Patents Examined by Eleni Shiferaw
  • Patent number: 10079840
    Abstract: A protection method, which releases an attack of a malware to a network interface controller (NIC) system, includes processing a microbatching operation in a plurality of session channels at at least an operational period according to at least one input information, to generate a plurality of session-specific NIC patterns of the plurality of session channels; and merging the plurality of session-specific NIC patterns to generate an application-specific NIC pattern at an application layer, so as to dispose a script information corresponding to the application-specific NIC pattern in the NICs for releasing the attack of the malware, wherein the microbatching operation is processed to generate a plurality of independent subset-specific NIC pattern in each session channel, so as to generate the session-specific NIC pattern corresponding to each session channel.
    Type: Grant
    Filed: August 20, 2015
    Date of Patent: September 18, 2018
    Assignee: Wistron Corporation
    Inventor: Chih-Ming Chen
  • Patent number: 10073974
    Abstract: A method includes analyzing a given application to determine one or more packages utilized by the given application, the one or more packages comprising a plurality of libraries, identifying a subset of the plurality of libraries utilized by the given application, determining one or more dependent libraries for each of the identified libraries in the subset, generating a given container for the given application, the given container comprising the identified libraries in the subset and the dependent libraries for each of the identified libraries, performing risk analysis for the given container including comparing a risk value calculated for the given container to a designated risk threshold, simulating one or more actions in the given container responsive to the risk value calculated for the given container exceeding the designated risk threshold, and determining whether to accept or reject the given container responsive to the risk analysis and simulated actions.
    Type: Grant
    Filed: July 21, 2016
    Date of Patent: September 11, 2018
    Assignee: International Business Machines Corporation
    Inventors: Jinho Hwang, Clifford A. Pickover, Maja Vukovic
  • Patent number: 10069798
    Abstract: A method, and associated system and computer program product, for modifying rules in a firewall infrastructure are described. A unit of deployment including application code and a signed passport is received at a requestor module on a server. The passport includes a heart-beat time-out interval, a firewall rule, and a first application hash value. A trigger signal within the heart-beat time-out interval is generated. The application code is hashed, resulting in a second application hash value. In response to authenticating the passport and determining the first and second application hash values as being equal, the signed passport and trigger signal are transmitted to a border control agent of the firewall; the firewall rule is continuously confirmed within a time interval shorter than the heart-beat time-out interval; and the firewall is modified according to the firewall rule.
    Type: Grant
    Filed: December 26, 2017
    Date of Patent: September 4, 2018
    Assignee: International Business Machines Corporation
    Inventors: Joachim H. Frank, Holger Karn
  • Patent number: 10069848
    Abstract: A method for data security is provided. The method may include obtaining a first object which is set as a sensitive object. The method may also include obtaining a second object, whereby there is a first relationship between the second object and the first object. The method may further include setting the second object as a sensitive object, in response to determining that the first relationship represents that there is strict correlation between the second object and the first object.
    Type: Grant
    Filed: June 17, 2015
    Date of Patent: September 4, 2018
    Assignee: International Business Machines Corporation
    Inventors: Hao Feng, Hui Hui Jiang, Shuo Li, Shengyan Sun
  • Patent number: 10068187
    Abstract: A method includes accessing information identifying multiple files and identifying classification data for the multiple files, where the classification data indicates, for a particular file of the multiple files, whether the particular file includes malware. The method also includes generating n-gram vectors for the multiple files by, for each file, generating an n-gram vector indicating occurrences of character pairs in printable characters representing the file. The method further includes generating and storing a file classifier using the n-gram vectors and the classification data as supervised training data.
    Type: Grant
    Filed: May 31, 2017
    Date of Patent: September 4, 2018
    Assignee: SPARKCOGNITION, INC.
    Inventor: Na Sai
  • Patent number: 10061910
    Abstract: A system includes one or more biometric sensors, a sensor hub and a trusted application execution environment. The sensor hub has exclusive access to the sensors and also isolates untrusted/unauthenticated portions of the operating system from direct access to unencrypted biometric data acquired by the sensors. During a biometric scan/collection process, only the sensor hub and a security engine can access the sensors and a storage component. The sensor hub reads the sensors to obtain the biometric data associated with the scan/collection process and stores the biometric data in the storage component. The security engine encrypts the biometric data before the sensor hub removes the access restrictions. Various components transfer the encrypted biometric data from the storage component to the trusted environment, which hosts algorithms for processing the biometric data.
    Type: Grant
    Filed: June 9, 2015
    Date of Patent: August 28, 2018
    Assignee: INTEL CORPORATION
    Inventors: Niraj Bali, Kumar N. Dwarakanath, Asaf Haskel, Gennadi Iosad, Anoop K. Jayasankaran, Victoria C. Moore, Vinod Gomathi Nayagam, David Zahavi
  • Patent number: 10061929
    Abstract: Convenient sharing of information among authorized network users may be facilitated by allowing a user to send information originating from multiple applications in aggregate form to another user, e.g., using a secure messaging service. In scenarios where data access is restricted, a server may check the recipient's access privileges prior to forwarding the information to her.
    Type: Grant
    Filed: November 10, 2016
    Date of Patent: August 28, 2018
    Assignee: IMPRIVATA, INC.
    Inventors: Edward J. Gaudet, John Gage, David Kashtan, Jason Mafera, Eliot Rubinov, Kuntal Sengupta, David M. T. Ting, Kyle Vernest, Bryan Galloway, Mae-Ellen Gavin
  • Patent number: 10061585
    Abstract: A machine instruction is provided that includes an opcode field to provide an opcode, the opcode to identify a perform pseudorandom number operation, and a register field to be used to identify a register, the register to specify a location in memory of a first operand to be used. The machine instruction is executed, and execution includes for each block of memory of one or more blocks of memory of the first operand, generating a hash value using a 512 bit secure hash technique and at least one seed value of a parameter block of the machine instruction; and storing at least a portion of the generated hash value in a corresponding block of memory of the first operand, the generated hash value being at least a portion of a pseudorandom number.
    Type: Grant
    Filed: January 28, 2016
    Date of Patent: August 28, 2018
    Assignee: International Business Machines Corporation
    Inventors: Dan F. Greiner, Bernd Nerz, Tamas Visegrady
  • Patent number: 10062038
    Abstract: A method includes accessing information identifying multiple files and identifying classification data for the multiple files, where the classification data indicates, for a particular file of the multiple files, whether the particular file includes malware. The method also includes generating a sequence of entropy indicators for each of the multiple files, each entropy indicator of the sequence of entropy indicators for the particular file corresponding to a chunk of the particular file. The method further includes generating n-gram vectors for the multiple files, where the n-gram vector for the particular file indicates occurrences of groups of entropy indicators in the sequence of entropy indicators for the particular file. The method also includes generating and storing a file classifier using the n-gram vectors and the classification data as supervised training data.
    Type: Grant
    Filed: May 31, 2017
    Date of Patent: August 28, 2018
    Assignee: SPARKCOGNITION, INC.
    Inventor: Na Sai
  • Patent number: 10061903
    Abstract: A method of operating an electronic device is provided. The method includes creating a security key based on data shared with a specific electronic device, creating security configuration information and a watermarking content based on the security key, and transmitting the security configuration information and the watermarking content to the specific electronic device.
    Type: Grant
    Filed: March 10, 2015
    Date of Patent: August 28, 2018
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Ki-Huk Lee, Moon-Soo Kim, Hyun-Soo Kim, Jung-Eun Lee, Ho-Chul Hwang
  • Patent number: 10063587
    Abstract: Systems, methods, and software described herein provide for responding to security threats in a computing environment based on the classification of computing assets in the environment. In one example, a method of operating an advisement computing system includes identifying a security threat for an asset in the computing environment, and identifying a classification for the asset in relation to other assets within the computing environment. The method further provides determining a rule set for the security threat based on the classification for the asset and initiating a response to the security threat based on the rule set.
    Type: Grant
    Filed: December 2, 2015
    Date of Patent: August 28, 2018
    Assignee: Splunk Inc.
    Inventors: Sourabh Satish, Oliver Friedrichs, Atif Mahadik, Govind Salinas
  • Patent number: 10055596
    Abstract: A storage device of a data center may protect data stored on a storage medium of the storage device using a data security mechanism. The data security mechanism may include a connection detection component and a storage destruction mechanism. The connection detection component may be configured to detect whether the storage device is physically connected to another device (e.g., a storage server) of a data center. The storage destruction mechanism may be configured to destroy at least a portion of the data stored on the storage device in response to the connection detection component detecting that the storage device is physical disconnected from the other device.
    Type: Grant
    Filed: June 8, 2015
    Date of Patent: August 21, 2018
    Assignee: Amazon Technologies, Inc.
    Inventors: Michael Phillip Czamara, Brock Robert Gardner
  • Patent number: 10055562
    Abstract: Various embodiments are generally directed to an apparatus, method and other techniques for detecting an input comprising an object contacting a surface of an apparatus, determining object characteristics based on the detected input and selecting a user profile based on the determined object characteristics.
    Type: Grant
    Filed: October 23, 2013
    Date of Patent: August 21, 2018
    Assignee: INTEL CORPORATION
    Inventors: Anna Lerner, Alex Nayshtut, Tomer Rider
  • Patent number: 10055594
    Abstract: A service proxy services as an application programming interface proxy to a service, which may involve data storage. When a request to store data is received by the service proxy, the service proxy encrypts the data and stores the data in encrypted form at the service. Similarly, when a request to retrieve data is received by the service proxy, the service proxy obtains encrypted data from the service and decrypts the data. The data may be encrypted using a key that is kept inaccessible to the service.
    Type: Grant
    Filed: March 14, 2016
    Date of Patent: August 21, 2018
    Assignee: Amazon Technologies, Inc.
    Inventors: Gregory Branchek Roth, Eric Jason Brandwine, Matthew James Wren
  • Patent number: 10057284
    Abstract: Systems and methods for retrospective scanning of network traffic logs for missed threats using updated scan engines are provided. According to an embodiment, a network security device maintains a network traffic log that includes information associated with network activities observed within a private network. Responsive to an event, the network traffic log is retrospectively scanned in an attempt to identify a threat that was missed by a previous signature-based scan or a previous reputation-based scan of the observed network activities. When the threat is identified as a result of the retrospective scan, then remedial and/or preventive action is taken with respect to the threat.
    Type: Grant
    Filed: February 18, 2017
    Date of Patent: August 21, 2018
    Assignee: Fortinet, Inc.
    Inventor: Qianyong Yu
  • Patent number: 10050949
    Abstract: Web pages, such as a captive portal web page, may be rendered on an electronic display such as a display of a television that is removably coupled to a content streaming device. The web pages may be rendered using a customized user interface (UI) of a captive portal application executable on the content streaming device. The UI of the captive portal application may be customized for viewing at a longer distance than a typical distance between a user and a handheld mobile device. A computer-executable script may be embedded or otherwise associated with source code of a web page to cause a focus outline of a selectable UI element to be displayed more prominently when a user navigates to the selectable UI element using, for example, a remote control device configured to communicate with the content streaming device.
    Type: Grant
    Filed: March 23, 2015
    Date of Patent: August 14, 2018
    Assignee: Amazon Technologies, Inc.
    Inventors: Jordan Andrew Marcy, Rajan Ranga, He Chen, Ben Zion Gabay, Patricia Julia Cuadra, Michael William Miller
  • Patent number: 10050948
    Abstract: Methods, systems, and devices for updating access permissions of users in an access control system are described. The access permissions are capable of being updated based on rules and thresholds that include as at least one variable presence or contextual information associated with a user. The presence or contextual information associated with a user may be analyzed to trigger a credential update process for that user or other users within the access control system.
    Type: Grant
    Filed: July 26, 2013
    Date of Patent: August 14, 2018
    Assignee: ASSA ABLOY AB
    Inventors: Stig Lagerstedt, Daniel Berg, Daniel Bailin, Mark Robinton, Masha Leah Davis
  • Patent number: 10050939
    Abstract: Techniques for communication in a hybrid cloud computing system. The techniques include utilizing cross-origin resource sharing to allow a web-based application to communicate with both a public host computer and a private host computer of the hybrid cloud computing system. More specifically, a web-based application downloaded from the public host computer would include code that, when executed, would programmatically make HTTP requests to the private host computer. The private host computer would respond with an Access-Control-Allow-Origin header specifying the origin of the public host computer as an allowed origin, thereby allowing the web-based application to access resources from the private host computer. The techniques may be used for managing computing or software resources of the hybrid cloud computing system and also for transfer of data related to managing computing or software resources of the hybrid cloud computing system.
    Type: Grant
    Filed: December 15, 2015
    Date of Patent: August 14, 2018
    Assignee: VMWARE, INC.
    Inventors: Rostislav Hristov, Vesselin Arnaudov
  • Patent number: 10050940
    Abstract: A connection control system includes a management server outside firewall, supporting connection of communications between a control target device inside firewall and a cloud server outside firewall, and a relay device communicating with the control target device inside firewall. A processor included in the management server registers association information associating the cloud server and the relay device with the control target device, establishes an always-on session with the relay device, and upon reception of a connection request, transmits to the relay device via the always-on session a connection instruction to relay communications with the cloud server associated with the control target device by the association information.
    Type: Grant
    Filed: July 2, 2015
    Date of Patent: August 14, 2018
    Assignee: KONICA MINOLTA, INC.
    Inventor: Hiroaki Maekawa
  • Patent number: 10042999
    Abstract: Methods, apparatus, systems and articles of manufacture are disclosed to manage password security. An example apparatus includes a password field identifier to: monitor a computing device to detect entry of password information for web services, the password field identifier to identify when the password information for a first one of the web services is new or is changing. When the password information is new or is changing, capture the entered password associated with the first one of the web services. The example apparatus further includes a password linkage monitor to store a hash value of the captured password in a password vault and associate the stored hash value of the captured password with the first one of the web services.
    Type: Grant
    Filed: January 3, 2017
    Date of Patent: August 7, 2018
    Assignee: Intel Corporation
    Inventors: Hong Li, Tobias M. Kohlenberg, Lawrence Hurst