Patents Assigned to CA, Inc.
  • Patent number: 11900251
    Abstract: Techniques are disclosed relating to increasing the amount of training data available to machine learning algorithms. A computer system may access an initial set of training data that specifies a plurality of sequences, each of which may define a set of data values. The computer system may amplify the initial set of training data to create a revised set of training data. The amplifying may include identifying sub-sequences of data values in ones of the plurality of sequences in the initial set of training data and using an inheritance algorithm to create a set of additional sequences of data values, where each one of the set of additional sequences may include sub-sequences of data values from at least two different sequences in the initial set of training data. The computer system may process the set of additional sequences using the machine learning algorithm to train a machine learning model.
    Type: Grant
    Filed: June 14, 2022
    Date of Patent: February 13, 2024
    Assignee: CA, INC.
    Inventors: Michael J. Cohen, Daniel David Sill
  • Patent number: 11853454
    Abstract: The disclosed computer-implemented method for preparing a secure search index for securely detecting personally identifiable information may include (i) receiving, at a computing device, a dataset including a record, where the record has a field including a value describing personally identifiable information and (ii) performing, at the computing device, a security action. The security action may include (i) generating, using a perfect hash function, a respective hashed key from the value and (ii) adding, to the secure search index (a) the respective hashed key or (b) a subsequent hashed key created from the respective hashed key. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: May 31, 2019
    Date of Patent: December 26, 2023
    Assignee: CA, Inc.
    Inventors: Yuval Tarsi, Stefano Emiliozzi
  • Patent number: 11777952
    Abstract: An authentication server can receive an electronic message transmitted by a sender. The electronic message can have an intended recipient and can include message data. A sender identification (“ID”) is embedded in the message data. The authentication server can generate a first message ID based on the message data that includes the sender ID. The first message ID can be determined to match a second message ID that is stored in a database. The sender ID can be determined to be different from an originator ID that is associated with the second message ID in the database. The authentication server can determine whether an originator associated with the originator ID has authorized the sender to transmit the message data and can determine whether to transmit the electronic message to the intended recipient based on whether the originator has authorized the sender to transmit the data.
    Type: Grant
    Filed: October 11, 2018
    Date of Patent: October 3, 2023
    Assignee: CA, Inc.
    Inventors: Krishna Chaithanya Kasibhatla, Satish Kumar Sharaf
  • Patent number: 11665171
    Abstract: Secure access to a corporate application with translation between an internal address and an external address. In some embodiments, a method may include receiving, at a secure access cloud point of delivery (PoD), from a client application on a client device, a request to access a corporate web application that is deployed in a corporate datacenter. The method may also include forwarding, from the secure access cloud PoD, to a connector that is also deployed in the corporate datacenter, the request to access the corporate web application. The method may further include brokering, by the connector and the secure access cloud PoD, authentication of a user, authorization of access by the user, and a secure communication session between the client application and the corporate web application by translating between an internal address of the corporate web application and an external address of the corporate web application.
    Type: Grant
    Filed: July 13, 2022
    Date of Patent: May 30, 2023
    Assignee: CA, Inc.
    Inventors: David Patimer, Lior Lev-Tov, Eldad Rudich, Leonid Belkind
  • Patent number: 11558383
    Abstract: A method for securing cloud applications is described. The method may include establishing a connection between a cloud application isolation portal, a cloud access security broker, and a cloud application based on an indication of the cloud application and a set of credentials associated with an end user of the cloud application, and managing, via the cloud application isolation portal and the cloud access security broker, a session between the cloud application and a computing device associated with the end user based on the connection between the cloud application isolation portal with the cloud access security broker and the cloud application.
    Type: Grant
    Filed: March 15, 2019
    Date of Patent: January 17, 2023
    Assignee: CA, Inc.
    Inventors: Alex Au Yeung, Amit Kanfer, Arunabha Saha, Manoj Kumar Sharma, Paul Kao, Prashanth Prabhu, Russell Daigle, Tobias Pischl, Yehoshua Chen
  • Patent number: 11551137
    Abstract: Machine learning adversarial campaign mitigation on a computing device. The method may include deploying an original machine learning model in a model environment associated with a client device; deploying a classification monitor in the model environment to monitor classification decision outputs in the machine learning model; detecting, by the classification monitor, a campaign of adversarial classification decision outputs in the machine learning model; applying a transformation function to the machine learning model in the model environment to transform the adversarial classification decision outputs to thwart the campaign of adversarial classification decision outputs; determining a malicious attack on the client device based in part on detecting the campaign of adversarial classification decision outputs; and implementing a security action to protect the computing device against the malicious attack.
    Type: Grant
    Filed: April 30, 2019
    Date of Patent: January 10, 2023
    Assignee: CA, Inc.
    Inventors: Javier Echauz, Andrew B. Gardner, John Keith Kenemer, Jasjeet Dhaliwal, Saurabh Shintre
  • Patent number: 11496489
    Abstract: Knowledge-aware detection of attacks on a client device conducted with dual-use tools. A method may include obtaining dual-use tool data related to a plurality of dual-use tools; collecting from a client device, by the computing device, user input related to the use of a dual-use tool of the plurality of dual-use tools; determining that the user input contains a feature of the dual-use tool data; creating a behavioral index of the user input, the behavioral index stored on the client device; detecting new input on the client device; determining a similarity level between the user input and the new input; flagging a malicious attack on the client device based on determining that the similarity level does not satisfy a pre-determined threshold; and implementing a security action on the client device based on flagging the malicious attack.
    Type: Grant
    Filed: March 28, 2019
    Date of Patent: November 8, 2022
    Assignee: CA, Inc.
    Inventors: Slawomir Grzonkowski, Johann Roturier, Pratyush Banerjee, David L. Silva
  • Patent number: 11461462
    Abstract: The disclosed computer-implemented method for producing adjustments to malware-detecting services may include (1) receiving, from a plurality of malware-detecting services executing on a plurality of client computing devices, a respective plurality of probability scores with corresponding model identifiers for an analyzed file and a plurality of respective identifiers describing the malware-detecting services, (2) building a training dataset from at least a portion of the received plurality of probability scores with corresponding model identifiers, and (3) performing a security action including (A) training, with the training dataset, a malware-detecting linear regression ensemble machine learning model that is specific to an identifier in the plurality of identifiers and (B) sending the trained linear regression ensemble machine learning model to one of the plurality of malware-detecting services executing on one of the client computing devices.
    Type: Grant
    Filed: September 21, 2018
    Date of Patent: October 4, 2022
    Assignee: CA, Inc.
    Inventors: Qichao Lan, Junda Zhu, Shaolong Shu, Tao Cheng, Rudy Senstad
  • Patent number: 11444925
    Abstract: Secure access to a corporate application in an SSH session using a transparent SSH proxy. In some embodiments, a method may include receiving, at a secure access cloud point of delivery (PoD), from a client application on a client device, a request to access a corporate application that is deployed in a corporate datacenter. The method may also include forwarding, from the secure access cloud PoD, to a connector that is also deployed in the corporate datacenter, the request. The method may further include brokering, by the connector and the secure access cloud PoD, authentication of a user, authorization of access by the user, and an SSH session between the client application and the corporate application using a transparent SSH proxy, with the client application being unaware that the SSH session is brokered by the connector and the secure access cloud PoD.
    Type: Grant
    Filed: October 2, 2019
    Date of Patent: September 13, 2022
    Assignee: CA, Inc.
    Inventors: David Patimer, Lior Lev-Tov, Eldad Rudich, Leonid Belkind
  • Patent number: 11442755
    Abstract: Secure access to a corporate application using a facade. In some embodiments, a method may include receiving, at a secure access cloud point of delivery (PoD), from a client application on a client device, a request to access a corporate application that is deployed in a corporate datacenter. The method may also include creating, at the secure access cloud PoD, a facade representing the corporate application. The method may further include forwarding, from the facade, to a connector that is also deployed in the corporate datacenter, the request. The method may also include brokering, by the connector and the facade, authentication of a user, authorization of access by the user, and a secure communication session between the client application and the corporate application via the facade, with the client application being unaware that the secure communication session is brokered by the connector and the facade.
    Type: Grant
    Filed: October 2, 2019
    Date of Patent: September 13, 2022
    Assignee: CA, Inc.
    Inventors: David Patimer, Lior Lev-Tov, Eldad Rudich, Leonid Belkind
  • Patent number: 11429823
    Abstract: The disclosed computer-implemented method for dynamically augmenting machine learning models based on contextual factors associated with execution environments may include (1) generating a base machine learning model and a supplemental set of machine learning models, (2) determining at least one contextual factor associated with an execution environment of a machine learning system that is configured to make predictions regarding a set of input data using at least the base machine learning model, (3) selecting, based on the contextual factor, a continuation set of machine learning models from the supplemental set of machine learning models, and (4) directing the machine learning system to utilize both the base machine learning model and the continuation set of machine learning models when making predictions regarding the set of input data. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: March 15, 2018
    Date of Patent: August 30, 2022
    Assignee: CA, INC.
    Inventors: Qichao Lan, XueFeng Tian, Tao Cheng, Rudy Senstad
  • Patent number: 11429846
    Abstract: A platform that integrates and collates the data points from students, employers, schools, and industry into an ecosystem which allows for customers (students, employers, schools, and industry) to model ‘what-if’ scenarios based on their industry parameters. By using a design algorithm based on automated reasoning, game theory, and knowledge mining, within a neural network, the platform can predict, model, and build the journey. The decision modeling neural learning platform may be used to augment or replace the need for guidance counselors in schools, along with assisting industry and immigration liaisons.
    Type: Grant
    Filed: January 22, 2019
    Date of Patent: August 30, 2022
    Assignee: KLIQ.CA Inc.
    Inventor: Kashif Siddiqui
  • Patent number: 11425134
    Abstract: Secure access to a corporate application with translation between an internal address and an external address. In some embodiments, a method may include receiving, at a secure access cloud point of delivery (PoD), from a client application on a client device, a request to access a corporate web application that is deployed in a corporate datacenter. The method may also include forwarding, from the secure access cloud PoD, to a connector that is also deployed in the corporate datacenter, the request to access the corporate web application. The method may further include brokering, by the connector and the secure access cloud PoD, authentication of a user, authorization of access by the user, and a secure communication session between the client application and the corporate web application by translating between an internal address of the corporate web application and an external address of the corporate web application.
    Type: Grant
    Filed: October 2, 2019
    Date of Patent: August 23, 2022
    Assignee: CA, Inc.
    Inventors: David Patimer, Lior Lev-Tov, Eldad Rudich, Leonid Belkind
  • Patent number: 11409871
    Abstract: A method for identifying suspicious activity on a monitored computing device is described. In one embodiment, the method may include monitoring a local procedure call interface of the monitored computing device, identifying, based at least in part on the monitoring, a remote procedure call (RPC) of a suspicious process, the RPC being transmitted over a local procedure call message of the local procedure call interface, analyzing the RPC of the suspicious process, and performing a security action based at least in part on the analyzing.
    Type: Grant
    Filed: March 22, 2019
    Date of Patent: August 9, 2022
    Assignee: CA, Inc.
    Inventors: Bahaa Naamneh, Felix Leder
  • Patent number: 11411968
    Abstract: The disclosed computer-implemented method for protecting a cloud computing device from malware may include (i) intercepting, at a computing device, a malicious attempt by the malware to (A) access sensitive information in an encrypted file stored on the computing device and (B) send the sensitive information to the cloud computing device and (ii) performing, responsive to the attempt to access the encrypted file, a security action. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: September 18, 2019
    Date of Patent: August 9, 2022
    Assignee: CA, INC.
    Inventors: Ashok Banerjee, Susan Hassall
  • Patent number: 11392696
    Abstract: The disclosed computer-implemented method for detecting code implanted into a published application may include retrieving a published version of an application and a source version of the application, and determining, based on an analysis of the source version and the published version, a transformation process for transforming from the source version to the published version. The method may also include performing the transformation process on the source version to produce a build version, comparing the build version with the published version, and identifying, based on the comparison, implanted code in the published version. The method may further include performing, in response to identifying the implanted code, a security action. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: March 28, 2019
    Date of Patent: July 19, 2022
    Assignee: CA, INC.
    Inventors: Torrey Umland, Nathaniel Theis
  • Patent number: 11392794
    Abstract: Techniques are disclosed relating to increasing the amount of training data available to machine learning algorithms. A computer system may access an initial set of training data that specifies a plurality of sequences, each of which may define a set of data values. The computer system may amplify the initial set of training data to create a revised set of training data. The amplifying may include identifying sub-sequences of data values in ones of the plurality of sequences in the initial set of training data and using an inheritance algorithm to create a set of additional sequences of data values, where each one of the set of additional sequences may include sub-sequences of data values from at least two different sequences in the initial set of training data. The computer system may process the set of additional sequences using the machine learning algorithm to train a machine learning model.
    Type: Grant
    Filed: September 10, 2018
    Date of Patent: July 19, 2022
    Assignee: CA, Inc.
    Inventors: Michael J. Cohen, Daniel David Sill
  • Patent number: 11386208
    Abstract: The disclosed computer-implemented method for malware detection using localized machine learning may include (i) generating a global score for a file using a global machine learning model, (ii) generating a localized score for the file using a localized machine learning model, (iii) determining that the file is malware using the global score, the localized score, and the local conviction threshold, and (iv) in response to determining that the file is malware, performing a security action to protect the computing device against malware. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: May 16, 2019
    Date of Patent: July 12, 2022
    Assignee: CA, INC.
    Inventors: Qichao Lan, Tao Cheng
  • Patent number: 11382546
    Abstract: Provided is a process including: receiving biometric measurements; receiving from application components or network hosts, events or metrics indicative of objective performance; correlating psychophysical-performance values based on the biometric measurements indicative of psychophysical performance with objective-performance values based on the events or metrics indicative of objective performance; storing the correlation between the psychophysical-performance values and the objective-performance values in memory; and accessing the correlation to select hosts, application components, or routines to be adjusted to improve objective performance of the distributed application or psychophysical performance of the distributed application.
    Type: Grant
    Filed: April 10, 2018
    Date of Patent: July 12, 2022
    Assignee: CA, Inc.
    Inventors: Ross Castillo, Satish Kumar Naidi
  • Patent number: 11336639
    Abstract: The disclosed computer-implemented method for managing a need-to-know domain name system may include (i) intercepting, by an agent of the computing device, network traffic received on the computing device, (ii) generating, by the agent, a one-time password based on a unique identifier of the agent of the computing device, (iii) wrapping, by the agent, the network traffic with the one-time password, and (iv) pushing, by the agent, the wrapped network traffic to a cloud server using a local domain name system (DNS) of the agent of the computing device, wherein the local DNS comprises a private domain name unpublished in a global DNS. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: September 19, 2019
    Date of Patent: May 17, 2022
    Assignee: CA, Inc.
    Inventors: Ashok Banerjee, Leonid Belkind, Russell Daigle