Patents by Inventor Eric Nunes
Eric Nunes has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240134728Abstract: Various embodiments for predicting which software vulnerabilities will be exploited by malicious hackers and hence prioritized by patching are disclosed.Type: ApplicationFiled: October 29, 2023Publication date: April 25, 2024Inventors: Paulo Shakarian, Mohammed Almukaynizi, Jana Shakarian, Eric Nunes, Krishna Dharaiya, Manoj Balasubramaniam Senguttuvan, Alexander Grimm
-
Patent number: 11892897Abstract: Various embodiments for predicting which software vulnerabilities will be exploited by malicious hackers and hence prioritized by patching are disclosed.Type: GrantFiled: October 26, 2018Date of Patent: February 6, 2024Assignee: Arizona Board of Regents on Behalf of Arizona State UniversityInventors: Paulo Shakarian, Mohammed Almukaynizi, Jana Shakarian, Eric Nunes, Krishna Dharaiya, Manoj Balasubramaniam Senguttuvan, Alexander Grimm
-
Publication number: 20230336589Abstract: Techniques are disclosed relating to generating trained machine learning modules to identify whether user interfaces accessed by a computing device match user interfaces associated with a set of Internet domain names. A server computer system receives a set of Internet domain names and generates screenshots for user interfaces associated with the set of Internet domain names. The server computer system then trains machine learning modules that are customized for the set of Internet domain names using the screenshots. The server then transmits the machine learning modules to the computing device, where the machine learning modules are usable by an application executing on the computing device to identify whether a user interface accessed by the device matches a user interface associated with the set of Internet domain names. Such techniques may advantageously allow servers to identify whether user interfaces are suspicious without introducing latency and increased page load times.Type: ApplicationFiled: April 23, 2023Publication date: October 19, 2023Inventors: Meethil Vijay Yadav, Eric Nunes
-
Patent number: 11700250Abstract: There are provided systems and methods for a voice vector framework that authenticates user interactions. A service provider server receives user interaction data having audio data that is associated with an interaction between a user device and the service provider server. The server extracts user attributes from the audio data and obtains user account information associated with the user device. The server selects a classifier that corresponds to a select combination of features based on the user account information and applies the classifier to the user attributes. The server generates a voice vector that includes multiple scores indicating likelihoods that a respective user attribute corresponds to an attribute of the select combination of features. The server compares the voice vector to a baseline vector corresponding to a predetermined combination of features and sends a notification to an agent device with an indication of whether the user device is verified.Type: GrantFiled: October 14, 2020Date of Patent: July 11, 2023Assignee: PayPal, Inc.Inventors: Raoul Johnson, Meethil Vijay Yadav, Michael Weideman, Eric Nunes
-
Patent number: 11693972Abstract: Various embodiments of systems and methods for an at-risk system identification via analysis of discussions from various online hacker communities are disclosed herein.Type: GrantFiled: May 15, 2020Date of Patent: July 4, 2023Assignee: Arizona Board of Regents on Behalf of Arizona State UniversityInventors: Eric Nunes, Jana Shakarian, Paulo Shakarian, Mohammed Almukaynizi, Harshdeep Singh, Gerardo Simari, Anant Sharma
-
Patent number: 11671448Abstract: A method for phishing detection using uniform resource locators is discussed. The method includes accessing data from one or more of a monitored portion of website data and a monitored portion of emails, the data indicating a suspect Uniform Resource Locator (URL). The method includes assigning a rule score based on partial rule scores of each portion of the suspect URL, the rule score indicating a phishing potential based on URL rules. The method includes determining a uniqueness score of the suspect URL, the uniqueness score indicating a degree of uniqueness of the suspect URL from a plurality of known phishing URLs. The method also includes determining a URL phishing score based, at least in part, on the rules scores and the uniqueness score for the suspect URL.Type: GrantFiled: December 27, 2019Date of Patent: June 6, 2023Assignee: PAYPAL, INC.Inventors: Eric Nunes, Meethil Vijay Yadav, Nicholas Bailey, Nathan Pratt, Bradley Wardman, Todd Clausen, Kevin Tyers
-
Patent number: 11637863Abstract: Techniques are disclosed relating to generating trained machine learning modules to identify whether user interfaces accessed by a computing device match user interfaces associated with a set of Internet domain names. A server computer system receives a set of Internet domain names and generates screenshots for user interfaces associated with the set of Internet domain names. The server computer system then trains machine learning modules that are customized for the set of Internet domain names using the screenshots. The server then transmits the machine learning modules to the computing device, where the machine learning modules are usable by an application executing on the computing device to identify whether a user interface accessed by the device matches a user interface associated with the set of Internet domain names. Such techniques may advantageously allow servers to identify whether user interfaces are suspicious without introducing latency and increased page load times.Type: GrantFiled: April 3, 2020Date of Patent: April 25, 2023Assignee: PayPal, Inc.Inventors: Meethil Vijay Yadav, Eric Nunes
-
Patent number: 11610206Abstract: There are provided systems and methods for actionable insight into user interaction data. A service provider server can access user interaction data associated with an interaction between a first communication device and the service provider server, and generates feature representations of the user interaction data, in which the feature representations respectively correspond to extracted features that include textual data features or audio data features. The service provider server can determine an intent of the interaction from the feature representations using a machine learning-trained classifier, in which the intent corresponds to a first actionable insight category. The interaction is mapped to a first cluster based on the intent, and the service provider server issues a remedial action for the interaction based on the mapping of the interaction to the first cluster, in which the remedial action is associated with a particular type of activity in the first actionable insight category.Type: GrantFiled: October 14, 2020Date of Patent: March 21, 2023Assignee: PayPal, Inc.Inventors: Eric Nunes, Meethil Vijay Yadav, Raoul Johnson
-
Patent number: 11533328Abstract: Methods and systems for assessing and evaluating vulnerabilities of a networked system are presented. A list of known vulnerabilities that have been disclosed in the public may be obtained. The networked system may be scanned from an external perspective to obtain network information of the networked system. A subset of the known vulnerabilities may be determined to be relevant to the networked system based on correlations between the vulnerabilities and the network information. The networked system may also be analyzed from an internal perspective to determine impacts of the relevant known vulnerabilities to the networked system. The impact of a vulnerability may be determined based on the type of data and/or the type of services that may be accessible in an attack that exploits the vulnerability. The vulnerabilities may then be ranked and addressed based on the impacts.Type: GrantFiled: June 6, 2019Date of Patent: December 20, 2022Assignee: PayPal, Inc.Inventors: Eric Nunes, Bradley Wardman, Meethil Vijay Yadav, Kevin Tyers, Nicole Harris, Jakub Burgis
-
Patent number: 11470114Abstract: A method for using a malware and phishing detection and mediation platform is discussed. The method includes accessing data from one or more of a monitored portion of website data and a monitored portion of emails, the data indicating a respective potential malware or a suspect phishing element (e.g., Uniform Resource Locator (URL)). The method includes selecting one of a plurality of detection engines for processing the data, where the selecting is based on previous results of previous processing by one or more detection engines. Each of the plurality of detection engines can be for performing one or more respective investigation actions on the plurality of data to determine a particular issue with one of the monitored data. The method also includes determining a mediation action based on a result of processing of the detection engine and the previous processing.Type: GrantFiled: December 27, 2019Date of Patent: October 11, 2022Assignee: PAYPAL, INC.Inventors: Nathan Pratt, Bradley Wardman, Kevin Tyers, Eric Nunes, Meethil Vijay Yadav, Todd Clausen, Nicholas Bailey
-
Patent number: 11381598Abstract: A method for phishing detection using certificates associated with uniform resource locators (URLs) is discussed. The method includes accessing certificate portions of a certificate associated with a suspect URL, the certificate accessed at a database that includes certificates obtained by monitoring certificate logs. The method includes accessing a URL score for the suspect URL. The method includes assigning a certificate rule score based on partial certificate scores of certificate portions, the certificate rule score indicating a phishing potential for the certificate, each of the partial certificate scores indicating a likelihood of phishing of each portion based on certificate rules. The method includes using a machine learning model based on the URL score and the certificate to determine a uniqueness certificate score. The method also includes determining a phishing certificate score based on the certificate rule score and the uniqueness certificate score for the certificate.Type: GrantFiled: December 27, 2019Date of Patent: July 5, 2022Assignee: PAYPAL, INC.Inventors: Eric Nunes, Kevin Tyers, Meethil Vijay Yadav, Nicholas Bailey, Todd Clausen, Nathan Pratt, Bradley Wardman
-
Patent number: 11336673Abstract: Embodiments for systems and methods for third party assessment related to the evaluation of risks associated with third parties in which hacker conversations on websites are filtered and analyzed using keywords as input to uncover relevant forum and marketplace discussions are disclosed herein.Type: GrantFiled: May 9, 2019Date of Patent: May 17, 2022Assignee: Arizona Board of Regents on Behalf of Arizona State UniversityInventors: Eric Nunes, Krishna Dharaiya, Jana Shakarian, Paulo Shakarian
-
Publication number: 20220114594Abstract: There are provided systems and methods for actionable insight into user interaction data. A service provider server can access user interaction data associated with an interaction between a first communication device and the service provider server, and generates feature representations of the user interaction data, in which the feature representations respectively correspond to extracted features that include textual data features or audio data features. The service provider server can determine an intent of the interaction from the feature representations using a machine learning-trained classifier, in which the intent corresponds to a first actionable insight category. The interaction is mapped to a first cluster based on the intent, and the service provider server issues a remedial action for the interaction based on the mapping of the interaction to the first cluster, in which the remedial action is associated with a particular type of activity in the first actionable insight category.Type: ApplicationFiled: October 14, 2020Publication date: April 14, 2022Inventors: Eric Nunes, Meethil Vijay Yadav, Raoul Johnson
-
Publication number: 20220116388Abstract: There are provided systems and methods for a voice vector framework that authenticates user interactions. A service provider server receives user interaction data having audio data that is associated with an interaction between a user device and the service provider server. The server extracts user attributes from the audio data and obtains user account information associated with the user device. The server selects a classifier that corresponds to a select combination of features based on the user account information and applies the classifier to the user attributes. The server generates a voice vector that includes multiple scores indicating likelihoods that a respective user attribute corresponds to an attribute of the select combination of features. The server compares the voice vector to a baseline vector corresponding to a predetermined combination of features and sends a notification to an agent device with an indication of whether the user device is verified.Type: ApplicationFiled: October 14, 2020Publication date: April 14, 2022Inventors: Raoul Johnson, Meethil Vijay Yadav, Michael Weideman, Eric Nunes
-
Publication number: 20210314352Abstract: Techniques are disclosed relating to generating trained machine learning modules to identify whether user interfaces accessed by a computing device match user interfaces associated with a set of Internet domain names. A server computer system receives a set of Internet domain names and generates screenshots for user interfaces associated with the set of Internet domain names. The server computer system then trains machine learning modules that are customized for the set of Internet domain names using the screenshots. The server then transmits the machine learning modules to the computing device, where the machine learning modules are usable by an application executing on the computing device to identify whether a user interface accessed by the device matches a user interface associated with the set of Internet domain names. Such techniques may advantageously allow servers to identify whether user interfaces are suspicious without introducing latency and increased page load times.Type: ApplicationFiled: April 3, 2020Publication date: October 7, 2021Inventors: Meethil Vijay Yadav, Eric Nunes
-
Publication number: 20210203690Abstract: A method for phishing detection using certificates associated with uniform resource locators (URLs) is discussed. The method includes accessing certificate portions of a certificate associated with a suspect URL, the certificate accessed at a database that includes certificates obtained by monitoring certificate logs. The method includes accessing a URL score for the suspect URL. The method includes assigning a certificate rule score based on partial certificate scores of certificate portions, the certificate rule score indicating a phishing potential for the certificate, each of the partial certificate scores indicating a likelihood of phishing of each portion based on certificate rules. The method includes using a machine learning model based on the URL score and the certificate to determine a uniqueness certificate score. The method also includes determining a phishing certificate score based on the certificate rule score and the uniqueness certificate score for the certificate.Type: ApplicationFiled: December 27, 2019Publication date: July 1, 2021Inventors: Eric Nunes, Kevin Tyers, Meethil Vijay Yadav, Nicholas Bailey, Todd Clausen, Nathan Pratt, Bradley Wardman
-
Publication number: 20210203693Abstract: A method for phishing detection based on modeling of web page content is discussed. The method includes accessing suspect web page content of a suspect Uniform Resource Locator (URL). The method includes generating an exemplary model based on an exemplary configuration for an indicated domain associated with the suspect URL, where the exemplary model indicates structure and characteristics of an example web page of the indicated domain. The method includes generating a suspect web page model that indicates structure and characteristics of the suspect web page content. The method includes performing scoring functions for the potential phishing web page content based on the suspect web page model, where some of the scoring functions use the exemplary model to perform analysis to generate respective results. The method includes generating a web page content phishing score based on results from the scoring functions.Type: ApplicationFiled: December 27, 2019Publication date: July 1, 2021Inventors: Todd Clausen, Kevin Tyers, Nicholas Bailey, Eric Nunes, Meethil Vijay Yadav, Bradley Wardman, Nathan Pratt
-
Publication number: 20210203692Abstract: A method for phishing detection using uniform resource locators is discussed. The method includes accessing data from one or more of a monitored portion of website data and a monitored portion of emails, the data indicating a suspect Uniform Resource Locator (URL). The method includes assigning a rule score based on partial rule scores of each portion of the suspect URL, the rule score indicating a phishing potential based on URL rules. The method includes determining a uniqueness score of the suspect URL, the uniqueness score indicating a degree of uniqueness of the suspect URL from a plurality of known phishing URLs. The method also includes determining a URL phishing score based, at least in part, on the rules scores and the uniqueness score for the suspect URL.Type: ApplicationFiled: December 27, 2019Publication date: July 1, 2021Inventors: Eric Nunes, Meethil Vijay Yadav, Nicholas Bailey, Nathan Pratt, Bradley Wardman, Todd Clausen, Kevin Tyers
-
Publication number: 20210203691Abstract: A method for using a malware and phishing detection and mediation platform is discussed. The method includes accessing data from one or more of a monitored portion of website data and a monitored portion of emails, the data indicating a respective potential malware or a suspect phishing element (e.g., Uniform Resource Locator (URL)). The method includes selecting one of a plurality of detection engines for processing the data, where the selecting is based on previous results of previous processing by one or more detection engines. Each of the plurality of detection engines can be for performing one or more respective investigation actions on the plurality of data to determine a particular issue with one of the monitored data. The method also includes determining a mediation action based on a result of processing of the detection engine and the previous processing.Type: ApplicationFiled: December 27, 2019Publication date: July 1, 2021Inventors: Nathan Pratt, Bradley Wardman, Kevin Tyers, Eric Nunes, Meethil Vijay Yadav, Todd Clausen, Nicholas Bailey
-
Publication number: 20200389480Abstract: Methods and systems for assessing and evaluating vulnerabilities of a networked system are presented. A list of known vulnerabilities that have been disclosed in the public may be obtained. The networked system may be scanned from an external perspective to obtain network information of the networked system. A subset of the known vulnerabilities may be determined to be relevant to the networked system based on correlations between the vulnerabilities and the network information. The networked system may also be analyzed from an internal perspective to determine impacts of the relevant known vulnerabilities to the networked system. The impact of a vulnerability may be determined based on the type of data and/or the type of services that may be accessible in an attack that exploits the vulnerability. The vulnerabilities may then be ranked and addressed based on the impacts.Type: ApplicationFiled: June 6, 2019Publication date: December 10, 2020Inventors: Eric Nunes, Bradley Wardman, Meethil Vijay Yadav, Kevin Tyers, Nicole Harris, Jakub Burgis