Patents by Inventor Daniel G. Moen
Daniel G. Moen has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20210258330Abstract: Techniques are provided for detecting compromised credentials in a credential stuffing attack. A set model is trained based on a first set of spilled credentials. The set model does not comprise any credential of the first set of spilled credentials. A first request is received from a client computer with a first candidate credential to login to a server computer. The first candidate credential is tested for membership in the first set of spilled credentials using the set model. In response to determining the first set of spilled credentials includes the first candidate credential using the set model, one or more negative actions is performed.Type: ApplicationFiled: April 16, 2021Publication date: August 19, 2021Inventors: Daniel G. Moen, Carl Schroeder
-
Patent number: 11044261Abstract: Techniques are provided for detecting compromised credentials in a credential stuffing attack. A set model is trained based on a first set of spilled credentials. The set model does not comprise any credential of the first set of spilled credentials. A first request is received from a client computer with a first candidate credential to login to a server computer. The first candidate credential is tested for membership in the first set of spilled credentials using the set model. In response to determining the first set of spilled credentials includes the first candidate credential using the set model, one or more negative actions is performed.Type: GrantFiled: June 29, 2018Date of Patent: June 22, 2021Assignee: SHAPE SECURITY, INC.Inventors: Daniel G Moen, Carl Schroeder
-
Patent number: 10911438Abstract: Techniques are provided for secure detection and management of compromised credentials. A first candidate credential is received, comprising a first username and a first password, wherein the first candidate credential was sent in a first request from a first client computer to log in to a first server computer. A first salt associated with the first username in a salt database is obtained. A first hashed credential is generated based on the first password and the first salt. The first hashed credential is transmitted to a set model server computer, wherein the set model server computer is configured to maintain a set model that represents a set of spilled credentials, determine whether the first hashed credential is represented in the set model, and in response to determining that the first hashed credential is represented in the set model, performing additional processing on the first hashed credential.Type: GrantFiled: July 2, 2018Date of Patent: February 2, 2021Assignee: Shape Security, Inc.Inventors: Zhipu Jin, Gautam Agrawal, Daniel G. Moen, Weiguo Liang, Xingang Wang
-
Publication number: 20190140835Abstract: Techniques are provided for blind hash compression, such as serving, from a computer server system and to a plurality of different computing devices remote from the computer server system, web code and code for reporting status of the computing devices; receiving from one or more of the computing devices, first data that indicates a parameter of the one or more computing devices, the first data in a compressed format; receiving from one or more others of the computing devices, second data that indicates the parameter of the one or more others of the computing devices, the second data in an uncompressed format; and compressing the second data and comparing the compressed second data to the first data to correlate the first data to the second data. The code for reporting status of the computing devices can include code for allowing the computing devices to determine whether to send the first or second data.Type: ApplicationFiled: December 30, 2018Publication date: May 9, 2019Applicant: Shape Security, Inc.Inventors: Daniel G. Moen, Bryan D. Hanks
-
Patent number: 10212137Abstract: A computer-implemented method includes serving, from a computer server system and to a plurality of different computing devices remote from the computer server system, web code and code for reporting status of the computing devices; receiving from one or more of the computing devices, first data that indicates a parameter of the one or more computing devices, the first data in a compressed format; receiving from one or more others of the computing devices, second data that indicates the parameter of the one or more others of the computing devices, the second data in an uncompressed format; and compressing the second data and comparing the compressed second data to the first data to correlate the first data to the second data. The code for reporting status of the computing devices can include code for allowing the computing devices to determine whether to send the first or second data.Type: GrantFiled: December 28, 2015Date of Patent: February 19, 2019Inventors: Daniel G. Moen, Bryan D. Hanks
-
Publication number: 20190007428Abstract: Techniques are provided for detecting compromised credentials in a credential stuffing attack. A set model is trained based on a first set of spilled credentials. The set model does not comprise any credential of the first set of spilled credentials. A first request is received from a client computer with a first candidate credential to login to a server computer. The first candidate credential is tested for membership in the first set of spilled credentials using the set model. In response to determining the first set of spilled credentials includes the first candidate credential using the set model, one or more negative actions is performed.Type: ApplicationFiled: June 29, 2018Publication date: January 3, 2019Applicant: SHAPE SECURITY, INC.Inventors: Daniel G Moen, Carl Schroeder
-
Publication number: 20190007387Abstract: Techniques are provided for secure detection and management of compromised credentials. A first candidate credential is received, comprising a first username and a first password, wherein the first candidate credential was sent in a first request from a first client computer to log in to a first server computer. A first salt associated with the first username in a salt database is obtained. A first hashed credential is generated based on the first password and the first salt. The first hashed credential is transmitted to a set model server computer, wherein the set model server computer is configured to maintain a set model that represents a set of spilled credentials, determine whether the first hashed credential is represented in the set model, and in response to determining that the first hashed credential is represented in the set model, performing additional processing on the first hashed credential.Type: ApplicationFiled: July 2, 2018Publication date: January 3, 2019Applicant: SHAPE SECURITY, INC.Inventors: Zhipu Jin, Gautam Agrawal, Daniel G. Moen, Weiguo Liang, Xingang Wang
-
Patent number: 9225729Abstract: A computer-implemented method includes serving, from a computer server system and to a plurality of different computing devices remote from the computer server system, web code and code for reporting status of the computing devices; receiving from one or more of the computing devices, first data that indicates a parameter of the one or more computing devices, the first data in a compressed format; receiving from one or more others of the computing devices, second data that indicates the parameter of the one or more others of the computing devices, the second data in an uncompressed format; and compressing the second data and comparing the compressed second data to the first data to correlate the first data to the second data. The code for reporting status of the computing devices can include code for allowing the computing devices to determine whether to send the first or second data.Type: GrantFiled: January 21, 2014Date of Patent: December 29, 2015Assignee: Shape Security, Inc.Inventors: Daniel G Moen, Bryan D Hanks
-
Publication number: 20130054817Abstract: Various systems, processes, and products may be used to provide disaggregated server load balancing. In particular implementations, systems, processes, and products may include the ability to receive a connection request at an application delivery controller from a client device, analyze the connection request to determine one of a plurality of application delivery controller agents to handle the connection request, send the connection request to the determined application delivery controller agent, and analyze the connection at the determined application delivery controller agent request to determine an application server to handle the connection request.Type: ApplicationFiled: August 29, 2011Publication date: February 28, 2013Applicant: CISCO TECHNOLOGY, INC.Inventors: Daniel G. Moen, Jason D. Notari