Patents by Inventor Carl Schroeder
Carl Schroeder has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11139966Abstract: Techniques are provided for security code for integration with an application. A first request associated with a request by an application to an application server is received. The application includes security code that performs a set of one or more operations on one or more input parameters. The application is provided one or more parameter values, wherein the security code generates a secret cryptographic key based on the one or more parameter values. A security key is received that includes encrypted client data collected at the client device that is encrypted using the secret cryptographic key. The secret cryptographic key is generated based on the one or more parameter values and knowledge of the set of one or more operations. It is determined that the decrypted client data matches a pattern of data associated with malware. The application server is prevented from processing a second request.Type: GrantFiled: December 31, 2019Date of Patent: October 5, 2021Assignee: SHAPE SECURITY, INC.Inventors: Carl Schroeder, Ariya Hidayat, Chandrasekhar Rentachintala, Ricky Y. Chiu
-
Publication number: 20210258330Abstract: Techniques are provided for detecting compromised credentials in a credential stuffing attack. A set model is trained based on a first set of spilled credentials. The set model does not comprise any credential of the first set of spilled credentials. A first request is received from a client computer with a first candidate credential to login to a server computer. The first candidate credential is tested for membership in the first set of spilled credentials using the set model. In response to determining the first set of spilled credentials includes the first candidate credential using the set model, one or more negative actions is performed.Type: ApplicationFiled: April 16, 2021Publication date: August 19, 2021Inventors: Daniel G. Moen, Carl Schroeder
-
Patent number: 11044261Abstract: Techniques are provided for detecting compromised credentials in a credential stuffing attack. A set model is trained based on a first set of spilled credentials. The set model does not comprise any credential of the first set of spilled credentials. A first request is received from a client computer with a first candidate credential to login to a server computer. The first candidate credential is tested for membership in the first set of spilled credentials using the set model. In response to determining the first set of spilled credentials includes the first candidate credential using the set model, one or more negative actions is performed.Type: GrantFiled: June 29, 2018Date of Patent: June 22, 2021Assignee: SHAPE SECURITY, INC.Inventors: Daniel G Moen, Carl Schroeder
-
Publication number: 20200136820Abstract: Techniques are provided for security code for integration with an application. A first request associated with a request by an application to an application server is received. The application includes security code that performs a set of one or more operations on one or more input parameters. The application is provided one or more parameter values, wherein the security code generates a secret cryptographic key based on the one or more parameter values. A security key is received that includes encrypted client data collected at the client device that is encrypted using the secret cryptographic key. The secret cryptographic key is generated based on the one or more parameter values and knowledge of the set of one or more operations. It is determined that the decrypted client data matches a pattern of data associated with malware. The application server is prevented from processing a second request.Type: ApplicationFiled: December 31, 2019Publication date: April 30, 2020Applicant: Shape Security, Inc.Inventors: Carl Schroeder, Ariya Hidayat, Chandrasekhar Rentachintala, Ricky Y. Chiu
-
Patent number: 10567171Abstract: Techniques are provided for client-side security key generation. An initial request is received from an application executing on a client device. The application includes a security component includes security code. In response to the initial request, a key component is generated. The key component includes one or more parameters from which a valid security key can be generated at the client device by executing the security code. The key component is provided to the client device. A security key associated with a request from the client device to an application server is received. The security key is checked for validity. In response to determining that the security key is valid, processing of the request by the application server is caused.Type: GrantFiled: June 30, 2017Date of Patent: February 18, 2020Assignee: Shape Security, Inc.Inventors: Carl Schroeder, Ariya Hidayat, Chandrasekhar Rentachintala, Ricky Y. Chiu
-
Publication number: 20190373012Abstract: A computer system configured to improve security of server computers interacting with client computers, the system comprising: one or more processors executing instructions that cause the one or more processors to: select, from the plurality of detection tests, one or more first detection tests to be performed by a client computer; send, to the client computer, a first set of detection instructions that define the one or more first detection tests, and which when executed causes generating a first set of results that identifies a first set of characteristics of the client computer; receive the first set of results from the client computer; select one or more first countermeasures from a plurality of countermeasures based on the first set of characteristics identified in the first set of results; send, to the client computer, a first set of countermeasure instructions that define the one or more first countermeasures.Type: ApplicationFiled: June 18, 2019Publication date: December 5, 2019Applicant: Shape Security, Inc.Inventors: Eli Mattson, Carl Schroeder, Bei Zhang, Sergey Shekyan, Salman Saghafi, Jarrod Overson, Lewis Ellis
-
Patent number: 10326790Abstract: A computer system configured to improve security of server computers interacting with client computers, the system comprising: one or more processors executing instructions that cause the one or more processors to: select, from the plurality of detection tests, one or more first detection tests to be performed by a client computer; send, to the client computer, a first set of detection instructions that define the one or more first detection tests, and which when executed causes generating a first set of results that identifies a first set of characteristics of the client computer; receive the first set of results from the client computer; select one or more first countermeasures from a plurality of countermeasures based on the first set of characteristics identified in the first set of results; send, to the client computer, a first set of countermeasure instructions that define the one or more first countermeasures.Type: GrantFiled: February 10, 2017Date of Patent: June 18, 2019Inventors: Eli Mattson, Carl Schroeder, Bei Zhang, Sergey Shekyan, Salman Saghafi, Jarrod Overson, Lewis Ellis
-
Publication number: 20190007428Abstract: Techniques are provided for detecting compromised credentials in a credential stuffing attack. A set model is trained based on a first set of spilled credentials. The set model does not comprise any credential of the first set of spilled credentials. A first request is received from a client computer with a first candidate credential to login to a server computer. The first candidate credential is tested for membership in the first set of spilled credentials using the set model. In response to determining the first set of spilled credentials includes the first candidate credential using the set model, one or more negative actions is performed.Type: ApplicationFiled: June 29, 2018Publication date: January 3, 2019Applicant: SHAPE SECURITY, INC.Inventors: Daniel G Moen, Carl Schroeder
-
Publication number: 20180006814Abstract: Techniques are provided for client-side security key generation. An initial request is received from an application executing on a client device. The application includes a security component includes security code. In response to the initial request, a key component is generated. The key component includes one or more parameters from which a valid security key can be generated at the client device by executing the security code. The key component is provided to the client device. A security key associated with a request from the client device to an application server is received. The security key is checked for validity. In response to determining that the security key is valid, processing of the request by the application server is caused.Type: ApplicationFiled: June 30, 2017Publication date: January 4, 2018Inventors: Carl Schroeder, Ariya Hidayat, Chandrasekhar Rentachintala, Ricky Y. Chiu
-
Patent number: 9825995Abstract: A computer-implemented method includes receiving, at a first server sub-system, content served to a client computing device; transcoding, with the first server sub-system, the received content using a policy received from a second security sub-system; determining, with the first server sub-system that the second server sub-system has likely ceased operating properly; receiving a request to vote on a leader server sub-system from one or more server sub-systems, and voting for from of the one or more server sub-systems; and subsequently transcoding received content according to a policy received from another of the server sub-systems that is not the second server sub-system.Type: GrantFiled: January 14, 2015Date of Patent: November 21, 2017Assignee: Shape Security, Inc.Inventors: Carl Schroeder, Justin D. Call, Siying Yang
-
Publication number: 20170237766Abstract: A computer system configured to improve security of server computers interacting with client computers, the system comprising: one or more processors executing instructions that cause the one or more processors to: select, from the plurality of detection tests, one or more first detection tests to be performed by a client computer; send, to the client computer, a first set of detection instructions that define the one or more first detection tests, and which when executed causes generating a first set of results that identifies a first set of characteristics of the client computer; receive the first set of results from the client computer; select one or more first countermeasures from a plurality of countermeasures based on the first set of characteristics identified in the first set of results; send, to the client computer, a first set of countermeasure instructions that define the one or more first countermeasures.Type: ApplicationFiled: February 10, 2017Publication date: August 17, 2017Inventors: Eli Mattson, Carl Schroeder, Bei Zhang, Sergey Shekyan, Salman Saghafi, Jarrod Overson, Lewis Ellis
-
Patent number: 5911665Abstract: A polymeric film and method for overcoming the problem of "pinholes" created in filled pouches by the harmonic motion occurring during transport of the filled pouches. The polymeric film composed of from about 5% to about 95% by weight of a first polymeric material having an elongation at break of more than about 500% in the machine direction and more than about 600% in the transverse direction, and from 5% by weight to about 95% by weight of a second polymeric material having a density of at least about 0.915 g/cm.sup.3 and selected from the group consisting of polyethylene and ethylene copolymers. The first polymeric material includes a very low density linear ethylene interpolymerized from ethylene and at least one alpha-olefin in the range of C.sub.3 -C.sub.10. The film may be fabricated into pouches and the pouches stacked for transportation.Type: GrantFiled: April 3, 1996Date of Patent: June 15, 1999Assignee: Tetra Laval Holdings & Finance SAInventors: Ramin Heydarpour, Sriram Venkatasanthanam, David Carl Schroeder
-
Patent number: D264893Type: GrantFiled: January 21, 1980Date of Patent: June 15, 1982Inventor: Carl Schroeder