Patents Assigned to Assured Information Security, Inc.
  • Patent number: 11449746
    Abstract: Behavioral verification of user identity includes building a deep neural network for keystroke-based behavioral verification of user identity. The building includes receiving recorded keystroke events, each such recorded keystroke event including (i) an indication of whether the recorded keystroke event is a key press or a key release, (ii) a key identifier of the respective key pressed or released, and (iii) a timestamp of the recorded keystroke event. The building further includes performing pre-processing of the recorded keystroke events to provide data structures representing sequential key events for processing by a deep neural network to extract local patterns, and training the deep neural network using the data structures. The method also includes providing the trained deep neural network for keystroke-based behavioral verification of user identity based on determinate vectors output from the trained deep neural network.
    Type: Grant
    Filed: April 10, 2018
    Date of Patent: September 20, 2022
    Assignee: ASSURED INFORMATION SECURITY, INC.
    Inventors: Jacob Baldwin, Ryan Burnham, Robert Dora, Andrew Meyer, Robert Wright
  • Patent number: 11397587
    Abstract: Process core isolation for execution of multiple operating systems on a multicore computer system includes booting first and second operating systems (OSs) on a computer system that includes a plurality of processor cores across physical central processing unit(s) (CPUs). Booting the first OS boots the first OS on a first subset of the processor cores. Booting the second OS, different from the first OS, boots the second OS on a second subset of the processor cores. The first and second subsets are mutually exclusive, where a first processor core of a physical CPU of the physical CPUs is included in the first subset and a second processor core of the physical CPU is included in the second subset, and where the first and second OSs execute concurrently on the computer system, and each of the first and second OS executes on only its respective subset of processor core(s).
    Type: Grant
    Filed: April 8, 2019
    Date of Patent: July 26, 2022
    Assignee: ASSURED INFORMATION SECURITY, INC.
    Inventors: Rian Quinn, Connor James Davis, Harlan Philip White, Erin Grace Riley Hensel
  • Publication number: 20220075847
    Abstract: A method includes receiving a request to execute bytecode that corresponds to secured program code, the secured program code including an encrypted version of the bytecode. Based on receiving the request to execute the bytecode, the method resolves the request, the resolving including identifying a location on disk of the secured program code. Based on resolving the request, a license file for decrypting the encrypted version of the bytecode for execution is accessed, the license file including an encrypted key-value. The encrypted key-value is used in decrypting the encrypted version of the bytecode to obtain decrypted bytecode, where the decrypting places the decrypted bytecode in working memory, and the decrypted bytecode is executed.
    Type: Application
    Filed: September 8, 2020
    Publication date: March 10, 2022
    Applicant: Assured Information Security, Inc.
    Inventor: Adam MEILY
  • Patent number: 10938784
    Abstract: Dedicating hardware devices to virtual machines includes dedicating, by a hypervisor executing on a computer system, a set of hardware devices of the computer system to a first virtual machine of the hypervisor, the first virtual machine executing a guest operating system, and the set of hardware devices for use by the guest operating system in execution of the guest operating system, and dedicating network device hardware of the computer system to a second virtual machine of the hypervisor, the second virtual machine being a different virtual machine than the first virtual machine, wherein network communication between the guest operating system and a network to which the computer system is connected via the network device hardware occurs via the second virtual machine.
    Type: Grant
    Filed: December 5, 2017
    Date of Patent: March 2, 2021
    Assignee: ASSURED INFORMATION SECURITY, INC.
    Inventors: Christopher James Patterson, Rian Quinn, Katherine Julia Temkin, Harlan Philip White
  • Publication number: 20200319892
    Abstract: Process core isolation for execution of multiple operating systems on a multicore computer system includes booting first and second operating systems (OSs) on a computer system that includes a plurality of processor cores across physical central processing unit(s) (CPUs). Booting the first OS boots the first OS on a first subset of the processor cores. Booting the second OS, different from the first OS, boots the second OS on a second subset of the processor cores. The first and second subsets are mutually exclusive, where a first processor core of a physical CPU of the physical CPUs is included in the first subset and a second processor core of the physical CPU is included in the second subset, and where the first and second OSs execute concurrently on the computer system, and each of the first and second OS executes on only its respective subset of processor core(s).
    Type: Application
    Filed: April 8, 2019
    Publication date: October 8, 2020
    Applicant: Assured Information Security, Inc.
    Inventors: Rian QUINN, Connor James DAVIS, Harlan Philip WHITE, Erin Grace Riley HENSEL
  • Patent number: 10769260
    Abstract: A method for gait-based behavioral verification of user identity of a subject user of a computer system includes obtaining an enrollment signature corresponding to an identified user and serving as a unique identifier of the identified user, the enrollment signature including an enrollment determinate vector generated based on supplying enrollment gait data to a deep neural network for processing. The method further includes obtaining verification determinate vector(s), the verification determinate vector(s) for comparison to the enrollment signature to determine whether the subject user is the identified user.
    Type: Grant
    Filed: April 10, 2018
    Date of Patent: September 8, 2020
    Assignee: ASSURED INFORMATION SECURITY, INC.
    Inventors: Jacob Baldwin, Ryan Burnham, Robert Dora, Andrew Meyer, Robert Wright
  • Patent number: 10769259
    Abstract: A method for keystroke-based behavioral verification of user identity of a subject user of a computer system includes obtaining an enrollment signature corresponding to an identified user and serving as a unique identifier of the identified user, the enrollment signature including an enrollment determinate vector generated based on supplying enrollment keystroke data to a deep neural network for processing. The method further includes obtaining verification determinate vector(s), the verification determinate vector(s) for comparison to the enrollment signature to determine whether the subject user is the identified user.
    Type: Grant
    Filed: April 10, 2018
    Date of Patent: September 8, 2020
    Assignee: ASSURED INFORMATION SECURITY, INC.
    Inventors: Jacob Baldwin, Ryan Burnham, Robert Dora, Andrew Meyer, Robert Wright
  • Patent number: 10754950
    Abstract: A method includes monitoring system call invocations made to an operating system of a computer system by an application as the application renders a digital file. The method automatically featurizes the system call invocations into a set of features corresponding to the digital file, and compares each feature set against benign features of a set of known benign features. The comparing includes, for each feature of the set of features, applying entity resolution between the feature and benign feature(s) of the set of known benign features to find a correlation between the feature and a benign feature representing a common semantic interaction between the application and the operating system. The method identifies a number of features that do not correlate to the benign features, and determines maliciousness of the digital file based on the identified number of features that do not correlate to the benign features.
    Type: Grant
    Filed: November 30, 2017
    Date of Patent: August 25, 2020
    Assignee: ASSURED INFORMATION SECURITY, INC.
    Inventors: Daniel Scofield, Craig Miles
  • Patent number: 10572207
    Abstract: A method provides a graphical interface for a computer system and includes receiving window information from each domain of multiple domains in which applications execute. Based on the received window information, the method builds the graphical interface on a graphics device of the computer system from graphics data provided from the multiple domains to the graphics device. The graphics device includes a GPU and graphics memory having multiple graphics memory portions, where each domain is dedicated a respective different graphics memory portion and is given write access thereto. The building issues commands to the graphics device that instruct the GPU to composition together graphics data from graphics memory portion(s) to thereby composition together graphics data from each of two of more domains of the multiple domains. The method also includes issuing commands to the graphics device to output the graphical interface to a set of one or more display devices.
    Type: Grant
    Filed: June 27, 2018
    Date of Patent: February 25, 2020
    Assignee: ASSURED INFORMATION SECURITY, INC.
    Inventors: Brendan Kerrigan, Maurice Gale, Rian Quinn, Rodney Forbes, Sandy Stutsman, Jonathan Farrell
  • Publication number: 20200004488
    Abstract: A method provides a graphical interface for a computer system and includes receiving window information from each domain of multiple domains in which applications execute. Based on the received window information, the method builds the graphical interface on a graphics device of the computer system from graphics data provided from the multiple domains to the graphics device. The graphics device includes a GPU and graphics memory having multiple graphics memory portions, where each domain is dedicated a respective different graphics memory portion and is given write access thereto. The building issues commands to the graphics device that instruct the GPU to composition together graphics data from graphics memory portion(s) to thereby composition together graphics data from each of two of more domains of the multiple domains. The method also includes issuing commands to the graphics device to output the graphical interface to a set of one or more display devices.
    Type: Application
    Filed: June 27, 2018
    Publication date: January 2, 2020
    Applicant: Assured Information Security, Inc.
    Inventors: Brendan Kerrigan, Maurice Gale, Rian Quinn, Rodney Forbes, Sandy Stutsman, Jonathan Farrell
  • Patent number: 10523635
    Abstract: Obtaining, in association with origination of outbound network traffic to be sent by a system, user account information of a user account on behalf of which the outbound network traffic is generated, and performing filtering of the outbound network traffic based on the obtained user account information of the user account on behalf of which the outbound network traffic is generated, where the filtering is further based on one or more rules, and the filtering includes determining whether to block or allow sending of the outbound network traffic from the system.
    Type: Grant
    Filed: June 17, 2016
    Date of Patent: December 31, 2019
    Assignee: ASSURED INFORMATION SECURITY, INC.
    Inventors: Jared Wright, Jacob Torrey
  • Publication number: 20190311099
    Abstract: A method for gait-based behavioral verification of user identity of a subject user of a computer system includes obtaining an enrollment signature corresponding to an identified user and serving as a unique identifier of the identified user, the enrollment signature including an enrollment determinate vector generated based on supplying enrollment gait data to a deep neural network for processing. The method further includes obtaining verification determinate vector(s), the verification determinate vector(s) for comparison to the enrollment signature to determine whether the subject user is the identified user.
    Type: Application
    Filed: April 10, 2018
    Publication date: October 10, 2019
    Applicant: Assured Information Security, Inc.
    Inventors: Jacob BALDWIN, Ryan BURNHAM, Robert DORA, Andrew MEYER, Robert WRIGHT
  • Publication number: 20190311098
    Abstract: A method for keystroke-based behavioral verification of user identity of a subject user of a computer system includes obtaining an enrollment signature corresponding to an identified user and serving as a unique identifier of the identified user, the enrollment signature including an enrollment determinate vector generated based on supplying enrollment keystroke data to a deep neural network for processing. The method further includes obtaining verification determinate vector(s), the verification determinate vector(s) for comparison to the enrollment signature to determine whether the subject user is the identified user.
    Type: Application
    Filed: April 10, 2018
    Publication date: October 10, 2019
    Applicant: Assured Information Security, Inc.
    Inventors: Jacob BALDWIN, Ryan BURNHAM, Robert DORA, Andrew MEYER, Robert WRIGHT
  • Publication number: 20190311261
    Abstract: Behavioral verification of user identity includes building a deep neural network for gait-based behavioral verification of user identity. The building includes receiving movement data describing movement, in multiple dimensions, of computer system(s) of user(s), the movement data including sensor data acquired from sensor(s) of the computer system(s). The building further includes performing pre-processing of the movement data to provide processed movement data for processing by a deep neural network to extract local patterns, and training the deep neural network using the processed movement data. The method also includes providing the trained deep neural network for gait-based behavioral verification of user identity based on determinate vectors output from the trained deep neural network.
    Type: Application
    Filed: April 10, 2018
    Publication date: October 10, 2019
    Applicant: Assured Information Security, Inc.
    Inventors: Jacob BALDWIN, Ryan BURNHAM, Robert DORA, Andrew MEYER, Robert WRIGHT
  • Publication number: 20190311260
    Abstract: Behavioral verification of user identity includes building a deep neural network for keystroke-based behavioral verification of user identity. The building includes receiving recorded keystroke events, each such recorded keystroke event including (i) an indication of whether the recorded keystroke event is a key press or a key release, (ii) a key identifier of the respective key pressed or released, and (iii) a timestamp of the recorded keystroke event. The building further includes performing pre-processing of the recorded keystroke events to provide data structures representing sequential key events for processing by a deep neural network to extract local patterns, and training the deep neural network using the data structures. The method also includes providing the trained deep neural network for keystroke-based behavioral verification of user identity based on determinate vectors output from the trained deep neural network.
    Type: Application
    Filed: April 10, 2018
    Publication date: October 10, 2019
    Applicant: Assured Information Security, Inc.
    Inventors: Jacob BALDWIN, Ryan BURNHAM, Robert DORA, Andrew MEYER, Robert WRIGHT
  • Publication number: 20190173846
    Abstract: Dedicating hardware devices to virtual machines includes dedicating, by a hypervisor executing on a computer system, a set of hardware devices of the computer system to a first virtual machine of the hypervisor, the first virtual machine executing a guest operating system, and the set of hardware devices for use by the guest operating system in execution of the guest operating system, and dedicating network device hardware of the computer system to a second virtual machine of the hypervisor, the second virtual machine being a different virtual machine than the first virtual machine, wherein network communication between the guest operating system and a network to which the computer system is connected via the network device hardware occurs via the second virtual machine.
    Type: Application
    Filed: December 5, 2017
    Publication date: June 6, 2019
    Applicant: Assured Information Security, Inc.
    Inventors: Christopher James PATTERSON, Rian QUINN, Katherine Julia TEMKIN, Harlan Philip WHITE
  • Publication number: 20190163907
    Abstract: A method includes monitoring system call invocations made to an operating system of a computer system by an application as the application renders a digital file. The method automatically featurizes the system call invocations into a set of features corresponding to the digital file, and compares each feature set against benign features of a set of known benign features. The comparing includes, for each feature of the set of features, applying entity resolution between the feature and benign feature(s) of the set of known benign features to find a correlation between the feature and a benign feature representing a common semantic interaction between the application and the operating system. The method identifies a number of features that do not correlate to the benign features, and determines maliciousness of the digital file based on the identified number of features that do not correlate to the benign features.
    Type: Application
    Filed: November 30, 2017
    Publication date: May 30, 2019
    Applicant: Assured Information Security, Inc.
    Inventors: Daniel SCOFIELD, Craig MILES
  • Patent number: 9996374
    Abstract: An update is deployed to a guest virtual machine of a hypervisor during runtime of the guest virtual machine. An executing thread of the guest virtual machine is identified and execution of the thread is redirected to a function to open a handle to a file, of the guest virtual machine, to which data of the update is to be written. The data is provided to a component of the guest virtual machine, and then execution of the thread is redirected to a function to write the data provided to the component to the file.
    Type: Grant
    Filed: June 16, 2015
    Date of Patent: June 12, 2018
    Assignee: ASSURED INFORMATION SECURITY, INC.
    Inventors: Michael Joseph Sieffert, Jonathan Einstoss, Stephen Raymond Pape, Adam T. Meily
  • Patent number: 9871787
    Abstract: Authentication processing for a plurality of self-encrypting storage devices, e.g. SEDs) of a computer system is provided. The authentication processing for the SEDs includes obtaining authentication information for one SED of the plurality of SEDs, performing authentication processing for the one SED based on the obtained authentication information for the one SED; and based on the authentication processing for the one SED, performing authentication processing for each additional SED of one or more additional SEDs of the plurality of SEDs. A pre-boot configuration environment (PBA) to facilitate the authentication processing, and methods for installing the PBA are provided.
    Type: Grant
    Filed: February 23, 2016
    Date of Patent: January 16, 2018
    Assignee: ASSURED INFORMATION SECURITY, INC.
    Inventor: Maurice Gale
  • Publication number: 20170366505
    Abstract: Obtaining, in association with origination of outbound network traffic to be sent by a system, user account information of a user account on behalf of which the outbound network traffic is generated, and performing filtering of the outbound network traffic based on the obtained user account information of the user account on behalf of which the outbound network traffic is generated, where the filtering is further based on one or more rules, and the filtering includes determining whether to block or allow sending of the outbound network traffic from the system.
    Type: Application
    Filed: June 17, 2016
    Publication date: December 21, 2017
    Applicant: Assured Information Security, Inc.
    Inventors: Jared Wright, Jacob Torrey