Patents Examined by Evan Desrosiers
-
Patent number: 11777972Abstract: A method described herein involves various operations directed toward network security. The operations include accessing a traffic attribute describing a feature of network traffic. The operations further include determining a baseline distribution for the traffic attribute of a baseline set of transactions involving an online system over a baseline period and, additionally, determining an observed distribution for the traffic attribute of an observed set of transactions involving the online system over an observed period. Using the observed distribution and the baseline distribution, an attribute risk value for the traffic attribute is computed. The operations further include detecting that an anomaly exists in the traffic attribute of the observed set of transactions, based on the attribute risk value.Type: GrantFiled: July 29, 2021Date of Patent: October 3, 2023Assignee: Kount Inc.Inventor: Matthew Lewis Jones
-
Patent number: 11777931Abstract: A system includes an intelligent electronic device (IED) and a proxy device communicatively coupled to the TED via a Media Access Control (MACsec) communication link. The proxy device is configured to perform operations that include receiving permissions data, receiving a request to perform an action associated with the TED, determining whether the action is authorized based on the permissions data, and transmitting data to the TED via the MACsec communication link in response to determining that the action is authorized.Type: GrantFiled: October 8, 2020Date of Patent: October 3, 2023Assignee: Schweitzer Engineering Laboratories, Inc.Inventors: Colin Gordon, Dennis Gammel
-
Patent number: 11770409Abstract: A computer-implemented method, computer system, and computer program product for threat management. A set of features used by a machine learning model is collected by the computer system to determine a threat type for an access attempt when the access attempt is detected. A cluster is determined, by the machine learning model in the computer system, for the access attempt using the set of features, wherein the machine learning model implements clustering to determine the cluster for the access attempt, and wherein the cluster for the access attempt corresponds to the threat type for the access attempt. A set of actions is performed by the machine learning model in the computer system based on the threat type determined for the access attempt.Type: GrantFiled: January 4, 2021Date of Patent: September 26, 2023Assignee: International Business Machines CorporationInventors: William Wesley Beaver, Oner Sufri, Kevin Potter, Shirley M. Han, Zachary Ryan, Kyle Greeley, ChunHui Y. Higgins, Omar Hammami, Gustavo Adolfo Arismendi Camero, Ryan West, Emilio Fiallos
-
Patent number: 11770394Abstract: A network security system that analyzes data from network attacks to determine which attacks came from the same attacker, even if the attacker tries to disguise its identity by spreading attacks out over time and attacking from multiple IP addresses. Intrusion detection systems or firewalls may log data for each attack, such as the time of the attack, the type of attack, and the source and target addresses. Embodiments may augment this data with derived attributes that may profile the attacker's behavior. For example, some attackers may spread out attacks over time, but always attack on the same day of the week; some attackers may spread out attacks over different IP addresses, but these addresses may all be in the same country. The original and augmented data may be clustered using an algorithm such as DBSCAN, and each attacker may be identified with one of the resulting clusters.Type: GrantFiled: June 2, 2021Date of Patent: September 26, 2023Assignee: BULL SASInventors: Harshvardhan Parmar, Vinod Vasudevan, Rajat Mohanty
-
Patent number: 11770381Abstract: Access level and security group information can be updated for a data instance without having to take down or recycle the instance. A data instance created in a data environment will have at least one default security group. Permissions can be applied to the default security group to limit access via the data environment. A control security group can be created in a control environment and associated with the default security group. Permissions can be applied and updated with respect to the control security group without modifying the default security group, such that the data instance does not need to be recycled or otherwise made unavailable. Requests to perform actions with respect to the control security groups are made via the control environment, while allowing native access to the data via the data environment.Type: GrantFiled: October 2, 2020Date of Patent: September 26, 2023Assignee: Amazon Technologies, Inc.Inventor: Grant Alexander MacDonald McAlister
-
Patent number: 11765151Abstract: Methods and systems for verifying a user's identity on a computing device using two-factor authentication are described. More particularly, the system utilizes a personal identification number input by a user, together with one or more of a secure browsing feature, a device fingerprint, and a token generator to authenticate the user on the computer.Type: GrantFiled: January 25, 2022Date of Patent: September 19, 2023Assignee: United Services Automobile Association (USAA)Inventors: Debra Casillas, Richard Andrew Davey, Michael Frank Morris, Maland Keith Mortensen, John David Row, Thomas Buckingham
-
Patent number: 11763010Abstract: Methods, articles, and systems of computer graphics processing system validation for processing of encrypted image content are disclosed herein.Type: GrantFiled: January 31, 2022Date of Patent: September 19, 2023Assignee: Intel CorporationInventors: Ashwin Muppalla, Changliang Wang, Penne Lee
-
Patent number: 11757928Abstract: The techniques described in this disclosure provide resilient and reactive on-demand Distributed Denial-of-Service (DDoS) mitigation services using an exchange. For example, an exchange comprises a first virtual network for switching mixed traffic (including dirty (DDoS) traffic and clean (non-DDoS) traffic)) from one or more networks to one or more DDoS scrubbing centers; and a second virtual network for switching the clean traffic from the one or more DDoS scrubbing centers to the one or more networks, wherein the exchange is configured to receive the mixed traffic from the one or more networks and switch, using the first virtual network, the mixed traffic to a selected DDoS scrubbing center of the one or more DDoS scrubbing centers, and wherein the exchange is configured to receive the clean traffic from the selected DDoS scrubbing center and switch, using the second virtual network, the clean traffic to the one or more networks.Type: GrantFiled: September 1, 2020Date of Patent: September 12, 2023Assignee: EQUINIX, INC.Inventors: Juxiang Teng, Muhammad Durrani, Rupinder Singh Randhawa
-
Patent number: 11750564Abstract: Disclosed are systems and methods for securing a network including one or more network nodes connecting a plurality of network connected devices of the network. A method may include: receiving and temporarily storing a plurality of data packets in a shared buffer of a network node; receiving requests from a first processing engine and a second processing engine to access a temporarily stored data packet; generating a first pointer and a second pointer to the temporarily stored data packet, the second pointer being different from the first pointer while pointing to the same temporarily stored data packet; and enabling the first processing engine to use the generated first pointer to access the temporarily stored data packet and the second processing engine to use the generated second pointer to access the temporarily stored data packet.Type: GrantFiled: November 4, 2021Date of Patent: September 5, 2023Assignee: LOOKINGGLASS CYBER SOLUTIONS, INC.Inventors: Paolo Fabio Zaino, Bryan Wesley Brown
-
Patent number: 11750660Abstract: Examples for detecting a compromised device are described. A set of threat detection rules can instruct an application on the client device how to detect whether the client device is compromised. The rules can be updated dynamically and without updating the application that is performing the compromise detection. The rules can be encoded in an interpreted scripting language and executed by a runtime environment that is embedded within the application.Type: GrantFiled: September 9, 2021Date of Patent: September 5, 2023Assignee: VMware, INC.Inventors: Simon Brooks, Daniel E. Zeck, Xinpi Du, Ali Mohsin, Kishore Sajja, Nikhil Mehta
-
Patent number: 11743278Abstract: Systems and methods are disclosed for computing network operations. For example, methods may include receiving, at a computing device located within a private network, a message sent from a server located outside of the private network, the message including an observable; invoking, within the private network, a search of data associated with the private network to obtain a search result that includes data matching the observable; aggregating, within the private network, data from the search result that matches the observable to obtain a report that includes an indication of the observable, a count of occurrences of the observable, and identification of one or more components associated with the observable; and transmitting the report to the server.Type: GrantFiled: December 15, 2021Date of Patent: August 29, 2023Assignee: ServiceNow, Inc.Inventors: Kurt Joseph Zettel, II, Richard Reybok, Jr., Phillip DiCorpo, Simon N. Allen, Amit Sharma, Giora Tamir
-
Patent number: 11743124Abstract: Examples described herein include systems and methods for deploying Data Loss Prevention (DLP) policies to user devices. An example method can include receiving a configuration specifying at least one DLP policy applicable to an application, along with an indication of an assignment group specifying users, or user devices, to which the DLP policy should apply. Information regarding the DLP policy and assignment group can be provided to an identity service and then synchronized with a second server that manages the application. The method can further include provisioning the application to a user device and instructing the user device to retrieve the DLP policy from the second server and implement it when executing the provisioned application.Type: GrantFiled: April 21, 2021Date of Patent: August 29, 2023Assignee: VMware, Inc.Inventors: Aditya Shrotri, Sagar Date
-
Patent number: 11736484Abstract: A system and method are disclosed for authenticating and authorizing access to and accounting for consumption of bandwidth for IPv6 connectivity to the Internet over Wireless Access Vehicular Environment (WAVE) service channels by client devices using an Authentication, Authorization and Accounting (AAA) server. The AAA server authenticates and authorizes client devices to access WAVE service channels, and accounts for bandwidth consumption by the client devices using WAVE service channels to access the Internet. The AAA server enables an RSU infrastructure operator to quantify wireless bandwidth consumption by in-vehicle devices using the WAVE Service Channels, on a per-device basis.Type: GrantFiled: December 28, 2017Date of Patent: August 22, 2023Assignee: PAXGRID CDN INC.Inventor: Martin D. Nathanson
-
Patent number: 11733971Abstract: This relates to hierarchical pseudo-random number generation for use in computer simulations that operate across more than one computing machine.Type: GrantFiled: May 24, 2019Date of Patent: August 22, 2023Assignee: Simudyne, Ltd.Inventors: John Hill, Chris Spencer
-
Patent number: 11729197Abstract: Embodiments include a method for vulnerability management of a computer system. The method includes collecting vulnerability information over a network from a publishing source. The vulnerability information includes a known vulnerability of a first computer asset, where at least some of the vulnerability information is a set of cybersecurity vulnerabilities and exposures (CVEs) published online. Further, at least some of the CVEs is in a human-readable format. The method further includes collecting system information of the computer system subject to the vulnerability management, where the system information includes information about a second computer asset of the computer system. The method further includes processing the collected vulnerability information and the collected system information by interpreting the human-readable CVEs and correlating the interpreted CVEs with the collected system information.Type: GrantFiled: November 19, 2019Date of Patent: August 15, 2023Assignee: T-Mobile USA, Inc.Inventors: Pradeep Cruz, Jan Olav Opedal, Srikrishna Srinivasan, Yanbing Su
-
Patent number: 11722294Abstract: A communication device includes: a counter, a pseudo-random number generator, a symbol generator, a modulator, and a controller. The counter counts symbols transmitted to a correspondent device. The pseudo-random number generator generates a pseudo-random number corresponding to a count value of the counter. The symbol generator generates a transmission symbol from a transmission signal and the pseudo-random number. The modulator generates a modulated signal from the transmission symbol. When a disruption of a communication with the correspondent device is detected, the controller selects, from among a plurality of restoring times determined in advance, a restoring time for resuming the communication, and gives the counter a count value assigned in advance to the selected restoring time. The counter resumes a counting operation from the count value given from the controller when the communication device resumes a communication with the correspondent device.Type: GrantFiled: December 4, 2021Date of Patent: August 8, 2023Assignee: FUJITSU LIMITEDInventors: Shoichiro Oda, Setsuo Yoshida
-
Patent number: 11720224Abstract: Disclosed herein are system, method, and computer program product embodiments for storing files in a storage location that is associated with an image object that is displayed in a real-time view on a mobile device. Examples of an image object include physical objects and augmented objects. Display of the real-time view includes the image object as well as interfaces for interacting with the image object including creating a storage location associated with the image object. Moreover, security features may be based on using information associated with the image object to securely store the file, either locally on the mobile device or over a network (e.g., at a cloud-based location) using the mobile device.Type: GrantFiled: October 27, 2020Date of Patent: August 8, 2023Assignee: Capital One Services, LLCInventor: Jayaraman Ganeshmani
-
Patent number: 11711697Abstract: Disclosed is an electronic device. The electronic device includes a communicator comprising communication circuitry and a processor, the processor is configured to control the communicator to perform communication with an external device based on identifying that a strength of a signal received from an external device is equal to or greater than a predetermined threshold value, and after converting an electronic device to a low power mode, based on identifying that a strength of a signal received from an external device being within a first range, to control the electronic device to perform a secure pairing operation.Type: GrantFiled: October 30, 2019Date of Patent: July 25, 2023Assignee: Samsung Electronics Co., Ltd.Inventors: Dongik Lee, Chungyong Eom
-
Patent number: 11711412Abstract: An apparatus, system, and method for maintaining a programming lineup of adaptive-bitrate content streaming is provided. The apparatus includes a timeline module configured to maintain a programming lineup of media content available over a network. The media content may comprise a plurality of streamlets. The apparatus also includes at least one data module configured to maintain multi-bitrate streamlet information. The system includes the apparatus and a client module configured to acquire content based upon the programming lineup provided by the timeline module. The method includes maintaining a programming lineup of media content available over a network, and maintaining multi-bitrate streamlet information.Type: GrantFiled: April 13, 2021Date of Patent: July 25, 2023Assignee: DISH Technologies L.L.C.Inventors: Mark B. Hurst, David F. Brueck
-
Patent number: 11706208Abstract: A system and method for security of Internet of things (IoT) devices are discussed. A user of a mobile device, such as a customer of a wireless communication network, may remotely lock an IoT device while concomitantly assigning an ad hoc password to the IoT device that can be subsequently used to unlock the device. Alternatively, an IoT device may self-lock and produce a password in response to detecting its motion. The produced password may be provided to the user of a mobile device and used later to unlock the IoT device.Type: GrantFiled: August 20, 2020Date of Patent: July 18, 2023Assignee: T-MOBILE USA, INC.Inventor: Anbalagan Elumalai