Patents Examined by Saleh Najjar
  • Patent number: 11356463
    Abstract: Methods and systems for detecting malicious processes. Methods described herein gather data regarding process locations and calculate one or more inequality indicators related to the process paths based on economic principles. Instances of inequality with respect to process paths may indicate a path is uncommon and therefore the associated binary is used for malicious purposes.
    Type: Grant
    Filed: September 18, 2019
    Date of Patent: June 7, 2022
    Assignee: Rapid7, Inc.
    Inventors: Roy Hodgman, Oliver Keyes, Wah-Kwan Lin, Michael Scutt, Timothy Stiller
  • Patent number: 11354411
    Abstract: Instruction classification and software intrusion detection is performed. Program instruction execution of a processor of a microcontroller unit (MCU) is monitored via side-channel signal analysis, the monitoring including capturing a signal trace of a physical property of the MCU that leaks information correlated with the program instruction execution of the MCU, the signal trace indicating a value of the physical property over time. From the signal trace, time domain features, frequency domain features, and Mel Frequency Cepstral Coefficients (MFCC) features are extracted. A model is utilized for instruction detection to identify an execution signature based on the time domain features, frequency domain features, and MFCC features. The execution signature is compared to one or more reference instruction signatures. A remedial action is performed responsive to the execution signature failing to match to the one or more reference instruction signatures.
    Type: Grant
    Filed: March 18, 2020
    Date of Patent: June 7, 2022
    Assignee: Robert Bosch GmbH
    Inventors: Mesbah Uddin, Stefan Gehrer, Jorge Guajardo Merchan
  • Patent number: 11349669
    Abstract: In one aspect, a computer system for vehicle configuration verification, and/or detecting unauthorized vehicle modification may be provided. In some exemplary embodiments, the computer system may include a processor and a non-transitory, tangible, computer-readable storage medium having instructions stored thereon that, in response to execution by the processor, cause the processor to perform operations including: (1) receiving a vehicle image, including a vehicle identifier and at least one software module; (2) calculating a configuration hash value of the at least one software module; generating a first data block including the configuration hash value, a first index value, the vehicle identifier, and a digital signature; (3) storing the first data block in a memory; and/or (4) transmitting the first data block to any number of network participants using a distributed network to facilitate vehicle software configuration verification.
    Type: Grant
    Filed: July 3, 2018
    Date of Patent: May 31, 2022
    Assignee: STATE FARM MUTUAL AUTOMOBILE INSURANCE COMPANY
    Inventors: Matthew Lewis Floyd, Leroy Luther Smith, Jr., Brittney Benzio, Nathan Barnard, Shannon Marie Lowry
  • Patent number: 11349830
    Abstract: In an implementation of identifying related computing devices for automatic user account login, a login request to a user account that includes a unique identification (ID) of a user computing device and an internet protocol (IP) address of the user computing device are received. One or more user computing devices that have logged in to the user account using a same IP address as the user computing device are identified based on a user ID of the user account and the unique ID of the user computing device. Whether one or more unique IDs corresponding to the one or more user computing devices that have logged in to the user account are correlated with the unique ID of the user computing device is determined. If yes, data corresponding to login information used by the one or more user computing devices to log in to the user account to the user computing device for automatic account login are sent.
    Type: Grant
    Filed: May 27, 2021
    Date of Patent: May 31, 2022
    Assignee: Advanced New Technologies Co., Ltd.
    Inventor: Tengfei Fang
  • Patent number: 11329805
    Abstract: A method for operating a first vehicle-side terminal is provided, wherein the first vehicle-side terminal determines at least one symmetric group key that is assigned to the group of terminals, encrypts the at least one symmetric group key with a public asymmetric individual key that is assigned to a second vehicle-side terminal or with a symmetric pair key that is assigned to the second vehicle-side terminal, transmits the encrypted symmetric group key in the direction of the second vehicle-side terminal, receives an encrypted message from the second vehicle-side terminal, and decrypts the encrypted message depending on the symmetric group key.
    Type: Grant
    Filed: August 23, 2019
    Date of Patent: May 10, 2022
    Assignee: Robert Bosch GmbH
    Inventors: Christian Zimmermann, Norbert Bissmeyer
  • Patent number: 11323274
    Abstract: In an embodiment, a computing resource service provider provides a certificate management service that allows customers of the computing resource service provider to create, distribute, manage, and revoke digital certificates issued by private certificate authorities. In an embodiment, a private certificate authority hosted by the computing resource service provider is able to issue signed certificates to network entities within the customer enterprise. In an embodiment, the certificate management service provides a network-accessible application programming interface to the private certificate authority that allows applications to create and deploy private certificates programmatically. In an embodiment, the system provides the flexibility to create private certificates for applications that require custom certificate lifetimes or resource names.
    Type: Grant
    Filed: June 25, 2018
    Date of Patent: May 3, 2022
    Assignee: Amazon Technologies, Inc.
    Inventors: Peter Zachary Bowen, Todd Lawrence Cignetti, Preston Anthony Elder, III, Brandonn Gorman, Ronald Andrew Hoskinson, Jonathan Kozolchyk, Kenneth Lawler, Marcel Andrew Levy, Kyle Benjamin Schultheiss, Sandeep Shantharaj, Param Sharma, Jose Maria Silveira Neto
  • Patent number: 11316895
    Abstract: Disclosed herein are systems and methods that may generate so-called “honey credentials” that are transmitted to a “phishing” website, and are then stored into a honey credential database. The honey credentials appear to be valid credentials, but whenever a bad actor attempts to access an enterprise using the honey credentials, security appliances the enterprise may update the records of the honey credential database to include one or more unique identifiers for each bad actor device that attempts to access the enterprise network using the honey credentials. A server may automatically query the honey credential database to identify other accounts that have been accessed by devices that used the honey credentials to access the enterprise. The server may then flag the accounts and restrict their functionality.
    Type: Grant
    Filed: October 20, 2017
    Date of Patent: April 26, 2022
    Assignee: United Services Automobile Association (USAA)
    Inventors: Jordan Wright, William Jennings Woodson, Justin Sommers Gray
  • Patent number: 11310211
    Abstract: The disclosed technology relates to securely sharing data between a hearing care professional (HCP) and a hearing device user. For example, the disclosed technology relates to securely accessing fitting data for a hearing device. The disclosed technology includes a hearing device that has a memory, where the memory stores a key that can be used for encryption and decryption. The key can be a symmetrical key. In addition to storing a key, the hearing device can store a uniform resource indicator (URI) in its memory.
    Type: Grant
    Filed: June 25, 2018
    Date of Patent: April 19, 2022
    Assignee: Sonova AG
    Inventors: Philipp Schneider, Aliaksei Tsitovich, Filip Wojcieszyn, Daniel Schmid
  • Patent number: 11310060
    Abstract: Systems and methods are described for using equivalent secret values across different elliptic curves. For example, a transferring party may wish to exchange a first asset on a first blockchain with a recipient for a second asset on a second blockchain. After exchanging sets of public keys with a recipient, a transferring party may generate a zero-knowledge proof and public keys associated with a selected bitstring. The recipient may then verify the proof, which shows that private keys associated with the public keys associated with the bitstring are both derived from the bitstring without revealing the bitstring itself. Once validity of the private keys has been established, the transferring party may publish a second signature to claim the second asset. The published second signature may then be used to publish a first signature (generated using the selected bitstring) on the first blockchain to claim the first asset.
    Type: Grant
    Filed: February 15, 2019
    Date of Patent: April 19, 2022
    Assignee: Blockstream Corporation
    Inventors: Andrew Poelstra, Jonas Nick
  • Patent number: 11310220
    Abstract: A target device is associated with a source device. A system includes a target device that enters an association mode, obtains an identification code, and broadcasts the identification code. A source device receives the broadcast, obtains authorization to associate with the target device, and provides a message to an association server. The association server receives the message and associates the target device and the source device in response thereto.
    Type: Grant
    Filed: October 25, 2018
    Date of Patent: April 19, 2022
    Assignee: Spotify AB
    Inventors: Jimmy Wahlberg, Nicklas Söderlind
  • Patent number: 11310052
    Abstract: Know your customer regulations and security concerns, among other reasons, motivate institutions to ensure that entities with whom the institutions have dealings are who they say they are. A block of the blockchain discussed herein includes entity verifications generated by institutions that participate in the blockchain. An individual verification may include a hash of personal information associated with an entity that was authenticated by an institution. An institution seeking to authenticate (or deny) an entity may receive personal information from the entity, hash that personal information, and search the blockchain for any matching verifications (e.g., by attempting to match the hashed personal information to hash(es) associated with a verification in the blockchain).
    Type: Grant
    Filed: July 31, 2018
    Date of Patent: April 19, 2022
    Assignee: Block, Inc.
    Inventors: Natalie Keogh, Loren Heiman, Daniel Swislow, Brian John Mullins
  • Patent number: 11303461
    Abstract: The inventive concept provides a security device capable of reducing an area of a die required for implementation of a stable PUF by increasing the value of entropy from a predefined number of entropy sources and/or minimizing a blind zone of a validity checking module. The security device uses an asynchronous configuration to minimize a blind zone. In various embodiments of the inventive concept, the blind zone is generated only in a period when a reset signal is at a first logic level. Therefore, it is possible to minimize the blind zone by minimizing a period in which the reset signal is at such logic level. A semiconductor device, semiconductor package, and/or smart card can be provided with such security device, as well as a method for determining a validity of a random signal using a semiconductor security device.
    Type: Grant
    Filed: November 8, 2019
    Date of Patent: April 12, 2022
    Inventors: Ihor Vasyltsov, Karpinskyy Bohdan, Kalesnikau Aliaksei, Yun-Hyeok Choi
  • Patent number: 11288405
    Abstract: An IC comprising functional circuit to perform primary functions of the IC is provided. The functional circuit is to enable electrical signals to propagate through it within a timing constraint of the functional circuit. The IC comprises at least one canary circuit used for detecting glitch attacks on the circuit. Electrical signals are to propagate through the canary circuit(s) within a defined timing constraint of the canary circuit(s). The canary circuit is to provide a signal path designed such that in the event of a timing constraint of the functional circuit(s) is violated due to a glitch attack, also the timing constraint of the canary circuit(s) is violated.
    Type: Grant
    Filed: October 25, 2018
    Date of Patent: March 29, 2022
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Pierre Belgarric, David Plaquin, Eugene Cohen, Chris R. Gunning
  • Patent number: 11281804
    Abstract: Various embodiments of apparatuses and methods for protecting data integrity in a content distribution network (“CDN”) are described. Code or data in one of the servers or instances of a CDN might sometimes become incorrect or corrupt. One corrupted server or instance can potentially impact a considerable portion of the CDN. To solve these and other problems, various embodiments of a CDN can designate one or more parameters, which are then identified in a request for content to another entity. In these embodiments, the CDN can generate an encoding of the expected values of the designated parameters. The CDN can then compare, in these embodiments, its encoding of the expected values to an encoding of the values received from the other entity in response to the request. The CDN can validate the content of the response, as well as the identity of the other entity, in some embodiments.
    Type: Grant
    Filed: March 28, 2019
    Date of Patent: March 22, 2022
    Assignee: Amazon Technologies, Inc.
    Inventors: Karthik Uthaman, Ronil Sudhir Mokashi
  • Patent number: 11277439
    Abstract: Systems and methods are described that mitigate and/or prevent distributed denial-of-service (DDOS) attacks. In one implementation, a gateway include one or more processors that obtain network data from one or more entities associated with the gateway, provide the network data to a server, and obtain a set of entity identifiers from the server. The set of entity identifiers may be generated based on at least the network data. The one or more processors may further filter communications based on the set of entity identifiers.
    Type: Grant
    Filed: July 17, 2017
    Date of Patent: March 15, 2022
    Assignee: Neustar, Inc.
    Inventor: Brian R. Knopf
  • Patent number: 11275835
    Abstract: Systems and methods for performing a repeat antivirus scan of a file are disclosed. A local database is saved on a mobile device, where each record is added to the database when the corresponding file is recognized as being non-malicious as a result of an antivirus scan. A short hash sum of the file is computed and the long hash sum of the file and information about the antivirus scan performed and corresponding to the first hash sum of the file are found in the aforementioned database. Using the long hash sum, a verdict on the file is requested from the cloud services. An antivirus scan of the file is performed, except when the verdict obtained is unchanged (as compared to the verdict contained in the information about the antivirus scan performed of the obtained record corresponding to the file), and no updating of the antivirus databases has occurred since the date of performing the antivirus scan.
    Type: Grant
    Filed: September 18, 2019
    Date of Patent: March 15, 2022
    Assignee: AO Kaspersky Lab
    Inventors: Victor V. Chebyshev, Dmitry N. Glavatskikh, Konstantin M. Filatov, Vladimir A. Kuskov
  • Patent number: 11275865
    Abstract: Systems and methods providing user privacy in association with decentralized ledger technology are disclosed. Improved methods and systems for access control are disclosed wherein an access request can be received at the distributed ledger to fetch a data file without disclosing requester identity, that can verify the access request at the decentralized ledger as a legitimate request or as a malicious/faulty request, and can assist a user of a legitimate request to access the data and deny access to malicious/faulty requests that are compatible with a decentralized ledger environment.
    Type: Grant
    Filed: August 23, 2019
    Date of Patent: March 15, 2022
    Assignee: Conduent Business Services, LLC
    Inventors: Lei Xu, Isaac Manny Markus Serfaty, Nikhil Nayab
  • Patent number: 11265167
    Abstract: A method is performed at a security device. The method includes establishing a network connection with a client system. After establishing the network connection, the security device receives a first packet from the client system. The first packet includes an identifier, a first counter value, and a first one-time password hash generated by the client system. Based on the identifier received, the security device retrieves from a trusted data store the seed and a second counter value. If the first counter value is larger than the second counter value, the security device generates a second one-time password hash based on the identifier, the first counter value, and the seed. In accordance with a determination that the first and second one-time password hashes match, the security device grants, to the client system, access to one or more network resources protected by the security device via the network connection.
    Type: Grant
    Filed: October 21, 2020
    Date of Patent: March 1, 2022
    Assignee: Verizon Patent and Licensing Inc.
    Inventors: Ted Schroeder, Gabor Lengyel
  • Patent number: 11263332
    Abstract: A computer system, processor, and method for processing information is disclosed that includes watching logical operations to detect unauthorized attempts to access a register, and taking evasive action in response to detecting unauthorized attempts to access the register. In an embodiment, the register is a hidden, secret, restricted, or undocumented register, and the method further includes, in response to unauthorized attempts to access the secret register, locking the contents of the secret register. The evasive action may include one or more of interrupting the operations of the processor; causing the processor to shut-down, malfunction, lock, self-destruct; no longer providing read or write permission or access to the register; releasing data disguised to look like the real register data while not releasing the real data; and combinations thereof.
    Type: Grant
    Filed: July 31, 2018
    Date of Patent: March 1, 2022
    Assignee: International Business Machines Corporation
    Inventors: Mark Fredrickson, Chad Albertson, Scott D. Frei, David G. Wheeler
  • Patent number: 11258788
    Abstract: Disclosed embodiments relate to systems and methods for automatically detecting and addressing security risks in code segments. Techniques include identifying a request from a network identity for an action involving a target network resource, wherein the action requires a temporary access token. Techniques further include performing, based on a security policy, at least one of: storing the temporary access token separate from the network identity and providing the network identity with a customized replacement token having an attribute different from the temporary access token; or creating a customized replacement role for the network identity, the customized replacement role having associated permissions that are customized for the network identity based on the request.
    Type: Grant
    Filed: May 8, 2020
    Date of Patent: February 22, 2022
    Assignee: CyberArk Software Ltd.
    Inventors: Omer Tsarfati, Asaf Hecht