Patents by Inventor Daeki CHO
Daeki CHO has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240118937Abstract: Embodiments herein relate to prediction, based on previous usage of a cloud-based computing resource by a user of one or more users of the cloud-based computing resource, future usage of the cloud-based computing resource. Based on the predicted future usage, embodiments relate to identifying that throttling of access to the cloud-based computing resource is to occur, and notifying the user of the throttling. Other embodiments may be described and/or claimed.Type: ApplicationFiled: October 7, 2022Publication date: April 11, 2024Applicant: Salesforce, Inc.Inventors: Bo Zong, Huan Wang, Tian Lan, Ran Yao, Tony Wong, Daeki Cho, Caiming Xiong, Silvio Savarese, Yingbo Zhou
-
Patent number: 10999323Abstract: Endpoint security systems and methods include a distance estimation module configured to calculate a travel distance between a source Internet Protocol (IP) address and an IP address for a target network endpoint system from a received packet received by a network gateway system based on time-to-live (TTL) information from the received packet. A machine learning model is configured to estimate an expected travel distance between the source IP address and the target network endpoint system IP address based on a sparse set of known source/target distances. A spoof detection module is configured to determine that the received packet has a spoofed source IP address based on a comparison between the calculated travel distance and the expected travel distance. A security module is configured to perform a security action at the network gateway system responsive to the determination that the received packet has a spoofed source IP address.Type: GrantFiled: August 13, 2018Date of Patent: May 4, 2021Inventors: Cristian Lumezanu, Nipun Arora, Haifeng Chen, Bo Zong, Daeki Cho, Mingda Li
-
Patent number: 10999247Abstract: Systems and methods for preventing cyberattacks using a Density Estimation Network (DEN) for unsupervised anomaly detection, including constructing the DEN using acquired network traffic data by performing end-to-end training. The training includes generating low-dimensional vector representations of the network traffic data by performing dimensionality reduction of the network traffic data, predicting mixture membership distribution parameters for each of the low-dimensional representations by performing density estimation using a Gaussian Mixture Model (GMM) framework, and formulating an objective function to estimate an energy and determine a density level of the low-dimensional representations for anomaly detection, with an anomaly being identified when the energy exceeds a pre-defined threshold. Cyberattacks are prevented by blocking transmission of network flows with identified anomalies by directly filtering out the flows using a network traffic monitor.Type: GrantFiled: October 24, 2018Date of Patent: May 4, 2021Inventors: Bo Zong, Daeki Cho, Cristian Lumezanu, Haifeng Chen, Qi Song
-
Patent number: 10915535Abstract: Systems and methods for optimizing query execution to improve query processing by a computer are provided. A query is analyzed and translated into a logical plan. A runtime query optimizer is applied to the logical plan to identify a physical plan including operators for execution. The logical plan is translated into the physical plan. Execution of the query is scheduled according to the physical plan.Type: GrantFiled: May 18, 2018Date of Patent: February 9, 2021Inventors: Haifeng Chen, Youfu Li, Daeki Cho, Bo Zong, Nipun Arora, Cristian Lumezanu
-
Patent number: 10911488Abstract: Methods and systems for mitigating a spoofing-based attack include calculating a travel distance between a source Internet Protocol (IP) address and a target IP address from a received packet based on time-to-live information from the received packet. An expected travel distance between the source IP address and the target IP address is estimated based on a sparse set of known source/target distances. It is determined that the received packet has a spoofed source IP address based on a comparison between the calculated travel distance and the expected travel distance. A security action is performed responsive to the determination that the received packet has a spoofed source IP address.Type: GrantFiled: August 13, 2018Date of Patent: February 2, 2021Inventors: Cristian Lumezanu, Nipun Arora, Haifeng Chen, Bo Zong, Daeki Cho, Mingda Li
-
Patent number: 10887344Abstract: Endpoint security systems and methods include a distance estimation module configured to calculate a travel distance between a source Internet Protocol (IP) address and an IP address for a target network endpoint system from a received packet received by the target network endpoint system based on time-to-live (TTL) information from the received packet. A machine learning model is configured to estimate an expected travel distance between the source IP address and the target network endpoint system IP address based on a sparse set of known source/target distances. A spoof detection module is configured to determine that the received packet has a spoofed source IP address based on a comparison between the calculated travel distance and the expected travel distance. A security module is configured to perform a security action at the target network endpoint system responsive to the determination that the received packet has a spoofed source IP address.Type: GrantFiled: August 13, 2018Date of Patent: January 5, 2021Assignee: NEC CorporationInventors: Cristian Lumezanu, Nipun Arora, Haifeng Chen, Bo Zong, Daeki Cho, Mingda Li
-
Publication number: 20190124045Abstract: Systems and methods for preventing cyberattacks using a Density Estimation Network (DEN) for unsupervised anomaly detection, including constructing the DEN using acquired network traffic data by performing end-to-end training. The training includes generating low-dimensional vector representations of the network traffic data by performing dimensionality reduction of the network traffic data, predicting mixture membership distribution parameters for each of the low-dimensional representations by performing density estimation using a Gaussian Mixture Model (GMM) framework, and formulating an objective function to estimate an energy and determine a density level of the low-dimensional representations for anomaly detection, with an anomaly being identified when the energy exceeds a pre-defined threshold. Cyberattacks are prevented by blocking transmission of network flows with identified anomalies by directly filtering out the flows using a network traffic monitor.Type: ApplicationFiled: October 24, 2018Publication date: April 25, 2019Inventors: Bo Zong, Daeki Cho, Cristian Lumezanu, Haifeng Chen, Qi Song
-
Publication number: 20190098048Abstract: Methods and systems for mitigating a spoofing-based attack include calculating a travel distance between a source Internet Protocol (IP) address and a target IP address from a received packet based on time-to-live information from the received packet. An expected travel distance between the source IP address and the target IP address is estimated based on a sparse set of known source/target distances. It is determined that the received packet has a spoofed source IP address based on a comparison between the calculated travel distance and the expected travel distance. A security action is performed responsive to the determination that the received packet has a spoofed source IP address.Type: ApplicationFiled: August 13, 2018Publication date: March 28, 2019Inventors: Cristian Lumezanu, Nipun Arora, Haifeng Chen, Bo Zong, Daeki Cho, Mingda Li
-
Publication number: 20190098049Abstract: Endpoint security systems and methods include a distance estimation module configured to calculate a travel distance between a source Internet Protocol (IP) address and an IP address for a target network endpoint system from a received packet received by the target network endpoint system based on time-to-live (TTL) information from the received packet. A machine learning model is configured to estimate an expected travel distance between the source IP address and the target network endpoint system IP address based on a sparse set of known source/target distances. A spoof detection module is configured to determine that the received packet has a spoofed source IP address based on a comparison between the calculated travel distance and the expected travel distance. A security module is configured to perform a security action at the target network endpoint system responsive to the determination that the received packet has a spoofed source IP address.Type: ApplicationFiled: August 13, 2018Publication date: March 28, 2019Inventors: Cristian Lumezanu, Nipun Arora, Haifeng Chen, Bo Zong, Daeki Cho, Mingda Li
-
Publication number: 20190098050Abstract: Endpoint security systems and methods include a distance estimation module configured to calculate a travel distance between a source Internet Protocol (IP) address and an IP address for a target network endpoint system from a received packet received by a network gateway system based on time-to-live (TTL) information from the received packet. A machine learning model is configured to estimate an expected travel distance between the source IP address and the target network endpoint system IP address based on a sparse set of known source/target distances. A spoof detection module is configured to determine that the received packet has a spoofed source IP address based on a comparison between the calculated travel distance and the expected travel distance. A security module is configured to perform a security action at the network gateway system responsive to the determination that the received packet has a spoofed source IP address.Type: ApplicationFiled: August 13, 2018Publication date: March 28, 2019Inventors: Cristian Lumezanu, Nipun Arora, Haifeng Chen, Bo Zong, Daeki Cho, Mingda Li
-
Publication number: 20180365294Abstract: Systems and methods for implementing a behavior analysis engine (BAE) to improve computer query processing are provided. A job request to execute an input rule on target log data is received by a BAE service via a user interface. The job request is executed by the BAE service to generate a result by obtaining the input rule from a rule-base, parsing the input rule to create a data structure, optimizing the data structure, and executing one or more operations using the optimized data structure. The result is stored by the BAE service in a result database.Type: ApplicationFiled: May 18, 2018Publication date: December 20, 2018Inventors: Daeki Cho, Nipun Arora, Hui Zhang
-
Publication number: 20180365291Abstract: Systems and methods for optimizing query execution to improve query processing by a computer are provided. A query is analyzed and translated into a logical plan. A runtime query optimizer is applied to the logical plan to identify a physical plan including operators for execution. The logical plan is translated into the physical plan. Execution of the query is scheduled according to the physical plan.Type: ApplicationFiled: May 18, 2018Publication date: December 20, 2018Inventors: Haifeng Chen, Youfu Li, Daeki Cho, Bo Zong, Nipun Arora, Cristian Lumezanu
-
Publication number: 20140355823Abstract: The present invention relates to a video search apparatus and method, and more particularly, to a video search apparatus and method which can be used to search video data collected by a video capture apparatus, such as a closed circuit television (CCTV), for information desired by a user.Type: ApplicationFiled: December 31, 2013Publication date: December 4, 2014Applicant: SAMSUNG SDS CO., LTD.Inventors: Ki Sang KWON, Jeong Seon LEE, Jun Hee HEU, Daeki CHO, Jin Uk KWAG