Patents by Inventor Helmuth Freericks

Helmuth Freericks has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 9235705
    Abstract: Systems and methods for protecting a virtualization environment against malware. The methods involve intercepting an event in a kernel mode of the virtualization environment, suspending execution of the event, and transmitting the event to a user mode security module that determines whether the event should be blocked, allowed, or redirected. Events may be intercepted from any level of the virtualization environment, including an interrupt request table, device driver, OS object manager, OS service dispatch table, Portable Execution (P/E) import/export table, or binary code, among others. In one embodiment, an event may trigger a chain of related events, such that interception of an event without first intercepting an expected antecedent event is one indication of malware. The method also involves securing a virtual storage device against unauthorized access and providing for secure communication between guest OS and virtualization environment security modules.
    Type: Grant
    Filed: May 19, 2009
    Date of Patent: January 12, 2016
    Assignee: Wontok, Inc.
    Inventors: Helmuth Freericks, Oleg Kouznetsov
  • Patent number: 8918865
    Abstract: Systems (100) and methods (400) for protecting data accessed through a network connection. The methods involve transferring security software (150) from an external memory device of a client computer (102) to an internal memory device of the client computer. The security software is operative to protect data communicated to and from the client computer via communication links. The security software is also operative to provide a web browser (1101, 1102, . . . , 110p) which executes in user mode on a trusted secured desktop (904) configured to run simultaneously with an unsecured desktop (902) of the client computer. The security software is further operative to provide a security service to the web browser. The security service includes at least one service selected from the group consisting of a keylogger prevention service, a code injection prevention service, and a screen scraper protection service.
    Type: Grant
    Filed: January 21, 2009
    Date of Patent: December 23, 2014
    Assignee: WONTOK, Inc.
    Inventors: Helmuth Freericks, Oleg Kouznetsov, John C. Sharp
  • Patent number: 8341649
    Abstract: Stack-based system for handling an event in a computer system which has a kernel mode and a user-mode, concurrently by one or more user-mode applications. The systems comprise at least one computing device. The computing device is configured to suspend an occurrence of the event in the kernel-mode of an operating system running thereon. The computing device is also configured to cause the event to occur in the user-mode of the operating system. The computing device is further configured to determine if an occurrence of the event in the kernel-mode will compromise the computer system by analyzing the occurrence of the event in the user-mode. If it is determined that the occurrence of the event in the kernel-mode will compromise the computer system, then the computing device executes at least one security measure.
    Type: Grant
    Filed: December 29, 2009
    Date of Patent: December 25, 2012
    Assignee: Wontok, Inc.
    Inventors: Helmuth Freericks, Oleg Kouznetsov
  • Patent number: 8332872
    Abstract: Systems for handling an event in a computer system which has a kernel-mode and a user-mode. The systems comprise at least one computing device. The computing device is configured to suspend an occurrence of the event in the kernel-mode of an operating system running thereon. The computing device is also configured to cause the event to occur in the user-mode of the operating system. The computing device is further configured to determine if an occurrence of the event in the kernel-mode will compromise the computer system by analyzing the occurrence of the event in the user-mode. If it is determined that the occurrence of the event in the kernel-mode will compromise the computer system, then the computing device executes at least one security measure.
    Type: Grant
    Filed: June 14, 2010
    Date of Patent: December 11, 2012
    Assignee: Wontok, Inc.
    Inventors: Oleg Kouznetsov, Gustav Karlsson, Helmuth Freericks
  • Patent number: 8225404
    Abstract: Systems and methods for simultaneously protecting software components (150) installed on a computer system (102) against malware. The methods involve executing a first end user application (3181, 3182, . . . , 318p) to the computer system (102) which execute in user mode on a trusted secure desktop (904). The trusted secure desktop is configured to run simultaneously with an unsecure desktop (902). The methods also involve performing a security service operation to protect the first end user application against malware. The security service operations include a keylogger prevention service operation, a code injection prevention service operation, a screen scraper protection service operation, a process termination prevention service operation, or a Domain Name System service operation.
    Type: Grant
    Filed: January 21, 2009
    Date of Patent: July 17, 2012
    Assignee: Wontok, Inc.
    Inventors: Helmuth Freericks, Oleg Kouznetsov, John C. Sharp
  • Publication number: 20110209222
    Abstract: A network system comprises a transaction network operative to provide a transaction with an end user; a trusted source of a security mechanism (e.g.
    Type: Application
    Filed: March 30, 2011
    Publication date: August 25, 2011
    Applicant: SAFECENTRAL, INC.
    Inventors: John C. Sharp, Wee Tuck Teo, Helmuth Freericks, Oleg Kouznetsov
  • Publication number: 20100251368
    Abstract: Systems for handling an event in a computer system which has a kernel-mode and a user-mode. The systems comprise at least one computing device. The computing device is configured to suspend an occurrence of the event in the kernel-mode of an operating system running thereon. The computing device is also configured to cause the event to occur in the user-mode of the operating system. The computing device is further configured to determine if an occurrence of the event in the kernel-mode will compromise the computer system by analyzing the occurrence of the event in the user-mode. If it is determined that the occurrence of the event in the kernel-mode will compromise the computer system, then the computing device executes at least one security measure.
    Type: Application
    Filed: June 14, 2010
    Publication date: September 30, 2010
    Applicant: AUTHENTIUM, INC.
    Inventors: Oleg Kouznetsov, Gustav Karlsson, Helmuth Freericks
  • Patent number: 7765558
    Abstract: Systems for handling an event in a computer system which has a kernel-mode and a user-mode. The systems comprise at least one computing device. The computing device is configured to suspend an occurrence of the event in the kernel-mode of an operating system running thereon. The computing device is also configured to cause the event to occur in the user-mode of the operating system. The computing device is further configured to determine if an occurrence of the event in the kernel-mode will compromise the computer system by analyzing the occurrence of the event in the user-mode. If it is determined that the occurrence of the event in the kernel-mode will compromise the computer system, then the computing device executes at least one security measure.
    Type: Grant
    Filed: July 5, 2005
    Date of Patent: July 27, 2010
    Assignee: Authentium, Inc.
    Inventors: Oleg Kouznetsov, Gustav Karlsson, Helmuth Freericks
  • Publication number: 20100138843
    Abstract: Stack-based system for handling an event in a computer system which has a kernel mode and a user-mode, concurrently by one or more user-mode applications. The systems comprise at least one computing device. The computing device is configured to suspend an occurrence of the event in the kernel-mode of an operating system running thereon. The computing device is also configured to cause the event to occur in the user-mode of the operating system. The computing device is further configured to determine if an occurrence of the event in the kernel-mode will compromise the computer system by analyzing the occurrence of the event in the user-mode. If it is determined that the occurrence of the event in the kernel-mode will compromise the computer system, then the computing device executes at least one security measure.
    Type: Application
    Filed: December 29, 2009
    Publication date: June 3, 2010
    Applicant: AUTHENTIUM, INC.
    Inventors: Helmuth Freericks, Oleg Kouznetsov
  • Publication number: 20090288167
    Abstract: Systems and methods for protecting a virtualization environment against malware. The methods involve intercepting an event in a kernel mode of the virtualization environment, suspending execution of the event, and transmitting the event to a user mode security module that determines whether the event should be blocked, allowed, or redirected. Events may be intercepted from any level of the virtualization environment, including an interrupt request table, device driver, OS object manager, OS service dispatch table, Portable Execution (P/E) import/export table, or binary code, among others. In one embodiment, an event may trigger a chain of related events, such that interception of an event without first intercepting an expected antecedent event is one indication of malware. The method also involves securing a virtual storage device against unauthorized access and providing for secure communication between guest OS and virtualization environment security modules.
    Type: Application
    Filed: May 19, 2009
    Publication date: November 19, 2009
    Applicant: Authentium, Inc.
    Inventors: Helmuth Freericks, Oleg Kouznetsov
  • Publication number: 20090187763
    Abstract: Systems (100) and methods (400) for protecting data accessed through a network connection. The methods involve transferring security software (150) from an external memory device of a client computer (102) to an internal memory device of the client computer. The security software is operative to protect data communicated to and from the client computer via communication links. The security software is also operative to provide a web browser (1101, 1102, . . . , 110p) which executes in user mode on a trusted secured desktop (904) configured to run simultaneously with an unsecured desktop (902) of the client computer. The security software is further operative to provide a security service to the web browser. The security service includes at least one service selected from the group consisting of a keylogger prevention service, a code injection prevention service, and a screen scraper protection service.
    Type: Application
    Filed: January 21, 2009
    Publication date: July 23, 2009
    Applicant: Authentium, Inc.
    Inventors: Helmuth Freericks, Oleg Kouznetsov, John C. Sharp
  • Publication number: 20090187991
    Abstract: Systems and methods for simultaneously protecting software components (150) installed on a computer system (102) against malware. The methods involve executing a first end user application (3181, 3182, . . . , 318p) to the computer system (102) which execute in user mode on a trusted secure desktop (904). The trusted secure desktop is configured to run simultaneously with an unsecure desktop (902). The methods also involve performing a security service operation to protect the first end user application against malware. The security service operations include a keylogger prevention service operation, a code injection prevention service operation, a screen scraper protection service operation, a process termination prevention service operation, or a Domain Name System service operation.
    Type: Application
    Filed: January 21, 2009
    Publication date: July 23, 2009
    Applicant: Authentium, Inc.
    Inventors: Helmuth Freericks, Oleg Kouznetsov, John C. Sharp
  • Publication number: 20090044266
    Abstract: A network system comprises a transaction network operative to provide a transaction with an end user; a trusted source of a security mechanism (e.g.
    Type: Application
    Filed: April 29, 2008
    Publication date: February 12, 2009
    Applicant: Authentium, Inc.
    Inventors: John C. Sharp, Wee Tuck Teo, Helmuth Freericks, Oleg Kouznetsov
  • Publication number: 20060015880
    Abstract: A system for handling an event in a computer system which has a kernel-mode and a user-mode, the system comprising: a kernel part that is operable to effect a suspension of the event in the kernel-mode; and a user part that is operable to effect an occurrence of the event in the user-mode, thereby handling the event in the computer system.
    Type: Application
    Filed: July 5, 2005
    Publication date: January 19, 2006
    Inventors: Oleg Kouznetsov, Gustav Karlsson, Helmuth Freericks