Patents by Inventor Emmanuele Zambon
Emmanuele Zambon has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11902126Abstract: An intrusion detection method for detecting an intrusion in data traffic on a data communication network parses the data traffic to extract at least one protocol field of a protocol message of the data traffic, and associates the extracted protocol field with a model for that protocol field. The model is selected from a set of models. An assessment is made to determine if a contents of the extracted protocol field is in a safe region as defined by the model, and an intrusion detection signal is generated in case it is established that the contents of the extracted protocol field is outside the safe region. The set of models may comprise a corresponding model for each protocol field of a set of protocol fields.Type: GrantFiled: April 21, 2021Date of Patent: February 13, 2024Assignee: Forescout Technologies, Inc.Inventor: Emmanuele Zambon
-
Publication number: 20220272118Abstract: Systems, methods, and related technologies for determining a comprehensive risk score or value are described. The risk score determination may include selecting an entity communicatively coupled to a network and determining a cyber-attack likelihood value and a cyber-attack impact value associated with the entity. A cyber-attack risk may then be determined based on the cyber-attack likelihood value and a cyber-attack impact value associated with the entity. An operational failure likelihood value and an operational failure impact value associated with the entity can be determined. An operational failure risk based on the operational failure likelihood value and the operational failure impact value associated with the entity can be determined. A risk value may then be determined for the entity based on the cyber-attack risk and the operational failure risk and the risk value for the entity can be stored.Type: ApplicationFiled: February 9, 2022Publication date: August 25, 2022Inventors: Daniel Trivellato, Emmanuele Zambon-Mazzocato
-
Patent number: 11277431Abstract: Systems, methods, and related technologies for determining a comprehensive risk score or value are described. The risk score determination may include selecting an entity communicatively coupled to a network and determining a cyber-attack likelihood value and a cyber-attack impact value associated with the entity. A cyber-attack risk may then be determined based on the cyber-attack likelihood value and a cyber-attack impact value associated with the entity. An operational failure likelihood value and an operational failure impact value associated with the entity can be determined. An operational failure risk based on the operational failure likelihood value and the operational failure impact value associated with the entity can be determined. A risk value may then be determined for the entity based on the cyber-attack risk and the operational failure risk and the risk value for the entity can be stored.Type: GrantFiled: June 27, 2019Date of Patent: March 15, 2022Assignee: Forescout Technologies, Inc.Inventors: Daniel Trivellato, Emmanuele Zambon-Mazzocato
-
Publication number: 20210344578Abstract: An intrusion detection method for detecting an intrusion in data traffic on a data communication network parses the data traffic to extract at least one protocol field of a protocol message of the data traffic, and associates the extracted protocol field with a model for that protocol field. The model is selected from a set of models. An assessment is made to determine if a contents of the extracted protocol field is in a safe region as defined by the model, and an intrusion detection signal is generated in case it is established that the contents of the extracted protocol field is outside the safe region. The set of models may comprise a corresponding model for each protocol field of a set of protocol fields.Type: ApplicationFiled: April 21, 2021Publication date: November 4, 2021Inventor: Emmanuele Zambon
-
Patent number: 11012330Abstract: An intrusion detection method for detecting an intrusion in data traffic on a data communication network parses the data traffic to extract at least one protocol field of a protocol message of the data traffic, and associates the extracted protocol field with a model for that protocol field. The model is selected from a set of models. An assessment is made to determine if a contents of the extracted protocol field is in a safe region as defined by the model, and an intrusion detection signal is generated in case it is established that the contents of the extracted protocol field is outside the safe region. The set of models may comprise a corresponding model for each protocol field of a set of protocol fields.Type: GrantFiled: March 17, 2017Date of Patent: May 18, 2021Assignee: ForeScout Technologies, Inc.Inventor: Emmanuele Zambon
-
Publication number: 20200412758Abstract: Systems, methods, and related technologies for determining a comprehensive risk score or value are described. The risk score determination may include selecting an entity communicatively coupled to a network and determining a cyber-attack likelihood value and a cyber-attack impact value associated with the entity. A cyber-attack risk may then be determined based on the cyber-attack likelihood value and a cyber-attack impact value associated with the entity. An operational failure likelihood value and an operational failure impact value associated with the entity can be determined. An operational failure risk based on the operational failure likelihood value and the operational failure impact value associated with the entity can be determined. A risk value may then be determined for the entity based on the cyber-attack risk and the operational failure risk and the risk value for the entity can be stored.Type: ApplicationFiled: June 27, 2019Publication date: December 31, 2020Inventors: Daniel Trivellato, Emmanuele Zambon-Mazzocato
-
Publication number: 20170195197Abstract: An intrusion detection method for detecting an intrusion in data traffic on a data communication network parses the data traffic to extract at least one protocol field of a protocol message of the data traffic, and associates the extracted protocol field with a model for that protocol field. The model is selected from a set of models. An assessment is made to determine if a contents of the extracted protocol field is in a safe region as defined by the model, and an intrusion detection signal is generated in case it is established that the contents of the extracted protocol field is outside the safe region. The set of models may comprise a corresponding model for each protocol field of a set of protocol fields.Type: ApplicationFiled: March 17, 2017Publication date: July 6, 2017Applicant: Security Matters B.V.Inventor: Emmanuele Zambon
-
Patent number: 9628497Abstract: An intrusion detection method for detecting an intrusion in data traffic on a data communication network parses the data traffic to extract at least one protocol field of a protocol message of the data traffic, and associates the extracted protocol field with a model for that protocol field. The model is selected from a set of models. An assessment is made to determine if a contents of the extracted protocol field is in a safe region as defined by the model, and an intrusion detection signal is generated in case it is established that the contents of the extracted protocol field is outside the safe region. The set of models may comprise a corresponding model for each protocol field of a set of protocol fields.Type: GrantFiled: July 26, 2012Date of Patent: April 18, 2017Assignee: Security Matters B.V.Inventor: Emmanuele Zambon
-
Publication number: 20140297572Abstract: An intrusion detection method for detecting an intrusion in data traffic on a data communication network parses the data traffic to extract at least one protocol field of a protocol message of the data traffic, and associates the extracted protocol field with a model for that protocol field. The model is selected from a set of models. An assessment is made to determine if a contents of the extracted protocol field is in a safe region as defined by the model, and an intrusion detection signal is generated in case it is established that the contents of the extracted protocol field is outside the safe region. The set of models may comprise a corresponding model for each protocol field of a set of protocol fields.Type: ApplicationFiled: July 26, 2012Publication date: October 2, 2014Applicant: Security Matters B.V.Inventor: Emmanuele Zambon
-
Publication number: 20140090054Abstract: A system and method are described herein for detecting an anomaly in an electronic document. In a computer system, a detection engine is attached to an application program which processes the electronic document. Function calls to a service provided through an application program interface (API) are intercepted by the detection engine as the application program processes the electronic document. If an entry for the intercepted function call is not present in the detection model, or an entry is present but the argument value does not match the argument value in the detection model, an alert is raised. The detection model is populated by processing a plurality of known good documents, populating the detection model with entries on intercepted good function calls and their argument values. A threshold may be applied to the detection model, removing from the detection model function calls which were observed less than the threshold amount.Type: ApplicationFiled: July 26, 2012Publication date: March 27, 2014Applicant: SECURITYMATTERS B.V.Inventors: Damiano Bolzoni, Emmanuele Zambon