Patents by Inventor Farshid Marbouti
Farshid Marbouti has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240338427Abstract: Systems and methods enable automated and scalable obfuscation detection in programming scripts, including processing devices that receive software programming scripts and a symbol set. The processing devices determine a frequency of each symbol and an average frequency of the symbols in the script text. The processing devices determine a normal score of each symbol based on the frequency of each symbol and the average frequency to create a symbol feature for each symbol including the normal score. The processing devices utilize an obfuscation machine learning model including a classifier for binary obfuscation classification to detect obfuscation in the script based on the symbol features. The processing devices cause to display an alert indicting an obfuscated software programming script on a screen of a computing device associated with an administrative user to recommend security analysis of the software programming script based on the binary obfuscation classification.Type: ApplicationFiled: June 17, 2024Publication date: October 10, 2024Inventors: Baharak Saberidokht, Farshid Marbouti, Stephen Fletcher
-
Patent number: 12088605Abstract: Methods and systems comprising a first portion of a model that includes a model component that is trained to perform sentiment analysis based on training data for a plurality of users (e.g., what language, phrases, and/or responses the population at large uses). The first portion of the model also includes a model component that is trained to identify user intent based on the sentiment analysis that is specific to user groups. For example, the system first determines the likely context and/or meaning of communications of the user. The system then determines a likely intent of the user based on the likely context and/or meaning of communications (e.g., based on a correlation of the meaning of communications of the user and the intents of users corresponding to a user group of the user).Type: GrantFiled: July 8, 2022Date of Patent: September 10, 2024Assignee: Capital One Services, LLCInventors: Farshid Marbouti, Gurpreet Singh Sandhu, Sarvani Kare, Nahid Farhady Ghalaty, Daniel Liu, Patrick Sofo, Lee Adcock
-
Publication number: 20240220617Abstract: In some implementations, a system may receive a shell script associated with a computing device. The system may generate a character frequency feature vector based on the shell script. The system may input text of the shell script to a convolutional neural network (CNN) branch of a trained deep learning model. The system may input the character frequency feature vector to a feedforward neural network (FNN) branch of the trained deep learning model. The system may determine using the trained deep learning model, respective probability scores for each of a plurality of obfuscation types for the shell script based on a combined output of the CNN branch and the FNN branch. The system may detect whether the shell script is obfuscated based on respective probability scores for each of the plurality of obfuscation types determined for the shell script.Type: ApplicationFiled: March 19, 2024Publication date: July 4, 2024Inventors: Farshid MARBOUTI, Sarvani KARE, Boshika TARA, Stephen FLETCHER, Patrick SOFO
-
Patent number: 12013921Abstract: Systems and methods enable automated and scalable obfuscation detection in programming scripts, including processing devices that receive software programming scripts and a symbol set. The processing devices determine a frequency of each symbol and an average frequency of the symbols in the script text. The processing devices determine a normal score of each symbol based on the frequency of each symbol and the average frequency to create a symbol feature for each symbol including the normal score. The processing devices utilize an obfuscation machine learning model including a classifier for binary obfuscation classification to detect obfuscation in the script based on the symbol features. The processing devices cause to display an alert indicting an obfuscated software programming script on a screen of a computing device associated with an administrative user to recommend security analysis of the software programming script based on the binary obfuscation classification.Type: GrantFiled: May 18, 2023Date of Patent: June 18, 2024Assignee: Capital One Services, LLCInventors: Baharak Saberidokht, Farshid Marbouti, Stephen Fletcher
-
Patent number: 11954202Abstract: In some implementations, a system may receive a shell script associated with a computing device. The system may generate a character frequency feature vector based on the shell script. The system may input text of the shell script to a convolutional neural network (CNN) branch of a trained deep learning model. The system may input the character frequency feature vector to a feedforward neural network (FNN) branch of the trained deep learning model. The system may determine using the trained deep learning model, a respective probability score for each of a plurality of obfuscation types for the shell script based on a combined output of the CNN branch and the FNN branch. The system may detect whether the shell script is obfuscated based on the respective probability score for each of the plurality of obfuscation types determined for the shell script.Type: GrantFiled: May 14, 2021Date of Patent: April 9, 2024Assignee: Capital One Services, LLCInventors: Farshid Marbouti, Sarvani Kare, Boshika Tara, Stephen Fletcher, Patrick Sofo
-
Publication number: 20240064166Abstract: Methods and systems are described herein for detecting anomalous access to system resources. An anomaly detection system may access system events from one or more computing devices and may generate entries from the system events. Each entry may include a corresponding timestamp indicating a time when a corresponding system event occurred, a corresponding user identifier indicating a user account within a computing environment associated with the corresponding system event, a corresponding location identifier indicating a location within the computing environment, and a corresponding action identifier indicating an action that the user account performed with respect to the location or an object within the computing environment. The generated entries may be aggregated and input into an anomaly detection model to obtain anomalous activity identified by the model.Type: ApplicationFiled: November 3, 2023Publication date: February 22, 2024Applicant: Capital One Services, LLCInventors: Sarvani KARE, Vannia GONZALEZ MACIAS, Farshid MARBOUTI, Stephen FLETCHER, Boshika TARA, Patrick SOFO, Urvish PATEL
-
Publication number: 20240015168Abstract: Methods and systems comprising a first portion of a model that includes a model component that is trained to perform sentiment analysis based on training data for a plurality of users (e.g., what language, phrases, and/or responses the population at large uses). The first portion of the model also includes a model component that is trained to identify user intent based on the sentiment analysis that is specific to user groups. For example, the system first determines the likely context and/or meaning of communications of the user. The system then determines a likely intent of the user based on the likely context and/or meaning of communications (e.g., based on a correlation of the meaning of communications of the user and the intents of users corresponding to a user group of the user).Type: ApplicationFiled: July 8, 2022Publication date: January 11, 2024Applicant: Capital One Services, LLCInventors: Farshid MARBOUTI, Gurpreet Singh SANDHU, Sarvani KARE, Nahid FARHADY GHALATY, Daniel LIU, Patrick SOFO, Lee ADCOCK
-
Patent number: 11856014Abstract: Methods and systems are described herein for detecting anomalous access to system resources. An anomaly detection system may access system events from one or more computing devices and may generate entries from the system events. Each entry may include a corresponding timestamp indicating a time when a corresponding system event occurred, a corresponding user identifier indicating a user account within a computing environment associated with the corresponding system event, a corresponding location identifier indicating a location within the computing environment, and a corresponding action identifier indicating an action that the user account performed with respect to the location or an object within the computing environment. The generated entries may be aggregated and input into an anomaly detection model to obtain anomalous activity identified by the model.Type: GrantFiled: April 23, 2021Date of Patent: December 26, 2023Assignee: Capital One Services, LLCInventors: Sarvani Kare, Vannia Gonzalez Macias, Farshid Marbouti, Stephen Fletcher, Boshika Tara, Patrick Sofo, Urvish Patel
-
Publication number: 20230289412Abstract: Systems and methods enable automated and scalable obfuscation detection in programming scripts, including processing devices that receive software programming scripts and a symbol set. The processing devices determine a frequency of each symbol and an average frequency of the symbols in the script text. The processing devices determine a normal score of each symbol based on the frequency of each symbol and the average frequency to create a symbol feature for each symbol including the normal score. The processing devices utilize an obfuscation machine learning model including a classifier for binary obfuscation classification to detect obfuscation in the script based on the symbol features. The processing devices cause to display an alert indicting an obfuscated software programming script on a screen of a computing device associated with an administrative user to recommend security analysis of the software programming script based on the binary obfuscation classification.Type: ApplicationFiled: May 18, 2023Publication date: September 14, 2023Inventors: Baharak Saberidokht, Farshid Marbouti, Stephen Fletcher
-
Patent number: 11675881Abstract: Systems and methods enable automated and scalable obfuscation detection in programming scripts, including processing devices that receive software programming scripts and a symbol set. The processing devices determine a frequency of each symbol and an average frequency of the symbols in the script text. The processing devices determine a normal score of each symbol based on the frequency of each symbol and the average frequency to create a symbol feature for each symbol including the normal score. The processing devices utilize an obfuscation machine learning model including a classifier for binary obfuscation classification to detect obfuscation in the script based on the symbol features. The processing devices cause to display an alert indicting an obfuscated software programming script on a screen of a computing device associated with an administrative user to recommend security analysis of the software programming script based on the binary obfuscation classification.Type: GrantFiled: October 5, 2022Date of Patent: June 13, 2023Assignee: Capital One Services, LLCInventors: Baharak Saberidokht, Farshid Marbouti, Stephen Fletcher
-
Publication number: 20230046532Abstract: Systems and methods enable automated and scalable obfuscation detection in programming scripts, including processing devices that receive software programming scripts and a symbol set. The processing devices determine a frequency of each symbol and an average frequency of the symbols in the script text. The processing devices determine a normal score of each symbol based on the frequency of each symbol and the average frequency to create a symbol feature for each symbol including the normal score. The processing devices utilize an obfuscation machine learning model including a classifier for binary obfuscation classification to detect obfuscation in the script based on the symbol features. The processing devices cause to display an alert indicting an obfuscated software programming script on a screen of a computing device associated with an administrative user to recommend security analysis of the software programming script based on the binary obfuscation classification.Type: ApplicationFiled: October 5, 2022Publication date: February 16, 2023Inventors: Baharak Saberidokht, Farshid Marbouti, Stephen Fletcher
-
Publication number: 20220366040Abstract: In some implementations, a system may receive a shell script associated with a computing device. The system may generate a character frequency feature vector based on the shell script. The system may input text of the shell script to a convolutional neural network (CNN) branch of a trained deep learning model. The system may input the character frequency feature vector to a feedforward neural network (FNN) branch of the trained deep learning model. The system may determine using the trained deep learning model, a respective probability score for each of a plurality of obfuscation types for the shell script based on a combined output of the CNN branch and the FNN branch. The system may detect whether the shell script is obfuscated based on the respective probability score for each of the plurality of obfuscation types determined for the shell script.Type: ApplicationFiled: May 14, 2021Publication date: November 17, 2022Inventors: Farshid MARBOUTI, Sarvani KARE, Boshika TARA, Stephen FLETCHER, Patrick SOFO
-
Publication number: 20220345473Abstract: Methods and systems are described herein for detecting anomalous access to system resources. An anomaly detection system may access system events from one or more computing devices and may generate entries from the system events. Each entry may include a corresponding timestamp indicating a time when a corresponding system event occurred, a corresponding user identifier indicating a user account within a computing environment associated with the corresponding system event, a corresponding location identifier indicating a location within the computing environment, and a corresponding action identifier indicating an action that the user account performed with respect to the location or an object within the computing environment. The generated entries may be aggregated and input into an anomaly detection model to obtain anomalous activity identified by the model.Type: ApplicationFiled: April 23, 2021Publication date: October 27, 2022Applicant: Capital One Services, LLCInventors: Sarvani KARE, Vannia Gonzalez Macias, Farshid Marbouti, Stephen Fletcher, Boshika Tara, Patrick Sofo, Urvish Patel
-
Patent number: 11481475Abstract: Systems and methods enable automated and scalable obfuscation detection in programming scripts, including processing devices that receive software programming scripts and a symbol set. The processing devices determine a frequency of each symbol and an average frequency of the symbols in the script text. The processing devices determine a normal score of each symbol based on the frequency of each symbol and the average frequency to create a symbol feature for each symbol including the normal score. The processing devices utilize an obfuscation machine learning model including a classifier for binary obfuscation classification to detect obfuscation in the script based on the symbol features. The processing devices cause to display an alert indicting an obfuscated software programming script on a screen of a computing device associated with an administrative user to recommend security analysis of the software programming script based on the binary obfuscation classification.Type: GrantFiled: November 3, 2020Date of Patent: October 25, 2022Assignee: Capital One Services, LLCInventors: Baharak Saberidokht, Farshid Marbouti, Stephen Fletcher
-
Publication number: 20220138288Abstract: Systems and methods enable automated and scalable obfuscation detection in programming scripts, including processing devices that receive software programming scripts and a symbol set. The processing devices determine a frequency of each symbol and an average frequency of the symbols in the script text. The processing devices determine a normal score of each symbol based on the frequency of each symbol and the average frequency to create a symbol feature for each symbol including the normal score. The processing devices utilize an obfuscation machine learning model including a classifier for binary obfuscation classification to detect obfuscation in the script based on the symbol features. The processing devices cause to display an alert indicting an obfuscated software programming script on a screen of a computing device associated with an administrative user to recommend security analysis of the software programming script based on the binary obfuscation classification.Type: ApplicationFiled: November 3, 2020Publication date: May 5, 2022Inventors: Baharak Saberidokht, Farshid Marbouti, Stephen Fletcher