Patents by Inventor Darrow Paine LEIBNER
Darrow Paine LEIBNER has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240134060Abstract: Disclosed herein are system, method, and computer program product embodiments for adapting to malware activity on a compromised computer system by detecting timing anomalies between timing signals. An embodiment operates by analyzing first timing data accessed from a validated source and second timing data accessed from an unvalidated receiver source in order to compute a threat detection value, which is utilized to determine if there is a discrepancy or anomaly in the timing or frequency of either the validated and unvalidated sources.Type: ApplicationFiled: December 15, 2023Publication date: April 25, 2024Applicant: The MITRE CorporationInventors: Darrow Paine LEIBNER, Alessandro Paolo CERRUTI
-
Patent number: 11892547Abstract: Disclosed herein are system, method, and computer program product embodiments for adapting to malware activity on a compromised computer system by detecting timing anomalies between timing signals. An embodiment operates by analyzing first timing data accessed from a validated source and second timing data accessed from an unvalidated receiver source in order to compute a threat detection value, which is utilized to determine if there is a discrepancy or anomaly in the timing or frequency of either the validated and unvalidated sources.Type: GrantFiled: October 12, 2021Date of Patent: February 6, 2024Assignee: THE MITRE CORPORATIONInventors: Darrow Paine Leibner, Alessandro Paolo Cerruti
-
Publication number: 20220206165Abstract: Disclosed herein are system, method, and computer program product embodiments for adapting to malware activity on a compromised computer system by detecting timing anomalies between timing signals. An embodiment operates by analyzing first timing data accessed from a validated source and second timing data accessed from an unvalidated receiver source in order to compute a threat detection value, which is utilized to determine if there is a discrepancy or anomaly in the timing or frequency of either the validated and unvalidated sources.Type: ApplicationFiled: October 12, 2021Publication date: June 30, 2022Inventors: Darrow Paine LEIBNER, Alessandro Paolo CERRUTI
-
Patent number: 11237273Abstract: Disclosed herein are system, method, and computer program product embodiments for detecting spoofing of a navigation device. A plurality of anti-spoofing techniques are provided. The plurality of anti-spoofing techniques detect interference with data provided by one or more navigation devices for a plurality of threat situations. Positioning, timing and frequency characteristics associated with the one or more navigation devices are analyzed in order to identify a threat situation among the plurality of threat situations. Based on the identified threat situation one or more of the anti-spoofing techniques are executed. The one or more anti-spoofing techniques can be executed in parallel in order to provide various anti-spoofing detection techniques at the same time.Type: GrantFiled: August 6, 2019Date of Patent: February 1, 2022Assignee: THE MITRE CORPORATIONInventors: Darrow Paine Leibner, Erik T. Lundberg
-
Patent number: 11143764Abstract: Disclosed herein are system, method, and computer program product embodiments for adapting to malware activity on a compromised computer system by detecting timing anomalies between timing signals. An embodiment operates by analyzing first timing data accessed from a validated source and second timing data accessed from an unvalidated receiver source in order to compute a threat detection value, which is utilized to determine if there is a discrepancy or anomaly in the timing or frequency of either the validated and unvalidated sources.Type: GrantFiled: October 15, 2019Date of Patent: October 12, 2021Assignee: The MITRE CorporationInventors: Darrow Paine Leibner, Alessandro Paolo Cerruti
-
Publication number: 20200049834Abstract: Disclosed herein are system, method, and computer program product embodiments for adapting to malware activity on a compromised computer system by detecting timing anomalies between timing signals. An embodiment operates by analyzing first timing data accessed from a validated source and second timing data accessed from an unvalidated receiver source in order to compute a threat detection value, which is utilized to determine if there is a discrepancy or anomaly in the timing or frequency of either the validated and unvalidated sources.Type: ApplicationFiled: October 15, 2019Publication date: February 13, 2020Inventors: Darrow Paine LEIBNER, Alessandro Paolo CERRUTI
-
Patent number: 10495759Abstract: Disclosed herein are system, method, and computer program product embodiments for detecting spoofing of a navigation device. A plurality of anti-spoofing techniques are provided. The plurality of anti-spoofing techniques detect interference with data provided by one or more navigation devices for a plurality of threat situations. Positioning, timing and frequency characteristics associated with the one or more navigation devices are analyzed in order to identify a threat situation among the plurality of threat situations. Based on the identified threat situation one or more of the anti-spoofing techniques are executed. The one or more anti-spoofing techniques can be executed in parallel in order to provide various anti-spoofing detection techniques at the same time.Type: GrantFiled: February 13, 2014Date of Patent: December 3, 2019Assignee: The Mitre CorporationInventors: Darrow Paine Leibner, Erik T. Lundberg
-
Publication number: 20190361130Abstract: Disclosed herein are system, method, and computer program product embodiments for detecting spoofing of a navigation device. A plurality of anti-spoofing techniques are provided. The plurality of anti-spoofing techniques detect interference with data provided by one or more navigation devices for a plurality of threat situations. Positioning, timing and frequency characteristics associated with the one or more navigation devices are analyzed in order to identify a threat situation among the plurality of threat situations. Based on the identified threat situation one or more of the anti-spoofing techniques are executed. The one or more anti-spoofing techniques can be executed in parallel in order to provide various anti-spoofing detection techniques at the same time.Type: ApplicationFiled: August 6, 2019Publication date: November 28, 2019Inventors: Darrow Paine LEIBNER, Erik T. Lundberg
-
Patent number: 10444372Abstract: Disclosed herein are system, method, and computer program product embodiments for adapting to malware activity on a compromised computer system by detecting timing anomalies between timing signals. An embodiment operates by analyzing first timing data accessed from a validated source and second timing data accessed from an unvalidated receiver source in order to compute a threat detection value, which is utilized to determine if there is a discrepancy or anomaly in the timing or frequency of either the validated and unvalidated sources.Type: GrantFiled: January 10, 2017Date of Patent: October 15, 2019Assignee: The MITRE CorporationInventors: Darrow Paine Leibner, Alessandro Paolo Cerruti
-
Patent number: 10281583Abstract: Disclosed herein are system, apparatus, article of manufacture, method and/or computer program product embodiments for detection of satellite system anomalies. An embodiment operates by receiving satellite signals from a plurality of sources via at least one satellite system receiver and determining the presence of anomalous satellite system activity by comparing an amount of signal strength drop of each of the satellite signals during a time period to a threat detection threshold and by comparing an amount of consistency of the satellite signals during the time period to the threat detection threshold.Type: GrantFiled: August 3, 2015Date of Patent: May 7, 2019Assignee: The MITRE CorporationInventors: Darrow Paine Leibner, Robert James Reynolds, Jeffrey Joseph Robble, Charles Borromeo Dunn
-
Publication number: 20170146665Abstract: Disclosed herein are system, method, and computer program product embodiments for adapting to malware activity on a compromised computer system by detecting timing anomalies between timing signals. An embodiment operates by analyzing first timing data accessed from a validated source and second timing data accessed from an unvalidated receiver source in order to compute a threat detection value, which is utilized to determine if there is a discrepancy or anomaly in the timing or frequency of either the validated and unvalidated sources.Type: ApplicationFiled: January 10, 2017Publication date: May 25, 2017Inventors: Darrow Paine LEIBNER, Alessandro Paolo CERRUTI
-
Patent number: 9541649Abstract: Disclosed herein are system, method, and computer program product embodiments for adapting to malware activity on a compromised computer system. An embodiment operates by detecting an active adversary operating malware on a compromised system. A stream of data traffic associated with active adversary is intercepted. The stream of data traffic includes a command and control channel of the active adversary. The stream of data traffic is accessed. An emulation of the command and control channel is provided. An analysis of the accessed stream of traffic is executed. A plurality of response mechanisms is provided. The plurality of response mechanisms is based in part on the analysis of the stream of data traffic and a custom policy language tailored for the malware.Type: GrantFiled: May 2, 2013Date of Patent: January 10, 2017Assignee: The Mitre CorporationInventors: Darrow Paine Leibner, Alessandro Paolo Cerruti
-
Publication number: 20160154113Abstract: Disclosed herein are system, apparatus, article of manufacture, method and/or computer program product embodiments for detection of satellite system anomalies. An embodiment operates by receiving satellite signals from a plurality of sources via at least one satellite system receiver and determining the presence of anomalous satellite system activity by comparing an amount of signal strength drop of each of the satellite signals during a time period to a threat detection threshold and by comparing an amount of consistency of the satellite signals during the time period to the threat detection threshold.Type: ApplicationFiled: August 3, 2015Publication date: June 2, 2016Applicant: The MITRE CorporationInventors: Darrow Paine LEIBNER, Robert James REYNOLDS, Jeffrey Joseph ROBBLE, Charles Borromeo DUNN
-
Publication number: 20150226858Abstract: Disclosed herein are system, method, and computer program product embodiments for detecting spoofing of a navigation device. A plurality of anti-spoofing techniques are provided. The plurality of anti-spoofing techniques detect interference with data provided by one or more navigation devices for a plurality of threat situations. Positioning, timing and frequency characteristics associated with the one or more navigation devices are analyzed in order to identify a threat situation among the plurality of threat situations. Based on the identified threat situation one or more of the anti-spoofing techniques are executed. The one or more anti-spoofing techniques can be executed in parallel in order to provide various anti-spoofing detection techniques at the same time.Type: ApplicationFiled: February 13, 2014Publication date: August 13, 2015Applicant: The MITRE CorporationInventors: Darrow Paine LEIBNER, Erik T. Lundberg
-
Publication number: 20140327573Abstract: Disclosed herein are system, method, and computer program product embodiments for adapting to malware activity on a compromised computer system. An embodiment operates by detecting an active adversary operating malware on a compromised system. A stream of data traffic associated with active adversary is intercepted. The stream of data traffic includes a command and control channel of the active adversary. The stream of data traffic is accessed. An emulation of the command and control channel is provided. An analysis of the accessed stream of traffic is executed. A plurality of response mechanisms is provided. The plurality of response mechanisms is based in part on the analysis of the stream of data traffic and a custom policy language tailored for the malware.Type: ApplicationFiled: May 2, 2013Publication date: November 6, 2014Applicant: The MITRE CorporationInventors: Darrow Paine LEIBNER, Alessandro Paolo CERRUTI