Patents Examined by Trong H Nguyen
-
Patent number: 11586773Abstract: A method, apparatus, electronic device, storage medium and program product of code management are provided. In response to a request for building an executable file, corresponding developed code is obtained from a code library. The developed code is compiled into intermediate code to determine security of the intermediate code. In response to determining that the intermediate code is secure, an executable file is generated based on the intermediate code.Type: GrantFiled: February 24, 2022Date of Patent: February 21, 2023Assignee: BEIJING BYTEDANCE NETWORK TECHNOLOGY CO., LTD.Inventors: Yuming Liang, Jingting Jin, Xinghai Hu, Luning Pan, Jianye Ye, Tianyi Wang, Xingxiu Chen
-
Patent number: 11580200Abstract: Systems and method for watermarking portions of code for the purposes of identification are described. A computer-implemented method of watermarking a portion of code with identification data includes: determining, by a computing device, a number of existing whitespace characters in the portion of code; encoding, by the computing device, the identification data using a set of reference whitespace characters; and embedding, by the computing device, the encoded identification data into the portion of code, wherein the embedding the encoded identification data includes, based on the determined number of existing whitespace characters, either replacing existing whitespace characters in the portion of code with the encoded identification data or inserting the encoded identification data characters into the portion of code.Type: GrantFiled: November 8, 2019Date of Patent: February 14, 2023Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Adelina Balasa, Andrew S. Feltham, Andreas Martens
-
Patent number: 11582237Abstract: Systems and methods for privacy-protecting hybrid cloud and premise stream processing are disclosed. In one embodiment, in an information processing device comprising at least one computer processor, a method for processing a voice communication including restricted content may include: (1) receiving from an electronic device, a customer communication; (2) identifying restricted content in the customer communication; (3) masking or marking the restricted content in the customer communication; (4) communicating the customer communication with the masked or marked restricted content to a cloud processor; (5) receiving a processed responsive communication comprising the masked or marked restricted content from the cloud processor; (6) unmasking or unmarking the restricted content in the processed responsive communication; and (7) communicating the processed responsive communication comprising the unmasked or unmarked restricted content to the electronic device.Type: GrantFiled: October 9, 2020Date of Patent: February 14, 2023Assignee: JPMORGAN CHASE BANK, N.A.Inventors: John F. Buford, John Roussochatzakis, Anjur Sundaresan Krishnakumar, Constantine Barzacanos, Uthra J. Ramanujam
-
Patent number: 11575659Abstract: Systems and methods for establishing secure remote connections to media devices establish a secure shell (SSH) connection between two machines which are located in two different private networks, such as between a remote debugging computer and a receiving device. The receiving device has a persistent outbound connection with a message server. The remote debugging computer connects to a relay manager and obtains a relay instance IP address and port. The relay manager then forwards the relay instance IP address and port to the receiving device via the message server. After receiving the connection request from the message server, the receiving device connects to the relay instance IP and port and waits for the input data. The remote debugging computer performs an SSH handshake and the receiving device directly authenticates the SSH connection.Type: GrantFiled: February 8, 2022Date of Patent: February 7, 2023Assignee: DISH NETWORK TECHNOLOGIES INDIA PRIVATE LIMITEDInventors: Gopikumar Ranganathan, Rakesh Eluvan Periyaeluvan, Ranjith Rajan
-
Patent number: 11574056Abstract: Providing an isolation system that allows analysts to analyze suspicious information in way that aids in preventing harmful information from spreading to other applications and systems on a network. A plurality of virtual containers may be used by analysts to analyze suspicious information. The suspicious information may first be checked for signatures or patterns before being analyzed by the analyst or the isolation system. The identified signatures or patterns are then compared with the stored signatures or patterns to determine whether the suspicious information comprises harmful information or not. When the identified signatures or patterns are matched with stored signatures or patterns, the system may determine that the suspicious information comprises harmful information and performs one or more mitigation actions.Type: GrantFiled: June 26, 2020Date of Patent: February 7, 2023Assignee: BANK OF AMERICA CORPORATIONInventors: George Albero, Jinna Zevulun Kim, Dustin Paul Stocks
-
Patent number: 11570194Abstract: This specification discloses techniques for risk identification. One example method includes receiving, by a client device, a risk identification request identifying a requested service operation and service data associated with the requested service operation; retrieving, by the client device, service data corresponding to the risk identification request; determining, by the client device, service indicator data associated with the service data; analyzing, by the client device, one or more of the service data and the service indicator based on a risk identification rule or a risk identification model to produce a risk result; and determining, by the client device, whether the requested service operation is a high risk operation based at least in part on the risk result.Type: GrantFiled: December 20, 2019Date of Patent: January 31, 2023Assignee: Advanced New Technologies Co., Ltd.Inventors: Jupeng Xia, Caiwei Li
-
Patent number: 11568053Abstract: A malware monitoring method includes: obtaining a malware sample; extracting operational parameters corresponding to the malware sample; configuring an emulator application corresponding to the malware sample using the operational parameters; executing a plurality of instances of the configured emulator application; collecting output data from each of the plurality of instances; and generating indicators of compromise (IOCs) based on the collected output data.Type: GrantFiled: May 22, 2020Date of Patent: January 31, 2023Inventors: Nick Summerlin, Ferran Pichel
-
Patent number: 11556655Abstract: An image for a containerized application is created. From the image, one or more main processes of the containerized application are identified. The one or more main processes comprise a first subset of a plurality of processes of the containerized application. Within a sandbox environment, the containerized application is started. Based on the started application within the sandbox environment, a second subset of processes within the plurality is determined. The second subset includes one or more dependent processes associated with the first subset. A third subset of processes within the plurality is determined. The third subset excludes the first and second subsets and is associated with a vulnerability list. According to the third subset, a mitigated image for the containerized application is generated.Type: GrantFiled: January 26, 2021Date of Patent: January 17, 2023Assignee: International Business Machines CorporationInventors: Piotr P. Godowski, Szymon Kowalczyk, Michal Paluch, Tomasz Hanusiak, Andrzej Pietrzak
-
Patent number: 11558188Abstract: Embodiments include a method for secure data storage including constructing an encryption key from a plurality of key elements, the constructing including distributing the plurality of key elements to a plurality of key maintenance entities, each of the plurality of key maintenance entities employing a plurality of independent safe guards for their respective key elements of the plurality of key elements; and requiring access to the plurality of key elements to construct the encryption key. The method includes receiving a subset of the plurality of key elements via a twice-encrypted communications channel; and regenerating the encryption key at the client node; and after encrypting data, deleting the subset of the plurality of key elements received over the twice-encrypted communications channel, retaining any of the plurality of key elements previously stored at the client node.Type: GrantFiled: December 23, 2021Date of Patent: January 17, 2023Inventor: Amir Keyvan Khandani
-
Patent number: 11556637Abstract: A system for detecting security threats in a computing device receives a first set of signals from components of the computing device. The first set of signals includes intercommunication electrical signals between the components of the computing device and electromagnetic radiation signals propagated from the components of the computing device. The system extracts baseline features from the first set of signals. The baseline features represent a unique electrical signature of the computing device. The system extracts test features from a second set of signals received from the component of the system. The system determines whether there is a deviation between the test features and baseline features. If the system detects the deviation, the system determines that the computing device is associated with a particular anomaly that makes the computing device vulnerable to unauthorized access.Type: GrantFiled: April 5, 2021Date of Patent: January 17, 2023Assignee: Bank of America CorporationInventor: Shailendra Singh
-
Patent number: 11539535Abstract: An encrypted sequence that includes an authentication key may be received. A base key stored at a device may be identified and the encrypted sequence may be decrypted with the base key to obtain the authentication key. A challenge value may be received and the authentication key may be combined with the challenge value to generate a device ephemeral key. An authentication result may be generated for the device based on a combination of the device ephemeral key and the challenge value. Furthermore, the authentication result may be transmitted to a mobile network to authenticate the device.Type: GrantFiled: October 5, 2017Date of Patent: December 27, 2022Assignee: Cryptography Research, Inc.Inventors: Philippe Alain Martineau, Helena Handschuh
-
Patent number: 11528287Abstract: A computer-implemented method, computer program product and computing system for: obtaining first system-defined platform information concerning a first security-relevant subsystem within a computing platform; obtaining at least a second system-defined platform information concerning at least a second security-relevant subsystem within the computing platform; combining the first system-defined platform information and the at least a second system-defined platform information to form system-defined consolidated platform information; and generating a security profile based, at least in part, upon the system-defined consolidated platform information.Type: GrantFiled: June 5, 2019Date of Patent: December 13, 2022Assignee: ReliaQuest Holdings, LLCInventors: Brian P. Murphy, Joe Partlow, Colin O'Connor, Jason Pfeiffer
-
Patent number: 11502922Abstract: Systems, methods, and computer-readable media for managing compromised sensors in multi-tiered virtualized environments. In some embodiments, a system can receive, from a first capturing agent deployed in a virtualization layer of a first device, data reports generated based on traffic captured by the first capturing agent. The system can also receive, from a second capturing agent deployed in a hardware layer of a second device, data reports generated based on traffic captured by the second capturing agent. Based on the data reports, the system can determine characteristics of the traffic captured by the first capturing agent and the second capturing agent. The system can then compare the characteristics to determine a multi-layer difference in traffic characteristics. Based on the multi-layer difference in traffic characteristics, the system can determine that the first capturing agent or the second capturing agent is in a faulty state.Type: GrantFiled: December 5, 2019Date of Patent: November 15, 2022Assignee: CISCO TECHNOLOGY, INC.Inventors: Navindra Yadav, Abhishek Ranjan Singh, Anubhav Gupta, Shashidhar Gandham, Jackson Ngoc Ki Pang, Shih-Chun Chang, Hai Trong Vu
-
Patent number: 11503462Abstract: Disclosed are an electronic device and a method of performing digital key provisioning of an electronic device. The electronic device according to an embodiment includes a communication unit, a memory that stores programs and data for performing digital key provisioning, and a processor configured to, by executing the programs stored in the memory, perform device authentication on a target device by performing short-range communication with the target device, identify a digital key service access right of the target device through a server by obtaining user information, and control generation and storing of a digital key in response to a digital key generation request from the target device.Type: GrantFiled: February 28, 2019Date of Patent: November 15, 2022Assignee: Samsung Electronics Co., Ltd.Inventors: Inyoung Shin, Sooyeon Jung, Jonghyo Lee
-
Patent number: 11496511Abstract: The disclosed computer-implemented method for identifying and mitigating phishing attacks may include (i) receiving a request for sensitive data utilized to access a network service, (ii) launching an autofill provider for providing the sensitive data to the network service, (iii) identifying, utilizing the autofill provider, a domain for the network service and a data type associated with the sensitive data utilized to access the network service, (iv) determining, utilizing the autofill provider, a reputation for the network service based on the domain and the data type, and (v) performing a security action that protects against a phishing attack based on the reputation determined for the network service. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: September 4, 2019Date of Patent: November 8, 2022Assignee: NortonLifeLock Inc.Inventors: Xi Guo, Mrinal Khanvilkar, Darshini Rathod, Jiejie Wang
-
Patent number: 11496455Abstract: Systems and methods are disclosed for managing online advertising data secure sharing. One method includes receiving, at a server, a request for proprietary data from a data consumer, the request including a data consumer identifier; retrieving, from a database of proprietary data, proprietary data based on the request; determining, by the server, whether the retrieved proprietary data is at least one of: designated to be processed and designated to have privileges set; processing, by the server, the proprietary data when the server determines the proprietary data is designated to be processed; setting one or more privileges to the proprietary data using the certificate associated with the data consumer identifier when the server determines the proprietary data is designated to have privileges set; encrypting the proprietary data using the certificate associated with the data consumer identifier; and transmitting the encrypted proprietary data to the data consumer.Type: GrantFiled: March 31, 2020Date of Patent: November 8, 2022Assignee: Yahoo Ad Tech LLCInventors: Matthew M. Patton, Seth Mitchell Demsey
-
Patent number: 11496492Abstract: Systems and methods are provided for managing false positives in a network anomaly detection system. The methods may include receiving a plurality of anomaly reports; extracting fields, and values for the fields, from each of the anomaly reports; grouping the anomaly reports into a plurality of groups according to association rule learning, wherein each group is defined by a respective rule; for each group, creating a cluster based on common values for the fields; and marking each cluster as a possible false positive anomaly cluster.Type: GrantFiled: August 14, 2019Date of Patent: November 8, 2022Assignee: Hewlett Packard Enterprise Development LPInventors: Unum Sarfraz, Mohan Parthasarathy, Brijesh Nambiar, Min-Yi Shen, Viswesh Ananthakrishnan
-
Patent number: 11483707Abstract: A technology is provided for using a multi-factor authentication process to access services in a computing service environment. One or more policies can be defined for allowing access to one or more services and/or resources associated with a service provider environment according to an authenticated identity. A device, detected by a voice-capturing endpoint within a defined geographical location, may be authenticated according to a unique identification (ID). Voice data received from the voice-capturing endpoint can be authenticated. The authenticated identity can be established according to the authenticated device and the authenticated voice data. A command, received via a voice command from the voice-capturing endpoint, may be issued with the authenticated identity to access the one or more services and/or resources associated with the service provider environment according to the plurality of policies.Type: GrantFiled: November 25, 2019Date of Patent: October 25, 2022Assignee: Amazon Technologies, Inc.Inventors: Jonathan Alan Leblang, Collin Charles Davis
-
Patent number: 11477224Abstract: A packet-filtering system configured to filter packets in accordance with packet-filtering rules may receive data indicating network-threat indicators and may configure the packet-filtering rules to cause the packet-filtering system to identify packets comprising unencrypted data, and packets comprising encrypted data. A portion of the unencrypted data may correspond to one or more of the network-threat indicators, and the packet-filtering rules may be configured to cause the packet-filtering system to determine, based on the portion of the unencrypted data, that the packets comprising encrypted data correspond to the one or more network-threat indicators.Type: GrantFiled: September 23, 2021Date of Patent: October 18, 2022Assignee: Centripetal Networks, Inc.Inventors: David K. Ahn, Sean Moore, Douglas M. Disabello
-
Patent number: 11477184Abstract: Embodiments of the invention are directed assessing reliability between two computing devices. A distributed database may maintain reliability associations between pairs of computing devices. Each reliability association may indicate a particular device has determined (e.g., locally) that another device is reliable. In order to determine an amount of reliability between a first computing device and a second computing device, an ordered combination of the reliability associations may be determined utilizing the distributed database. The ordered combination of reliability associations may identify a reliability path between the first computing device and the second computing device. An amount of reliability may be determined based on the reliability path. An interaction between the devices may be allowed or restricted based at least in part on the amount of reliability between the computing devices.Type: GrantFiled: June 25, 2020Date of Patent: October 18, 2022Assignee: VISA INTERNATIONAL SERVICE ASSOCIATIONInventors: Quan Wang, Kelvan Howard, Jerry Wald