Patents Examined by Chao Wang
  • Patent number: 12657295
    Abstract: In certain embodiments, a time series-based anomaly detection method is provided, which is able to identify anomalous user accounts highly effectively. An activity predictor is used to model normal behaviors of individual accounts and to assess an extent to which a current behavior associated with differs from its past normal behavior. Part of an activity sequence is inputted to the activity predictor, and a resulting activity prediction (the activity predictor's prediction of normal behavior) is compared with the remaining part of the sequence. In preferred embodiments, a multi-stage approach is used, with a more lightweight form of anomaly detection applied in a first stage, and the time-series based detection performed in a second stage only on a subset of activity sequences escalated from the first stage.
    Type: Grant
    Filed: December 21, 2023
    Date of Patent: June 16, 2026
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Moran Neuhof, Jiahao Lu, Katie Renae Jones, Edan Zwick, Bin Zhu, Shay Kels, Hang Dong
  • Patent number: 12639452
    Abstract: A microprocessor includes a cryptographic engine, M buffer units, and a controller. The cryptographic engine is configured to execute cryptographic algorithms. The M buffer units are configured to cache data required by an access request of a corresponding execution environment. M is an integer greater than or equal to 1. The controller is connected to the cryptographic engine and the M buffer units. The controller is configured to receive the access request from a first execution environment and instruct the cryptographic engine to execute the cryptographic algorithm requested by the access request using the required data cached by the buffer unit corresponding to the first execution environment from which the access request comes. The access request is used to access the cryptographic engine to execute a cryptographic algorithm. The first execution environment is one execution environment among N execution environments. N is an integer greater than or equal to 1.
    Type: Grant
    Filed: August 17, 2022
    Date of Patent: May 26, 2026
    Assignee: Phytium Technology Co., Ltd.
    Inventors: Yufeng Guo, Qiang Dou, Yanzhao Feng, Zhuo Ma, Ming Zhang, Qingshan Zhu, Jianyue Wang, Qiang Deng
  • Patent number: 12625957
    Abstract: A known-deployed file metadata repository (KDFMR) and analysis engine enumerates reference lists of files stored on a software delivery point (SDP) and compares the enumerated list of files and associated metadata to previously stored values in the KDFMR. If newly stored or modified files are identified, the analysis engine acquires the files from the SDP. Each file is analyzed to determine whether the file is an atomic file or a container file and metadata is generated or extracted. Each file stored in a container file is recursively extracted and analyzed, where metadata is generated for each extracted file and each container file. The KDFMR periodically analyzes the files stored on the SDP for differences to maintain the currency of the KDFMR data with respect to files stored on the SDP. Storage or modification of files on the SDP triggers analysis of the associated file. KDFMR data is updated with metadata determined based on sandbox detonation of files and/or identified artifacts of known-deployed files.
    Type: Grant
    Filed: February 19, 2024
    Date of Patent: May 12, 2026
    Assignee: Bank of America Corporation
    Inventors: Dan E. Summers, Jeffrey Texada, Matthew E Kelly, Steven Dimaria
  • Patent number: 12596797
    Abstract: This disclosure presents an approach for identifying obfuscation patterns within system log files to enhance cybersecurity. The method involves two key stages: first, detecting tampering in a primary set of log entries; and second, monitoring a secondary set of log files for the presence of these tampering patterns. By comparing the identified obfuscation patterns in the primary log entries with those detected in the secondary set, the system can effectively identify potential system intrusions. This innovative approach provides an advanced and proactive means of bolstering system security by uncovering and responding to malicious activities that attempt to obscure their tracks within log files, ultimately enhancing the defense against cyber threats.
    Type: Grant
    Filed: November 8, 2023
    Date of Patent: April 7, 2026
    Assignee: Kyndryl, Inc.
    Inventors: Cesar Augusto Rodriguez Bravo, Daniel S. Riley
  • Patent number: 12572646
    Abstract: Provided is a system for execution protection using data colouring. The system includes a central processing unit (CPU), a system memory (SM) and a secure agent component (SAC). The SAC monitors memory access instructions occurring between the CPU and SM. The SAC comprises a colour memory (CM) storing a colour tag for each memory address of the system memory (SM). The SAC stores instructions at a destination address, and copies the colour tag stored at the instruction address in the colour memory to the destination address in the colour memory (CM) while storing data. The SAC loads instruction at a retrieval address, and compares the colour tag stored at the retrieval address and the colour tag at the load instruction in the colour memory (CM). A dysfunction is detected if colour tags are different. Other embodiments disclosed.
    Type: Grant
    Filed: November 8, 2021
    Date of Patent: March 10, 2026
    Assignee: THALES DIS FRANCE SAS
    Inventors: Jean Roch Coulon, André Sintzoff
  • Patent number: 12561444
    Abstract: A system and method for accreditation of software and accreditation workload management using meta models and portfolio view is disclosed. An embodiment comprises extracting raw data from a corpus of documents, published by a regulatory organization to define standards. Further, an embodiment processes the raw data to generate meta models based on information type mapping, control mapping, and assessment procedures mapping. The meta models may comprise a set of information type, a set of security controls, a set of assessment procedures, and a set of model activities. Embodiments provide an ability to manage accreditation workload with compliance process frameworks activities. An embodiment may extract and schedule model activities associated with controls of an application. Further an embodiment may maintain a data-maps database and generate and display a portfolio view to assist a developer to manage the accreditation workload.
    Type: Grant
    Filed: April 24, 2023
    Date of Patent: February 24, 2026
    Assignee: NetImpact Strategies, Inc.
    Inventors: Praveen Chandra Kosgi, Charles Wilson
  • Patent number: 12547708
    Abstract: A known-deployed file metadata repository (KDFMR) and analysis engine enumerates reference lists of files stored on a software delivery point (SDP) and compares the enumerated list of files and associated metadata to previously stored values in the KDFMR. If newly stored or modified files are identified, the analysis engine acquires the files from the SDP. Each file is analyzed to determine whether the file is an atomic file or a container file and metadata is generated or extracted. Each file stored in a container file is recursively extracted and analyzed, where metadata is generated for each extracted file and each container file. The KDFMR periodically analyzes the files stored on the SDP for differences to maintain the currency of the KDFMR data with respect to files stored on the SDP. Storage or modification of files on the SDP triggers analysis of the associated file. KDFMR data is updated with metadata determined based on sandbox detonation of files and/or identified artifacts of known-deployed files.
    Type: Grant
    Filed: February 19, 2024
    Date of Patent: February 10, 2026
    Assignee: Bank of America Corporation
    Inventors: Dan E. Summers, Jeffrey Texada, Matthew E. Kelly, Steven Dimaria
  • Patent number: 12536275
    Abstract: A system is provided for detection of unauthorized computer code using an artificial intelligence-based analyzer. The system may include an artificial intelligence-based analyzer configured to receive various data and metadata from a user computing device when the user computing device is used to capture a scannable code using an image capture device. The system may, using the AI-based engine, compare the scanned code with a pool or repository of previously scanned code to determine whether the code has been scanned before. The repository may further comprise various types of metadata regarding the scanned code, such as success rate, usual scanning location, embedded resources or links within the code, timestamps for when the code was previously scanned, and/or the like. Based on the analysis of the scanned code, the system may present a notification on the user computing device that indicates whether the scanned code is potentially unsafe to execute.
    Type: Grant
    Filed: November 8, 2023
    Date of Patent: January 27, 2026
    Assignee: BANK OF AMERICA CORPORATION
    Inventor: Manoj Kumar C M
  • Patent number: 12511397
    Abstract: The present disclosure relates to a method including executing, by an electronic device, a first firmware module stored in a volatile memory of the electronic device, the execution of the first firmware module causing an updated firmware key to be stored in a non-volatile memory of the electronic device, and uploading a second firmware module to the electronic device. The method also includes decrypting the second firmware module by a cryptographic processor of the electronic device based on the updated firmware key, and installing the decrypted second firmware module in the volatile memory of the electronic device at least partially overwriting the first firmware module.
    Type: Grant
    Filed: September 16, 2022
    Date of Patent: December 30, 2025
    Assignee: STMicroelectronics S.r.l.
    Inventors: Antonino Mondello, Michele Alessandro Carrano, Riccardo Condorelli
  • Patent number: 12462003
    Abstract: Systems, computer program products, and methods are described herein for implementing a multi-component authentication using pre-determined sequences and indicators in an electronic network.
    Type: Grant
    Filed: March 17, 2023
    Date of Patent: November 4, 2025
    Assignee: BANK OF AMERICA CORPORATION
    Inventors: Anna Kristen Pingel Berry, Olga Kocharyan, Ravi Joshi, Luqman Sharief, Michael Wm. Whitaker, Benjamin Daniel Hardman, Shweta Ambulkar, Angela Ianni
  • Patent number: 12437078
    Abstract: A technique is directed to simulating a ransomware attack in a testing environment. The technique involves obtaining access to a testing environment in which to perform a simulated ransomware attack. The technique further involves, after obtaining access to the testing environment, loading prepared data into the testing environment. The technique further involves performing, as the simulated ransomware attack, a set of input/output (IO) operations based on a set of IO traces corresponding to an actual ransomware attack, the set of IO operations accessing the prepared data.
    Type: Grant
    Filed: May 1, 2023
    Date of Patent: October 7, 2025
    Assignee: Dell Products L.P.
    Inventors: Rustem Rafikov, Philippe Armangau, Sathya Krishna Murthy, Christopher Jones, Bruce A. Zimmerman
  • Patent number: 12423417
    Abstract: A system includes calling to a first function, determination, in response to the call, of whether to execute a first version of the first function or a second version of the first function, execution of the first version of the first function if it is determined to execute the first version of the first function, and execution of the second version of the second function if it is determined to execute the second version of the first function, wherein the second version of the first function comprises a security-related features and the first version of the first function does not comprise the security-related feature.
    Type: Grant
    Filed: October 9, 2023
    Date of Patent: September 23, 2025
    Assignee: Microsoft Technology Licensing, LLC
    Inventor: Kirill Motil
  • Patent number: 12399983
    Abstract: Communications, such as system event log messages, can be authenticated using a hash value included in the messages. In some embodiments, the hash can be generated using secret hash parameters to generate a hash of the prior message in the sequence. The hash is stored to BIOS memory that is inaccessible, or at least not exposed, to an operating system executing on the computing device. A recipient, such as the BMC on the computing device, receiving these messages over an appropriate interface can compare the received and expected hash values in order to attempt to authenticate those messages. Authenticated messages can be processed, while unauthenticated messages can be dropped and remedial action taken as appropriate.
    Type: Grant
    Filed: February 19, 2020
    Date of Patent: August 26, 2025
    Assignee: Amazon Technologies, Inc.
    Inventors: Troy Lawson Bevis, Daniel John Farrell, Nathan Pritchard
  • Patent number: 12386947
    Abstract: A system and method for identifying device attributes based on string field conventions. A method includes applying at least one machine learning model to an application data set extracted based on a string indicated in a field of device data corresponding to a device, wherein each of the at least one machine learning model is trained based on a training data set including a plurality of second strings and a plurality of device attribute labels, wherein each device attribute label corresponds to a respective second string of the plurality of second strings, wherein each of the at least one machine learning model is configured to output a predicted device attribute for the device based on the first string; and identifying, based on the output of the at least one machine learning model, a device attribute of the device.
    Type: Grant
    Filed: June 3, 2024
    Date of Patent: August 12, 2025
    Assignee: Armis Security Ltd.
    Inventors: Ron Shoham, Tom Hanetz, Yuval Friedlander, Gil Ben Zvi
  • Patent number: 12373552
    Abstract: A fraud detection system obtains a number of known fraudulent end-user profiles and/or otherwise undesirable end-user profiles. Using statistical analysis techniques that include clustering the end-user profiles by attributes and attribute values and/or combinations of attributes and attribute values, the fraud detection system identifies on a continuous, periodic, or aperiodic basis those attribute values and/or attribute value combinations that appear in fraudulent or otherwise undesirable end-user profiles. Using this data, the fraud detection system generates one or more queries to identify those end-user profiles having attribute values or combinations of attribute values that likely indicate a fraudulent or otherwise undesirable end-user profile.
    Type: Grant
    Filed: March 29, 2024
    Date of Patent: July 29, 2025
    Assignee: PLENTYOFFISH MEDIA ULC
    Inventors: Thomas Levi, Steve Oldridge
  • Patent number: 12367276
    Abstract: A center device is provided that receives a log from vehicle-mounted equipment transmitting the log based on an external transmission rule and analyzes the log to detect a cyber attack. Based on a result of the detecting, the center device determines update of the external transmission rule. The center devices transmits an external transmission rule update instruction. As attack depth of the cyber attack is deeper, the center device sets an external transmission target to the log that is generated in a deeper layer among layers in which constituent elements of the vehicle-mounted equipment are defined.
    Type: Grant
    Filed: July 9, 2021
    Date of Patent: July 22, 2025
    Assignee: DENSO CORPORATION
    Inventors: Naoya Ishida, Masumi Egawa, Takeshi Sugashima, Taiji Abe, Katsuya Tanaka, Reiichirou Imoto, Keigo Nagara
  • Patent number: 12353593
    Abstract: The present disclosure provides a method, a device, and a system for protecting privacy. The method for protecting privacy includes: acquiring video information collected by a camera; performing video segmentation processing on the video information to obtain an original video frame; detecting whether the original video frame comprises privacy information; masking an area comprising the privacy information in the original video frame to generate a masked frame under a condition that the original video frame comprises the privacy information, and taking the masked frame as an output video frame; and taking the original video frame as the output video frame under a condition that the original video frame does not comprise the privacy information.
    Type: Grant
    Filed: May 25, 2021
    Date of Patent: July 8, 2025
    Assignees: BEIJING WODONG TIANJUN INFORMATION TECHNOLOGY CO., LTD., BEIJING JINGDONG SHANGKE INFORMATION TECHNOLOGY CO., LTD.
    Inventors: Hongyu Li, Zuojun Shen
  • Patent number: 12339957
    Abstract: Systems, methods, and other embodiments described herein relate to monitoring for unauthorized access to an electronic device. In one embodiment, a method includes acquiring a fault status about observed anomalies within a device. The observed anomalies relating to unauthorized access to the device. The method includes analyzing the fault status to identify whether the fault status satisfies a fault threshold. The method includes activating a response when the fault status satisfies the fault threshold indicating the presence of the unauthorized access.
    Type: Grant
    Filed: March 8, 2022
    Date of Patent: June 24, 2025
    Assignee: Denso Corporation
    Inventors: Ameer Kashani, Gopalakrishnan Iyer
  • Patent number: 12333001
    Abstract: Mitigation of return stack buffer side channel attacks in a processor. Detecting a side channel attack or a fault in a return from a function call in the processor includes receiving a return exception level indication (or e.g., a return security level indication) indicating the exception level associated with the return and comparing the exception level associated with the return to the exception level (or security level) associated with the return address. The return exception level indicator may be received in conjunction with a return indication. The processing circuit accesses the first entry of the return stack buffer, which indicates the return address of the function call, and also accesses an exception level associated with the return address. The processing circuit compares the exception level associated with the return address to the exception level associated with the return to determine whether to use the return address in a prediction of instruction flow.
    Type: Grant
    Filed: August 4, 2021
    Date of Patent: June 17, 2025
    Assignee: Ampere Computing LLC
    Inventors: Benjamin Crawford Chaffin, Bret Leslie Toll, Michael Stephen Chin
  • Patent number: 12287870
    Abstract: The present invention relates to a security policy and audit log two-way inquiry, collation, and tracking system and method capable of effectively inquiring and confirming various pieces of log information generated due to setting and change of various security policies, and capable of inquiring and confirming a security policy related to log information based on the collected log information. According to the present invention, it is possible to inquire, collate, and track logs generated and recorded by the various security policies, it is possible to inquire, collate, and track the security policy applied to the collected log, and it is possible to inquire, collate, and track the security policy and the log in two ways and in real time.
    Type: Grant
    Filed: March 21, 2019
    Date of Patent: April 29, 2025
    Assignee: SECUVE.CO., LTD.
    Inventors: Ki Yoong Hong, Kyu Ho Lee, Sung Geun Lee, Joo Yang Son, Jong Man Song