Patents Examined by Michael S McNally
-
Patent number: 11979372Abstract: A new approach is proposed that supports IP address lookup. An IP address updater creates a bitmap of an IP address space, wherein each bit in the bitmap corresponds to an IP address in the IP address space. The compressed bitmap is then populated and stored permanently on a shared memory storage that is accessible by multiple client applications at the same time. The client applications may each establish and maintain a connection to the shared memory storage through an IP address lookup agent. When a lookup request for an IP address is received, the IP address lookup agent checks the bitmap and associated information of the IP address space on the shared memory storage to determine if the IP address is malicious or not and to inform the client application making the request accordingly, while the bitmap on the shared memory storage is updated with new IP address update.Type: GrantFiled: March 21, 2022Date of Patent: May 7, 2024Assignee: Barracuda Networks, Inc.Inventor: Junxiao Liu
-
Patent number: 11977630Abstract: There is disclosed in one example a ransomware mitigation engine, including: a processor; a convolutional neural network configured to provide file type identification (FTI) services including: identifying an access operation of a file as a write to the file or newly creating the file; computing a byte correlation factor for the file; classifying the file as belonging to a file type; determining with a screening confidence that the file type is correct for the file; determining that the screening confidence is below a screening confidence threshold; and circuitry and logic to provide heuristic analysis including: receiving notification that the confidence is below the confidence threshold; performing a statistical analysis of the file to determine a difference between an expected value and a computed value; determining from the difference, with a detection confidence, that the file has been compromised; and identifying the file as having been compromised by a ransomware attack.Type: GrantFiled: July 18, 2022Date of Patent: May 7, 2024Assignee: McAfee, LLCInventors: Kunal Mehta, Sherin Mary Mathews, Carl D. Woodward, Celeste R. Fralick, Jonathan B. King
-
Patent number: 11979419Abstract: Examples of techniques for threat detection in an industrial process system are described herein. An aspect includes determining a plurality of subsystems of an industrial process system. Another aspect includes, for each of the plurality of subsystems, constructing and training a respective deep autoencoder (DAE) model of the subsystem based on data corresponding to the industrial process system. Another aspect includes monitoring the industrial process system using the plurality of DAE models corresponding to the plurality of subsystems. Another aspect includes, based on the plurality of DAE models, determining a cyberattack in a subsystem of the plurality of subsystems.Type: GrantFiled: April 9, 2019Date of Patent: May 7, 2024Assignee: SIEMENS AKTIENGESELLSCHAFTInventors: Chengtao Wen, Mohamed El Amine Houyou, Juan L. Aparicio Ojea, Mathias Maurmaier, Martin Sehr, Tao Cui
-
Patent number: 11977619Abstract: An embodiment discloses a method for controlling a vehicle virtualization structure-based device including the steps of receiving a request for use of a device from at least one container among a plurality of containers; and determining the use of the device according to a type of the device and a type of the container that transmits the request for use.Type: GrantFiled: November 19, 2021Date of Patent: May 7, 2024Assignee: DRIMAES, INC.Inventors: Yong Kyung Kim, Woo Jin Han, Yevgeny Hong, Hyun Duk Choi
-
Patent number: 11971965Abstract: In accordance with an embodiment, described herein is system and method for use with software application development environments, for determining attribution associated with licensed software code. The system can receive as input an indication of a source application codebase for a software application, determine dependencies on third-party modules, libraries, or other software code, and output associated license attributions for that codebase. Optionally, the system can combine and/or de-duplicate multiple sets of attributions associated with a source application codebase, or generate a set of differences between two versions of attributions, to illustrate changes between the versions. In accordance with an embodiment, if the system detects potential licensing issues associated with the use of third-party modules, libraries, or other software code, then an appropriate notification can be generated.Type: GrantFiled: December 16, 2021Date of Patent: April 30, 2024Assignee: ORACLE INTERNATIONAL CORPORATIONInventors: Mark Nelson, Paul Mackin, Daniel Simone
-
Patent number: 11971987Abstract: A proposed technique allows for the security of the logic cone through logic locking and secures the outputs of the circuit from the scan chain without modifications to the structure of the scan chain. Since the oracle responses in test mode do not correspond to the functional key, satisfiability (SAT) attacks are not able to leverage the responses from the scan chain. In addition, a charge accumulation circuit is developed to prevent and detect any attempt to enter the partitioned test mode while the correct circuit responses are still stored within the registers.Type: GrantFiled: September 21, 2021Date of Patent: April 30, 2024Assignee: Drexel UniversityInventors: Kyle Joseph Juretus, Ioannis Savidis
-
Patent number: 11966500Abstract: Disclosed herein are systems and method for isolating private information in streamed data. In an exemplary aspect, a method may comprise receiving a stream of data, for storage in a first storage device, and an indication of how the stream will be utilized by an end user. The method may comprise comparing the indication against a plurality of rules, wherein each rule indicates a type of private information that should be isolated from a given input stream based on a respective indication of usage for the given input stream. The method may comprise identifying and extracting a first type of private information that should be isolated from the stream, modifying the stream by removing the first type of private information from the stream, storing the modified stream in the first storage device, and storing the extracted first type of private information in a different location from the modified stream.Type: GrantFiled: August 6, 2021Date of Patent: April 23, 2024Assignee: Acronis International GmbHInventors: Alexander Tormasov, Serguei Beloussov, Stanislav Protasov
-
Patent number: 11954193Abstract: Computer system for performing biometric matching in a way that balances accuracy level required in the biometric matching against computing resources (for example, processor cycles) that will be needed to match authentication requesters with profiles of authorized users. In some embodiments, this is achieved by controlling the number of clusters and/or the number of clusters to be searched pursuant to an authentication request.Type: GrantFiled: September 1, 2021Date of Patent: April 9, 2024Assignee: International Business Machines CorporationInventors: Soma Shekar Naganna, Abhishek Seth, Neeraj Ramkrishna Singh
-
Patent number: 11956209Abstract: Disclosed herein are systems and methods for storing patient medical information on a local processing device, anonymizing a portion of that medical information and storing it on a second processing device, exposing that anonymized medical information to a third processing device coupled to the second processing device through a network, and restricting users of the third processing device to only accessing HIPAA compliant medical information. Alarms are included for indicating the improper transfer of HIPAA data.Type: GrantFiled: October 6, 2021Date of Patent: April 9, 2024Inventor: Volker Rudolph
-
Patent number: 11931591Abstract: Disclosed are embodiments directed to security methods applied to connections between components in a distributed (networked) system including medical and non-medical devices, providing secure authentication, authorization, patient and device data transfer, and patient data association and privacy for components of the system.Type: GrantFiled: May 6, 2022Date of Patent: March 19, 2024Assignee: West Affum Holdings DACInventors: Steven E. Sjoquist, David P. Finch, Erick M. Roane, Zoie R. Engman, Jonathan P. Niegowski, Dusan Beblavy, Martin Pribula, Peter Curila, Martin Kolesár
-
Patent number: 11929984Abstract: Techniques for associating manufacturer usage description (MUD) security profiles for Internet-of-Things (IoT) device(s) with secure access service edge (SASE) solutions, providing for automated and scalable integration of IoT devices with SASE frameworks. A MUD controller may utilize a MUD uniform resource identifier (URI) emitted by an IoT device to fetch an associated MUD file from a MUD file server associated with a manufacturer of the IoT device. The MUD controller may determine that a security recommendation included in the MUD file is to be implemented by a cloud-based security service provided by the SASE service and cause the IoT device to establish a connection with a secure internet gateway associated with the cloud-based security service. Additionally, or alternatively, the MUD file may include SASE extensions indicating manufacturer recommended cloud-based security services. Further, cloud-based security services may be implemented if local services are unavailable.Type: GrantFiled: May 5, 2021Date of Patent: March 12, 2024Assignee: CISCO TECHNOLOGY, INC.Inventors: David Hanes, Gonzalo Salgueiro, Sebastian Jeuk, Robert Edgar Barton
-
Patent number: 11928188Abstract: A machine has a network interface circuit to provide connectivity to networked machines. A processor is connected to the network interface circuit. A memory is connected to the processor and the network interface circuit. The memory stores instructions executed by the processor to record the purchase of a digital asset by a user at a client machine from a data source machine in network communication with the client machine. The location of the digital asset on one or more machines of the networked machines is archived. The location is separate from the data source machine. The digital asset is associated with a data access policy. A request for the digital asset is received. The data access policy is enforced through programmatic control utilized by one or more of the networked machines to form a consent state. Distribution of the digital asset to a networked machine is authorized in response to the consent state.Type: GrantFiled: November 19, 2021Date of Patent: March 12, 2024Assignee: Anonyome Labs, Inc.Inventors: Steven Harvey McCown, Paul Ashley, Neil Readshaw, John David Mumford, Tim Bartley
-
Patent number: 11921896Abstract: A global partitioning-based method for anonymizing a dataset of biometric data may include an anonymization computer program: (1) receiving a value k representing a number of records to hide a biometric datum among, a value t that represents a t-closeness parameter for a t-close distribution, a weight parameter, and a first number of features to retain for determining an attribute of interest; (2) receiving the attribute of interest; (3) calculating a distribution of the attribute of interest in a biometric dataset; (4) splitting the biometric dataset into a plurality of k-sized clusters that satisfy the t-close distribution; (5) anonymizing each biometric datum in the plurality of k-sized clusters using a weighted average of landmarks for the biometric datums in k-sized clusters using the weight parameter; (6) adding each anonymized biometric datum into an anonymized biometric dataset; and (7) persisting the anonymized biometric dataset.Type: GrantFiled: November 30, 2021Date of Patent: March 5, 2024Assignee: JPMORGAN CHASE BANK, N.A.Inventors: Bill Moriarty, Shaohan Hu, Marco Pistoia, Hargun Kalsi, Sean Moran, Brett Sanford
-
Patent number: 11921901Abstract: A system receives a request associated with a first account to delegate, to a second account, authority to send documents on behalf of the first account. The request identifies requirements that must be satisfied before the second account can send documents on behalf of the first account. Responsive to receiving a request to send a first document to a first entity from the second account and on behalf of the second account, the system sends the first document to the first entity. Responsive to receiving a request to send a second document to a second entity from the second account and on behalf of the first account, the system determines whether the request to send the second document satisfies the requirements. Responsive to the request satisfying the requirements, the system sends the second document to the second entity on behalf of the first account.Type: GrantFiled: January 28, 2022Date of Patent: March 5, 2024Assignee: DOCUSIGN, INC.Inventors: Janice Bae, Pavel Rebriy, Matthew Ritchie, Macklin Douglas Underdown
-
Patent number: 11914744Abstract: Disclosed are some implementations of systems, apparatus, methods and computer program products for providing contextually relevant recommendations based on a context of the user. The context of the user may be determined according to a set of privacy settings of the user, where the set of privacy settings indicates contextual features for which values are permitted to be accessed by a recommendation system. The contextual features may include user-related features and/or tenant features pertaining to a tenant of a multi-tenant database.Type: GrantFiled: March 31, 2021Date of Patent: February 27, 2024Assignee: Salesforce, Inc.Inventors: Gang Shu, Jong Lee, Florence Cheung
-
Patent number: 11916921Abstract: The system comprises of a meeting organizer, host data processing system, at least one participant and participant data processing system and a server. The host data processing system is configured to create the meeting, list of participants, generate key for the participants and then communicate the key to the participants. The participant data processing system is configured to receive the credentials, communicate credential and key to the server and communicate the location information of the participant data processing system to the server. The server is configured to authenticate the participant, verify the identity of the participant, and determine whether the participant data processing system is located in a secured or unsecured location.Type: GrantFiled: August 13, 2021Date of Patent: February 27, 2024Inventor: Kishore Daggubati
-
Patent number: 11899758Abstract: The present disclosure relates to software tampering resistance. In one aspect, a method for generating protected code is provided, comprising identifying a primary function in code to be obscured, the primary function being a function used to verify the integrity of the code run-time. The method then comprises generating a finite state machine from the primary function, wherein a state of the finite state machine at a given instance defines an element of the primary function to be executed. The method then comprises distributing the finite state machine throughout the code to obscure one or more areas of the code.Type: GrantFiled: August 30, 2019Date of Patent: February 13, 2024Assignee: Nagravision SàrlInventors: Laurent Doré, Christian Mönch, Brecht Wyseur
-
Patent number: 11902254Abstract: A computer-implement method comprises: selecting a trusted computing node via smart contract on a blockchain; completing remote attestation of the selected trusted computing node; writing secret information to an enclave of the selected node; causing a thin device to establish a private connection with the selected node without revealing the secret information; and causing the selected node to act as a proxy on the blockchain for the device. Another method comprises: receiving a signed device access request from a device owner; validating, by the verification node, the received request; executing, by a verification node, a smart contract on a blockchain based on the received request; and producing, based on the executed smart contract, an output command to access the device for the device to validate, decrypt and execute.Type: GrantFiled: September 15, 2022Date of Patent: February 13, 2024Assignee: EZBLOCK LTD.Inventor: Rundong Huang
-
Patent number: 11902263Abstract: A system and method for pairing two devices for secure communications. A user selects a first device to pair with a second device. The first and second devices have the ability to securely communicate with each other through the use of encrypted communications. An encryption key is written to the first device and then burned into the encryption module on the first device. A corresponding decryption key is written to the second device and then is burned into the decryption module of the second device.Type: GrantFiled: January 3, 2023Date of Patent: February 13, 2024Assignee: International Business Machines CorporationInventors: Christopher Steffen, Chad Albertson, Nicholas Ollerich, Eric J. Campbell
-
Patent number: 11888901Abstract: Examples disclosed herein relate to a method for defining an ingress access policy at an ingress network device based on instructions from an egress network device. The egress network device receives data packets directed to a first entity from a second entity connected to an ingress network device. Each data packet transmitted includes a source role tag corresponding to the second entity. At the egress network device, the data packets may be dropped based on the enforcement of an egress access policy. When the number of data packets that are being dropped increases beyond a pre-defined threshold, the egress network device transmits a command to the ingress network device instructing the ingress network device to create a restriction on the transmission of subsequent data packets. The command is transmitted in a Border Gateway Protocol (BGP) Flow Specification (FlowSpec) route.Type: GrantFiled: August 23, 2021Date of Patent: January 30, 2024Assignee: Hewlett Packard Enterprise Development LPInventors: Vinayak Joshi, Venkatavaradhan Devarajan, Rajib Majila, Tathagata Nandy