Patents Examined by Eleni Shiferaw
  • Patent number: 10025922
    Abstract: Techniques are described herein for loading a user-mode component associated with a kernel-mode component based on an asynchronous procedure call (APC) built by the kernel-mode component. The APC is provided to the main thread of a user-mode process while that user-mode process loads, causing the user-mode process to load the user-mode component. The APC also causes allocation of memory at a location adjacent to that of the user-mode process and stores instructions at the allocated memory. The user-mode component then atomically hooks function(s) of the user-mode process, including modifying a single instruction or set of instructions of the function(s) to jump to the allocated memory. When that modified instruction is executed and jumps to the allocated memory, the instructions at the allocated memory request loading of the user-mode component, which receives data from the hooked function. The user-mode component then provides that data to the kernel-mode component.
    Type: Grant
    Filed: August 5, 2015
    Date of Patent: July 17, 2018
    Assignee: CrowdStrike, Inc.
    Inventors: Ion-Alexandru Ionescu, Loren C. Robinson
  • Patent number: 10027689
    Abstract: According to one embodiment, a malware detection and visualization system comprises one or more processors; and a storage module communicatively coupled to the one or more processors, the storage module comprises logic, upon execution by the one or more processors, that accesses a first set of information that comprises (i) information directed to a plurality of observed events and (ii) information directed to one or more relationships that identify an association between different observed events of the plurality of observed events; and generates a reference model based on the first set of information, the reference model comprises at least a first event of the plurality of observed events, a second event of the plurality of observed events, and a first relationship that identifies that the second event is based on the first event, wherein at least one of (i) the plurality of observed events or (ii) the one or more relationships constitutes an anomalous behavior is provided.
    Type: Grant
    Filed: September 29, 2014
    Date of Patent: July 17, 2018
    Assignee: FireEye, Inc.
    Inventors: Hirendra Rathor, Kaushal Dalal, Anil Gupta
  • Patent number: 10027663
    Abstract: An anonymized biometric representation of a target individual is used in a computer based security system. A detailed input biometric signal associated with a target individual is obtained. A weakened biometric representation of the detailed biometric signal is constructed such that the weakened biometric representation is designed to identify a plurality of individuals including the target individual. The target individual is enrolled in a data store associated with the computer based security system wherein the weakened biometric representation is included in a record for the target individual. In another aspect of the invention, a detailed input biometric signal from a screening candidate individual is obtained. The detailed biometric signal of the screening candidate is matched against the weakened biometric representation included in the record for the target individual.
    Type: Grant
    Filed: October 20, 2017
    Date of Patent: July 17, 2018
    Assignee: International Business Machines Corporation
    Inventors: Jonathan H Connell, II, Fred A Maynir-Ducharme, Nalini K Ratha
  • Patent number: 10025912
    Abstract: According to an embodiment, a reading apparatus is connectable with an information processing apparatus connected to a server apparatus. The reading apparatus includes an authenticator, a cryptographic processor, and a transmitter. The authenticator acquires a shared key by performing an authentication/key exchanging process with the server apparatus. The cryptographic processor acquires secret information and encrypts the secret information using the shared key. The transmitter transmits the encrypted secret information to the server apparatus.
    Type: Grant
    Filed: November 18, 2015
    Date of Patent: July 17, 2018
    Assignee: Kabushiki Kaisha Toshiba
    Inventor: Taku Kato
  • Patent number: 10027716
    Abstract: In accordance with an embodiment, described herein is a system and method for supporting web services in a multitenant application server environment. The system includes a domain with a plurality of partitions, wherein each partition can include one or more web services, and a web services inspection language (WSIL) application. A partition-aware managed bean server can include managed beans for generating addresses of web services deployed to each partition, wherein the generated addresses can be retrieved by the WSIL application in that partition for use by clients in accessing the web services. The system can further include a web service security manager that can secure web services in each partition, by attaching security policies to each web service endpoint and enforcing the security policies on requests directed to that web service endpoint.
    Type: Grant
    Filed: September 19, 2017
    Date of Patent: July 17, 2018
    Assignee: ORACLE INTERNATIONAL CORPORATION
    Inventors: Tim Watson, Guoyong Zhang, Michael Chen, Alan Mullendore, Arjav Desai, Bob Naugle, Mike Gilbode
  • Patent number: 10021130
    Abstract: State information relating to the operation of network devices is used to identify network issues and/or anomalies relating to the operation of the network. The state information from the network devices may include time-series signals from a number of the network devices. Correlation values may be obtained between pairs of time-series signals. Pairs of time-series signals that have a relatively high correlation value may be determined to be related to one another. In one implementation, mitigation of the network issues/anomalies may be automatically performed based on calculated correlation values.
    Type: Grant
    Filed: September 28, 2015
    Date of Patent: July 10, 2018
    Assignee: Verizon Patent and Licensing Inc.
    Inventor: Ashok N Srivastava
  • Patent number: 10013540
    Abstract: In one aspect, a device includes a processor and memory accessible to the processor. The memory bears instructions executable by the processor to receive input from at least one electromyograph, and based at least in part on the input, determine whether a user is authorized to manipulate the device to execute at least one function.
    Type: Grant
    Filed: March 10, 2015
    Date of Patent: July 3, 2018
    Assignee: Lenovo (Singapore) Pte. Ltd.
    Inventors: Rod David Waltermann, Russell Speight VanBlon, Nathan J. Peterson, Arnold S. Weksler, John Carl Mese
  • Patent number: 10015188
    Abstract: Disclosed is a system and method for detecting anomalous behavior in Industrial Control Networks. The system first operates in a learning phase to learn various behaviors, and then in a protection phase to analyze packets to identify anomalous network events, and, for example, raise an alert.
    Type: Grant
    Filed: August 20, 2015
    Date of Patent: July 3, 2018
    Assignee: CYBERX ISRAEL LTD.
    Inventors: Omer Schneider, Nir Giller
  • Patent number: 10013578
    Abstract: Method and apparatus for secure processing. The method includes detecting communication among secure and non-secure data entities, prohibiting execution of non-secure executable instructions on secure data entities unless the non-secure executable instructions are recorded in a permitted instruction record, and prohibiting execution of non-secure executable instructions if the non-secure executable instructions are recorded in a prohibited instruction record.
    Type: Grant
    Filed: November 17, 2015
    Date of Patent: July 3, 2018
    Assignee: Atheer, Inc.
    Inventor: Sleiman Itani
  • Patent number: 10015015
    Abstract: The techniques presented herein provide for verifying the integrity of an encryption key log file generated on a data storage system. Encryption key activity events associated with a storage system's back-end storage drives are identified. A unique signature is generated for each encryption key activity event. Each encryption key activity event and its corresponding signature are stored in an audit log file. An audit log hash file is generated using the contents of the audit log file. At an external location, the audit log file and the audit log hash file are retrieved from the storage system. The integrity of the retrieved audit log file is verified by generating a local audit log hash file and comparing the local audit log hash file to the retrieved audit log hash file and determining if the local audit log hash file matches the retrieved audit log hash file.
    Type: Grant
    Filed: September 30, 2014
    Date of Patent: July 3, 2018
    Assignee: EMC IP HOLDING COMPANY LLC
    Inventors: Gregory W. Lazar, Peter Puhov, Millard C. Taylor, III, Naizhong Chiu
  • Patent number: 10013583
    Abstract: An electronic device of an aspect of the present disclosure includes an underwater detection unit and at least one processor. The underwater detection unit is configured to detect whether or not the electronic device is underwater. The at least one processor is configured to determine whether or not the electronic device has been lost when the underwater detection unit detects that the electronic device is underwater. The at least one processor is configured to determine that the electronic device has been lost when a predetermined condition is satisfied.
    Type: Grant
    Filed: July 25, 2016
    Date of Patent: July 3, 2018
    Assignee: KYOCERA Corporation
    Inventors: Masatoshi Nonogaki, Yuuko Aoki
  • Patent number: 10013365
    Abstract: A method for programming a control unit of a motor vehicle, a previous program code executed in the control unit being stored in a memory area, a new program code being written into the control unit, and a check of this new program code being carried out, the program code being executed by the control unit if the new program code is successfully verified in the course of the check, and the previous program code stored in the memory area being written from the memory area into the control unit and the previous program code being executed by the control unit if the new program code is not successfully verified in the course of the check.
    Type: Grant
    Filed: February 24, 2016
    Date of Patent: July 3, 2018
    Assignee: ROBERT BOSCH GMBH
    Inventors: Eckart Schlottmann, Udo Schulz, Liem Dang
  • Patent number: 10013545
    Abstract: Systems, methods and devices for creating a user credential are provided. A device for creating a user credential for user authentication includes one or more processors configured to generate a first list of credential components from a second list of credential components and a network interface component coupled to a network. The network interface component is configured to transmit the generated first list of credential components to a user device, receive a user selection of at least one credential component from the transmitted first list of credential components, at least the user selection being selected by the user during user authentication, and receive a user entry. The device also includes a memory, the memory storing a combination of the user selection and the user entry as a created user credential. Systems, methods, and devices for authenticating a user with the created user credential are also provided.
    Type: Grant
    Filed: September 5, 2012
    Date of Patent: July 3, 2018
    Assignee: PayPal, Inc.
    Inventor: Bjorn Markus Jakobsson
  • Patent number: 10015162
    Abstract: A method implemented by a network firewall, comprising obtaining a first authentication token for a network test, receiving a test request message for performing the network test on a network element (NE) connected to the network firewall, authenticating the test request message by determining whether the test request message includes a second authentication token that matches the first authentication token, and granting the network test on the NE when the second authentication token matches the first authentication token.
    Type: Grant
    Filed: May 11, 2015
    Date of Patent: July 3, 2018
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventors: Yinfeng Yu, Mehdi Arashmid Akhavain Mohammadi, Tao Wan, Guoli Yin, Xingjun Chu, Khaldoon Al Zoubi, Yapeng Wu
  • Patent number: 10009773
    Abstract: Systems, methods, and computer-readable storage devices to enable secured data access from a mobile device executing a native mobile application and a headless browser are disclosed. In a particular aspect, a mobile device includes a wireless transceiver, a processor, a display device, and a memory storing instructions executable by the processor to perform operations. The operations enable read and write access to secured data by the mobile device.
    Type: Grant
    Filed: March 30, 2017
    Date of Patent: June 26, 2018
    Assignee: AppBrilliance, Inc.
    Inventors: Charles Eric Smith, Chris Dutrow, Sergio Ayestaran
  • Patent number: 10009341
    Abstract: A keyboard includes a plurality of keys, a plurality of keyboard components coupled to the keys, and one-time password (OTP) generation hardware integrated with at least some of the keyboard components, where actuating at least one of the keys causes a one-time password to be generated. The OTP generation hardware may be actuated with a dedicated button on the keyboard, by pressing a button on the keyboard that is otherwise used for pairing the keyboard to a device, or by pressing a specific sequence of keys on the keyboard. The keyboard may maintain state information to cause input by the user for OTP generation to be provide to the OTP generation hardware instead of to a device paired with the keyboard. The keyboard may also include a display that is part of the keyboard, where the display shows the one-time password generated by the OTP hardware.
    Type: Grant
    Filed: May 27, 2016
    Date of Patent: June 26, 2018
    Assignee: ASSA ABLOY AB
    Inventors: Georges Robert Vieux, Eric Vila, Janice Girouard, Daniel Halber
  • Patent number: 10009374
    Abstract: A computer-implemented method for detecting malware is described. In some embodiments, the method includes identifying an application identifier of a first application paired with a universal resource locator (URL) scheme, and storing the identified pairing of the application identifier and URL scheme of the first application in a database. In some cases, the database stores URL scheme pairings of a plurality of applications. In some embodiments, the method includes identifying an application identifier of a first application paired with a universal resource locator (URL) scheme, identifying a second application as an unknown application, detecting a request to register a URL scheme pairing of the second application, querying the database based on the request to register the URL scheme pairing of the second application, and determining whether the second application is potential malware based on a result of the querying.
    Type: Grant
    Filed: August 4, 2015
    Date of Patent: June 26, 2018
    Assignee: Symantec Corporation
    Inventors: Rui Jing, Jinghao Li
  • Patent number: 10002242
    Abstract: Methods, apparatus, and computer program products for controlling access to an electronic device based on biometric input are described. An example of such a method includes receiving a current biometric input, determining template similarity scores for the current biometric input, if at least one template similarity score satisfies a template similarity score criterion, then updating a false user counter value in a first numerical direction and performing an authentication process on the current biometric input, else, determining stored biometric input similarity scores for the current biometric input, if at least one stored biometric input similarity score satisfies a stored biometric input similarity score criterion, then maintaining the false user counter value, else, replacing a previously stored biometric input with the current biometric input, and updating the false user counter value in a second numerical direction opposite to the first numerical direction.
    Type: Grant
    Filed: November 18, 2015
    Date of Patent: June 19, 2018
    Assignee: QUALCOMM Incorporated
    Inventors: Bjorn Markus Jakobsson, Mark Bapst, Laurence Geoffrey Lundblade
  • Patent number: 10002261
    Abstract: Various embodiments provide an input/output module, including: at least one input/output port for the input of data; a signature generator that is coupled to the input/output port and is set up to generate a signature for the data from the data; a reference input, wherein the reference input is set up for the application of a reference signature; and a comparator that is coupled to the signature generator and to the reference input, and is set up to output an alarm signal if the signature of the data on the input/output port differs from the reference signature.
    Type: Grant
    Filed: September 24, 2013
    Date of Patent: June 19, 2018
    Assignee: Infineon Technologies AG
    Inventors: Marcus Janke, Peter Laackmann
  • Patent number: 10003593
    Abstract: Provided is an authentication apparatus easily realizing a one-time password system ensuring the security of a password without new equipment. The apparatus includes a user information registration processing circuit and a user authentication processing circuit. The user information registration processing circuit registers user identification information, reference identification information constituting a reference, and a selection sequenced identification indicator string having selection identification indicators selected from identification indicators and a sequence of these indicators for each user.
    Type: Grant
    Filed: April 8, 2016
    Date of Patent: June 19, 2018
    Assignee: KYOCERA Document Solutions Inc.
    Inventors: Yosuke Nakazato, Makoto Kowaka