Patents Examined by Christopher Revak
  • Patent number: 11663326
    Abstract: Examples of the present disclosure describe systems and methods for behavioral threat detection definition. In an example, a behavior rule comprising a set of rule instructions is used to define one or more events indicative of a behavior. For example, a set of events from which one event must be matched may be defined or a set of events from which all events must be matched may be defined. In some examples, events are matched based on an event name or type, or may be matched based on one or more parameters. Exact and/or inexact matching may be used. The set of rule instructions ultimately specifies one or more halt instructions, thereby indicating that a determination as to the presence of the behavior has been made. Example determinations include, but are not limited to, a match determination, a non-match determination, or an indication that additional monitoring should be performed.
    Type: Grant
    Filed: June 29, 2021
    Date of Patent: May 30, 2023
    Assignee: Webroot Inc.
    Inventors: Eric Klonowski, Fred Krenson
  • Patent number: 11664980
    Abstract: A method includes extracting, by an individual computing system, physical movement intentions of an individual from neural signals; mapping, by a secure element of the individual computing system, the physical movement intentions to a character string representing a knowledge factor; and establishing, by the individual computing system, a secure, mutually authenticated communication channel between the individual computing system and a provider computing system by using the knowledge factor as an input to a password authenticated key exchange protocol and generating a symmetric encryption key using the knowledge factor as an input to a key exchange protocol.
    Type: Grant
    Filed: April 29, 2021
    Date of Patent: May 30, 2023
    Assignee: Wells Fargo Bank, N.A.
    Inventor: Phillip H. Griffin
  • Patent number: 11663329
    Abstract: A method, a computer program product, and a system for performing a of threat similarity analysis for automated action on security alerts. The method includes receiving, by a threat similarity analysis system, a security alert relating to a security from a threat disposition system within an environment, performing, by the threat similarity analysis system, a similarity analysis on the security alert using a machine learning model. The similarity analysis compares the security alert with previous security alerts within a time window. The threat similarity analysis system can apply a cosine similarity analysis to perform the similarity analysis. The method also includes determining, based on the similarity analysis, the security alert matches at least one previous security alert from the previous security alerts within a predetermined degree, and associating the security alert into a same security incident as the previous security alert determined by similarity analysis.
    Type: Grant
    Filed: March 9, 2021
    Date of Patent: May 30, 2023
    Assignee: International Business Machines Corporation
    Inventors: Gary I. Givental, Aankur Bhatia, Kyle Proctor, Rafal Hajduk
  • Patent number: 11663330
    Abstract: There is provided a computer implemented method of disabling a malicious electronic control unit (ECU) of a plurality of ECUs in communication with a controller area network (CAN) bus network, the method executed by a computing device in communication with the plurality of ECUs and the CAN bus network, the method comprising: detecting a malicious message transmitted by the malicious ECU over the CAN bus network, and injecting a plurality of bits over the CAN bus network to trigger a predefined plurality of errors for disabling the malicious ECU before the malicious ECU makes an additional attempt to retransmit an additional instance of the malicious message.
    Type: Grant
    Filed: May 25, 2021
    Date of Patent: May 30, 2023
    Assignee: Red Bend Ltd.
    Inventors: Tomer Gilad, Shachar Rosen
  • Patent number: 11665142
    Abstract: A computing system may include a proxy server application and a database. The proxy server application may provide, to a computing device disposed within a managed network, instructions to identify one or more processes executing on the computing device. The proxy server application may also determine, for a process of the one or more processes, a file system path of a directory associated with the process and, based thereon, select one or more directories to scan for files associated with the process. The computing device may be provided with instructions to (i) scan the one or more directories and (ii) determine a plurality of attributes associated with one or more files discovered therein. The proxy server application may additionally receive results of the scan containing a representation of the plurality of attributes and store, in the database, the results of the scan.
    Type: Grant
    Filed: March 29, 2021
    Date of Patent: May 30, 2023
    Assignee: ServiceNow, Inc.
    Inventors: Noam Biran, Amit Dhuleshia, Sreenevas Subramaniam
  • Patent number: 11658967
    Abstract: Artificial biometric traits self-nullify due to natural physiological processes. Biometric enrollment and authentication may then be based on a life associated with the self-nullifying biometric trait. Once the life is expected to have expired, no further authentication may be performed until a new artificial biometric is applied.
    Type: Grant
    Filed: May 25, 2021
    Date of Patent: May 23, 2023
    Assignee: AT&T Intellectual Property I, L.P.
    Inventor: Julio A. Cartaya
  • Patent number: 11658818
    Abstract: Anonymizing systems and methods comprising a native configurations database including a set of configurations, a key management database including a plurality of private keys, a processor in communication with the native configurations database and the key management database, and a memory coupled to the processor. The set of configurations includes one or more ranges, wherein each range includes a contiguous sequence comprised of IP addresses, port numbers, or IP addresses and port numbers. The processor is configured to retrieve the set of configurations from the native configurations database, wherein the set of configurations includes a plurality of objects; retrieve a private key from the key management database; assign a unique cryptographically secure identity to each object; and anonymize the plurality of objects based on the cryptographically secure identities and the private key.
    Type: Grant
    Filed: January 25, 2021
    Date of Patent: May 23, 2023
    Assignee: Network Perception, Inc.
    Inventor: David M. Nicol
  • Patent number: 11652793
    Abstract: Disclosed are systems and methods for firewall configuration. A request can be transmitted to a DNS server. A response to the DNS request can include an Internet Protocol (IP) address. A firewall rule can be generated permitting access to the IP address. The firewall rule can be configured to be valid until expiration of a time-to-live value in the response to the DNS request. Thus, firewall rules can be automatically created as needed by executed processes, eliminating the need for manual firewall rule creation. As the firewall rule is invalid after the expiration of the time-to-live value, risks associated with maintaining out-of-date firewall rules are eliminated, as is the requirement to manually remove or modify out-of-date firewall rules.
    Type: Grant
    Filed: February 3, 2021
    Date of Patent: May 16, 2023
    Assignee: Comcast Cable Communications, LLC
    Inventor: Alexander Gurney
  • Patent number: 11651113
    Abstract: A program execution device capable of protecting a program against unauthorized analysis and alteration is provided. The program execution device includes an execution unit, a first protection unit, and a second protection unit. The execution unit executes a first program and a second program, and is connected with an external device that is capable of controlling the execution. The first protection unit disconnects the execution unit from the external device while the execution unit is executing the first program. The second protection unit protects the first program while the execution unit is executing the second program.
    Type: Grant
    Filed: March 5, 2021
    Date of Patent: May 16, 2023
    Inventors: Hideki Matsushima, Teruto Hirota, Yukie Shoda, Shunji Harada
  • Patent number: 11652821
    Abstract: This is directed to providing access to content stored on a local cloud. In particular, a device can direct a librarian service overseeing the operation of a local cloud to provide another device with access to content stored on the local cloud. The librarian service can generate credentials for the other device, and provide the credentials to the other device. Using the credentials, the other device can connect directly to the local cloud and access the content. In addition, the local cloud can validate the credentials of the other before providing access to the content. The credentials can include, for example, a key to install or load on the device. The librarian may not require, however, the user to create credentials or register with the librarian before being permitted to access the content on the local cloud.
    Type: Grant
    Filed: February 26, 2021
    Date of Patent: May 16, 2023
    Assignee: Apple Inc.
    Inventor: Scott Ryder
  • Patent number: 11645385
    Abstract: A computing system provides clock readings from an untrusted code to trusted code, where the trusted code is executed in a secure enclave and the untrusted code is executed outside the secure enclave. The computing system allocates a pointer to shared memory that is shared between the untrusted code and the trusted code. Under control of the untrusted code, the computing system periodically writes a clock reading to the shared memory. Under control of the trusted code, the computing system reads the clock reading stored in shared memory. The untrusted code cannot determine when the trusted code reads a clock reading.
    Type: Grant
    Filed: June 27, 2022
    Date of Patent: May 9, 2023
    Assignee: R3 LTD.
    Inventors: Roy Hopkins, Marco Bonifazi, Denis Zhereschin
  • Patent number: 11645386
    Abstract: A system and method for accelerating an automated labeling of a volume of unlabeled digital event data samples includes identifying a corpus characteristic of a digital event data corpus that includes a plurality of distinct unlabeled digital event data samples; selecting an automated bulk labeling algorithm based on the corpus characteristic associated with the digital event data corpus satisfying a bulk labeling criterion of the automated bulk labeling algorithm; evaluating a subset of the plurality of unlabeled digital event data samples, wherein evaluating the subset includes attributing a distinct classification label to each digital event data sample within the subset; and in response to the selection, executing the selected automated bulk labeling algorithm against the digital event data corpus, wherein the executing includes simultaneously assigning a classification label equivalent to the distinct classification label to a superset of the digital event data corpus that relates to the subset.
    Type: Grant
    Filed: September 15, 2022
    Date of Patent: May 9, 2023
    Assignee: Sift Science, Inc.
    Inventors: Wei Liu, Ralf Gunter Correa Carvalho
  • Patent number: 11640459
    Abstract: A first anomaly detection unit detects anomalous first monitored data from among a plurality of first monitored data obtained from a monitored system. A second anomaly detection unit operates in parallel with the first anomaly detection unit and detects anomalous second monitored data from among a plurality of second monitored data obtained from the monitored system. In a first storage unit, the anomalous first monitored data and the anomalous second monitored data detected before lapse of a given time from detection time of the anomalous first monitored data are stored in association with each other. A first determination unit, when the anomalous first monitored data is detected, retrieves the anomalous second monitored data associated with the detected anomalous first monitored data from the first storage unit and outputs a first anomaly detection result including the retrieved anomalous second monitored data and the detected anomalous first monitored data.
    Type: Grant
    Filed: June 28, 2018
    Date of Patent: May 2, 2023
    Inventor: Takehiko Mizoguchi
  • Patent number: 11632238
    Abstract: Embodiments provide traceability of edits to a document, i.e., a verifiable and immutable provenance chain for the document. Systems and methods enable traceability of edits, by encoding, for states of the document, a fingerprint (e.g., a cryptographic hash of the document's contents) and an edit history within a block written to a distributed ledger (e.g., a blockchain). The ledger is maintained via a self-organizing peer-to-peer distributed ledger network. Once added to the ledger, the contents of a block (e.g., the document's fingerprint and edit history) are immutable and the integrity of the edit history encoded in the ledger is secure. The algorithm that generates the fingerprint is sensitive to edits of the document. The non-corruptible fingerprint encoded in the ledger is employable to detect any edits that are not included in the encoded edit history and/or inconsistent with a currently available version of the document.
    Type: Grant
    Filed: October 5, 2021
    Date of Patent: April 18, 2023
    Assignee: Adobe Inc.
    Inventors: Gavin Stuart Peter Miller, Xuejun Xu, Max Gray Edell, John Bevil Bates, Matthew Keith Albright
  • Patent number: 11627133
    Abstract: A method for providing access to a target electronic device through a first service running on a different electronic device may include receiving in the first service a command directed to the target electronic device from a command sender and receiving in the service device operation status parameters of the target electronic device. The device operation status parameters may include properties of the target electronic device such as a battery level, a battery charging rate, an age, a planned lifespan, a recent wireless usage, an internal temperature, or any of the above in relation to an intervening electronic device over which communication to the target electronic device travels, or any combination thereof. The method may also include using the device operation status parameters to determine, using the service, whether to provide or not to provide an update signal incorporating the command or information to the target electronic device.
    Type: Grant
    Filed: June 10, 2019
    Date of Patent: April 11, 2023
    Assignee: Google LLC
    Inventors: Alex Dubman, David W. Keith, Jiakang Lu, Mark McBride, Rushabh Doshi
  • Patent number: 11620383
    Abstract: A sample is analyzed to determine a set of events that should be selected for performing by a dynamic analyzer executing the sample in an instrumented, emulated environment. In some cases, analyzing the sample includes extracting the sample's user interface layout into a tree hierarchy of user interface elements. The set of selected events is performed. In some cases, at least one emulator detection resistance action is performed. A maliciousness verdict is determined for the sample based at least in part on one or more responses taken by the sample in response to the set of selected events being performed by the dynamic analyzer.
    Type: Grant
    Filed: February 4, 2021
    Date of Patent: April 4, 2023
    Assignee: Palo Alto Networks, Inc.
    Inventors: Cong Zheng, Wenjun Hu, Zhi Xu
  • Patent number: 11620365
    Abstract: A system for “horizontal” salting of database tables, text files, and data feeds utilizes a key field and character position within that field (the “Key Character”) and a Salting Field, which contains content that can legitimately be in one of at least two states without impacting the usefulness of the data. A unique identifier, which is assigned to the recipient of the data, is hidden within the data by using the variations of the states in the Salting Field, with the value of the Key Character identifying the position within the unique identifier. This type of salting is invisible to the recipient of the data file, does not alter the accuracy of the data, and can be made unique for a particular party receiving data files or unique for each data file.
    Type: Grant
    Filed: April 21, 2021
    Date of Patent: April 4, 2023
    Assignee: LiveRamp, Inc.
    Inventors: Arthur Coleman, Tsz Ling Christina Leung, Michael Anderson, Matt LeBaron, Martin Rose
  • Patent number: 11621824
    Abstract: A blockchain transaction manager implements a method of managing submission of blockchain transactions to a node in a blockchain network by validating a received blockchain transaction and enqueuing the validated received blockchain transaction in a transaction queue, preparing at least one transaction attribute of the received blockchain transaction and placing the received blockchain transaction in a persistence queue, digitally signing or certifying the received blockchain transaction, attempting to submit the digitally signed or certified blockchain transaction to the node, and polling a blockchain status of the submitted blockchain transaction. Processes are provided for automatically recalculating blockchain transaction processing fees in the blockchain transaction attributes. Processes are also provided for repairing transaction attributes when the blockchain transaction has been rejected and submitting the repaired blockchain transaction to the node.
    Type: Grant
    Filed: July 20, 2021
    Date of Patent: April 4, 2023
    Assignee: DLT Global, Inc.
    Inventor: Neeraj Srivastava
  • Patent number: 11616647
    Abstract: A hosted secrets management transport system and method for managing secrets at one or more offsite locations that facilitates secret flow, secret retrieval, and secret replication. The method includes defining boundaries for two or more sovereignties, each sovereignty having an independent master record and each sovereignty including two or more regions; defining a primary region within the two or more regions; accessing, within the primary region, a master record hardware security module that is a primary source of secrets; defining a second region; accessing, within the second region, a backup record hardware security module that is where data backups of the secrets from the master record hardware security module are created; and executing live replication from the master record hardware security module to the backup record hardware security module in which the live replication that supports multi-tenancy secret management of multiple distinct companies at the same time.
    Type: Grant
    Filed: December 3, 2021
    Date of Patent: March 28, 2023
    Inventors: Christopher Teitzel, Tynor Fujimoto
  • Patent number: 11609988
    Abstract: Disclosed herein are systems and method for malicious behavior detection in processing chains comprising identifying and monitoring events generated by a first process executing on a computing device; storing snapshots of data modified by any of the events; determining a level of suspicion for the first process, wherein the level of suspicion is a likelihood of the first process being attributed to malware based on the data modified by any of the events; in response to determining that the first process is not trusted based on the determined level of suspicion, identifying at least one sub-process of the first process; and restoring, from the snapshots, objects affected by the first process and the at least one sub-process.
    Type: Grant
    Filed: December 29, 2021
    Date of Patent: March 21, 2023
    Assignee: Acronis International GmbH
    Inventors: Vladimir Strogov, Vyacheslav Levchenko, Serguei Beloussov, Sergey Ulasen, Stanislav Protasov