Patents by Inventor Ariya Hidayat
Ariya Hidayat has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11139966Abstract: Techniques are provided for security code for integration with an application. A first request associated with a request by an application to an application server is received. The application includes security code that performs a set of one or more operations on one or more input parameters. The application is provided one or more parameter values, wherein the security code generates a secret cryptographic key based on the one or more parameter values. A security key is received that includes encrypted client data collected at the client device that is encrypted using the secret cryptographic key. The secret cryptographic key is generated based on the one or more parameter values and knowledge of the set of one or more operations. It is determined that the decrypted client data matches a pattern of data associated with malware. The application server is prevented from processing a second request.Type: GrantFiled: December 31, 2019Date of Patent: October 5, 2021Assignee: SHAPE SECURITY, INC.Inventors: Carl Schroeder, Ariya Hidayat, Chandrasekhar Rentachintala, Ricky Y. Chiu
-
Patent number: 10855696Abstract: In an approach, an apparatus comprises: one or more processors; a processor logic coupled to the one or more processors and configured to: intercept, from a client computer, a request directed to a server computer that identifies a purported user agent executing on the client computer; send, to the server computer, the request from the client computer; intercept, from the server computer, one or more original instructions to be executed by the purported user agent of the client computer; determine one or more features supported by the purported user agent that are not utilized by the one or more original instructions; transform the one or more original instructions into one or more revised instructions which, when executed by the purported user agent, cause the purported user agent to utilize the one or more features; send, to the client computer, the one or more revised instructions.Type: GrantFiled: March 2, 2016Date of Patent: December 1, 2020Assignee: SHAPE SECURITY, INC.Inventors: Jarrod S. Overson, Ariya Hidayat, Michael Ficarra, Bei Zhang, Justin Call
-
Patent number: 10708249Abstract: In an embodiment, a computer system configured to: generate a first challenge credential to be sent to a client computer; render one or more first dynamic-credential instructions, which when executed by the client computer, cause the client computer to generate a first dynamic credential that corresponds to the first challenge credential; modify a first set of instructions, which define one or more original operations, to produce a second set of instructions, wherein the second set of instructions include the first challenge credential and the one or more first dynamic-credential instructions, and which when executed by the client computer, cause the first challenge credential to be included in the one or more requests sent from the client computer; send the second set of instructions to a second computer.Type: GrantFiled: February 16, 2016Date of Patent: July 7, 2020Assignee: SHAPE SECURITY, INC.Inventors: Ariya Hidayat, Justin Call
-
Publication number: 20200136820Abstract: Techniques are provided for security code for integration with an application. A first request associated with a request by an application to an application server is received. The application includes security code that performs a set of one or more operations on one or more input parameters. The application is provided one or more parameter values, wherein the security code generates a secret cryptographic key based on the one or more parameter values. A security key is received that includes encrypted client data collected at the client device that is encrypted using the secret cryptographic key. The secret cryptographic key is generated based on the one or more parameter values and knowledge of the set of one or more operations. It is determined that the decrypted client data matches a pattern of data associated with malware. The application server is prevented from processing a second request.Type: ApplicationFiled: December 31, 2019Publication date: April 30, 2020Applicant: Shape Security, Inc.Inventors: Carl Schroeder, Ariya Hidayat, Chandrasekhar Rentachintala, Ricky Y. Chiu
-
Patent number: 10567171Abstract: Techniques are provided for client-side security key generation. An initial request is received from an application executing on a client device. The application includes a security component includes security code. In response to the initial request, a key component is generated. The key component includes one or more parameters from which a valid security key can be generated at the client device by executing the security code. The key component is provided to the client device. A security key associated with a request from the client device to an application server is received. The security key is checked for validity. In response to determining that the security key is valid, processing of the request by the application server is caused.Type: GrantFiled: June 30, 2017Date of Patent: February 18, 2020Assignee: Shape Security, Inc.Inventors: Carl Schroeder, Ariya Hidayat, Chandrasekhar Rentachintala, Ricky Y. Chiu
-
Publication number: 20180091492Abstract: In an embodiment, a computer system configured to: generate a first challenge credential to be sent to a client computer; render one or more first dynamic-credential instructions, which when executed by the client computer, cause the client computer to generate a first dynamic credential that corresponds to the first challenge credential; modify a first set of instructions, which define one or more original operations, to produce a second set of instructions, wherein the second set of instructions include the first challenge credential and the one or more first dynamic-credential instructions, and which when executed by the client computer, cause the first challenge credential to be included in the one or more requests sent from the client computer; send the second set of instructions to a second computer.Type: ApplicationFiled: February 16, 2016Publication date: March 29, 2018Inventors: ARIYA HIDAYAT, JUSTIN CALL
-
Publication number: 20180006814Abstract: Techniques are provided for client-side security key generation. An initial request is received from an application executing on a client device. The application includes a security component includes security code. In response to the initial request, a key component is generated. The key component includes one or more parameters from which a valid security key can be generated at the client device by executing the security code. The key component is provided to the client device. A security key associated with a request from the client device to an application server is received. The security key is checked for validity. In response to determining that the security key is valid, processing of the request by the application server is caused.Type: ApplicationFiled: June 30, 2017Publication date: January 4, 2018Inventors: Carl Schroeder, Ariya Hidayat, Chandrasekhar Rentachintala, Ricky Y. Chiu
-
Publication number: 20170257385Abstract: In an approach, an apparatus comprises: one or more processors; a processor logic coupled to the one or more processors and configured to: intercept, from a client computer, a request directed to a server computer that identifies a purported user agent executing on the client computer; send, to the server computer, the request from the client computer; intercept, from the server computer, one or more original instructions to be executed by the purported user agent of the client computer; determine one or more features supported by the purported user agent that are not utilized by the one or more original instructions; transform the one or more original instructions into one or more revised instructions which, when executed by the purported user agent, cause the purported user agent to utilize the one or more features; send, to the client computer, the one or more revised instructions.Type: ApplicationFiled: March 2, 2016Publication date: September 7, 2017Inventors: JARROD S. OVERSON, ARIYA HIDAYAT, MICHAEL FICARRA, BEI ZHANG, JUSTIN CALL
-
Publication number: 20170118241Abstract: A computer-implemented security method includes receiving, at a server sub-system, reports from a plurality of clients that were served content served by a web server system, the different versions of content varying from each other by polymorphic transformation that inserts varying content at common locations in the content; determining, with the server sub-system, an effectiveness level of security countermeasures applied to the content, using the received reports; selecting an updated security countermeasure package determined to address malware identified using data from the reports; and providing to the web server system information causing the web server system to switch to the updated security countermeasure package.Type: ApplicationFiled: October 26, 2015Publication date: April 27, 2017Inventors: Justin D. Call, Ariya Hidayat, Timothy Dylan Peacock, Siying Yang
-
Patent number: 9608975Abstract: Computer systems and methods in various embodiments are configured for improving the security and efficiency of server computers interacting through an intermediary computer with client computers that may be executing malicious and/or autonomous headless browsers or “bots”.Type: GrantFiled: March 30, 2015Date of Patent: March 28, 2017Assignee: SHAPE SECURITY, INC.Inventors: Ariya Hidayat, Justin Call
-
Patent number: 9602543Abstract: Computer systems and methods in various embodiments are configured for improving the security and efficiency of client computers interacting with server computers through an intermediary computer using one or more polymorphic protocols. In an embodiment, a computer system comprises a memory; a processor coupled to the memory; a processor logic coupled to the processor and the memory, and configured to: intercept, from a server computer, a first file and a second file, wherein the first file defines a first object with a first identifier and the second file comprises a reference to the first object by the first identifier; generate a second identifier; replace the first identifier with the second identifier in the first file; add one or more first instructions to the first file; remove the reference to the first identifier from the second file; add, to the second file, one or more second instructions, which when executed cause the one or more first instructions to be executed and produce the second identifier.Type: GrantFiled: September 9, 2014Date of Patent: March 21, 2017Assignee: Shape Security, Inc.Inventor: Ariya Hidayat
-
Publication number: 20160342793Abstract: The automated, real-time detection of specific blocks of code within a larger body of source code is described. Specific implementations relate to the detection of known code libraries in web page code to improve the efficiency of the generation of polymorphic transformations of the web page code for the purpose of impeding automated cyber-attacks.Type: ApplicationFiled: August 1, 2016Publication date: November 24, 2016Inventors: Ariya Hidayat, Bei Zhang
-
Publication number: 20160294796Abstract: Computer systems and methods in various embodiments are configured for improving the security and efficiency of server computers interacting through an intermediary computer with client computers that may be executing malicious and/or autonomous headless browsers or “bots”.Type: ApplicationFiled: March 30, 2015Publication date: October 6, 2016Inventors: ARIYA HIDAYAT, JUSTIN CALL
-
Patent number: 9405910Abstract: The automated, real-time detection of specific blocks of code within a larger body of source code is described. Specific implementations relate to the detection of known code libraries in web page code to improve the efficiency of the generation of polymorphic transformations of the web page code for the purpose of impeding automated cyber-attacks.Type: GrantFiled: June 2, 2014Date of Patent: August 2, 2016Assignee: Shape Security, Inc.Inventors: Ariya Hidayat, Bei Zhang
-
Publication number: 20160149953Abstract: Computer systems and methods in various embodiments are configured for improving the security and efficiency of client computers interacting with server computers through an intermediary computer using one or more polymorphic protocols. In an embodiment, a computer system comprises a memory; a processor coupled to the memory; a processor logic coupled to the processor and the memory, and configured to: intercept, from a server computer, a first file and a second file, wherein the first file defines a first object with a first identifier and the second file comprises a reference to the first object by the first identifier; generate a second identifier; replace the first identifier with the second identifier in the first file; add one or more first instructions to the first file; remove the reference to the first identifier from the second file; add, to the second file, one or more second instructions, which when executed cause the one or more first instructions to be executed and produce the second identifier.Type: ApplicationFiled: September 9, 2014Publication date: May 26, 2016Inventor: ARIYA HIDAYAT
-
Publication number: 20150347756Abstract: The automated, real-time detection of specific blocks of code within a larger body of source code is described. Specific implementations relate to the detection of known code libraries in web page code to improve the efficiency of the generation of polymorphic transformations of the web page code for the purpose of impeding automated cyber-attacks.Type: ApplicationFiled: June 2, 2014Publication date: December 3, 2015Applicant: Shape Security, Inc.Inventors: Ariya Hidayat, Bei Zhang
-
Patent number: 9038033Abstract: Techniques for minifying a client-side web application are described. In one embodiment, a computer-implemented method includes performing a static analysis of a set of files written in a dynamic programming language that make up the web application. A single minified web application file is generated based on a traversal of a dependency graph that includes, in proper dependency order, components that are needed at runtime and does not include components of the set of files that will not be needed at runtime. The single minified web application file may be delivered to end user computing devices in place of the original set of files without loss of web application functionality.Type: GrantFiled: December 9, 2011Date of Patent: May 19, 2015Assignee: Sencha, Inc.Inventor: Ariya Hidayat
-
Patent number: 8615708Abstract: Techniques and mechanisms that assist web page developers in “live styling” a web page without having to repeatedly compile a meta-language style sheet are disclosed. In one embodiment, these techniques and mechanisms include styling functionality to help the developer of the web page carry out a cycle of a streamlined web page live styling process. With the styling functionality, the developer can direct input to a user interface control to change the value of a corresponding meta-language style sheet variable. In response to the input, presentation of the web page is virtually instantaneously updated to reflect the changed value. The developer may repeatedly direct input to the user interface controls until the desired web page appearance is achieved.Type: GrantFiled: November 18, 2011Date of Patent: December 24, 2013Assignee: Sencha, Inc.Inventors: Ariya Hidayat, Tommy Maintz