Patents Examined by Jeffery L Williams
-
Patent number: 11321464Abstract: This disclosure relates to method and system for generating cognitive security intelligence for detecting and preventing malwares. In one embodiment, the method includes monitoring instructions being executed by a processor of a computing system, determining events triggered and activities performed by the execution of the instructions, correlating the events and the activities to determine a sequence of events and activities, and mapping the sequence of events and activities with a topographical threat map to detect a pattern match corresponding to a malware. The topographical threat map is event and activity behavior map of a number of categories of malwares, and is built based on a cognitive analysis using deep learning which may also be enriched with external knowledge or historic knowledge. The method further includes effecting a remedial measure, upon detecting the pattern match, to prevent the malware by constructing remedial instructions to be executed by the processor.Type: GrantFiled: February 6, 2018Date of Patent: May 3, 2022Assignee: Wipro LimitedInventor: Sridhar Govardhan
-
Patent number: 11316840Abstract: In one or more embodiments, one or more systems, one or more methods, and/or one or more processes may: receive, by a first information handling system (IHS), one or more client files of a web application; receive a binary module; populate a document object model (DOM) with content of the web application; receive first user input via a first node of the DOM; receive an encrypted file and a first portion of a symmetric encryption key from a second IHS; receive second user input via a second node of the DOM; execute a binary module; provide the second user input to the binary module; determine a second portion of the symmetric encryption key based at least on the second user input; combine the first and second portions of the symmetric encryption key to obtain the symmetric encryption key; and decrypt the encrypted file to obtain the file.Type: GrantFiled: April 16, 2020Date of Patent: April 26, 2022Assignee: Dell Products L.P.Inventor: Brandon Grooters
-
Patent number: 11316697Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for verifiable-claim issuance. One of the methods includes: receiving, from a first entity, a request for creating a verifiable claim (VC) for a decentralized identifier (DID) associated with a second entity; obtaining, in response to receiving the request, a digital signature associated with the first entity; and generating the VC based on the received request and the obtained digital signature.Type: GrantFiled: July 23, 2021Date of Patent: April 26, 2022Assignee: ADVANCED NEW TECHNOLOGIES CO., LTD.Inventors: Renhui Yang, Jiawei Liu, Yuan Chen, Yuqi Lin
-
Patent number: 11310055Abstract: An incorrect transmission, of a record of data to a distributed ledger system, can be prevented. A first signal can be received. The first signal can include a first instruction to cause the record to be transmitted to the system. One or more items of information in the record can be determined. A delay of time to be elapsed, before a transmission of the record to the system, can be set in response to a receipt of the first signal and a determination of the one or more items. The transmission of the record to the system can be caused to occur after the delay has elapsed. The transmission of the record to the system can be prevented in response to a receipt of a second signal before the delay has elapsed. The second signal can include a second instruction that supersedes the first instruction.Type: GrantFiled: July 11, 2019Date of Patent: April 19, 2022Assignee: POLYSIGN, INC.Inventors: David Schwartz, Arthur Britto
-
Patent number: 11296882Abstract: A system for identifying unauthorized users in a distributed register network is provided. In particular, the system may comprise a distributed register network comprising one or more decentralized nodes, each of which may store a separate copy of a distributed data register. The system may further comprise one or more specialized nodes which authenticate users that trigger the generation of blocks in a linked structures of the distributed register network, where the blocks are associated with requests that are submitted by the user. In this way, the system verifies the authenticity of the blocks in the linked structures, thereby providing a more robust distributed register network.Type: GrantFiled: October 1, 2020Date of Patent: April 5, 2022Assignee: BANK OF AMERICA CORPORATIONInventors: Shailendra Singh, Nimish Ravindra Deshpande, Prashant Khare
-
Patent number: 11288365Abstract: An example intrusion detection system for a computer includes: an ambient light sensor to detect an increase in ambient light indicative of a housing of the computer being opened; and a super input/output integrated circuit (SIO) to receive a signal from the ambient light sensor indicating that the housing of the computer has been opened.Type: GrantFiled: February 2, 2017Date of Patent: March 29, 2022Assignee: Hewlett-Packard Development Company, L.P.Inventors: Shaheen Saroor, Nam H Nguyen, Ted T Nguy
-
Patent number: 11281777Abstract: A protection module operates to analyze threats, at the protocol level (e.g., at the HTML level), by intercepting all requests that a browser engine resident in a computing device sends and receives, and the protection agent completes the requests without the help of the browser engine. And then the protection module analyzes and/or modifies the completed data before the browser engine has access to it, to, for example, display it. After performing all of its processing, removing, and/or adding any code as needed, the protection module provides the HTML content to the browser engine, and the browser engine receives responses from the protection agent as if it was speaking to an actual web server, when in fact, browser engine is speaking to an analysis engine of the protection module.Type: GrantFiled: July 16, 2018Date of Patent: March 22, 2022Assignee: WEBROOT INC.Inventors: Joe Jaroch, Harry Murphey McCloy, III, Robert Edward Adams
-
Patent number: 11277382Abstract: Example methods and computer systems are provided for filter-based packet handling at a virtual network adapter. The method may comprise: receiving an ingress packet destined for the virtualized computing instance that is supported by the host and connected to the virtual network adapter; and matching the ingress packet to one of multiple filters configured for the virtual network adapter. The multiple filters may include a first filter specifying one or more first packet characteristics and a second filter specifying one or more second packet characteristics. The method may also comprise: in response to matching the ingress packet to the first filter, assigning the ingress packet to a first packet queue; and in response to matching the ingress packet to the second filter, assigning the ingress packet to a second packet queue.Type: GrantFiled: July 22, 2019Date of Patent: March 15, 2022Assignee: VMWARE, INC.Inventors: Peng Li, Guolin Yang, Yong Wang, Wenyi Jiang, Boon Seong Ang
-
Patent number: 11258772Abstract: An apparatus includes a non-volatile memory (NVM) device coupled to a host, the NVM device including a processing device to: receive a communication packet from a server via the host computing system that is coupled to the NVM device and communicatively coupled to the server, the communication packet comprising clear text data that requests to initiate secure communications; perform a secure handshake with the server, via communication through the host computing system, using a secure protocol that generates a session key; receive data, via the host computing system, from the server within a secure protocol packet, wherein the data is inaccessible to the host computing system; authenticate the data using secure protocol metadata of the secure protocol packet; optionally decrypt, using the session key, the data to generate plaintext data; and store the plaintext data in NVM storage elements of the NVM device.Type: GrantFiled: June 4, 2019Date of Patent: February 22, 2022Assignee: Cypress Semiconductor CorporationInventors: Sergey Ostrikov, Stephan Rosner, Cliff Zitlaw
-
Patent number: 11251955Abstract: A wireless communication device for use with a communication device and a network gateway connected to the Internet, wherein the communication device can communicate with the network gateway. The wireless communication device includes: a communication component operable to communicate with the network gateway; a memory component having temporary network access credentials stored therein; and a credential feature associated with the temporary network access credentials and being accessible by the communication device. The communication component can further establish a temporary network connection with the gateway based on the temporary network access credentials, and can further join a permanent network with the gateway.Type: GrantFiled: September 7, 2017Date of Patent: February 15, 2022Assignee: ARRIS ENTERPRISES LLCInventors: Paul A. Clancy, James R. Flesch
-
Patent number: 11251975Abstract: Apparatus and method for distributed authentication in a data storage system using block chain technology. In some embodiments, a requested transaction is generated to perform a selected security operation upon a data processing device in a computer network. The requested transaction is validated and propagated to a plurality of nodes. The nodes use a consensus mechanism to quasi-randomly select a particular node to generate a new block listing the requested transaction. The new block is validated, propagated among the plurality of nodes, and added to a block chain data structure. A processing node processes the requested transaction from the block chain data structure to authorize the selected security operation. Credits may be debited and credited between requesting nodes and the processing node for each transaction. Different types of credits may be used for different types of security operations.Type: GrantFiled: September 27, 2017Date of Patent: February 15, 2022Inventors: Muhammad Jawad Alam Wahla, Nino Wicaksono, Meherzad Firoze Aga, Monty Aaron Forehand
-
Patent number: 11251978Abstract: A system for securely customizing a computing environment based on cryptographic protections includes providing a key device; bringing the key device proximate to a computing environment (510); beginning an authentication protocol when the user approaches the environment with the device; validating user to the key device (520); comparing certificates (525); unlocking/regenerating a device split key (530); if authentication of certificates is not valid, log & return (540); if it is valid, a full key is generated on the computing environment in volatile memory, and the full key unlocks personal settings on the computing environment (545). Using the computing environment with the personal settings (550); disconnecting (555); and logging activity (560). The device can be a smart phone. Bringing the key proximate to a computing environment (510) can initiate Bluetooth or other near field communications. Initial steps can include enrolling the key (505). The environment can be a vehicle.Type: GrantFiled: June 1, 2018Date of Patent: February 15, 2022Assignee: BAE Systems Information and Electronic Systems Integration Inc.Inventors: Jonathan P. Ingraham, Rudra Chakravorty, Tate J. Keegan
-
Patent number: 11245526Abstract: Upon an attempt to access a service of a third-party server, full-duplex password-less authentication provides a one-time password to the user displayed at the client device and at a mobile device associated with the user. The user verifies the access by comparing the one-time password displayed at the mobile device and the one-time password displayed at the client device. The one-time password is displayed as a combination of a picture and a set of alphanumeric characters for ease in making the comparison. The user determines whether to accept or deny the authentication sequence after a simple visual comparison.Type: GrantFiled: November 11, 2020Date of Patent: February 8, 2022Assignee: Identité, Inc.Inventors: John P. Hertrich, Mohammad Mozdurani Shiraz
-
Patent number: 11238183Abstract: A data protection system is disclosed. The data protection system comprises a cloud management platform and at least one data storage device. The cloud management platform includes a database stored with at least one key. The data storage device includes a data storage unit, a microprocessor, and a network communication component. The microprocessor is communicated with the cloud management platform by the network communication component. The data storage unit comprises a controller and a plurality of flash memories. The flash memories store a plurality of encrypted data. The microprocessor sends a key extraction request including a unique code to the cloud management platform. The cloud management platform selects the key matching to the unique code in the key extraction request from the database, and transmits the selected key to the data storage device. The controller of the data storage device decrypts the encrypted data by the key.Type: GrantFiled: September 30, 2020Date of Patent: February 1, 2022Assignee: Innodisk CorporationInventor: Chin-Chung Kuo
-
Patent number: 11240268Abstract: Dynamic honeypots for computer program execution environments are described. A determination is made whether a time period has expired since a computer program execution environment, of multiple computer program execution environments, began executing a computer program that provides a user service. The computer program execution environment is changed into a computer security mechanism that counteracts an attempt of unauthorized use of a system that comprises the computer program execution environment, in response to a determination that the time period has expired since the computer program execution environment began executing the computer program that provides the user service.Type: GrantFiled: September 27, 2017Date of Patent: February 1, 2022Inventors: Amit Lieberman, Assaf Natanzon, Oron Golan, Raul Shnier
-
Patent number: 11227063Abstract: Embodiments described herein provide a privacy mechanism to protect user data when transmitting the data to a server that estimates a frequency of such data amongst a set of client devices. In one embodiment, a differential privacy mechanism is implemented using a count-mean-sketch technique that can reduce resource requirements required to enable privacy while providing provable guarantees regarding privacy and utility. For instance, the mechanism can provide the ability to tailor utility (e.g. accuracy of estimations) against the resource requirements (e.g. transmission bandwidth and computation complexity).Type: GrantFiled: September 14, 2020Date of Patent: January 18, 2022Assignee: Apple Inc.Inventors: Abhishek Bhowmick, Andrew H. Vyrros, Umesh S. Vaishampayan, Kevin W. Decker, Conrad Shultz, Steve Falkenburg, Mateusz Rajca
-
Patent number: 11223488Abstract: A routing plane includes an authentication packaging system that receives client authentication information, as part of a request from a requesting client that is to be routed to a target service. The authentication packaging system combines the authentication information with assertion information indicative of an assertion as to the identity of the routing plane, using an entropy, such as a signing key. The authentication package is attached to the request and is sent to the target service. The target service validates the authentication package based on the entropy and authenticates the routing plane based on the assertion information and performs authentication processing based on the authentication information.Type: GrantFiled: May 28, 2020Date of Patent: January 11, 2022Assignee: Microsoft Technology Licensing, LLCInventors: Matthias Leibmann, Grigory V. Kaplin, Chun-Hung Lin
-
Patent number: 11204998Abstract: There is disclosed in one example a computing apparatus, including: a hardware platform; and a storage medium having stored thereon executable instructions to provide an inference engine configured to: receive a new suspicious fragment object from a protected device; add the new suspicious fragment object to a rolling map configured to provide a temporal snapshot of suspicious fragment objects over a time span; determine a connection between the new suspicious fragment object and an existing suspicious fragment object within the rolling map; apply the connection to a connection map; and operate a map classifier to determine that the connection map represents a probable computer security threat.Type: GrantFiled: August 7, 2018Date of Patent: December 21, 2021Assignee: McAfee, LLCInventors: German Lancioni, Cedric Cochin, Kunal Mehta
-
Patent number: 11196746Abstract: “Sensitive” URIs for a website can be determined. Access attempts to a sensitive URI can be extracted from server logs. As used herein, sensitive URIs are URIs which if breached are likely to result in harm to the website owner. Access to sensitive URIs can be restricted to trusted accessors. Trusted accessors can be determined by filtering out untrusted accessors using thresholds and/or machine learning techniques. After filtering out untrusted accessors, any remaining accessors can be identified as trusted accessors. Trusted accessors can be added to a whitelist. Access requests to access-restricted URIs by an accessor not in the whitelist can be denied and an alert can be generated. Access requests to access-restricted URIs by an accessor in the whitelist can be granted.Type: GrantFiled: July 4, 2018Date of Patent: December 7, 2021Assignee: Microsoft Technology Licensing, LLCInventors: Omer Karin, Hani Hana Neuvirth, Dotan Patrich, Tomer Koren, Ram Haim Pliskin, Josef Weizman, Yotam Livny
-
Patent number: 11196767Abstract: A method and technique for protecting against denial of service attacks includes maintaining a session count indicating a quantity of active client sessions a server is maintaining and a session threshold specifying a maximum quantity of concurrent client sessions the server can maintain. Responsive to receiving a request from a client, a request count maintained by the server is verified to be less than the session threshold and, if so, a challenge message is sent to the client and the request count is incremented. Responsive to receiving a response message to the challenge message from the client, the response message is verified, a session with the client is established, and the session count is incremented. Responsive to terminating the session with the client, the session count and the request count are decremented.Type: GrantFiled: June 2, 2019Date of Patent: December 7, 2021Assignee: International Business Machines CorporationInventors: Clark Debs Jeffries, Mohammad Peyravian