Patents Examined by Madhuri Herzog
  • Patent number: 8966631
    Abstract: A malicious behavior detector (100) for detecting malicious behavior on a network, comprises a processor unit (120) and associated system memory (130) containing computer program code. The computer program code provides a signature matching module (132) to perform malicious partial signature detection by reading the contents of packets of data passing through the network to look for partial signatures associated with malicious programs; a Domain Name Service, DNS, request and/or response detection module (134) to monitor the requests made by hosts connected to the network and/or responses thereto; and an evidence assessment module (138) to analyze the results of the partial signature detection and the DNS monitoring make a determination of the suspected presence of malicious behavior on the network based upon the analysis of the results of both the partial signature detection and the DNS monitoring.
    Type: Grant
    Filed: February 23, 2010
    Date of Patent: February 24, 2015
    Assignee: British Telecommunications PLC
    Inventor: Fadi El-Moussa
  • Patent number: 8959612
    Abstract: A secure interconnection system between two public networks comprises at least one first router, a first firewall, a second router, a second firewall and a blade server, and a first virtual local area network containing the data streams exchanged between a first communications facility and a second communications facility, a second virtual local area network containing the management and maintenance streams of said system which are exchanged between a supervision center and the blade server and a third virtual local area network containing the authentication streams for said first communications facility which are exchanged between the said second firewall and said blade server, said virtual local area networks being designed so as to exhibit an empty intersection.
    Type: Grant
    Filed: May 20, 2011
    Date of Patent: February 17, 2015
    Assignee: Thales
    Inventors: Suzanne DeBaille, Stéphane Touyet
  • Patent number: 8955121
    Abstract: A system, method, and computer program product are provided for dynamically adjusting a level of security applied to a system. In use, predetermined activity that is at least potentially associated with unwanted activity is identified on a system. Further, a level of security applied to the system is dynamically adjusted, in response to the identification of the predetermined activity.
    Type: Grant
    Filed: December 5, 2013
    Date of Patent: February 10, 2015
    Assignee: McAfee, Inc.
    Inventor: Gregory W. Dalcher
  • Patent number: 8955118
    Abstract: A computer implemented method, apparatus, and program code for detecting malicious software components. A series of calls made by a software component is monitored to identify an identified respective series of call types to components named in said calls. A determination is made as to whether the identified respective series of call types to components named in said calls is indicative of malicious behavior.
    Type: Grant
    Filed: March 13, 2013
    Date of Patent: February 10, 2015
    Assignee: Palo Alto Networks, Inc.
    Inventor: Douglas North Franklin
  • Patent number: 8949941
    Abstract: A system, method, and apparatus for the authentication of the physical location of a target node are disclosed herein. In one or more embodiments, the authentication of the target node's physical location is achieved by using ping ranging measurements obtained from the amount of time that elapses during ping messages being sent between the target node and at least one trusted node with a known physical location. The physical location of the trusted node(s) is obtained by using satellite geolocation techniques. The accuracy of the ranging measurements may be improved upon by using pre-coordination and/or priority determination of the ping messages being sent between the target node and the trusted node(s). In at least one embodiment, the ping messages are sent by dedicated ping response hardware that is associated with the target node and/or the trusted node(s). In some embodiments, the ping messages include a pseudo random code bit sequence.
    Type: Grant
    Filed: October 27, 2011
    Date of Patent: February 3, 2015
    Assignee: The Boeing Company
    Inventors: David A. Whelan, Gregory M. Gutt, David G. Lawrence, Michael Lee O'Connor, Rachel Rane' Schmalzried
  • Patent number: 8943591
    Abstract: A method of detecting and responding to an email address harvest attack at an Internet Service Provider (ISP) email system includes counting a number of failed email address look-ups during a single Simple Mail Transfer Protocol (SMTP) session associated with an originating Internet Protocol (IP) address and responding to the originating IP address with a positive acknowledgement that an otherwise invalid email address exists when the count of the number of failed email address look-ups exceeds a threshold.
    Type: Grant
    Filed: February 18, 2013
    Date of Patent: January 27, 2015
    Assignee: AT&T Intellectual Property I, L.P.
    Inventor: Stephen K. Wood
  • Patent number: 8931105
    Abstract: The present invention relates to a method for transferring content to a device, the method including the steps of: receiving a request for content from the device; delivering a uniquely identifiable, ephemeral player to the device; and transferring content to the device, for presentation on the device by the player. The invention has particular application to digital rights management in respect of the distribution of audiovisual content such as film and television programs, advertisements and live event broadcasts over communication networks such as the Internet.
    Type: Grant
    Filed: March 3, 2008
    Date of Patent: January 6, 2015
    Assignee: Vividas Technologies Pty. Ltd.
    Inventors: Martin Lipka, Alexander Dubov
  • Patent number: 8918861
    Abstract: A computationally implemented method includes, but is not limited to: determining that a computing device that was presenting one or more portions of one or more items and that was in possession of a first user has been transferred from the first user to a second user; and marking, in response to said determining, the one or more portions of the one or more items to facilitate the computing device in returning to the one or more portions upon the computing device being at least transferred back to the first user. In addition to the foregoing, other method aspects are described in the claims, drawings, and text forming a part of the present disclosure.
    Type: Grant
    Filed: December 14, 2011
    Date of Patent: December 23, 2014
    Assignee: Elwha LLC
    Inventors: Royce A. Levien, Richard T. Lord, Robert W. Lord, Mark A. Malamud, John D. Rinaldo, Jr., Clarence T. Tegreene
  • Patent number: 8918846
    Abstract: A system and method for securely storing, retrieving and sharing data using PCs and mobile devices and for controlling and tracking the movement of data to and from a variety of computing and storage devices.
    Type: Grant
    Filed: July 3, 2014
    Date of Patent: December 23, 2014
    Assignee: QuickVault, Inc.
    Inventor: Steven V. Bacastow
  • Patent number: 8908864
    Abstract: Systems, methods, and computer readable media for detecting and mitigating address spoofing in messaging service transactions are disclosed. A messaging service firewall (MSF) separate from a short message service center (SMSC) receives a mobility management reply message (MMR) that is sent by a mobile location register element in response to an associated mobility management query (MMQ) and that includes a serving switch identifier. The MSF allocates a global title address (GTA) from a pool of GTAs and stores a correlation between the allocated GTA and the originating SMSC. The MSF replaces the serving switch identifier in the MMR with the allocated GTA and routes the modified MMR. The MSF then receives a messaging service message (MSM) that is addressed to the allocated GTA and that includes the purported originating SMSC. If the purported originating SMSC does not match the SMSC to which the GTA is correlated, the MSM is discarded.
    Type: Grant
    Filed: October 5, 2012
    Date of Patent: December 9, 2014
    Assignee: Tekelec Netherlands Group, B.V.
    Inventor: Eloy Johan Lambertus Nooren
  • Patent number: 8904489
    Abstract: A system and process for identifying a client, comprising a client device having a video camera and a voice transmitting and receiving device capable of transmitting a client's image and voice via a communication carrier system and a communications network to a user terminal, whereby the user terminal permits an authentication of the client's image and voice in real time. Another aspect of the present invention includes a method of identifying a fraudster, comprising the steps of using a client device having a video camera and voice transmitting and receiving device to initiate an authentication of a client's identity, transmitting the fraudster's image and voice over a communication carrier system and a communications network to a user terminal, comparing the fraudster's image and voice to client data, and storing the fraudster data.
    Type: Grant
    Filed: September 8, 2010
    Date of Patent: December 2, 2014
    Inventor: Thomas Varghese
  • Patent number: 8904521
    Abstract: Cross-site request forgeries (“XSRF”) can be prevented using a client-side plugin on a client computer. The client computer accesses a content provided by a third party host via a network and generates a request to a web application as directed by the content. The client-side plugin determines whether the request is associated with suspicious activities based on the content, a source of the request and a list of approved hosts associated with the target host. In response to a determination that the request is associated with suspicious activities, the plugin removes authentication credentials from the request and sends the request to the web application.
    Type: Grant
    Filed: November 30, 2009
    Date of Patent: December 2, 2014
    Assignee: Red Hat, Inc.
    Inventor: James Paul Schneider
  • Patent number: 8893276
    Abstract: An intrusion prevention/detection system filter (IPS filter) performance evaluation is provided. The performance evaluation is performed at both the security center and at the customer sites to derive a base confidence score and local confidence scores. Existence of new vulnerability is disclosed and its attributes are used in the generation of new IPS filter or updates. The generated IPS filter is first tested to determine its base confidence score from test confidence attributes prior to deploying it to a customer site. A deep security manager and deep security agent, at the customer site, collect local confidence attributes that are used for determining the local confidence score. The local confidence score and the base confidence score are aggregated to form a global confidence score. The local and global confidence scores are then compared to deployment thresholds to determine whether the IPS filter should be deployed in prevention or detection mode or sent back to the security center for improvement.
    Type: Grant
    Filed: October 27, 2012
    Date of Patent: November 18, 2014
    Assignee: Trend Micro Incorporated
    Inventors: Blake Stanton Sutherland, William G. McGee
  • Patent number: 8892877
    Abstract: A method and a device are provided for accessing data files of a secure file server, wherein a user or a process is authenticated; wherein access to the data files of the secure file server takes place by way of an encryption module of the secure file server; wherein the encryption module comprises an encryption agreement of a centralized security application; and wherein the access of the authenticated user or process to the secure file server takes place by way of an encrypted protocol taking into consideration the encryption agreement. Such a device may be included in a corresponding computer network.
    Type: Grant
    Filed: May 17, 2012
    Date of Patent: November 18, 2014
    Assignee: Bayerische Motoren Werke Akteingesellschaft
    Inventor: Sirko Molau
  • Patent number: 8881281
    Abstract: In an embodiment, a computer-implemented method detects a network or application abuse to a service provider environment. In the method, data is collected describing incoming requests from plurality of different external source addresses to the service provider environment. The collected data is used to compare the incoming requests against a heuristic. When the incoming requests are determined to match the heuristic, the requests, having the plurality of different external source addresses, are from a common abuse entity. Finally, the collected data is evaluated to determine that the common abuse entity is a potential network abuser of the service provider environment.
    Type: Grant
    Filed: May 29, 2014
    Date of Patent: November 4, 2014
    Assignee: Singularity Networks, Inc.
    Inventor: David James Mitchell
  • Patent number: 8869292
    Abstract: A 3D object is protected by a first device that receives the 3D object, generates translation vectors that are added to the points of the 3D object to obtain a protected 3D object, and outputs the protected 3D object. The protected 3D object is unprotected by a second device by receiving the protected 3D object, generating translation vectors that are subtracted from the points of the protected 3D object to obtain an unprotected 3D object, and outputting the unprotected 3D object. Also provided are the first device, the second device and computer readable storage media.
    Type: Grant
    Filed: May 1, 2012
    Date of Patent: October 21, 2014
    Assignee: Thomson Licensing
    Inventors: Marc Eluard, Yves Maetz, Sylvain Lelievre
  • Patent number: 8863285
    Abstract: An apparatus, device, methods, computer program product, and system are described that determine a virus associated with communication data on a communications network, the communications network associated with at least one network policy device, associate an anti-viral agent with at least one identifier, prioritize transmission of the at least one identifier through the at least one network policy device, relative to the communication data, and provide the anti-viral agent on the communications network, in response to the prioritizing transmission of the at least one identifier through the at least one network policy device.
    Type: Grant
    Filed: September 22, 2006
    Date of Patent: October 14, 2014
    Assignee: The Invention Science Fund I, LLC
    Inventors: Edward K. Y. Jung, Royce A. Levien, Robert W. Lord, Mark A. Malamud, John D. Rinaldo, Jr., Lowell L. Wood, Jr.
  • Patent number: 8863228
    Abstract: An energy management apparatus includes: a communicator capable of communicating with at least a meter apparatus among the meter apparatus and a server apparatus that collects measurement information from the meter apparatus; a device registration processor configured to determine whether the direct communicator to the server apparatus can communicate with the server apparatus; if the direct communication is possible, transmit to the server apparatus a device registration message that requests to register a device identifier of the meter apparatus and a device identifier of the energy management apparatus; and, if the direct communication to the server apparatus is not possible, transmit the device registration message for the server apparatus to the meter apparatus; a communication processor configured to obtain energy control information of the device transmitted from the server apparatus; and a control executor configured to control the used energy amount of the device based on the energy control informati
    Type: Grant
    Filed: May 18, 2012
    Date of Patent: October 14, 2014
    Assignee: Kabushiki Kaisha Toshiba
    Inventors: Yasuyuki Nishibayashi, Takeshi Saito, Mitsuru Kanda, Keiichi Teramoto, Yoshihiro Oba
  • Patent number: 8856505
    Abstract: A system and method for managing pestware on a protected computer is described. The method in one variation includes monitoring events during a boot sequence of the computer; managing pestware-related events before native applications can run and after a kernel is loaded; managing pestware-related events when native applications can run; and scanning a registry of the computer for pestware when native applications can run. In variations, a pestware management engine is initialized after an operating system of the protected computer is initialized and the pestware management system both receives an event log of the monitored events and compiles the set of behavior rules utilized by kernel-level monitor.
    Type: Grant
    Filed: April 30, 2012
    Date of Patent: October 7, 2014
    Assignee: Webroot Inc.
    Inventor: Jerome L. Schneider
  • Patent number: 8850519
    Abstract: Systems and methods for providing authentication using an arrangement of dynamic graphical images. The graphical images can be arranged as a grid or matrix for presentation on a device display for authentication of a user. The kinds of graphical images can be derived from a designated authentication category and non-authenticating categories. A series of password elements corresponding to the graphical images can be displayed with the graphical images. The user may enter the series of one or more password elements corresponding to graphical images from the authentication category which combine to form a password entry. An authentication server can compare the password entry to an authentication password corresponding to the particular arrangement of dynamic graphical images. The selection of graphical images, their arrangement and their corresponding password elements, may dynamically change in between authentication processes.
    Type: Grant
    Filed: December 23, 2010
    Date of Patent: September 30, 2014
    Assignee: Confident Technologies, Inc.
    Inventors: Steven L. Osborn, Nicholas A. Davis, James L. Sontag, Joel Norvell