Patents by Inventor Brian Fehrman

Brian Fehrman has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 11570190
    Abstract: A method for characterizing network traffic is provided. The method includes maintaining a database identifying a plurality of digital certificates and a number of Internet Protocol addresses associated with each of the plurality of digital certificates, capturing network traffic over a network connection at a network connected device, analyzing the network traffic by determining the digital certificates associated with Internet Protocol addresses associated with the network traffic and a number of Internet Protocol addresses associated with each of the digital certificates and updating the database, and characterizing at least one of the Internet Protocol addresses associated with one of the digital certificates based on the number of Internet Protocol addresses associated with the one of the digital certificates.
    Type: Grant
    Filed: March 20, 2020
    Date of Patent: January 31, 2023
    Assignee: NETSEC CONCEPTS LLC
    Inventors: Brian Fehrman, Elizabeth Woody, Joseph Lillo
  • Publication number: 20200304529
    Abstract: A method for characterizing network traffic is provided. The method includes maintaining a database identifying a plurality of digital certificates and a number of Internet Protocol addresses associated with each of the plurality of digital certificates, capturing network traffic over a network connection at a network connected device, analyzing the network traffic by determining the digital certificates associated with Internet Protocol addresses associated with the network traffic and a number of Internet Protocol addresses associated with each of the digital certificates and updating the database, and characterizing at least one of the Internet Protocol addresses associated with one of the digital certificates based on the number of Internet Protocol addresses associated with the one of the digital certificates.
    Type: Application
    Filed: March 20, 2020
    Publication date: September 24, 2020
    Applicant: NetSec Concepts LLC
    Inventors: Brian Fehrman, Elizabeth Woody, Joseph Lillo
  • Patent number: 10681075
    Abstract: A method for detecting malware beaconing in a network is provided. The method includes maintaining a database identifying a plurality of server certificates and a number of Internet Protocol addresses associated with each of the plurality of server certificates, capturing network traffic over a network connection at a network connected device, and analyzing the network traffic by determining SSL and/or TLS server certificates associated with Internet Protocol addresses associated with the network traffic and a number of servers associated with each of the server certificates wherein a greater number of servers associated with a particular one of the server certificates is indicative of less likelihood of malware beaconing. The method may include further analyzing the network traffic to determine malware beaconing, wherein the further analyzing is performed by a computing device.
    Type: Grant
    Filed: March 22, 2019
    Date of Patent: June 9, 2020
    Assignee: NETSEC CONCEPTS LLC
    Inventors: Brian Fehrman, Elizabeth Woody, Joseph Lillo
  • Publication number: 20190222600
    Abstract: A method for detecting malware beaconing in a network is provided. The method includes maintaining a database identifying a plurality of server certificates and a number of Internet Protocol addresses associated with each of the plurality of server certificates, capturing network traffic over a network connection at a network connected device, and analyzing the network traffic by determining SSL and/or TLS server certificates associated with Internet Protocol addresses associated with the network traffic and a number of servers associated with each of the server certificates wherein a greater number of servers associated with a particular one of the server certificates is indicative of less likelihood of malware beaconing. The method may include further analyzing the network traffic to determine malware beaconing, wherein the further analyzing is performed by a computing device.
    Type: Application
    Filed: March 22, 2019
    Publication date: July 18, 2019
    Applicant: NetSec Concepts LLC
    Inventors: Brian Fehrman, Elizabeth Woody, Joseph Lillo
  • Patent number: 10264007
    Abstract: A method for detecting malware beaconing in a network, the method includes capturing network traffic over a network connection at a network connected device, representing the network traffic over the network connection as a set of tuples wherein each of the tuples includes at least a source Internet Protocol address, a destination Internet Protocol address, and a destination port, associating timestamps with each of the set of tuples, and analyzing the tuples using the timestamps based on frequency of connections to determine malware beaconing on the network, wherein the analyzing is performed by a computing device.
    Type: Grant
    Filed: April 19, 2018
    Date of Patent: April 16, 2019
    Assignee: NETSEC CONCEPTS, LLC
    Inventor: Brian Fehrman
  • Publication number: 20180241765
    Abstract: A method for detecting malware beaconing in a network, the method includes capturing network traffic over a network connection at a network connected device, representing the network traffic over the network connection as a set of tuples wherein each of the tuples includes at least a source Internet Protocol address, a destination Internet Protocol address, and a destination port, associating timestamps with each of the set of tuples, and analyzing the tuples using the timestamps based on frequency of connections to determine malware beaconing on the network, wherein the analyzing is performed by a computing device.
    Type: Application
    Filed: April 19, 2018
    Publication date: August 23, 2018
    Applicant: NetSec Concepts LLC
    Inventor: Brian Fehrman
  • Patent number: 9979741
    Abstract: A method for detecting malware beaconing in a network, the method includes capturing network traffic over a network connection at a network connected device, representing the network traffic over the network connection as a set of tuples wherein each of the tuples defines an OSI layer 4 communications session and includes at least a source Internet Protocol address, a destination Internet Protocol address, and a destination port, associating timestamps with each of the set of tuples, and analyzing the tuples using the timestamps based on frequency of connections to determine malware beaconing on the network, wherein the analyzing is performed by a computing device.
    Type: Grant
    Filed: December 28, 2015
    Date of Patent: May 22, 2018
    Assignee: NETSEC CONCEPTS, LLC
    Inventor: Brian Fehrman
  • Publication number: 20170187736
    Abstract: A method for detecting malware beaconing in a network, the method includes capturing network traffic over a network connection at a network connected device, representing the network traffic over the network connection as a set of tuples wherein each of the tuples defines an OSI layer 4 communications session and includes at least a source Internet Protocol address, a destination Internet Protocol address, and a destination port, associating timestamps with each of the set of tuples, and analyzing the tuples using the timestamps based on frequency of connections to determine malware beaconing on the network, wherein the analyzing is performed by a computing device.
    Type: Application
    Filed: December 28, 2015
    Publication date: June 29, 2017
    Inventor: Brian Fehrman