Patents Examined by Brian F Shaw
-
Patent number: 11316842Abstract: Disclosed embodiments relate to uniquely identifying and validating identities based on electronic file fingerprints. Techniques include identifying an identity associated with a computing device; accessing fingerprinting data associated with an electronic file stored on or transmitted from the computing device; generating, based on a diversity of different properties of the fingerprinting data, a profile for the electronic file; accessing a repository storing profiles corresponding to a plurality of identities; comparing the generated profile with one or more of the stored profiles; determining whether the generated profile matches a stored profile, from the repository of stored profiles, associated with the identity; and validating, conditional on the matching, the identity.Type: GrantFiled: October 15, 2019Date of Patent: April 26, 2022Assignee: CyberArk Software Ltd.Inventors: Arthur Bendersky, Hadas Elkabir, Tal Zigman
-
Patent number: 11310200Abstract: A method and system for classifying malicious locators where a processor is trained on a set of known malicious locators using a non-supervised learning procedure. Once trained, the processor may classify new locators as being generated by a particular generation kit.Type: GrantFiled: January 30, 2020Date of Patent: April 19, 2022Assignee: Rapid7, Inc.Inventors: Roy Hodgman, Aditya Kuppa, Suchin Gururangan, Andrew Reece
-
Patent number: 11310253Abstract: A computer-implemented method for detecting anomalous behavior of one or more computers in a large group of computers comprises (1) receiving log files including a plurality of entries of data regarding connections between a plurality of computers belonging to an organization and a plurality of websites outside the organization, each entry being associated with the actions of one computer, (2) applying a first plurality of algorithms to determine features of the data which may contribute to anomalous behavior of the computers, and (3) applying a second plurality of algorithms to determine which computers are behaving anomalously based upon the features.Type: GrantFiled: April 7, 2020Date of Patent: April 19, 2022Assignee: STATE FARM MUTUAL AUTOMOBILE INSURANCE COMPANYInventors: Rajiv Shah, Shannon Morrison, Jeremy Cunningham, Taylor Smith, Sripriya Sundararaman, Jing Wan, Jeffrey Hevrin, Ronald Duehr, Brad Sliz, Lucas Allen
-
Patent number: 11290455Abstract: Techniques for passively providing AAA support for an IoT device in a network are disclosed. A set of data packets transmitted by an IoT device is obtained. At least one packet included in the set of data packets is analyzed. A message, including information associated with the IoT device, is transmitted on behalf of the IoT device.Type: GrantFiled: June 1, 2020Date of Patent: March 29, 2022Assignee: Palo Alto Networks, Inc.Inventor: Gong Cheng
-
Patent number: 11265340Abstract: The invention relates generally to monitoring and managing network components, such as monitoring the network components to determine the vulnerabilities of network components, implementing remediation plans for the vulnerabilities, instituting remediation suppression for the vulnerabilities, and taking consequence actions for the vulnerabilities when remediation is no longer suppressed and fails to be implemented. Remediation suppression may be implemented for the vulnerability when the vulnerability is determined to be an acceptable vulnerability. The remediation suppression may be based on a request from a user, based on organization policy, and/or based on logic determining that the vulnerability is acceptable. When the remediation suppression occurs at least a part of the remediation plan, consequence action, and/or reporting is suppressed.Type: GrantFiled: February 6, 2018Date of Patent: March 1, 2022Assignee: BANK OF AMERICA CORPORATIONInventors: Julia A. Ward, Jonathan Michael Nauss, Peter Jordan Langsam
-
Patent number: 11258615Abstract: A method for managing certificates includes the steps of transmitting, over an electronic network by an electronic device of a client, a certificate request to a certificate management portal separate from the client, establishing an interaction with an electronic interface of a certificate authority by the certificate management portal; generating, by the certificate authority, a certificate package, delivering the generated certificate package to the certificate management portal, and downloading from the certificate management portal, by the client, at least one certificate of the delivered certificate package.Type: GrantFiled: September 12, 2019Date of Patent: February 22, 2022Assignee: Cable Television Laboratories, Inc.Inventor: Brian A. Scriber
-
Patent number: 11245689Abstract: Aspects of the present disclosure involve a system and method for implementing hacker traffic barriers. The current disclosure presents a system and method that provides securely associates a primary trusted device with a user, authorizes web browser authentication, and provides both intrinsic and explicit checks for authorizing access to an account.Type: GrantFiled: June 21, 2019Date of Patent: February 8, 2022Assignee: PAYPAL, INC.Inventors: Kishore Jaladi, Darshan Desai, Abhishek Chhibber
-
Patent number: 11244044Abstract: According to one embodiment, a malware detection software being loaded into non-transitory computer readable medium for execution by a processor. The malware detection software comprises exploit detection logic, rule-matching logic, reporting logic and user interface logic. The exploit detection logic is configured to execute certain event logic with respect to a loaded module. The rule-matching logic includes detection logic that is configured to determine whether an access source is attempting to access a protected region and determine whether the access source is from a dynamically allocated memory. The reporting logic includes alert generating logic that is configured to generate an alert while the user interface logic is configured to notify a user or a network administrator of a potential cybersecurity attack.Type: GrantFiled: February 15, 2019Date of Patent: February 8, 2022Assignee: Fireeye Security Holdings US LLCInventors: Amit Malik, Raghav Pande, Aakash Jain
-
Patent number: 11238157Abstract: Described is a system that efficiently detects ransomware attacks within a storage environment. The system may perform a specialized validation by comparing a sampling of backup data obtained from a storage environment with a sampling of data maintained by a specialized validation database. Accordingly, if there is a discrepancy between the samples, the system may issue an alert indicating the original backup data may be encrypted as part of a ransomware attack. The system may utilize the specialized sampling as a validation technique in addition, or as an alternative, to relying on data fingerprints for validation. For example, malicious code may be configured to cause the storage environment to provide fingerprints prior to an unauthorized encryption as an attempt to deceive certain validation processes. Accordingly, to counteract such attempts, the system may rely on the sampling of data, instead of relying solely on a fingerprint comparison.Type: GrantFiled: May 18, 2020Date of Patent: February 1, 2022Assignee: EMC IP Holding Company LLCInventors: Yossef Saad, Itay Glick
-
Patent number: 11233813Abstract: Systems and methods for discovering and provisioning computing devices within a computing environment. An example method may comprise: loading a first kernel from a removable storage, wherein the first kernel identifies device information of the computing device when executed; transmitting a provisioning request comprising the device information to a provisioning device over a network; receiving provisioning data and a second kernel over a network, the second kernel comprising an operating system installer; and overwriting the first kernel with the second kernel.Type: GrantFiled: October 22, 2018Date of Patent: January 25, 2022Assignee: Red Hat Israel, LtdInventors: Lukas Zapletal, Ohad Anaf Levy
-
Patent number: 11232189Abstract: A system and method for tracking and authenticating software code transition during various phases of software development and deployment in a DevOps platform is provided. The present invention provides for creating, modifying and deleting one or more code authentication elements including respective policies within a distributed ledger. The code authentication elements are mapped with one or more event types in respective one or more tools of a DevOps platform. Information associated with occurrence of an event in one or more tools of the DevOps platform are retrieved. The retrieved event information is parsed to extract event type and a code authentication element is invoked based on the identified event type. The invoked code authentication element authenticates software code transition to appropriate tool of DevOps platform based on one more defined policies. A result representative of authentication success or failure is stored in the distributed ledger for tracking and auditing.Type: GrantFiled: August 28, 2018Date of Patent: January 25, 2022Assignee: COGNIZANT TECHNOLOGY SOLUTIONS INDIA PVT. LTD.Inventors: Rajkumar Chandrasekaran, Karthikeyan Vedagiri
-
Patent number: 11233806Abstract: Techniques and architectures for privilege escalation detection. User login information for multiple users in a multiuser secure computing environment is analyzed to generate multiple user evaluations. The multiple user evaluations are analyzed to generate at least a population evaluation for the multiuser secure computing environment. Node scores are generated for nodes in the population evaluation to determine one or more entry nodes for the multiple users in the multiuser secure computing environment. The node scores are compared to one or more threshold values to determine whether the user login information corresponding to one or more of the multiple users indicates a privilege escalation condition. A security response action occurs in response to detecting a privilege escalation condition.Type: GrantFiled: June 18, 2018Date of Patent: January 25, 2022Assignee: salesforce.com, Inc.Inventor: Anirudh Kondaveeti
-
Patent number: 11218876Abstract: Wireless communication between two electronic devices may be used to determine a distance between the two devices, even in the presence of an otherwise-disruptive attacker. A wireless receiver system of one device may receive a true wireless ranging signal from a first transmitting device and a false wireless ranging signal from an attacker. The wireless receiver system may correlate the wireless signals with a known preamble sequence and perform channel estimation using the result, obtaining a channel impulse response for the wireless signals. The wireless receiver system may filter the channel impulse response for the plurality of wireless signals by removing at least part of the channel impulse response due to the false wireless ranging signal while not removing at least part of the channel impulse response due to the true wireless ranging signal. The receiver system may perform a wireless ranging operation using the filtered channel impulse response.Type: GrantFiled: January 30, 2018Date of Patent: January 4, 2022Assignee: Apple Inc.Inventors: Shang-Te Yang, Xu Chen, Alejandro J. Marquez, Mohit Narang, Indranil S. Sen
-
Patent number: 11218455Abstract: A computer-implemented method for information protection comprises: committing a transaction amount of a transaction with a first commitment scheme to obtain a transaction commitment value, committing a change of the transaction with a second commitment scheme to obtain a change commitment value, the first commitment scheme comprising a transaction blinding factor, and the second commitment scheme comprising a change blinding factor; encrypting a first combination of the change blinding factor and the change with a first key; transmitting the transaction blinding factor, the transaction amount, and the transaction commitment value to a recipient node associated with a recipient for the recipient node to verify the transaction; in response to that the recipient successfully verifies the transaction, obtaining an encrypted second combination of the transaction blinding factor and the transaction amount encrypted with a second key.Type: GrantFiled: November 27, 2018Date of Patent: January 4, 2022Assignee: ADVANCED NEW TECHNOLOGIES CO., LTD.Inventors: Huanyu Ma, Wenbin Zhang, Baoli Ma, Zheng Liu, Jiahui Cui
-
Patent number: 11182498Abstract: A user provides retailer-specific consents for access and use to private/sensitive information of the user. The private/sensitive information is centrally stored in a privacy vault. Retail services (retailer) that the user subscribes to are provided a user-specific and consent-specific token representing the user and consents to usage of specific private/sensitive information of the user. When the retailer has a need for user-specific private/sensitive information, the retailer presents the user-specific and consent-specific token to the privacy vault. Assuming, the retailer was given access to the requested private/sensitive information defined in the token, the privacy results returns the requested information to the retailer; otherwise, an unauthorized message is returned from the privacy vault to the retailer. The user defines the consents to each retailer and a record of the consents is maintained in the privacy vault.Type: GrantFiled: May 30, 2018Date of Patent: November 23, 2021Assignee: NCR CorporationInventors: Nir Veltman, Jason Patterson, Mikhail Romanovich Shapirov, Nilesh Sharma, Joseph Arnold White
-
Patent number: 11170114Abstract: An electronic storage system and a method of data management includes the steps of: partitioning source data into a plurality of portions of data; storing each of the plurality of portions of data in each of a plurality of storage peers respectively; and storing a plurality of indices in a plurality of storage peers; wherein each of the plurality of indices corresponds to each respective portion of partitioned data; and wherein each of the plurality of storage peers is arranged to store the plurality of indices and the plurality of portions of data in corresponding pairs.Type: GrantFiled: June 6, 2017Date of Patent: November 9, 2021Assignee: City University of Hong KongInventors: Cong Wang, Xingliang Yuan, Chengjun Cai
-
Patent number: 11171785Abstract: An authentication method includes an enrolment stage comprising: receiving fuzzy data from a noisy authentication factor and fixed authentication data; generating a secret string independently from the received fuzzy data and the received fixed authentication data; deriving metadata from the fuzzy data and the secret string and helper data from the secret string and metadata; encrypting the helper data using the fixed authentication data as encryption key; outputting the encrypted helper data as public data, and an authentication stage including receiving the public data output during the enrolment stage, decrypting the received public data using the fixed authentication data as decryption key, recovering the helper data and the metadata from the decrypted public data, reproducing the secret string using the further fuzzy data and the recovered metadata, validating the reproduced secret string using the recovered helper data, and releasing the reproduced secret string if the validating yields a positive outcoType: GrantFiled: October 26, 2017Date of Patent: November 9, 2021Assignee: KATHOLIEKE UNIVERSITEIT LEUVENInventors: Enrique Argones Rua, Aysajan Abidin
-
Patent number: 11171982Abstract: Optimizing ingestion of security structured data into a graph database for security analytics is provided. A plurality of streams of information is received from a plurality of security information sources. Respective subsets of information are ingested from each of the plurality of security information sources to generate small subgraphs of security information. Each of the small subgraphs comply to a schema used by a master knowledge graph. A batch process is performed to ingest a plurality of small subgraphs into the master knowledge graph.Type: GrantFiled: June 22, 2018Date of Patent: November 9, 2021Assignee: International Business Machines CorporationInventors: Sulakshan Vajipayajula, Stephen C. Will, Dhilung Hang Kirat, Kaushal K. Kapadia, Anne Tilstra
-
Patent number: 11163858Abstract: A server computing device can determine if a software application executing on a client computing device has not been tampered. Software executes on the server device and communicates either directly or indirectly with an attestation service; a client software application running on the client computing device communicates with the same attestation service. A client software application that is able to calculate a cryptographic hash fingerprint of its executing code image communicates to the attestation service to prove it is untampered with. The attestation service then generates a pass or fail attestation result. The attestation result is communicated between the attestation service and the server computing device. The behaviour of the server computing device is controlled in a way that is conditional on whether a prior attestation of the client software was a pass or fail attestation result.Type: GrantFiled: May 12, 2016Date of Patent: November 2, 2021Assignee: CRITICAL BLUE LTD.Inventor: Richard Michael Taylor
-
Patent number: 11159545Abstract: The present invention relates to methods, network devices, and machine-readable media for an integrated environment and platform for automated processing of reports of suspicious messages, and further including automated threat simulation, reporting, detection, and remediation, including rapid quarantine and restore functions.Type: GrantFiled: February 25, 2020Date of Patent: October 26, 2021Assignee: Cofense IncInventors: Aaron Higbee, David Chamberlain, Vineetha Philip