Patents Assigned to Red Balloon Security, Inc.
-
Patent number: 12613693Abstract: Systems and methods are provided for programmatically generating programs that control software linkers to place new executable binary code and/or data patches in existing, executable binaries, which may be fully-linked. Examples disclosed herein include obtaining a first executable; obtaining target information that identifies unused space in the first executable; obtaining one or more routines; generating a linker control program based on the target information and the one or more routines; linking, by the linker control program, the one or more routines into one or more second executables; and patching the first executable with the one or more second executables.Type: GrantFiled: June 20, 2023Date of Patent: April 28, 2026Assignee: RED BALLOON SECURITY, INC.Inventors: Andrés Hernández, Joel Clarence Cretan, Anastasis Keliris, Wyatt Gerard Ford, Ang Cui
-
Patent number: 12585828Abstract: Methods of sensory input integrity attestation are provided. Artifacts included within devices under test inject a known noise signal into the output signal of one or more output devices that are detectable by one or more input devices (i.e., sensors) of an embedded device, and monitor the received input data. By comparing the received signal against the expected noise signal, attestation of the validity of sensory input data is possible. Such sensory input data attestation is capable either locally or using a remote attestation device with knowledge of the expected data stream.Type: GrantFiled: April 30, 2024Date of Patent: March 24, 2026Assignee: RED BALLOON SECURITY, INC.Inventors: Ang Cui, Joseph Dean Pantoga
-
Patent number: 12561461Abstract: A system and method of providing pin-level encryption to low-information signals is provided. The system comprises a first system communicatively coupled to a second system. The first system comprises a signal generator configured to generate a signal having a complexity and a mixer circuit configured to receive a key, create a secured message by applying the key to the signal, and transmit the secured message to the second system. The secured message has a complexity that is higher than the complexity of the signal.Type: GrantFiled: April 26, 2023Date of Patent: February 24, 2026Assignee: RED BALLOON SECURITY, INC.Inventor: Ang Cui
-
Patent number: 12450359Abstract: Systems and methods for securing embedded devices via both online and offline defensive strategies. One or more security software components may be injected into firmware binary to create a modified firmware binary, which is functionally- and size-equivalent to the original firmware binary. The security software components may retrieve live forensic information related to embedded devices for use in live hardening of the modified firmware binary while the embedded device is online, dynamically patching the firmware. In addition, the live forensic information may be aggregated with other analytical data identifying firmware vulnerabilities. A vulnerability identification and mitigation system can then identify and inject modifications to the original firmware binary to develop secure firmware binary, which may be imaged and loaded onto one or more embedded devices within a network.Type: GrantFiled: June 10, 2022Date of Patent: October 21, 2025Assignee: RED BALLOON SECURITY, INC.Inventors: Ang Cui, Salvatore J. Stolfo
-
Patent number: 11995216Abstract: Methods of sensory input integrity attestation are provided. Artifacts included within devices under test inject a known noise signal into the output signal of one or more output devices that are detectable by one or more input devices (i.e., sensors) of an embedded device, and monitor the received input data. By comparing the received signal against the expected noise signal, attestation of the validity of sensory input data is possible. Such sensory input data attestation is capable either locally or using a remote attestation device with knowledge of the expected data stream.Type: GrantFiled: October 24, 2022Date of Patent: May 28, 2024Assignee: RED BALLOON SECURITY, INC.Inventors: Ang Cui, Joseph Dean Pantoga
-
Patent number: 11657169Abstract: A system and method of providing pin-level encryption to low-information signals is provided. The system comprises a first system and a second system communicatively coupled together. The second system comprises a signal generator and a one-time pad (OTP) key mixer. An emanator is communicatively coupled to the first system and the second system and is configured to emanate an OTP key to both the first system and the second system. The OTP key mixer is configured to apply the OTP key to a low-information signal from the signal generator prior to transmitting the low-information signal to the first system.Type: GrantFiled: August 6, 2019Date of Patent: May 23, 2023Assignee: RED BALLOON SECURITY, INC.Inventor: Ang Cui
-
Patent number: 11481519Abstract: Methods of sensory input integrity attestation are provided. Artifacts included within devices under test inject a known noise signal into the output signal of one or more output devices that are detectable by one or more input devices (i.e., sensors) of an embedded device, and monitor the received input data. By comparing the received signal against the expected noise signal, attestation of the validity of sensory input data is possible. Such sensory input data attestation is capable either locally or using a remote attestation device with knowledge of the expected data stream.Type: GrantFiled: November 20, 2020Date of Patent: October 25, 2022Assignee: RED BALLOON SECURITY, INC.Inventors: Ang Cui, Joseph Dean Pantoga
-
Patent number: 11361083Abstract: Systems and methods for securing embedded devices via both online and offline defensive strategies. One or more security software components may be injected into firmware binary to create a modified firmware binary, which is functionally- and size-equivalent to the original firmware binary. The security software components may retrieve live forensic information related to embedded devices for use in live hardening of the modified firmware binary while the embedded device is online, dynamically patching the firmware. In addition, the live forensic information may be aggregated with other analytical data identifying firmware vulnerabilities. A vulnerability identification and mitigation system can then identify and inject modifications to the original firmware binary to develop secure firmware binary, which may be imaged and loaded onto one or more embedded devices within a network.Type: GrantFiled: April 13, 2020Date of Patent: June 14, 2022Assignee: RED BALLOON SECURITY, INC.Inventors: Ang Cui, Salvatore J. Stolfo
-
Patent number: 10872169Abstract: Methods of sensory input integrity attestation are provided. Artifacts included within devices under test inject a known noise signal into the output signal of one or more output devices that are detectable by one or more input devices (i.e., sensors) of an embedded device, and monitor the received input data. By comparing the received signal against the expected noise signal, attestation of the validity of sensory input data is possible. Such sensory input data attestation is capable either locally or using a remote attestation device with knowledge of the expected data stream.Type: GrantFiled: September 28, 2016Date of Patent: December 22, 2020Assignee: RED BALLOON SECURITY, INC.Inventors: Ang Cui, Joseph Dean Pantoga
-
Patent number: 10657262Abstract: Systems and methods for securing embedded devices via both online and offline defensive strategies. One or more security software components may be injected into firmware binary to create a modified firmware binary, which is functionally- and size-equivalent to the original firmware binary. The security software components may retrieve live forensic information related to embedded devices for use in live hardening of the modified firmware binary while the embedded device is online, dynamically patching the firmware. In addition, the live forensic information may be aggregated with other analytical data identifying firmware vulnerabilities. A vulnerability identification and mitigation system can then identify and inject modifications to the original firmware binary to develop secure firmware binary, which may be imaged and loaded onto one or more embedded devices within a network.Type: GrantFiled: September 28, 2015Date of Patent: May 19, 2020Assignee: RED BALLOON SECURITY, INC.Inventors: Ang Cui, Salvatore J. Stolfo
-
Patent number: 10311232Abstract: Methods and systems for detection and prevention of exploitation of embedded devices. A sensing component is configured to detect a plurality of emanated analog signals and generate one or more synchronization events. The synchronization events are used to perform one or more attestation analyzes, including execution attestation, integrity attestation, and control-flow reconstruction, the results of which may be used to generate security events.Type: GrantFiled: November 17, 2016Date of Patent: June 4, 2019Assignee: RED BALLOON SECURITY, INC.Inventor: Ang Cui
-
Publication number: 20170147814Abstract: Methods and systems for detection and prevention of exploitation of embedded devices. A sensing component is configured to detect a plurality of emanated analog signals and generate one or more synchronization events. The synchronization events are used to perform one or more attestation analyses, including execution attestation, integrity attestation, and control-flow reconstruction, the results of which may be used to generate security events.Type: ApplicationFiled: November 17, 2016Publication date: May 25, 2017Applicant: Red Balloon Security, Inc.Inventor: ANG CUI
-
Publication number: 20170094538Abstract: Methods of sensory input integrity attestation are provided. Artifacts included within devices under test inject a known noise signal into the output signal of one or more output devices that are detectable by one or more input devices (i.e., sensors) of an embedded device, and monitor the received input data. By comparing the received signal against the expected noise signal, attestation of the validity of sensory input data is possible. Such sensory input data attestation is capable either locally or using a remote attestation device with knowledge of the expected data stream.Type: ApplicationFiled: September 28, 2016Publication date: March 30, 2017Applicant: Red Balloon Security, Inc.Inventors: Ang CUI, Joseph Dean PANTOGA