Patents Examined by Syed M Ahsan
  • Patent number: 11962574
    Abstract: Examples are disclosed herein to implement remote authentication and passwordless password reset. An example server includes: at least one processor to forward executable instructions to a client device, the executable instructions, when executed at the client device, to cause the client device to: authenticate a user of an account based on a biometric authentication factor; obtain a local storage key by decrypting an encrypted local storage key with a cloud key obtained from a remote authentication server, the cloud key associated with the client device; decrypt a key bag with the local storage key, the key bag including a content encryption key and an encrypted credential encrypted with the content encryption key, the encrypted credential associated with the user; and decrypt the encrypted credential with the content encryption key to obtain a credential without the user supplying a master password associated with the account.
    Type: Grant
    Filed: September 27, 2019
    Date of Patent: April 16, 2024
    Assignee: McAfee, LLC
    Inventors: Francois Proulx, Mathieu Rene, Richard Reiner
  • Patent number: 11960603
    Abstract: A server manager for detecting ransomware includes a server interface to retrieve, from a storage device, a backup of a plurality of files stored by a client device. A ransomware detection module includes a statistical filter to generate a standard pattern of file activities of the client device for a time period. A statistical behavior analysis is performed on the backup of the plurality of files based on the standard pattern to identify a portion of the backup corresponding to a statistical anomaly different from the standard pattern. The statistical anomaly corresponds to an abnormal file activity. An entropy detector generates an entropy score for the portion of the backup. The entropy score represents a randomness of a distribution of bits in a block of a file in the portion of the backup. It is determined whether the backup includes the ransomware based on the generated entropy score.
    Type: Grant
    Filed: April 24, 2018
    Date of Patent: April 16, 2024
    Assignee: Druva Inc.
    Inventors: Adwait Bhave, Hemanshu Asolia, Neeraj Thakur
  • Patent number: 11962617
    Abstract: Embodiments of the invention are directed to a system, method, or computer program product for cross-channel network security with tiered adaptive mitigation operations. In this regard, the invention is structured for dynamic detection of security events associated with network devices and resources, and triggering real-time mitigation operations across a plurality of resource channels. The invention provides a novel method for employing activity data to construct and implement mitigation actions for de-escalating authorization tiers that are adapted to the specific attributes of the activity data, in order to prevent security exposure associated with the activity. Another aspect of the invention is directed to determining whether to continue the tiered adaptive mitigation actions and/or trigger a security proceed signal.
    Type: Grant
    Filed: March 3, 2021
    Date of Patent: April 16, 2024
    Assignee: BANK OF AMERICA CORPORATION
    Inventors: Michael Joseph Carroll, Jeffrey Brian Bashore, Joel Filliben, Andrew DongHo Kim, Akhilendra Reddy Kotha, Pavan Kumar Reddy Kotlo, Ronnie Joe Morris, Jr., Dharmender Kumar Satija, Michael Shih, Scott Anderson Sims, Craig D. Widmann
  • Patent number: 11949678
    Abstract: A system for limiting access to a digital resource based on detection of unauthorized scraping of the digital resource includes one or more processors configured to execute the instructions to detect, over a network, first data representing a plurality of first interactions by a client device with the digital resource hosted on a host system; extract, from the hardware storage device, second data representing a plurality of second interactions with digital resources, with the second interactions satisfy conditions for an interaction to be authorized; determine a confidence score based on comparing the first and second data, with the confidence score indicating a likelihood that an interaction is unauthorized; based on the determined confidence score indicating that the first interactions are unauthorized, detect, by one or more processing devices, unauthorized scraping of the digital resource; and limit access of the client device to the digital resource.
    Type: Grant
    Filed: March 30, 2021
    Date of Patent: April 2, 2024
    Assignee: KAYAK Software Corporation
    Inventors: Matthias G√ľnther Keller, Algirdas Rascius, Alexei Borisovich Fedotov, Darius Prakaitis
  • Patent number: 11943368
    Abstract: Techniques are described herein that are capable of provisioning a trusted execution environment (TEE) based on (e.g., based at least in part on) a chain of trust that includes a platform on which the TEE executes. Any suitable number of TEEs may be provisioned. For instance, a chain of trust may be established from each TEE to the platform on which an operating system that launched the TEE runs. Any two or more TEEs may be launched by operating system(s) running on the same platform or by different operating systems running on respective platforms. Once the chain of trust is established for a TEE, the TEE can be provisioned with information, including but not limited to policies, secret keys, secret data, and/or secret code. Accordingly, the TEE can be customized with the information without other parties, such as a cloud provider, being able to know or manipulate the information.
    Type: Grant
    Filed: November 3, 2017
    Date of Patent: March 26, 2024
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Mark Fishel Novak, Benjamin Seth Moore
  • Patent number: 11943200
    Abstract: A virtual private network (VPN) security system obtains data regarding a VPN session including (i) for each of a plurality of first subnets, a number of allowed connection attempts by a computer system to that first subnet, (ii) for each of a plurality of second subnets, a number of blocked connection attempts by the computer system to that second subnet, (iii) for each of a plurality of first network ports, a number of allowed connection attempts by the computer system using that first network port, and (iv) for each of a plurality of second network ports, a number of blocked connection attempts by the computer system using that second network port. The security system determines, using a neural network, a metric representing an estimated likelihood that the VPN session is associated with a malicious activity, and controls the VPN session based on the metric.
    Type: Grant
    Filed: March 16, 2021
    Date of Patent: March 26, 2024
    Assignee: Saudi Arabian Oil Company
    Inventor: Faisal Talal Wahbo
  • Patent number: 11943248
    Abstract: Methods, systems, and computer readable media for network security testing using at least one emulated server are disclosed. According to one example method, the method comprises: receiving, from a client device and at an emulated domain name service (DNS) server, a DNS request requesting an Internet protocol (IP) address associated with a domain name; sending, to the client device and from the emulated DNS server, a DNS response including an IP address associated with an emulated server; receiving, from the client device and at the emulated server, a service request using the IP address; sending, to the client device and from the emulated server, a service response including at least one attack vector data portion; and determining, by a test controller and using data obtained by at least one test related entity, a performance metric associated with a system under test (SUT).
    Type: Grant
    Filed: April 6, 2018
    Date of Patent: March 26, 2024
    Assignee: KEYSIGHT TECHNOLOGIES, INC.
    Inventor: Stephen Lee McGregory
  • Patent number: 11936604
    Abstract: An initial risk of an electronic message is determined. Based on the initial risk, it is determined whether to modify the electronic message. In an event it is determined to modify the electronic message: the electronic message is modified; the modified electronic message is allowed to be delivered to an intended recipient of the electronic message; a secondary computer security risk assessment of the electronic message is automatically performed; and based on the secondary computer security risk assessment, the modified message is updated.
    Type: Grant
    Filed: October 17, 2017
    Date of Patent: March 19, 2024
    Assignee: AGARI DATA, INC.
    Inventor: Bjorn Markus Jakobsson
  • Patent number: 11924360
    Abstract: An example operation may include one or more of receiving a blockchain request comprising a timestamp added by one or more endorsing nodes included within a blockchain network, identifying that the timestamp added by an endorsing node from among the one or more endorsing nodes is a modification to a previously added timestamp provided by the computing node, determining a reputation value for the endorsing node based on a difference between the timestamp added by the endorsing node and the previously added timestamp provided by the computing node, and transmitting the determined reputation value of the endorsing node to an ordering node within the blockchain network.
    Type: Grant
    Filed: October 8, 2018
    Date of Patent: March 5, 2024
    Assignee: Green Market Square Limited
    Inventors: Sachiko Yoshihama, Tatsushi Inagaki, Yohei Ueda, Kohichi Kamijoh, Hiroaki Nakamura
  • Patent number: 11899763
    Abstract: Systems are provided for improving computer security systems that are based on user risk scores. These systems can be used to improve both the accuracy and usability of the user risk scores by applying multiple tiers of machine learning to different the user risk profile components used to generate the user risk scores and in such a manner as to dynamically generate and modify the corresponding user risk scores.
    Type: Grant
    Filed: October 19, 2018
    Date of Patent: February 13, 2024
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Sayed Hassan Abdelaziz, Maria Puertas Calvo, Laurentiu Bogdan Cristofor, Rajat Luthra
  • Patent number: 11876809
    Abstract: In a method, a plurality of events is accessed, wherein an event of the plurality of events includes a portion of raw-machine data from a data source of a plurality of data sources. For at least one event of the plurality of events, a transaction phase of a computer security transaction is correlated with the at least one event based at least in part on a data source associated with the at least one event. The transaction phase of the at least one event is correlated with a particular asset of a plurality of assets.
    Type: Grant
    Filed: September 30, 2020
    Date of Patent: January 16, 2024
    Assignee: Splunk Inc.
    Inventor: Munawar Monzy Merza
  • Patent number: 11876808
    Abstract: A method, system, and computer-implemented method to manage threats to a protected network having a plurality of internal production systems is provided. The method includes monitoring network traffic from the plurality of internal production systems of a protected network for domain names. For each internal production system, a first collection of each unique domain name that is output by the internal production system is determined over the course of a long time interval. For each internal production system, a second collection of each unique domain name that is output by the internal production system is determined over the course of a short time interval. Domain names in the first and second collections associated with the plurality of internal production systems are compared to determine suspicious domain names that meet a predetermined condition. A request is output to treat the suspicious the suspicious domain names as being suspicious.
    Type: Grant
    Filed: February 13, 2020
    Date of Patent: January 16, 2024
    Assignee: ARBOR NETWORKS, INC.
    Inventor: Bhargav Pendse
  • Patent number: 11870805
    Abstract: A content management system comprising one or more processing devices, a network interface, and a memory system configured to store programmatic instructions configured to cause the one or more processing devices to perform the following operations is described. An electronic document may be generated and rendered, where the content management system may configure the electronic document as a mesh document, with both forward links and backlinks to other electronic resources. The forward links and/or backlinks may be to local electronic resources or remote electronic resources. The mesh document may be transmitted to client device over an encrypted channel, and the client device may render the electronic document. In response to an activation of a forward or backlink, the corresponding resource may be accessed from a data store, transmitted via the encrypted channel to the client device, and the client device may render such resource.
    Type: Grant
    Filed: April 2, 2020
    Date of Patent: January 9, 2024
    Assignee: California Manufacturing Technology Consulting
    Inventor: Ernest W. Edmonds
  • Patent number: 11855987
    Abstract: A method of utilizing a distributed ledger for a cloud service access control. The method may include receiving, by an identity and access management (IAM) service, an identifier of a client of a cryptographically protected distributed ledger; transmitting, to a proxy service, a subscription request for distributed ledger transactions initiated by the client; receiving, from the proxy service, a transaction notification comprising an identifier of the client, an identifier of an autonomous agent, and an identifier of a cloud service; receiving, from the cloud service, a validation request with respect to an action request submitted by the autonomous agent; validating, using the transaction notification, the action request; and notifying the cloud service of validity of the action request.
    Type: Grant
    Filed: November 9, 2017
    Date of Patent: December 26, 2023
    Assignee: Amazon Technologies, Inc.
    Inventor: Jasmeet Chhabra
  • Patent number: 11855967
    Abstract: A first correspondence table in a terminal device stores a first correspondence between an identifier of a process running on the terminal device and an identifier of a data stream created by the process. A second correspondence table stores a second correspondence between an identifier of an application and an identifier of a process created by the application. The terminal device receives an identifier of a first data stream from a network security device, finds, in the first correspondence table, a first record where the identifier of the first data stream is stored to obtain an identifier of a process in the first record, finds, in the second correspondence table, a second record where the identifier of the process in the first record is stored to obtain an identifier of an application from the second record, and sends the identifier of the application to the network security device.
    Type: Grant
    Filed: January 8, 2020
    Date of Patent: December 26, 2023
    Assignee: Huawei Technologies Co., Ltd.
    Inventors: Youyong Li, Ying Xiong
  • Patent number: 11853853
    Abstract: An anomaly detection system is disclosed capable of reporting anomalous processes or hosts in a computer network using machine learning models trained using unsupervised training techniques. In embodiments, the system assigns observed processes to a set of process categories based on the file system path of the program executed by the process. The system extracts a feature vector for each process or host from the observation records and applies the machine learning models to the feature vectors to determine an outlier metric each process or host. The processes or hosts with the highest outlier metrics are reported as detected anomalies to be further examined by security analysts. In embodiments, the machine learnings models may be periodically retrained based on new observation records using unsupervised machine learning techniques. Accordingly, the system allows the models to learn from newly observed data without requiring the new data to be manually labeled by humans.
    Type: Grant
    Filed: December 31, 2020
    Date of Patent: December 26, 2023
    Assignee: Rapid7, Inc.
    Inventors: Jocelyn Beauchesne, John Lim Oh, Vasudha Shivamoggi, Roy Donald Hodgman
  • Patent number: 11855805
    Abstract: Some embodiments establish for an entity a virtual network over several public clouds of several public cloud providers and/or in several regions. In some embodiments, the virtual network is an overlay network that spans across several public clouds to interconnect one or more private networks (e.g., networks within branches, divisions, departments of the entity or their associated datacenters), mobile users, and SaaS (Software as a Service) provider machines, and other web applications of the entity. The virtual network in some embodiments can be configured to optimize the routing of the entity's data messages to their destinations for best end-to-end performance, reliability and security, while trying to minimize the routing of this traffic through the Internet. Also, the virtual network in some embodiments can be configured to optimize the layer 4 processing of the data message flows passing through the network.
    Type: Grant
    Filed: May 4, 2018
    Date of Patent: December 26, 2023
    Assignee: VMWARE, INC.
    Inventors: Israel Cidon, Chen Dar, Prashanth Venugopal, Eyal Zohar, Alex Markuze
  • Patent number: 11848926
    Abstract: A method for determining an access right of a user terminal to a first network, wherein the user terminal (110) includes a subscription of a second network (150). The method includes: receiving (310) an access request message (240) including a data record for a user name and a data record for a password; determining (320) that the records are in a pre-determined format and that at least one of them includes data from which a subscriber identity for the second network is derivable; generating (330) an authentication request message from the access server (140) to a server (160) configured to perform authentication related tasks in the second network; receiving (340) information on the outcome of the authentication of the subscriber in the second network, generating (350) an acknowledgement to the user terminal (110) indicating right to access to the first network.
    Type: Grant
    Filed: December 6, 2016
    Date of Patent: December 19, 2023
    Assignee: TELIA COMPANY AB
    Inventors: Ilkka Keisala, Joni Rapanen, Jari Kotomaki, Tommi Saranpaa, Niko Suominen, Timo Tunturi, Patrik Maltusch
  • Patent number: 11848940
    Abstract: This disclosure is directed to detecting cybersecurity attacks in data processing systems. Methods, systems, and computer program products perform operations including determining baseline event clusters using baseline event data obtained from deterministic target systems. The operations also include determining a baseline cumulative trajectory of an event over time based on the baseline event clusters. The operations further include determining operational event clusters using operational event data from the deterministic target systems. Additionally, the operations include determining an operational cumulative trajectory of the event over time based on the operational event clusters. Further, the operations include detecting a cyber-attack by comparing the baseline cumulative trajectory of the event with the operational cumulative trajectory of the event.
    Type: Grant
    Filed: August 28, 2015
    Date of Patent: December 19, 2023
    Assignee: THE BOEING COMPANY
    Inventors: Jadranka Mead, James E. Vasatka
  • Patent number: 11838313
    Abstract: Implementations include receiving flow data representative of communication traffic of the network, determining that at least one blacklisted Internet protocol (IP) address is present in the flow data, and in response: providing a set of high-dimensional flow representations of network traffic by processing historical flow data through a deep learning (DL) model, providing a set of low-dimensional flow representations of the network traffic based on the set of high-dimensional flow representations, and labeling at least a portion of the set of low-dimensional flow representations to provide a sub-set of labeled low-dimensional flow representations and a sub-set of unlabeled low-dimensional flow representations, and identifying a host associated with an unlabeled low-dimensional flow representation as a potentially malicious host, and in response, automatically executing a remedial action with respect to the potentially malicious host.
    Type: Grant
    Filed: July 26, 2019
    Date of Patent: December 5, 2023
    Assignee: Accenture Global Solutions Limited
    Inventors: Vicknesh Manoselvam, Boon Siew Seah, Kamal Mannar