Patents Examined by Joseph P. Hirl
  • Patent number: 10785255
    Abstract: A scalable, malware detection system features at least one sensor and a cluster including at least one computing node. The computing node includes an analysis coordination system and an object analysis system. The analysis coordination system, when activated as a broker computing node, (i) receives metadata from a sensor, (ii) analyzes the metadata, and (iii) places at least a portion of the metadata into a data store for subsequent use in retrieval of the suspicious object by the object analysis system from the sensor. The object analysis system is configured to (i) retrieve the portion of the metadata, which includes at least a sensor identifier, from the data store, (ii) retrieve the suspicious object from the sensor using at least part of the portion of the metadata retrieved from the data store, and (iii) analyze the suspicious object for malware.
    Type: Grant
    Filed: September 30, 2016
    Date of Patent: September 22, 2020
    Assignee: FireEye, Inc.
    Inventors: Alexander Otvagin, Sakthi Subramanian, Krists Krilovs, Diptesh Chatterjee, Prakhyath Rajanna
  • Patent number: 10785023
    Abstract: An apparatus and method for managing meter data. The apparatus for managing meter data includes a metering unit for acquiring meter data from a target device based on time information; a communication unit for receiving a message including the time information from a server device and transmitting the meter data to the server device; and a security unit for creating a private key using the time information and encrypting the meter data using the private key.
    Type: Grant
    Filed: June 4, 2018
    Date of Patent: September 22, 2020
    Inventors: Hong-Il Ju, Young-Ho Kim, Yun-Kyung Lee, Bo-Heung Chung, Jeong-Nyeo Kim, Jae-Deok Lim
  • Patent number: 10785221
    Abstract: In some implementations, a computing system can be configured so that a first user device can delegate a first user's media account credentials to second user device corresponding to a second user. For example, a playback device may be configured with the second user's media account credentials for accessing media items through a network media service. A first user may wish to play media items associated with the first user's media account credentials on the playback device. To do so, the first user device can request a device identifier for the playback device, request and obtain a delegate token for the device identifier from the media service, and provide the delegate token along with media item information to the playback device. The playback device can then use the delegate token to request the media item associated with the first user's media access account.
    Type: Grant
    Filed: May 3, 2018
    Date of Patent: September 22, 2020
    Assignee: Apple Inc.
    Inventors: David C. Graham, Taylor G. Carrigan, Nicholas J. Paulson, Johannes P. Schmidt, Thomas Alsina, Bob Bradley, Haishan Ye, James C. Grandy, Pierre De Lastic, Julien Lerouge
  • Patent number: 10783229
    Abstract: Systems, computer program products, and methods are described herein for implementing a robotic process automation using controller execution model. The present invention is configured to receive electronically, from a user computing device, a request to establish a communication link with a hosted virtual desktop (HVD) bot; determine a controller hosted virtual desktop (CHVD) hub associated with the HVD bot, wherein the CHVD hub comprises one or more HVD bots connected to the CHVD hub in a hub-and-spoke configuration, wherein the HVD bot is accessible only via the CHVD hub; receive one or more authentication credentials associated with the CHVD from an encrypted credential repository; validate the one or more authentication credentials associated with the CHVD, wherein validating further comprises authorizing the user computing device to access to the CHVD hub; and establish a communication link between the user computing device and the HVD bot, via the CHVD.
    Type: Grant
    Filed: November 18, 2019
    Date of Patent: September 22, 2020
    Assignee: Bank of America Corporation
    Inventors: Nagaraju Buddhiraju, Nye Walter Allen
  • Patent number: 10783244
    Abstract: An information processing system may be configured to count the number of one or more first time periods being included in a target time period. Each of the one or more first time periods has a plurality of communications each of which satisfies at least a condition. The plurality of communications includes two communications which are more distant from each other than a second time period which is shorter than the first time period.
    Type: Grant
    Filed: March 13, 2017
    Date of Patent: September 22, 2020
    Assignee: LAC CO., LTD.
    Inventor: Junichi Hatta
  • Patent number: 10783243
    Abstract: Systems and methods are provided herein for dynamic, non-invasive taint tracking using auto-generated datatypes. A proxy entry point component of a taint-aware environment continuously monitors for a request to initiate an application. The application has an associated runtime environment and profile parameters specific to the application. Upon identifying the request, a core component of the taint-aware environment generates a set of augmented classes based on the profile parameters. The set of augmented classes contains taint-tracking functionality. The proxy entry point component modifies an initiation pathway of the application to force the runtime environment to retrieve the set of augmented classes prior to execution of the application. The runtime environment continuously monitors for tainted data or tainted code passed through or contained within the application based on the taint-tracking functionality of the set of augmented classes.
    Type: Grant
    Filed: January 4, 2018
    Date of Patent: September 22, 2020
    Assignee: SAP SE
    Inventors: Florian Loch, Martin Johns
  • Patent number: 10778645
    Abstract: A security configuration for a firewall is generated. Network traffic data, network reputation data, and endpoint protection data are received from a network environment. A reputation score for a network address is generated from the network traffic data and the network reputation data. An endpoint protection configuration is generated from a routine based on the network traffic data and the endpoint protection data. A set of security rules is provided from the endpoint configuration and the reputation score.
    Type: Grant
    Filed: June 27, 2017
    Date of Patent: September 15, 2020
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Ben Kliger, Gilad Elyashar, Moshe Israel, Michael Zeev Bargury
  • Patent number: 10778668
    Abstract: A web server receives a packet including a web request from a browser of a client. The request includes a session cookie comprising a client token and a session identifier. A secret session token is calculated based on the session identifier and header data that includes data from one or more packet header fields. The web request is processed if the secret session token matches the client token and blocked otherwise. Determining the secret session token may include hashing the session identifier, at least a portion of a user agent string included in a user agent header of the web request, and at least a portion of a source IP address included in an IP header of the packet. The secret session token may have been provided to the client as a session cookie included in a response to an initial web request from the client.
    Type: Grant
    Filed: June 2, 2017
    Date of Patent: September 15, 2020
    Assignee: Dell Products L.P.
    Inventors: Abhijeet Bhattacharya, Rajeev Arakkal
  • Patent number: 10776490
    Abstract: An example device includes one or more memories; and one or more processors, communicatively coupled to the one or more memories, to, during a loading process of a boot process of an operating system, identify a file to be loaded for the operating system, where the operating system is being loaded during the boot process; identify a manifest of the file; verify the manifest of the file based on a supplied signature of the manifest; identify a fingerprint, associated with the file, in a fingerprint library; calculate a hash of the file; compare the hash of the file and the fingerprint; and verify the file based on the hash of the file matching the fingerprint associated with the file.
    Type: Grant
    Filed: December 28, 2017
    Date of Patent: September 15, 2020
    Assignee: Juniper Networks, Inc.
    Inventor: Simon J. Gerraty
  • Patent number: 10776425
    Abstract: Disclosed are methods, apparatus, systems and computer program products for database system communications with external content management data sources. In some implementations, the data sources are identified in a user interface. An authorization selection enables authorization of a given identified data source, and a customization selection enables customization of one or more search settings for searching content of the data source. Persistent objects representing content objects of the data sources can be stored in one or more databases. A database search can be performed on both native database files and the persistent objects.
    Type: Grant
    Filed: August 1, 2017
    Date of Patent: September 15, 2020
    Assignee:, inc.
    Inventors: Michael Micucci, Suarav Mohapatra, David Goldbrenner, Nicolas Maquaire, Laurent Kubaski, Raphael Jean-Leconte
  • Patent number: 10776523
    Abstract: The invention refers to a method for accessing an passenger transportation device control means comprising several separated printed circuit boards (PCB), whereby each of these PCBs comprises a unique identifier (ID), and in which method the passenger transportation device control means comprise a matching table which is used by the passenger transportation device control means to perform a matching test to check the identifier of at least two of the PCBs and to put the passenger transportation device control means into normal operation only if their IDs match the IDs of the matching table.
    Type: Grant
    Filed: March 23, 2018
    Date of Patent: September 15, 2020
    Assignee: Kone Corporation
    Inventors: Sampo Ahokas, Antti Hovi, Ferenc Staengler
  • Patent number: 10778656
    Abstract: The subject disclosure relates to methods of sharing resources across multiple devices in online meetings. A server manages an online meeting, in which a first client device, a second client device, and a third client device participate. The first client device is a primary device associated with a first user, the second client device is a secondary device associated with the first user, and the third client device is associated with a second user. The server receives from the first client device a command for the second client device to share a resource with the third client device. The server forwards the command to the second device. Next, the server receives data associated with the resource, the data being sent from the second client device in response to the command. The server then forwards the data to the third client device. Systems and computer readable media are also provided.
    Type: Grant
    Filed: May 13, 2019
    Date of Patent: September 15, 2020
    Inventors: Siyuan Li, Bingjun Lv
  • Patent number: 10778430
    Abstract: In accordance with various implementations, a method is performed at a source node of a fabric network coupled to a plurality of hosts respectively associated with a plurality of group identifiers. The method includes generating a source public key based on a source private key, a source group identifier of the plurality of group identifiers, and a destination group identifier of the plurality of group identifiers. The method includes sending, from the source node coupled to at least one host associated with the source group identifier to a destination node coupled to at least one host associated with the destination group identifier, the source public key. The method includes receiving, at the source node from the destination node, a destination public key based on a destination private key, the source group identifier, and the destination group identifier. The method further includes generating a shared secret based on the destination public key and the source private key.
    Type: Grant
    Filed: May 1, 2018
    Date of Patent: September 15, 2020
    Assignee: Cisco Technology, Inc.
    Inventors: Satish Kondalam, Victor M. Moreno, Sanjay Kumar Hooda, Muhammad Ahmad Imam
  • Patent number: 10778685
    Abstract: Examples include transmitting a frame to a computing device. The frame comprises an identifier of a pre-usage agreement for a network. Examples also include receiving a request for the pre-usage agreement, and transmitting the pre-usage agreement to the computing device. Additionally, examples include receiving a registration request comprising a calculated representation of the pre-usage agreement, validating the registration request, and transmitting a registration response.
    Type: Grant
    Filed: April 22, 2018
    Date of Patent: September 15, 2020
    Assignee: Hewlett Packard Enterprise Development LP
    Inventor: Yannick Koehler
  • Patent number: 10778703
    Abstract: A security platform employs a variety techniques and mechanisms to detect security related anomalies and threats in a computer network environment. The security platform is “big data” driven and employs machine learning to perform security analytics. The security platform performs user/entity behavioral analytics (UEBA) to detect the security related anomalies and threats, regardless of whether such anomalies/threats were previously known. The security platform can include both real-time and batch paths/modes for detecting anomalies and threats. By visually presenting analytical results scored with risk ratings and supporting evidence, the security platform enables network security administrators to respond to a detected anomaly or threat, and to take action promptly.
    Type: Grant
    Filed: December 10, 2018
    Date of Patent: September 15, 2020
    Assignee: SPLUNK INC.
    Inventors: Sudhakar Muddu, Christos Tryfonas
  • Patent number: 10778705
    Abstract: The present invention relates to a deep-learning-based intrusion detection method, a system and a computer program for web applications, and more particularly, to a method, a system and a computer program for detecting whether the traffic is a hacker attack, based on an output from a deep neural network (DNN) model after setting network traffic flowing into a server farm as an input of the model. The present invention provides an effective intrusion detection system by utilizing deep neural networks in the form of complicated messages of the Web service protocol (hypertext transfer protocol (HTTP)), which is most general and representative for a company, among various application-layered services. In particular, the present invention provides a web application threat detection method, a system and a computer program implementing the same that are configured to determine security threats bypassing and intruding the detection scheme of the signature-based security system.
    Type: Grant
    Filed: November 12, 2019
    Date of Patent: September 15, 2020
    Inventors: Sung Bum Park, Hyun Chul Chang
  • Patent number: 10768863
    Abstract: Techniques related to preventing unauthorized access to a computing device are disclosed. The techniques include a machine-readable medium, on which are stored instructions, comprising instructions that when executed cause a device to identify a host hardware configuration, obtain a policy based on the host hardware configuration, monitor two or more memory transactions based on the policy, identify, based on the memory transactions, a memory transaction pattern, wherein the memory transaction pattern is associated with an attempt to obtain unauthorized access to the device, and take one or more actions to interfere with attempts to obtain unauthorized access to the device based on the policy.
    Type: Grant
    Filed: March 31, 2017
    Date of Patent: September 8, 2020
    Assignee: Intel Corporation
    Inventors: Rajesh Poornachandran, Vincent J. Zimmer, Ned M. Smith, Nadhiya Chandramohan
  • Patent number: 10771478
    Abstract: Methods and apparatus for real-time security monitoring on a computing device are presented. A system may define privileges to access hardware interfaces for each process of a plurality of processes executing on a computing device. The privileges may be defined in a privileged operating system level that controls root access to an operating system. In response to a determination that a process is attempting to access a hardware interface, the system may determine whether the process is privileged to access the hardware interface by checking the privileges. In response to determining that the process is not privileged to access the hardware interface, the intrusion detection agent may terminate the process.
    Type: Grant
    Filed: February 18, 2016
    Date of Patent: September 8, 2020
    Assignee: Comcast Cable Communications, LLC
    Inventors: James Fahrny, Kyong Park
  • Patent number: 10771468
    Abstract: Approaches provide for mandatory access controls and account identification masking controls in an electronic environment. For example, a customer can configure a client device to access an API gateway which acts as a proxy for a resource in a resource provider environment. Requests for resources or services can be redirected to the API gateway. A registered function may be triggered when the request is received and may filter the request. After filtering, the request can be forwarded on to the actual API endpoint to access the requested resource. From the client's perspective, the resource is being accessed directly, and from the resource's perspective, it is being accessed by the proxy. This layer of indirection enables data to be protected preemptively, rather than waiting for an undesirable condition to exist and then reactively attending to the issue.
    Type: Grant
    Filed: December 19, 2016
    Date of Patent: September 8, 2020
    Inventors: David Walker, Bertram Dorn
  • Patent number: 10771476
    Abstract: In one embodiment, an elimination point device in a network obtains a master secret from a network controller. The elimination point device assesses, using the master secret, whether an incoming packet received by the elimination point device from a redundant path between the elimination point device and a replication point device in the network includes a valid message integrity check (MIC). The elimination point device determines whether the incoming packet was injected maliciously into the redundant path, based on the assessment of the incoming packet. The elimination point device initiates performance of a mitigation action in the network, when the elimination point device determines that the incoming packet was injected maliciously into the redundant path.
    Type: Grant
    Filed: March 14, 2018
    Date of Patent: September 8, 2020
    Assignee: Cisco Technology, Inc.
    Inventors: Pascal Thubert, Patrick Wetterwald, Eric Levy-Abegnoli, Jean-Philippe Vasseur