Patents by Inventor Bo Qu

Bo Qu has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20260127281
    Abstract: Various techniques for malicious pattern extraction via fuzzing are disclosed. In some embodiments, a system/process/computer program product for malicious pattern extraction via fuzzing includes receiving a malicious sample (e.g., the malicious sample can be an executable file, such as a binary, script, etc., or a file that includes content for inputting into an application, such as for an office productivity suite or another application); mutating the malicious sample using fuzzing; and generating a signature based on a critical path (e.g., a malware signature can be automatically generated by a cloud security service for detection of the malicious sample, and the cloud security service can distribute the malware signature to a plurality of firewalls and/or other security entities to subscribers of a security service).
    Type: Application
    Filed: December 19, 2025
    Publication date: May 7, 2026
    Inventors: Zhibin Zhang, Bo Qu, Tao Yan, ChienHua Lu
  • Publication number: 20260106885
    Abstract: Vulnerable program code generated by a language model is detected inline. A detection service monitors for and intercepts network traffic of a language model. For responses from the language model that include generated program code, the detection service extracts the program code and determines a programming language to which the program code corresponds. The detection service employs machine learning-based and/or rule-based vulnerability detection techniques to determine whether the program code comprises any vulnerabilities. If the program code is determined to comprise a vulnerability, the detection service can block transmission of the response comprising the program code to its destination or communicate an alert with the response indicating that the program code is vulnerable to prevent inclusion of the vulnerable program code in a software project.
    Type: Application
    Filed: December 16, 2025
    Publication date: April 16, 2026
    Inventors: Haozhe Zhang, Qi Deng, Chien-Hua Lu, Shengming Xu, Bo Qu
  • Publication number: 20260087137
    Abstract: Detection of an exploit including shellcode is disclosed. Memory blocks are monitored during dynamic analysis of a sample to identify a memory block including suspicious shellcode. The memory block is dumped in memory to identify a candidate shellcode entry point associated with the suspicious shellcode. The suspicious shellcode is executed based on the candidate shellcode entry point to determine whether the suspicious shellcode is malicious. A verdict is generated regarding the sample based on results of executing the suspicious shellcode.
    Type: Application
    Filed: December 3, 2025
    Publication date: March 26, 2026
    Inventors: Tao Yan, Jin Chen, Bo Qu, Jiangxia Liu, Edouard Bochin, Royce Lu
  • Patent number: 12524540
    Abstract: Various techniques for malicious pattern extraction via fuzzing are disclosed. In some embodiments, a system/process/computer program product for malicious pattern extraction via fuzzing includes receiving a malicious sample (e.g., the malicious sample can be an executable file, such as a binary, script, etc., or a file that includes content for inputting into an application, such as for an office productivity suite or another application); mutating the malicious sample using fuzzing; and generating a signature based on a critical path (e.g., a malware signature can be automatically generated by a cloud security service for detection of the malicious sample, and the cloud security service can distribute the malware signature to a plurality of firewalls and/or other security entities to subscribers of a security service).
    Type: Grant
    Filed: April 28, 2023
    Date of Patent: January 13, 2026
    Assignee: Palo Alto Networks, Inc.
    Inventors: Zhibin Zhang, Bo Qu, Tao Yan, ChienHua Lu
  • Patent number: 12525966
    Abstract: The application relates to the field of integrated circuit design and discloses a digital phase interpolator, comprising: a first delay unit, a pre-interpolating unit, a second delay unit, and a phase interpolating unit; wherein each interpolation branch comprises a pre-interpolating unit and a re-interpolating unit. For two input signals with preset phase differences, the digital phase interpolator performs two interpolation processes, one at the pre-interpolating unit and the other at the phase interpolating unit. This distributed quadratic interpolation reduces the task of the phase interpolation unit, helps to reduce the number of stages of the phase interpolating unit, reduces the input load, reduces the overall power consumption and the overall area, ensures the rationality of its own power consumption, and improves the linearity of phase interpolation to some extent.
    Type: Grant
    Filed: April 16, 2024
    Date of Patent: January 13, 2026
    Assignee: MONTAGE ELECTRONICS (SHANGHAI) CO., LTD.
    Inventors: Pingshun Ma, Bo Qu
  • Patent number: 12526307
    Abstract: Vulnerable program code generated by a language model is detected inline. A detection service monitors for and intercepts network traffic of a language model. For responses from the language model that include generated program code, the detection service extracts the program code and determines a programming language to which the program code corresponds. The detection service employs machine learning-based and/or rule-based vulnerability detection techniques to determine whether the program code comprises any vulnerabilities. If the program code is determined to comprise a vulnerability, the detection service can block transmission of the response comprising the program code to its destination or communicate an alert with the response indicating that the program code is vulnerable to prevent inclusion of the vulnerable program code in a software project.
    Type: Grant
    Filed: June 28, 2024
    Date of Patent: January 13, 2026
    Assignee: Palo Alto Networks, Inc.
    Inventors: Haozhe Zhang, Qi Deng, Chien-Hua Lu, Shengming Xu, Bo Qu
  • Patent number: 12518009
    Abstract: Detection of an exploit including shellcode is disclosed. Memory blocks are monitored during dynamic analysis of a sample to identify a memory block including suspicious shellcode. The memory block is dumped in memory to identify a candidate shellcode entry point associated with the suspicious shellcode. The suspicious shellcode is executed based on the candidate shellcode entry point to determine whether the suspicious shellcode is malicious. A verdict is generated regarding the sample based on results of executing the suspicious shellcode.
    Type: Grant
    Filed: January 28, 2022
    Date of Patent: January 6, 2026
    Assignee: Palo Alto Networks, Inc.
    Inventors: Tao Yan, Jin Chen, Bo Qu, Jiangxia Liu, Edouard Bochin, Royce Lu
  • Publication number: 20260006056
    Abstract: Vulnerable program code generated by a language model is detected inline. A detection service monitors for and intercepts network traffic of a language model. For responses from the language model that include generated program code, the detection service extracts the program code and determines a programming language to which the program code corresponds. The detection service employs machine learning-based and/or rule-based vulnerability detection techniques to determine whether the program code comprises any vulnerabilities. If the program code is determined to comprise a vulnerability, the detection service can block transmission of the response comprising the program code to its destination or communicate an alert with the response indicating that the program code is vulnerable to prevent inclusion of the vulnerable program code in a software project.
    Type: Application
    Filed: June 28, 2024
    Publication date: January 1, 2026
    Inventors: Haozhe Zhang, Qi Deng, Chien-Hua Lu, Shengming Xu, Bo Qu
  • Publication number: 20250390868
    Abstract: The technology described herein relates to systems, methods, and computer storage media, among other things, for determining whether an electronic transmission (e.g., associated with an electronic payment transaction) should be blocked (e.g., based on being a fraudulent transaction). In embodiments, a policy-based reinforcement learning risk decision agent is used to make these determinations for a plurality of stages associated with the electronic payment transaction (e.g., a pre-authorization stage, a post-authorization stage, and a delay-captured stage). The policy-based reinforcement learning risk decision agent can be trained using previous electronic payment transaction data for previous electronic payment transactions. For example, this particular agent can be trained using pre-authorization electronic payment transaction data, post-authorization electronic payment transaction data, and delay-captured electronic payment transaction data for each of the previous electronic payment transactions.
    Type: Application
    Filed: June 20, 2024
    Publication date: December 25, 2025
    Inventors: Bo QU, Daisuke YAGI, Zhurong WANG, Zhichao HAN, Weiming LIANG, Yang ZHAO, Yinan SHAN, Francis Joseph ZAHRADNIK, III
  • Publication number: 20250392605
    Abstract: A prompt injection attack can be used for data exfiltration. A security appliance can be programmed to monitor responses from an application that uses a generative AI model for uniform resource locators (URLs) that indicate a remote server. When a response is detected with a URL indicating a remote server, the security appliance determines whether the remote server is a suspicious server, which is a server not known to be benign and not known to be malicious. If deemed suspicious, the security appliance can block or hold the response to prevent possible data exfiltration.
    Type: Application
    Filed: June 24, 2024
    Publication date: December 25, 2025
    Inventors: Chien-Hua Lu, Yu Fu, Mei Wang, Shengming Xu, Bo Qu
  • Publication number: 20250371543
    Abstract: Some aspects of the present technology relate to technologies for performing fraud detection on online transaction platforms through user behavior sequence data. In accordance with some configurations, a multi-task convolutional neural network (MTCNN) model is used to predict, in real-time, whether user behavior sequence data is indicative of fraudulent activity. To perform fraud detection in such configurations, a one-layer convolutional neural network architecture with multi-range kernels is employed. The MTCNN model receives a sequence of page browsing signals corresponding to a buyer. Each page browsing signal corresponds to a position in the sequence. One or more portions of the page browsing signals are selected. Each of the one or more portions of the page browsing signals and the corresponding position are embedded in one or more sequence embeddings. A fraud risk for each of the one or more sequence embeddings is predicted utilizing the MTCNN model.
    Type: Application
    Filed: May 30, 2024
    Publication date: December 4, 2025
    Inventors: Minghao GU, Bo Qu, Zhurong Wang, Daisuke Yagi, Zitao Zhang, Zhichao Han, Yang Zhao
  • Publication number: 20250365311
    Abstract: Inline detection of ransomware attacks using network traffic, such as server message block (SMB) traffic, is disclosed. A network communication between a client and a server is received. A determination is made, using the received network traffic, that a ransomware attack is being attempted against the server. In response to detecting the attempted ransomware attack, a remedial action is performed.
    Type: Application
    Filed: June 3, 2025
    Publication date: November 27, 2025
    Inventors: Zhibin Zhang, Mengying Jiang, Bo Qu, Sultanbek Omurzakov
  • Publication number: 20250356204
    Abstract: Various examples described herein support or provide operations including providing a prompt to a large language model (LLM) for generating reward functions. The prompt can include a set of instructions for generating a set of reward functions associated with training a reinforcement learning (RL) agent to predict an objective. The set of reward functions is obtained from the LLM and used to train one or more instances of an RL agent to predict the objective. A score representing accuracy of the predicted objective for the one or more instances of the RL agent is generated and an individual instance of the one or more instances of the RL agent is selected to predict the objective based on the generated score.
    Type: Application
    Filed: May 16, 2024
    Publication date: November 20, 2025
    Inventors: Bo Qu, Daisuke Yagi, Yang Zhao
  • Publication number: 20250348583
    Abstract: A malicious instructions detection model (“detector”) intercepts augmented prompts destined for a large language model (“LLM”). Each augmented prompt was augmented with data from potentially compromised data sources susceptible to indirect prompt injection attacks. The detector tokenizes/preprocesses sentences in the augmented prompts and is invoked on the tokenized/preprocessed sentences to obtain confidence scores that each sentence comprises malicious instructions. If one or more of the confidence scores is above a threshold, the detector blocks the augmented prompt and generates an alert indicating the blocking and the malicious instructions. Otherwise, the detector communicates the augmented prompt to its intended LLM.
    Type: Application
    Filed: May 7, 2024
    Publication date: November 13, 2025
    Inventors: Chien-Hua Lu, Bo Qu, Xu Zou, Sergey Sviridov
  • Publication number: 20250323939
    Abstract: The present application discloses a method, system, and computer system for detecting malicious SQL or command injection strings. The method includes obtaining an SQL or command injection string and determining whether the command injection string is malicious based at least in part on a machine learning model.
    Type: Application
    Filed: June 24, 2025
    Publication date: October 16, 2025
    Inventors: Zhibin Zhang, Jin Chen, Yu Fu, Stefan Achleitner, Bo Qu, Lei Xu
  • Patent number: 12445484
    Abstract: Inline detection of ransomware attacks using network traffic, such as server message block (SMB) traffic, is disclosed. A network communication between a client and a server is received. A determination is made, using the received network traffic, that a ransomware attack is being attempted against the server. In response to detecting the attempted ransomware attack, a remedial action is performed.
    Type: Grant
    Filed: March 30, 2023
    Date of Patent: October 14, 2025
    Assignee: Palo Alto Networks, Inc.
    Inventors: Zhibin Zhang, Mengying Jiang, Bo Qu, Sultanbek Omurzakov
  • Publication number: 20250272552
    Abstract: Various embodiments described herein support or provide operations including identifying a machine-learning (ML) model associated with an omni-view knowledge graph; generating an embedding vector that represents the omni-view knowledge graph; identifying a ML model associated with a temporal-view knowledge graph; generating an embedding vector that represents the temporal-view knowledge graph; and training a ML model based on the generated embedding vectors.
    Type: Application
    Filed: February 23, 2024
    Publication date: August 28, 2025
    Inventors: Zhichao Han, Zitao Zhang, Bo Qu, Yang Zhao, Yinan Shan, Hang Yin, Wenyu Dong, Weiming Liang
  • Patent number: 12388987
    Abstract: An encoding method and an encoder are provided to improve image compression performance. An embodiment of the encoding method determines an encoding quantization parameter, QP, and precodes a to-be-encoded block using the encoding QP to obtain encoding result information. The encoding QP is then adjusted based on the encoding result information, and then real encoding is performed on the to-be-encoded block by using an adjusted encoding QP. An embodiment of the encoder includes a bit rate control module to determine a first QP, and a precoding module to precode a to-be-encoded block using the QP to obtain precoding result information. The encoder further includes another bit rate control module to adjust the QP based on the precoding result information to obtain a second QP, and a real encoding module to encode the to-be-encoded block using the second QP.
    Type: Grant
    Filed: June 30, 2022
    Date of Patent: August 12, 2025
    Assignee: HUAWEI TECHNOLOGIES CO., LTD.
    Inventors: Junkai Feng, Bo Qu, Liping Wang
  • Patent number: 12381910
    Abstract: The present application discloses a method, system, and computer system for detecting malicious SQL or command injection strings. The method includes obtaining an SQL or command injection string and determining whether the command injection string is malicious based at least in part on a machine learning model.
    Type: Grant
    Filed: July 12, 2022
    Date of Patent: August 5, 2025
    Assignee: Palo Alto Networks, Inc.
    Inventors: Zhibin Zhang, Jin Chen, Yu Fu, Stefan Achleitner, Bo Qu, Lei Xu
  • Patent number: 12380212
    Abstract: The present application discloses a method, system, and computer system for detecting Return Oriented Programming (ROP) exploits. The method includes (i) intercepting, by one or more processors, a memory attribute change function for a sample; (ii) determining if a return address is associated with a shellcode address, and (iii) in response to determining that the return address is associated with the shellcode address, determining that the sample is an ROP exploit.
    Type: Grant
    Filed: March 16, 2023
    Date of Patent: August 5, 2025
    Assignee: Palo Alto Networks, Inc.
    Inventors: Tao Yan, Edouard Bochin, Bo Qu, Zhibin Zhang, Michael Harbison