Patents Examined by Khalil Naghdali
  • Patent number: 10666668
    Abstract: A security platform employs a variety techniques and mechanisms to detect security related anomalies and threats in a computer network environment. The security platform is “big data” driven and employs machine learning to perform security analytics. The security platform performs user/entity behavioral analytics (UEBA) to detect the security related anomalies and threats, regardless of whether such anomalies/threats were previously known. The security platform can include both real-time and batch paths/modes for detecting anomalies and threats. By visually presenting analytical results scored with risk ratings and supporting evidence, the security platform enables network security administrators to respond to a detected anomaly or threat, and to take action promptly.
    Type: Grant
    Filed: January 28, 2019
    Date of Patent: May 26, 2020
    Assignee: Splunk Inc.
    Inventors: Sudhakar Muddu, Christos Tryfonas
  • Patent number: 10664591
    Abstract: The disclosed technology is generally directed to secure transactions. In one example of the technology, an enclave pool is formed. The enclave pool may include a plurality of enclaves that are secure execution environments. In some examples, forming the enclave pool includes registering the enclaves of the enclave pool. A request to allocate an enclave from the enclave pool may be received. An enclave may be fetched from the enclave pool responsive to the request to assign the enclave. Cryptlet code is executed in the fetched enclave such that a payload is generated in the enclave. The payload can be digitally signed and/or encrypted by the cryptlet, and can also be digitally signed by the enclave. The fetched enclave may be deallocated.
    Type: Grant
    Filed: May 11, 2017
    Date of Patent: May 26, 2020
    Assignee: Microsoft Technology Licensing, LLC
    Inventor: John Marley Gray
  • Patent number: 10659493
    Abstract: A method of detecting malicious electronic messages transmitted from at least one message sending device to at least one message receiving device includes: generating at least one signature for an electronic message; storing the generated signature in a data storage unit; determining whether the electronic message is malicious; if the electronic message is determined to be malicious, determining on the basis of the generated signature, whether electronic messages comparable to the determined malicious message were classified as non-malicious and transmitted to the message receiving device in the past; and if it is determined that electronic messages comparable to the determined malicious message were classified as non-malicious and transmitted to the message receiving device in the past, notifying the message receiving device about a potential threat. Also disclosed are a messaging server and a messaging system implementing the above described method.
    Type: Grant
    Filed: December 23, 2016
    Date of Patent: May 19, 2020
    Assignee: retarus GmbH
    Inventors: Martin Hager, Michael Grauvogl
  • Patent number: 10652221
    Abstract: Systems and methods of matching identifiers between multiple datasets are described herein. A system can transmit a first identifier vector to a third party server. The first identifier vector can include a first identifier, first parameters, and second parameters. The system can receive, from the third party server, the first identifier vector encrypted based on a third-party encryption. The system can receive, from the third party server, a second identifier vector encrypted based on the third-party encryption associated with the third party server. The second identifier vector can include a second identifier, third parameters, and fourth parameters. The system can determine a correlation count between the first identifier vector and the second identifier vector. The system can determine that the first identifier corresponds to the second identifier based on the correlation count. The system can generate one identifier key for both the first identifier and the second identifier.
    Type: Grant
    Filed: December 11, 2018
    Date of Patent: May 12, 2020
    Assignee: Google LLC
    Inventors: Mahyar Salek, Philip McDonnell, Vinod Kumar Ramachandran, Shobhit Saxena, David Owen Shanahan
  • Patent number: 10614222
    Abstract: Systems, devices, and methods of an automatic attack testing framework for the security testing of an operational service are disclosed. In an example, such systems, devices, and methods may include operations that: deploy command instructions and a payload for a bot process to a computing device located within a target infrastructure, with the command instructions being selected based on criteria to test a security feature in the target infrastructure with an automated attack action in the bot process, and with the bot process being executed on the computing device and being started with use of the command instructions and the payload; communicate with the computing device to control the automated attack action within the target infrastructure, such that the automated attack action is performed within the bot process; and obtain results of the automated attack action performed within the bot process from the computing device.
    Type: Grant
    Filed: February 21, 2017
    Date of Patent: April 7, 2020
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Benjamin J. Godard, Art Sadovsky, Travis W. Rhodes, David A. Marshall, Richard A. Lundeen
  • Patent number: 10609050
    Abstract: According to some embodiments, a method for training a malware detector comprising a deep learning algorithm is described, which comprises converting a set of malware files and non malware files into vectors by using a feature based dictionary, and/or by using a conversion into an image, and providing prospects that the files constitute malware. Various features and combinations of features are described to build a feature based dictionary and adapt its size. According to some embodiments, a method for detecting a malware by using a malware detector comprising a deep learning algorithm is described, which comprises converting a file into a vector by using a feature based dictionary, and/or by using a conversion into an image, and providing prospects that the file constitutes malware. Methods for providing a plurality of prospects and aggregating these prospects are provided. Additional methods and systems in the field of malware detection are also described.
    Type: Grant
    Filed: December 14, 2018
    Date of Patent: March 31, 2020
    Assignee: DEEP INSTINCT LTD.
    Inventors: Guy Caspi, Yoel Neeman, Doron Cohen, Nadav Maman, Eli David, Ishai Rosenberg
  • Patent number: 10609016
    Abstract: A wireless communication system includes an external provider subsystem and an electronic network subsystem in operable communication with the external provider subsystem. The electronic network subsystem is configured to provide a first microservice and a second microservice different from the first microservice. The wireless communication system further includes an in-home subsystem (i) separate from the external provider subsystem, (ii) in operable communication with the electronic network subsystem, and (iii) including a first micronet and a second micronet different from the first micronet. The first micronet is configured to operably interact with the first microservice, and the second micronet is configured to operably interact with the second microservice. The wireless communication system further includes at least one electronic device configured to operably connect with one of the first micronet and the second micronet.
    Type: Grant
    Filed: August 31, 2018
    Date of Patent: March 31, 2020
    Assignee: Cable Television Laboratories, Inc
    Inventors: Steven J. Goeringer, Brian Alexander Scriber, Michael Glenn
  • Patent number: 10609430
    Abstract: A method and a device for processing a multimedia file are provided. In some embodiments, for a multimedia file to be processed, payload data in the multimedia file is acquired, and the payload data includes multi-frame data forming the multimedia file. Some pieces of frame data are selected from the payload data as frame data to be encrypted, and the frame data to be encrypted is encrypted. New payload data is formed by the encrypted frame data and unencrypted frame data, and the new payload data is encoded to obtain an encoded multimedia file. Therefore, the protection of the copyrights of the multimedia file is achieved.
    Type: Grant
    Filed: August 8, 2017
    Date of Patent: March 31, 2020
    Assignee: Tencent Technology (Shenzhen) Company Limited
    Inventor: Liwei Zhang
  • Patent number: 10608991
    Abstract: System, methods, and apparatuses enable a network security system to more efficiently perform pattern matching against data items. For example, the disclosed approaches may be used to improve the way in which a deep packet inspection (DPI) microservice performs pattern matching against data items (e.g., network traffic, files, email messages, etc.) in order to detect various types of network security threats (e.g., network intrusion attempts, viruses, spam, and other potential network security issues). A DPI microservice generally refers to an executable component of a network security system that monitors and performs actions relative to input data items for purposes related to computer network security.
    Type: Grant
    Filed: February 14, 2019
    Date of Patent: March 31, 2020
    Assignee: ShieldX Networks, Inc.
    Inventors: Ratinder Paul Singh Ahuja, Manuel Nedbal, Sumanth Gangashanaiah
  • Patent number: 10608816
    Abstract: A network-based biometric authentication system includes a client computer (10), a third party server (24), and a biometric authentication server (26). A user requests access to a web site hosted by the third party server via the client computer, wherein the third party server communicates a deployable object to the client computer. The client computer executes the deployable object, wherein the object enables the client computer to receive a user name, password, and biometric data from the user and to communicate the user name, password, and biometric data to the biometric authentication server in a secure fashion. The biometric authentication server authenticates the user name, password, and biometric data, and communicates the user name and password to the third party server, which attempts to verify the user name and password in a conventional manner and grants access to the user if the user name and password are verified.
    Type: Grant
    Filed: July 16, 2012
    Date of Patent: March 31, 2020
    Assignee: Ceelox Patents, LLC
    Inventors: Erix Pizano, Kass Aiken
  • Patent number: 10608828
    Abstract: Providing revocation status of at least one associated credential includes providing a primary credential that is at least initially independent of the associated credential, binding the at least one associated credential to the primary credential, and deeming the at least one associated credential to be revoked if the primary credential is revoked. Providing revocation status of at least one associated credential may also include deeming the at least one associated credential to be not revoked if the primary credential is not revoked. Binding may be independent of the contents of the credentials and may be independent of whether any of the credentials authenticate any other ones of the credentials. The at least one associated credential may be provided on an integrated circuit card (ICC). The ICC may be part of a mobile phone or a smart card.
    Type: Grant
    Filed: November 13, 2017
    Date of Patent: March 31, 2020
    Assignee: ASSA ABLOY AB
    Inventors: Eric F. Le Saint, Robert F. Dulude
  • Patent number: 10601861
    Abstract: An exemplary computer-implemented method includes obtaining at least one teleportation invite block that records a virtual universe teleportation invite marked by at least one parameter. The teleportation invite identifies a virtual universe user as an invitee. Responsive to the parameter, assess whether the virtual universe teleportation invite is potentially malicious, and alert the invitee in case the virtual universe teleportation invite is potentially malicious.
    Type: Grant
    Filed: April 28, 2017
    Date of Patent: March 24, 2020
    Assignee: International Business Machines Corporation
    Inventors: James R. Kozloski, Clifford A. Pickover, Komminist Weldemariam
  • Patent number: 10599848
    Abstract: A system may be configured to receive via a user interface a user-initiated prompt to begin start-up of a computer system firmware via access to a firmware start-up utility. The system may also generate a request for user authentication, and detect a private key for user authentication. The system may also determine whether the private key corresponds to a public key previously registered with the computer system firmware, and initiate, when the private key corresponds to the public key, completion of the start-up of the computer system firmware and allowance of operation of the computer system firmware via access to the firmware start-up utility. When the private key does not correspond to the public key, the system may prevent at least one aspect of an operation associated with the start-up of the computer system firmware.
    Type: Grant
    Filed: May 9, 2017
    Date of Patent: March 24, 2020
    Assignee: American Megatrends International, LLC
    Inventors: Kai Yau, William Gysin, Eric Law
  • Patent number: 10599823
    Abstract: Systems and methods are disclosed for coordinating applications by detecting a touch input and a related touch input a device locations associated with the applications, one of which is a user authentication application. A parameter may be established with the user authentication application so that the other application runs with the at least one parameter.
    Type: Grant
    Filed: November 18, 2016
    Date of Patent: March 24, 2020
    Assignee: InvenSense, Inc.
    Inventor: Karthik Katingari
  • Patent number: 10599828
    Abstract: Systems, methods, and computer-readable media are disclosed for authenticating access to a service provider system, or more specifically, to a user account maintained on the service provider system, using a single key authentication mechanism. The service provider system may receive an authentication image from a user application executing on a user device. The authentication image may include first data generated in response to user input to the user device, second data generated by the user application, and third data generated by the service provider system. The service provider system may then authenticate access to the user account based at least in part on the authentication image and send an indication to the user device that access to the user account has been authenticated. Authenticating access to the user account includes determining that the first data, second data, and third data match respective data expected by the service provider system.
    Type: Grant
    Filed: November 30, 2016
    Date of Patent: March 24, 2020
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Mark E. Maresh, Colm Nolan, Juan F. Vargas, Michael J. Whitney
  • Patent number: 10594700
    Abstract: A system of controlling one or more building control devices. The system may incorporate receiving from a third party a request for access to a user account at a manufacturer of building control devices, where the user account may be associated with one or more of the user's building control devices from the manufacturer. The third party may be a demand response provider, an aggregator of building control devices, or a different entity. The building control devices may be connected to a network. The system may be implemented over one or more networks with a server, an application programming interface (API), and/or a service bus.
    Type: Grant
    Filed: February 17, 2016
    Date of Patent: March 17, 2020
    Assignee: Ademco Inc.
    Inventors: Sorabh Khurana, Ivo Kubita, Thomas Yang
  • Patent number: 10595203
    Abstract: A method of establishing a secure connection between a user equipment, UE, and a media gateway, MGw, at setup of a communication session between the UE and another party. The MGw is controlled by a control server and the setup of the communication session comprises a security handshake procedure. The method comprising, prior to receiving a communication session set-up request, determining by the control server whether the MGw supports a procedure for early commencement of the security handshake and providing by the UE to the control server an indication that the UE supports the procedure for early commencement of the security handshake procedure and connection parameters for use in the security handshake. On receiving, by the control server, a communication session setup request from the other party, if both the UE and the MGw support the procedure for early commencement of the security handshake procedure, an instruction is sent to the Media gateway to commence the security handshake procedure.
    Type: Grant
    Filed: January 21, 2015
    Date of Patent: March 17, 2020
    Assignee: Telefonaktiebolaget LM Ericsson (publ)
    Inventor: Huoming Dong
  • Patent number: 10594473
    Abstract: A database server stores encrypted vector data in which each of a plurality of elements is encrypted by encryption maintaining semi-homomorphism between calculation before encryption and calculation after encryption. The database server receives an obfuscated query (N-randomized query) from a terminal device, performs calculation for each of a plurality of segments of vectors of the obfuscated query with a segment of the encrypted vector data, and transmits the calculation to the terminal device in reply. The terminal device may acquire a result of decryption calculation transmitted in reply by a decryption device.
    Type: Grant
    Filed: August 4, 2017
    Date of Patent: March 17, 2020
    Assignee: KABUSHIKIKAISHA RNAi
    Inventors: Tomoyuki Yamada, Masahiro Hattori
  • Patent number: 10587629
    Abstract: This disclosure describes a bot detection system that distinguishes bot transactions from human transactions. The system utilizes an anomaly-based filter process to reduce the number of false positives as determined by the system. The filter process includes maintaining a database of anomaly patterns, wherein the patterns are encoded as anomaly pattern strings. As anomalies are detected, they are encoded in the anomaly pattern strings, and the database is updated by maintaining counts on the occurrences of the strings. When a particular pattern string as reflected in the database has a count that exceeds a threshold, the string is determined to be associated with a bot as opposed to a human user.
    Type: Grant
    Filed: November 6, 2017
    Date of Patent: March 10, 2020
    Assignee: Akamai Technologies, Inc.
    Inventors: Sreenath Kurupati, Sridhar Machiroutu, Prajakta Bhurke, Tu Vuong
  • Patent number: 10586031
    Abstract: The present invention relates to an electronic device. In particular, the present invention relates to an electronic device comprising a first and a second biometric sensor and processing circuitry arranged to authenticate the user of the electronic device. The present invention also relates to a corresponding method and computer program for authenticating the user of an electronic device.
    Type: Grant
    Filed: November 9, 2017
    Date of Patent: March 10, 2020
    Assignee: Fingerprint Cards AB
    Inventors: Markus Andersson, Olis Olofsson