Patents Examined by Mohammad A. Siddiqi
  • Patent number: 10917436
    Abstract: Systems, methods, and computer-readable media for on-demand security provisioning using whitelist and blacklist rules. In some examples, a system in a network including a plurality of pods can configure security policies for a first endpoint group (EPG) in a first pod, the security policies including blacklist and whitelist rules defining traffic security enforcement rules for communications between the first EPG and a second EPG in a second pods in the network. The system can assign respective implicit priorities to the one or more security policies based on a respective specificity of each policy, wherein more specific policies are assigned higher priorities than less specific policies. The system can respond to a detected move of a virtual machine associated with the first EPG to a second pod in the network by dynamically provisioning security policies for the first EPG in the second pod and removing security policies from the first pod.
    Type: Grant
    Filed: June 21, 2018
    Date of Patent: February 9, 2021
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Murukanandam Panchalingam, Umamaheswararao Karyampudi, Gianluca Mardente, Aram Aghababyan
  • Patent number: 10903999
    Abstract: Systems and methods include receiving a request from a client with the request including an authentication token as a request header, wherein the authentication token includes a first encryption key, a second encryption key, and a timestamp; decrypting the authentication token with a private key of the server to obtain the first encryption key, the second encryption key, and the timestamp; and validating the request based on the first encryption key and the timestamp, and, if valid, decrypting payload of the request with the second encryption key.
    Type: Grant
    Filed: September 11, 2019
    Date of Patent: January 26, 2021
    Assignee: Zscaler, Inc.
    Inventors: Vivek Ashwin Raman, Ajit Singh
  • Patent number: 10893071
    Abstract: The present disclosure describes systems and methods for dynamically creating groups of users based on attributes for simulated phishing campaign. A campaign controller determines one or more attributes of a plurality of users during execution of a simulated phishing campaign and creates one or more groups of users during based on the identified attributes. The campaign controller selects a template to be used to execute a portion of the simulated phishing campaign for a first group of users and then communicates one or more simulated phishing communications to the first group of users according to the template. The template may identify a list of a plurality of types of simulated phishing communications (email, text or SMS message, phone call or Internet based communication) and at least a portion of the content for the simulated phishing communication.
    Type: Grant
    Filed: May 15, 2020
    Date of Patent: January 12, 2021
    Assignee: KnowBe4, Inc.
    Inventors: Alin Irimie, Stu Sjouwerman, Greg Kras, Eric Sites
  • Patent number: 10878087
    Abstract: Disclosed herein are methods and systems for detecting malicious files using two stage file classification. An exemplary method comprises selecting, by a hardware processor, a set of attributes of a file under analysis, calculating, by the hardware processor, a hash of the file based on the selected set of attributes, selecting, by the hardware processor, a classifier for the file from a set of classifiers based on the calculated hash of the file, assigning, by the hardware processor, the file under analysis to the one or more categories based on the selected classifier, determining whether the file has been assigned to a category of malicious files and concluding that the file is malicious based on the determination.
    Type: Grant
    Filed: November 8, 2018
    Date of Patent: December 29, 2020
    Assignee: AO KASPERSKY LAB
    Inventors: Alexey M. Romanenko, Alexander V. Liskin, Sergey V. Prokudin
  • Patent number: 10878092
    Abstract: A global response network collects, analyzes, and distributes “cross-vector” threat-related information between security systems to allow for an intelligent, collaborative, and comprehensive real-time response.
    Type: Grant
    Filed: September 26, 2018
    Date of Patent: December 29, 2020
    Assignee: SonicWALL Inc.
    Inventors: Boris Yanovsky, Scott D. Eikenberry, Bhuvanasundar Rachamreddy, Nick Bilogorskiy, Gayatri Bhimaraju
  • Patent number: 10880290
    Abstract: A comprehensive authentication and identity system and method are disclosed. A central profile is created for a user which includes user information that can be passed back or otherwise utilized by websites (e.g. for registrations, logins, etc.) The user information may include the user's username, password, contact information, personal information, marketing preferences, financial information, etc. For website registrations, the user may provide a mobile communication number that is utilized to perform a type of mobile communication device verification process. As part of a website login, the user may provide identifiable information (e.g. a username) that is looked up by the system or website to determine a mobile communication number for the user, which is used for a verification process. If the verification process is completed successfully, the user may be logged into the website. For accessing the system directly, a user may go through a mobile communication device verification process.
    Type: Grant
    Filed: December 28, 2017
    Date of Patent: December 29, 2020
    Assignee: TeleSign Corporation
    Inventors: Darren Berkovitz, Ryan Parker Disraeli, Stacy Lyn Stubblefield
  • Patent number: 10867027
    Abstract: A system for entering a secure Personal Identification Number (PIN) into a mobile computing device includes a mobile computing device and a peripheral device that are connected via a data communication link. The mobile computing device includes a mobile application and a display and the mobile application runs on the mobile computing device and displays a grid on the mobile computing device display. The peripheral device includes a display and an encryption engine, and the peripheral device display displays a grid corresponding to the grid displayed on the mobile computing device display. Positional inputs on the mobile computing device grid are sent to the peripheral device and the peripheral device decodes the positional inputs into PIN digits and generates an encrypted PIN and then sends the encrypted PIN back to the mobile computing device.
    Type: Grant
    Filed: June 13, 2019
    Date of Patent: December 15, 2020
    Assignee: BBPOS LIMITED
    Inventor: Chi Wah Lo
  • Patent number: 10855726
    Abstract: Resources can be secured by a resource security system. The resource security system can determine whether to grant or deny access to resources using authorization information in an access request. The resource security system can also determine whether the access request is legitimate or fraudulent using risk scoring models. A score transformation table can be used to provide consistency in the risk level for a particular score over time. The score transformation table can be based on a target score profile and a precision format (e.g., integer or floating point). The score transformation table can dynamically adapt based on the trending top percent of risk and can account for changes in the distribution of scores over time or by weekday. The scores can be used to determine an access request outcome. Access to the resource can be accepted or rejected based on the outcome.
    Type: Grant
    Filed: October 15, 2018
    Date of Patent: December 1, 2020
    Assignee: Visa International Service Association
    Inventors: Hung-Tzaw Hu, Haochuan Zhou, Ge Wen, Benjamin Scott Boding
  • Patent number: 10855685
    Abstract: Resources can be secured by a resource security system. The resource security system can determine whether to grant or deny access to resources using authorization information in an access request. The resource security system can also determine whether the access request is legitimate or fraudulent using risk scoring models. A score transformation table can be used to provide consistency in the risk level for a particular score over time. The score transformation table can be based on a target score profile and a precision format (e.g., integer or floating point). The score transformation table can dynamically adapt based on the trending top percent of risk and can account for changes in the distribution of scores over time or by weekday. The scores can be used to determine an access request outcome. Access to the resource can be accepted or rejected based on the outcome.
    Type: Grant
    Filed: October 15, 2018
    Date of Patent: December 1, 2020
    Assignee: Visa International Service Association
    Inventors: Hung-Tzaw Hu, Haochuan Zhou, Ge Wen, Benjamin Scott Boding
  • Patent number: 10853459
    Abstract: A machine trains an artificial intelligence engine to facilitate authentication of a request to verify a user. The machine accesses a reference set of obfuscated geolocations generated from actual geolocations from which a device submitted requests to verify the user. The machine groups the obfuscated geolocations into geographical clusters based on a predetermined cluster radius value and calculates a corresponding representative geolocation for each geographical cluster and a corresponding variance distance from the representative geolocation for each geographical cluster. The machine then generates a reference location score based on the representative geolocations of the geographical clusters and on the variance distances of the geographical clusters. The machine trains an artificial intelligence engine to output that reference location score in response to the reference set being input thereto. The trained artificial intelligence engine may then be provided to one or more devices.
    Type: Grant
    Filed: June 26, 2018
    Date of Patent: December 1, 2020
    Assignee: Callsign Inc.
    Inventors: Peter Alexander Foster, Gabriel Dominguez Conde, Yogesh Kumar Jitendra Patel
  • Patent number: 10846431
    Abstract: A system for detecting breach of merchant systems includes an extraction management system for extracting wildcard data from a dump site at which stolen account data is offered for sale. The system also includes an account breach identifying system for accessing stored transaction data from multiple banks and merging the extracted dump site data with the transaction data to create unique PAN (primary account number) data records (each set of wildcard data corresponds to only a single PAN) and multiple PAN data records (each set of wildcard data corresponds to multiple PANs). The unique and multiple PAN data records are stored and analyzed separately, and reduce the amount of data needed to identify a breached merchant.
    Type: Grant
    Filed: April 16, 2018
    Date of Patent: November 24, 2020
    Assignee: First Data Corporation
    Inventor: Christopher M. Mascaro
  • Patent number: 10846386
    Abstract: One embodiment provides a method, including: obtaining, using one or more pulse sensors, user pulse data from two or more points; and identifying, using a processor, a user based on the user pulse data. Other aspects are described and claimed.
    Type: Grant
    Filed: August 22, 2016
    Date of Patent: November 24, 2020
    Assignee: Lenovo (Singapore) Pte. Ltd.
    Inventors: Igor Stolbikov, David Rivera, Rod D. Waltermann, Timothy Winthrop Kingsbury
  • Patent number: 10846419
    Abstract: A method enables a user to self-identify to a user support system when a user electronic device is connected to the user support system by an over-the-top (OTT) communication session where an OTT messaging service provides an anonymous identifier to the user support system to enable communication with the user. The method includes receiving a secured real identifier and a secured token from the user electronic device in response to a user selection to self-identify to the user support system, decrypting the secured real identifier to determine a real identifier that identifies user account information at an external system, determining the anonymous identifier for the user using the secured token in a manner that associates the real identifier with the OTT communication session, and sending the real identifier to the user support system to enable access to the user account information by the user support system.
    Type: Grant
    Filed: April 17, 2018
    Date of Patent: November 24, 2020
    Assignee: salesforce.com, inc.
    Inventor: Anurodh Pokharel
  • Patent number: 10846376
    Abstract: An electronic apparatus operated based on an OS is provided. The electronic apparatus includes a storage to store the OS, a virtual device program capable of generating a virtual device executed based on the OS, and at least one program; and at least one processor to execute the virtual device program to generate the virtual device, and to execute the OS to determine whether a first program having an administration authority assigned by the OS from among the at least one program has access authority to data about the virtual device in response to an attempt to access the data from the first program and to selectively permit the access to the data based on the determined access authority. With this, the electronic apparatus may restrain the access to the virtual device or the data thereabout according to a presence of the access authority, thereby safely protecting the virtual device or the data.
    Type: Grant
    Filed: March 1, 2017
    Date of Patent: November 24, 2020
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Dong-hwa Jeong, Sung-kyu Lee, Hyun-cheol Park, Chang-woo Lee
  • Patent number: 10831900
    Abstract: A method prevents source code from using an unsecure application program interface (API) due to a change to the source code. One or more processors and/or a user identify changes in source code. The processor(s) and/or user associate the changed code with affected APIs that are used by the changed code, and identify which commands are utilized by the changed code. The processor(s) and/or user determine that at least one command utilized by the changed code causes the source code to use an unsecure API. In response to determining that the at least one command utilized by the changed code causes the source code to use the unsecure API, the processor(s) and/or user modify the changed code to prevent the source code from using the unsecure API.
    Type: Grant
    Filed: October 10, 2019
    Date of Patent: November 10, 2020
    Assignee: International Business Machines Corporation
    Inventors: Mohammadreza Barouni Ebrahimi, Samaneh Bayat, Obidul Islam, Vishwanath Ramaswamy
  • Patent number: 10834093
    Abstract: A method for restoring a setting on a network connected device achieves increased security. The method includes receiving an initiation signal representing a request to restore the setting on the device; transmitting a request for authorization to restore the setting to an authorization device arranged as an adjacent node on the network by transmitting the request for authorization over a link layer protocol, wherein the request is transmitted in response to the received initiation signal; receiving an encrypted restore authorization response from the authorization device in response to the request for authorization; decrypting, if encrypted, the received restore authorization message; verifying the restore authorization message; and restoring the settings on the network connected device if the restore authorization message was verified.
    Type: Grant
    Filed: August 31, 2017
    Date of Patent: November 10, 2020
    Assignee: AXIS
    Inventors: Fredrik Hugosson, Stefan Lundberg
  • Patent number: 10812259
    Abstract: Methods and systems for generating a random number include extracting feature information from a structure having a random physical configuration. The feature information is converted to a string of binary values to generate a random number. Pseudo-random numbers are generated using the random number as a seed to improve the security of encrypted information.
    Type: Grant
    Filed: October 31, 2017
    Date of Patent: October 20, 2020
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Huan Hu, Kafai Lai, Sharathchandra Pankanti, Rasit Onur Topalogu
  • Patent number: 10798132
    Abstract: The present application is directed a computer-implemented method for enhancing security and preventing cyber-attacks on a network. The method includes a step of receiving, from a user equipment on the network, information including a source IP address and a destination IP address. The method also includes a step of selecting a first VPN server from a VPN service provider based upon a traffic-type of the user equipment. The method also includes a step of creating, via a graphical user interface, a policy to prevent cyber-attacks such that traffic associated with the information of the user equipment is routed to the first VPN server. The method further includes a step of sending the traffic of the user equipment to the VPN server. The method even further includes a step of provisioning the first VPN server to last a predetermined amount of time base on the created policy.
    Type: Grant
    Filed: April 16, 2019
    Date of Patent: October 6, 2020
    Inventor: Michael J. Chen
  • Patent number: 10798125
    Abstract: Embodiments of the present invention relate to a network entity assisted system and method for detection of Honeypot access point. More particularly, the embodiments may disclose a method for authenticating the access point based on a request from a user equipment; the method comprising: comparing an AP identifier with a pre-configured list of AP identifiers to generate one of a positive response and a negative response; transmitting one of a denial response and a verification request; receiving one of a positive verification response and a negative verification response from the authorized AP; transmitting one of a positive authentication response and negative authentication response to maintain the connection with the authorized AP and release the connection with Honeypot AP, respectively.
    Type: Grant
    Filed: October 23, 2017
    Date of Patent: October 6, 2020
    Assignee: RELIANCE JIO INFOCOMM LIMITED
    Inventors: Ajay Kumar Gupta, Vishal Vasant Oak, Parwiz Shekalim, Tareq Amin
  • Patent number: 10790965
    Abstract: A method of combining chains of blocks in a network. The method comprising, creating a plurality of birth blocks of a plurality of chains of blocks by a block foundry application in a network, where each birth block is associated with a chain of blocks that records events of a network entity, creating blocks by a plurality of nodes in the network, wherein the current block and the previous block are linked, terminating the chain of blocks by the network entity, wherein the entity sends a termination request to create an end block, creating the end block, wherein the end block is the final block of the chain of blocks, and in response to the creation of the end block, sending a request by the network entity to create a block of a meta-chain of blocks, and creating the block of the meta-chain of blocks by the plurality of nodes.
    Type: Grant
    Filed: May 20, 2019
    Date of Patent: September 29, 2020
    Assignee: Sprint Communications Company L.P.
    Inventors: Lyle W. Paczkowski, Lyle T. Bertz, Mark R. Bales