NortonLifeLock must pay Columbia $185 million for patent theft

NortonLifeLock must pay Columbia 5 million for patent theft

Fraud and cybercrime management, Identity fraud, Legislation and litigation

NortonLifeLock’s method of detecting malicious behavior infringes Columbia patents

Michael Novison (miguelnovinson) •
May 3, 2022

NortonLifeLock must pay Columbia $185 million for patent theft

A federal jury has ordered NortonLifeLock to pay Columbia University $185.1 million after finding the company infringed on two of the Ivy League giant’s patents.

See also: LIVE webinar tomorrow | Machine Learning Done Right: Secure Application Infrastructure with High Efficiency Alerts

Jurors decided Monday that Tempe, Arizona-based NortonLifeLock’s use of emulators to monitor programs for malicious behavior intentionally infringes Columbia University’s patents, according to the verdict handed down in U.S. District Court. US for the Eastern Division of Virginia. Finding the violation means the judge can triple the amount NortonLifeLock has to pay Columbia.

“We are pleased that the Court has recognized NortonLifeLock’s violations of Columbia University’s intellectual property rights to pioneering innovations in computing, made possible by the work of professors and researchers at Columbia IDS. [Intrusion Detection Systems] Lab,” says Columbia’s senior vice president of intellectual property and technology transfer, Orin Herskowitz.

Appeal from NortonLifeLock

NortonLifeLock Says It plan to stop using technology found by the jury to infringe Columbia’s patents and also plans to file an appeal challenging the jury’s verdict. Both NortonLifeLock Norton Security products and Symantec Endpoint Protection products, which were acquired by Broadcom for $10.7 billion in November 2019, were found to be in violation.

Columbia says it intends to provide a portion of the $185.1 million prize to inventors and use the remaining proceeds to fund education and other life-enhancing research initiatives. Neither Broadcom nor NortonLifeLock immediately responded to Information Security Media Group’s requests for additional comment.

The Columbia award includes a royalty of $91.1 million for sales of NortonLifeLock to US customers and a $94 million royalty for sales to customers outside the US The jury found that the infringing NortonLifeLock products sold to customers outside the US were actually manufactured and distributed from the US Avast purchase proposal (see: UK regulator expresses concern over NortonLifeLock-Avast deal).

The jury rejected Columbia’s argument that a third patent was invented solely by two Columbia professors and that NortonLifeLock engaged in fraudulent concealment when it filed for this patent. Jurors, however, found that Columbia professors Salvatore Stolfo and Angelos Keromytis should be added as co-inventors of this patent.

“I am extremely grateful to the members of the jury for achieving this fair result, I feel vindicated”, Stolfo says in a statement. “While it is disappointing that a company repeatedly takes our inventions for its own benefit, the heart of my lab is the students and staff, and I am pleased that the award helps support their important work.”

The lawsuit dates back to 2013

Columbia says its proprietary technologies used in the Norton Antivirus Internet security suite can effectively distinguish normal computer operations from abnormal or malicious behavior, even if the malicious program hasn’t been seen before. Proprietary features have been part of NortonLifeLock’s SONAR/BASH behavioral protection technology for many years.

The proprietary technology can also quickly and efficiently share information about detected intrusions among communities of users, according to Columbia. The university says the professors also developed an innovative strategy for using decoys to detect and thwart viruses and other malicious intrusions.

“Columbia is committed to ensuring that innovations in the lab reach the market and that the role of Columbia researchers is recognized,” says Herskowitz. “The proprietary technology changed the way we detect malicious malware and increased the security of individuals, businesses and US government computers at a critical time when traditional malware detection was failing.”

This case dates back to December 2013, when Columbia first filed a lawsuit against the company, then known as Symantec. In the lawsuit, Columbia said the cybersecurity giant had included the proprietary features in several of its products since December 2011.

Researchers and security companies often sue each other alleging patent violations, but these cases rarely go to trial and are usually settled out of court, with the defendant agreeing to pay a certain amount to obtain the patent. technology license. For example, in January 2020, Zscaler agreed to settle the litigation by paying Symantec $15 million in exchange for a patent license, release, and agreement not to sue.

Leave a Comment