Patents by Inventor Daniel ELLAM

Daniel ELLAM has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20210279311
    Abstract: Examples associated with user authentication are described. One example system includes a set of authentication modules. A data store stores data describing disruption ratings of members of the set of authentication modules. A user confidence module maintains a confidence rating that a current user of a device is an authenticated user of the device. The confidence module controls execution of the authentication modules based on the confidence rating and on the disruption ratings of the authentication modules. The user confidence module controls execution of relatively less disruptive authentication modules when the user confidence module is confident that the current user of the device is the authenticated user of the device. The user confidence module maintains the confidence rating based on feedback received from authentication modules.
    Type: Application
    Filed: April 11, 2017
    Publication date: September 9, 2021
    Applicant: Hewlett-Packard Development Company, L.P.
    Inventors: Gurchetan Grewal, Daniel Ellam, Joshua S. Schiffman, James M. Mann
  • Publication number: 20210203671
    Abstract: In an example, there is provided a method for tracking domain name server (DNS) requests, wherein the method comprises determining whether a DNS request has resolved; and for each non-resolving DNS request decomposing the domain name of the request into multiple components, determining, for each component, a value of a metric representing the occurrence of the component in a corpus, generating a scaling factor for the request on the basis of the values for each component, and incrementing a count of the total number of non-resolving DNS requests by a scaled value on the basis of the scaling factor.
    Type: Application
    Filed: September 18, 2018
    Publication date: July 1, 2021
    Applicant: Hewlett-Packard Development Company, L.P.
    Inventors: Adrian John Baldwin, Daniel Ellam, Jonathan Griffing, Stuart Lees
  • Publication number: 20210166548
    Abstract: In an example, a method includes monitoring, by at least one processor, a computing system. An alert related to the computing system may be generated based on a threshold value. An analysts handling of the alert may be monitored and, based on the analysts handling of the alert, the threshold value for generating alerts may be adjusted.
    Type: Application
    Filed: July 23, 2018
    Publication date: June 3, 2021
    Applicant: Hewlett-Packard Development Company, L.P.
    Inventors: Daniel Ellam, Augusto Queiroz de Macedo, Matheus Eichelberger
  • Publication number: 20200351287
    Abstract: A method for address resolution request control in a network device of a network, the method comprises comparing address resolution requests submitted to network nodes from the network device against a predetermined threshold profile for the network device, and regulating a flow of address resolution requests from the network device in response to the comparison.
    Type: Application
    Filed: January 26, 2018
    Publication date: November 5, 2020
    Inventors: Stuart Lees, Adrian Baldwin, Daniel Ellam, Jonathan Griffin
  • Publication number: 20200311269
    Abstract: There is disclosed a method, computer program product and a system for regulating execution of a suspicious process, comprising determining a file system location of an executable file associated with the suspicious process, encrypting the file, and creating a wrapper for the file with the same file name and location as the file associated with the suspicious process.
    Type: Application
    Filed: October 30, 2017
    Publication date: October 1, 2020
    Applicant: Hewlett-Packard Development Company, L.P.
    Inventors: Daniel Ellam, Jonathan Griffin, Adrian Baldwin
  • Publication number: 20200050784
    Abstract: In an example, a method includes determining an operating environment of a device based on sensor data from a sensor of the device that senses surroundings of the device. Access to a resource may be controlled based on the operating environment and a status of a security feature of the device.
    Type: Application
    Filed: April 27, 2017
    Publication date: February 13, 2020
    Inventors: Daniel Ellam, Gurchetan Grewal
  • Publication number: 20200034540
    Abstract: In an example, a machine-readable medium includes instructions that, when executed by a processor, cause the processor to order, as part of an execution of a trusted process, a plurality of processes into a sequence comprising a first process, at least one intermediate process, and a last process. The machine-readable medium may further comprise instruction to cause the processor to generate, as part of an execution of the first process, a value based on a code portion of the process following the first process in the sequence, and to generate, as part of an execution of each intermediate process, a respective value based on the value generated by the process preceding the intermediate process in the sequence and based on a code portion associated with the process following the intermediate process in the sequence.
    Type: Application
    Filed: April 18, 2017
    Publication date: January 30, 2020
    Applicant: Hewlett-Packard Development Company, L.P.
    Inventors: Remy Husson, Adrian Baldwin, Daniel Ellam
  • Publication number: 20190087572
    Abstract: Examples associated with ransomware attack monitoring are described. One example includes a monitor module to monitor files stored on the system for sequences of file accesses that match a predefined pattern of file accesses. An investigation module is activated when a number of sequences of file accesses that match the predefined pattern exceeds a first threshold. The investigation module logs actions taken by processes to modify files. A reaction module pauses a set of processes operating on the system when the number of sequences of file accesses that match the predefined pattern exceeds a second threshold. The reaction module then identifies processes associated with a suspected ransomware attack based on the logging performed by the investigation module, and resumes legitimate processes.
    Type: Application
    Filed: December 15, 2016
    Publication date: March 21, 2019
    Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.
    Inventors: Daniel ELLAM, Adrian BALDWIN, Remy HUSSON