Patents Examined by Philip J. Chea
-
Patent number: 12388868Abstract: Aspects of the disclosure relate to generating threat intelligence information. A computing platform may receive forensics information corresponding to message attachments. For each message attachment, the computing platform may generate a feature representation. The computing platform may input the feature representations into a neural network, which may result in a numeric representation for each message attachments. The computing platform may apply a clustering algorithm to cluster each message attachments based on the numeric representations, which may result in clustering information. The computing platform may extract, from the clustering information, one or more indicators of compromise indicating that one or more attachments corresponds to a threat campaign.Type: GrantFiled: December 14, 2023Date of Patent: August 12, 2025Assignee: Proofpoint, Inc.Inventors: Zachary Mitchell Abzug, Kevin Patrick Blissett, Brian Sanford Jones
-
Patent number: 12388819Abstract: A system is provided for authenticating a resource transfer in a peer-to-peer resource sharing electronic network. In particular, the system may receive a request from a first endpoint device to execute a resource transfer with a second endpoint device. The request from the first endpoint device may comprise a selection or designation of an authentication credential associated with the resource transfer. The system may prompt the second endpoint device for an authentication input. Upon receiving the authentication input from the second endpoint device, the system may validate the authentication input using the authentication credential provided using the first endpoint device. Once the authentication input from the second endpoint device has been validated, the system may execute the resource transfer according to the parameters defined by the first endpoint device. In this way, the system may provide a secure way to execute peer-to-peer resource transfers over a network.Type: GrantFiled: February 7, 2023Date of Patent: August 12, 2025Assignee: BANK OF AMERICA CORPORATIONInventors: Vishal Patangia, Joehinth Danishkumar Samuel Theodore
-
Patent number: 12388831Abstract: A method includes identifying a cluster of users with a plurality of devices, where each user from the cluster of users is associated with at least one device from the plurality of devices. The method also includes identifying an authorized user from the cluster of users to delegate role assignments to a remaining portion of the cluster of users and receiving, from the authorized user, a first role assignment for a first user from the remaining portion of the cluster of users. In response to receiving, from the first user, an audio command, the method also includes determining whether the first user is authorized to provide the audio command to the intelligent virtual assistant based on the first role assignment. In response to determining the first user is authorized to provide the audio command, the method also includes performing the audio command from the first user.Type: GrantFiled: September 19, 2022Date of Patent: August 12, 2025Assignee: International Business Machines CorporationInventors: Raghuveer Prasad Nagar, Sarbajit K. Rakshit, Radha Srinivasan, Sidharth Ullal
-
System and method of detecting abnormal act threatening to security based on artificial intelligence
Patent number: 12373555Abstract: Disclosed is a system and a method of detecting an abnormal act threatening to security based on artificial intelligence according to the present invention, and, more particularly, a system and a method of detecting an abnormal act threatening to security based on artificial intelligence that are capable of rapidly carrying out pre-processing of a large-scaled data set based on multi processing, and efficiently detecting the abnormal act threatening to security via various pieces of security device on the basis of studied artificial intelligence.Type: GrantFiled: October 25, 2022Date of Patent: July 29, 2025Assignee: Korea Internet & Security AgencyInventors: Do Won Kim, Tae Eun Kim, Ki Jong Son, Seul Ki Choi, Jong Ki Kim -
Patent number: 12373605Abstract: Secure hashing of large files to verify file identity. In some implementations, a method includes determining a size of a particular file received by an endpoint device, and searching for a record indexed in a data structure based on the size. In response to finding the record, a sequence of multiple records is accessed in the data structure. For each record of the sequence, a particular data portion is hashed that has a location in the particular file that corresponds to a location in the record to obtain a particular hash result. In response to the particular hash result matching a corresponding previous hash result stored in the record based on an associated data portion in an associated file, the particular file is determined to be the same as the associated file, and characteristics of the particular file are determined using file information for the associated file.Type: GrantFiled: September 30, 2022Date of Patent: July 29, 2025Assignee: Sophos LimitedInventor: James Christopher Carpenter
-
Patent number: 12368751Abstract: An electronic device that is communicatively connected to a network includes a communication unit that is communicatively connected to the network, a processor, and a display. The processor performs a detection process of detecting an attack made against the electronic device via the network. When the attack is detected by the detection process, the processor performs a stop process of stopping a function included and used in the communication unit and causes the display to display an authentication information entry prompting indicator that prompts to enter authentication information. When the authentication information is entered, the processor cancels the stop process.Type: GrantFiled: January 24, 2022Date of Patent: July 22, 2025Assignee: Seiko Epson CorporationInventor: Akira Matsumoto
-
Patent number: 12368730Abstract: Systems, methods, and related technologies for threat attribution are described. A method includes accessing network traffic to determine an incident based on a correlation of events as being associated with a same coordinated attack. The incident includes indicators of compromise (IoCs) and a Tactics, Techniques and Procedures (TTPs). The method also includes computing a first probability function based on the IoCs, wherein the first probability function comprises a first set of probability of attributions for a first list of known threat actors, and computing a second probability function based on the TTPs, wherein the second probability function comprises a second set of probability of attributions for a second list of known threat actors.Type: GrantFiled: March 15, 2023Date of Patent: July 22, 2025Assignee: Forescout Technologies, Inc.Inventors: Koen Theodora Wilhelmina Teuwen, Alessandro Manzi, Daniel Ricardo dos Santos, Elisa Costante
-
Patent number: 12361108Abstract: Described is a system for identity fraud detection by receiving an image of a user for an identity verification process of the user; generating a vector embedding for a face within the image using a machine learning model, comparing the vector embedding with at least two embedding repositories to determine a likelihood of fraud by: comparing the vector embedding with a first index of embeddings, the first index being updated at a first time interval; comparing the vector embedding with a second index of embeddings, the second index being updated at a second time interval, the first index and second index having at least a subset of the same points in the multidimensional space; and determining a characteristic of potential fraud based on the comparison of the vector embeddings with the first index and second index; and outputting an identity verification result based on the likelihood of fraud.Type: GrantFiled: December 13, 2024Date of Patent: July 15, 2025Assignee: Raritex Trade Ltd.Inventors: Sanjar Akhmedov, Sergei Travin
-
Patent number: 12355763Abstract: A computer-implemented method of identifying unauthorized logins may include: receiving a login request from a user device; using a machine learning model, generating a score corresponding to the login request, the machine learning model being trained to learn associations between identification data associated with login requests and scores based at least on (i) a set of prior login requests and (ii) a set of login classifications, each of the set of login classifications corresponding to at least one of the set of prior login requests; determining whether the score exceeds a predetermined score threshold; and in response to a determination that the score exceeds the predetermined score threshold, rejecting the login request and prompting a user of the user device to submit a renewed login request.Type: GrantFiled: September 17, 2021Date of Patent: July 8, 2025Assignee: Capital One Services, LLCInventors: Richard Post, Aurielle Catron, Danielle Hagerty, Jason Haile, Derek Lafever, Daniel Parker, Nathan Weilbacher
-
Patent number: 12353581Abstract: Methods, apparatus, and processor-readable storage media for processing transactions using nested data objects are provided herein. An example computer-implemented method includes: generating a nested data object corresponding to a file, where the nested data object includes a first layer for a first transaction related to the file; adding, for each of one or more additional transactions related to the file, a corresponding additional layer to the nested data object, where each layer of the nested data object include one or more respective hash values and one or more respective private keys; and transmitting the nested data object to a user device, where each layer of the nested object are encrypted based on a type of access specified for a user of the user device, and wherein each of the transactions is verifiable based at last in part on the one or more hash values of the corresponding layer.Type: GrantFiled: April 13, 2023Date of Patent: July 8, 2025Assignee: Dell Products L.P.Inventor: Shibi Panikkar
-
Patent number: 12353577Abstract: The disclosed computer-implemented method for dynamic data protection may include intercepting a submit request for sensitive data to a destination, inserting dummy data into the intercepted submit request. The method may also include determining whether the destination is a trusted destination and when the destination is determined to be the trusted destination, replacing the dummy data with real data to complete the submit request to the destination, wherein the real data was previously collected isolated from the submit request. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: March 7, 2024Date of Patent: July 8, 2025Assignee: Gen Digital Inc.Inventors: Iskander Sanchez Rola, David Luz Silva, Bahaa Naamneh
-
Patent number: 12346453Abstract: A method to test an OS kernel interface, such as an eBPF helper function. The interface has a grammar that defines the kernel interface. Testing is carried out using eBPF code that invokes and tests the interface using a fuzzing engine. To facilitate the process, additional user space code is configured to generate at least one kernel event that triggers the eBPF code to run, and to transform inputs from the fuzzing engine according to the grammar that defines the kernel interface. After loading the eBPF code into the OS kernel, the user space code issues the kernel event that causes the eBPF code to run. In response, and as the fuzzing engine executes, the eBPF code records arguments sent to the OS kernel through the kernel interface. The arguments are passed through a data structure shared by the eBPF code and the user space code. By recording the arguments and other diagnostic information, the security of the kernel interface is evaluated.Type: GrantFiled: September 23, 2022Date of Patent: July 1, 2025Assignee: International Business Machines CorporationInventors: Anthony Saieva, Frederico Araujo, Sanjeev Das, Michael Vu Le, Jiyong Jang
-
Patent number: 12346421Abstract: A tattoo detection-based method and system of performing an authentication of video of a person in order to authorize access to a secured resource is disclosed. The user provides image data in which they present a region of skin on which a pattern or code has been tattooed with ink that is invisible to the human eye. The system and method are configured to evaluate the image data to determine whether the cloaked token is present. If a cloaked token is present, the system determines the image is authentic and can verify an identity of the person. In some cases, the system can further be configured to automatically grant the person access to one or more services, features, or information for which he or she is authorized.Type: GrantFiled: October 27, 2022Date of Patent: July 1, 2025Assignee: United Services Automobile Association (USAA)Inventors: Brian Tougas, William Daniel Farmer, Ruthie D. Lyle, Kelly Q. Baker, Ryan Thomas Russell, Noe Alberto Martinez
-
Patent number: 12341777Abstract: There is disclosed in one example an enrollment over secure transport (EST)-capable gateway device, including: a hardware platform including a processor and a memory; a first network interface to communicatively couple to an external network, including an external DNS server; a second network interface to communicatively couple to a home network; a caching DNS server including a local DNS cache, and logic to provide DNS services to the home network; and an EST proxy to authenticate to a local endpoint on the home network, provision a DNS server certificate on the local endpoint, provision an authentication domain name (ADN) on the local endpoint, and provide encrypted domain name system (DNS) services to the local endpoint.Type: GrantFiled: January 22, 2024Date of Patent: June 24, 2025Assignee: McAfee, LLCInventors: Tirumaleswar Reddy Konda, Shashank Jain, Himanshu Srivastava, Naveen Kumar Reddy Kandadi, Piyush Pramod Joshi
-
Patent number: 12341882Abstract: A system for generating cryptographic values. The system includes an imaging assembly for imaging a target member mounted on a base. A controller receives output image data from the image assembly and generates a cryptographic value in response to the output image data. In some embodiments, the target member may be formed from an organic material.Type: GrantFiled: March 8, 2022Date of Patent: June 24, 2025Assignee: SECUREXPERTS INCORPORATEDInventors: William C. Lamb, Darnell Washington
-
Patent number: 12341819Abstract: A private cellular management system detects that a device has connected to a private cellular network. The device is part of a device group that is associated with a policy applicable within an enterprise network and the private cellular network. The private cellular management system generates a determination corresponding to a policy effectiveness associated with the access policy based on different versions of the policy implemented in the enterprise and private cellular networks. The private cellular management system obtains an update to the access policy and applies this update for the device and other devices associated with the device group.Type: GrantFiled: September 1, 2022Date of Patent: June 24, 2025Assignee: Cisco Technology, Inc.Inventors: Timothy P. Stammers, Bhavik Adhvaryu, Irfan Ali
-
Patent number: 12335269Abstract: According to one embodiment of the present application, provided is an access management method of an access control device, comprising the steps of: receiving, from a user terminal, a first advertising packet including open authentication information; generating a key on the basis of at least a first random key; confirming the open authentication information on the basis of the generated key; and determining the opening of a door on the basis of the open authentication information.Type: GrantFiled: January 30, 2024Date of Patent: June 17, 2025Assignee: SUPREMA INC.Inventors: Seong Bin Choi, Young Soo Moon
-
Patent number: 12335414Abstract: There is disclosed a Connected Synthetic Physically Unclonable Function (acronym CSPUF) made of a circuit configured to receive signals of one or more sensors and/or actuators in/of a computer device; determine one or more statistical properties of the noise distribution of the selected one or more of the sensors and/or actuators; receive data IN from one or more external data sources; determine one or more digital signatures (responses) from the statistical properties and the selected external data. In one embodiment, along a response R when challenged by a challenge C, the circuit is configured to receive data IN and/or to communicate data OUT from one or more external data sources. Developments describe uses and advantages of data IN and data OUT channels, e.g. static or dynamic calibration, options to disable the circuit. Other embodiments consider variants of interconnections of two CSPUF circuits, providing “self-cycled”, “iterative”, “cascaded” and other “blockchain” arrangements.Type: GrantFiled: June 27, 2019Date of Patent: June 17, 2025Assignee: SECURE-IC SASInventors: Adrien Facon, Sylvain Guilley
-
Patent number: 12323390Abstract: A policy tree of nodes and leaves is automatically created from a network security policy set, by identifying density zones of policy subsets. Responsive to identifying an uneven density zone in a node of the policy tree, child nodes are generated with normal density zones from the uneven density zones. A policy bitmap is generated from a set of network security policies. A partition number is configured during bitmap labeling for the policy bitmap. A configurable threshold during bitmap labeling is adjustable according to network security policies. Further, a plurality of boundaries between low-density zones and high-density zones utilizing bitmap labeling on the policy bitmap by counting lead zeros and tail zeros.Type: GrantFiled: March 24, 2023Date of Patent: June 3, 2025Assignee: Fortinet, Inc.Inventor: Shushan Wen
-
Patent number: 12323806Abstract: Embodiments herein relate to a method performed by a network node for enabling verification of a broadcast message transmitted from the network node to a wireless device. The network node signals a first public key, to the wireless device, using a secure connection. The network node further transmits a first broadcast message protected by a signature. The signature is generated from at least a protected part of the first broadcast message using a first private key, the first private key being associated with the first public key. Thereby, the broadcast message can be verified by the wireless device using the distributed first public key, thus preventing fake broadcast messages to be accepted by the device.Type: GrantFiled: December 18, 2019Date of Patent: June 3, 2025Assignee: Telefonaktiebolaget LM Ericsson (Publ)Inventors: Nicklas Johansson, Martin Hessler, Pål Frenger