Patents Examined by Carl G. Colin
  • Patent number: 10412099
    Abstract: Various systems, mediums, and methods may involve a data engine with various components. For example, a system with the data engine may include a segmentation component, an asset preparation component, a clustering component, a variable generation component, and classification component. As such, the system may determine a number of assets associated with a number of activities of one or more accounts. Further, the system may determine various links associated with the number of assets. As such, the system may detect an attack and/or an attack trend associated with the one or more accounts based on the various links associated with the number assets. Further, the system may generate a notification that indicates the attack and/or the attack trend detected.
    Type: Grant
    Filed: June 22, 2016
    Date of Patent: September 10, 2019
    Assignee: PayPal, Inc.
    Inventors: Adam Cohen, David Stein, Itzik Levi
  • Patent number: 10404697
    Abstract: The disclosed computer-implemented method for using vehicles as information sources for knowledge-based authentication may include (1) identifying a vehicle belonging to a user who is attempting to authenticate with an identity-verification authority, (2) acquiring analytic information about the vehicle, (3) generating, by analyzing the analytic information about the vehicle, at least one authentication question, where the correct response to the authentication question requires knowledge about the vehicle, (4) presenting the authentication question to the user, and (5) authenticating the identity of the user based on the user responding correctly to the authentication question. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: December 28, 2015
    Date of Patent: September 3, 2019
    Assignee: Symantec Corporation
    Inventors: Kevin Jiang, Ilya Sokolov, Bruce McCorkendale
  • Patent number: 10405056
    Abstract: Methods and products to deliver at least a portion of an advertisement to a viewer at normal playback speeds after receiving a command from the viewer to fast-forward through an advertisement faster than normal playback speeds is described. In certain embodiments, the invention delivers a portion of the advertisement to be played at normal playback speeds to the viewer: and delivers the remaining portion of the advertisement to be played at a playback speed that is faster than the specified playback speed so that the combination of the portions delivered at normal and faster playback speeds is delivered to the user at the specified playback speed. In some other embodiments, the invention delivers at least a portion of the first advertisement to the viewer at normal playback speeds; and delivers one or more other advertisements to the viewer simultaneously with the first advertisement with the audio information muted based on the specified playback speed.
    Type: Grant
    Filed: October 24, 2016
    Date of Patent: September 3, 2019
    Assignee: Visible World, LLC
    Inventor: Seth Haberman
  • Patent number: 10389751
    Abstract: A mobile vehicle communications system and a method of determining the legitimacy of a wireless sensor signal received by an electronic control unit (ECU) in a vehicle. The method includes the steps of: receiving at the electronic control unit (ECU) a first wireless signal identified as being from a first vehicle sensor; performing a correlation procedure at the ECU using the first wireless signal; and based on the correlation procedure, determining whether the first wireless signal is a legitimate signal sent by the first vehicle sensor.
    Type: Grant
    Filed: May 9, 2015
    Date of Patent: August 20, 2019
    Assignee: GM Global Technology Operations LLC
    Inventors: Moshe Laifenfeld, Gill R. Tsouri
  • Patent number: 10389522
    Abstract: The disclosure relates to secure data storage and retrieval, in particular to methods and circuits for securely storing data to reduce the possibility of leakage via side channel attacks. Embodiments disclosed include a method of storing a value comprising a series of words, the method comprising: i) combining in a series of XOR operations a word of a first portion of the value, a word of a second portion of the value and an output word of a first random number generator to provide a first combined word; ii) storing the first combined word in a shift register; and iii) repeating steps i) and ii) for each successive word of the first and second portions of the value.
    Type: Grant
    Filed: February 4, 2017
    Date of Patent: August 20, 2019
    Assignee: NXP B.V.
    Inventor: Sebastien Riou
  • Patent number: 10372895
    Abstract: A method for providing a security environment. The method includes detecting user information from an accessory in response to detection of the accessory, performing security authentication with input security information if the user information is detected; and providing the security environment when the security authentication is successful.
    Type: Grant
    Filed: April 18, 2014
    Date of Patent: August 6, 2019
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Yung-Kwan Kim, Jong-Seok Kim
  • Patent number: 10375103
    Abstract: An automated scanning service can be configured to dynamically determine potential firewall misconfigurations in a shared resource environment. The scanning service can interrogate one or more application programming interfaces (APIs) to determine the state of the relevant firewall ports. For each firewall port in a permitted state, a test or trace can be run to determine whether the corresponding host port is open. Similarly, information can be obtained indicating which host ports for the allocation are open, and a determination can be made as to whether the corresponding firewall ports are permitted. Once the determinations are made, any mismatch in port state can be reported as a potential misconfiguration.
    Type: Grant
    Filed: September 26, 2016
    Date of Patent: August 6, 2019
    Assignee: AMAZON TECHNOLOGIES, INC.
    Inventor: Eric Jason Brandwine
  • Patent number: 10366224
    Abstract: An information handling system has a secure data storage partition allocation. Access to the secure storage partition is limited to a set of authorized functions authorized to access the secure storage partition. The authorization of a function may be determined by a unique identification corresponding to the function or a reverse trace.
    Type: Grant
    Filed: June 22, 2016
    Date of Patent: July 30, 2019
    Assignee: Dell Products, LP
    Inventors: Yogesh P. Kulkarni, Sundar Dasar, Sumanth Vidyadhara, Wei Liu, Satyajit D. Desai
  • Patent number: 10367833
    Abstract: A mechanism is provided for controlling execution of a computer program. An execution of unallowed software may be prohibited. Structural elements of a graphical user interface of the computer program are detected. The detected structural elements are compared with a stored signature, each signature comprising structural elements of a graphical user interface of allowed computer programs. Upon not finding a matching signature among the stored signatures when comparing, further executing of the computer program is inhibited.
    Type: Grant
    Filed: March 7, 2017
    Date of Patent: July 30, 2019
    Assignee: International Business Machines Corporation
    Inventors: Piotr P. Godowski, Bartlomiej T. Malecki, Krzysztof Pienkowski, Artur K. Zezula
  • Patent number: 10367844
    Abstract: The present disclosure generally provides systems and methods of network security and threat management. An exemplary system includes detection and prevention modules (DPM) designed specifically to collect and transmit suspicious binary network packet data. The collected network packets are sent to a behavioral correlation module to perform automatic behavioral correlation: (1) within each DPM, (2) across all DPMs installed on a network, and (3) across all DPMs installed on all networks. The results of the behavioral correlation are sent to a security dashboard module (SDM), which generally acts as a fully integrated Security Event Management system and collects, correlates, and prioritizes global network alerts, local network alerts, posted vendor alerts, and detected network vulnerabilities with enterprise assets. The SDM could display the results in a user-friendly graphical user interface and has the ability to perform geographic mapping of externally generated threats.
    Type: Grant
    Filed: July 17, 2018
    Date of Patent: July 30, 2019
    Assignee: MASERGY COMMUNICATIONS, INC
    Inventors: Michael Roy Stute, Scott S. Paly
  • Patent number: 10360097
    Abstract: A method includes receiving a retrieval request regarding an encoded key stream slice of a set of encoded key stream slices and an encoded and encrypted data slice of a set of encoded and encrypted data slices. The method further includes partially dispersed storage error decoding the encoded key stream slice to produce a partially decoded key stream vector. The method further includes partially dispersed storage error decoding the encoded and encrypted data slice to produce a partially decoded and encrypted data vector. The method further includes partially decrypting the partially decoded and encrypted data vector in accordance with the encryption function and based on the partially decoded key stream vector to produce a partially decrypted and decoded data vector. The method further includes sending the partially decrypted and encoded data vector to the requesting computing device.
    Type: Grant
    Filed: August 29, 2016
    Date of Patent: July 23, 2019
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Jason K. Resch, Greg Dhuse
  • Patent number: 10356612
    Abstract: One embodiment is an authentication method comprising on receiving a request from the web browser of the terminal, the request including a user identifier, obtaining authentication data that is associated with the user identifier and that is stored in a database of the internal network, configuring a proxy server authorizing access via the access security entity to the internal network for a determined set of connection parameters, generating a first application from the connection parameters of the set, which application is protected using at least one determined portion of the authentication data and being configured to, on being executed by the web browser, set up a connection between the terminal and the proxy server using the parameters, this being done in response to the at least determined portion of the authentication data being supplied and transmitting the first application to the web browser of the terminal.
    Type: Grant
    Filed: June 13, 2014
    Date of Patent: July 16, 2019
    Assignee: ORANGE
    Inventors: Ruan He, Jamil Chawki
  • Patent number: 10356114
    Abstract: A method and a system of distinguishing between a human and a machine are disclosed. The method includes: when a request for accessing a designated network service is received, recording information of the request which include a time of receiving the request and information of an access object that sends the request; computing a statistical value of requests sent by the access object in real time based on a record; and determining the access object to be abnormal when the statistical value of the requests sent by the access object falls outside a predetermined normal range. The disclosed system of distinguishing between a human and a machine includes a recording module, a computation module and a determination module. Identification between humans and machines using the disclosed scheme is difficult to be cracked down and can improve an accuracy rate of human-machine identification.
    Type: Grant
    Filed: November 22, 2016
    Date of Patent: July 16, 2019
    Assignee: Alibaba Group Holding Limited
    Inventors: Yingfang Fu, Yudong Zhang, Zhenyuan Zhang, Jian Liu
  • Patent number: 10348737
    Abstract: An embodiment of the invention may include a method, computer program product and system for receiving a request from a user to access a system. The user requesting access has an associated job function. The embodiment of the invention may include determining an access window for the job function of the user. The access window for the job function is a range of time where historical usage of the system by one or more users having the job function is above a threshold amount. The embodiment of the invention may include determining whether a time of access of the request is within the access window. The embodiment of the invention may include granting access to the system based on determining that the time of access of the request is within the access window.
    Type: Grant
    Filed: March 8, 2016
    Date of Patent: July 9, 2019
    Assignee: International Business Machines Corporation
    Inventors: Denise A. Bell, Cristina Bonanni, Patrizia Manganelli, Randa Salem
  • Patent number: 10341329
    Abstract: A method is provided for generating a public/private key pair and certificate. The method includes providing an integrated circuit (IC) with an IC specific initial public and private key pair and a public key certificate signed by a manufacturer of the IC. A smartcard having stored thereon customer unique configuration data related to the IC is provided to a customer of the IC manufacturer. The smartcard enables the customer to generate a customization value and a customized public key using the customer unique configuration data. In response to the customer receiving the public key certificate signed by the IC manufacturer from the IC, the customer is enabled to provide the customization value, the customized public key, and a public key certificate signed by the customer to the IC. The IC is thus enabled to generate a customized private key, thus providing an IoT device with a public/private key pair and a certificate signed by the device manufacturer without the use of a trusted party.
    Type: Grant
    Filed: July 5, 2017
    Date of Patent: July 2, 2019
    Assignee: NXP B.V.
    Inventor: Jan Rene Brands
  • Patent number: 10341375
    Abstract: Customer communication security vulnerabilities are resolved. A usage history is obtained for a user device including communications involving the user device. Pattern recognition is applied to the usage history. The user device is assigned with a risk classification from a predetermined set of possible risk classifications, based on the pattern recognition. A vulnerability on the user device is remedied when the risk classification exceeds a predetermined threshold.
    Type: Grant
    Filed: December 5, 2014
    Date of Patent: July 2, 2019
    Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.
    Inventor: Ilona Murynets
  • Patent number: 10326787
    Abstract: An anomaly detection system is provided and includes a processor, a memory and a security application stored in the memory and including instructions. The instructions are for collecting behavior data corresponding to users of an organization accessing cloud applications. The behavior data includes parameters tracked over time for the users. The instructions are for: creating a first model based on the behavior data tracked for the users; creating a second model corresponding to a first user based on the parameters tracked for the users except the first user, where the second model excludes behavior data pertaining to the first user; scoring the second model based on the first model to generate a first score; determining whether the first user is an outlier based on the first score; and removing the behavior data corresponding to the first user from the first model if the first user is an outlier.
    Type: Grant
    Filed: February 15, 2017
    Date of Patent: June 18, 2019
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Anton Wolkov, Shai Kaplan, Yonatan Most, Ido Bar Av
  • Patent number: 10320768
    Abstract: Techniques for multi-protocol peer-to-peer connection are described. An apparatus may comprise a discovery component to discover a remote device using a first protocol, and receive discovery information from the remote device, the discovery information including protocol information. The apparatus may comprise an authentication component to authenticate the remote device. The apparatus may comprise a connection component to establish a peer-to-peer connection with the remote device using a second protocol based on the protocol information. Other embodiments are described and claimed.
    Type: Grant
    Filed: August 7, 2017
    Date of Patent: June 11, 2019
    Assignee: FACEBOOK, INC.
    Inventors: Yael Maguire, Damian Kowalewski, Bin Liu, Wai Davidgeolim Lim, Caitlin Elizabeth Kalinowski
  • Patent number: 10305859
    Abstract: Applying a security policy to an application session, includes recognizing the application session between a network and an application via a security gateway, determining by the security gateway a user identity of the application session using information about the application session, obtaining by the security gateway the security policy comprising network parameters mapped to the user identity, and applying the security policy to the application session by the security gateway. The user identity may be a network user identity or an application user identity recognized from packets of the application session. The security policy may comprise a network traffic policy mapped and/or a document access policy mapped to the user identity, where the network traffic policy is applied to the application session. The security gateway may further generate a security report concerning the application of the security policy to the application session.
    Type: Grant
    Filed: May 22, 2017
    Date of Patent: May 28, 2019
    Assignee: A10 Networks, Inc.
    Inventors: Lee Chen, Dennis Oshiba, John Chiong
  • Patent number: 10284543
    Abstract: Disclosed are systems and methods for secure online authentication. An exemplary method comprises: determining, via a processor of a computing device, a connection being established between a browser application installed on a computer system and a protected website; obtaining information relating to the protected website in response to obtaining a request for authentication from the protected website; establishing a protected data transmission channel with the protected website to receive at least one certificate of the protected website; performing authentication and transmitting authentication data to the protected website; and in response to an indication of a successful authentication from the protected website, transmitting identification information to the browser application for enabling access to the protected website.
    Type: Grant
    Filed: August 16, 2016
    Date of Patent: May 7, 2019
    Assignee: AO KASPERSKY LAB
    Inventors: Dmitry L. Petrovichev, Artem O. Baranov, Evgeny V. Goncharov