Patents Assigned to Assured Information Security, Inc.
-
Patent number: 12131230Abstract: A method includes, as part of establishing a feature merging threshold (?) for determining equivalence between two features, selecting a set of candidate ? values, partitioning training data into a plurality of groups, establishing a model W? for each ? value of the set of candidate ? values, iteratively performing: selecting a next group of training data of the plurality of groups of training data; adding the selected next group of training data to a training set; and for each ? value in the set of candidate ? values: training the W? for the ? value using the training set, and evaluating a size of W?, the size comprising a number of features included in the model, and choosing the feature merging threshold ? based on the iteratively performing.Type: GrantFiled: August 4, 2020Date of Patent: October 29, 2024Assignee: Assured Information Security, Inc.Inventors: Daniel Scofield, Craig Miles
-
Patent number: 12124568Abstract: Malware prevention and remediation is provided by monitoring actions performed by processes and maintaining indications of which processes are trusted; selectively presenting canary files to these processes, which includes presenting the canary files to processes not indicated as being trusted and hiding the canary files from processes indicated as being trusted, and where the monitoring includes monitoring for access of canary files with change privileges; scoring each of the processes based on the actions performed, including any access of canary files with change privileges, which scoring produces a malice score for each process; and automatically terminating any process for which its malice score indicates at least a threshold level of malice in the execution of the process.Type: GrantFiled: April 20, 2021Date of Patent: October 22, 2024Assignee: Assured Information Security, Inc.Inventors: Sean Laplante, Patrick McHarris
-
Patent number: 11899122Abstract: Geolocating one or more emitters includes obtaining a set of lines of bearing (LOBs) indicative of location(s) of emitter(s), determining intersections of LOBs of the set and generating clusters informed by those intersections, assigning the LOBs of the set to cluster(s) based on proximity, identifying a cluster having the greatest number of assigned LOBs from the set; determining an emitter location area based on a best point estimate for the cluster, and indicating a location of an emitter as the emitter location area. Additional emitters can be located by removing from the set of LOBs those LOBs assigned to the identified cluster, and repeating aforementioned aspects. Initially, the set of LOBs can be selected from a larger collection as a representative subset thereof.Type: GrantFiled: December 10, 2020Date of Patent: February 13, 2024Assignee: ASSURED INFORMATION SECURITY, INC.Inventor: Jason Eric Smith
-
Publication number: 20230376411Abstract: Memory access control in a virtualization environment is provided by maintaining sets of page tables each corresponding to a given hypervisor application and guest virtual machine (VM), and controlling presentation of the sets of page tables to selectively present just one of the sets at any given time for hypervisor processing to access guest VM memory, where access to guest VM memory is controlled by controlling a page table base address presented in hardware of the computer system, and controlling presentation includes, based on a request for hypervisor processing for a guest VM: identifying a hypervisor application to service the request for hypervisor processing, identifying the set that corresponds to the combination of that guest VM and that hypervisor application, and presenting that identified set for guest VM memory access by the identified hypervisor application and the microkernel hypervisor.Type: ApplicationFiled: April 20, 2021Publication date: November 23, 2023Applicant: ASSURED INFORMATION SECURITY, INC.Inventors: Rian QUINN, Connor James DAVIS
-
Publication number: 20230229761Abstract: Malware prevention and remediation is provided by monitoring actions performed processes and maintaining indications of which processes are trusted; selectively presenting canary files to these processes, which includes presenting the canary files to processes not indicated as being trusted and hiding the canary files from processes indicated as being trusted, and where the monitoring includes monitoring for access of canary files with change privileges; scoring each of the processes based on the actions performed, including any access of canary files with change privileges, which scoring produces a malice score for each process; and automatically terminating any process for which its malice score indicates at least a threshold level of malice in the execution of the process.Type: ApplicationFiled: April 20, 2021Publication date: July 20, 2023Applicant: Assured Information Security, Inc.Inventors: Sean LAPLANTE, Patrick MCHARRIS
-
Patent number: 11645101Abstract: Provision of a virtual secure cryptoprocessor (VSC) for a guest virtual machine (VM), part of a first guest, of a hypervisor of a computer system, includes (i) storing guest VM state and VSC state together in an encrypted virtual hard disk drive file, (ii) storing a decryption key in a sealed partition, of a second guest, sealed against a physical secure cryptoprocessor, (iii) based on verifying that a host computing environment of the computer system is in a trusted state and on booting the hypervisor thereon, unsealing the sealed partition of the second guest, the unsealing providing the decryption key, and decrypting the encrypted virtual hard disk drive file using the decryption key, where the decrypting decrypts the stored guest VM state for execution of the guest VM and decrypts the VSC state to provide the VSC for use by the guest VM.Type: GrantFiled: March 31, 2020Date of Patent: May 9, 2023Assignee: ASSURED INFORMATION SECURITY, INC.Inventors: Richard Turner, Joel Upham
-
Publication number: 20230115278Abstract: Provision of a virtual secure cryptoprocessor (VSC) for a guest virtual machine (VM), part of a first guest, of a hypervisor of a computer system, includes (i) storing guest VM state and VSC state together in an encrypted virtual hard disk drive file, (ii) storing a decryption key in a sealed partition, of a second guest, sealed against a physical secure cryptoprocessor, (iii) based on verifying that a host computing environment of the computer system is in a trusted state and on booting the hypervisor thereon, unsealing the sealed partition of the second guest, the unsealing providing the decryption key, and decrypting the encrypted virtual hard disk drive file using the decryption key, where the decrypting decrypts the stored guest VM state for execution of the guest VM and decrypts the VSC state to provide the VSC for use by the guest VM.Type: ApplicationFiled: March 31, 2020Publication date: April 13, 2023Applicant: Assured Information Security, Inc.Inventors: Richard TURNER, Joel UPHAM
-
Patent number: 11550883Abstract: A method includes receiving a request to execute bytecode that corresponds to secured program code, the secured program code including an encrypted version of the bytecode. Based on receiving the request to execute the bytecode, the method resolves the request, the resolving including identifying a location on disk of the secured program code. Based on resolving the request, a license file for decrypting the encrypted version of the bytecode for execution is accessed, the license file including an encrypted key-value. The encrypted key-value is used in decrypting the encrypted version of the bytecode to obtain decrypted bytecode, where the decrypting places the decrypted bytecode in working memory, and the decrypted bytecode is executed.Type: GrantFiled: September 8, 2020Date of Patent: January 10, 2023Assignee: ASSURED INFORMATION SECURITY, INC.Inventor: Adam Meily
-
Publication number: 20220404453Abstract: Geolocating one or more emitters includes obtaining a set of lines of bearing (LOBs) indicative of location(s) of emitter(s), determining intersections of LOBs of the set and generating clusters informed by those intersections, assigning the LOBs of the set to cluster(s) based on proximity, identifying a cluster having the greatest number of assigned LOBs from the set; determining an emitter location area based on a best point estimate for the cluster, and indicating a location of an emitter as the emitter location area. Additional emitters can be located by removing from the set of LOBs those LOBs assigned to the identified cluster, and repeating aforementioned aspects. Initially, the set of LOBs can be selected from a larger collection as a representative subset thereof.Type: ApplicationFiled: December 10, 2020Publication date: December 22, 2022Applicant: Assured Information Security, Inc.Inventor: Jason Eric SMITH
-
Patent number: 11449746Abstract: Behavioral verification of user identity includes building a deep neural network for keystroke-based behavioral verification of user identity. The building includes receiving recorded keystroke events, each such recorded keystroke event including (i) an indication of whether the recorded keystroke event is a key press or a key release, (ii) a key identifier of the respective key pressed or released, and (iii) a timestamp of the recorded keystroke event. The building further includes performing pre-processing of the recorded keystroke events to provide data structures representing sequential key events for processing by a deep neural network to extract local patterns, and training the deep neural network using the data structures. The method also includes providing the trained deep neural network for keystroke-based behavioral verification of user identity based on determinate vectors output from the trained deep neural network.Type: GrantFiled: April 10, 2018Date of Patent: September 20, 2022Assignee: ASSURED INFORMATION SECURITY, INC.Inventors: Jacob Baldwin, Ryan Burnham, Robert Dora, Andrew Meyer, Robert Wright
-
Patent number: 11397587Abstract: Process core isolation for execution of multiple operating systems on a multicore computer system includes booting first and second operating systems (OSs) on a computer system that includes a plurality of processor cores across physical central processing unit(s) (CPUs). Booting the first OS boots the first OS on a first subset of the processor cores. Booting the second OS, different from the first OS, boots the second OS on a second subset of the processor cores. The first and second subsets are mutually exclusive, where a first processor core of a physical CPU of the physical CPUs is included in the first subset and a second processor core of the physical CPU is included in the second subset, and where the first and second OSs execute concurrently on the computer system, and each of the first and second OS executes on only its respective subset of processor core(s).Type: GrantFiled: April 8, 2019Date of Patent: July 26, 2022Assignee: ASSURED INFORMATION SECURITY, INC.Inventors: Rian Quinn, Connor James Davis, Harlan Philip White, Erin Grace Riley Hensel
-
Publication number: 20220075847Abstract: A method includes receiving a request to execute bytecode that corresponds to secured program code, the secured program code including an encrypted version of the bytecode. Based on receiving the request to execute the bytecode, the method resolves the request, the resolving including identifying a location on disk of the secured program code. Based on resolving the request, a license file for decrypting the encrypted version of the bytecode for execution is accessed, the license file including an encrypted key-value. The encrypted key-value is used in decrypting the encrypted version of the bytecode to obtain decrypted bytecode, where the decrypting places the decrypted bytecode in working memory, and the decrypted bytecode is executed.Type: ApplicationFiled: September 8, 2020Publication date: March 10, 2022Applicant: Assured Information Security, Inc.Inventor: Adam MEILY
-
Patent number: 10938784Abstract: Dedicating hardware devices to virtual machines includes dedicating, by a hypervisor executing on a computer system, a set of hardware devices of the computer system to a first virtual machine of the hypervisor, the first virtual machine executing a guest operating system, and the set of hardware devices for use by the guest operating system in execution of the guest operating system, and dedicating network device hardware of the computer system to a second virtual machine of the hypervisor, the second virtual machine being a different virtual machine than the first virtual machine, wherein network communication between the guest operating system and a network to which the computer system is connected via the network device hardware occurs via the second virtual machine.Type: GrantFiled: December 5, 2017Date of Patent: March 2, 2021Assignee: ASSURED INFORMATION SECURITY, INC.Inventors: Christopher James Patterson, Rian Quinn, Katherine Julia Temkin, Harlan Philip White
-
Publication number: 20200319892Abstract: Process core isolation for execution of multiple operating systems on a multicore computer system includes booting first and second operating systems (OSs) on a computer system that includes a plurality of processor cores across physical central processing unit(s) (CPUs). Booting the first OS boots the first OS on a first subset of the processor cores. Booting the second OS, different from the first OS, boots the second OS on a second subset of the processor cores. The first and second subsets are mutually exclusive, where a first processor core of a physical CPU of the physical CPUs is included in the first subset and a second processor core of the physical CPU is included in the second subset, and where the first and second OSs execute concurrently on the computer system, and each of the first and second OS executes on only its respective subset of processor core(s).Type: ApplicationFiled: April 8, 2019Publication date: October 8, 2020Applicant: Assured Information Security, Inc.Inventors: Rian QUINN, Connor James DAVIS, Harlan Philip WHITE, Erin Grace Riley HENSEL
-
Patent number: 10769259Abstract: A method for keystroke-based behavioral verification of user identity of a subject user of a computer system includes obtaining an enrollment signature corresponding to an identified user and serving as a unique identifier of the identified user, the enrollment signature including an enrollment determinate vector generated based on supplying enrollment keystroke data to a deep neural network for processing. The method further includes obtaining verification determinate vector(s), the verification determinate vector(s) for comparison to the enrollment signature to determine whether the subject user is the identified user.Type: GrantFiled: April 10, 2018Date of Patent: September 8, 2020Assignee: ASSURED INFORMATION SECURITY, INC.Inventors: Jacob Baldwin, Ryan Burnham, Robert Dora, Andrew Meyer, Robert Wright
-
Patent number: 10769260Abstract: A method for gait-based behavioral verification of user identity of a subject user of a computer system includes obtaining an enrollment signature corresponding to an identified user and serving as a unique identifier of the identified user, the enrollment signature including an enrollment determinate vector generated based on supplying enrollment gait data to a deep neural network for processing. The method further includes obtaining verification determinate vector(s), the verification determinate vector(s) for comparison to the enrollment signature to determine whether the subject user is the identified user.Type: GrantFiled: April 10, 2018Date of Patent: September 8, 2020Assignee: ASSURED INFORMATION SECURITY, INC.Inventors: Jacob Baldwin, Ryan Burnham, Robert Dora, Andrew Meyer, Robert Wright
-
Patent number: 10754950Abstract: A method includes monitoring system call invocations made to an operating system of a computer system by an application as the application renders a digital file. The method automatically featurizes the system call invocations into a set of features corresponding to the digital file, and compares each feature set against benign features of a set of known benign features. The comparing includes, for each feature of the set of features, applying entity resolution between the feature and benign feature(s) of the set of known benign features to find a correlation between the feature and a benign feature representing a common semantic interaction between the application and the operating system. The method identifies a number of features that do not correlate to the benign features, and determines maliciousness of the digital file based on the identified number of features that do not correlate to the benign features.Type: GrantFiled: November 30, 2017Date of Patent: August 25, 2020Assignee: ASSURED INFORMATION SECURITY, INC.Inventors: Daniel Scofield, Craig Miles
-
Patent number: 10572207Abstract: A method provides a graphical interface for a computer system and includes receiving window information from each domain of multiple domains in which applications execute. Based on the received window information, the method builds the graphical interface on a graphics device of the computer system from graphics data provided from the multiple domains to the graphics device. The graphics device includes a GPU and graphics memory having multiple graphics memory portions, where each domain is dedicated a respective different graphics memory portion and is given write access thereto. The building issues commands to the graphics device that instruct the GPU to composition together graphics data from graphics memory portion(s) to thereby composition together graphics data from each of two of more domains of the multiple domains. The method also includes issuing commands to the graphics device to output the graphical interface to a set of one or more display devices.Type: GrantFiled: June 27, 2018Date of Patent: February 25, 2020Assignee: ASSURED INFORMATION SECURITY, INC.Inventors: Brendan Kerrigan, Maurice Gale, Rian Quinn, Rodney Forbes, Sandy Stutsman, Jonathan Farrell
-
Publication number: 20200004488Abstract: A method provides a graphical interface for a computer system and includes receiving window information from each domain of multiple domains in which applications execute. Based on the received window information, the method builds the graphical interface on a graphics device of the computer system from graphics data provided from the multiple domains to the graphics device. The graphics device includes a GPU and graphics memory having multiple graphics memory portions, where each domain is dedicated a respective different graphics memory portion and is given write access thereto. The building issues commands to the graphics device that instruct the GPU to composition together graphics data from graphics memory portion(s) to thereby composition together graphics data from each of two of more domains of the multiple domains. The method also includes issuing commands to the graphics device to output the graphical interface to a set of one or more display devices.Type: ApplicationFiled: June 27, 2018Publication date: January 2, 2020Applicant: Assured Information Security, Inc.Inventors: Brendan Kerrigan, Maurice Gale, Rian Quinn, Rodney Forbes, Sandy Stutsman, Jonathan Farrell
-
Patent number: 10523635Abstract: Obtaining, in association with origination of outbound network traffic to be sent by a system, user account information of a user account on behalf of which the outbound network traffic is generated, and performing filtering of the outbound network traffic based on the obtained user account information of the user account on behalf of which the outbound network traffic is generated, where the filtering is further based on one or more rules, and the filtering includes determining whether to block or allow sending of the outbound network traffic from the system.Type: GrantFiled: June 17, 2016Date of Patent: December 31, 2019Assignee: ASSURED INFORMATION SECURITY, INC.Inventors: Jared Wright, Jacob Torrey