Patents Examined by Afaq Ali
-
Patent number: 12206644Abstract: A system generates network perimeter for an organization based on the connection data. The system builds a model, for example, a machine learning based model configured to receive a network zone as input and output a score indicating security of the network zone. The system receives information describing connection requests received from client devices associated with the organization. The system adjusts parameters of the machine learning based model based on information describing the connection requests. The adjusting of the machine learning based model improves the accuracy of prediction based on the information describing the connection requests. The system determines a network perimeter for the organization using the machine learning based model. The network perimeter may be used for implementing a network policy for the organization based on the determined network perimeter.Type: GrantFiled: April 3, 2024Date of Patent: January 21, 2025Inventors: Jinlong Fu, RaghuRam Pamidimarri
-
Patent number: 12204621Abstract: Systems for providing a virtual machine and authentication of a user using the virtual machine may perform operations including providing an application programming interface (API) to an electronic device; booting a virtual machine configured to emulate a type of electronic device based on a workstation to which the electronic device is connected; receiving input, using the API, from the electronic device; and providing output to the workstation using the virtual machine. In another example, the operations may include connecting, via at least one network and through an API, to a remote server; providing to the remote server, via the at least one network and the API, the captured biometric indicator; receiving, from a virtual machine executed on the remote server, at least one packet in a defined format based on the biometric indicator; and forwarding the received at least one packet to a workstation communicably connected to the electronic device.Type: GrantFiled: October 6, 2020Date of Patent: January 21, 2025Assignee: AMADEUS S.A.S.Inventors: Colin Mckell-Redwood, Matt Parker Willingham, Nicolas Torres, Michael Anthony Naylor
-
Patent number: 12192247Abstract: Methods, systems, and computer readable media for network security are described. In some implementations, security tasks and roles can be allocated between an endpoint device and a firewall device based on tag information sent from the endpoint, the tag information including one or more characteristics of a traffic flow, information of resource availability, and/or reputation of a process associated with a traffic flow.Type: GrantFiled: October 9, 2023Date of Patent: January 7, 2025Assignee: Sophos LimitedInventors: Andy Thomas, Nishit Shah, Daniel Stutz
-
Patent number: 12185102Abstract: Devices and methods for accessing and for controlling access of a node, called “challenged node”, that has already been authenticated and is provisionally connected to a network of nodes, the network including at least one node, called “challenging node”. The method for controlling access, implemented by a challenging node, includes: defining a personalized test that must be executed by the challenged node; sending the test to the challenged node; receiving, from the challenged node, at least one result of the execution of the test; and authorizing or refusing the access of the challenged node to the network, at least on the basis of the result.Type: GrantFiled: December 20, 2018Date of Patent: December 31, 2024Assignee: ORANGEInventors: Gael Fromentoux, Frederic Fieau
-
Patent number: 12166795Abstract: A cyber security system creates a behavioral framework for evaluating the cyber security of an organization's computer systems based on its employees. The system leverages offline and online individual identity information and then translates this data to anonymous identifiers to protect privacy. The identifiers are used to pull data from an identity graph, which includes behavioral data. A business-to-business identity graph correlates the name of an organization that maintains the targeted computer system with the anonymous identifiers of employees. Online activity is gathered by pixels fired from websites accessed by user browsers and gathered by one or more remote servers.Type: GrantFiled: March 8, 2021Date of Patent: December 10, 2024Assignee: LiveRamp, Inc.Inventors: Rachael Boyle, Lucy Huang, Lisa Cramer
-
Patent number: 12153601Abstract: Provided are a transaction request construction method and apparatus, a transaction request processing method and apparatus, a device and a storage medium, which relate to the field of blockchain technology and can be used for cloud computing and cloud services. A specific implementation includes: generating a standard transaction request according to a standard key of a service application party, to-be-processed request data, a target blockchain architecture to be accessed and a target blockchain identifier; and calling a transaction conversion service and converting the standard transaction request into a target transaction request under the target blockchain architecture according to the standard key, the target blockchain architecture and the target blockchain identifier; where the target transaction request is used for processing the to-be-processed request data. Transaction request construction and processing efficiency can be improved.Type: GrantFiled: December 13, 2021Date of Patent: November 26, 2024Assignee: Beijing Baidu Netcom Science Technology Co., Ltd.Inventor: Bo Jing
-
Patent number: 12149612Abstract: Authentication of a user of an OAuth client by an OAuth authorization server, comprising exposing an authentication state machine, where the states of the state machine are hypermedia-based representations of login resources, and transitions between states are represented by hypermedia links, wherein the authentication state machine is exposed to the client by an API adhering to the principles of REpresentational State Transfer (REST). When the final state of the state machine has been reached, a secondary access token is issued to the client, thereby authenticating the user, wherein hypermedia representations which are sent to the client are encoded so as to be readily parsable by the client.Type: GrantFiled: July 5, 2021Date of Patent: November 19, 2024Assignee: Curity ABInventors: Travis Lee Spencer, Pedro Henriques Felix, Paulo Renato De Athaydes
-
Patent number: 12118111Abstract: An apparatus comprises a processing device configured to obtain, at a data center, source data generated by edge devices associated with the data center and to determine, for each endpoint subscriber of the source data, an associated per-endpoint data processing workflow. The processing device is also configured to select, based at least in part on authorization parameters in a given per-endpoint data processing workflow associated with a given endpoint subscriber, at least a portion of the source data that is to be provided to the given endpoint subscriber. The processing device is further configured to apply, based at least in part on transformation parameters in the given per-endpoint data processing workflow associated with the given endpoint subscriber, data transformations to the portion of the source data to generate transformed data and to provide, from the data center to the given endpoint subscriber, the transformed data.Type: GrantFiled: June 27, 2022Date of Patent: October 15, 2024Assignee: Dell Products L.P.Inventor: Mehrad Yasrebi
-
Patent number: 12120150Abstract: Disclosed herein are methods, systems, and processes for probabilistically identifying anomalous levels of honeypot activity. A honeypot dataset associated with a honeypot network is received and a representative usage value is determined from the honeypot dataset. The representative usage value is identified as being associated with anomalous behavior if the representative usage value deviates from an expected probability distribution. A remediation operation is initiated in the honeypot network in response to the identification of the representative usage value as being associated with the anomalous behavior by virtue of the representative usage value deviating from the expected probability distribution.Type: GrantFiled: October 2, 2023Date of Patent: October 15, 2024Assignee: Rapid7, Inc.Inventors: Wah-Kwan Lin, Curtis Barnard
-
Patent number: 12113821Abstract: Described herein relates to a system and method for the prevention of a malicious attack on a computing resource. In embodiments, the system may comprise the following, including but not limited to: (1) at least one processor; and (2) computer memory storing instructions that, when executed by the at least one processor, cause the at least one processor to perform operations including: (a) observing traffic flow of a network; (b) altering a SYN threshold value based on the observing of the traffic flow of the network; (c) comparing a metric of SYN messages submitted to the network; and (d) based on the comparison of the metric of SYN messages submitted, selectively engaging corrective action with the network.Type: GrantFiled: April 7, 2023Date of Patent: October 8, 2024Assignee: University of South FloridaInventors: Mohamed Rahouti, Kaiqi Xiong
-
Patent number: 12107870Abstract: A method, system, and computer program product to protect accelerators from malicious network functions. One embodiment of the method may comprise categorizing an application runtime into a plurality of operational phases, and enforcing one of a plurality of phase-specific security restrictions at each of the plurality of operational phases. The method may further comprise analyzing the application runtime to automatically generate the plurality of phase-specific security restrictions.Type: GrantFiled: June 24, 2021Date of Patent: October 1, 2024Assignee: International Business Machines CorporationInventors: Dushyant K. Behl, Palanivel Andiappan Kodeswaran, Sayandeep Sen
-
Patent number: 12095798Abstract: Determining additional signals for determining cybersecurity risk is disclosed, including: obtaining signals associated with a cybersecurity risk, wherein the obtained signals include technographic signals and query derived signals obtained from queries; combining the technographic signals and the query derived signals into a Bayesian model indicating the cybersecurity risk; and determining additional technographic signals or additional query derived signals associated with the cybersecurity risk to obtain such that the additional technographic signals or the additional query derived signals are to be computed to impact the cybersecurity risk.Type: GrantFiled: June 8, 2021Date of Patent: September 17, 2024Assignee: Arceo Labs Inc.Inventors: Ann Irvine, Robert Mealey, Russell Snyder
-
Autonomous vehicle security measures in response to an attack on an in-vehicle communication network
Patent number: 12095805Abstract: An illicit signal is detected on an in-vehicle communication network of an autonomous vehicle. A severity level corresponding to the illicit signal is identified, among multiple severity levels, based on one or more characteristics associated with the illicit signal. The severity level is indicative of a level of adverse impact on safety related to an autonomous vehicle environment. The adverse impact is to be caused by the autonomous vehicle when the autonomous vehicle is compromised by the illicit signal. A security operation is selected from multiple security operations based on the identified severity level. The security operation is performed to mitigate the adverse impact on safety related to the autonomous vehicle environment.Type: GrantFiled: July 15, 2021Date of Patent: September 17, 2024Assignee: Waymo LLCInventors: TsengChan Stephan Huang, Stacy Janes, Joshua Foust -
Patent number: 12074864Abstract: A mechanism for building decentralized computer applications that execute on a distributed computing system. The present technology works within a web browser, client application, or other software and provides access to decentralized computer applications through the browser. The present technology is non-custodial, wherein a public-private key pair, which represents user identity, is created on a client machine and then directly encrypted by a third-party platform without relying on one centralized computing system.Type: GrantFiled: January 8, 2024Date of Patent: August 27, 2024Assignee: Magic Labs, Inc.Inventors: Fei-Yang Jen, Yi Wei Chen, Jaemin Jin, Hanyu Xue, Wentao Liu, Shang Li
-
Patent number: 12074875Abstract: Systems and methods include reception of a request for access to a target domain, the request including a source Internet Protocol (IP) address, determination of whether the source IP address is one of a plurality of IP addresses indicated within stored first data, determination, if it is determined that the source IP address is one of the plurality of stored IP addresses, of whether the target domain is one of a plurality of domains indicated within stored second data, and forwarding, if it is determined that the source IP address is one of the plurality of stored IP addresses and the target domain is one of a plurality of domains indicated within stored second data, of the request to the target domain.Type: GrantFiled: January 31, 2022Date of Patent: August 27, 2024Assignee: SAP SEInventor: Stoyan Zhivkov Boshev
-
Patent number: 12063210Abstract: A computing device may generate a hash value based at least in part on user credentials for accessing an internal network, a security code generated by a security token, and at least a portion of program code of a virtual computing application for accessing the internal network. The computing device may send, using a first communications channel, an indication of the hash value to a computing system associated with the internal network. The computing device may, in response to sending the hash value, receive, via a second communications channel, a first indication of a passcode from the computing system. The computing device may, in response to receiving the passcode, send a second indication of the passcode to the computing system.Type: GrantFiled: November 24, 2020Date of Patent: August 13, 2024Assignee: Wells Fargo Bank, N.A.Inventor: Joon Maeng
-
Patent number: 12050715Abstract: A threat management system provides a collection of queries for investigating security issues within an enterprise. Useful inferences are drawn about the value of different queries, and about the security posture of the enterprise, by monitoring contextual activity such as the popularity and context of query usage, patterns of end user modification to queries, and post-query activity.Type: GrantFiled: August 14, 2023Date of Patent: July 30, 2024Assignee: Sophos LimitedInventors: Karl Ackerman, Andrew J. Thomas, Kenneth D. Ray
-
Patent number: 12026276Abstract: An endpoint in an enterprise network is instrumented with sensors to detect security-related events occurring on the endpoint. Event data from these sensors is augmented with contextual information about, e.g., a source of each event in order to facilitate improved correlation, analysis, and visualization at a threat management facility for the enterprise network.Type: GrantFiled: June 9, 2021Date of Patent: July 2, 2024Assignee: Sophos LimitedInventors: Kenneth D. Ray, Andrew J. Thomas, Karl Ackerman
-
Patent number: 12014280Abstract: A method for measuring the sensitivity of a classifier for digital images against adversarial attacks. The classifier includes at least one neural network. The method includes: providing a digital image for which the sensitivity is to be measured; providing a generator that is trained to map elements of a latent space to a realistic image; obtaining, according to a set of parameters, an element of the latent space; mapping, using the generator, this element to a disturbance in the space of realistic images; perturbing the digital image with this disturbance; determining, using the classifier, a classification result for the perturbed image; determining, from the classification result, the impact of the disturbance on the classification result; optimizing the set of parameters to maximize this impact; and determining, based at least in part on the maximum impact, the sensitivity of the classifier.Type: GrantFiled: February 26, 2021Date of Patent: June 18, 2024Assignee: ROBERT BOSCH GMBHInventors: Robin Hutmacher, Jan Hendrik Metzen, Nicole Ying Finnie
-
Patent number: 11995648Abstract: The invention relates to a computer-implemented method for enabling zero-knowledge proof or verification of a statement in which a prover proves to a verifier that a statement is true while keeping a witness to the statement a secret. The method includes the prover sending to the verifier a set of data including a statement, which for a given function circuit output and an elliptic curve point, the function circuit input is equal to the corresponding elliptic curve point multiplier. The data includes individual wire commitments and/or a batched commitment for wires of the circuit, a function circuit output, and a prover key, which enables the verifier to determine that the circuit is satisfied and calculate the elliptic curve point and validate the statement, thus determining that the prover holds the witness to the statement.Type: GrantFiled: March 18, 2019Date of Patent: May 28, 2024Assignee: nChain Licensing AGInventor: Thomas Trevethan