Patents Examined by Khoi V Le
  • Patent number: 11122065
    Abstract: Feature vectors are abstracted from data describing application processes. The feature vectors are grouped to define non-anomalous clusters of feature vectors corresponding to normal application behavior. Subsequent feature vectors are considered anomalous if they do not fall within one of the non-anomalous clusters; alerts are issued for anomalous feature vectors. In addition, the subsequent feature vectors may be used to regroup feature vectors to adapt to changes in what constitutes normal application behavior.
    Type: Grant
    Filed: August 14, 2018
    Date of Patent: September 14, 2021
    Assignee: VMware, Inc.
    Inventors: Bin Zan, Dexiang Wang, Zhen Mo, Vijay Ganti
  • Patent number: 11108751
    Abstract: A first host receives a packet from a first compute node for a second compute node of a second host. The payload is larger than a maximum transmission unit size. The first packet is encapsulated with an outer header. The first host analyzes a length of at least a portion of the outer header in determining a size of an encrypted segment of the payload. Then, the first host forms a plurality of packets where each packet in the packets includes an encrypted segment of the payload, a respective encryption header, and a respective authentication value. The payload of the first packet is segmented to form a plurality of encrypted segments based on the size. The first host sends the packets to the second host and receives an indication that a packet was not received. A second packet including the encrypted segment is sent to the second compute node.
    Type: Grant
    Filed: October 27, 2017
    Date of Patent: August 31, 2021
    Assignee: NICIRA, INC.
    Inventors: Wenyi Jiang, Daniel G Wing, Bin Qian, Dexiang Wang
  • Patent number: 11095668
    Abstract: Aspects of the present disclosure relate to techniques for managing transactions, including receiving a first transaction request directed to an account of a first web application. Additionally, initiating, by a rate-limiting engine, a rate-limiting process in response to the first transaction request. The techniques further include obtaining a rate-limiting identifier, where the rate limiting identifier uniquely identifies the first web application, and where the rate-limiting identifier identifies an account owner. The techniques further include determining an alternate notification method exists for the account owner and sending a verification request to the account owner, where the verification request is sent using the alternate notification method. The techniques further include receiving a response to the verification request, performing a risk assessment, and adjusting a first security parameter in response to the risk assessment.
    Type: Grant
    Filed: April 3, 2019
    Date of Patent: August 17, 2021
    Assignee: International Business Machines Corporation
    Inventors: Leo Michael Farrell, Shane Bradley Weeden
  • Patent number: 11093587
    Abstract: Systems, methods, and apparatuses for installing a software product using timestamp validation and system identification validation are disclosed. An example method to lock a software product in a software wrapper includes determining a unique hard drive serial number of a user device to which the software product is to be installed and generating a hash number of the unique hard drive serial number. The example method also includes determining a campaign identifier of the software product from a secure variable within the software product and generating a date-time code based on a current date and time. The method further includes assembling the date-time code and the campaign identifier into an unlock code, encrypting the unlock code using the hash number as a passphrase key to create an encrypted unlock code, and applying the encrypted unlock code to an end of a filename of an installer using a command line parameter.
    Type: Grant
    Filed: September 30, 2019
    Date of Patent: August 17, 2021
    Inventors: Matthew Steven Murphy, Jacob W. Beckley
  • Patent number: 11095618
    Abstract: Systems and techniques for AI model and data camouflaging techniques for cloud edge are described herein. In an example, a neural network transformation system is adapted to receive, from a client, camouflaged input data, the camouflaged input data resulting from application of a first encoding transformation to raw input data. The neural network transformation system may be further adapted to use the camouflaged input data as input to a neural network model, the neural network model created using a training data set created by applying the first encoding transformation on training data. The neural network transformation system may be further adapted to receive a result from the neural network model and transmit output data to the client, the output data based on the result.
    Type: Grant
    Filed: March 30, 2018
    Date of Patent: August 17, 2021
    Assignee: Intel Corporation
    Inventors: Kshitij Arun Doshi, Francesc Cesc Guim Bernat, Suraj Prabhakaran
  • Patent number: 11095612
    Abstract: Techniques for providing flow meta data exchanges between network and security functions for a security service are disclosed. In some embodiments, a system/process/computer program product for providing flow meta data exchanges between network and security functions for a security service includes receiving a flow at a network gateway of a security service from a software-defined wide area network (SD-WAN) device; inspecting the flow to determine meta information associated with the flow; and communicating the meta information associated with the flow to the SD-WAN device.
    Type: Grant
    Filed: October 30, 2020
    Date of Patent: August 17, 2021
    Assignee: Palo Alto Networks, Inc.
    Inventors: Anand Oswal, Arivu Mani Ramasamy, Bhaskar Bhupalam, Shu Lin
  • Patent number: 11089031
    Abstract: Methods for switchable matrix barcodes for secure website access is described herein. In one aspect, a method of accessing a secure webpage by a user device can include scanning a first switchable matrix barcode by the user device; identifying a first URL sequence unique to the first switchable matrix barcode based on a deconstruction of the first switchable matrix bar code; and accessing a webpage corresponding to the first URL sequence based at least on whether the accessing occurs within a predefined expiration period of the first URL sequence.
    Type: Grant
    Filed: September 29, 2020
    Date of Patent: August 10, 2021
    Inventors: William Kratzer, Joe Sharp, Sam Miller, Alec Okopal
  • Patent number: 11089027
    Abstract: Systems and methods for authenticating access to multiple data stores substantially in real-time are disclosed. The system may include a server coupled to a network, a client device in communication with the server via the network and a plurality of data stores. The server may authenticate access to the data stores and forward information from those stores to the client device. An exemplary authentication method may include receipt of a request for access to data. Information concerning access to that data is stored and associated with an identifier assigned to a client device. If the identifier is found to correspond to the stored information during a future request for access to the store, access to that store is granted.
    Type: Grant
    Filed: April 9, 2021
    Date of Patent: August 10, 2021
    Assignee: Seven Networks, LLC
    Inventors: Jay Sutaria, Brian Daniel Gustafson, Robert Paul van Gent, Ruth Lin, David Merriwether, Parvinder Sawhney
  • Patent number: 11070375
    Abstract: An apparatus comprises an encryption key generator to generate a media encryption key to encrypt data in number of memory components, where the encryption key generator is configured to wrap the media encryption key to generate an encrypted media encryption key, The encrypted media encryption key is stored in a non-volatile memory. The apparatus comprises firmware having instructions to transition the apparatus to and from a secure state using the encrypted media encryption key.
    Type: Grant
    Filed: August 14, 2018
    Date of Patent: July 20, 2021
    Assignee: Micron Technology, Inc.
    Inventors: Nathan A. Eckel, Steven D. Check
  • Patent number: 11070560
    Abstract: The disclosed computer-implemented method for managing user entitlements of objects from heterogeneous content sources may include (i) obtaining a user identifier from a user profile associated with a user, (ii) determining an entitlement for the user in an access control list (ACL) for an object of a content source, (iii) determining another entitlement for the user in another ACL for another object of another content source, wherein the content source and the other content source are associated with different systems, (iv) generating an effective entitlement of the user by associating the user identifier, the entitlement for the user in the ACL for the object, and the other entitlement for the user in the other ACL for the other object, and (v) storing the effective entitlement of the user. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: April 3, 2019
    Date of Patent: July 20, 2021
    Assignee: Veritas Technologies LLC
    Inventors: Shailesh Dargude, Satish Grandhi, Srinivas Kavuri
  • Patent number: 11063762
    Abstract: A computing system for inter-application communication between a client emitter application and a client consumer application executing on a mobile computing device is disclosed herein. The client emitter application receives an indication of a programmatic task to be performed by the client consumer application. The client emitter application transmits data to a server emitter application executing on a first server computing device causing a session token to be generated, the session token indicating that a server consumer application executing on a second server computing device has authenticated the client emitter application. The server emitter application forwards the session token to the client emitter application. The client emitter application includes the session token in a call indicative of the programmatic task to the client consumer application.
    Type: Grant
    Filed: February 22, 2018
    Date of Patent: July 13, 2021
    Assignee: Allscripts Software, LLC
    Inventors: Stanislav Makarskyy, Igor Chmil, Mark Plunkett, Ethan O'Brien, Sayeebalaji Chandrasekaran
  • Patent number: 11055388
    Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for authenticating a user based on passive affective and knowledge-based authentication (AKBA). In one aspect, a method includes data associated with eye movements and ocular dynamics of the user are captured with a camera as the user looks at a graphical user interface (GUI) of a device; an AKBA signature of the user is determined based on the captured data; the user is authenticated based on a comparison of the AKBA signature with an AKBA template associated with the user; and an access to a subset of functions of an application is granted.
    Type: Grant
    Filed: October 8, 2018
    Date of Patent: July 6, 2021
    Assignee: Advanced New Technologies Co., Ltd.
    Inventors: Reza R. Derakhshani, Sashi Kanth Saripalle
  • Patent number: 11055615
    Abstract: An analyzer for monitoring a configuration of a wired network medium that is used for communication between multiple devices. The configuration change includes an additional device tapping to the medium for eavesdropping, or the substituting one of the devices. The analyzer is connected to the medium for receiving, storing, and analyzing waveforms of the physical-layer signals propagated over the medium. The analysis includes comparing the received signals to reference signals, and notifying upon detecting a difference according to pre-set criteria. The analysis may be time or frequency-domain based, and may use a feed-forward Artificial Neural Network (ANN). The wired network may be an automotive or in-vehicle network, PAN, LAN, MAN, or WAN, may use balanced or unbalanced signaling, and may be configured as point-to-point or multi-point topology. The analyzer may be connected at an end of the medium, and may be integrated with one of the devices.
    Type: Grant
    Filed: November 18, 2017
    Date of Patent: July 6, 2021
    Inventors: Gil Litichever, Ziv Levi
  • Patent number: 11057413
    Abstract: An authentication method for use in a device and comprises monitoring a program behavior stream comprising a plurality of program observables that comprises a program observable. The method records the program observable and matches the recorded first program observable to a program model selected from a plurality of program models stored within a program store. A user model is selected from a plurality of user models stored within a user store corresponding to the program model. A user behavior stream corresponding to the program observable is monitored and a user observable contained in the user behavior stream is recorded. The user observable is correlated to the user model and an authentication state associated with the device is determined based on the correlating.
    Type: Grant
    Filed: December 27, 2019
    Date of Patent: July 6, 2021
    Assignee: Zighra Inc
    Inventors: Deepak Chandra Dutt, Anil Buntwal Somayaji, Michael John Kendal Bingham
  • Patent number: 11050552
    Abstract: Hashing data using an image by performing a bit by bit concatenation of input text and hash key. The result is concatenated bit by bit with the salt. A two bit by two bit multiplication between the result and the reverse of the result is performed to get a next output. The bits of this output are used as coordinates to extract pixel and RGB values from an image. The extracted values are merged to form a string. The string is truncated to a desired length, and then split into two equal strings. A bit by bit concatenation is performed on the split strings to get a hash output.
    Type: Grant
    Filed: September 29, 2017
    Date of Patent: June 29, 2021
    Inventor: Stephenson Daniel Kanagaraj
  • Patent number: 11042876
    Abstract: A method includes: receiving, by a service logic execution module of a designated member node, a transaction request comprising a paying user identifier of a paying user, a designated resource amount, and a receiving user identifier of a receiving user, the paying user paying the designated resource amount, and the receiving user receiving the designated resource amount, wherein the designated member node is one of a plurality of member nodes of a blockchain network; prior to the blockchain network performing consensus verification on the transaction request, performing, by the service logic execution module, transaction feasibility verification off the blockchain network according to the transaction request; sending, by the service logic execution module, an account balance modification instruction to a database management module of the designated member node in response to the transaction feasibility verification being successful.
    Type: Grant
    Filed: October 30, 2020
    Date of Patent: June 22, 2021
    Inventor: Xinying Yang
  • Patent number: 11044100
    Abstract: Authentication of electronic document is based on multiple digital signatures incorporated into a blockchain. Structured data, metadata, and instructions may be hashed to generate the multiple digital signatures for distribution via the blockchain. Any peer receiving the blockchain may then verify an authenticity of an electronic document based on any one or more of the multiple digital signatures incorporated into the blockchain.
    Type: Grant
    Filed: August 23, 2019
    Date of Patent: June 22, 2021
    Assignee: Factom, Inc.
    Inventors: Brian Deery, Paul Snow, Mahesh Paolini-Subramanya
  • Patent number: 11032058
    Abstract: Systems and method are provided for using chaotic signals for low probability of detection (LPD) communications. Embodiments of the present disclosure provide systems and methods for synchronizing chaotic systems and then encoding information on a signal in a way that produces little or no signature (e.g., using a bit flipping technique or a chaos control encoding technique). Systems and methods in accordance with embodiments of the present disclosure can work with noise larger than the signal, so they are suitable for communication in noisy environments.
    Type: Grant
    Filed: October 17, 2017
    Date of Patent: June 8, 2021
    Assignee: The Government of the United States of America, as represented by the Secretary of the Navy
    Inventor: Thomas L. Carroll
  • Patent number: 11032084
    Abstract: A method for signing data such as software images is provided that uses modules executable by a generic client to sign hashes of the software images rather than the images themselves. The method avoids both the requirement for new or updated client software and the uploading of full software images to the signing system. This approach uses a generic client that requests and downloads processing modules from the signing system to perform the pre-processing operations in signing software images, as well as optionally for post-processing operations.
    Type: Grant
    Filed: December 7, 2018
    Date of Patent: June 8, 2021
    Assignee: ARRIS Enterprises LLC
    Inventors: Tat Keung Chan, Ting Yao, Jason A. Pasion
  • Patent number: 11023583
    Abstract: A system for detecting malicious software, comprising at least one hardware processor adapted to: execute a tested software object in a plurality of computing environments each configured according to a different hardware and software configuration; monitor a plurality of computer actions performed in each of the plurality of computing environments when executing the tested software object; identify at least one difference between the plurality of computer actions performed in a first of the plurality of computing environments and the plurality of computer actions performed in a second of the plurality of computing environments; and instruct a presentation of an indication of the identified at least one difference on a hardware presentation unit.
    Type: Grant
    Filed: December 12, 2018
    Date of Patent: June 1, 2021
    Assignee: NEC Corporation Of America
    Inventors: Tsvi Lev, Yaacov Hoch