Patents Examined by Joseph P. Hirl
  • Patent number: 12271484
    Abstract: Described are techniques for application hardening. The techniques include generating application traces using fuzzing for an application with a known security vulnerability, where the application traces include good traces that do not result in exploitation of the known security vulnerability and bad traces that result in exploitation of the known security vulnerability. The techniques further include identifying code segments that are executed by the bad traces and not executed by the good traces. The techniques further include modifying the identified code segments using binary rewriting.
    Type: Grant
    Filed: July 13, 2022
    Date of Patent: April 8, 2025
    Assignee: International Business Machines Corporation
    Inventors: Michael Vu Le, Sanjeev Das
  • Patent number: 12273440
    Abstract: A method for authorizing a blockchain data access on a blockchain platform includes: obtaining from a third-party institution a data access request containing a user ID of data access, a data scope, and a random number of a signature, which is generated by the third-party institution after receiving a random number sent by a client terminal and signing on the received random number; performing a verification on the random number of the signature and the data scope; and after the verification is passed, sending data ciphertext corresponding to the user ID to the third-party institution, such that the third-party institution decrypts the data ciphertext using a data secret key sent by the client terminal.
    Type: Grant
    Filed: January 12, 2021
    Date of Patent: April 8, 2025
    Assignee: CHINA UNIONPAY CO., LTD.
    Inventors: Yuzhuang Xu, Tao Zhu, Yu Zhou
  • Patent number: 12273392
    Abstract: Disclosed is a cloud-based security system implemented in a forward proxy that provides generative artificial intelligence (GenAI) traffic inspection to protect against security and privacy concerns related to GenAI use for protected endpoints. The security system intercepts requests and determines whether those requests are directed to a GenAI application. The security system includes a GenAI request classifier trained to classify prompts submitted to GenAI applications as one of benign, prompt injection attack, or uploaded files. The security system further includes a GenAI response classifier trained to classify responses from GenAI applications as one of normal, leaked system prompt, leaked user uploaded files, or leaked training data.
    Type: Grant
    Filed: May 21, 2024
    Date of Patent: April 8, 2025
    Assignee: Netskope, Inc.
    Inventors: Siying Yang, Krishna Narayanaswamy
  • Patent number: 12271507
    Abstract: Methods for exchanging a predecessor domain registrar for the authentication and configuration of digital certificates of IoT devices with a new registrar. The predecessor registrar and the devices are stored using a blockchain. The method may include: determining by the predecessor the number of nearby attestations needed; entering the new registrar into the blockchain; gathering the attestations of the devices using the new registrar; checking whether the new registrar fulfills the defined number; accepting the technical installation with the new registrar as authentication and configuration entity for the devices; sending voucher requests to the new registrar; forwarding the voucher requests to an authorization authority; checking whether the respective device belongs to the new registrar; and if so, issuing a voucher for the corresponding device using the authorization authority and sending the voucher to the corresponding device.
    Type: Grant
    Filed: February 16, 2021
    Date of Patent: April 8, 2025
    Assignee: SIEMENS SCHWEIZ AG
    Inventor: Oskar Camenzind
  • Patent number: 12267341
    Abstract: A method including analyzing affected data known to include harmful content, and clean data known to be free of the harmful content; determining, based on analyzing the affected data and the clean data, harmful traits that appear in the affected data with a frequency that satisfies a threshold frequency, and clean traits that appear in the clean data with the frequency that satisfies the threshold frequency; mixing the harmful traits and the clean traits to determine a mixed set; analyzing the affected data based on utilizing the mixed set to determine a harmful pattern that indicates characteristics associated with the harmful traits and the clean traits; and transmitting pattern information indicating the harmful pattern to enable the user device to determine whether given data includes the harmful content is disclosed. Various other aspects are contemplated.
    Type: Grant
    Filed: November 7, 2023
    Date of Patent: April 1, 2025
    Assignee: UAB 360 IT
    Inventors: Aleksandr Sevcenko, Mantas Briliauskas
  • Patent number: 12265602
    Abstract: According to examples, an apparatus includes a processor that is to obtain a plurality of codes contained in a machine-readable item and send a request for authentication of a user of the machine-readable item to a server. The server is to select a certain code of a plurality of certain codes and return a request for the selected certain code. The processor is to receive the request for the selected certain code from the server and to identify a code in the plurality of codes that corresponds to the selected certain code. The processor is also to send the identified code to the server for the server to authenticate the user based at least on the identified code. In addition, the processor is to receive an indication as to whether the authentication request of the user is successful from the server.
    Type: Grant
    Filed: July 21, 2022
    Date of Patent: April 1, 2025
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC
    Inventors: Anju, Ehud Mordechai Itshaki
  • Patent number: 12267435
    Abstract: A cryptocurrency miner includes compute modules and a controller. Each compute module includes a stats store, a manager, and compute engines. The controller is coupled to the compute modules via a serial bus and distributes one or more jobs to the compute modules via the serial bus. Each manager distributes jobs received by its respective compute module among the compute engines of its respective compute module. Each compute engine processes a job and reports a candidate hit found by processing the job. Each manager validates a candidate hit reported by one of the compute engines of its respective compute module, reports the validated candidate hit to the controller; and updates statistical information in the stats store of its respective compute module based on validation of the candidate hit.
    Type: Grant
    Filed: August 9, 2022
    Date of Patent: April 1, 2025
    Assignee: CHAIN REACTION LTD.
    Inventors: Rony Gutierrez, Michael Tal, Zvi Shteingart
  • Patent number: 12265920
    Abstract: Techniques for code-free automated machine learning (ML) are described. Users can train high-quality ML models and pipelines without necessarily needing to write code by providing a training dataset to a code-free machine learning service. The service may deploy an ML orchestration function and a storage location on behalf of a user. When a modification is made to the storage bucket, such as by the user providing a training dataset, the orchestration function is invoked and can automatically initiate an AutoML process using at least the training data to train multiple ML model variants. The resultant ML model(s) and associated metrics can be provided to the user, deployed behind an endpoint, and/or used to generate inferences.
    Type: Grant
    Filed: April 15, 2020
    Date of Patent: April 1, 2025
    Assignee: Amazon Technologies, Inc.
    Inventors: Jonas Mueller, Tatsuya Arai, Abhi Vinayaka Sharma, Ryan Matthew Brand, Yohei Nakayama, Nick Dean Erickson, Hang Zhang, Mu Li, Alexander Johannes Smola
  • Patent number: 12259981
    Abstract: In some embodiments, a network node for securing physical assets may be provided. The network node may include a processor and a memory storing instructions. The network may be configured to: receive, from a first entity, a cryptographic data structure configured to identify a physical item stored in a secured location; in response to receiving the cryptographic data structure, generate and transmit to the first entity a plurality of fungible cryptographic items; secure the cryptographic data structure on a public data structure, such that the cryptographic data structure cannot be released unless the plurality of fungible cryptographic items are received; receive, from a second entity, the plurality of fungible cryptographic items; and in response to receiving the plurality of fungible cryptographic items, transmit to the second entity the cryptographic data structure.
    Type: Grant
    Filed: February 27, 2023
    Date of Patent: March 25, 2025
    Assignee: Dibbs Group, Inc.
    Inventors: Evan Vandenberg, Till Mueller
  • Patent number: 12261860
    Abstract: Disclosed techniques include integrated cybersecurity state change buffer service. A plurality of network-connected cybersecurity threat protection applications is accessed. A background synchronization service is initiated. The background synchronization service receives status from at least one of the plurality of cybersecurity threat protection applications. The status comprises high-volume incoming status data. The status is monitored, using the background synchronization service. A real-time state change in the status is identified, based on the monitoring. The identifying a real-time state change includes quantifying incoming data associated with the status. An actionable response is triggered, based on the state change that was identified. The actionable response enables self-healing of a connected security orchestration, automation, and response (SOAR) application system. The status is processed, using the background synchronization service, to provide the actionable response.
    Type: Grant
    Filed: January 6, 2023
    Date of Patent: March 25, 2025
    Assignee: Arctic Wolf Networks, Inc.
    Inventors: Joshua McCarthy, Nicholas Graves, David B McKinley, William Wilson
  • Patent number: 12261872
    Abstract: Systems and methods are provided for enhanced machine learning refinement and alert generation. An example method includes accessing datasets storing customer information reflecting transactions of customers. Individual risk scores are generated for the customers based on the customer information. Generating the risk score includes providing identified occurrences of scenario definitions and customer information as input to one or more machine learning models, the scenario definitions identifying occurrences of specific information reflected in the datasets, with the machine learning models assign respective risk scores to the customers. An interactive user interface is presented.
    Type: Grant
    Filed: August 16, 2021
    Date of Patent: March 25, 2025
    Assignee: Palantir Technologies Inc.
    Inventors: Corentin Petit, Jacob Albertson, Marissa Kimball, Paul Baseotto, Pierre Cholet, Timur Iskhakov, Victoria Galano
  • Patent number: 12262202
    Abstract: Systems and methods for configuring industrial devices through a secured wireless side channel may include a compute device. The compute device may have primary communication circuitry configured to communicate through a network and side channel communication circuitry configured to communicate through a wireless side channel that is different from the network. The compute device may additionally include circuitry configured to obtain, via the wireless side channel, configuration data indicative of a configuration for one or more operations of an industrial device of an industrial process plant. Additionally the circuitry may be configured to configure, in response to obtaining the configuration data, the one or more operations of the industrial device.
    Type: Grant
    Filed: August 12, 2021
    Date of Patent: March 25, 2025
    Assignee: ABB Schweiz AG
    Inventors: Mallikarjun Kande, David Mielnik
  • Patent number: 12259956
    Abstract: A user equipment (UE) is configured to perform a prewarming process, wherein the prewarming process includes concurrently performing a face detection process and an unlock process independent of face detection, determine whether a face detection operation indicates the presence of a face within a field of view of a camera of the UE and disable prewarming for a predetermined time period when the face detection operation is not satisfied.
    Type: Grant
    Filed: August 23, 2021
    Date of Patent: March 25, 2025
    Assignee: Apple Inc.
    Inventors: Naresh Kumar Chinnathambi Kailasam, Vasilios E. Anton, Christian Seifert, Ramanujam Jagannath, Shannon Shih
  • Patent number: 12259973
    Abstract: Systems and methods related to flush plus reload cache side-channel attack mitigation are described. An example method for mitigating a side-channel timing attack in a system including a processor having at least one cache is described. The method includes receiving a first instruction, where the first instruction, when executed by the processor, is configured to flush at least one cache line from the at least one cache associated with the processor. The method further includes, prior to execution of the first instruction by the processor, automatically mapping the first instruction to a second instruction such that the at least one cache line is not flushed from the at least one cache even in response to receiving the first instruction.
    Type: Grant
    Filed: June 13, 2022
    Date of Patent: March 25, 2025
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Ishwar Agarwal, Bharat Pillilli, Vishal Soni
  • Patent number: 12254096
    Abstract: A comparison means compares a first risk analysis result with a second risk analysis result. The first risk analysis result includes a first risk evaluation value. The second risk analysis result includes a second risk evaluation value. Based on the result of the comparison, a display means displays the first risk evaluation value in such a manner that a first risk evaluation value for which there is a second risk evaluation value, in the second risk analysis result, for an attack step of which an attack destination coincides with an asset included in the first risk analysis result and an attack method coincides with an attack method included in the first risk analysis result can be distinguished from a first risk evaluation value for which there is no such second risk evaluation value.
    Type: Grant
    Filed: September 27, 2019
    Date of Patent: March 18, 2025
    Assignee: NEC CORPORATION
    Inventors: Ryo Mizushima, Hirofumi Ueda, Tomohiko Yagyu
  • Patent number: 12255921
    Abstract: Methods, apparatus, and software for efficient encryption in virtual private network (VPN) sessions. A VPN link and an auxiliary link (and associated sessions) are established between computing platforms to support end-to-end communication between respective application running on the platforms. The VPN link may employ a conventional VPN protocol such as TLS or IPsec, while the auxiliary link comprises a NULL encryption VPN tunnel. To transfer data, a determination is made to whether the data are encrypted or non-encrypted. Encrypted data are transferred over the auxiliary link to avoid re-encryption of the data. Non-encrypted are transferred over the VPN link. TLS and IPsec VPN agents may be used to assist in setting up the VPN and auxiliary sessions. The techniques avoid double encryption of VPN traffic, while ensuring that various types of traffic transferred between platforms is encrypted.
    Type: Grant
    Filed: June 16, 2021
    Date of Patent: March 18, 2025
    Assignee: Intel Corporation
    Inventors: Akhilesh S. Thyagaturu, Vinodh Gopal
  • Patent number: 12254110
    Abstract: An example system includes a processor to generate regular expressions representing textual pattern facets of sub-formats of a composite format, and a regular expression representing a composite textual pattern of the composite format based on sub-format and composition type. The processor can search the data using generated regular expression representing composite textual patterns to detect occurrences of candidate matches. The processor can recursively match and validate the detected occurrences with the composite format and hierarchically match and validate sub-formats in the detected occurrence. The processor can mask in place the detected occurrence of the composite format in the data using ranking-based integer format preserving masking.
    Type: Grant
    Filed: June 1, 2021
    Date of Patent: March 18, 2025
    Assignee: International Business Machines Corporation
    Inventors: Ariel Farkash, Micha Gideon Moffie
  • Patent number: 12255879
    Abstract: Systems and methods are described for securely and efficiently processing electronic content. In one embodiment, a first application running on a first computing system establishes a secure channel with a second computing system, the secure channel being secured by one or more cryptographic session keys. The first application obtains a license from the second computing system via the secure channel, the license being encrypted using at least one of the one or more cryptographic session keys, the license comprising a content decryption key, the content decryption key being further encrypted using at least one of the one or more cryptographic session keys or one or more keys derived therefrom.
    Type: Grant
    Filed: May 10, 2021
    Date of Patent: March 18, 2025
    Assignee: Intertrust Technologies Corporation
    Inventors: Gary Ellison, Gilles Boccon-Gibod, Pierre Chavanne
  • Patent number: 12254474
    Abstract: The disclosed computer-implemented method for enforcing strict network connectivity and storage access during online payments may include (i) determining that a webpage in a tab of a browser application executing on the computing device includes a payment page for an e-commerce website, (ii) based on determining that the webpage includes a payment page, providing formjacking attack protection by monitoring network connectivity and storage access by the browser tab, (iii) based on the formjacking attack protection, identifying a potentially malicious attempt to hijack information entered into at least one web form included in the payment page, and (iv) in response to identifying the potentially malicious attempt, preventing the potentially malicious attempt from hijacking the information entered into the at least one web form included in the payment page. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: December 6, 2021
    Date of Patent: March 18, 2025
    Assignee: GEN DIGITAL INC.
    Inventors: Bahaa Naamneh, David Luz Silva, Iskander Sanchez Rola
  • Patent number: 12250320
    Abstract: A method of securing operating instructions for a driver assistance system of a motor vehicle. The method including: a) implementing a distributed blockchain including a plurality of blocks, a copy of the blockchain being stored on each of a plurality of nodes. Wherein, each block includes a different version of the operating instructions, b) performing a verification routine including checking that the copies of the blockchain are identical. And, where a fault copy of the blockchain is not identical, flagging the fault copy as insecure. And preventing use of the fault copy, thus preventing installation of the operating instructions comprised in the blocks of the fault copy.
    Type: Grant
    Filed: August 13, 2018
    Date of Patent: March 11, 2025
    Assignee: Magna Electronics Sweden AB
    Inventors: Jochen Schnabel, Olaf Schwartz, Jonas Villasmil