Patents Examined by Khang Do
  • Patent number: 11601451
    Abstract: A method including analyzing affected data known to include harmful content to identify harmful traits that are included in the affected data with a frequency that satisfies a threshold frequency; analyzing clean data known to be free of harmful content to identify clean traits that are included in the clean data with a frequency that satisfies the threshold frequency; determining harmful patterns indicating characteristics of the harmful traits included in affected data based at least in part on comparing the affected data with the harmful traits and the clean traits; determining clean patterns indicating characteristics of the clean traits included in clean data based at least in part on comparing the clean data with the harmful traits and the clean traits; and determining whether given data includes the harmful content based at least in part on utilizing the harmful patterns and the clean patterns. Various other aspects are contemplated.
    Type: Grant
    Filed: May 15, 2022
    Date of Patent: March 7, 2023
    Assignee: UAB 360 IT
    Inventors: Aleksandr {hacek over (S)}ev{hacek over (c)}enko, Mantas Briliauskas
  • Patent number: 11575688
    Abstract: A method, apparatus and system for malware characterization includes receiving data identifying a presence of at least one anomaly of a respective portion of a processing function captured by at least one of each of at least two different sensor payloads and one sensor payload at two different times, determining a correlation between the at least two anomalies identified by the data captured by the at least one sensor payloads, and determining a presence of malware in the processing function based on the determined correlation. The method, apparatus and system can further include predicting an occurrence of at least one anomaly in the network based on at least one of current sensor payload data or previously observed and stored sensor payload data, recommending and/or initiating a remediation action and reporting a result of the malware characterization to a user.
    Type: Grant
    Filed: May 2, 2019
    Date of Patent: February 7, 2023
    Assignee: SRI International
    Inventors: Sek Chai, Michael E. Locasto, Scott Oberg, Nicholas Vitovitch
  • Patent number: 11563767
    Abstract: The systems and methods disclose an automated effective template generation and recommendation for selection. A semantic similarity of a plurality of messages may be identified that at least meets a similarity threshold, each of the plurality of messages reported by a plurality of users as a potentially malicious message. The plurality of messages may be indexed under a common template identifier. One or more messages of the plurality of messages indexed under the common template identifier may be determined to have a report-to-reach ratio less than a report-to-reach threshold. Responsive to the determination, the one or more messages may be identified to be used for generating one or more simulated phishing templates. A recommendation of the one or more templates may be provided to a system administrator and/or a security awareness and simulation training platform to create and deliver simulated phishing messages using the templates.
    Type: Grant
    Filed: August 30, 2022
    Date of Patent: January 24, 2023
    Assignee: KnowBe4, Inc.
    Inventor: Jasmine Rodriguez
  • Patent number: 11558401
    Abstract: A computerized method for analyzing an object is disclosed. The computerized method includes performing, by a first cybersecurity system, a first malware analysis of the object, wherein a first context information is generated by the first cybersecurity system based on the first malware analysis. The first context information includes at least origination information of the object. Additionally, a second cybersecurity system, obtains the object and the first context information and performs a second malware analysis of the object to determine a verdict indicating maliciousness of the object. The second malware analysis is based at least in part on the first context information. The second cybersecurity system generates and issues a report based on the second malware analysis, the report including the verdict.
    Type: Grant
    Filed: March 14, 2019
    Date of Patent: January 17, 2023
    Assignee: FireEye Security Holdings US LLC
    Inventors: Sai Vashisht, Sumer Deshpande, Sushant Paithane, Rajeev Menon
  • Patent number: 11558408
    Abstract: Methods, apparatus, and processor-readable storage media for evaluating cyber attacker behavior using machine learning to identify anomalies are provided herein. An example method includes obtaining, based on events associated with changes in one or more of a registry and a computer process, baseline models comprising a user context representing normal behavior for a first subset of features associated with the events with respect to a given user, an inverse context that represents normal behavior for at least one feature with respect to a particular value of one or more features in the first subset, and a global context representing a behavior of the features across the plurality of users; detecting a new event attributable to the given user; calculating a score for the new event using one or more of the baseline models; and determining that the new event is an anomaly in response to the score satisfying a threshold.
    Type: Grant
    Filed: May 3, 2019
    Date of Patent: January 17, 2023
    Assignee: EMC IP Holding Company LLC
    Inventors: Guy Eisenkot, Martin Rosa, Lior Govrin, Yaron De Levie, Maria Oks, Miri Weissler, Barak Schoster, Shay Menaia, Yuval Shachak, Ana Paskal
  • Patent number: 11552982
    Abstract: Systems and methods are described for verifying whether simulated phishing communications are allowed to pass by a security system of an email system to email account of users. One or more email accounts of the email system with the security system may be identified to use for a delivery verification campaign. Further, one or more types of simulated phishing communications may be selected from a plurality of types of simulated phishing communications. The delivery verification campaign may be configured to include the selection of the one or more types of simulated phishing communications from the plurality of types of simulated phishing communications. The selected one or more types of simulated phishing communications of the delivery verification campaign may be communicated to the one or more email accounts. Further, whether or not each of the one or more types of simulated phishing communications was allowed by the security system to be received unchanged at the one or more email accounts.
    Type: Grant
    Filed: August 24, 2020
    Date of Patent: January 10, 2023
    Assignee: KnowBe4, Inc.
    Inventors: Mark William Patton, Daniel Cormier, Greg Kras
  • Patent number: 11552984
    Abstract: Systems and methods are described for improving assessment of security risk based on a user's personal information. Registration of personal information of a user of an organization is received at a security awareness system. Post receiving the registration of the personal information, at least one of an exposure check or a security audit of the personal information of the user is performed by the security awareness system. A personal risk score of the user is then generated or adjusted based at least on a result of one of the exposure check or the security audit.
    Type: Grant
    Filed: December 9, 2021
    Date of Patent: January 10, 2023
    Assignee: KnowBe4, Inc.
    Inventor: Greg Kras
  • Patent number: 11546336
    Abstract: Access control lookups may be implemented that support user-configurable and host-configurable processing stages. A request may be received and evaluated to determine whether bypass of user-configured access request processing stages should be bypassed. A lookup may be determined for user-configured access controlled decisions, and the access control decisions can be applied, if not bypassed. A lookup may be determined for a host-configured access control decisions and the access control decisions applied.
    Type: Grant
    Filed: October 22, 2019
    Date of Patent: January 3, 2023
    Assignee: Amazon Technologies, Inc.
    Inventors: Thomas A Volpe, Mark Banse
  • Patent number: 11537690
    Abstract: Apparatus, systems, methods, and articles of manufacture related to end-point media watermarking are disclosed. An example device includes a media receiver to receive a media signal, a watermark generator to generate a watermark, a trigger to activate the watermark generator to generate the watermark based on an external input, an encoder to encode the media signal with the watermark to synthesize an encoded media signal, a media output to render the encoded media signal.
    Type: Grant
    Filed: May 7, 2019
    Date of Patent: December 27, 2022
    Assignee: The Nielsen Company (US), LLC
    Inventors: Arun Ramaswamy, Timothy Scott Cooper, Jeremey M. Davis, Alexander Topchy
  • Patent number: 11528297
    Abstract: A system and a method are disclosed for detecting a malicious website. In an embodiment, a mobile device detects a URL referencing an unknown website. Responsive to detecting the URL, the mobile device retrieves a representative image of the unknown website. The mobile device determines whether the representative image matches an image of a known legitimate website. Responsive to determining that the representative image matches the image of the known legitimate website, the mobile device determines if the unknown website is malicious. The mobile device performs a security action responsive to determining that the website is malicious.
    Type: Grant
    Filed: December 13, 2019
    Date of Patent: December 13, 2022
    Assignee: Zimperium, Inc.
    Inventors: Nicolás Chiaraviglio, Ryan Chazen, Elad Golan, Izhak Kedar, Massimo Dragano, Asaf Peleg
  • Patent number: 11509689
    Abstract: A system and method for accelerating a cybersecurity event detection and remediation includes extracting corpora of feature data from a suspicious electronic communication, wherein the corpora of feature data comprise at least one corpus of text data extracted from a body of the suspicious electronic communication; computing at least one text embedding value for the suspicious electronic communication; evaluating the text embedding values of the corpus of text data against an n-dimensional mapping of adverse electronic communication vectors, the n-dimensional mapping comprising a plurality of historical electronic communication vectors derived for a plurality of historical electronic communications; identifying whether the suspicious electronic communication comprises one of an adverse electronic communication based on the evaluation of the text embedding value, and accelerating a cybersecurity event detection by routing data associated with the suspicious electronic communication to one of a plurality of dis
    Type: Grant
    Filed: March 16, 2022
    Date of Patent: November 22, 2022
    Assignee: Expel, Inc.
    Inventors: Elisabeth Weber, Peter Silberman, Shamus Field
  • Patent number: 11500992
    Abstract: The present specification discloses a trusted execution environment (TEE)-based model training method and apparatus. In one or more embodiments, the method includes: obtaining encrypted target samples from an encrypted training sample set in a first execution environment, inputting the encrypted target samples into a second execution environment that is a trusted execution environment (TEE) different from the first execution environment, decrypting the encrypted target samples in the TEE to obtain decrypted target samples, inputting the decrypted target samples into a feature extraction model in the TEE to determine sample features, determining the sample features output from the TEE as target sample features for a current iteration of a training process for a target model, and performing, based on the target sample features, the current iteration on the target model in the first execution environment.
    Type: Grant
    Filed: June 28, 2021
    Date of Patent: November 15, 2022
    Assignee: Alipay (Hangzhou) Information Technology Co., Ltd.
    Inventors: Yongchao Liu, Bei Jia, Yue Jin, Chengping Yang
  • Patent number: 11487900
    Abstract: Within one or more instances of a computing environment where an instance is a self-contained architecture to provide at least one database with corresponding search and file system. User information from the one or more instances of the computing environment is organized as zones. A zone is based on one or more characteristics of corresponding user information that are different than the instance to which the user information belongs. User information is selectively obfuscated prior to transmitting blocks of data including the obfuscated user information. The selective obfuscation is based on zone information for one or more zones to which the user information belongs.
    Type: Grant
    Filed: August 2, 2019
    Date of Patent: November 1, 2022
    Assignee:, inc.
    Inventors: Olumayokun Obembe, Gregory Lapouchnian, Vijayanth Devadhar, Jason Woods, Karthikeyan Govindarajan, Ashwini Bijwe, Prasad Peddada
  • Patent number: 11483351
    Abstract: The present disclosure relates to securing workloads of a network by identifying compromised elements in communication with the network and preventing their access to network resources. In one aspect, a method includes monitoring network traffic at network elements of a network; detecting a compromised element in communication with one or more of the network elements, the compromised element being associated with at least one network threat; and based on a defined network policy, applying one of a number of different access prevention schemes to the compromised element to prevent access to the network by the compromised element.
    Type: Grant
    Filed: August 26, 2020
    Date of Patent: October 25, 2022
    Inventors: Supreeth Hosur Nagesh Rao, Navindra Yadav, Tapan Shrikrishna Patwardhan, Umamaheswaran Arumugam, Darshan Shrinath Purandare, Aiyesha Ma, Hongyang Zhang, Kai Zhu
  • Patent number: 11477226
    Abstract: A system, a method, and a computer program for identifying and prioritizing a risky computing resource for security evaluation and remediation in a computer network that has a plurality of computing resources, comprising analyzing network-internal domain information to identify the risky computing resource in the computer network, generating a keyword for a cyberattack risk, analyzing open source intelligence domain information using the keyword, analyzing network-external domain information to identify additional risk attributes for the cyberattack risk, determining a ranking weight for the cyberattack risk, prioritizing the risky computing resource with respect to one or more computing resources based on the ranking weight, targeting the risky computing resource for penetration testing in accordance with the prioritization, and evaluating a threat risk of the risky computing resource to the computer network.
    Type: Grant
    Filed: April 24, 2019
    Date of Patent: October 18, 2022
    Assignee: Saudi Arabian Oil Company
    Inventor: Nawwaf S Alabdulhadi
  • Patent number: 11477182
    Abstract: A key management protocol (such as KMIP) is extended to provide an extended credential type that enables an initiating (first) client device to create a credential dynamically and that can then be selectively shared with and used by other (second) client devices. Using a dynamically-created credential of this type, the other (second) devices are able to fetch the same key configured by the initiating (first) device. In this manner, multiple devices are able to create and share one or more keys among themselves dynamically, and on as-needed basis without requiring a human administrator to create a credential for a device group in advance of its usage.
    Type: Grant
    Filed: May 7, 2019
    Date of Patent: October 18, 2022
    Assignee: International Business Machines Corporation
    Inventors: Rinkesh I. Bansal, Mohit Niranjan Agrawal, Prashant V. Mestri
  • Patent number: 11470113
    Abstract: There is provided a method to eliminate data-theft through a phishing website by creating a layer of control between the user and the website to be visited that prevents submission of sensitive data to malicious servers. When there is a form submit event in a webpage, the data that is input (by the user or automatically) is modified by a data deception layer in a random manner that disguises the authentic content, while preserving the format of the data. Visual cues are provided to indicate that the data deception is enabled and that fake/generated data is being submitted instead of real data. The generated fake data is sent to unknown (potentially malicious) server while the users' actual private data is preserved (never submitted), with the results of the server response visible to the user.
    Type: Grant
    Filed: February 15, 2019
    Date of Patent: October 11, 2022
    Inventor: Fatih Orhan
  • Patent number: 11470072
    Abstract: A browser application has at least two web browser objects for browsing Private PAIR while hiding multi-page navigation from a user. The browser application is configured to automatically download XML data from Private PAIR, and generate one or more reports therefrom, including a Daily Updates report, a Cross Checker report, and a Docket Listing report. The browser application is preferably configured to selectively provide limited access to Private PAIR by restricting user navigation to programmatic navigation.
    Type: Grant
    Filed: April 27, 2020
    Date of Patent: October 11, 2022
    Assignee: NIMVIA, LLC
    Inventors: Chad Dustin Tillman, Jeremy Cooper Doerre
  • Patent number: 11470114
    Abstract: A method for using a malware and phishing detection and mediation platform is discussed. The method includes accessing data from one or more of a monitored portion of website data and a monitored portion of emails, the data indicating a respective potential malware or a suspect phishing element (e.g., Uniform Resource Locator (URL)). The method includes selecting one of a plurality of detection engines for processing the data, where the selecting is based on previous results of previous processing by one or more detection engines. Each of the plurality of detection engines can be for performing one or more respective investigation actions on the plurality of data to determine a particular issue with one of the monitored data. The method also includes determining a mediation action based on a result of processing of the detection engine and the previous processing.
    Type: Grant
    Filed: December 27, 2019
    Date of Patent: October 11, 2022
    Assignee: PAYPAL, INC.
    Inventors: Nathan Pratt, Bradley Wardman, Kevin Tyers, Eric Nunes, Meethil Vijay Yadav, Todd Clausen, Nicholas Bailey
  • Patent number: 11443048
    Abstract: A system and method for generating content for an encrypted package is provided. A package may be received that includes one or more anti-tamper hash portions and encrypted data, where the encrypted data includes one or more procedural content generation instructions. A portion of the encrypted data including the one or more procedural content generation instructions may be decrypted and a data based on the execution of the one or more procedural content generation instructions and a corpus of data may be generated. The generated data may be encrypted and anti-tamper hashes may be generated based on the encrypted generated data. The generated anti-tamper hashes may be compared to the one or more anti-tamper hashes in the anti-tamper hash portion of the received package.
    Type: Grant
    Filed: May 6, 2019
    Date of Patent: September 13, 2022
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Simon Lee Cooke, Xin Huang