Location based process-monitoring
First Claim
1. A method comprising:
- determining, by a mobile device, a location of the mobile device;
providing, by the mobile device, the determined location of the mobile device as location data representative of an identifiable geographic region where the mobile device is located;
determining, by the mobile device, a security type for an area corresponding to the identifiable geographic region where the mobile device is located;
controlling, by the mobile device, adjustable monitoring operations to monitor behavior of one or more user-initiated processes for activities performed by the mobile device, the activities initiated by a user of the mobile device and executing on the mobile device, based on the determined security type for the area, the adjustable monitoring operations configured to identify potential one or more security-risky processes from the one or more user-initiated processes and further configured to provide data, with a level of information that depends on the determined security type for the area, for the one or more user-initiated processes, wherein controlling the adjustable monitoring operations further comprises adjusting which processes and which features of the one or more user-initiated processes to monitor based on the determined security type for the area, and wherein at least one of the one or more user-initiated processes for the activities performed by the mobile device causes a potential security risk;
identifying, by the mobile device, the monitored behavior of at least one of the one or more user-initiated processes executing on the mobile device as potentially malicious behavior based on the data provided by the adjustable monitoring operations and the determined security type for the area; and
classifying, by the mobile device, the at least one of the one or more user-initiated processes as being a risky or non-risky activity based, at least in part, on whether the monitored behavior of the at least one of the one or more user-initiated processes is identified as potentially malicious behavior and based, at least in part, on the determined security type for the area.
2 Assignments
0 Petitions
Accused Products
Abstract
Disclosed are systems, apparatus, devices, methods, computer program products, and other implementations, including a method that includes determining location of a device, and controlling monitoring of behavior of one or more processes executing on the device based on the determined location of the device to identify potential one or more security-risky processes from the monitored one or more executing processes. In some embodiments, controlling the monitoring of the behavior of the one or more processes may include one or more of, for example, adjusting frequency of the monitoring of the one or more processes based on the determined location of the device, adjusting level of detail obtained for the monitored behavior of the one or more processes based on the determined location of the device, and/or adjusting features being observed for the monitored one or more processes based on the determined location of the device.
42 Citations
46 Claims
-
1. A method comprising:
-
determining, by a mobile device, a location of the mobile device; providing, by the mobile device, the determined location of the mobile device as location data representative of an identifiable geographic region where the mobile device is located; determining, by the mobile device, a security type for an area corresponding to the identifiable geographic region where the mobile device is located; controlling, by the mobile device, adjustable monitoring operations to monitor behavior of one or more user-initiated processes for activities performed by the mobile device, the activities initiated by a user of the mobile device and executing on the mobile device, based on the determined security type for the area, the adjustable monitoring operations configured to identify potential one or more security-risky processes from the one or more user-initiated processes and further configured to provide data, with a level of information that depends on the determined security type for the area, for the one or more user-initiated processes, wherein controlling the adjustable monitoring operations further comprises adjusting which processes and which features of the one or more user-initiated processes to monitor based on the determined security type for the area, and wherein at least one of the one or more user-initiated processes for the activities performed by the mobile device causes a potential security risk; identifying, by the mobile device, the monitored behavior of at least one of the one or more user-initiated processes executing on the mobile device as potentially malicious behavior based on the data provided by the adjustable monitoring operations and the determined security type for the area; and classifying, by the mobile device, the at least one of the one or more user-initiated processes as being a risky or non-risky activity based, at least in part, on whether the monitored behavior of the at least one of the one or more user-initiated processes is identified as potentially malicious behavior and based, at least in part, on the determined security type for the area. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A mobile device comprising:
-
one or more hardware-implemented processors; and storage media comprising computer instructions that, when executed on the one or more hardware-implemented processors, cause operations comprising; determining a location of the mobile device; providing the determined location of the mobile device as location data representative of an identifiable geographic region where the mobile device is located; determining a security type for an area corresponding to the identifiable geographic region where the mobile device is located; controlling adjustable monitoring operations to monitor behavior of one or more user-initiated processes for activities performed by the mobile device, the activities initiated by a user of the mobile device and executing on the mobile device, based on the determined security type for the area, the adjustable monitoring operations configured to identify potential one or more security-risky processes from the monitored one or more user-initiated processes and further configured to provide data, with a level of information that depends on the determined security type for the area, for the one or more user-initiated processes, wherein controlling the adjustable monitoring operations further comprises adjusting which processes and which features of the one or more user-initiated processes to monitor based on the determined security type for the area, and wherein at least one of the one or more user-initiated processes for the activities performed by the mobile device causes a potential security risk; identifying the monitored behavior of at least one of the one or more user-initiated processes executing on the mobile device as potentially malicious behavior based on the data provided by the adjustable monitoring operations and the determined security type for the area; and classifying the at least one of the one or more user-initiated processes as being a risky or non-risky activity based, at least in part, on whether the monitored behavior of the at least one of the one or more user-initiated processes is identified as potentially malicious behavior and based, at least in part, on the determined security type for the area. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
-
25. An apparatus comprising:
-
means for determining a location of a mobile device; means for providing the determined location of the mobile device as location data representative of an identifiable geographic region where the mobile device is located; means for determining a security type for an area corresponding to the identifiable geographic region where the mobile device is located; means for controlling adjustable monitoring operations to monitor behavior of one or more user-initiated processes for activities performed by the mobile device, the activities initiated by a user of the mobile device and executing on the mobile device, based on the determined security type for the area, the adjustable monitoring operations configured to identify potential one or more security-risky processes from the monitored one or more user-initiated processes and further configured to provide data, with a level of information that depends on the determined security type for the area, for the one or more user-initiated processes, wherein the means for controlling the adjustable monitoring operations further comprises means for adjusting which processes and which features of the one or more user-initiated processes to monitor based on the determined security type for the area, and wherein at least one of the one or more user-initiated processes for the activities performed by the mobile device causes a potential security risk; means for identifying the monitored behavior of at least one of the one or more user-initiated processes executing on the mobile device as potentially malicious behavior based on the data provided by the adjustable monitoring operations and the determined security type for the area; and means for classifying the at least one of the one or more user-initiated processes as being a risky or non-risky activity based, at least in part, on whether the monitored behavior of the at least one of the one or more user-initiated processes is identified as potentially malicious behavior and based, at least in part, on the determined security type for the area. - View Dependent Claims (26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
-
-
36. A non-transitory processor readable media programmed with a set of instructions executable on a processor that, when executed, cause operations comprising:
-
determining a location of a mobile device; providing the determined location of the mobile device as location data representative of an identifiable geographic region where the mobile device is located; determining a security type for an area identifiable geographic region where the mobile device is located; controlling adjustable monitoring operations to monitor behavior of one or more user-initiated processes for activities performed by the mobile device, the activities initiated by a user of the mobile device and executing on the mobile device, based on the determined security type for the area, the adjustable monitoring operations configured to identify potential one or more security-risky processes from the monitored one or more user-initiated processes and further configured to provide data, with a level of information that depends on the determined security type for the area, for the one or more user-initiated processes, wherein controlling the adjustable monitoring operations further comprise adjusting which processes and which features of the one or more user-initiated processes to monitor based on the determined security type for the area, and wherein at least one of the one or more user-initiated processes for the activities performed by the mobile device causes a potential security risk; identifying the monitored behavior of at least one of the one or more user-initiated processes executing on the mobile device as potentially malicious behavior based on the data provided by the adjustable monitoring operations and the determined security type for the area; and classifying the at least one of the one or more user-initiated processes as being a risky or non-risky activity based, at least in part, on whether the monitored behavior of the at least one of the one or more user-initiated processes is identified as potentially malicious behavior and based, at least in part, on the determined security type for the area. - View Dependent Claims (37, 38, 39, 40, 41, 42, 43, 44, 45, 46)
-
Specification