Patents by Inventor ADAM HUNT
ADAM HUNT has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20210110101Abstract: Techniques are disclosed for analyzing documents to detect web components and the web frameworks in the documents. In at least one embodiment, a network analysis system is provided to passively detect web frameworks of documents. The network analysis system can render a document using a document object model to identify objects in the document that are defined as web components. A hash function may be applied to each of the objects to generate a hash signature for the object. Files defining web frameworks can be downloaded from a repository system. Each file may corresponding to a web component. A hash function is applied content in each file to generate a hash signature. The hash signatures of each file may be compared to the hash signatures of the objects in the document to identify a web component for each object. A web framework can be identified based on the web components.Type: ApplicationFiled: December 22, 2020Publication date: April 15, 2021Inventors: Adam Hunt, Jonas Edgeworth, Chris Kiernan, David Pon, Elias Manousos
-
Publication number: 20210099477Abstract: Similar assets across a digital attack surface are identified. Extracting detail information and related edge information enables a network analysis system to provide indexed assets. A user of a network analysis system may provide additional data sources to enhance indexed assets. New data sources are processed in bulk to update existing assets. Edge information is pre-computed to provide on-demand access to a global inventory of mapped domain infrastructure assets.Type: ApplicationFiled: October 1, 2019Publication date: April 1, 2021Inventor: Adam Hunt
-
Patent number: 10872196Abstract: Techniques are disclosed for analyzing documents to detect web components and the web frameworks in the documents. In at least one embodiment, a network analysis system is provided to passively detect web frameworks of documents. The network analysis system can render a document using a document object model to identify objects in the document that are defined as web components. A hash function may be applied to each of the objects to generate a hash signature for the object. Files defining web frameworks can be downloaded from a repository system. Each file may corresponding to a web component. A hash function is applied content in each file to generate a hash signature. The hash signatures of each file may be compared to the hash signatures of the objects in the document to identify a web component for each object. A web framework can be identified based on the web components.Type: GrantFiled: July 9, 2019Date of Patent: December 22, 2020Assignee: RiskIQ, Inc.Inventors: Adam Hunt, Jonas Edgeworth, Chris Kiernan, David Pon, Elias Manousos
-
Patent number: 10862907Abstract: An inventory of Internet-facing assets related to a target domain is generated using network data gathered from network data sources. Using data sources of known threats, such as malware, phishing attempts, scam pages, blacklisted sites, and so on, a network analytic system generates analytical information about domains, sub-domains, and components that are owned, managed, and/or controlled by a target entity. A measure of domain identity threat is generated based on a classification model using the analytical information.Type: GrantFiled: August 7, 2018Date of Patent: December 8, 2020Assignee: RiskIQ, Inc.Inventors: Steven Alexander Daniel Pon, Adam Hunt, Jonas Edgeworth, Chris Kiernan, Elias Manousos, David Pon, Jonathan Matkowsky
-
Publication number: 20200378479Abstract: A sealed tensioner includes a body having a high-pressure chamber; a low-pressure reservoir that is in fluid communication with the high-pressure chamber through a fluid conduit; a piston received by the body that moves axially to compress fluid in the high-pressure chamber; a seal positioned between the piston and the body that prevents passage of fluid from the high-pressure chamber between the piston and the body; and a check valve, regulating fluid flow between a low-pressure reservoir and the high-pressure chamber, including a stiffness control aperture.Type: ApplicationFiled: May 29, 2019Publication date: December 3, 2020Inventors: Zachary Perrella, Adam Hunt
-
Patent number: 10757101Abstract: Embodiments are directed to using a hash signature of a rendered DOM object of a website to find similar content and behavior on other websites. Embodiments break a DOM into a large number of data portions (i.e., “shingles”), apply a hashing algorithm to the shingles, select a predetermined number of hashes from the hashed shingles according to a selection criteria to create a hash signature, and compare the hash signature to that of a reference page to determine similarity of website DOM object content. Embodiments can be used to identify phishing websites, defaced websites, spam websites, significant changes in the content of a webpage, copyright infringement, and any other suitable purposes related to the similarity between website DOM object content.Type: GrantFiled: September 25, 2018Date of Patent: August 25, 2020Assignee: RiskIQ, Inc.Inventors: Adam Hunt, David Pon, Chris Kiernan, Ben Adams, Jonas Edgeworth, Elias Manousos, Joseph Linn
-
Publication number: 20200204587Abstract: Embodiments of the present invention are directed to identifying phishing websites by rendering and analyzing document object model (DOM) objects associated with a website for features that indicate phishing behavior. Embodiments analyze the full scope and functionality associated with a website by executing functions embedded in a DOM object before analyzing the website for phishing activity. Accordingly, embodiments render and analyze a fully executed DOM object for phishing behavior. Embodiments may then perform steps to mediate a website that is classified as performing phishing. Thus, embodiments are configured to (1) collect website information from a variety of websites and web servers connected to the internet, (2) analyze the collected data to determine whether the website information is performing phishing, and (3) mediate websites and other actors that are determined to be performing phishing based on the results of the phishing analysis.Type: ApplicationFiled: March 3, 2020Publication date: June 25, 2020Inventors: Adam Hunt, David Pon, Chris Kiernan, Ben Adams, Jonas Edgeworth, Elias Manousos
-
Publication number: 20200120133Abstract: The present disclosure generally relates to web page analysis, and more particularly to detecting malicious behavior using an accomplice model. In certain embodiments, the accomplice model may determine that a URI is associated with malicious behavior based upon the URI being associated with an attribute determined to be related to malicious behavior. Examples of an attribute include a host system, a domain, or an element of a document used to render the web page. Examples of an element of a document used to render the web page may include an active/dynamic element (e.g., a function, a script, etc.) or an inactive/static element (e.g., a string, a number, a frame, a tracking username, a social networking username, etc.).Type: ApplicationFiled: December 10, 2019Publication date: April 16, 2020Applicant: RISKIQ, Inc.Inventors: Adam Hunt, Joseph Linn, Nick Goodman, Elias Manousos, Chris Kiernan, David Pon, Jonas Edgeworth
-
Patent number: 10581908Abstract: Embodiments of the present invention are directed to identifying phishing websites by rendering and analyzing document object model (DOM) objects associated with a website for features that indicate phishing behavior. Embodiments analyze the full scope and functionality associated with a website by executing functions embedded in a DOM object before analyzing the website for phishing activity. Accordingly, embodiments render and analyze a fully executed DOM object for phishing behavior. Embodiments may then perform steps to mediate a website that is classified as performing phishing. Thus, embodiments are configured to (1) collect website information from a variety of websites and web servers connected to the internet, (2) analyze the collected data to determine whether the website information is performing phishing, and (3) mediate websites and other actors that are determined to be performing phishing based on the results of the phishing analysis.Type: GrantFiled: December 16, 2016Date of Patent: March 3, 2020Assignee: RiskIQ, Inc.Inventors: Adam Hunt, David Pon, Chris Kiernan, Ben Adams, Jonas Edgeworth, Elias Manousos
-
Patent number: 10505981Abstract: The present disclosure generally relates to web page analysis, and more particularly to detecting malicious behavior using an accomplice model. In certain embodiments, the accomplice model may determine that a URI is associated with malicious behavior based upon the URI being associated with an attribute determined to be related to malicious behavior. Examples of an attribute include a host system, a domain, or an element of a document used to render the web page. Examples of an element of a document used to render the web page may include an active/dynamic element (e.g., a function, a script, etc.) or an inactive/static element (e.g., a string, a number, a frame, a tracking username, a social networking username, etc.).Type: GrantFiled: November 3, 2017Date of Patent: December 10, 2019Assignee: RiskIQ, Inc.Inventors: Adam Hunt, Joseph Linn, Nick Goodman, Elias Manousos, Chris Kiernan, David Pon, Jonas Edgeworth
-
Publication number: 20190332651Abstract: Techniques are disclosed for analyzing documents to detect web components and the web frameworks in the documents. In at least one embodiment, a network analysis system is provided to passively detect web frameworks of documents. The network analysis system can render a document using a document object model to identify objects in the document that are defined as web components. A hash function may be applied to each of the objects to generate a hash signature for the object. Files defining web frameworks can be downloaded from a repository system. Each file may corresponding to a web component. A hash function is applied content in each file to generate a hash signature. The hash signatures of each file may be compared to the hash signatures of the objects in the document to identify a web component for each object. A web framework can be identified based on the web components.Type: ApplicationFiled: July 9, 2019Publication date: October 31, 2019Inventors: Adam Hunt, Jonas Edgeworth, Chris Kiernan, David Pon, Elias Manousos
-
Patent number: 10346520Abstract: Techniques are disclosed for analyzing documents to detect web components and the web frameworks in the documents. In at least one embodiment, a network analysis system is provided to passively detect web frameworks of documents. The network analysis system can render a document using a document object model to identify objects in the document that are defined as web components. A hash function may be applied to each of the objects to generate a hash signature for the object. Files defining web frameworks can be downloaded from a repository system. Each file may corresponding to a web component. A hash function is applied content in each file to generate a hash signature. The hash signatures of each file may be compared to the hash signatures of the objects in the document to identify a web component for each object. A web framework can be identified based on the web components.Type: GrantFiled: April 26, 2017Date of Patent: July 9, 2019Assignee: RiskIQ, Inc.Inventors: Adam Hunt, Jonas Edgeworth, Chris Kiernan, David Pon, Elias Manousos
-
Publication number: 20190057411Abstract: A system to utilize at least one of a website and a mobile application that is used by a company to provide monetary compensation to employees who advertise the company on social media, the system including a first computer utilized by at least one of the employees to access the at least one of the website and the mobile application, which accesses a social medium to allow the at least one of the employees to advertise the company by posting an advertisement on the social medium, and a second computer utilized by an employer to access the at least one of the website and the mobile application to approve the advertisement prior to the posting becoming publicly viewable on the social medium, and to provide the monetary compensation to the at least one of the employees using the first computer.Type: ApplicationFiled: August 19, 2018Publication date: February 21, 2019Inventor: Adam Hunt
-
Publication number: 20190028473Abstract: Embodiments are directed to using a hash signature of a rendered DOM object of a website to find similar content and behavior on other websites. Embodiments break a DOM into a large number of data portions (i.e., “shingles”), apply a hashing algorithm to the shingles, select a predetermined number of hashes from the hashed shingles according to a selection criteria to create a hash signature, and compare the hash signature to that of a reference page to determine similarity of website DOM object content. Embodiments can be used to identify phishing websites, defaced websites, spam websites, significant changes in the content of a webpage, copyright infringement, and any other suitable purposes related to the similarity between website DOM object content.Type: ApplicationFiled: September 25, 2018Publication date: January 24, 2019Inventors: Adam Hunt, David Pon, Chris Kiernan, Ben Adams, Jonas Edgeworth, Elias Manousos, Joseph Linn
-
Patent number: 10084779Abstract: Embodiments are directed to using a hash signature of a rendered DOM object of a website to find similar content and behavior on other websites. Embodiments break a DOM into a large number of data portions (i.e., “shingles”), apply a hashing algorithm to the shingles, select a predetermined number of hashes from the hashed shingles according to a selection criteria to create a hash signature, and compare the hash signature to that of a reference page to determine similarity of website DOM object content. Embodiments can be used to identify phishing websites, defaced websites, spam websites, significant changes in the content of a webpage, copyright infringement, and any other suitable purposes related to the similarity between website DOM object content.Type: GrantFiled: June 16, 2017Date of Patent: September 25, 2018Assignee: RiskIQ, Inc.Inventors: Adam Hunt, David Pon, Chris Kiernan, Ben Adams, Jonas Edgeworth, Elias Manousos, Joseph Linn
-
Publication number: 20180124110Abstract: The present disclosure generally relates to web page analysis, and more particularly to detecting malicious behavior using an accomplice model. In certain embodiments, the accomplice model may determine that a URI is associated with malicious behavior based upon the URI being associated with an attribute determined to be related to malicious behavior. Examples of an attribute include a host system, a domain, or an element of a document used to render the web page. Examples of an element of a document used to render the web page may include an active/dynamic element (e.g., a function, a script, etc.) or an inactive/static element (e.g., a string, a number, a frame, a tracking username, a social networking username, etc.).Type: ApplicationFiled: November 3, 2017Publication date: May 3, 2018Applicant: RISKIQ, Inc.Inventors: Adam Hunt, Joseph Linn, Nick Goodman, Elias Manousos, Chris Kiernan, David Pon, Jonas Edgeworth
-
Publication number: 20180124109Abstract: The present disclosure generally relates to web page analysis, and more particularly to a classification system for web pages. The classification system may classify a web page as malicious based upon one or more signatures generated for the web page. For example, the classification system may compare one or more signatures generated for a first web page to one or more signatures generated for a second web page, where the first web page and the second web page are the same web page at different times or different web pages. Based upon a similarity of the signatures, the classification system may output whether the first web page is malicious. For another example, the classification system may include a classification model that is trained based upon one or more signatures for one or more classified web pages. The classification model may output whether the web page is malicious.Type: ApplicationFiled: November 1, 2017Publication date: May 3, 2018Applicant: RiskIQ, Inc.Inventors: Adam Hunt, Joseph Linn, Elias Manousos, Chris Kiernan, David Pon, Jonas Edgeworth, Steven Alexander Daniel Pon
-
Publication number: 20180109426Abstract: The present disclosure relates to identifying and storing relationships between hosts that are used to present a web page to a user. In certain embodiments, a system for detecting host pairs is provided. The system may receive a first request to identify one or more host pairs associated with a first host. In response to receiving the first request, the system may send a second request to the first host for a document. The document may be a web page file that is used to build a web page associated with the first host. The web page file may include instructions that, when parsed, build the web page. In response to the second request, the first host may send a response to the system. The system may then use the data included in the response to build the web page. While building the web page, a pairing may be stored when a different host is contacted.Type: ApplicationFiled: October 18, 2017Publication date: April 19, 2018Applicant: RISKIQ, Inc.Inventors: Adam Hunt, Jonas Edgeworth, Chris Kiernan, Elias Manousos, David Pon
-
Publication number: 20180048673Abstract: Embodiments of the present disclosure are directed to a network analytic system for tracking and analysis of network infrastructure for network-based digital assets. The network analytic system can detect and track a relationship between assets based on one or more attributes related or shared between any given assets. The network analytic system can analyze network-based digital assets to determine information about a website (e.g., information about electronic documents, such as web pages) that has be used to detect phishing and other abuse of the website. The network analytic system can analyze data about network-based assets to determine whether any are being used or connected to use of unauthorized or malicious activity or known network-based assets. Based on the relationship identified, the network analytic system can associate or link assets together. The network analytic system may provide an interface to view data sets generated by the network analytic system.Type: ApplicationFiled: August 15, 2017Publication date: February 15, 2018Applicant: RISKIQ, Inc.Inventors: Adam Hunt, Jonas Edgeworth, Chris Kiernan, Elias Manousos, David Pon
-
Publication number: 20170308513Abstract: Techniques are disclosed for analyzing documents to detect web components and the web frameworks in the documents. In at least one embodiment, a network analysis system is provided to passively detect web frameworks of documents. The network analysis system can render a document using a document object model to identify objects in the document that are defined as web components. A hash function may be applied to each of the objects to generate a hash signature for the object. Files defining web frameworks can be downloaded from a repository system. Each file may corresponding to a web component. A hash function is applied content in each file to generate a hash signature. The hash signatures of each file may be compared to the hash signatures of the objects in the document to identify a web component for each object. A web framework can be identified based on the web components.Type: ApplicationFiled: April 26, 2017Publication date: October 26, 2017Applicant: RiskIQ, Inc.Inventors: Adam Hunt, Jonas Edgeworth, Chris Kiernan, David Pon, Elias Manousos