Patents by Inventor Andrew Hobson
Andrew Hobson has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10084806Abstract: Systems and methods may simulate traffic to identify malicious activity. A dynamic analysis system comprising a processor in communication with a network may receive a copy of a malware program and load the copy of the malware program into a simulated endpoint. The system may monitor simulated endpoint network traffic to or from the simulated endpoint, assess the simulated endpoint network traffic to determine a source and/or destination for the simulated endpoint network traffic and/or content of the simulated endpoint network traffic, and capture and store metadata associated with the simulated endpoint network traffic. A comparison system may compare simulated network traffic metadata to observed network traffic metadata to determine whether the metadata are statistically similar. When the metadata are not statistically similar, the system may generate a low infection confidence score. When the metadata are statistically similar, the system may generate a high infection confidence score.Type: GrantFiled: August 30, 2013Date of Patent: September 25, 2018Assignee: DAMBALLA, INC.Inventors: Joseph Ward, Andrew Hobson
-
Patent number: 10050986Abstract: Systems and methods of classifying network traffic may monitor network traffic. Monitored traffic may be compared with a control protocol template (CPT). When a similarity between the monitored traffic and the CPT exceeds a match threshold, the monitored traffic may be associated with the CPT.Type: GrantFiled: February 8, 2017Date of Patent: August 14, 2018Assignee: Damballa, Inc.Inventors: Terry Lee Nelms, Andrew Hobson, Joseph Ward
-
Patent number: 9894088Abstract: Systems and methods may determine suspicious network traffic. A monitoring system comprising a processor in communication with a network may monitor network traffic to or from an asset associated with the network. The monitoring system may assess the network traffic to determine a source and/or destination for the network traffic anchor content of the network traffic. The monitoring system may determine whether the network traffic is suspicious network traffic based on the assessed source and/or destination and/or content. When the network traffic is determined to be suspicious network traffic, the monitoring system may capture metadata associated with the suspicious network traffic and store the metadata in a database in communication with the processor. When the network traffic is not determined to be suspicious network traffic, the monitoring system may disregard metadata associated with the network traffic.Type: GrantFiled: August 30, 2013Date of Patent: February 13, 2018Assignee: Damballa, Inc.Inventors: Joseph Ward, Andrew Hobson
-
Publication number: 20170230393Abstract: Systems and methods of classifying network traffic may monitor network traffic. Monitored traffic may be compared with a control protocol template (CPT). When a similarity between the monitored traffic and the CPT exceeds a match threshold, the monitored traffic may be associated with the CPT.Type: ApplicationFiled: February 8, 2017Publication date: August 10, 2017Inventors: Terry Lee NELMS, Andrew HOBSON, Joseph WARD
-
Patent number: 9680861Abstract: Systems and methods may use historical analysis to identify malicious activity. A discovery/recovery system may comprise a processor in communication with a network and in communication with a database. The discovery/recovery system may gather filtered historical network data associated with an asset associated with the network. The discovery/recovery system may analyze the filtered historical network data to determine whether a subset of the filtered historical network data is associated with a malware infection of the asset.Type: GrantFiled: August 30, 2013Date of Patent: June 13, 2017Assignee: Damballa, Inc.Inventors: Joseph Ward, Andrew Hobson
-
Patent number: 9571511Abstract: Systems and methods of classifying network traffic may monitor network traffic. Monitored traffic may be compared with a control protocol template (CPT). When a similarity between the monitored traffic and the CPT exceeds a match threshold, the monitored traffic may be associated with the CPT.Type: GrantFiled: June 16, 2014Date of Patent: February 14, 2017Assignee: Damballa, Inc.Inventors: Terry Lee Nelms, Andrew Hobson, Joseph Ward
-
Patent number: 9166994Abstract: Systems and methods may use automation discovery to identify malicious activity. An automation discovery system comprising a processor in communication with a network and in communication with a database may receive potentially automated network traffic data. The system may analyze the potentially automated network traffic data to determine whether the potentially automated network traffic data is likely to be automated. When the potentially automated network traffic data is not likely to be automated, the system may generate a low automation confidence score associated with the potentially automated network traffic data. When the potentially automated network traffic data is likely to be automated, the system may generate a high automation confidence score associated with the potentially automated network traffic data.Type: GrantFiled: August 30, 2013Date of Patent: October 20, 2015Assignee: Damballa, Inc.Inventors: Joseph Ward, Andrew Hobson
-
Publication number: 20150222654Abstract: A method of managing risk associated with at least one compromised network asset, comprising: performing processing associated with receiving evidence regarding the at least one compromised network asset; performing processing associated with assessing at least one risk associated with the at least one compromised network asset; and/or performing processing associated with prioritizing at least two compromised network assets in order to determine how to respond to the at least one risk.Type: ApplicationFiled: February 6, 2015Publication date: August 6, 2015Inventors: THOMAS CROWLEY, ANDREW HOBSON, STEPHEN NEWMAN, JOSEPH WARD
-
Publication number: 20150005281Abstract: The present invention relates to compounds of formula (I) wherein X, R, Y0, T0A, T0B have the meaning as cited in the description and the claims. Said compounds are useful as JAK inhibitors for the treatment or prophylaxis of immunological, inflammatory, autoimmune, allergic disorders, and immunologically-mediated diseases. The invention also relates to pharmaceutical compositions including said compounds and their use as medicaments.Type: ApplicationFiled: December 20, 2012Publication date: January 1, 2015Inventors: Andrew Hobson, Glynn Addison, Nigel Ramsden, John Harrison
-
Publication number: 20140373148Abstract: Systems and methods of classifying network traffic may monitor network traffic. Monitored traffic may be compared with a control protocol template (CPT). When a similarity between the monitored traffic and the CPT exceeds a match threshold, the monitored traffic may be associated with the CPT.Type: ApplicationFiled: June 16, 2014Publication date: December 18, 2014Inventors: Terry Lee NELMS, Andrew HOBSON, Joseph WARD
-
Publication number: 20140090058Abstract: Systems and methods may simulate traffic to identify malicious activity. A dynamic analysis system comprising a processor in communication with a network may receive a copy of a malware program and load the copy of the malware program into a simulated endpoint. The system may monitor simulated endpoint network traffic to or from the simulated endpoint, assess the simulated endpoint network traffic to determine a source and/or destination for the simulated endpoint network traffic and/or content of the simulated endpoint network traffic, and capture and store metadata associated with, the simulated endpoint network traffic. A comparison system may compare simulated network traffic metadata to observed network traffic metadata to determine whether the metadata are statistically similar. When the metadata are not statistically similar, the system may generate a low infection confidence score. When the metadata are statistically similar, the system may generate a high infection confidence score.Type: ApplicationFiled: August 30, 2013Publication date: March 27, 2014Applicant: DAMBALLA, INC.Inventors: JOSEPH WARD, ANDREW HOBSON
-
Publication number: 20140075558Abstract: Systems and methods may use automation discovery to identify malicious activity. An automation discovery system comprising a processor in communication with a network and in communication with a database may receive potentially automated network traffic data. The system may analyze the potentially automated network traffic data to determine whether the potentially automated network traffic data is likely to be automated. When the potentially automated network traffic data is not likely to be automated, the system may generate a low automation confidence score associated with the potentially automated network traffic data. When the potentially automated network traffic data is likely to be automated, the system may generate a high automation confidence score associated with the potentially automated network traffic data.Type: ApplicationFiled: August 30, 2013Publication date: March 13, 2014Applicant: DAMBALLA, INC.Inventors: JOSEPH WARD, ANDREW HOBSON
-
Publication number: 20140068763Abstract: Systems and methods may determine suspicious network traffic. A monitoring system comprising a processor in communication with a network may monitor network traffic to or from an asset associated with the network. The monitoring system may assess the network traffic to determine a source and/or destination for the network traffic anchor content of the network traffic. The monitoring system may determine whether the network traffic is suspicious network traffic based on the assessed source and/or destination and/or content. When the network traffic is determined to be suspicious network traffic, the monitoring system may capture metadata associated with the suspicious network traffic and store the metadata in a database in communication with the processor. When the network traffic is not determined to be suspicious network traffic, the monitoring system may disregard metadata associated with the network traffic.Type: ApplicationFiled: August 30, 2013Publication date: March 6, 2014Applicant: DAMBALLA, INC.Inventors: Joseph Ward, Andrew Hobson
-
Publication number: 20140068775Abstract: Systems and methods may use historical analysis to identify malicious activity. A discovery/recovery system may comprise a processor in communication with a network and in communication with a database. The discovery/recovery system may gather filtered historical network data associated with an asset associated with the network. The discovery/recovery system may analyze the filtered historical network data to determine whether a subset of the filtered historical network data is associated with a malware infection of the asset.Type: ApplicationFiled: August 30, 2013Publication date: March 6, 2014Applicant: DAMBALLA, INC.Inventors: JOSEPH WARD, ANDREW HOBSON
-
Publication number: 20130131043Abstract: The invention relates to compounds of formula (I) wherein R1, R2, R1a, R1b have the meaning as cited in the description and the claims. Said compounds are useful as JAK inhibitors for the treatment or prophylaxis of immunological, inflammatory, autoimmune, allergic disorders, and immunologically-mediated diseases. The invention also relates to pharmaceutical compositions including said compounds, the preparation of such compounds as well as the use as medicaments.Type: ApplicationFiled: April 18, 2011Publication date: May 23, 2013Inventors: Richard John Harrison, Warren Miller, Sally Oxenford, Nigel Ramsden, Andrew Hobson
-
Publication number: 20120172385Abstract: The invention relates to compounds of formula (I) wherein X1 to X3, R, R2 to R7 and AA have the meaning as cited in the description and the claims. Said compounds are useful as JAK inhibitors for the treatment or prophylaxis of immunological, inflammatory, autoimmune, allergic disorders, and immunologically-mediated diseases. The invention also relates to pharmaceutical compositions including said compounds, the preparation of such compounds as well as the use as medicaments.Type: ApplicationFiled: September 7, 2010Publication date: July 5, 2012Inventors: Richard John Harrison, Andrew Hobson, Nigel Ramsden
-
Publication number: 20120143650Abstract: A method of managing risk associated with at least one compromised network asset, comprising: performing processing associated with receiving evidence regarding the at least one compromised network asset; performing processing associated with assessing at least one risk associated with the at least one compromised network asset; and/or performing processing associated with prioritizing at least two compromised network assets in order to determine how to respond to the at least one risk.Type: ApplicationFiled: December 1, 2011Publication date: June 7, 2012Inventors: Thomas CROWLEY, Andrew HOBSON, Stephen NEWMAN, Joseph WARD
-
Publication number: 20120040955Abstract: The invention relates to compounds of formula (I) wherein AA, R2 to R7 and X1 to X3 have the meaning as cited in the description and the claims. Said compounds are useful as selective inhibitors of JAK3 over JAK2 for the treatment or prophylaxis of immunological, inflammatory, autoimmune, allergic disorders, and immunologically-mediated diseases. The invention also relates to pharmaceutical compositions including said compounds, the preparation of such compounds as well as the use as medicaments.Type: ApplicationFiled: April 9, 2010Publication date: February 16, 2012Inventors: Richard John Harrison, Andrew Hobson, Nigel Ramsden
-
Patent number: D479817Type: GrantFiled: April 9, 2002Date of Patent: September 23, 2003Inventor: Michael Andrew Hobson