Patents by Inventor Igor Seletskiy

Igor Seletskiy has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20260127267
    Abstract: Disclosed herein are systems and method for migrating units of a program between virtual memory regions. A method includes: dividing system virtual memory into a set of virtual memory regions; storing (1) program code including instructions in a set of code units and (2) program variables and data values in a set of data units, wherein the set of code units and the set of data units are spread across the set of virtual memory regions; in response to detecting that a trigger condition of a first security policy is satisfied, executing a transfer action of the first security policy that transfers a code unit and/or data unit from an origin virtual memory region to a destination virtual memory region.
    Type: Application
    Filed: November 4, 2024
    Publication date: May 7, 2026
    Inventors: Igor SELETSKIY, Pavel IOVEVSKI
  • Patent number: 12585768
    Abstract: Disclosed herein are systems and methods for detecting malware in scripts. A method includes: monitoring, at a first computing device, an execution flow of at least one portion of a script; computing a fingerprint that represents the execution flow; determining whether the fingerprint is present in a local fingerprint database that includes a plurality of entries for known scripts; in response to determining that the fingerprint is not present in the local fingerprint database, transmitting the fingerprint to a central database server including a universal fingerprint database; in response to receiving an indication that the fingerprint is not present in the universal fingerprint database, scanning the at least one portion of the script for malware; and blocking the script in response to determining that the at least one portion of the script includes malware based on the scanning.
    Type: Grant
    Filed: June 19, 2024
    Date of Patent: March 24, 2026
    Assignee: Cloud Linux Software, Inc.
    Inventors: Igor Seletskiy, Serhii Brazhnyk, Arsenii Pastushenko
  • Publication number: 20260064839
    Abstract: Disclosed herein are systems and method for removing malicious code from a script without compromising script functionality. In one aspect, the method includes: identifying, in a script, at least one string corresponding to a malicious pattern; generating an abstract syntax tree (AST) of the script; identifying, in the AST, a parent operator associated with the at least one string; determining an absolute position and length of a node representing the parent operator in the AST; and removing malicious code from the script based on the absolute position and length of the node.
    Type: Application
    Filed: August 27, 2024
    Publication date: March 5, 2026
    Inventors: Igor Seletskiy, Roman Gavrilchenko
  • Patent number: 12475230
    Abstract: Disclosed herein are systems and methods for automatic detection, fixing, and monitoring of vulnerabilities. In one aspect, an exemplary method comprises receiving as an input an artifact, when the received artifact is vulnerable, building the artifact for a new release, scanning a library containing the new release of the artifact to determine whether the library is safe for publishing, and publishing the library to an accessible artifact depository when the library is safe for publishing. In one aspect, the building of the artifact for the new release includes, scanning a dependency tree, replacing the vulnerable version by a safe version of the artifact when a safe version is available, fixing the vulnerable version of the artifact using known patches when a safe version of the artifact is not available, adding a postfix to a group ID of the artifact for distinguishing the fixed version from prior versions of the artifact.
    Type: Grant
    Filed: October 23, 2023
    Date of Patent: November 18, 2025
    Assignee: Cloud Linux Software Inc.
    Inventors: Igor Seletskiy, Evgenii Frolikov, Andrei Popov, Dmitry Turmyshev
  • Patent number: 12432251
    Abstract: Disclosed herein are systems and method for detecting and resolving account compromise, the method comprising: configuring a web application firewall (WAF) to monitor events in a web application following a successful login into a user account of the web application; collecting, by the WAF, event data of a user session on the web application; determining whether the collected event data comprises malicious activity by comparing the collected event data to historic event data indicative of the malicious activity; in response to determining, by the WAF, that the collected event data corresponds to the historic event data: storing an indication that the user account is compromised in a database; generating an alert indicating that the user account is compromised, wherein the alert comprises a prompt to reset a password of the user account; and blocking, by the WAF, further access to the user account in the user session.
    Type: Grant
    Filed: May 11, 2023
    Date of Patent: September 30, 2025
    Assignee: Cloud Linux Software Inc.
    Inventors: Igor Seletskiy, Serhii Polishchuk, Marat Sataiev
  • Patent number: 12430434
    Abstract: Disclosed herein are systems and method for blocking malicious script execution. In one exemplary aspect, the method includes determining, on a first computing device of a plurality of computing devices, that a first script on the first computing device is malicious. The method includes identifying a plurality of operations in an execution flow of the first script and generating a first hash value of attributes associated with the plurality of operations in the execution flow, wherein the attributes omit a name of the first script and a location of the first script on the first computing device. The method includes generating a first rule that prevents execution of any script whose generated hash value would match the first hash value of the first script and transmitting the first rule to a second computing device that subsequently blocks scripts based on the first rule.
    Type: Grant
    Filed: January 6, 2023
    Date of Patent: September 30, 2025
    Assignee: Cloud Linux Software Inc.
    Inventors: Igor Seletskiy, Aleksei Berezhok, Evgenii Vodilov, Grigorii Zemskov
  • Publication number: 20250265074
    Abstract: Disclosed herein are systems and method for dynamically updating classes in a running application. In one aspect, a method may include identifying an application running within a virtual machine (VM); generating, within the application, a patcher thread for processing patches; instantiating, within the application, a patcher class using a singleton pattern; installing a shutdown hook in the VM to signal the patcher thread to stop operation and release resources during termination of the application; generating a notification that a live patching facility is set up using a system property in the VM; detecting and executing, via the patcher thread, a task to replace an existing version of a class with an updated version of the class at runtime by scanning, using a polling technique, a tasks directory for new class files and finding the updated version of the class.
    Type: Application
    Filed: February 20, 2024
    Publication date: August 21, 2025
    Inventors: Igor SELETSKIY, Nikita Popov
  • Patent number: 12388842
    Abstract: Disclosed herein are systems and method for deduplicating malware scan attempts. In one exemplary aspect, a method may include: receiving, from a first computing device of a plurality of computing devices in a network, a first hash value of an object and a verdict of a malware scan performed on the object by the first computing device; storing the first hash value and the verdict in a shared verdict database; receiving, from a second computing device in the network, a verdict request including a second hash value; determining that the first hash value and the second hash value match; in response to determining the match, transmitting, to the second computing device, the verdict of the malware scan performed on the object by the first computing device, wherein the second computing device does not perform a redundant malware scan on the object.
    Type: Grant
    Filed: August 30, 2022
    Date of Patent: August 12, 2025
    Assignee: Cloud Linux Software, Inc.
    Inventors: Igor Seletskiy, Andrey Kucherov
  • Publication number: 20250131097
    Abstract: Disclosed herein are systems and methods for automatic detection, fixing, and monitoring of vulnerabilities. In one aspect, an exemplary method comprises receiving as an input an artifact, when the received artifact is vulnerable, building the artifact for a new release, scanning a library containing the new release of the artifact to determine whether the library is safe for publishing, and publishing the library to an accessible artifact depository when the library is safe for publishing. In one aspect, the building of the artifact for the new release includes, scanning a dependency tree, replacing the vulnerable version by a safe version of the artifact when a safe version is available, fixing the vulnerable version of the artifact using known patches when a safe version of the artifact is not available, adding a postfix to a group ID of the artifact for distinguishing the fixed version from prior versions of the artifact.
    Type: Application
    Filed: October 23, 2023
    Publication date: April 24, 2025
    Inventors: Igor Seletskiy, Evgenii Frolikov, Andrei Popov, Dmitry Turmyshev
  • Patent number: 12273385
    Abstract: Disclosed herein are systems and method for automated malicious code replacement. In one exemplary aspect, a method may comprise scanning for malicious content in a file comprising a script written in an interpretable programming language, wherein the malicious content triggers malicious activity on a computing device that stores the file. The method may comprise detecting a malware injection in the file based on the scanning, wherein the malware injection comprises at least one operator that enables the malicious activity. The method may comprise identifying a benign operator that can replace the at least one operator to prevent execution of the malicious activity without causing a syntax error. The method may comprise updating the file by replacing the at least one operator with the benign operator.
    Type: Grant
    Filed: January 24, 2022
    Date of Patent: April 8, 2025
    Assignee: Cloud Linux Software Inc.
    Inventors: Igor Seletskiy, Andrey Kucherov
  • Publication number: 20250068444
    Abstract: Disclosed herein are systems and methods for loading an agent into a virtual machine. In one aspect, a method may include receiving a path to an agent and an options string, wherein the agent comprises a set of classes built to perform an action, resolving, using a process identifier, an identity of a first process comprising a virtual machine instance that has not been augmented by the agent on a host. The method may include performing augmentation on the process by: changing an original identity of a current operating system process to the first identity in response to determining that the current operating system process is privileged, injecting the agent into the virtual machine instance with the path and the options string as arguments of an injection, and reinstating the original identity of the current operating system process.
    Type: Application
    Filed: August 25, 2023
    Publication date: February 27, 2025
    Inventors: Igor SELETSKIY, Nikita Popov
  • Patent number: 12184679
    Abstract: Aspects of the disclosure describe methods and systems for detecting malicious entities using weak passwords for unauthorized access. In one exemplary aspect, a method may comprise intercepting, using a WAF, a password input during a login attempt to a web application by an entity. In response to determining that the password is in a database of weak passwords, the method may comprise generating for display, using the WAF, a web page prompting for a password reset for the web application, storing, in a database, an IP address of the entity and information about the login attempt, retrieving information about a first plurality of login attempts made by the entity in the web application for different user profiles. In response to determining that at least a first threshold number of login attempts have been performed by the entity, the method may comprise storing the IP address in a black list.
    Type: Grant
    Filed: September 13, 2021
    Date of Patent: December 31, 2024
    Assignee: Cloud Linux Software Inc.
    Inventors: Igor Seletskiy, Dmitrii Sidorov, Sergey Polischuk
  • Publication number: 20240380780
    Abstract: Disclosed herein are systems and method for detecting and resolving account compromise, the method comprising: configuring a web application firewall (WAF) to monitor events in a web application following a successful login into a user account of the web application; collecting, by the WAF, event data of a user session on the web application; determining whether the collected event data comprises malicious activity by comparing the collected event data to historic event data indicative of the malicious activity; in response to determining, by the WAF, that the collected event data corresponds to the historic event data: storing an indication that the user account is compromised in a database; generating an alert indicating that the user account is compromised, wherein the alert comprises a prompt to reset a password of the user account; and blocking, by the WAF, further access to the user account in the user session.
    Type: Application
    Filed: May 11, 2023
    Publication date: November 14, 2024
    Inventors: Igor SELETSKIY, Serhii POLISHCHUK, Marat SATAIEV
  • Publication number: 20240338441
    Abstract: Disclosed herein are systems and methods for detecting malware in scripts. A method includes: monitoring, at a first computing device, an execution flow of at least one portion of a script; computing a fingerprint that represents the execution flow; determining whether the fingerprint is present in a local fingerprint database that includes a plurality of entries for known scripts; in response to determining that the fingerprint is not present in the local fingerprint database, transmitting the fingerprint to a central database server including a universal fingerprint database; in response to receiving an indication that the fingerprint is not present in the universal fingerprint database, scanning the at least one portion of the script for malware; and blocking the script in response to determining that the at least one portion of the script includes malware based on the scanning.
    Type: Application
    Filed: June 19, 2024
    Publication date: October 10, 2024
    Inventors: Igor Seletskiy, Serhii Brazhnyk, Arsenii Pastushenko
  • Publication number: 20240320330
    Abstract: Disclosed herein are systems and method for detecting malware signatures in replica databases. In one exemplary aspect, a method includes identifying a plurality of replica databases corresponding to a master database. In response to detecting a change in at least one entry of a first replica database of the plurality of replica databases, the method includes analyzing the change for malware. In response to detecting malware, the method includes executing a remediation action to resolve the malware.
    Type: Application
    Filed: June 3, 2024
    Publication date: September 26, 2024
    Inventors: Igor SELETSKIY, Alexey PARFENOV, Vitalii RUDNYKH
  • Patent number: 12101315
    Abstract: Disclosed herein are systems and methods for rapid password evaluation. A method may include: configuring a web application firewall (WAF) to monitor login credentials for one or more web applications; intercepting, using the WAF, a password input during a login attempt to a web application by an entity; calculating a hash value of the password input; transmitting the hash value to a dedicated server configured to: determine whether the hash value is in a database of hashes corresponding to weak passwords; and in response to determining that the hash value is in the database of hashes, transmit a message to the WAF indicating that the password input corresponds to a weak password; and generating for display, using the WAF, a web page prompting for a password reset for the web application.
    Type: Grant
    Filed: July 25, 2022
    Date of Patent: September 24, 2024
    Assignee: Cloud Linux Software Inc.
    Inventors: Igor Seletskiy, Serhii Polishchuk, Marat Sataiev
  • Patent number: 12099565
    Abstract: Disclosed herein are a system and method for caching shortcodes and database queries, a method including: detecting a request to load a webpage from a web browsing application on a first computing device, wherein the webpage includes a shortcode; determining a first amount of time spent executing the shortcode to load the webpage; determining whether the first amount of time is greater than a threshold amount of time; in response to determining that the first amount of time is greater than the threshold amount of time, identifying the shortcode as a cache candidate; determining a time-to-live (TTL) value for the shortcode; and storing content of the shortcode in a cache of a server hosting the webpage until the TTL value expires.
    Type: Grant
    Filed: April 8, 2022
    Date of Patent: September 24, 2024
    Assignee: Cloud Linux Software Inc.
    Inventors: Igor Seletskiy, Dmitriy Leonov, Ivan Zhmud
  • Patent number: 12057997
    Abstract: Disclosed herein are systems and methods for automated conversion and management of web server configuration files using a conversion application. In one aspect, an exemplary method comprises receiving an input configuration file for conversion from an Apache configuration file to an NGINX configuration file, parsing the input configuration file into tokens for processing to construct an Apache configuration tree in memory, building a structured Apache configuration tree from the tokens and storing in memory, traversing the Apache configuration tree examining each element of the Apache configuration tree, and for each Apache directive or block that is encountered during the examination, invoking a directive conversion plugin for handling requirements of the respective Apache directive or block, building an NGINX configuration tree corresponding to the Apache configuration tree, and writing the NGINX configuration depicted in the NGINX configuration tree to an NGINX configuration file.
    Type: Grant
    Filed: October 3, 2023
    Date of Patent: August 6, 2024
    Assignee: Cloud Linux Software, Inc.
    Inventors: Igor Seletskiy, Danila Vershinin
  • Patent number: 12032693
    Abstract: Disclosed herein are systems and method for detecting malware signatures in databases. In one exemplary aspect, a method may comprise identifying a plurality of entries of the database, wherein each entry represents a record stored on a computing device and selecting at least one suspicious entry in the plurality of entries. The method may comprise retrieving a record associated with the suspicious entry and applying a transformation to original contents of the record. The method may comprise scanning the transformed contents of the record for a malware signature. In response to detecting a portion of the transformed contents that matches the malware signature, the method may comprise executing a remediation action that removes a corresponding portion from the original contents of the record and updating the database by replacing the at least one suspicious entry with an entry of the record on which the remediation action was executed.
    Type: Grant
    Filed: August 5, 2021
    Date of Patent: July 9, 2024
    Assignee: Cloud Linux Software Inc.
    Inventors: Igor Seletskiy, Alexey Parfenov
  • Patent number: 12032689
    Abstract: Disclosed herein are systems and method for preventing zero-day attacks. A method may include receiving a first report including information about an execution of a first script of an application that modifies a file on a first computing device, and receiving a second report including an indication that the file includes malicious code. In response to determining that an identifier of the file is present in both the first report and the second report, the method may include generating and transmitting, to the first computing device, a first rule that prevents execution of any script that shares at least one operation of the first script. The method may include, in response to determining that a vulnerability detected by the first rule is not present in a vulnerability database, generating an entry in the vulnerability database for the vulnerability as a zero-day vulnerability and transmitting an alert to the application developer.
    Type: Grant
    Filed: December 14, 2021
    Date of Patent: July 9, 2024
    Assignee: Cloud Linux Software Inc.
    Inventors: Igor Seletskiy, Serhii Brazhnyk