Patents by Inventor Henry Uyeno
Henry Uyeno has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11019081Abstract: According to one embodiment, an electronic device features processing circuitry and memory that includes a first logic and a second logic. When executed by the processing circuitry, the first logic organizes (i) a first plurality of indicators of compromise (IOCs) received from a first source, where the first plurality of IOCs being caused by a known origin of a malicious attack, and (ii) one or more IOCs received from a second source that is different from the first source and an origin of the one or more IOCs is unknown. The second logic conducts a predictive analysis that evaluates whether the one or more IOCs have at least a degree of correlation with the first plurality of IOCs, and determines a threat level. The threat level signifies a degree of confidence that IOCs received from the second source are caused by the known origin of the first plurality of IOCs.Type: GrantFiled: August 30, 2019Date of Patent: May 25, 2021Assignee: FireEye, Inc.Inventors: Alexandr Rivlin, Divyesh Mehra, Henry Uyeno, Vinay Pidathala
-
Patent number: 10757120Abstract: An electronic message is analyzed for malware contained in the message. Text of an electronic message may be analyzed to detect and process malware content in the electronic message itself. The present technology may analyze an electronic message and attachments to electronic messages to detect a uniform resource location (URL), identify whether the URL is suspicious, and analyze all suspicious URLs to determine if they are malware. The analysis may include re-playing the suspicious URL in a virtual environment which simulates the intended computing device to receive the electronic message. If the re-played URL is determined to be malicious, the malicious URL is added to a black list which is updated throughout the computer system.Type: GrantFiled: July 16, 2018Date of Patent: August 25, 2020Assignee: FireEye, Inc.Inventors: Ashar Aziz, Henry Uyeno, Jay Manni, Amin Sukhera, Stuart Staniford
-
Patent number: 10505956Abstract: According to one embodiment, in response to receiving a plurality of uniform resource locator (URL) links for malicious determination, any known URL links are removed from the URL links based on a list of known link signatures. For each of remaining URL links that are unknown, a link analysis is performed on the URL link based on link heuristics to determine whether the URL link is suspicious. For each of the suspicious URL links, a dynamic analysis is performed on a resource of the suspicious URL link. It is classified whether the suspicious URL link is a malicious link based on a behavior of the resource during the dynamic analysis.Type: GrantFiled: February 5, 2018Date of Patent: December 10, 2019Assignee: FireEye, Inc.Inventors: Vinay Pidathala, Henry Uyeno
-
Patent number: 10404725Abstract: According to one embodiment, an electronic device features processing circuitry and memory that includes a first logic and a second logic. When executed by the processing circuitry, the first logic organizes (i) a first plurality of indicators of compromise (IOCs) received from a first source, where the first plurality of IOCs being caused by a known origin of a malicious attack, and (ii) one or more IOCs received from a second source that is different from the first source and an origin of the one or more IOCs is unknown. The second logic conducts a predictive analysis that evaluates whether the one or more IOCs have at least a degree of correlation with the first plurality of IOCs, and determines a threat level. The threat level signifies a degree of confidence that IOCs received from the second source are caused by the known origin of the first plurality of IOCs.Type: GrantFiled: July 16, 2018Date of Patent: September 3, 2019Assignee: FireEye, Inc.Inventors: Alexandr Rivlin, Divyesh Mehra, Henry Uyeno, Vinay Pidathala
-
Patent number: 10282548Abstract: Systems and methods for detecting malicious content are provided. In an exemplary embodiment, a method for detecting malicious content is described that detects when a client device has access to a remote network server of a communication network. The client device includes one or more processors. Thereafter, a controller being a device separate from the client device, activates one or more security programs within the remote network server. The security programs enable the controller to analyze data stored within or transmitted from the remote network server. Lastly, the controller analyzing the data to determine whether the data includes malware.Type: GrantFiled: December 12, 2016Date of Patent: May 7, 2019Assignee: FireEye, Inc.Inventors: Ashar Aziz, Stuart Staniford, Muhammad Amin, Henry Uyeno, Samuel Yie
-
Patent number: 10027690Abstract: An electronic message is analyzed for malware contained in the message. Text of an electronic message may be analyzed to detect and process malware content in the electronic message itself. The present technology may analyze an electronic message and attachments to electronic messages to detect a uniform resource location (URL), identify whether the URL is suspicious, and analyze all suspicious URLs to determine if they are malware. The analysis may include re-playing the suspicious URL in a virtual environment which simulates the intended computing device to receive the electronic message. If the re-played URL is determined to be malicious, the malicious URL is added to a black list which is updated throughout the computer system.Type: GrantFiled: June 22, 2015Date of Patent: July 17, 2018Assignee: FireEye, Inc.Inventors: Ashar Aziz, Henry Uyeno, Jay Manni, Amin Sukhera, Stuart Staniford
-
Patent number: 10027696Abstract: According to one embodiment, an electronic device features processing circuitry and memory that includes a first logic and a second logic. When executed by the processing circuitry, the first logic organizes (i) a first plurality of indicators of compromise (IOCs) received from a first source, where the first plurality of IOCs being caused by a known origin of a malicious attack, and (ii) one or more IOCs received from a second source that is different from the first source and an origin of the one or more IOCs is unknown. The second logic conducts a predictive analysis that evaluates whether the one or more IOCs have at least a degree of correlation with the first plurality of IOCs, and determines a threat level. The threat level signifies a degree of confidence that IOCs received from the second source are caused by the known origin of the first plurality of IOCs.Type: GrantFiled: March 27, 2017Date of Patent: July 17, 2018Assignee: FireEye, Inc.Inventors: Alexandr Rivlin, Divyesh Mehra, Henry Uyeno, Vinay Pidathala
-
Patent number: 9888019Abstract: According to one embodiment, in response to receiving a plurality of uniform resource locator (URL) links for malicious determination, any known URL links are removed from the URL links based on a list of known link signatures. For each of remaining URL links that are unknown, a link analysis is performed on the URL link based on link heuristics to determine whether the URL link is suspicious. For each of the suspicious URL links, a dynamic analysis is performed on a resource of the suspicious URL link. It is classified whether the suspicious URL link is a malicious link based on a behavior of the resource during the dynamic analysis.Type: GrantFiled: March 28, 2016Date of Patent: February 6, 2018Assignee: FireEye, Inc.Inventors: Vinay Pidathala, Henry Uyeno
-
Patent number: 9888016Abstract: Phishing detection techniques for predicting a password for decrypting an attachment for the purpose of malicious content detection are described herein. According to one embodiment, in response to a communication message, as such an electronic mail (email) message having an encrypted attachment, content of the communication message is parsed to predict a password based on a pattern of the content. The encrypted attachment is then decrypted using the predicted password to generate a decrypted attachment. Thereafter, a malicious content analysis is performed on the decrypted attachment to determine a likelihood as to whether the decrypted attachment contains malicious content.Type: GrantFiled: June 28, 2013Date of Patent: February 6, 2018Assignee: FireEye, Inc.Inventors: Muhammad Amin, Mohan Samuelraj, Henry Uyeno
-
Patent number: 9832212Abstract: An electronic message is analyzed for malware contained in the message. Text of an electronic message may be analyzed to detect and process malware content in the electronic message itself. The present technology may analyze an electronic message and attachments to electronic messages to detect a uniform resource location (URL), identify whether the URL is suspicious, and analyze all suspicious URLs to determine if they are malware. The analysis may include re-playing the suspicious URL in a virtual environment which simulates the intended computing device to receive the electronic message. If the re-played URL is determined to be malicious, the malicious URL is added to a black list which is updated throughout the computer system.Type: GrantFiled: June 22, 2015Date of Patent: November 28, 2017Assignee: FireEye, Inc.Inventors: Ashar Aziz, Henry Uyeno, Jay Manni, Amin Sukhera, Stuart Staniford
-
Patent number: 9609007Abstract: According to one embodiment, a computerized method comprises receiving a set of indicators of compromise (IOCs) associated with a known malware of a first message type from a first source and receiving one or more IOCs (IOC(s)) from a second source that is different from the first source. Thereafter, a determination is made as to whether the received IOC(s) from the second source correspond to the set of IOCs received from the first source. If so, information associated with at least the set of IOCs is used to locate a malware of the first message type that is undetected at the second source.Type: GrantFiled: June 6, 2016Date of Patent: March 28, 2017Assignee: FireEye, Inc.Inventors: Alexandr Rivlin, Divyesh Mehra, Henry Uyeno, Vinay Pidathala
-
Patent number: 9519782Abstract: Systems and methods for detecting malicious content on portable data storage devices or remote network servers are provided. In an exemplary embodiment, a system comprises a quarantine module configured to detect one or more portable data storage devices upon insertion of the devices into a security appliance, wherein the security appliance is configured to receive the portable data storage devices, a controller configured to receive from the security appliance, via a communication network, data associated with the portable data storage devices, an analysis module configured to analyze the data to determine whether the data includes malware, and a security module to selectively identify, based on the determination, the one or more portable data storage devices storing the malware.Type: GrantFiled: February 24, 2012Date of Patent: December 13, 2016Assignee: FireEye, Inc.Inventors: Ashar Aziz, Stuart Gresley Staniford, Muhammad Amin, Henry Uyeno, Samuel Yie
-
Patent number: 9363280Abstract: According to one embodiment, a computerized method comprises receiving a set of indicators of compromise (IOCs) associated with a known malware of a first message type from a first source and receiving one or more IOCs (IOC(s)) from a second source that is different from the first source. Thereafter, a determination is made as to whether the received IOC(s) from the second source correspond to the set of IOCs received from the first source. If so, information associated with at least the set of IOCs is used to locate a malware of the first message type that is undetected at the second source.Type: GrantFiled: August 22, 2014Date of Patent: June 7, 2016Assignee: FireEye, Inc.Inventors: Alexandr Rivlin, Divyesh Mehra, Henry Uyeno, Vinay Pidathala
-
Publication number: 20160127393Abstract: An electronic message is analyzed for malware contained in the message. Text of an electronic message may be analyzed to detect and process malware content in the electronic message itself. The present technology may analyze an electronic message and attachments to electronic messages to detect a uniform resource location (URL), identify whether the URL is suspicious, and analyze all suspicious URLs to determine if they are malware. The analysis may include re-playing the suspicious URL in a virtual environment which simulates the intended computing device to receive the electronic message. If the re-played URL is determined to be malicious, the malicious URL is added to a black list which is updated throughout the computer system.Type: ApplicationFiled: June 22, 2015Publication date: May 5, 2016Applicant: FireEye, Inc.Inventors: Ashar Aziz, Henry Uyeno, Jay Manni, Amin Sukhera, Stuart Staniford
-
Patent number: 9300686Abstract: According to one embodiment, in response to receiving a plurality of uniform resource locator (URL) links for malicious determination, any known URL links are removed from the URL links based on a list of known link signatures. For each of remaining URL links that are unknown, a link analysis is performed on the URL link based on link heuristics to determine whether the URL link is suspicious. For each of the suspicious URL links, a dynamic analysis is performed on a resource of the suspicious URL link. It is classified whether the suspicious URL link is a malicious link based on a behavior of the resource during the dynamic analysis.Type: GrantFiled: July 18, 2013Date of Patent: March 29, 2016Assignee: FireEye, Inc.Inventors: Vinay Pidathala, Henry Uyeno
-
Patent number: 9106694Abstract: An electronic message is analyzed for malware contained in the message. Text of an electronic message may be analyzed to detect and process malware content in the electronic message itself. The present technology may analyze an electronic message and attachments to electronic messages to detect a uniform resource location (URL), identify whether the URL is suspicious, and analyze all suspicious URLs to determine if they are malware. The analysis may include re-playing the suspicious URL in a virtual environment which simulates the intended computing device to receive the electronic message. If the re-played URL is determined to be malicious, the malicious URL is added to a black list which is updated throughout the computer system.Type: GrantFiled: April 18, 2011Date of Patent: August 11, 2015Assignee: FireEye, Inc.Inventors: Ashar Aziz, Henry Uyeno, Jay Manni, Muhammad Amin, Stuart Staniford
-
Publication number: 20150007312Abstract: According to one embodiment, in response to receiving a plurality of uniform resource locator (URL) links for malicious determination, any known URL links are removed from the URL links based on a list of known link signatures. For each of remaining URL links that are unknown, a link analysis is performed on the URL link based on link heuristics to determine whether the URL link is suspicious. For each of the suspicious URL links, a dynamic analysis is performed on a resource of the suspicious URL link. It is classified whether the suspicious URL link is a malicious link based on a behavior of the resource during the dynamic analysis.Type: ApplicationFiled: July 18, 2013Publication date: January 1, 2015Inventors: Vinay Pidathala, Henry Uyeno
-
Publication number: 20130227691Abstract: Systems and methods for detecting malicious content on portable data storage devices or remote network servers are provided. In an exemplary embodiment, a system comprises a quarantine module configured to detect one or more portable data storage devices upon insertion of the devices into a security appliance, wherein the security appliance is configured to receive the portable data storage devices, a controller configured to receive from the security appliance, via a communication network, data associated with the portable data storage devices, an analysis module configured to analyze the data to determine whether the data includes malware, and a security module to selectively identify, based on the determination, the one or more portable data storage devices storing the malware.Type: ApplicationFiled: February 24, 2012Publication date: August 29, 2013Inventors: Ashar Aziz, Stuart Gresley Staniford, Muhammad Amin, Henry Uyeno, Samuel Yie
-
Publication number: 20110314546Abstract: An electronic message is analyzed for malware contained in the message. Text of an electronic message may be analyzed to detect and process malware content in the electronic message itself. The present technology may analyze an electronic message and attachments to electronic messages to detect a uniform resource location (URL), identify whether the URL is suspicious, and analyze all suspicious URLs to determine if they are malware. The analysis may include re-playing the suspicious URL in a virtual environment which simulates the intended computing device to receive the electronic message. If the re-played URL is determined to be malicious, the malicious URL is added to a black list which is updated throughout the computer system.Type: ApplicationFiled: April 18, 2011Publication date: December 22, 2011Inventors: Ashar Aziz, Henry Uyeno, Jay Manni, Amin Sukhera, Stuart Staniford