Patents Examined by Ghazal Shehni
  • Patent number: 9712554
    Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for transforming representations of network activity data. A data structure that represents communication events between computing devices of one or more networks is received. The data structure is analyzed and a set of potential attack paths represented in the data structure is determined. A score is assigned to each potential attack path in the set of potential attack paths. Potential attack paths that have scores that do not meet a predetermined threshold are removed from the set of potential attack paths. Potential attack paths that remain in the set of potential attack paths are ranked, based on each score assigned to each potential attack path, and the data structure that includes a ranked set of potential attack paths is provided.
    Type: Grant
    Filed: August 31, 2015
    Date of Patent: July 18, 2017
    Assignee: Accenture Global Services Limited
    Inventors: Amin Hassanzadeh, Shimon Modi, Shaan Mulchandani, Walid Negm
  • Patent number: 9710636
    Abstract: Embodiments of the present invention provide methods, program products and systems to reduce mistakes in production and management of digital identification cards. Embodiments of the present invention can create a digital card template design using graphical icons in a user interface display and publish the created digital card template design to a server. Embodiments of the present invention can access the server to test the published digital card template design using sample data and deploy the published digital card template design to an issuing service. Embodiments of the present invention can, responsive to receiving an acquisition URL from the issuing service, build an instance of a digital identification card from information included in the acquisition URL.
    Type: Grant
    Filed: October 20, 2016
    Date of Patent: July 18, 2017
    Assignee: International Business Machines Corporation
    Inventor: Richard Redpath
  • Patent number: 9705931
    Abstract: In general, an indication is received through a user interface of an intention of a potential rider to use an autonomous vehicle. In response to the receipt of the indication, a hailing request is sent by a signaling mode to at least one autonomous vehicle that can receive the hailing request directly in accordance with the signaling mode.
    Type: Grant
    Filed: July 13, 2016
    Date of Patent: July 11, 2017
    Assignee: Lifetrack Medical Systems Inc.
    Inventors: Eric Schulze, Brendan Philip Rees
  • Patent number: 9699205
    Abstract: A security platform employs a variety techniques and mechanisms to detect security related anomalies and threats in a computer network environment. The security platform is “big data” driven and employs machine learning to perform security analytics. The security platform performs user/entity behavioral analytics (UEBA) to detect the security related anomalies and threats, regardless of whether such anomalies/threats were previously known. The security platform can include both real-time and batch paths/modes for detecting anomalies and threats. By visually presenting analytical results scored with risk ratings and supporting evidence, the security platform enables network security administrators to respond to a detected anomaly or threat, and to take action promptly.
    Type: Grant
    Filed: August 31, 2015
    Date of Patent: July 4, 2017
    Assignee: Splunk Inc.
    Inventors: Sudhakar Muddu, Christos Tryfonas, Ravi Prasad Bulusu
  • Patent number: 9679276
    Abstract: A block chain may be used to certify the existence, integrity, and/or ownership of a file or communication. The present disclosure describes receiving a plurality of data units; hashing the plurality of data units to provide a plurality of hashes, individual hashes being unique cryptographic identifiers of corresponding data units such that an individual hash verifiably relates to a corresponding data unit and the individual hashes cannot be used by themselves to obtain corresponding data units; temporarily storing the hashes; generating a first cryptographic structure based on the plurality of hashes; publishing the first cryptographic structure on the block chain; providing proofs associated with individual ones of the plurality of data units that allow independent verification that the data units are certified; and verifying certification of data units based on roots of reconstructed cryptographic structures.
    Type: Grant
    Filed: January 26, 2016
    Date of Patent: June 13, 2017
    Assignee: STAMPERY, INC.
    Inventor: Luis Iván Cuende
  • Patent number: 9679140
    Abstract: In an example, a system and method for outbreak pathology inference are described. In certain computational ecosystems, malware programs and other malicious objects may infect a machine, and then attempt to infect additional machines that are “networked” to the first machine. In some cases, the network may be a physical or logical network, such as an enterprise network. However, “social networking” may also connect one machine to another, because users may share files or data with one another over social networks. In that case, client devices may be equipped with a telemetry engine to gather and report data about the machine, while a system management server receives reported telemetry. The system management server may use both logical networks and social networks to infer potential outbreak paths and behaviors of malware.
    Type: Grant
    Filed: December 27, 2014
    Date of Patent: June 13, 2017
    Assignee: McAfee, Inc.
    Inventors: Ned M. Smith, Esteban Gutierrez, Andrew Woodruff, Aditya Kapoor
  • Patent number: 9680820
    Abstract: A client device for decrypting and decoding media assets through a secure data path. The client device includes a host core and global memory in a common execution environment and a secure core and restricted memory in a secure execution environment. The secure core generates a license challenge only in the context of the secure execution environment and processes a license challenge response that includes a media content decryption key only in the context of the secure execution environment. The secure core decrypts a protected media asset using the media content decryption key only in the context of the secure execution environment such that the decryption key and decrypted media asset will not be in global memory thereby protecting the media asset from unauthorized access.
    Type: Grant
    Filed: October 6, 2015
    Date of Patent: June 13, 2017
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Weiwan Liu, Michael Maietta
  • Patent number: 9672366
    Abstract: Techniques for clipboard monitoring are disclosed. In one embodiment, the techniques may be realized as a method including identifying text that has been copied from an application to a clipboard; copying the identified text to a cache separate from the clipboard; replacing the identified text in the clipboard with a delayed clipboard object; in response to a reference call from the delayed clipboard object, analyzing the copied text for sensitive data; and in response to determining that the copied text includes sensitive data, providing a response to the reference call from the delayed clipboard object that does not include the copied text.
    Type: Grant
    Filed: March 31, 2015
    Date of Patent: June 6, 2017
    Assignee: Symantec Corporation
    Inventors: Rupesh Hanumant Khetawat, Sumesh Jaiswal
  • Patent number: 9674217
    Abstract: A system and method for mitigating the effects of malicious internet traffic, including DDOS attacks and email bombs, by utilizing a DNS Traffic Analyzer and Firewall to analyze network traffic intended for a DNS server and preventing some network traffic from accessing the DNS server.
    Type: Grant
    Filed: February 26, 2016
    Date of Patent: June 6, 2017
    Inventor: John Wong
  • Patent number: 9665714
    Abstract: A method and system is provided for detecting malicious files on a virtual machine in a distributed network. An example method includes, receiving, by a thin client operating on the virtual machine, data relating to characteristics of computing resources of servers in the distributed network with each server being able to scan files to detect malicious files. The method for includes obtaining a on the virtual machine, identifying and selecting, using the data relating to characteristics of the computing resources, one of the servers to perform the scan of the file on the virtual machine, and transmitting to the selected server the file for scanning.
    Type: Grant
    Filed: May 31, 2016
    Date of Patent: May 30, 2017
    Assignee: AO Kaspersky Lab
    Inventors: Denis O. Vlaznev, Nikita M. Voitov, Maxim A. Vasilyev, Maxim E. Naumov, Evgeny S. Semenov, Alexander Y. Onishchenko
  • Patent number: 9661014
    Abstract: A system and method for dynamically scanning one or more features on a Website. The system allows detecting of stored scripting errors, where an attack or injection occurs on a page or feature that results in executing malicious code by another page or feature. The system uses stored test identities and allows testing reuse.
    Type: Grant
    Filed: August 31, 2015
    Date of Patent: May 23, 2017
    Assignee: LinkedIn Corporation
    Inventors: Roman Shafigullin, Yuji Kosuga, Arvind Mani
  • Patent number: 9660969
    Abstract: An approach is provided for key management for data encryption. A key management platform receives a request from at least one client for one or more private keys for decrypting one or more datasets. The one or more private keys are encrypted in at least one key repository associated with at least one server. The key management platform also causes, at least in part, an authentication of the request using one or more secure credentials of the at least one client, the at least one server, or a combination thereof. The key management platform further causes, at least in part, an authorization of the at least one client to determine whether the at least one client is authorized to access the one or more private keys based on the authentication. The key management platform further causes, at least in part, a decryption of the one or more private keys using at least one master key based on the authorization.
    Type: Grant
    Filed: March 31, 2015
    Date of Patent: May 23, 2017
    Assignee: HERE Global B.V.
    Inventors: Gaoqiang Qian, Sumit Lonial, Zahid N Ahmed
  • Patent number: 9654561
    Abstract: Provided is a method of providing an integrate cloud storage service through a home gateway communicating with smart devices through a first network formed by the home gateway and communicating with cloud storages through a communication network. The method may include obtaining information on cloud storage accounts associated with a smart device, as cloud storage account information, upon generation of a predetermined event associated with the smart device, generating an integrated cloud storage list based on information on folders and data of cloud storages accessible by the cloud storage account information, and providing the generated integrated cloud storage list to the smart device.
    Type: Grant
    Filed: November 3, 2014
    Date of Patent: May 16, 2017
    Assignee: KT CORPORATION
    Inventors: Eui-Seung Son, Se-Jin Park, Yu-Seon Kim, Ho-Sung Yoon
  • Patent number: 9645861
    Abstract: A method for managing application containers, comprising: assigning a first application to a master container in a memory of a system; assigning a second application to a slave container in the memory; using a processor, assigning the master and slave containers to a container group by: delegating access to container meta-data of the slave container by a container run-time of the slave container or by the first application to a container meta-data accessor of the master container via a class loader of the master container; and, delegating interaction between the container run-time of the slave container and a container management channel of the slave container to a container management channel of the master container via the class loader of the master container; and, accessing the first and second applications via the container group.
    Type: Grant
    Filed: April 29, 2014
    Date of Patent: May 9, 2017
    Assignee: Good Technology Holdings Limited
    Inventors: Alex Lau, Namrata Jayant Bandekar, Chun Fung Yuen, Wing Young Lam
  • Patent number: 9646321
    Abstract: A method, apparatus, and computer program product are disclosed for self-service design, scheduling, and delivery of user-defined reports regarding promotions. The method includes receiving, from a user device, a report type and report delivery information. Based on the report type, relevant data regarding the one or more promotions is collected, using which a report is generated. The method then outputs the generated report based on the report delivery information. Optionally, analytical insights, such as trends within the data, sample size, suitability of control data, and indications of statistical significance, are generated and included in the report. A corresponding apparatus and computer program product are also provided.
    Type: Grant
    Filed: August 7, 2015
    Date of Patent: May 9, 2017
    Assignee: Groupon, Inc.
    Inventors: Nipun Agarwal, Sudeep Srivastava, Isaac Kim
  • Patent number: 9648141
    Abstract: In one embodiment, first content is served by an application server to a client computer through an Internet service provider network. The first content includes a link to second content on a third-party server. A token request is sent from the third-party server to the application server in response to selection of the link by the client computer. A token is provided to the third-party server by the application server in response to the token request. The token is configured to authorize data flow at a bandwidth for the second content by the Internet service provider network to the client computer. The data flow is authorized based on an agreement for the bandwidth between an operator of the application server and an operator of the Internet service provider network.
    Type: Grant
    Filed: March 31, 2015
    Date of Patent: May 9, 2017
    Assignee: Cisco Technology, Inc.
    Inventors: Tirumaleswar Reddy, Daniel Wing, Prashanth Patil
  • Patent number: 9635049
    Abstract: A processing device comprises a processor coupled to a memory and is configured to obtain data relating to communications initiated by host devices of a computer network of an enterprise, and to process the data to identify external domains contacted by the host devices. A graph inference algorithm is applied to analyze contacts of the host devices with the external domains in order to characterize one or more of the external domains as suspicious domains. The host devices are configured to counteract malware infection from the suspicious domains. The graph inference algorithm in some embodiments comprises a belief propagation algorithm, which may be initiated with one or more seeds corresponding to respective known suspicious domains or to respective ones of the external domains determined to be associated with command and control behavior. The processing device may be implemented in the computer network or an associated network security system.
    Type: Grant
    Filed: March 31, 2015
    Date of Patent: April 25, 2017
    Assignees: EMC IP Holding Company LLC, The Charles Stark Draper Laboratory, Inc.
    Inventors: Alina M. Oprea, Zhou Li, Sang H. Chin, Ting-Fang Yen
  • Patent number: 9626410
    Abstract: A method for a distributed computing system managing vertically partitioned data includes receiving a query for a first row of data, where a first column of the first row of data is stored in a first data server and a second column of the first row of data is stored a second data server. The method translates the query for the first row of data into two queries, wherein a first translated query is for the first column of the first row of data and a second translated query is for the second column of the first row of data. The method sends the first translated query to the first data server and the second translated query to the second data server. Responsive to receiving the first column and the second column of the first row of data, the method sends the first column and the second column of the first row of data.
    Type: Grant
    Filed: March 31, 2015
    Date of Patent: April 18, 2017
    Assignee: International Business Machines Corporation
    Inventors: Michael P. Clarke, John A. W. Kaputin, King-Yan Kwan, Andrew Wright
  • Patent number: 9626676
    Abstract: A method, apparatus, and computer program for improving security in connection with online transactions are provided. A security application configured to monitor received text messages of a short message service is executed in an apparatus. The security application is arranged to have prioritized access to process the received text messages before other applications executed in the apparatus, to identify from contents of a received text message whether or not the received text message includes a transaction authentication message and, upon detecting that the received text message includes the transaction authentication message, prevent the processing of the transaction authentication message by the other applications and carry out user interfacing related to the transaction authentication message within a secured environment provided by the security application.
    Type: Grant
    Filed: March 20, 2014
    Date of Patent: April 18, 2017
    Assignee: F-Secure Corporation
    Inventor: Mikko Suominen
  • Patent number: 9621521
    Abstract: Technologies are generally described for providing rapid data encryption and decryption for secure communication over an open channel with plausible deniability. In some examples, a single bit of information may be encoded by many alternative combinations of bits thus providing high security as well as enabling a single ciphertext to encrypt several different plaintexts of the same length simultaneously. The ability to encrypt several different plaintexts of the same length simultaneously may allow plausible deniability of messages. Encryption speed may be enhanced through accumulation of useful bit sets with desired properties in advance for later use. When the need arises, several plaintexts of the same size may be encrypted into a single ciphertext using accumulated bit combinations corresponding to different secret keys.
    Type: Grant
    Filed: July 10, 2015
    Date of Patent: April 11, 2017
    Assignee: EMPIRE TECHNOLOGY DEVELOPMENT LLC
    Inventor: Alexander Y Davydov