notification to a user device. 5. The non-transitory machine readable medium of claim 1 , wherein the instructions, when executed, cause the machine to at least: generate a notification regarding a determination that the combination of function calls is forbidden; and transmit the notification to a remote server, the notification including data regarding the function call for analysis. 6. The non-transitory machine readable medium of claim 1 , wherein the combination of function calls includes one or more API calls. 7. The non-transitory machine readable medium of claim 1 , wherein the device is a point of sale device. 8. A device for providing device security, comprising: one or more processors; and a memory including instructions which, when executed, cause the one or more processors to at least: detect, in the device, a combination of function calls; determine whether the combination of function calls is a forbidden combination of function calls for the device based on a limited intended functionality of the device, wherein the limited intended functionality of the device represents a subset of overall capabilities of an operating system of the device, the forbidden combination of function calls including a first function call and a second function call, wherein either or both the first function call or second function call is allowed in isolation from the other; and in response to determining that the combination of function calls is forbidden for the device, prevent the combination of function calls from executing. 9. The device of claim 8 , wherein the instructions, when executed, cause the one or more processors to determine whether the combination of function calls is forbidden by determining that the combination of function calls is associated with a function that is forbidden for the device based on the function being outside the limited intended functionality of the device. 10. The device of claim 8 , wherein the instructions, when executed, cause the one or more processors to determine whether the combination of function calls is forbidden by determining that the combination of function calls is associated with a forbidden parameter for the device, wherein the combination of function calls is rendered forbidden based on the forbidden parameter causing the function call to represent functionality outside the limited intended functionality of the device. 11. The device of any of claim 8 , wherein the instructions, when executed, cause the one or more processors to: generate a notification regarding a determination that the combination of function calls is forbidden; and transmit the notification to a user device. 12. The device of any of claim 8 , wherein the instructions, when executed, cause the one or more processors to: generate a notification regarding a determination that the combination of function calls is forbidden; and transmit the notification to a remote server, the notification including data regarding the combination of function calls for analysis. 13. The device of claim 8 , wherein the instructions, when executed, cause the one or more processors to: access, from a remote device, an updated list of forbidden function calls; and monitor the device to detect a further forbidden function call using the updated list of forbidden functions. 14. The device of claim 13 , wherein the updated list of forbidden functions is specific to an intended functionality of the device. 15. A method to provide security in a device, the method comprising: detecting, in the device, a combination of function calls; determining whether the combination of function calls is a forbidden combination of function calls for the device based on a limited intended functionality of the device, wherein the limited intended functionality of the device represents a subset of overall capabilities of an operating system of the device, the forbidden combination of function calls including a first function call and a second function call, wherein either or both the first function call or second function call is allowed in isolation from the other; and in response to determining that the combination of function calls is forbidden for the device, preventing the combination of function calls from executing. 16. The method of claim 15 , wherein determining whether the function call is forbidden for the device further includes determining that the combination of function calls is associated with a function that is forbidden for the device based on the function being outside the limited intended functionality of the device. 17. The method of claim 15 , wherein determining whether the combination of function calls is forbidden for the device further includes determining that the combination of function calls is associated with a forbidden parameter for the device based on the forbidden parameter causing the function call to represent functionality outside the limited intended functionality of the device. 18. The method of claim 15 , wherein determining whether the function is forbidden for the device includes: generating a notification regarding a determination that the combination of function calls is forbidden; and transmitting the notification to a user device. 19. The method of claim 15 , further including: generating a notification regarding a determination that the combination of function calls is forbidden; and transmitting the notification to a remote server, the notification including data regarding the function call for analysis. 20. The method of claim
Assignees
Inventors
Classifications
using logs of notifications; Post-processing of notifications · CPC title
Additional information in the notification, e.g. enhancement of specific meta-data · CPC title
during program execution, e.g. stack integrity {; Preventing unwanted data erasure; Buffer overflow} · CPC title
- H04L63/1425Primary
Traffic logging, e.g. anomaly detection · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10079845B2 cover?
- Providing security to a device includes detecting, in a first device, a first function call, determining whether the first function call is forbidden for the first device, and in response to determining that the particular function is forbidden for the first device, preventing the function call from executing.
- Who is the assignee on this patent?
- Mcafee Inc, Mcafee Llc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/1425. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Sep 18 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).