Patents by Inventor Declan Conlon
Declan Conlon has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11163879Abstract: A device may identify a plurality of files for a multi-file malware analysis. The device may execute the plurality of files in a malware testing environment. The device may monitor the malware testing environment for behavior indicative of malware. The device may detect the behavior indicative of malware. The device may perform a first multi-file malware analysis or a second multi-file malware analysis based on detecting the behavior indicative of malware. The first multi-file malware analysis may include a partitioning technique that partitions the plurality of files into two or more segments of files to identify a file, included in the plurality of files, that includes malware. The second multi-file malware analysis may include a scoring technique that modifies a plurality of malware scores, corresponding to the plurality of files, to identify the file, included in the plurality of files, that includes malware.Type: GrantFiled: April 24, 2017Date of Patent: November 2, 2021Assignee: Juniper Networks, Inc.Inventors: Jacob Asher Langton, Daniel J. Quinlan, Kyle Adams, Declan Conlon
-
Patent number: 10389740Abstract: A device may receive a trigger to determine whether a malicious file is operating on a client device. The device may determine a network activity profile associated with the malicious file based on receiving the trigger to determine whether the malicious file is operating on the client device. The network activity profile may include information regarding network activity associated with the malicious file when the malicious file is executed in a testing environment. The device may monitor network activity associated with the client device. The device may determine that the network activity associated with the client device matches the network activity profile associated with the malicious file based on monitoring the network activity associated with the client device. The device may provide information indicating that the network activity associated with the client device matches the network activity profile associated with the malicious file.Type: GrantFiled: June 12, 2017Date of Patent: August 20, 2019Assignee: Juniper Networks, Inc.Inventors: Jacob Asher Langton, Daniel J. Quinlan, Kyle Adams, Declan Conlon
-
Patent number: 10110496Abstract: A device may receive or generate a message for routing to a destination on a communication channel. The communication channel may have been established between a source and the destination. The device may perform a first determination of policy information related to at least one of the message, the destination, or the source of the message. The policy information may describe an action for a network device to perform. The device may associate a policy token with the message. The policy token may describe or identify the policy information. The device may provide the message with the associated policy token to the network device on the communication channel to cause the network device to perform a second determination of the policy information based on the policy token, to perform the action described by the policy information, and to provide the message on the communication channel.Type: GrantFiled: March 31, 2015Date of Patent: October 23, 2018Assignee: Juniper Networks, Inc.Inventors: Jacob Asher Langton, Kyle Adams, Daniel J. Quinlan, Declan Conlon
-
Patent number: 9954887Abstract: A device may receive usage information, associated with a group of client networks, including particular usage information associated with a particular client network. The device may receive threat information, associated with the group of client networks, including particular threat information associated with the particular client network. The device may determine a baseline based on the usage information. The device may determine a normalization function, associated with the particular client network, based on the baseline and the particular usage information. The device may determine normalized threat information, associated with the particular client network, based on the normalization function and the particular threat information. The device may determine overall normalized threat information associated with the group of client networks. The device may compare the normalized threat information and the overall normalized threat information.Type: GrantFiled: December 30, 2016Date of Patent: April 24, 2018Assignee: Juniper Networks, Inc.Inventors: Kyle Adams, Declan Conlon
-
Publication number: 20170346838Abstract: A device may receive a trigger to determine whether a malicious file is operating on a client device. The device may determine a network activity profile associated with the malicious file based on receiving the trigger to determine whether the malicious file is operating on the client device. The network activity profile may include information regarding network activity associated with the malicious file when the malicious file is executed in a testing environment. The device may monitor network activity associated with the client device. The device may determine that the network activity associated with the client device matches the network activity profile associated with the malicious file based on monitoring the network activity associated with the client device. The device may provide information indicating that the network activity associated with the client device matches the network activity profile associated with the malicious file.Type: ApplicationFiled: June 12, 2017Publication date: November 30, 2017Inventors: Jacob Asher LANGTON, Daniel J. QUINLAN, Kyle ADAMS, Declan CONLON
-
Publication number: 20170228542Abstract: A device may identify a plurality of files for a multi-file malware analysis. The device may execute the plurality of files in a malware testing environment. The device may monitor the malware testing environment for behavior indicative of malware. The device may detect the behavior indicative of malware. The device may perform a first multi-file malware analysis or a second multi-file malware analysis based on detecting the behavior indicative of malware. The first multi-file malware analysis may include a partitioning technique that partitions the plurality of files into two or more segments of files to identify a file, included in the plurality of files, that includes malware. The second multi-file malware analysis may include a scoring technique that modifies a plurality of malware scores, corresponding to the plurality of files, to identify the file, included in the plurality of files, that includes malware.Type: ApplicationFiled: April 24, 2017Publication date: August 10, 2017Inventors: Jacob Asher Langton, Daniel J. QUINLAN, Kyle ADAMS, Declan CONLON
-
Patent number: 9680845Abstract: A device may receive a trigger to determine whether a malicious file is operating on a client device. The device may determine a network activity profile associated with the malicious file based on receiving the trigger to determine whether the malicious file is operating on the client device. The network activity profile may include information regarding network activity associated with the malicious file when the malicious file is executed in a testing environment. The device may monitor network activity associated with the client device. The device may determine that the network activity associated with the client device matches the network activity profile associated with the malicious file based on monitoring the network activity associated with the client device. The device may provide information indicating that the network activity associated with the client device matches the network activity profile associated with the malicious file.Type: GrantFiled: March 31, 2015Date of Patent: June 13, 2017Assignee: Juniper Neworks, Inc.Inventors: Jacob Asher Langton, Daniel J. Quinlan, Kyle Adams, Declan Conlon
-
Patent number: 9646159Abstract: A device may identify a plurality of files for a multi-file malware analysis. The device may execute the plurality of files in a malware testing environment. The device may monitor the malware testing environment for behavior indicative of malware. The device may detect the behavior indicative of malware. The device may perform a first multi-file malware analysis or a second multi-file malware analysis based on detecting the behavior indicative of malware. The first multi-file malware analysis may include a partitioning technique that partitions the plurality of files into two or more segments of files to identify a file, included in the plurality of files, that includes malware. The second multi-file malware analysis may include a scoring technique that modifies a plurality of malware scores, corresponding to the plurality of files, to identify the file, included in the plurality of files, that includes malware.Type: GrantFiled: March 31, 2015Date of Patent: May 9, 2017Assignee: Juniper Networks, Inc.Inventors: Jacob Asher Langton, Daniel J. Quinlan, Kyle Adams, Declan Conlon
-
Publication number: 20170111386Abstract: A device may receive usage information, associated with a group of client networks, including particular usage information associated with a particular client network. The device may receive threat information, associated with the group of client networks, including particular threat information associated with the particular client network. The device may determine a baseline based on the usage information. The device may determine a normalization function, associated with the particular client network, based on the baseline and the particular usage information. The device may determine normalized threat information, associated with the particular client network, based on the normalization function and the particular threat information. The device may determine overall normalized threat information associated with the group of client networks. The device may compare the normalized threat information and the overall normalized threat information.Type: ApplicationFiled: December 30, 2016Publication date: April 20, 2017Inventors: Kyle ADAMS, Declan CONLON
-
Patent number: 9571519Abstract: A device may receive usage information, associated with a group of client networks, including particular usage information associated with a particular client network. The device may receive threat information, associated with the group of client networks, including particular threat information associated with the particular client network. The device may determine a baseline based on the usage information. The device may determine a normalization function, associated with the particular client network, based on the baseline and the particular usage information. The device may determine normalized threat information, associated with the particular client network, based on the normalization function and the particular threat information. The device may determine overall normalized threat information associated with the group of client networks. The device may compare the normalized threat information and the overall normalized threat information.Type: GrantFiled: September 29, 2014Date of Patent: February 14, 2017Assignee: Juniper Networks, Inc.Inventors: Kyle Adams, Declan Conlon
-
Publication number: 20160292419Abstract: A device may identify a plurality of files for a multi-file malware analysis. The device may execute the plurality of files in a malware testing environment. The device may monitor the malware testing environment for behavior indicative of malware. The device may detect the behavior indicative of malware. The device may perform a first multi-file malware analysis or a second multi-file malware analysis based on detecting the behavior indicative of malware. The first multi-file malware analysis may include a partitioning technique that partitions the plurality of files into two or more segments of files to identify a file, included in the plurality of files, that includes malware. The second multi-file malware analysis may include a scoring technique that modifies a plurality of malware scores, corresponding to the plurality of files, to identify the file, included in the plurality of files, that includes malware.Type: ApplicationFiled: March 31, 2015Publication date: October 6, 2016Inventors: Jacob Asher LANGTON, Daniel J. Quinlan, Kyle Adams, Declan Conlon
-
Publication number: 20160294703Abstract: A device may receive or generate a message for routing to a destination on a communication channel. The communication channel may have been established between a source and the destination. The device may perform a first determination of policy information related to at least one of the message, the destination, or the source of the message. The policy information may describe an action for a network device to perform. The device may associate a policy token with the message. The policy token may describe or identify the policy information. The device may provide the message with the associated policy token to the network device on the communication channel to cause the network device to perform a second determination of the policy information based on the policy token, to perform the action described by the policy information, and to provide the message on the communication channel.Type: ApplicationFiled: March 31, 2015Publication date: October 6, 2016Inventors: Jacob Asher LANGTON, Kyle ADAMS, Daniel J. QUINLAN, Declan CONLON
-
Publication number: 20160294851Abstract: A device may receive a trigger to determine whether a malicious file is operating on a client device. The device may determine a network activity profile associated with the malicious file based on receiving the trigger to determine whether the malicious file is operating on the client device. The network activity profile may include information regarding network activity associated with the malicious file when the malicious file is executed in a testing environment. The device may monitor network activity associated with the client device. The device may determine that the network activity associated with the client device matches the network activity profile associated with the malicious file based on monitoring the network activity associated with the client device. The device may provide information indicating that the network activity associated with the client device matches the network activity profile associated with the malicious file.Type: ApplicationFiled: March 31, 2015Publication date: October 6, 2016Inventors: Jacob Asher LANGTON, Daniel J. Quinlan, Kyle Adams, Declan Conlon
-
Publication number: 20160094565Abstract: A device may receive usage information, associated with a group of client networks, including particular usage information associated with a particular client network. The device may receive threat information, associated with the group of client networks, including particular threat information associated with the particular client network. The device may determine a baseline based on the usage information. The device may determine a normalization function, associated with the particular client network, based on the baseline and the particular usage information. The device may determine normalized threat information, associated with the particular client network, based on the normalization function and the particular threat information. The device may determine overall normalized threat information associated with the group of client networks. The device may compare the normalized threat information and the overall normalized threat information.Type: ApplicationFiled: September 29, 2014Publication date: March 31, 2016Inventors: Kyle ADAMS, Declan Conlon