Patents by Inventor Daniel Wyschogrod

Daniel Wyschogrod has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 11056213
    Abstract: A method of identifying regions of malicious organic sequences includes identifying a plurality of benign snippets derived from a first sequence obtained from at least one benign organism; extracting a plurality of candidate signature snippets from a second sequence obtained from a malicious organism; determining, for each of the plurality of candidate signature snippets, whether the candidate signature snippet matches at least one of the plurality of benign snippets; and responsive to the candidate signature snippet not matching the at least one of the plurality of benign snippets, identifying the candidate signature snippet as a malicious signature snippet.
    Type: Grant
    Filed: December 7, 2016
    Date of Patent: July 6, 2021
    Assignee: Raytheon BBN Technologies Corp.
    Inventors: Jacob Stuart Michael Beal, Daniel Wyschogrod, Steven Wayne Jilcott, Jr.
  • Publication number: 20210027861
    Abstract: Disclosed techniques include generating a first set of sequence snippets from a set of nucleic acid sequences having a first trait; generating a second set of second sequence snippets from a set of nucleic acid sequences having a second trait; identifying a third set of sequence snippets categorized as being of a particular type; and filtering the first set of sequence snippets and the second set of sequence snippets to remove at least one sequence snippet in the third set of sequence snippets.
    Type: Application
    Filed: October 1, 2020
    Publication date: January 28, 2021
    Inventors: Jacob Stuart Michael Beal, Daniel Wyschogrod, Steven Wayne Jilcott, JR.
  • Publication number: 20180089365
    Abstract: A method of identifying regions of malicious organic sequences includes identifying a plurality of benign snippets derived from a first sequence obtained from at least one benign organism; extracting a plurality of candidate signature snippets from a second sequence obtained from a malicious organism; determining, for each of the plurality of candidate signature snippets, whether the candidate signature snippet matches at least one of the plurality of benign snippets; and responsive to the candidate signature snippet not matching the at least one of the plurality of benign snippets, identifying the candidate signature snippet as a malicious signature snippet.
    Type: Application
    Filed: December 7, 2016
    Publication date: March 29, 2018
    Inventors: Jacob Stuart Michael Beal, Daniel Wyschogrod, Steven Wayne Jilcott, JR.
  • Patent number: 9043272
    Abstract: A system for determining the start of a match of a regular expression has a special state table which contains start state entries and terminal state entries; a plurality of start state registers for storing offset information indicative of the start of a match of the regular expression; a deterministic finite state automaton (DFA) next state table which, given the current state and an input character, returns the next state. The DFA next state table includes a settable indicator for any next state table entry which indicates whether to perform a lookup into the special state table. A compiler loads values into the special state table based on the regular expression.
    Type: Grant
    Filed: September 18, 2007
    Date of Patent: May 26, 2015
    Assignee: INSIDE SECURE
    Inventors: Daniel Wyschogrod, Leonid Leibman
  • Patent number: 9003518
    Abstract: Systems and methods are disclosed for detecting covert DNS tunnels using n-grams. The majority of legitimate DNS requests originate from network content itself, for example, through hyperlinks in websites. So, comparing data from incoming network communications to a hostname included in a DNS request can give an indication on whether the DNS request is a legitimate request or associated with a covert DNS tunnel. This process can be made computationally efficient by extracting n-grams from incoming network content and storing the n-grams in an efficient data structure, such as a Bloom filter. The stored n-grams are compared with n-grams extracted from outgoing DNS requests. If n-grams from an outgoing DNS request are not found in the data structure, the domain associated with the DNS request is determined to be associated with a suspected covert DNS tunnel.
    Type: Grant
    Filed: September 1, 2010
    Date of Patent: April 7, 2015
    Assignee: Raytheon BBN Technologies Corp.
    Inventors: Daniel Wyschogrod, David Patrick Mankins
  • Patent number: 8931092
    Abstract: Embodiments of a system and method for computer inspection of information objects, for example, executable software applications for common components that may include elements of computer viruses, items from hacker exploit libraries, or other malware components. Information objects may contain identified sequences of instructions, each of which may be identified and hierarchically grouped based on their structural relationship(s). In the software context, programming languages may include multiple components that include functional code; these components are often shared between programmers. In some embodiments, an inspection of the hierarchical relationship of components (e.g., constituent functions) in the information objects may allow for identification of common components shared between programs. In some embodiments, authorship of objects or components in the objects may be identified by comparisons between component samples.
    Type: Grant
    Filed: August 23, 2012
    Date of Patent: January 6, 2015
    Assignee: Raytheon BBN Technologies Corp.
    Inventors: Daniel Wyschogrod, Steven W. Jilcott, Jonathan Aron Rubin, John O. Everett
  • Publication number: 20140059684
    Abstract: Embodiments of a system and method for computer inspection of information objects, for example, executable software applications for common components that may include elements of computer viruses, items from hacker exploit libraries, or other malware components. Information objects may contain identified sequences of instructions, each of which may be identified and hierarchically grouped based on their structural relationship(s). In the software context, programming languages may include multiple components that include functional code; these components are often shared between programmers. In some embodiments, an inspection of the hierarchical relationship of components (e.g., constituent functions) in the information objects may allow for identification of common components shared between programs. In some embodiments, authorship of objects or components in the objects may be identified by comparisons between component samples.
    Type: Application
    Filed: August 23, 2012
    Publication date: February 27, 2014
    Applicant: Raytheon BBN Technologies Corp.
    Inventors: Daniel Wyschogrod, Steven W. Jilcott, Jonathan Aron Rubin, John O. Everett
  • Publication number: 20120054860
    Abstract: Systems and methods are disclosed for detecting covert DNS tunnels using n-grams. The majority of legitimate DNS requests originate from network content itself, for example, through hyperlinks in websites. So, comparing data from incoming network communications to a hostname included in a DNS request can give an indication on whether the DNS request is a legitimate request or associated with a covert DNS tunnel. This process can be made computationally efficient by extracting n-grams from incoming network content and storing the n-grams in an efficient data structure, such as a Bloom filter. The stored n-grams are compared with n-grams extracted from outgoing DNS requests. If n-grams from an outgoing DNS request are not found in the data structure, the domain associated with the DNS request is determined to be associated with a suspected covert DNS tunnel.
    Type: Application
    Filed: September 1, 2010
    Publication date: March 1, 2012
    Applicant: RAYTHEON BBN TECHNOLOGIES CORP.
    Inventors: Daniel Wyschogrod, David Patrick Mankins
  • Patent number: 7461370
    Abstract: A system for processing regular expressions containing one or more sub-expressions. Information regarding one or more regular expressions, each containing one or more sub-expressions, is stored. Data is compared to the stored information regarding expressions in only a single pass through the data. From the comparison, for any stored expression, the location within the data of the beginning and end of each sub-expression, and the end of the regular expression, are determined. From such determination, the presence within the data of any one or more stored regular expressions containing one or more sub-expressions is identified.
    Type: Grant
    Filed: February 7, 2003
    Date of Patent: December 2, 2008
    Assignee: SafeNet, Inc.
    Inventors: Daniel Wyschogrod, Leonid Leibman
  • Publication number: 20080077587
    Abstract: A system for determining the start of a match of a regular expression has a special state table which contains start state entries and terminal state entries; a plurality of start state registers for storing offset information indicative of the start of a match of the regular expression; a deterministic finite state automaton (DFA) next state table which, given the current state and an input character, returns the next state. The DFA next state table includes a settable indicator for any next state table entry which indicates whether to perform a lookup into the special state table. A compiler loads values into the special state table based on the regular expression.
    Type: Application
    Filed: September 18, 2007
    Publication date: March 27, 2008
    Inventors: Daniel Wyschogrod, Leonid Leibman
  • Patent number: 7305391
    Abstract: A method for determining the start of a match of a regular expression using the special state table, the set of start state registers and the DFA next state table, includes the step of determining from the regular expression each start-of-match start state and each end-of-match terminal state. For each start state, a start state entry is loaded into the special state table. For each terminal state, a terminal state entry is loaded into each special state table. The next state table is used to return the next state from the current state and an input character. When a start state is encountered, the current offset from the beginning of the input character string is loaded into the start state register. When a terminal state is encountered, the terminal state entry is retrieved from the special state table, and the value of the start state register corresponding to the rule number of the terminal entry in the special state table is further retrieved.
    Type: Grant
    Filed: February 6, 2004
    Date of Patent: December 4, 2007
    Assignee: SafeNet, Inc.
    Inventors: Daniel Wyschogrod, Leonid Leibman
  • Patent number: 7240040
    Abstract: A method for generating look-up tables for a high speed multi-bit Real-time Deterministic Finite state Automaton (hereinafter RDFA). The method begins with a DFA generated in accordance with the prior art. For each state in the DFA, and for each of the bytes recognized in parallel the following occurs. First an n-closure list is generated. An n-closure list is a list of states reachable in n-transitions from the current state. Next an alphabet transition list is generated for each state. An “alphabet transition list” is a list of the transitions out of a particular state for each of the characters in an alphabet. Finally, the transitions are grouped into classes. That is, the transitions that go to the same state are grouped into the same class. Each class is used to identify the next state. The result is a state machine that has less states than the original DFA.
    Type: Grant
    Filed: August 8, 2002
    Date of Patent: July 3, 2007
    Assignee: Safenet, Inc.
    Inventors: Daniel Wyschogrod, Alain Arnaud, David Eric Berman Lees, Leonid Leibman
  • Patent number: 6856981
    Abstract: A system and method in accordance with the present invention determines in real-time the portions of a set of characters from a data or character stream which satisfies one or more predetermined regular expressions. A Real-time Deterministic Finite state Automaton (RDFA) ensures that the set of characters is processed at high speeds with relatively small memory requirements. An optimized state machine models the regular expression(s) and state related alphabet lookup and next state tables are generated. Characters from the data stream are processed in parallel using the alphabet lookup and next state tables, to determine whether to transition to a next state or a terminal state, until the regular expression is satisfied or processing is terminated. Additional means may be implemented to determine a next action from satisfaction of the regular expression.
    Type: Grant
    Filed: December 3, 2001
    Date of Patent: February 15, 2005
    Assignee: SafeNet, Inc.
    Inventors: Daniel Wyschogrod, Alain Arnaud, David Eric Berman Lees, Leonid Leibman
  • Publication number: 20040162826
    Abstract: A system for determining the start of a match of a regular expression includes a special state table that contains start entries and terminal entries, and a set of start state registers for holding offset information. The system further includes a DFA next state table that, given the current state and an input character, returns the next state. A settable indicator is included in the DFA next state table corresponding to each next state table entry which indicates whether to perform a lookup in the special state table. A compiler loads values into the special state table based on the regular expression. A method for determining the start of a match of a regular expression using the special state table, the set of start state registers and the DFA next state table, includes the step of determining from the regular expression each start-of-match start state and each end-of-match terminal state. For each start state, a start state entry is loaded into the special state table.
    Type: Application
    Filed: February 6, 2004
    Publication date: August 19, 2004
    Inventors: Daniel Wyschogrod, Leonid Leibman
  • Publication number: 20030163803
    Abstract: A system for processing regular expressions containing one or more sub-expressions. Information regarding one or more regular expressions, each containing one or more sub-expressions, is stored. Data is compared to the stored information regarding expressions in only a single pass through the data. From the comparison, for any stored expression, the location within the data of the beginning and end of each sub-expression, and the end of the regular expression, are determined. From such determination, the presence within the data of any one or more stored regular expressions containing one or more sub-expressions is identified.
    Type: Application
    Filed: February 7, 2003
    Publication date: August 28, 2003
    Inventors: Daniel Wyschogrod, Leonid Leibman
  • Publication number: 20030110208
    Abstract: Data that spans multiple packets is processes. A finite state machine is used to process the data in each packet and the “state” of a finite state machine is saved after processing a packet. The saved state is stored with information that identifies the particular data stream from which the packet originated. This means that a state machine engine (hardware implementation of the finite state machine) is not tied to a particular data stream. The present invention makes it possible to utilize state machine co-processors very efficiently in a multiple engine/multiple data stream system.
    Type: Application
    Filed: January 24, 2003
    Publication date: June 12, 2003
    Applicant: Raqia Networks, Inc.
    Inventors: Daniel Wyschogrod, Alain Arnaud, David Eric Berman Lees
  • Publication number: 20030065800
    Abstract: A method for generating look-up tables for a high speed multi-bit Real-time Deterministic Finite state Automaton (hereinafter RDFA). The method begins with a DFA generated in accordance with the prior art. For each state in the DFA, and for each of the bytes recognized in parallel the following occurs. First an n-closure list is generated. An n-closure list is a list of states reachable in n-transitions from the current state. Next an alphabet transition list is generated for each state. An “alphabet transition list” is a list of the transitions out of a particular state for each of the characters in an alphabet. Finally, the transitions are grouped into classes. That is, the transitions that go to the same state are grouped into the same class. Each class is used to identify the next state. The result is a state machine that has less states than the original DFA.
    Type: Application
    Filed: August 8, 2002
    Publication date: April 3, 2003
    Applicant: Raqia Networks Inc.
    Inventors: Daniel Wyschogrod, Alain Arnaud, David Eric Berman Lees, Leonid Leibman
  • Publication number: 20030051043
    Abstract: A system and method in accordance with the present invention determines in real-time the portions of a set of characters from a data or character stream which satisfies one or more predetermined regular expressions. A Real-time Deterministic Einite state Automaton (RDFA) ensures that the set of characters is processed at high speeds with relatively small memory requirements. An optimized state machine models the regular expression(s) and state related alphabet lookup and next state tables are generated. Characters from the data stream are processed in parallel using the alphabet lookup and next state tables, to determine whether to transition to a next state or a terminal state, until the regular expression is satisfied or processing is terminated. Additional means may be implemented to determine a next action from satisfaction of the regular expression.
    Type: Application
    Filed: December 3, 2001
    Publication date: March 13, 2003
    Applicant: Raqia Networks Inc.
    Inventors: Daniel Wyschogrod, Alain Arnaud, David Eric Berman Lees, Leonid Leibman
  • Patent number: 5374932
    Abstract: An airport surface traffic surveillance and automation system addresses a wide variety of airport surface conflict scenarios using a combination of runway-status lights, controller alerts, and enhanced controller displays. Runway-status lights, composed of runway-entrance lights and takeoff-hold lights, provide alerts directly to pilots and vehicle operators, to prevent runway incursions before they happen. Controller alerts are used to direct a controller's attention to existing conflicts between aircraft on or near the runways. Enhanced displays present symbology to describe aircraft position, size, direction and speed of motion, altitude, aircraft flight number, and equipment type. Aircraft on approach to runways are also depicted on the displays.
    Type: Grant
    Filed: August 2, 1993
    Date of Patent: December 20, 1994
    Assignee: Massachusetts Institute of Technology
    Inventors: Daniel Wyschogrod, Loren Wood, James L. Sturdy, Hayden B. Schultz, Richard J. Sasiela, Douglas V. Marquis, William H. Harman, III, James R. Eggert, Peter M. Daly