Patents Examined by Madhuri R Herzog
  • Patent number: 11568029
    Abstract: A system and method for securely storing, retrieving and sharing data using PCs and mobile devices and for controlling and tracking the movement of data to and from a variety of computing and storage devices.
    Type: Grant
    Filed: June 9, 2022
    Date of Patent: January 31, 2023
    Assignee: QUICKVAULT, INC.
    Inventor: Steven V. Bacastow
  • Patent number: 11563560
    Abstract: Embodiments of the present application provide a blockchain-based data evidence storage method, a blockchain-based data check method, and relevant apparatuses. The data evidence storage method comprises: performing irreversible encryption on data content of a target file to obtain irreversibly encrypted data of the target file; storing the irreversibly encrypted data in a blockchain and obtaining on-chain evidence storage information of the irreversibly encrypted data; generating a digital watermark of the on-chain evidence storage information; embedding the digital watermark into the target file; and storing the target file embedded with the digital watermark of the on-chain evidence storage information.
    Type: Grant
    Filed: August 3, 2021
    Date of Patent: January 24, 2023
    Inventor: Xueqing Zou
  • Patent number: 11558417
    Abstract: A method, computer program product, and computer system for receiving, by a computing device, a plurality of file segments of a file, the plurality of file segments being received individually by the computing device. A first file segment of the file may be scanned to identify the presence of malware within the file segment. The first file segment of the file may be encrypted to create an encrypted file segment in response to identification by the scan of the first file segment that malware is absent from the first file segment. The encrypted file segment of the file may be sent to another computing device before a second file segment of the file is received by the computing device.
    Type: Grant
    Filed: April 30, 2019
    Date of Patent: January 17, 2023
    Inventors: Praveen Raja Dhanabalan, Anudeep Narasimhaprasad Athlur
  • Patent number: 11556645
    Abstract: A method for monitoring control-flow integrity in a low-level execution environment, the method comprising receiving, at a monitor, a message from the execution environment indicating that the execution environment has entered a controlled mode of operation, receiving, at the monitor, a data packet representing execution of a selected portion of a control-flow process at the execution environment, identifying, using the data packet, a pathway corresponding to the selected portion of the control-flow process from a set of permissible control-flow pathways and determining whether the identified pathway corresponds to an expected control-flow behaviour.
    Type: Grant
    Filed: June 6, 2018
    Date of Patent: January 17, 2023
    Inventors: Ronny Chevalier, Guillaume Hiet, Maugan Villatel, David Plaquin
  • Patent number: 11552969
    Abstract: Conventional email filtering services are not suitable for recognizing sophisticated malicious emails, and therefore may allow sophisticated malicious emails to reach inboxes by mistake. Introduced here are threat detection platforms designed to take an integrative approach to detecting security threats. For example, after receiving input indicative of an approval from an individual to access past email received by employees of an enterprise, a threat detection platform can download past emails to build a machine learning (ML) model that understands the norms of communication with internal contacts (e.g., other employees) and/or external contacts (e.g., vendors). By applying the ML model to incoming email, the threat detection platform can identify security threats in real time in a targeted manner.
    Type: Grant
    Filed: October 11, 2021
    Date of Patent: January 10, 2023
    Assignee: Abnormal Security Corporation
    Inventors: Sanjay Jeyakumar, Jeshua Alexis Bratman, Dmitry Chechik, Abhijit Bagri, Evan Reiser, Sanny Xiao Lang Liao, Yu Zhou Lee, Carlos Daniel Gasperi, Kevin Lau, Kai Jing Jiang, Su Li Debbie Tan, Jeremy Kao, Cheng-Lin Yeh
  • Patent number: 11537712
    Abstract: A security system includes a backup acquisition unit configured to store given information indicating states of backup data together with backup images generated from the backup data for each backup generation; and a determination unit configured to generate, when a predetermined timing comes, determination information for determining whether there is an abnormality in the stored backup data, based on a predetermined determination rule and the given information for each backup generation, and to output the generated determination information.
    Type: Grant
    Filed: August 18, 2020
    Date of Patent: December 27, 2022
    Assignee: HITACHI, LTD.
    Inventors: Genki Matsuda, Kazuya Higuchi, Keisuke Matsumoto, Goro Kazama
  • Patent number: 11539681
    Abstract: A network with a set of servers can support authentication from a module, where the module includes an embedded universal integrated circuit card (eUICC). The network can send a first network module identity, a first key K, and an encrypted second key K for an eUICC profile to an eUICC subscription manager. The second key K can be encrypted with a symmetric key. The module can receive and activate the eUICC profile, and the network can authenticate the module using the first network module identity and the first key K. The network can (i) authenticate the user of the module using a second factor, and then (ii) send the symmetric key to the module. The module can decrypt the encrypted second key K using the symmetric key. The network can authenticate the module using the second key K. The module can comprise a mobile phone.
    Type: Grant
    Filed: December 19, 2019
    Date of Patent: December 27, 2022
    Assignee: Network-1 Technologies, Inc.
    Inventor: John A. Nix
  • Patent number: 11526610
    Abstract: A method and apparatus utilize a peer-to-peer network of security nodes collectively adhering to a protocol for inter-node communication. The system is comprised a plurality of first security nodes, at least one second security node, and at least one third security node. The plurality of first security nodes receive at least one of pre-trained detection models and rules, monitor at least one of a blockchain and connected devices for malicious behavior based on the received at least one of pre-trained detection models and rules, and report the malicious behavior. The at least one second security node creates and communicates the at least one of pre-trained detection models and rules to the plurality of first security nodes. The at least one third security node is informed by the at least one second security node of the reported malicious behavior.
    Type: Grant
    Filed: May 21, 2019
    Date of Patent: December 13, 2022
    Assignee: Veracode, Inc.
    Inventors: Anna Bacher, Erich Gstrein
  • Patent number: 11526602
    Abstract: A data-processing device includes a computing unit and an interface unit using a packet-based communication protocol, in particular PCI Express. The data-processing device also includes an intrusion detection unit that is connected via a signal connection to a filter device of the interface unit, and/or to a secure element, in the form of a Trusted Execution Environment, of an authentication arrangement related to the communication protocol. The intrusion detection unit evaluates input signals received via the signal connection for a rule infringement in a set of intrusion detection rules The filter device, at least part of which is hardware, is designed to forward only the communication data meeting an approval condition from the interface unit to an additional component of the data-processing device according to configuration information predetermined in the data-processing device and containing the approval condition.
    Type: Grant
    Filed: December 4, 2018
    Date of Patent: December 13, 2022
    Assignee: Audi AG
    Inventors: Markus Klein, Kamil Zawadzki, Changsup Ahn, Hans Georg Gruber, Jürgen Lerzer, Christoph Dalke
  • Patent number: 11523274
    Abstract: Embodiments of the present disclosure relate to a data transmission method, user equipment, and a control plane node. User equipment (UE) determines a security attribute of a session of the UE; the UE sends a session establishment request message to a control plane node when the security attribute of the session of the UE does not meet a security requirement of an application. The session establishment request message is used to request to establish a session corresponding to the security requirement of the application. Embodiments of the disclosed method reduce an unnecessary signaling exchange caused by establishment of a new session in a data transmission process to facilitate meeting requirements of different services.
    Type: Grant
    Filed: September 27, 2019
    Date of Patent: December 6, 2022
    Assignee: Huawei Technologies Co., Ltd.
    Inventors: Hui Ni, Yongcui Li, Jiangwei Ying
  • Patent number: 11522864
    Abstract: A first request is received for a temporary alternate identifier for a user, wherein the user is identified within a service using a user service identifier, and wherein the temporary alternate identifier assists in transferring the user service identifier from the service to a resource. In response to the first request, the temporary alternate identifier is generated and associated with the user service identifier. The temporary alternate identifier is then provided the user, and the temporary alternate identifier is also provided by the user to the resource. A second request is received, from the resource, for an associated service identifier that is associated with the temporary alternate identifier. An indication is then provided, to the resource, that the user service identifier is the associated service identifier.
    Type: Grant
    Filed: September 27, 2019
    Date of Patent: December 6, 2022
    Inventor: Chitranjan Gohil
  • Patent number: 11494488
    Abstract: A method, system, and computer program product for adaptive network provisioning. The method may include storing a plurality of use case records in a use case repository, where each use case record provides a diagnostic definition of a security threat to a SIEM environment. The method may also include storing metadata for a plurality of attributes of subscribers to the SIEM environment. The method may also include storing use cases that the subscribers have deployed from the use case repository. The method may also include setting up a new subscriber, where setting up the new subscriber includes: receiving a set of attributes of the new subscriber; searching a metadata store to identify subscribers with attributes that are similar to the set of attributes; and selecting an initial set of use cases for the new subscriber based on use cases deployed by the identified subscribers.
    Type: Grant
    Filed: October 14, 2020
    Date of Patent: November 8, 2022
    Assignee: International Business Machines Corporation
    Inventors: Tousif Ahmed Syed, Tamer Aboualy, Dusty Boshoff
  • Patent number: 11487907
    Abstract: Multi-mode interfaces having secure alternate modes are disclosed. An example method includes exposing to a device, during a first alternate mode negotiation session, an availability of a first secure alternate mode on a host, authenticating the device to the host using the first secure alternate mode, and responsive to the device being authenticated, exposing to the device a second secure alternate mode.
    Type: Grant
    Filed: August 4, 2017
    Date of Patent: November 1, 2022
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Neill Thomas Kapron, Christopher Ritchie Tabarez, Nicolas James Jurich
  • Patent number: 11489834
    Abstract: The present disclosure provides a method of access to users of a network system via a unique identity key that controls access and permission rights of outside entities as controlled by the entity itself. The system assigns unique identity to a unique entity. The key is responsible for facilitating preferred access types and information accessed by outside entities, and acts as a signal for action, interaction and experience within the System as well as third party platforms. Each interaction within the system includes a requesting entity's proxy (‘REP’) sending an information access request (‘IAR’) to the deciding entity's proxy (‘DEP’) via a network. This IAR is routed to the correct DEP via the unique identifier. The DEP applies access preferences to allow or deny the IAR, in part or completely. If allowed or partially allowed, the DEP returns information to the REP.
    Type: Grant
    Filed: October 10, 2019
    Date of Patent: November 1, 2022
    Assignee: DIEM AI, LLC
    Inventors: Daniel James Carroll, Aaron August Sloup
  • Patent number: 11481487
    Abstract: The technology provides for a threat detection system. In this regard, the system may be configured to output file states of a multi-layer file system. For instance, the system may determine, based on the file states for a file, one or more layers of the multi-layer file system in which one or more objects corresponding to the file can be found. Based on the one or more objects corresponding to the file, the system may detect a potential threat. The system may then take an action in response to the potential threat.
    Type: Grant
    Filed: July 8, 2019
    Date of Patent: October 25, 2022
    Assignee: Google LLC
    Inventors: Michael Halcrow, Thomas Garnier
  • Patent number: 11468184
    Abstract: A data protection system includes a data storage apparatus and an information processing apparatus. In the information processing apparatus, a redirection processing apparatus sets a personal storage area corresponding to a user to an accessible state according to a redirection policy. Furthermore, a write control unit controls data writing permission/prohibition for each storage area according to a write management policy. In particular, the write control unit prohibits data writing to a local storage unit except for the storage area to be used to access the personal storage area. With this, the data does not remain in the information processing apparatus, thereby preventing data leakage from the information processing apparatus.
    Type: Grant
    Filed: August 7, 2018
    Date of Patent: October 11, 2022
    Inventors: Daijiro Kariu, Naoyuki Oe, Haruo Iwasaki, Takahiro Shima
  • Patent number: 11449609
    Abstract: A threat management facility analyzes a plurality of instructions in computer code for redundancy. When redundancy is found, the threat management facility determines whether the redundancy has characteristics of deliberate obfuscation consistent with malware techniques such as server-side polymorphism. Measures of redundancy, such as one or more of a degree of redundancy or a pattern of redundancy, may inform this process, and my usefully aid in distinguishing legitimate code redundancies from malware. Where an inference of malware is supported, the threat management facility may initiate remediation of the computer code. Further, or instead, the type of remediation applied to the computer code may be based on one or more aspects of the detected obfuscation.
    Type: Grant
    Filed: January 22, 2019
    Date of Patent: September 20, 2022
    Assignee: Sophos Limited
    Inventor: Graham John William Chantry
  • Patent number: 11429718
    Abstract: Systems and methods of providing industrial system cybersecurity event detection and corresponding response are described. The systems and methods utilize various end point sensors already available in an industrial control system and an associated monitoring process to detect cybersecurity and other security threats based on data collected by the sensors. The cybersecurity monitoring process may be trained with sensor data patterns and behaviors for known threats to recognize potentially malicious activity. Such a process may also learn to recognize and be trained on new threats and may incorporate each new threat to stay current with evolving industrial threats. This allows an enterprise to utilize its existing industrial infrastructure to detect and act upon a variety of threats to an industrial system with little or no interference or interruption of existing industrial processes.
    Type: Grant
    Filed: September 17, 2019
    Date of Patent: August 30, 2022
    Assignee: Schneider Electric Systems USA, Inc.
    Inventors: Andrew Kling, Zakarya Drias
  • Patent number: 11423141
    Abstract: Intruder detection using quantum key distribution is disclosed. A request for a first key for use with a first application configured to execute on a computing device is received by a quantum computing system. The request includes information that identifies the application. In response to the request, a quantum key distribution (QKD) process to generate a key is initiated. It is determined that an intruder attempted to eavesdrop on the QKD process. A message is sent to the computing device that instructs the computing device to cause the first application to implement a reduced functionality mode of the first application.
    Type: Grant
    Filed: February 10, 2020
    Date of Patent: August 23, 2022
    Assignee: Red Hat, Inc.
    Inventors: Stephen Coady, Leigh Griffin
  • Patent number: 11416628
    Abstract: Systems and methods are described for modifying input and output (I/O) to an object storage service by implementing one or more owner-specified functions to I/O requests. Different data manipulation functions can be placed in different I/O paths depending on the request method or user access level. For example, a user having full access may be returned the unaltered version of the object, whereas a user having modified or reduced access may be returned a modified or redacted version of the object. In this manner, owners of the object collection are provided with greater control over how the object collection is accessed.
    Type: Grant
    Filed: September 27, 2019
    Date of Patent: August 16, 2022
    Inventors: Kevin C. Miller, Timothy Lawrence Harris, Ramyanshu Datta