Patents Examined by Izunna Okeke
  • Patent number: 10785244
    Abstract: An anomaly detection method includes: extracting, for each of a plurality of learning packets obtained, all possible combinations of N-grams in the payload included in the learning packet; counting a first number which is the number of occurrences of each combination in the payloads of the learning packets; calculating, as anomaly detection models, first probabilities by performing smoothing processing based on a plurality of the first numbers; and when the score calculated for each of a plurality of packets exceeds a predetermined threshold that is based on the anomaly detection models stored in a memory, outputting information indicating that the packet having the score has an anomaly.
    Type: Grant
    Filed: December 13, 2018
    Date of Patent: September 22, 2020
    Assignee: PANASONIC INTELLECTUAL PROPERTY CORPORATION OF AMERICA
    Inventors: Tatsumi Oba, Iku Ohama
  • Patent number: 10785204
    Abstract: An authorization code response is transmitted to a client, and the client uses a parameter included in the authorization code response and a parameter included in the authorization code response transmitted by a transmitting unit to verify that the authorization code response corresponds to an authorization code request.
    Type: Grant
    Filed: August 27, 2018
    Date of Patent: September 22, 2020
    Assignee: CANON KABUSHIKI KAISHA
    Inventors: Kazunari Yamanakajima, Hayato Matsugashita
  • Patent number: 10771259
    Abstract: Implementations of the present specification include a computer-implemented method for achieving a consensus among a number of network nodes of a blockchain network. The blockchain network includes a primary node and one or more backup nodes. The method includes receiving a transaction request by the primary node, sending a number of first messages to the backup nodes by the primary node, receiving second messages from the backup nodes by the primary node, reconstructing the transaction request based on data in the second messages by the primary node, sending a third message to the backup nodes by the primary node, and executing the transaction request in response to receiving a predetermined number of third messages.
    Type: Grant
    Filed: February 25, 2020
    Date of Patent: September 8, 2020
    Assignee: Alibaba Group Holding Limited
    Inventor: Peng Lin
  • Patent number: 10771459
    Abstract: Disclosed herein are a terminal apparatus, a server apparatus, and a method for FIDO universal authentication using a blockchain. The method includes sending, by the terminal apparatus, a FIDO service request for any one of FIDO registration, FIDO authentication, and FIDO deregistration for an application service provided by the server apparatus to the server apparatus; verifying, by the blockchain, a FIDO service response message, which is created as a result of local authentication of a user in the terminal apparatus in response to the FIDO service request; and processing, by the server apparatus, the FIDO service request based on whether the FIDO service response message is successfully verified by the blockchain.
    Type: Grant
    Filed: August 30, 2018
    Date of Patent: September 8, 2020
    Assignee: Electronics and Telecommunications Research Institute
    Inventors: Seok-Hyun Kim, Sang-Rae Cho, Young-Seob Cho, Se-Young Huh, Soo-Hyung Kim, Seung-Hyun Kim, Young-Sam Kim, Jong-Hyouk Noh, Jin-Man Cho, Seung-Hun Jin, Jung-Yeon Hwang
  • Patent number: 10762200
    Abstract: Disclosed herein are systems and methods for enabling the automatic detection of executable code from a stream of bytes. In some embodiments, the stream of bytes can be sourced from the hidden areas of files that traditional malware detection solutions ignore. In some embodiments, a machine learning model is trained to detect whether a particular stream of bytes is executable code. Other embodiments described herein disclose systems and methods for automatic feature extraction using a neural network. Given a new file, the systems and methods may preprocess the code to be inputted into a trained neural network. The neural network may be used as a “feature generator” for a malware detection model. Other embodiments herein are directed to systems and methods for identifying, flagging, and/or detecting threat actors which attempt to obtain access to library functions independently.
    Type: Grant
    Filed: May 20, 2020
    Date of Patent: September 1, 2020
    Assignee: Sentinel Labs Israel Ltd.
    Inventors: Shlomi Salem, Roy Ronen, Assaf Nativ, Amit Zohar, Gal Braun, Pavel Ferencz, Eitan Shterenbaum, Tal Maimon
  • Patent number: 10756895
    Abstract: Systems and methods for using encryption keys to manage data retention are described. In one embodiment, the systems and methods may include receiving data such as user data from a host of the storage drive, encrypting the data using an encryption key, writing the encrypted data to the storage drive, and retaining the encrypted data on the storage drive based at least in part on a validity of the encryption key.
    Type: Grant
    Filed: October 19, 2018
    Date of Patent: August 25, 2020
    Assignee: SEAGATE TECHNOLOGY LLC
    Inventors: Timothy Canepa, Ramdas Kachare
  • Patent number: 10749845
    Abstract: Systems and methods for decryption of payloads are disclosed herein. In various embodiments, systems and methods herein are configured for decrypting thousands of transactions per second. Further, in particular embodiments, the systems and methods herein are scalable, such that many thousands of transactions can be processed per second upon replicating particular architectural components.
    Type: Grant
    Filed: June 28, 2018
    Date of Patent: August 18, 2020
    Assignee: BLUEFIN PAYMENT SYSTEMS LLC
    Inventors: Timothy William Barnett, Alexander I. Kasatkin, Christopher Hozumi Miyata, Daniel Ruehle
  • Patent number: 10749883
    Abstract: Described is an automatic anomaly detector that receives a time-series of normal and abnormal activities that include features related to entities within a computing system. A feature coherence graph for the features is constructed, with the graph then clustered such that feature spaces of entities are expanded to include features that live within a same cluster but belong to separate entities. The feature spaces are unified by mapping representations of the features spaces into a Euclidean space of feature vectors. The feature vectors related to each feature are then aligned. Sets of clusters of related abnormal activities are then generated by regressing each feature vector over only those features that it possesses. The sets of clusters are used to detect anomalous behavior. The system then identifies a node within the computer system generating the anomalous behavior and initiates an action to minimize a threat posed by the node.
    Type: Grant
    Filed: August 27, 2018
    Date of Patent: August 18, 2020
    Assignee: HRL Laboratories, LLC
    Inventors: Charles E. Martin, Kang-Yu Ni
  • Patent number: 10740473
    Abstract: Disclosed is an approach to implement a new layer of security within mobile devices using an encryption SDK, which implements a standalone component for applications to encrypt, decrypt, and view sensitive data on the device. A security layer is implemented on the device, wherein the security layer manages encryption for data retrieved onto the device from a cloud-based environment. Encrypted content is then generated at the security layer before storing the encrypted content by receiving the content object from the cloud-based environment and encrypting the content object with an encryption key that is password protected. The encrypted content is stored within an encrypted filesystem for presenting the content on the device.
    Type: Grant
    Filed: April 11, 2018
    Date of Patent: August 11, 2020
    Assignee: Box, Inc.
    Inventors: Christopher Vasselli, Irving Yunchi Ruan
  • Patent number: 10740469
    Abstract: Methods and apparatuses are described for automated secure software development management, risk assessment and risk remediation. A server generates security requirements for a software application under development based upon a plurality of technical attributes and a threat model. The server creates a first set of development tasks based upon the generated security requirements. The server scans source code to identify one or more security vulnerabilities and creates a second set of development tasks based upon the identified vulnerabilities. The server generates a security risk score based upon the generated security requirements and the identified vulnerabilities. The server deploys the software application under development to a production computing system upon determining that the security risk score satisfies a criterion.
    Type: Grant
    Filed: December 28, 2017
    Date of Patent: August 11, 2020
    Assignee: FMR LLC
    Inventors: Erkang Zheng, Jason Kao, Bingrong He
  • Patent number: 10740459
    Abstract: Some examples detect malicious activity on a computing device. A processor in kernel mode detects an event on the computing device. The processor provides a validation request on a kernel-level bus. A bidirectional bridge component transmits the request to a user-level bus. The processor in user mode determines that the event is associated with malicious activity and provides a validation response on the user-level bus. The bridge component transmits the validation response to the kernel-level bus. In some examples, the processor in user mode receives security-relevant information from a system service of the computing device, and analyzes the event based at least in part on the security-relevant information. In some examples, the processor in user mode receives a security query, queries the kernel mode via the bridge component, and responds to the security query indicating that the data stream is associated with malware.
    Type: Grant
    Filed: December 28, 2017
    Date of Patent: August 11, 2020
    Assignee: CrowdStrike, Inc.
    Inventors: David F. Diehl, Milos Petrbok, Colin Christopher McCambridge, Aaron Putnam
  • Patent number: 10733297
    Abstract: A device may generate versions of a first executable process that is associated with deterministically defined parameters. The device may run the versions of the first executable process, and may monitor device parameters of the device or the first executable process when running the versions of the first executable process. The device may determine, based on monitoring the device parameters of the device or the first executable process, a variance to a parameter of the deterministically defined parameters relative to an expected value for the parameter, and may provide information indicating a presence of malware in connection with the device based on determining the variance to the parameter.
    Type: Grant
    Filed: August 30, 2018
    Date of Patent: August 4, 2020
    Assignee: Juniper Networks, Inc.
    Inventors: Anoop Wilbur Saldanha, Abhijit Mohanta
  • Patent number: 10735403
    Abstract: Static and dynamic embodiments are presented for generating chaff passwords for use in a password-hardening system. Chaff passwords are generated by modifying portions of base passwords based on a distribution with which particular strings of digits and symbols appear in user passwords. Location oblivious chaff passwords are generated from a chaff set of passwords obtained from a chaff generation method by applying a random permutation over the elements of the obtained chaff set of passwords.
    Type: Grant
    Filed: November 1, 2017
    Date of Patent: August 4, 2020
    Assignee: EMC IP Holding Company LLC
    Inventors: Nikolaos Triandopoulos, Kevin Bowers, Ari Juels, Ronald Rivest, Guoying Luo
  • Patent number: 10728271
    Abstract: In one embodiment, a computing device provides a feature vector as input to a random decision forest comprising a plurality of decision trees trained using a training dataset, each decision tree being configured to output a classification label prediction for the input feature vector. For each of the decision trees, the computing device determines a conditional probability of the decision tree based on a true classification label and the classification label prediction from the decision tree for the input feature vector. The computing device generates weightings for the classification label predictions from the decision trees based on the determined conditional probabilities. The computing device applies a final classification label to the feature vector based on the weightings for the classification label predictions from the decision trees.
    Type: Grant
    Filed: June 11, 2019
    Date of Patent: July 28, 2020
    Assignee: Cisco Technology, Inc.
    Inventors: Jan Brabec, Lukas Machlica
  • Patent number: 10726111
    Abstract: As disclosed herein is a tool for enabling dynamic watermarking on a client, including a computer determining a negotiated watermarking algorithm that identifies at least one location on a web page for a placed watermark, and initiating a web communication by requesting a web page. The computer receives the web page, and verifies the authenticity of the web page using the negotiated watermarking algorithm prior to displaying of the web page. Also disclosed herein is a tool for enabling dynamic watermarking on a server which includes determining a negotiated watermarking algorithm that identifies at least one location on a web page for a placed watermark, receiving a request for a web page from a client, and identifying the client.
    Type: Grant
    Filed: February 19, 2019
    Date of Patent: July 28, 2020
    Assignee: International Business Machines Corporation
    Inventors: Francesca Curzi, Giuseppe Longobardi
  • Patent number: 10721215
    Abstract: Systems and methods for decryption of payloads are disclosed herein. In various embodiments, systems and methods herein are configured for decrypting thousands of transactions per second. Further, in particular embodiments, the systems and methods herein are scalable, such that many thousands of transactions can be processed per second upon replicating particular architectural components.
    Type: Grant
    Filed: March 16, 2018
    Date of Patent: July 21, 2020
    Assignee: BLUEFIN PAYMENT SYSTEMS LLC
    Inventors: Timothy William Barnett, Alexander I. Kasatkin, Christopher Hozumi Miyata, Daniel Ruehle
  • Patent number: 10721623
    Abstract: Disclosed herein is a device and method for validating users, such as for entry into a given area. The method includes transmitting a plurality of access control tokens from an access control system to a portable device, and detecting proximity a user portable device associated with one of the plurality of access control tokens to the portable device. A symbolic representation of the access control token associated with the user portable device is generated by and displayed on the portable device. Selection of the displayed symbolic representation is accepted at the portable device. The access control system is notified of selection of the displayed symbolic representation, thereby indicating identification of a user associated with the access control token symbolically represented by the symbolic representation. The venue symbolic representation includes at least one pictograph.
    Type: Grant
    Filed: May 20, 2019
    Date of Patent: July 21, 2020
    Assignee: The Parking Genius, Inc.
    Inventors: Antonio Albanese, George Frederick Baker, Sr., Del Brown, David Livingston
  • Patent number: 10708051
    Abstract: Disclosed are various examples of systems and methods for transferring data between applications executing in sandboxed environments. In one example, a first application is in a first sandbox. A request for access to data is transmitted from the first application to a second application in a second sandbox. The data is stored in the second sandbox. The request is transmitted using a sandbox communications framework. The data is received using the sandbox communications framework. The data is encrypted. An encryption key is retrieved from an access-restricted data store.
    Type: Grant
    Filed: August 9, 2018
    Date of Patent: July 7, 2020
    Assignee: AIRWATCH LLC
    Inventors: Vijaykumar Bhat, Ramani Panchapakesan, Ilanchezhian Kuppusamy, Gangadhar Nittala
  • Patent number: 10708231
    Abstract: Some embodiments provide a method for identifying unnecessary firewall rules for a distributed firewall of a logical network. The method identifies a firewall policy for network traffic of the logical network. The firewall policy includes a set of firewall rules. The method generates a set of data for implementing the firewall policy on a set of managed forwarding elements that implement the logical network. The method analyzes potential network traffic based on the generated set of data to identify a subset of unnecessary data. The method identifies a subset of unnecessary firewall rules of the set of firewall rules that corresponds to the subset of unnecessary data.
    Type: Grant
    Filed: August 6, 2018
    Date of Patent: July 7, 2020
    Assignee: NICIRA, INC.
    Inventors: Amar Padmanabhan, Amre Shakimov, Anupam Chanda
  • Patent number: 10706167
    Abstract: A computer-implemented method for enforcing privacy in cloud security may include (i) identifying, by a computing device, a set of files in a backup process for a cloud service, (ii) determining, by the computing device, that at least one file in the set of files is a private file, (iii) modifying, by the computing device encrypting the private file, the set of files in the backup process, (iv) completing the backup process for the cloud service with the modified set of files, and (v) enforcing a security policy of the cloud service based on a scan of file hashes. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: July 11, 2017
    Date of Patent: July 7, 2020
    Assignee: NortonLifeLock Inc.
    Inventors: Ilya Sokolov, Lei Gu, Jason Holler, Tim van der Horst