Patents Examined by Noura Zoubair
  • Patent number: 10805314
    Abstract: Information of an electronic message to be delivered to an intended recipient is received. For an original resource identifier included in the electronic message, a corresponding alternative resource identifier that can be at least in part used to obtain the original resource identifier and obtain context information associated with the electronic message is determined. The original resource identifier included in the electronic message is replaced with the alternative resource identifier to generate a modified electronic message. The modified electronic message with the alternative resource identifier is allowed to be delivered to the intended recipient instead of the electronic message with the original resource identifier. A request made using the alternative resource identifier in the modified message triggers a security action based at least in part on the context information associated with the electronic message.
    Type: Grant
    Filed: May 15, 2018
    Date of Patent: October 13, 2020
    Assignee: Agari Data, Inc.
    Inventors: Bjorn Markus Jakobsson, Scot Free Kennedy, Patrick Richard Peterson
  • Patent number: 10790980
    Abstract: Computer-implemented methods for privacy attribute based credentials include issuing a privacy-preserving attribute-based credential, which is signed with a private key and has a unique credential handle; updating an accumulator in a tamperproof log to incorporate the credential handle; and facilitating providing access to a service in response to a zero-knowledge proof that the accumulator contains the credential handle. The methods also include generating revocation conditions and initial revocation information; submitting the initial revocation information and the revocation conditions to the tamperproof log; revoking a credential by adding a credential handle of the credential to the initial revocation information; and submitting the updated revocation information to the tamperproof log. Further, the methods include writing to the tamperproof log an audit token that contains an encrypted credential handle, which is encrypted by an auditor's public key that is published on the tamperproof log.
    Type: Grant
    Filed: July 14, 2017
    Date of Patent: September 29, 2020
    Assignee: International Business Machines Corporation
    Inventors: Jan Leonhard Camenisch, Luca Alessandro Comparini, Maria Dubovitskaya, Gregory Neven
  • Patent number: 10783240
    Abstract: A secure engine method includes providing an embedded microcontroller in an embedded device, the embedded microcontroller having internal memory. The method also includes providing a secure environment in the internal memory. The secure environment method recognizes a boot sequence and restricts user-level access to the secure environment by taking control over the secure environment memory. Taking such control may include disabling DMA controllers, configuring at least one memory controller for access to the secure environment, preventing the execution of instructions fetched from outside the secure environment, and only permitting execution of instructions fetched from within the secure environment. Secure engine program instructions are then executed to disable interrupts, perform at least one secure operation, and re-enable interrupts after performing the at least one secure operation.
    Type: Grant
    Filed: September 29, 2017
    Date of Patent: September 22, 2020
    Inventors: Maurizio Gentili, Massimo Panzica
  • Patent number: 10757113
    Abstract: Methods are provided herein for communications bus signal fingerprinting. A security module monitors a plurality of voltage lines of at least one electronic control unit (ECU) electrically coupled to a communications bus. A voltage differential across at least two of the plurality of voltage lines of the at least one ECU is measured. The voltage differential is compared to a plurality of predetermined signal fingerprints associated with the at least one ECU. A variance in the compared voltage differential is identified relative to one or more of the plurality of predetermined signal fingerprints. Data characterizing the identified variance is provided.
    Type: Grant
    Filed: March 17, 2017
    Date of Patent: August 25, 2020
    Assignee: Cylance Inc.
    Inventors: Donald Bathurst, Mark Carey
  • Patent number: 10742413
    Abstract: Embodiments of the present invention may provide the capability for performing public-key encryption with proofs of plaintext knowledge using a lattice-based scheme that provides improved efficiency over conventional techniques. For example, in an embodiment, a computer-implemented method of verifying encryption may comprise generating a ciphertext, derived from a plaintext, via an encryption scheme, proving validity of the ciphertext, wherein the proof includes at least one challenge value, and using a decryption procedure that recovers a plaintext by choosing at least one additional challenge value at random from a challenge space.
    Type: Grant
    Filed: April 25, 2017
    Date of Patent: August 11, 2020
    Assignee: International Business Machines Corporation
    Inventors: Vadim Lyubashevsky, Gregory Neven
  • Patent number: 10735399
    Abstract: A client terminal includes a first acquisition unit configured to acquire, in response to a user, who has received a service provided by the second service providing apparatus, issuing an instruction for requesting provision of a service by a first service providing apparatus, information indicating a tenant of the first service providing apparatus associated with a community to which the user belongs.
    Type: Grant
    Filed: October 9, 2017
    Date of Patent: August 4, 2020
    Assignee: Canon Kabushiki Kaisha
    Inventor: Takayuki Uchida
  • Patent number: 10735203
    Abstract: In an example embodiment, a validating peer of a plurality of validating peers in a blockchain network receives, from a non-validating peer, a request to create a root block of a blockchain. The root block includes information related to a potential computer security threat. The validating peer creates the root block with a root block pending validation status. The validating peer shares, with other validating peers of the plurality of validating peers, a notification of the root block with the root block pending validation status to provide an indication of the information. The validating peer determines whether the information is authentic. If the information is determined to be authentic, the validating peer changes the root block pending validation status to a root block authenticated validation status and shares, with the other validating peers, a notification of the root block authenticated validation status to indicate that the information is authentic.
    Type: Grant
    Filed: October 9, 2017
    Date of Patent: August 4, 2020
    Assignee: Cisco Technology, Inc.
    Inventors: K. Tirumaleswar Reddy, Prashanth Patil, Puneeth Rao Lokapalli, Carlos M. Pignataro
  • Patent number: 10733275
    Abstract: An authentication process is activated by a processor receiving an access request for user access to a user device. One or more biometric sensor module captures imaging data or other sensor data within a field of view encompassing the head of the user, or encompassing a head region including the head of the user. The processor carries out biometric recognition methods on the captured imaging data. Biometric recognition methods may include head-limb gesture recognition (including hand-to-face, and limb-near-head, gestures); head recognition; ocular recognition; facial recognition; and combinations of these methods. Upon successful match of captured sensor data with one or more user credential records stored for an authorized user of the user device, the processor authorizes the access request, providing access to the operating environment of the user device on start-up, or to one or more of a system setting, an application program, a data, and a hardware resource.
    Type: Grant
    Filed: March 31, 2017
    Date of Patent: August 4, 2020
    Assignee: Massachusetts Mutual Life Insurance Company
    Inventors: Michal Knas, Jiby John
  • Patent number: 10728227
    Abstract: Disclosed are methods and systems to encrypt and decrypt a data message using Geometric Algebra. The encrypt operation performed on a source computing device uses the geometric product (Clifford Product) of a multivector created from plain text/data of the data message with one or more other multivectors that carry encryption keys, the identity of the source and/or other data-centric information. The source computing device sends the encrypted message to a destination computing device. The decrypt operation performed on the destination computing devices recovers the original message multivector, and ultimately the original data message by employing geometric algebra operations such as multivector inverse, Clifford conjugate and others along with the geometric product.
    Type: Grant
    Filed: August 2, 2017
    Date of Patent: July 28, 2020
    Assignee: X-Logos, LLC
    Inventor: Carlos A. Paz de Araujo
  • Patent number: 10728266
    Abstract: Computerized methods and systems identify malware enabled by automatically generated domain names. An agent executes a malware, in a controlled environment, at a first temporal input value and a second temporal input value. A first set of domain names is generated in response to the execution at the first temporal input value. A second set of domain names is generated in response to the execution at the second temporal input value. The agent compares the first set of domain names with the second set of domain names to produce a comparison output metric.
    Type: Grant
    Filed: August 15, 2017
    Date of Patent: July 28, 2020
    Inventor: Aliaksandr Chailytko
  • Patent number: 10721069
    Abstract: One or more embodiments described herein disclose methods and systems that are directed at providing enhanced privacy, efficiency and security to distributed ledger-based networks (DLNs) via the implementation of zero-knowledge proofs (ZKPs) in the DLNs. ZKPs allow participants of DLNs to make statements on the DLNs about some private information and to prove the truth of the information without having to necessarily reveal the private information publicly. As such, the disclosed methods and systems directed at the ZKP-enabled DLNs provide privacy and efficiency to participants of the DLNs while still allowing the DLNs to remain as consensus-based networks.
    Type: Grant
    Filed: February 22, 2019
    Date of Patent: July 21, 2020
    Assignee: EYGS LLP
    Inventors: Chaitanya Reddy Konda, Duncan James Westland, Paul Richard Brody
  • Patent number: 10715533
    Abstract: A system for detecting by a cloud service a ransomware attack on a client device is provided. The system monitors changes to files of the client device that are stored by the cloud service. The system assesses whether a change to a file appears to be malicious in that the change may be caused by ransomware. When the change to the file appears to be malicious, the system performs a countermeasure to prevent synchronization of files of the client device with other client devices and with the cloud service to prevent the propagating of files from the client device, which is undergoing a ransomware attack.
    Type: Grant
    Filed: December 9, 2016
    Date of Patent: July 14, 2020
    Inventors: Elad Iwanir, Chen Lahav, Gal Tamir
  • Patent number: 10706151
    Abstract: Described systems and methods allow protecting a computer system from malicious software. In some embodiments, a security application organizes a set of monitored executable entities (e.g., processes) into a plurality of groups, wherein members of a group are related by filiation and/or code injection. The security application may further associate a malice-indicative entity score with each monitored entity, and a malice-indicative group score with each entity group. Group scores may be incremented when a member of the respective group performs certain actions. Thus, even though actions performed by individual members may not be malware-indicative per se, the respective group score may capture collective malicious behavior and trigger malware detection.
    Type: Grant
    Filed: October 1, 2018
    Date of Patent: July 7, 2020
    Assignee: Bitdefender IPR Management Ltd.
    Inventors: Gheorghe F. Hajmasan, Radu M. Portase
  • Patent number: 10686811
    Abstract: Techniques described and suggested herein include various systems and methods for using customer-initiated security tests to generate training data for use in improving detection and mitigation capabilities related network intrusion and data security attacks. Such techniques may include implementing machine learning techniques to refine security models used therewith. For example, customers of a computing resource provider may notify the computing resource provider that a security test is scheduled to occur. In response, in some embodiments, information related to the security test may be used to improve an implemented security model.
    Type: Grant
    Filed: November 21, 2014
    Date of Patent: June 16, 2020
    Assignee: Amazon Technologies, Inc.
    Inventor: Braxton Chase Ehle
  • Patent number: 10681014
    Abstract: Methods, systems, and storage media are described for generating, regulating, and distributing regulated content playlists. A cloud computing service/system may facilitate a user in creating a regulated content playlist, verify that the regulated content playlist complies with various standards promulgated by regulatory agencies and/or governing bodies, and facilitate and control distribution of the regulated content playlist to various recipients that are permitted to access the regulated content playlist. Other embodiments may be described and/or claimed.
    Type: Grant
    Filed: June 20, 2017
    Date of Patent: June 9, 2020
    Inventor: Hemingway Huynh
  • Patent number: 10671736
    Abstract: Methods, systems, and computer-readable media are directed towards receiving, at an untrusted component, a query for a data store. The query includes a plurality of data operations. The data store is accessible by the untrusted component. A first proper subset of data operations is determined from the plurality of data operations that do not access sensitive data within the data store. A second proper subset of data operations is determined from the plurality of data operations that access sensitive data within the data store. The first proper subset of data operations is executed, at the untrusted component, to create first results. The second proper subset of data operations is sent to a trusted component for execution. Second results based on the sending the second proper subset of data operations are received from the trusted component. Results to the query are returned based on the first results and the second results.
    Type: Grant
    Filed: October 27, 2017
    Date of Patent: June 2, 2020
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Shriraghav Kaushik, Arvind Arasu, Spyridon Blanas, Kenneth H. Eguro, Manas Rajendra Joglekar, Donald Kossmann, Ravishankar Ramamurthy, Prasang Upadhyaya, Ramarathnam Venkatesan
  • Patent number: 10643216
    Abstract: Systems and methods include: receiving digital event type data that define attributes of a digital event type; receiving digital fraud policy that defines a plurality of digital processing protocols; transmitting via a network the digital event data and the digital fraud policy to a remote digital fraud mitigation platform; using the digital event data to configure a first computing node comprising an events data application program interface or an events data computing server to detect digital events that classify as the digital event type; using digital fraud policy to configure a second computing node comprising a decisioning API or a decisioning computing server to automatically evaluate and automatically select one digital event processing outcome of a plurality of digital event processing outcomes that indicates a disposal of the digital events classified as the digital event type; and implementing a digital threat mitigation application process flow that evaluates digital event data.
    Type: Grant
    Filed: March 19, 2019
    Date of Patent: May 5, 2020
    Assignee: Sift Science, Inc.
    Inventors: Fred Sadaghiani, Micah Wylde, Keren Gu, Eugenia Ho, Noah Grant
  • Patent number: 10630642
    Abstract: The present disclosure relates to network security software cooperatively configured on plural nodes to authenticate and authorize devices, applications, users, and data protocol in network communications by exchanging nonpublic identification codes, application identifiers, and data type identifiers via pre-established communication pathways and comparing against pre-established values to provide authorized communication and prevent compromised nodes from spreading malware to other nodes.
    Type: Grant
    Filed: October 5, 2018
    Date of Patent: April 21, 2020
    Assignee: Stealthpath, Inc.
    Inventors: Mike Clark, Andrew Gordon, Matt Clark
  • Patent number: 10607025
    Abstract: A data structure includes data that allows specific users to access data items that are part of the data structure and allows the users to store data items in association with the data structure. The data structure includes a root node which is the genesis of the data structure. The data structure further includes an access node for each user granted access rights to the data structure. An access node granting a user access rights to the data structure is directly connected to the root node. For a user whose access rights to the data structure are revoked, the data structure includes an additional access node directly connected to the access node that gave the user access rights. The data structure also includes a record node for each data item that is part of the data structure. Each record node is connected to the root node directly or indirectly.
    Type: Grant
    Filed: September 15, 2016
    Date of Patent: March 31, 2020
    Assignee: PeerNova, Inc.
    Inventor: Andrew James Rasmussen
  • Patent number: 10574691
    Abstract: A method of providing infrastructure protection for a network that includes IP addresses as low as a single IP address. An end user sends traffic to an IP address of a projected server publicly available as an anycast address, and sends traffic to the protected network. The traffic is routed via one of several scrubbing centers using the public IP address as anycast address, and the scrubbing center provides infrastructure protection by scanning and filtering the incoming traffic for illegitimate data. After filtering, the legitimate traffic is encapsulated, e.g., via including virtual GRE tunnel information that includes a secret IP address known only to the scrubbing center and the protected server that receives the network traffic. The protected server decapsulates the network packet and responds back to the end user via the scrubbing network.
    Type: Grant
    Filed: June 20, 2017
    Date of Patent: February 25, 2020
    Assignee: Imperva, Inc.
    Inventors: Dvir Shapira, Ehud Cohen, Tomer Bronshtein, Eyal Leshem, Alon Ludmer