Patents by Inventor Brian Fehrman
Brian Fehrman has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11570190Abstract: A method for characterizing network traffic is provided. The method includes maintaining a database identifying a plurality of digital certificates and a number of Internet Protocol addresses associated with each of the plurality of digital certificates, capturing network traffic over a network connection at a network connected device, analyzing the network traffic by determining the digital certificates associated with Internet Protocol addresses associated with the network traffic and a number of Internet Protocol addresses associated with each of the digital certificates and updating the database, and characterizing at least one of the Internet Protocol addresses associated with one of the digital certificates based on the number of Internet Protocol addresses associated with the one of the digital certificates.Type: GrantFiled: March 20, 2020Date of Patent: January 31, 2023Assignee: NETSEC CONCEPTS LLCInventors: Brian Fehrman, Elizabeth Woody, Joseph Lillo
-
Publication number: 20200304529Abstract: A method for characterizing network traffic is provided. The method includes maintaining a database identifying a plurality of digital certificates and a number of Internet Protocol addresses associated with each of the plurality of digital certificates, capturing network traffic over a network connection at a network connected device, analyzing the network traffic by determining the digital certificates associated with Internet Protocol addresses associated with the network traffic and a number of Internet Protocol addresses associated with each of the digital certificates and updating the database, and characterizing at least one of the Internet Protocol addresses associated with one of the digital certificates based on the number of Internet Protocol addresses associated with the one of the digital certificates.Type: ApplicationFiled: March 20, 2020Publication date: September 24, 2020Applicant: NetSec Concepts LLCInventors: Brian Fehrman, Elizabeth Woody, Joseph Lillo
-
Patent number: 10681075Abstract: A method for detecting malware beaconing in a network is provided. The method includes maintaining a database identifying a plurality of server certificates and a number of Internet Protocol addresses associated with each of the plurality of server certificates, capturing network traffic over a network connection at a network connected device, and analyzing the network traffic by determining SSL and/or TLS server certificates associated with Internet Protocol addresses associated with the network traffic and a number of servers associated with each of the server certificates wherein a greater number of servers associated with a particular one of the server certificates is indicative of less likelihood of malware beaconing. The method may include further analyzing the network traffic to determine malware beaconing, wherein the further analyzing is performed by a computing device.Type: GrantFiled: March 22, 2019Date of Patent: June 9, 2020Assignee: NETSEC CONCEPTS LLCInventors: Brian Fehrman, Elizabeth Woody, Joseph Lillo
-
Publication number: 20190222600Abstract: A method for detecting malware beaconing in a network is provided. The method includes maintaining a database identifying a plurality of server certificates and a number of Internet Protocol addresses associated with each of the plurality of server certificates, capturing network traffic over a network connection at a network connected device, and analyzing the network traffic by determining SSL and/or TLS server certificates associated with Internet Protocol addresses associated with the network traffic and a number of servers associated with each of the server certificates wherein a greater number of servers associated with a particular one of the server certificates is indicative of less likelihood of malware beaconing. The method may include further analyzing the network traffic to determine malware beaconing, wherein the further analyzing is performed by a computing device.Type: ApplicationFiled: March 22, 2019Publication date: July 18, 2019Applicant: NetSec Concepts LLCInventors: Brian Fehrman, Elizabeth Woody, Joseph Lillo
-
Patent number: 10264007Abstract: A method for detecting malware beaconing in a network, the method includes capturing network traffic over a network connection at a network connected device, representing the network traffic over the network connection as a set of tuples wherein each of the tuples includes at least a source Internet Protocol address, a destination Internet Protocol address, and a destination port, associating timestamps with each of the set of tuples, and analyzing the tuples using the timestamps based on frequency of connections to determine malware beaconing on the network, wherein the analyzing is performed by a computing device.Type: GrantFiled: April 19, 2018Date of Patent: April 16, 2019Assignee: NETSEC CONCEPTS, LLCInventor: Brian Fehrman
-
Publication number: 20180241765Abstract: A method for detecting malware beaconing in a network, the method includes capturing network traffic over a network connection at a network connected device, representing the network traffic over the network connection as a set of tuples wherein each of the tuples includes at least a source Internet Protocol address, a destination Internet Protocol address, and a destination port, associating timestamps with each of the set of tuples, and analyzing the tuples using the timestamps based on frequency of connections to determine malware beaconing on the network, wherein the analyzing is performed by a computing device.Type: ApplicationFiled: April 19, 2018Publication date: August 23, 2018Applicant: NetSec Concepts LLCInventor: Brian Fehrman
-
Patent number: 9979741Abstract: A method for detecting malware beaconing in a network, the method includes capturing network traffic over a network connection at a network connected device, representing the network traffic over the network connection as a set of tuples wherein each of the tuples defines an OSI layer 4 communications session and includes at least a source Internet Protocol address, a destination Internet Protocol address, and a destination port, associating timestamps with each of the set of tuples, and analyzing the tuples using the timestamps based on frequency of connections to determine malware beaconing on the network, wherein the analyzing is performed by a computing device.Type: GrantFiled: December 28, 2015Date of Patent: May 22, 2018Assignee: NETSEC CONCEPTS, LLCInventor: Brian Fehrman
-
Publication number: 20170187736Abstract: A method for detecting malware beaconing in a network, the method includes capturing network traffic over a network connection at a network connected device, representing the network traffic over the network connection as a set of tuples wherein each of the tuples defines an OSI layer 4 communications session and includes at least a source Internet Protocol address, a destination Internet Protocol address, and a destination port, associating timestamps with each of the set of tuples, and analyzing the tuples using the timestamps based on frequency of connections to determine malware beaconing on the network, wherein the analyzing is performed by a computing device.Type: ApplicationFiled: December 28, 2015Publication date: June 29, 2017Inventor: Brian Fehrman