Patents Examined by Thomas Ho
  • Patent number: 10412111
    Abstract: System and methods for determining network threats are disclosed. For each entity operating in a network being monitored for network security, an example method obtains an observed metric value for each metric that characterizes actions performed by the entity. Each observed metric value may be input into a machine learning model that is specific to the metric in order to determine an anomaly score for the observed metric value that represents how anomalous the observed metric value is relative to an expected metric value for the metric. A threat score may then be determined for each entity from the anomaly scores for each metric. A security threat presentation that identifies one or more high-scoring entities according to the threat scores may be generated and provided for display on a user device.
    Type: Grant
    Filed: December 30, 2016
    Date of Patent: September 10, 2019
    Assignee: eSentire, Inc.
    Inventors: Dustin Lundring Rigg Hillard, Art Munson, Lawrence Cayton, Scott Golder
  • Patent number: 10404748
    Abstract: Systems and methods for cyber risk analysis and remediation using network monitored sensors are provided herein. An example system includes one or more data collecting devices deployed within a network that collect entity information and monitor network traffic of the network that is related to security information. The network includes computing systems that are subject to a cyber risk policy having breach parameters defining one or more events that are indicative of a cyber security breach. A cyber security risk assessment and management system is used to automatically detect occurrence of one or more of the events that are indicative of a cyber security breach, automatically determine the breach parameters that apply for the one or more events that occurred, and generates a remediation of cyber security parameters for the network.
    Type: Grant
    Filed: March 28, 2016
    Date of Patent: September 3, 2019
    Assignee: Guidewire Software, Inc.
    Inventors: Arvind Parthasarathi, George Y. Ng, Matthew Honea
  • Patent number: 10389752
    Abstract: A price-mining prevention system, in various embodiments, is configured for: (A) detecting an access to a particular web page containing pricing information; (B) determining whether a source of the access is an individual employed by one or more competitors of a company that owns the particular web page being accessed; and (C) at least partially in response to determining that the individual is employed by one or more competitors of a company that owns the particular web page being assessed, taking one or more defensive actions against the source of the access. The step of determining whether the individual is employed by a competitor of the company may comprise scanning a post made on one or more public message boards to determine, based on the content of the post, whether the message board poster is employed by a competitor of a company that owns the particular web page.
    Type: Grant
    Filed: December 14, 2016
    Date of Patent: August 20, 2019
    Assignee: VIESOFT, INC.
    Inventor: Anthony Vierra
  • Patent number: 10390227
    Abstract: A set of certificates are received at a gateway device from a management server, where each one of the certificates was generated by the management server upon determination that the gateway device is associated with a respective wireless sensing device (WSD). The gateway device receives from a first WSD an advertisement message indicating it is available for connecting to a gateway device. In response to confirming based on a first certificate of the set of certificates associated with the first WSD, that it is authorized to connect to the WSD, the gateway device transmits to the first WSD the first certificate and an identifier of the gateway device for enabling authentication of the gateway device at the WSD. The gateway device receives data from the first WSD, upon confirmation at the WSD that it is authorized to connect with the gateway device.
    Type: Grant
    Filed: August 21, 2018
    Date of Patent: August 20, 2019
    Assignee: Samsara Networks Inc.
    Inventors: John Bicket, James Michael Rowson, Chase Phillips
  • Patent number: 10380348
    Abstract: Techniques for assessing risks of IoT device. A system utilizing such techniques can include a packet analysis based IoT device risk assessment system and an IoT device risk assessment system. A method utilizing such techniques can include extraction of IoT device risk factors from a device profile of an IoT device and application of assessment weights to the IoT device risk factors to assess a risk level of an IoT device.
    Type: Grant
    Filed: November 21, 2016
    Date of Patent: August 13, 2019
    Assignee: ZingBox, Inc.
    Inventors: Gong Cheng, Mayuresh Ektare, Mei Wang
  • Patent number: 10382207
    Abstract: An image processing apparatus is provided. The image processing apparatus includes a storage configured to store an operating system (OS) of the image processing apparatus, a script file including a program code and a first electronic signature, and an interpreter program provided to execute the program code on the OS; and at least one processor configured to perform an authentication of the first electronic signature with the OS in response to the interpreter program executing the program code on the OS, and selectively permit or block the execution of the program code according to whether the first electronic signature passes or fails to pass the authentication.
    Type: Grant
    Filed: April 5, 2017
    Date of Patent: August 13, 2019
    Assignee: SAMSUNG ELECTRONICS CO., LTD.
    Inventors: Chang-woo Lee, Nam-gwon Lee
  • Patent number: 10380375
    Abstract: Technologies for displaying public and private images includes a display device and one or more user viewing devices. The display device is configured to display or generate a personalized image or video that is viewable by an authorized user viewing device and not viewable by unauthorized viewing devices. To facilitate the display of the personalized images, the display device and the user viewing device(s) may negotiate a display protocol to be used by the display device to display the personalized image in a private manner. In some embodiment, the display device may also display a public image or video that is viewable by unauthorized viewing devices and/or individuals without viewing devices.
    Type: Grant
    Filed: November 24, 2014
    Date of Patent: August 13, 2019
    Assignee: Intel Corporation
    Inventors: John C. Weast, Joshua Boelter
  • Patent number: 10367787
    Abstract: A firewall provides improved network security by allowing the use of dynamic objects in firewall rules, where the dynamic objects evaluate to a variable set of devices. The dynamic objects may be updated from real-time data sources and non-real time inventories of data. Dynamic objects may be used for either or both of source and destination in a firewall rule. Where the dynamic object includes non-real time data, the dynamic object may be synchronized with the non-real time data inventory on a configurable basis. By using dynamic objects, the firewall can provide flexibility in the rules to allow control over user-owned and controlled devices.
    Type: Grant
    Filed: December 20, 2013
    Date of Patent: July 30, 2019
    Assignee: McAfee, LLC
    Inventors: Bikram Kumar Gupta, Ananth Raman, Manuel Nedbal, Elanthiraiyan A. Anbalagan
  • Patent number: 10348716
    Abstract: Various embodiments concern mechanisms for facilitating communication between network-accessible platforms for developing, hosting, or running hybrid applications that utilize resources hosted across multiple platforms. Hybrid applications cause messages or “calls” to be passed between the platforms that must be authenticated. For example, when a call is placed by a Heroku platform to a Force.com platform, the call must be authenticated for security purposes. If Heroku has not already been authenticated when the call is submitted, an authentication process is invoked. An event listener can be used to register details regarding the initial callout task, and then register or “fire” an event when the authentication process is successfully completed. Registration of the initial callout task completely separates the authentication process from the resource being invoked. Requests can be completed without requiring further user input using at least some of the details registered by the event listener.
    Type: Grant
    Filed: January 12, 2018
    Date of Patent: July 9, 2019
    Assignee: FinancialForce.com, Inc.
    Inventor: Matthew D. Wood
  • Patent number: 10341353
    Abstract: Disclosed herein is a method for electronic authentication, validation, storage, and third party verification of documents by a document service. The method provides a system for authenticating a user by a process that includes presentation of photo identification by the user and generation of an authenticated user code. The user then requests transfer of a document to the document service. The document service then validates, encrypts, and stores the document and associated metadata. A request for verification by a third party is responded to by the document service if the user sends the authenticated user code to confirm permission for verification by the document service.
    Type: Grant
    Filed: June 2, 2016
    Date of Patent: July 2, 2019
    Assignee: Wymsical, Inc.
    Inventors: Eli Yaacoby, Liwen Yaacoby
  • Patent number: 10339299
    Abstract: Techniques are described for runtime checking of function metadata prior to execution of a function in an environment. An application may include any appropriate number of components at one or more levels in a hierarchical arrangement, and each component may be packaged with metadata that describes the component. A function, or any component, may be packaged with metadata that includes term(s) governing the usage of the function. The term(s) may be checked, at runtime, during execution of the application to determine whether the function is to be executed. A function may also be hashed at runtime for verification of function version. Function(s) may be individually and independently executed as containerized nano functions within the environment.
    Type: Grant
    Filed: March 7, 2017
    Date of Patent: July 2, 2019
    Assignee: Kashmoo, Inc.
    Inventors: Mark D. Magnuson, Timothy J. Magnuson
  • Patent number: 10333706
    Abstract: A method and system of providing verification of information of a user relating to an attestation transaction is provided, and includes sending a request for information of the user, wherein the information has been previously attested to in an attestation transaction stored within a centralized or distributed ledger at an attestation address; receiving at a processor associated with a verifier the information of the user; sending a cryptographic challenge nonce; receiving at the processor associated with the verifier the cryptographic challenge nonce signed by the user's private key; verifying user identity with the cryptographic challenge nonce signed by the user's private key; deriving a public attest key by using the information of the user; deriving an attestation address using the public attest key; and verifying the existence of the attestation transaction at the attestation address in the centralized or distributed ledger.
    Type: Grant
    Filed: April 28, 2017
    Date of Patent: June 25, 2019
    Assignee: Civic Technologies, Inc.
    Inventors: Jonathan Robert Smith, Vinodan Karthikeya Lingham, John Driscoll, Iain Charles Fraser
  • Patent number: 10331750
    Abstract: Systems, methods, and non-transitory computer readable media are configured to provide a first element in an interface presentable to a user through which a plurality of ephemeral media content items are accessible by the user for a selected period of time. A second element in the interface through which a plurality of non-ephemeral media content items are accessible by the user is provided.
    Type: Grant
    Filed: January 31, 2017
    Date of Patent: June 25, 2019
    Assignee: Facebook, Inc.
    Inventors: Christine Choi, Nathan Andrew Sharp, William Samuel Bailey, Ashoke K. Chakrabarti, Joshua Barton Dickens, Joy-Vincent Niemantsverdriet
  • Patent number: 10325083
    Abstract: Wearable electronic device technology is disclosed. In an example, a wearable electronic device can include a handling portion that facilitates donning the wearable electronic device on a user. The wearable electronic device can also include a user authentication sensor associated with the handling portion and configured to sense a biometric characteristic of the user while the user is donning the wearable electronic device. In addition, the wearable electronic device can include a security module to determine whether the sensed biometric characteristic indicates an authorized user of the wearable electronic device.
    Type: Grant
    Filed: November 14, 2017
    Date of Patent: June 18, 2019
    Assignee: Intel Corporation
    Inventors: Saurabh Dadu, Swarnendu Kar
  • Patent number: 10318748
    Abstract: Embodiments may be generally directed to techniques to encrypt and decrypt data in a first fuse block array using an encryption key of a second fuse block array, the second fuse block array having the encryption key comprising a plurality of segments of bits, an inverse encryption key comprising a second plurality of segments of bits, each segment of the inverse encryption key to correspond with a particular segment of the encryption key, and a random pattern having equally distributed bit values, the random pattern to enable detection of voltage attacks on the second fuse block array.
    Type: Grant
    Filed: September 30, 2016
    Date of Patent: June 11, 2019
    Assignee: INTEL CORPORATION
    Inventors: Neeraj S. Upasani, David P. Turley, Sergiu D. Ghetie, Zhangping Chen, Jason G. Sandri
  • Patent number: 10320565
    Abstract: Systems, methods, and software can be used to generate elliptic curve points. In some aspect, the method includes: selecting a field size of 8^91+5; selecting a curve equation that is compatible to the field size; using, by a hardware processor, the selected field size to generate an elliptic curve point; and using, by the hardware processor, the elliptic curve point in an Elliptic Curve Cryptography (ECC) operation.
    Type: Grant
    Filed: February 28, 2017
    Date of Patent: June 11, 2019
    Assignee: Certicom Corp.
    Inventor: Daniel Richard L. Brown
  • Patent number: 10320848
    Abstract: Embodiments are directed to having multiple lockout counters that apply to login requests from different origins. More specifically, one counter is associated with a user's familiar locations, another counter is associated with unfamiliar locations. In another embodiment, hashes of incorrect passwords are recorded so that lockout counters are not incremented multiple times when the same incorrect password is entered repeatedly.
    Type: Grant
    Filed: July 29, 2016
    Date of Patent: June 11, 2019
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Alexandre Kerametlian, Amit Dhariwal, Dana Kaufman, Winfred Wong
  • Patent number: 10305921
    Abstract: A network security apparatus includes a packet detector detecting transmission of data packets between a plurality of hosts and a plurality of domains and defining a plurality of links therefrom. A model builder circuit receives the plurality of links from the packet detector, receives ground truth information labeling one or more of the plurality of hosts or one or more of the plurality of domains as benign or malicious, generates predictive models from the received links and ground truth information, and stores generated predictive models in a predictive model database. An anomaly detector circuit retrieves the generated predictive models from the predictive model database and uses the predictive models to label each of the plurality of hosts and plurality of domains, that have not previously been labeled by the ground truth information, as benign or malicious.
    Type: Grant
    Filed: April 28, 2016
    Date of Patent: May 28, 2019
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Jing Gao, Deepak Turaga, Long H. Vu, Houping Xiao
  • Patent number: 10298611
    Abstract: A method to assess network vulnerabilities of devices may include accessing, by a relay device, a network that includes a firewall to separate the network from external networks such that the relay device is coupled to the network from behind the firewall attached to the network. The method may further include establishing a communication channel over a secondary network between the relay device and a monitor system. The method may further include detecting one or more devices behind the firewall attached to the network by the relay device. The method may also include after establishing the communication channel and detecting the one or more devices and while the relay device is coupled to the network from behind the firewall attached to the network, performing, by the monitor system, one or more network vulnerability assessments on the one or more devices via network communications that pass through the relay device.
    Type: Grant
    Filed: December 10, 2018
    Date of Patent: May 21, 2019
    Assignee: SecurityMetrics, Inc.
    Inventors: Brad Caldwell, Ken Lawrence, R. Trent Gundersen
  • Patent number: 10298386
    Abstract: An unencrypted media access control layer (MAC) protocol data unit (MPDU) having a header is received at a wireless network interface device. The header includes a sequence number. The wireless network interface device uses the sequence number to encrypt data in the unencrypted MPDU to generate an encrypted MPDU, and transmits the encrypted MPDU.
    Type: Grant
    Filed: July 5, 2016
    Date of Patent: May 21, 2019
    Assignee: Marvell International Ltd.
    Inventors: Paul A. Lambert, Yong Liu, Raja Banerjea, Harish Ramamurthy