Patents by Inventor Daniel Kaminsky

Daniel Kaminsky has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 11376245
    Abstract: The present invention relates to compounds of formula (I) for use as peripheral NMDA receptor antagonists.
    Type: Grant
    Filed: June 13, 2017
    Date of Patent: July 5, 2022
    Assignees: INSTITUT NATIONAL DE LA SANTE ET DE LA RECHERCHE MEDICALE (INSERM), CENTRE NATIONAL DE LA RECHERCHE SCIENTIFIQUE (CNRS), UNIVERSITE PARIS SUD, ASSISTANCE PUBLIQUE—HOPITAUX DE PARIS (APHP), HOPITAL MARIE LANNELONGUE
    Inventors: Sylvia Cohen-Kaminsky, Marc Humbert, Sebastien Dumas, Gilles Bru-Mercier, Samir Messaoudi, Jean-Daniel Brion, Mouad Alami, Gilles Galvani
  • Patent number: 10447711
    Abstract: Disclosed herein are methods and systems for evaluating web browser behavior to report on human versus non-human activity, based on varying analyses of detectable properties. By passively detecting the code of a webpage engaged by a browsing user, the present invention evaluates the browsing user's activity in order to predict the type of user with a degree of confidence. The predictions are formed by acquiring information on how a user loads, navigates, and interacts with a webpage and comparing that information with known and unknown properties in various control groups. If the prediction yields a high likelihood of automated activity, additional active detection may be performed. Reports are compiled by analysis servers and made available to the operators of webpages. By compiling performance metrics and informing operators of fraudulent versus normal activity, the invention combats malicious automated traffic directed at any aspect of a given webpage.
    Type: Grant
    Filed: March 4, 2016
    Date of Patent: October 15, 2019
    Assignee: WHITE OPS INC.
    Inventor: Daniel Kaminsky
  • Patent number: 9661002
    Abstract: This invention leverages DNSSEC to makes post-password technologies work against endpoints across the globe, rather than solely within company walls. It describes a system by which DS records are encoded in NS names, which traverse well from the customer to the registry. This invention also proposes a series of steps through which DNSSEC can be explored as a useful solution to real world problems. By creating and further developing a mirror of the real DNS, which grows by combination of true DNS record information with specially synthesized authentication keys, DNSSEC scales, providing greater security and less risk of corrupting or erroneous online material. This same technology also evaluates user activity to create a database of statistics regarding automated activity, as compared to human activity. This database assists in identification and prevention, or at least mitigation, of potential future attacks on any given client by automated bot-driven activity.
    Type: Grant
    Filed: November 10, 2014
    Date of Patent: May 23, 2017
    Inventor: Daniel Kaminsky
  • Patent number: 9584543
    Abstract: A computer-implemented method and system for the validation of a true browsing user on a website is disclosed. The invention allows for the collection of data regarding the evolving threat landscape created by online attackers. The system and method fingerprint user behavior to detect differences between a local user, a remote/foreign user, and an automated script. The system then covertly transmits that information back to a financial institution client without giving online attackers the opportunity to notice such transmittal. Certain embodiments of the invention also correspond with the browsing user to validate their identity. The claimed system and method proactively reveal attackers and attack ploys, additionally enabling institutions and security consultants to adapt to attacks in an automated fashion.
    Type: Grant
    Filed: March 5, 2014
    Date of Patent: February 28, 2017
    Assignee: WHITE OPS, INC.
    Inventor: Daniel Kaminsky
  • Patent number: 9547726
    Abstract: A method for enabling access to a data resource, which is held on a file server (25) on a first local area network (LAN) (21a), by a client (28) on a second LAN (21b). A proxy receiver (48) on the second LAN (21b) intercepts a request for the data resource submitted by the client (28) and transmits a message via a wide area network (WAN) (29) to a proxy transmitter (52) on the first LAN (21a), requesting the data resource. The proxy transmitter (52) retrieves a replica of the data resource from the file server (25) and conveys the replica of the data resource over the WAN (29) to the proxy receiver (48), which serves the replica of the data resource from the proxy receiver (48) to the client (28) over the second LAN (21b).
    Type: Grant
    Filed: March 15, 2010
    Date of Patent: January 17, 2017
    Assignee: Cisco Technology, Inc.
    Inventors: Etai Lev Ran, Shahar Glixman, Israel Ben Shaul, Vita Bortnikov, Daniel Kaminsky, Danit Ben Kiki, Idan Zach, Israel Cidon
  • Publication number: 20160191554
    Abstract: Disclosed herein are methods and systems for evaluating web browser behavior to report on human versus non-human activity, based on varying analyses of detectable properties. By passively detecting the code of a webpage engaged by a browsing user, the present invention evaluates the browsing user's activity in order to predict the type of user with a degree of confidence. The predictions are formed by acquiring information on how a user loads, navigates, and interacts with a webpage and comparing that information with known and unknown properties in various control groups. If the prediction yields a high likelihood of automated activity, additional active detection may be performed. Reports are compiled by analysis servers and made available to the operators of webpages. By compiling performance metrics and informing operators of fraudulent versus normal activity, the invention combats malicious automated traffic directed at any aspect of a given webpage.
    Type: Application
    Filed: March 4, 2016
    Publication date: June 30, 2016
    Inventor: Daniel KAMINSKY
  • Publication number: 20160134639
    Abstract: This invention leverages DNSSEC to makes post-password technologies work against endpoints across the globe, rather than solely within company walls. It describes a system by which DS records are encoded in NS names, which traverse well from the customer to the registry. This invention also proposes a series of steps through which DNSSEC can be explored as a useful solution to real world problems. By creating and further developing a mirror of the real DNS, which grows by combination of true DNS record information with specially synthesized authentication keys, DNSSEC scales, providing greater security and less risk of corrupting or erroneous online material. This same technology also evaluates user activity to create a database of statistics regarding automated activity, as compared to human activity. This database assists in identification and prevention, or at least mitigation, of potential future attacks on any given client by automated bot-driven activity.
    Type: Application
    Filed: November 10, 2014
    Publication date: May 12, 2016
    Inventor: Daniel KAMINSKY
  • Patent number: 9313213
    Abstract: A method for determining if a web browser is being operated by a human or a non-human agent, based on analysis of certain aspects of how a user interacts with a webpage. By placing a code snippet into the code of a webpage prior to a given user accessing that webpage, one is able to evaluate the user's actions in order to predict the type of user. The predictions are made by acquiring information on how the user loads, navigates, and interacts with the webpage and comparing that information with statistics taken from a control group. Performance metrics from all webpages containing similar code elements are compiled by analysis servers and made available to the operator of a webpage through a variety of reporting mediums. By compiling such performance metrics, the method helps combat and prevent malicious automated traffic directed at advertisements and other aspects of a given webpage.
    Type: Grant
    Filed: October 18, 2013
    Date of Patent: April 12, 2016
    Assignee: WHITE OPS, INC.
    Inventors: Daniel Kaminsky, Michael J. J. Tiffany
  • Patent number: 9154557
    Abstract: One embodiment comprises an apparatus for automatic proxy registration and discovery in a multi-proxy communication system. The apparatus executes a proxy server that is configured to provide optimized connections to remote proxy servers that are communicatively connected to the proxy server over a Wide Area Network (WAN). A file server, which is communicatively connected to the proxy server over a Local Area Network (LAN), is automatically discovered. An association record corresponding to the file server is created, where the association record identifies the file server and the proxy server and indicates that the proxy server is configured to provide the remote proxy servers with optimized connections to the file server. The association record is registered with a centralized database server, where the remote proxy servers are communicatively connected to the centralized database server over the WAN.
    Type: Grant
    Filed: October 12, 2006
    Date of Patent: October 6, 2015
    Assignee: Cisco Technology, Inc.
    Inventors: Etai Lev-Ran, Leonid Vasetsky, Daniel Kaminsky
  • Publication number: 20150256556
    Abstract: A computer-implemented method and system for the validation of a true browsing user on a website is disclosed. The invention allows for the collection of data regarding the evolving threat landscape created by online attackers. The system and method fingerprint user behavior to detect differences between a local user, a remote/foreign user, and an automated script. The system then covertly transmits that information back to a financial institution client without giving online attackers the opportunity to notice such transmittal. Certain embodiments of the invention also correspond with the browsing user to validate their identity. The claimed system and method proactively reveal attackers and attack ploys, additionally enabling institutions and security consultants to adapt to attacks in an automated fashion.
    Type: Application
    Filed: March 5, 2014
    Publication date: September 10, 2015
    Inventor: Daniel KAMINSKY
  • Patent number: 9106695
    Abstract: This invention leverages DNSSEC to makes post-password technologies work against endpoints across the globe, rather than solely within company walls. It describes a system by which DS records are encoded in NS names, which traverse well from the customer to the registry. This invention also proposes a series of steps through which DNSSEC can be explored as a useful solution to real world problems. By creating and further developing a mirror of the real DNS, which grows by combination of true DNS record information with specially synthesized authentication keys, DNSSEC scales, providing greater security and less risk of corrupting or erroneous online material. This same technology also evaluates user activity to create a database of statistics regarding automated activity, as compared to human activity. This database assists in identification and prevention, or at least mitigation, of potential future attacks on any given client by automated bot-driven activity.
    Type: Grant
    Filed: March 14, 2013
    Date of Patent: August 11, 2015
    Inventor: Daniel Kaminsky
  • Publication number: 20150156084
    Abstract: A method for determining if a web browser is being operated by a human or a non-human agent, based on analysis of certain aspects of how a user interacts with a webpage. By using different ways of detection, one is able to evaluate the user's actions in order to predict the type of user. The predictions are made by acquiring information on how the user loads, navigates, and interacts with the webpage and comparing that information with statistics taken from a control group. Performance metrics from all webpages containing similar elements are compiled by analysis servers and made available to the operator of a webpage through a variety of reporting mediums. By compiling such performance metrics, the method helps combat and prevent malicious automated traffic directed at advertisements and other aspects of a given webpage.
    Type: Application
    Filed: December 2, 2013
    Publication date: June 4, 2015
    Inventors: Daniel KAMINSKY, Michael J.J. TIFFANY
  • Publication number: 20150156214
    Abstract: A method for determining if a web browser is being operated by a local human or a remote agent, based on analysis of certain aspects of how the different users interact with a webpage. By employing various detection mechanisms, one is able to evaluate the user's actions in order to predict the type of user. The predictions are made by acquiring information on how the user loads, navigates, and interacts with the webpage and comparing that information with statistics taken from a control group. Performance metrics from all webpages containing similar elements are compiled by analysis servers and made available to the operator of a webpage through a variety of reporting mediums. By compiling such performance metrics, the method helps combat and prevent malicious automated traffic directed at advertisements and other aspects of a given webpage.
    Type: Application
    Filed: February 11, 2015
    Publication date: June 4, 2015
    Inventor: Daniel KAMINSKY
  • Publication number: 20150112892
    Abstract: A method for determining if a web browser is being operated by a human or a non-human agent, based on analysis of certain aspects of how a user interacts with a webpage. By placing a code snippet into the code of a webpage prior to a given user accessing that webpage, one is able to evaluate the user's actions in order to predict the type of user. The predictions are made by acquiring information on how the user loads, navigates, and interacts with the webpage and comparing that information with statistics taken from a control group. Performance metrics from all webpages containing similar code elements are compiled by analysis servers and made available to the operator of a webpage through a variety of reporting mediums. By compiling such performance metrics, the method helps combat and prevent malicious automated traffic directed at advertisements and other aspects of a given webpage.
    Type: Application
    Filed: October 18, 2013
    Publication date: April 23, 2015
    Inventors: Daniel KAMINSKY, Michael J.J. Tiffany
  • Patent number: 8935336
    Abstract: In various embodiments, data processing apparatus, software, or machine-implemented methods can optimize NFSv3 asynchronous write requests or MSRPC calls that traverse a wide area network, for example, by receiving, from a client, a first request directed to a server across a wide area network; determining whether a related second request has been received previously; when a related second request has been received previously, sending, to the client, a first reply to the second request and forwarding the first request to the server, and otherwise forwarding the first request to the server without sending any reply to the client for the first request. Sending local replies from a WAN optimizer induces the client to send continuous requests, improving throughput, but at least one client request remains unreplied to, and one server error reply is always reported to the client, facilitating correct error processing at the client.
    Type: Grant
    Filed: June 18, 2008
    Date of Patent: January 13, 2015
    Assignee: Cisco Technology, Inc.
    Inventors: Boaz Sedan, Moshe Yosevshvili, Etai Lev Ran, Daniel Kaminsky, Israel Ben-Shaul
  • Patent number: 8850553
    Abstract: Embodiments for performing service binding between a client and a target server are disclosed. In accordance with one embodiment, a clear text client service binding value is received from a client at the target server, the client service binding value is compared to a server service binding value, and a communication channel is formed between the client and the target server when the client service binding value matches the server service binding value.
    Type: Grant
    Filed: September 12, 2008
    Date of Patent: September 30, 2014
    Assignee: Microsoft Corporation
    Inventors: Mark F. Novak, Daniel Kaminsky
  • Publication number: 20140282887
    Abstract: This invention leverages DNSSEC to makes post-password technologies work against endpoints across the globe, rather than solely within company walls. It describes a system by which DS records are encoded in NS names, which traverse well from the customer to the registry. This invention also proposes a series of steps through which DNSSEC can be explored as a useful solution to real world problems. By creating and further developing a mirror of the real DNS, which grows by combination of true DNS record information with specially synthesized authentication keys, DNSSEC scales, providing greater security and less risk of corrupting or erroneous online material. This same technology also evaluates user activity to create a database of statistics regarding automated activity, as compared to human activity. This database assists in identification and prevention, or at least mitigation, of potential future attacks on any given client by automated bot-driven activity.
    Type: Application
    Filed: March 14, 2013
    Publication date: September 18, 2014
    Inventor: Daniel Kaminsky
  • Patent number: 8254273
    Abstract: In one embodiment, a method for tracing a connection path from a source node to a destination node through a network having one or more transparent proxies includes generating a trace packet at the source node, transmitting the trace packet over the network towards the destination node, and receiving trace response packets in response to transmission of the trace packet. The trace response packets include a packet from the destination node and a packet from each of the transparent proxies in a data path from the source node to the destination node. Each of the packets from the transparent proxies includes an identifier of the transparent proxy transmitting the packet. The method further includes identifying the transparent proxies in the connection path based on information in the trace response packets. An apparatus for tracing a connection path is also disclosed.
    Type: Grant
    Filed: November 12, 2009
    Date of Patent: August 28, 2012
    Assignee: Cisco Technology, Inc.
    Inventors: Daniel Kaminsky, Arivu Ramasamy, Martin Cieslak, Mukund Ingle, Siddharth Vajirkar, Etai Lev Ran
  • Publication number: 20110113230
    Abstract: A system and method for securing firmware from malware in a computer processing system having a trusted node daughterboard connected to at least one operational node motherboard. The method includes the steps of sending a power on signal from the trusted node daughterboard to the operational node motherboard when it is desired to utilize the operational node motherboard for computer processing purposes. Pre-boot data is then requested from the operational node motherboard and is sent from the trusted node daughterboard to the operational node motherboard to enable operation of the operational node motherboard.
    Type: Application
    Filed: November 11, 2010
    Publication date: May 12, 2011
    Inventor: Daniel Kaminsky
  • Publication number: 20110113231
    Abstract: A method and system for securely opening an e-mail attachment in a computer processing environment having a trusted node daughterboard connected to at least one operational node motherboard with an e-mail processing system operatively coupled to the trusted node daughterboard. The method includes the steps of when an e-mail attachment is to be opened, sending a power on signal from the trusted node daughterboard to the operational node motherboard when it is desired to utilize the operational node motherboard for opening an e-mail attachment. Pre-boot data is then requested from the operational node motherboard and is sent from the trusted node daughterboard to the operational node motherboard to enable operation of the operational node motherboard for securely opening an e-mail attachment.
    Type: Application
    Filed: November 11, 2010
    Publication date: May 12, 2011
    Inventor: Daniel Kaminsky