Patents Examined by Noura Zoubair
  • Patent number: 11190540
    Abstract: The technology disclosed relates to detecting a data attack on a local file system. The detecting includes scanning a list to identify files of the local file system that have been updated within a timeframe, reading payloads of files identified by the scanning, calculating current content properties from the payload of the files, obtaining historical content properties of the files, determining that a malicious activity is in process by analyzing the current content properties and the historical content properties to identify a pattern of changes that exceeds a predetermined change velocity. Further, the detecting includes determining that the malicious activity is in process by analyzing the current content properties and known patterns of malicious metadata to identify a match between the current metadata and the known patterns of malicious metadata, determining a machine/user that initiated the malicious activity, and implementing a response mechanism that restricts file modifications by the machine/user.
    Type: Grant
    Filed: November 4, 2019
    Date of Patent: November 30, 2021
    Assignee: Netskope, Inc.
    Inventors: Sean Hittel, Krishna Narayanaswamy, Ravindra K. Balupari, Ravi Ithal
  • Patent number: 11184326
    Abstract: A system and method for intercepting intra-network traffic for smart appliance behavior analysis. A network traffic hub is configured to intercept network traffic between a switch and a router. A smart appliance sends a message to the router, such as a DHCP request when the smart appliance joins the network. The router sends a response to the smart appliance. The network traffic hub intercepts and modifies the response to instruct the smart appliance to send all future intra-network traffic through the network traffic hub and the router. In some embodiments, the network traffic hub alters a network mask in the response message to instruct the smart appliance to send traffic through the network traffic hub. The network traffic hub then extracts data from the network traffic and uses that data for behavior analysis of smart appliances.
    Type: Grant
    Filed: May 30, 2019
    Date of Patent: November 23, 2021
    Assignee: Cujo LLC
    Inventor: Pedro de Alvarenga Bastos
  • Patent number: 11184355
    Abstract: Aspects of the disclosure relate to preventing unauthorized access to secured information systems. A computing platform may receive, from an end user desktop computing device, a request to login to a user account associated with a user account portal. In response to receiving the request, the computing platform may generate an authentication token in an authentication database and may send a notification to at least one registered device linked to the user account. After sending the notification, the computing platform may receive, from the at least one registered device, an authentication response message. If the authentication response message indicates that valid authentication input was received, the computing platform may update the authentication token to indicate that the request to login to the user account has been approved. After updating the authentication token, the computing platform may provide, to the end user desktop computing device, access to a portal interface.
    Type: Grant
    Filed: April 7, 2021
    Date of Patent: November 23, 2021
    Assignee: Bank of America Corporation
    Inventors: Ashish Arora, Muniraju Jayaramaiah, Xianhong Zhang
  • Patent number: 11178172
    Abstract: The technology disclosed relates to detecting a data attack on a file system stored on an independent data store. The detecting includes scanning a list to identify files of the independent data store that have been updated within a timeframe, assembling current metadata for files identified by the scanning, obtaining historical metadata of the files, determining that a malicious activity is in process by analyzing the current metadata of the files and the historical metadata to identify a pattern of changes that exceeds a predetermined change velocity. Further, the detecting includes determining that the malicious activity is in process by analyzing the current metadata of the files and known patterns of malicious metadata to identify a match between the current metadata and the known patterns of malicious metadata, determining a machine/user that initiated the malicious activity, and implementing a response mechanism that restricts file modifications by the determined machine/user.
    Type: Grant
    Filed: November 8, 2019
    Date of Patent: November 16, 2021
    Assignee: NETSKOPE, INC.
    Inventors: Sean Hittel, Krishna Narayanaswamy, Ravindra K. Balupari, Ravi Ithal
  • Patent number: 11178166
    Abstract: A methodology as described herein allows cyber-domain tools such as computer aided-manufacturing (CAM) to be aware of the existing information leakage. Then, either machine process or product design parameters in the cyber-domain are changed to minimize the information leakage. This methodology aids the existing cyber-domain and physical-domain security solution by utilizing the cross-domain relationship.
    Type: Grant
    Filed: March 29, 2019
    Date of Patent: November 16, 2021
    Assignee: THE REGENTS OF THE UNIVERSITY OF CALIFORNIA
    Inventors: Mohammad Abdullah Al Faruque, Jiang Wan, Sujit Rokka Chhetri, Sina Faezi
  • Patent number: 11163889
    Abstract: A system provides analysis of computer application vulnerabilities via multidimensional correlation and prioritization. The system may begin by generating a data repository of each application within a computing environment. Once the data repository is generated, the system may assess the dependencies, relationships, and vulnerabilities of the applications and processes used within the system. The system may perform assessments across multiple dimensions and/or metrics (e.g., impacts on users, devices, networks, applications, and/or data). Based on performing said assessments, the system may calculate relatedness and/or dependency scores across the dimensions or metrics, where the scores may be used to generate a prioritization scheme for making changes to application code or applying updates.
    Type: Grant
    Filed: June 14, 2019
    Date of Patent: November 2, 2021
    Assignee: BANK OF AMERICA CORPORATION
    Inventors: Brandon Sloane, Brian Diederich
  • Patent number: 11159567
    Abstract: Methods, systems, and computer program products are described herein for detecting malicious cloud-based resource allocations. Such detection may be achieved using machine learning-based techniques that analyze sequences of cloud-based resource allocations to determine whether such sequences are performed with a malicious intent. For instance, a sequence classification model may be generated by training a machine learning-based algorithm on both resource allocation sequences that are known to be used for malicious purposes and resource allocation sequences that are known to be used for non-malicious or benign purposes. Using these sequences, the machine learning-based algorithm learns what constitutes a malicious resource allocation sequence and generates the sequence classification model.
    Type: Grant
    Filed: August 11, 2018
    Date of Patent: October 26, 2021
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC
    Inventors: Ram Haim Pliskin, Roy Levin
  • Patent number: 11146399
    Abstract: One or more embodiments described herein disclose methods and systems that are directed at facilitating access to and retrieval of data concealed on a distributed ledger-based network (DLN) with the use of zero-knowledge proof (ZKP) techniques. The methods and systems allow for the encryption, using an encryption key, of data related to a transaction between participants of the DLN, the encryption of the encryption key using a public key of an auditor of the transaction, and the generation of a ZKP that the encryption key used to encrypt the data corresponds to the encryption key encrypted using the public key such that the encrypted encryption key and/or the encrypted data are available to the auditor after the ZKP is verified by a self-executing code segment of the DLN. The ZKP also includes a proof that the encrypted data includes the transaction data.
    Type: Grant
    Filed: June 20, 2019
    Date of Patent: October 12, 2021
    Inventors: Duncan James Westland, Chaitanya Reddy Konda, Paul Richard Brody
  • Patent number: 11128633
    Abstract: Systems and methods are provided for receiving a request to access a service catalog from a computing device associated with a tenant with authorization to access a custom microservice and the core microservices of the service catalog, and determining that the service catalog associated with the tenant comprises the custom microservice. The systems and methods further provide for determining routing information from the service catalog to make a request to the custom microservice, routing the request to the custom microservice based on the determined routing information, wherein the request is routed to a tenant computing system associated with the custom microservice, receiving a payload from the tenant computing system associated with the custom microservice, and generating a user interface comprising representations corresponding to the custom microservice and each of the core microservices, the representations corresponding to the custom microservice based on the received payload.
    Type: Grant
    Filed: June 17, 2019
    Date of Patent: September 21, 2021
    Assignee: SAP SE
    Inventors: Anubhav Bhatia, Patrick Brose
  • Patent number: 11122058
    Abstract: A method for monitoring online security threats comprising of a machine-learning service that receives data related to a plurality of features related to internet traffic metrics, the service then processes said data by performing operations selected from among: an operation of ranking at least one feature, an operation of classifying at least one feature, an operation of predicting at least one feature, and an operation of clustering at least one feature, and as a result the machine learning service outputs metrics that aid in the detection, identification, and prediction of an attack.
    Type: Grant
    Filed: July 23, 2015
    Date of Patent: September 14, 2021
    Assignee: SECLYTICS, INC.
    Inventor: Saeed Abu-Nimeh
  • Patent number: 11122036
    Abstract: Systems and methods are provided for use in enabling, providing, and managing digital identities in association with mobile communication devices. One exemplary method includes capturing an image of a physical document comprising a biometric of a user associated with the physical document, and extracting the biometric from the image and converting it to a biometric template. The method also includes capturing a biometric of the user and comparing it to the biometric template. The method then includes, when the captured biometric matches the biometric template, transmitting a message to an identification provider comprising at least the image of the physical document and the biometric template, whereby the biometric template is verified against a repository, and binding data representative of the mobile communication device, a mobile application included therein, and the biometric template and/or the captured biometric of the user into a token.
    Type: Grant
    Filed: September 18, 2018
    Date of Patent: September 14, 2021
    Assignee: MASTERCARD INTERNATIONAL INCORPORATED
    Inventors: Sumeet Bhatt, Ashfaq Kamal
  • Patent number: 11095648
    Abstract: Various techniques for implementing computer dashboards as cloud-based services are disclosed herein. In one embodiment, a method includes receiving a dashboard file at a server via a computer network, the dashboard file identifying a dashboard having one or more graphical user interface elements individually configured to display and dynamically update data associated with a cloud-based service. The dashboard file further contains metadata indicating a cloud-based subscription. The method also includes associating the received dashboard file with the cloud-based subscription, identifying one or more entities allowed to access the dashboard based on the cloud-based subscription, and displaying, via the computer network, the dashboard identified by the dashboard file to the one or more entities upon verification of the cloud-based subscription.
    Type: Grant
    Filed: June 21, 2019
    Date of Patent: August 17, 2021
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC
    Inventors: Adam Abdelhamed, Leon Welicki, Brad Olenick, Mo Wang, Christopher Scrosati, Josh Keckley, Jon Harris, Khetthai Laksanakorn
  • Patent number: 11089021
    Abstract: Methods and apparatus that allow clients to establish sub private networks as resources within private networks on a provider network. A sub private network may be owned and controlled by a different entity than the owner of its parent private network. A parent private network controls access to its sub private networks, and each sub private network also controls access to its resources. This enables a layered topology in which a parent private network may establish access control rules for its sub private networks; the sub private networks may supplement the access control according to their specific needs. Sub private networks may share resources of their parent private network, and a sub private network may allow or restrict access to its resources by its parent private network, by its sibling private networks, and/or by its own sub private network(s).
    Type: Grant
    Filed: February 15, 2019
    Date of Patent: August 10, 2021
    Assignee: Amazon Technologies, Inc.
    Inventors: Edward Max Schaefer, Upendra Bhalchandra Shevade
  • Patent number: 11075895
    Abstract: A cloud operation interface sharing method, a related device includes: displaying, by a first terminal device, a first message sent by a cloud operating system of a second terminal device, where the first message carries first authentication information and address information of the cloud operating system, and the first message informs the first terminal device that the second terminal device authorizes the first terminal device to use the cloud operating system; requesting, by the first terminal device, authentication from the cloud operating system; after the authentication succeeds, establishing, by the first terminal device, a connection to the cloud operating system; receiving, by the first terminal device, interface information sent by the cloud operating system; and switching, by the first terminal device, a currently displayed first operation interface to a second operation interface corresponding to the interface information.
    Type: Grant
    Filed: December 31, 2015
    Date of Patent: July 27, 2021
    Assignee: Huawei Technologies Co., Ltd.
    Inventors: Fen Yang, Mingxing Cai
  • Patent number: 11074372
    Abstract: A secure terminal, particularly for protecting smartphones or tablets, includes: a display system including a screen and a graphical component for carrying out commands to display visual data on the screen; a central processing unit for carrying out executable program instructions and sending display commands to the display system; and a communication device connecting the central processing unit to the display system; a security processor for securely interpreting and/or processing display commands of secure visual data on the screen; a communication device connecting the security processor to the display system; and a means for visual recognition, by a user of the terminal, of a secure mode for displaying the secure visual data, which is displayed on the screen when the secure visual data is displayed, and is controlled by the security processor.
    Type: Grant
    Filed: September 22, 2015
    Date of Patent: July 27, 2021
    Assignee: PROVENRUN
    Inventor: Dominique Bolignano
  • Patent number: 11063761
    Abstract: Disclosed herein are methods, systems, and apparatus, including computer programs encoded on computer storage media, for enabling paperless documentation. One method includes identifying one or more electronic forms to be filled out and submitted. At each step of a plurality of steps: generating a unique identifier (ID) based on a time that the step is performed and digital content on the electronic form at the time; recording the unique ID, the time, and the digital content on the blockchain; embedding the unique ID in the digital content at the time by changing one or more attributes associated with the digital content to be representative of the unique ID, where the embedding produces information-embedded digital content that enables retrieval of the time and the digital content from the blockchain based on the unique ID; and recording the information-embedded digital content to the blockchain.
    Type: Grant
    Filed: December 13, 2019
    Date of Patent: July 13, 2021
    Assignee: Advanced New Technologies Co., Ltd.
    Inventor: Zhiguo Li
  • Patent number: 11063980
    Abstract: Examples described herein relate to systems and methods for integrating and implementing ad hoc groups within a policy hierarchy environment. The ad hoc groups may implement particular guidelines for group membership, policy evaluations, and group actions. Systems and methods provide a framework for creating groups, removing groups, and associating groups, nodes, clients, and users with groups and policy.
    Type: Grant
    Filed: February 22, 2017
    Date of Patent: July 13, 2021
    Assignee: Fornetix LLC
    Inventors: Stephen Edwards, Gerald J. Stueve, Gary C. Gardner, Charles White
  • Patent number: 11057380
    Abstract: A method of detecting fraudulent activity during authenticating users and user identifications includes initiating a user's device to capture a sequence of images of the user to be authenticated commencing when the camera is operational and prior to receiving from the user a selection of the control that triggers capture of images and continuing until detecting that the user has selected the control to trigger capture of images, thereby enabling capture of activity performed by the user prior to and contemporaneous with selecting the control, including any attempted fraudulent activity of the user to be authenticated. Video, still images and audio of the user seeking authentication can be captured.
    Type: Grant
    Filed: June 17, 2019
    Date of Patent: July 6, 2021
    Assignee: Namecheap, Inc.
    Inventors: Phillip McKegney, Hicham Al Mallah
  • Patent number: 11050716
    Abstract: The present invention relates to the telecommunications sector and, in particular, to the field of telematics. More specifically, the invention describes a method and system for defining an improved network technology that can be used for communication and to operate secure communications between processes, based on the secure proxying of local area network sockets that may be between different devices. In particular, the system and method describe how socket proxies are established and managed between devices and how the security of said socket proxies in the local area thereof is enhanced and operated using security contexts. These contexts are configured based on privilege separation and local packet marking and filtering, and they allow applications to delegate all aspects relating to the security of the communications in the present invention.
    Type: Grant
    Filed: June 3, 2018
    Date of Patent: June 29, 2021
    Inventor: Jorge David de Hoz Diego
  • Patent number: 11038686
    Abstract: In an embodiment of the present disclosure, a biometric identification device comprises a conversion engine configured to receive a key file, receive a biometric file, wherein the biometric file is different from the key file and comprises biometric identification information of a user, convert the key file into a first numeric representation, and convert the biometric file into a second numeric representation. The biometric identification device further comprises a hashing engine configured to create a superimposed numeric representation by performing a convolution operation on the first numeric representation and the second numeric representation, convert the superimposed numeric representation into a hash value, and store the hash value.
    Type: Grant
    Filed: September 20, 2019
    Date of Patent: June 15, 2021
    Assignee: Bank of America Corporation
    Inventors: Pinak Chakraborty, Sandeep K. Chauhan