Patents Examined by Jeffery L Williams
  • Patent number: 11321464
    Abstract: This disclosure relates to method and system for generating cognitive security intelligence for detecting and preventing malwares. In one embodiment, the method includes monitoring instructions being executed by a processor of a computing system, determining events triggered and activities performed by the execution of the instructions, correlating the events and the activities to determine a sequence of events and activities, and mapping the sequence of events and activities with a topographical threat map to detect a pattern match corresponding to a malware. The topographical threat map is event and activity behavior map of a number of categories of malwares, and is built based on a cognitive analysis using deep learning which may also be enriched with external knowledge or historic knowledge. The method further includes effecting a remedial measure, upon detecting the pattern match, to prevent the malware by constructing remedial instructions to be executed by the processor.
    Type: Grant
    Filed: February 6, 2018
    Date of Patent: May 3, 2022
    Assignee: Wipro Limited
    Inventor: Sridhar Govardhan
  • Patent number: 11316840
    Abstract: In one or more embodiments, one or more systems, one or more methods, and/or one or more processes may: receive, by a first information handling system (IHS), one or more client files of a web application; receive a binary module; populate a document object model (DOM) with content of the web application; receive first user input via a first node of the DOM; receive an encrypted file and a first portion of a symmetric encryption key from a second IHS; receive second user input via a second node of the DOM; execute a binary module; provide the second user input to the binary module; determine a second portion of the symmetric encryption key based at least on the second user input; combine the first and second portions of the symmetric encryption key to obtain the symmetric encryption key; and decrypt the encrypted file to obtain the file.
    Type: Grant
    Filed: April 16, 2020
    Date of Patent: April 26, 2022
    Assignee: Dell Products L.P.
    Inventor: Brandon Grooters
  • Patent number: 11316697
    Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for verifiable-claim issuance. One of the methods includes: receiving, from a first entity, a request for creating a verifiable claim (VC) for a decentralized identifier (DID) associated with a second entity; obtaining, in response to receiving the request, a digital signature associated with the first entity; and generating the VC based on the received request and the obtained digital signature.
    Type: Grant
    Filed: July 23, 2021
    Date of Patent: April 26, 2022
    Assignee: ADVANCED NEW TECHNOLOGIES CO., LTD.
    Inventors: Renhui Yang, Jiawei Liu, Yuan Chen, Yuqi Lin
  • Patent number: 11310055
    Abstract: An incorrect transmission, of a record of data to a distributed ledger system, can be prevented. A first signal can be received. The first signal can include a first instruction to cause the record to be transmitted to the system. One or more items of information in the record can be determined. A delay of time to be elapsed, before a transmission of the record to the system, can be set in response to a receipt of the first signal and a determination of the one or more items. The transmission of the record to the system can be caused to occur after the delay has elapsed. The transmission of the record to the system can be prevented in response to a receipt of a second signal before the delay has elapsed. The second signal can include a second instruction that supersedes the first instruction.
    Type: Grant
    Filed: July 11, 2019
    Date of Patent: April 19, 2022
    Assignee: POLYSIGN, INC.
    Inventors: David Schwartz, Arthur Britto
  • Patent number: 11296882
    Abstract: A system for identifying unauthorized users in a distributed register network is provided. In particular, the system may comprise a distributed register network comprising one or more decentralized nodes, each of which may store a separate copy of a distributed data register. The system may further comprise one or more specialized nodes which authenticate users that trigger the generation of blocks in a linked structures of the distributed register network, where the blocks are associated with requests that are submitted by the user. In this way, the system verifies the authenticity of the blocks in the linked structures, thereby providing a more robust distributed register network.
    Type: Grant
    Filed: October 1, 2020
    Date of Patent: April 5, 2022
    Assignee: BANK OF AMERICA CORPORATION
    Inventors: Shailendra Singh, Nimish Ravindra Deshpande, Prashant Khare
  • Patent number: 11288365
    Abstract: An example intrusion detection system for a computer includes: an ambient light sensor to detect an increase in ambient light indicative of a housing of the computer being opened; and a super input/output integrated circuit (SIO) to receive a signal from the ambient light sensor indicating that the housing of the computer has been opened.
    Type: Grant
    Filed: February 2, 2017
    Date of Patent: March 29, 2022
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Shaheen Saroor, Nam H Nguyen, Ted T Nguy
  • Patent number: 11281777
    Abstract: A protection module operates to analyze threats, at the protocol level (e.g., at the HTML level), by intercepting all requests that a browser engine resident in a computing device sends and receives, and the protection agent completes the requests without the help of the browser engine. And then the protection module analyzes and/or modifies the completed data before the browser engine has access to it, to, for example, display it. After performing all of its processing, removing, and/or adding any code as needed, the protection module provides the HTML content to the browser engine, and the browser engine receives responses from the protection agent as if it was speaking to an actual web server, when in fact, browser engine is speaking to an analysis engine of the protection module.
    Type: Grant
    Filed: July 16, 2018
    Date of Patent: March 22, 2022
    Assignee: WEBROOT INC.
    Inventors: Joe Jaroch, Harry Murphey McCloy, III, Robert Edward Adams
  • Patent number: 11277382
    Abstract: Example methods and computer systems are provided for filter-based packet handling at a virtual network adapter. The method may comprise: receiving an ingress packet destined for the virtualized computing instance that is supported by the host and connected to the virtual network adapter; and matching the ingress packet to one of multiple filters configured for the virtual network adapter. The multiple filters may include a first filter specifying one or more first packet characteristics and a second filter specifying one or more second packet characteristics. The method may also comprise: in response to matching the ingress packet to the first filter, assigning the ingress packet to a first packet queue; and in response to matching the ingress packet to the second filter, assigning the ingress packet to a second packet queue.
    Type: Grant
    Filed: July 22, 2019
    Date of Patent: March 15, 2022
    Assignee: VMWARE, INC.
    Inventors: Peng Li, Guolin Yang, Yong Wang, Wenyi Jiang, Boon Seong Ang
  • Patent number: 11258772
    Abstract: An apparatus includes a non-volatile memory (NVM) device coupled to a host, the NVM device including a processing device to: receive a communication packet from a server via the host computing system that is coupled to the NVM device and communicatively coupled to the server, the communication packet comprising clear text data that requests to initiate secure communications; perform a secure handshake with the server, via communication through the host computing system, using a secure protocol that generates a session key; receive data, via the host computing system, from the server within a secure protocol packet, wherein the data is inaccessible to the host computing system; authenticate the data using secure protocol metadata of the secure protocol packet; optionally decrypt, using the session key, the data to generate plaintext data; and store the plaintext data in NVM storage elements of the NVM device.
    Type: Grant
    Filed: June 4, 2019
    Date of Patent: February 22, 2022
    Assignee: Cypress Semiconductor Corporation
    Inventors: Sergey Ostrikov, Stephan Rosner, Cliff Zitlaw
  • Patent number: 11251955
    Abstract: A wireless communication device for use with a communication device and a network gateway connected to the Internet, wherein the communication device can communicate with the network gateway. The wireless communication device includes: a communication component operable to communicate with the network gateway; a memory component having temporary network access credentials stored therein; and a credential feature associated with the temporary network access credentials and being accessible by the communication device. The communication component can further establish a temporary network connection with the gateway based on the temporary network access credentials, and can further join a permanent network with the gateway.
    Type: Grant
    Filed: September 7, 2017
    Date of Patent: February 15, 2022
    Assignee: ARRIS ENTERPRISES LLC
    Inventors: Paul A. Clancy, James R. Flesch
  • Patent number: 11251975
    Abstract: Apparatus and method for distributed authentication in a data storage system using block chain technology. In some embodiments, a requested transaction is generated to perform a selected security operation upon a data processing device in a computer network. The requested transaction is validated and propagated to a plurality of nodes. The nodes use a consensus mechanism to quasi-randomly select a particular node to generate a new block listing the requested transaction. The new block is validated, propagated among the plurality of nodes, and added to a block chain data structure. A processing node processes the requested transaction from the block chain data structure to authorize the selected security operation. Credits may be debited and credited between requesting nodes and the processing node for each transaction. Different types of credits may be used for different types of security operations.
    Type: Grant
    Filed: September 27, 2017
    Date of Patent: February 15, 2022
    Inventors: Muhammad Jawad Alam Wahla, Nino Wicaksono, Meherzad Firoze Aga, Monty Aaron Forehand
  • Patent number: 11251978
    Abstract: A system for securely customizing a computing environment based on cryptographic protections includes providing a key device; bringing the key device proximate to a computing environment (510); beginning an authentication protocol when the user approaches the environment with the device; validating user to the key device (520); comparing certificates (525); unlocking/regenerating a device split key (530); if authentication of certificates is not valid, log & return (540); if it is valid, a full key is generated on the computing environment in volatile memory, and the full key unlocks personal settings on the computing environment (545). Using the computing environment with the personal settings (550); disconnecting (555); and logging activity (560). The device can be a smart phone. Bringing the key proximate to a computing environment (510) can initiate Bluetooth or other near field communications. Initial steps can include enrolling the key (505). The environment can be a vehicle.
    Type: Grant
    Filed: June 1, 2018
    Date of Patent: February 15, 2022
    Assignee: BAE Systems Information and Electronic Systems Integration Inc.
    Inventors: Jonathan P. Ingraham, Rudra Chakravorty, Tate J. Keegan
  • Patent number: 11245526
    Abstract: Upon an attempt to access a service of a third-party server, full-duplex password-less authentication provides a one-time password to the user displayed at the client device and at a mobile device associated with the user. The user verifies the access by comparing the one-time password displayed at the mobile device and the one-time password displayed at the client device. The one-time password is displayed as a combination of a picture and a set of alphanumeric characters for ease in making the comparison. The user determines whether to accept or deny the authentication sequence after a simple visual comparison.
    Type: Grant
    Filed: November 11, 2020
    Date of Patent: February 8, 2022
    Assignee: Identité, Inc.
    Inventors: John P. Hertrich, Mohammad Mozdurani Shiraz
  • Patent number: 11238183
    Abstract: A data protection system is disclosed. The data protection system comprises a cloud management platform and at least one data storage device. The cloud management platform includes a database stored with at least one key. The data storage device includes a data storage unit, a microprocessor, and a network communication component. The microprocessor is communicated with the cloud management platform by the network communication component. The data storage unit comprises a controller and a plurality of flash memories. The flash memories store a plurality of encrypted data. The microprocessor sends a key extraction request including a unique code to the cloud management platform. The cloud management platform selects the key matching to the unique code in the key extraction request from the database, and transmits the selected key to the data storage device. The controller of the data storage device decrypts the encrypted data by the key.
    Type: Grant
    Filed: September 30, 2020
    Date of Patent: February 1, 2022
    Assignee: Innodisk Corporation
    Inventor: Chin-Chung Kuo
  • Patent number: 11240268
    Abstract: Dynamic honeypots for computer program execution environments are described. A determination is made whether a time period has expired since a computer program execution environment, of multiple computer program execution environments, began executing a computer program that provides a user service. The computer program execution environment is changed into a computer security mechanism that counteracts an attempt of unauthorized use of a system that comprises the computer program execution environment, in response to a determination that the time period has expired since the computer program execution environment began executing the computer program that provides the user service.
    Type: Grant
    Filed: September 27, 2017
    Date of Patent: February 1, 2022
    Inventors: Amit Lieberman, Assaf Natanzon, Oron Golan, Raul Shnier
  • Patent number: 11227063
    Abstract: Embodiments described herein provide a privacy mechanism to protect user data when transmitting the data to a server that estimates a frequency of such data amongst a set of client devices. In one embodiment, a differential privacy mechanism is implemented using a count-mean-sketch technique that can reduce resource requirements required to enable privacy while providing provable guarantees regarding privacy and utility. For instance, the mechanism can provide the ability to tailor utility (e.g. accuracy of estimations) against the resource requirements (e.g. transmission bandwidth and computation complexity).
    Type: Grant
    Filed: September 14, 2020
    Date of Patent: January 18, 2022
    Assignee: Apple Inc.
    Inventors: Abhishek Bhowmick, Andrew H. Vyrros, Umesh S. Vaishampayan, Kevin W. Decker, Conrad Shultz, Steve Falkenburg, Mateusz Rajca
  • Patent number: 11223488
    Abstract: A routing plane includes an authentication packaging system that receives client authentication information, as part of a request from a requesting client that is to be routed to a target service. The authentication packaging system combines the authentication information with assertion information indicative of an assertion as to the identity of the routing plane, using an entropy, such as a signing key. The authentication package is attached to the request and is sent to the target service. The target service validates the authentication package based on the entropy and authenticates the routing plane based on the assertion information and performs authentication processing based on the authentication information.
    Type: Grant
    Filed: May 28, 2020
    Date of Patent: January 11, 2022
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Matthias Leibmann, Grigory V. Kaplin, Chun-Hung Lin
  • Patent number: 11204998
    Abstract: There is disclosed in one example a computing apparatus, including: a hardware platform; and a storage medium having stored thereon executable instructions to provide an inference engine configured to: receive a new suspicious fragment object from a protected device; add the new suspicious fragment object to a rolling map configured to provide a temporal snapshot of suspicious fragment objects over a time span; determine a connection between the new suspicious fragment object and an existing suspicious fragment object within the rolling map; apply the connection to a connection map; and operate a map classifier to determine that the connection map represents a probable computer security threat.
    Type: Grant
    Filed: August 7, 2018
    Date of Patent: December 21, 2021
    Assignee: McAfee, LLC
    Inventors: German Lancioni, Cedric Cochin, Kunal Mehta
  • Patent number: 11196746
    Abstract: “Sensitive” URIs for a website can be determined. Access attempts to a sensitive URI can be extracted from server logs. As used herein, sensitive URIs are URIs which if breached are likely to result in harm to the website owner. Access to sensitive URIs can be restricted to trusted accessors. Trusted accessors can be determined by filtering out untrusted accessors using thresholds and/or machine learning techniques. After filtering out untrusted accessors, any remaining accessors can be identified as trusted accessors. Trusted accessors can be added to a whitelist. Access requests to access-restricted URIs by an accessor not in the whitelist can be denied and an alert can be generated. Access requests to access-restricted URIs by an accessor in the whitelist can be granted.
    Type: Grant
    Filed: July 4, 2018
    Date of Patent: December 7, 2021
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Omer Karin, Hani Hana Neuvirth, Dotan Patrich, Tomer Koren, Ram Haim Pliskin, Josef Weizman, Yotam Livny
  • Patent number: 11196767
    Abstract: A method and technique for protecting against denial of service attacks includes maintaining a session count indicating a quantity of active client sessions a server is maintaining and a session threshold specifying a maximum quantity of concurrent client sessions the server can maintain. Responsive to receiving a request from a client, a request count maintained by the server is verified to be less than the session threshold and, if so, a challenge message is sent to the client and the request count is incremented. Responsive to receiving a response message to the challenge message from the client, the response message is verified, a session with the client is established, and the session count is incremented. Responsive to terminating the session with the client, the session count and the request count are decremented.
    Type: Grant
    Filed: June 2, 2019
    Date of Patent: December 7, 2021
    Assignee: International Business Machines Corporation
    Inventors: Clark Debs Jeffries, Mohammad Peyravian