Patents by Inventor Edward W. Hardy
Edward W. Hardy has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9560068Abstract: A network security system employing multiple levels of processing to identify security threats. Multiple host machines may each contain an agent that detects possibilities of security threats based on raw data sensed locally at that host. The hosts may share information obtained from local analysis and each host may use information generated at one or more other hosts, in combination with information generated locally, to identify a security concern, indicating with greater certainty that a security threat exists. Based on security concerns generated by multiple hosts, a security threat may be to indicated and protective action may be taken.Type: GrantFiled: July 12, 2013Date of Patent: January 31, 2017Assignee: MICROSOFT TECHNOLOGY LICENSING LLC.Inventors: Igal Figlin, Arthur Zavalkovsky, Lior Arzi, Efim Hudis, Jennifer R. Lemond, Robert Eric Fitzgerald, Khaja E. Ahmed, Jeffrey S. Williams, Edward W. Hardy
-
Patent number: 8805839Abstract: An analysis system is described for identifying potentially malicious activity within a computer network. It performs this task by interacting with a user to successively remove known instances of non-malicious activity, to eventually reveal potentially malicious activity. The analysis system interacts with the user by inviting the user to apply labels to identified examples of network behavior; upon response by the user, the analysis system supplies new examples of network behavior to the user. In one implementation, the analysis system generates such examples using a combination of feature-based analysis and graph-based analysis. The graph-based analysis relies on analysis of graph structure associated with access events, such as by identifying entropy scores for respective portions of the graph structure.Type: GrantFiled: April 7, 2010Date of Patent: August 12, 2014Assignee: Microsoft CorporationInventors: Robert E. Fitzgerald, Jack W. Stokes, Alice X. Zheng, Edward W. Hardy, Bodicherla Aditya Prakash
-
Publication number: 20130305371Abstract: A network security system employing multiple levels of processing to identify security threats. Multiple host machines may each contain an agent that detects possibilities of security threats based on raw data sensed locally at that host. The hosts may share information obtained from local analysis and each host may use information generated at one or more other hosts, in combination with information generated locally, to identify a security concern, indicating with greater certainty that a security threat exists. Based on security concerns generated by multiple hosts, a security threat may be to indicated and protective action may be taken.Type: ApplicationFiled: July 12, 2013Publication date: November 14, 2013Applicant: MICROSOFT CORPORATIONInventors: Igal Figlin, Arthur Zavalkovsky, Lior Arzi, Efim Hudis, Jennifer R. Lemond, Robert Eric Fitzgerald, Khaja E. Ahmed, Jeffrey S. Williams, Edward W. Hardy
-
Patent number: 8516576Abstract: A network security system employing multiple levels of processing to identify security threats. Multiple host machines may each contain an agent that detects possibilities of security threats based on raw data sensed locally at that host. The hosts may share information obtained from local analysis and each host may use information generated at one or more other hosts, in combination with information generated locally, to identify a security concern, indicating with greater certainty that a security threat exists. Based on security concerns generated by multiple hosts, a security threat may be indicated and protective action may be taken.Type: GrantFiled: January 13, 2010Date of Patent: August 20, 2013Assignee: Microsoft CorporationInventors: Igal Figlin, Arthur Zavalkovsky, Lior Arzi, Efim Hudis, Jennifer R. LeMond, Robert Eric Fitzgerald, Khaja E. Ahmed, Jeffrey S. Williams, Edward W. Hardy
-
Publication number: 20110252032Abstract: An analysis system is described for identifying potentially malicious activity within a computer network. It performs this task by interacting with a user to successively remove known instances of non-malicious activity, to eventually reveal potentially malicious activity. The analysis system interacts with the user by inviting the user to apply labels to identified examples of network behavior; upon response by the user, the analysis system supplies new examples of network behavior to the user. In one implementation, the analysis system generates such examples using a combination of feature-based analysis and graph-based analysis. The graph-based analysis relies on analysis of graph structure associated with access events, such as by identifying entropy scores for respective portions of the graph structure.Type: ApplicationFiled: April 7, 2010Publication date: October 13, 2011Applicant: MICROSOFT CORPORATIONInventors: Robert E. Fitzgerald, Jack W. Stokes, Alice X. Zheng, Edward W. Hardy, Bodicherla Aditya Prakash
-
Publication number: 20110173699Abstract: A network security system employing multiple levels of processing to identify security threats. Multiple host machines may each contain an agent that detects possibilities of security threats based on raw data sensed locally at that host. The hosts may share information obtained from local analysis and each host may use information generated at one or more other hosts, in combination with information generated locally, to identify a security concern, indicating with greater certainty that a security threat exists. Based on security concerns generated by multiple hosts, a security threat may be indicated and protective action may be taken.Type: ApplicationFiled: January 13, 2010Publication date: July 14, 2011Inventors: Igal Figlin, Arthur Zavalkovsky, Lior Arzi, Efim Hudis, Jennifer R. LeMond, Robert Eric Fitzgerald, Khaja E. Ahmed, Jeffrey S. Williams, Edward W. Hardy
-
Patent number: 7945587Abstract: Described is a technology by which storage space in the form of allocation units (e.g., clusters of a storage volume) are intentionally allocated so as to likely be non-contiguous for a file's data. For example, random selection of each of the allocation units will likely provide non-contiguous allocation units; on solid state storage media, such a random distribution of a file's data does not significantly affect access times. In one aspect, a file system driver randomly allocates the allocation units, and records the allocation units in association with the file, e.g., in a master file table or similar database. Non-contiguous (e.g., random) allocation may be on demand as storage space is needed, and/or may be performed in anticipation of needing storage space for satisfying a later request. Once the storage space is no longer mapped to a file, reconstructing that file's data in forensic analysis is more difficult.Type: GrantFiled: October 10, 2007Date of Patent: May 17, 2011Assignee: Microsoft CorporationInventor: Edward W. Hardy
-
Publication number: 20090125573Abstract: Described is a technology by which storage space in the form of allocation units (e.g., clusters of a storage volume) are intentionally allocated so as to likely be non-contiguous for a file's data. For example, random selection of each of the allocation units will likely provide non-contiguous allocation units; on solid state storage media, such a random distribution of a file's data does not significantly affect access times. In one aspect, a file system driver randomly allocates the allocation units, and records the allocation units in association with the file, e.g., in a master file table or similar database. Non-contiguous (e.g., random) allocation may be on demand as storage space is needed, and/or may be performed in anticipation of needing storage space for satisfying a later request. Once the storage space is no longer mapped to a file, reconstructing that file's data in forensic analysis is more difficult.Type: ApplicationFiled: October 10, 2007Publication date: May 14, 2009Applicant: Microsoft CorporationInventor: Edward W. Hardy