Patents by Inventor Igor Seletskiy

Igor Seletskiy has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20240380780
    Abstract: Disclosed herein are systems and method for detecting and resolving account compromise, the method comprising: configuring a web application firewall (WAF) to monitor events in a web application following a successful login into a user account of the web application; collecting, by the WAF, event data of a user session on the web application; determining whether the collected event data comprises malicious activity by comparing the collected event data to historic event data indicative of the malicious activity; in response to determining, by the WAF, that the collected event data corresponds to the historic event data: storing an indication that the user account is compromised in a database; generating an alert indicating that the user account is compromised, wherein the alert comprises a prompt to reset a password of the user account; and blocking, by the WAF, further access to the user account in the user session.
    Type: Application
    Filed: May 11, 2023
    Publication date: November 14, 2024
    Inventors: Igor SELETSKIY, Serhii POLISHCHUK, Marat SATAIEV
  • Publication number: 20240338441
    Abstract: Disclosed herein are systems and methods for detecting malware in scripts. A method includes: monitoring, at a first computing device, an execution flow of at least one portion of a script; computing a fingerprint that represents the execution flow; determining whether the fingerprint is present in a local fingerprint database that includes a plurality of entries for known scripts; in response to determining that the fingerprint is not present in the local fingerprint database, transmitting the fingerprint to a central database server including a universal fingerprint database; in response to receiving an indication that the fingerprint is not present in the universal fingerprint database, scanning the at least one portion of the script for malware; and blocking the script in response to determining that the at least one portion of the script includes malware based on the scanning.
    Type: Application
    Filed: June 19, 2024
    Publication date: October 10, 2024
    Inventors: Igor Seletskiy, Serhii Brazhnyk, Arsenii Pastushenko
  • Publication number: 20240320330
    Abstract: Disclosed herein are systems and method for detecting malware signatures in replica databases. In one exemplary aspect, a method includes identifying a plurality of replica databases corresponding to a master database. In response to detecting a change in at least one entry of a first replica database of the plurality of replica databases, the method includes analyzing the change for malware. In response to detecting malware, the method includes executing a remediation action to resolve the malware.
    Type: Application
    Filed: June 3, 2024
    Publication date: September 26, 2024
    Inventors: Igor SELETSKIY, Alexey PARFENOV, Vitalii RUDNYKH
  • Patent number: 12101315
    Abstract: Disclosed herein are systems and methods for rapid password evaluation. A method may include: configuring a web application firewall (WAF) to monitor login credentials for one or more web applications; intercepting, using the WAF, a password input during a login attempt to a web application by an entity; calculating a hash value of the password input; transmitting the hash value to a dedicated server configured to: determine whether the hash value is in a database of hashes corresponding to weak passwords; and in response to determining that the hash value is in the database of hashes, transmit a message to the WAF indicating that the password input corresponds to a weak password; and generating for display, using the WAF, a web page prompting for a password reset for the web application.
    Type: Grant
    Filed: July 25, 2022
    Date of Patent: September 24, 2024
    Assignee: Cloud Linux Software Inc.
    Inventors: Igor Seletskiy, Serhii Polishchuk, Marat Sataiev
  • Patent number: 12099565
    Abstract: Disclosed herein are a system and method for caching shortcodes and database queries, a method including: detecting a request to load a webpage from a web browsing application on a first computing device, wherein the webpage includes a shortcode; determining a first amount of time spent executing the shortcode to load the webpage; determining whether the first amount of time is greater than a threshold amount of time; in response to determining that the first amount of time is greater than the threshold amount of time, identifying the shortcode as a cache candidate; determining a time-to-live (TTL) value for the shortcode; and storing content of the shortcode in a cache of a server hosting the webpage until the TTL value expires.
    Type: Grant
    Filed: April 8, 2022
    Date of Patent: September 24, 2024
    Assignee: Cloud Linux Software Inc.
    Inventors: Igor Seletskiy, Dmitriy Leonov, Ivan Zhmud
  • Patent number: 12057997
    Abstract: Disclosed herein are systems and methods for automated conversion and management of web server configuration files using a conversion application. In one aspect, an exemplary method comprises receiving an input configuration file for conversion from an Apache configuration file to an NGINX configuration file, parsing the input configuration file into tokens for processing to construct an Apache configuration tree in memory, building a structured Apache configuration tree from the tokens and storing in memory, traversing the Apache configuration tree examining each element of the Apache configuration tree, and for each Apache directive or block that is encountered during the examination, invoking a directive conversion plugin for handling requirements of the respective Apache directive or block, building an NGINX configuration tree corresponding to the Apache configuration tree, and writing the NGINX configuration depicted in the NGINX configuration tree to an NGINX configuration file.
    Type: Grant
    Filed: October 3, 2023
    Date of Patent: August 6, 2024
    Assignee: Cloud Linux Software, Inc.
    Inventors: Igor Seletskiy, Danila Vershinin
  • Patent number: 12032689
    Abstract: Disclosed herein are systems and method for preventing zero-day attacks. A method may include receiving a first report including information about an execution of a first script of an application that modifies a file on a first computing device, and receiving a second report including an indication that the file includes malicious code. In response to determining that an identifier of the file is present in both the first report and the second report, the method may include generating and transmitting, to the first computing device, a first rule that prevents execution of any script that shares at least one operation of the first script. The method may include, in response to determining that a vulnerability detected by the first rule is not present in a vulnerability database, generating an entry in the vulnerability database for the vulnerability as a zero-day vulnerability and transmitting an alert to the application developer.
    Type: Grant
    Filed: December 14, 2021
    Date of Patent: July 9, 2024
    Assignee: Cloud Linux Software Inc.
    Inventors: Igor Seletskiy, Serhii Brazhnyk
  • Patent number: 12032693
    Abstract: Disclosed herein are systems and method for detecting malware signatures in databases. In one exemplary aspect, a method may comprise identifying a plurality of entries of the database, wherein each entry represents a record stored on a computing device and selecting at least one suspicious entry in the plurality of entries. The method may comprise retrieving a record associated with the suspicious entry and applying a transformation to original contents of the record. The method may comprise scanning the transformed contents of the record for a malware signature. In response to detecting a portion of the transformed contents that matches the malware signature, the method may comprise executing a remediation action that removes a corresponding portion from the original contents of the record and updating the database by replacing the at least one suspicious entry with an entry of the record on which the remediation action was executed.
    Type: Grant
    Filed: August 5, 2021
    Date of Patent: July 9, 2024
    Assignee: Cloud Linux Software Inc.
    Inventors: Igor Seletskiy, Alexey Parfenov
  • Patent number: 11936685
    Abstract: Disclosed herein are systems and method for blocking novel attack vectors. In one aspect, a detected security incident and a consequential event are correlated such that the combination of the security incident and the consequential event are identified as an attack vector. A method may comprise generating and executing a rule that blocks the consequential event in response to detecting the security incident.
    Type: Grant
    Filed: October 13, 2021
    Date of Patent: March 19, 2024
    Assignee: Cloud Linux Software Inc.
    Inventors: Igor Seletskiy, Marat Sataiev
  • Publication number: 20240073224
    Abstract: Disclosed herein are systems and method for deduplicating malware scan attempts. In one exemplary aspect, a method may include: receiving, from a first computing device of a plurality of computing devices in a network, a first hash value of an object and a verdict of a malware scan performed on the object by the first computing device; storing the first hash value and the verdict in a shared verdict database; receiving, from a second computing device in the network, a verdict request including a second hash value; determining that the first hash value and the second hash value match; in response to determining the match, transmitting, to the second computing device, the verdict of the malware scan performed on the object by the first computing device, wherein the second computing device does not perform a redundant malware scan on the object.
    Type: Application
    Filed: August 30, 2022
    Publication date: February 29, 2024
    Inventors: IGOR SELETSKIY, Andrey Kucherov
  • Patent number: 11907101
    Abstract: Disclosed herein are systems and methods for selective patching processes. In one exemplary aspect, the method includes: identifying, via a user space patching service, a patch that modifies at least one function included in a process, wherein the process is executed on a computing device; generating a list of target pages in virtual memory of the computing device, wherein the list of target pages includes code associated with the at least one function; marking the target pages as non-executable based on file identification; intercepting, using an amended page-fault event handler, an attempt to execute the code associated with the at least one function by the process; and applying the patch to modify the at least one function.
    Type: Grant
    Filed: February 22, 2022
    Date of Patent: February 20, 2024
    Assignee: Cloud Linux Software, Inc.
    Inventors: Igor Seletskiy, Pavel Boldin
  • Patent number: 11847321
    Abstract: Disclosed herein are systems and method for adjusting storage volume size of an application instance. A method may include: identifying a first application instance running on a computing device, wherein the first application instance has an assigned first storage volume on a device storage of the computing device; collecting, over a period of time, usage data of the device storage; determining, based on the collected usage data, whether a usage capacity of the first storage volume of the first application instance is reaching a maximum capacity of the first storage volume; in response to determining that the usage capacity of the first storage volume is reaching the maximum capacity of the first storage volume, adjusting a size of the first storage volume by a first amount to accommodate usage of the first application instance.
    Type: Grant
    Filed: December 14, 2021
    Date of Patent: December 19, 2023
    Assignee: CLOUD LINUX SOFTWARE, INC.
    Inventors: Arsenii Pastushenko, Igor Seletskiy, Raushan Myrzashova
  • Patent number: 11790084
    Abstract: Disclosed herein are systems and method for protecting core files in a content management system (CMS). In one aspect, a method includes detecting execution of a script on a computing device. In response to determining that the script is located in the core folder and is not included in an exclude list that includes paths of scripts and files that are marked as not malicious, the method includes blocking the execution of the script. If the script is not in the core folder, the method includes determining whether the script will upload, to the core folder, a file that is not in the exclude list. In response to determining that the script will upload the file to the core folder, the method includes blocking write functions in the script during the execution.
    Type: Grant
    Filed: November 8, 2021
    Date of Patent: October 17, 2023
    Assignee: CLOUD LINUX SOFTWARE, INC.
    Inventors: Serhii Brazhnyk, Igor Seletskiy
  • Publication number: 20230325454
    Abstract: Disclosed herein are a system and method for caching shortcodes and database queries, a method including: detecting a request to load a webpage from a web browsing application on a first computing device, wherein the webpage includes a shortcode; determining a first amount of time spent executing the shortcode to load the webpage; determining whether the first amount of time is greater than a threshold amount of time; in response to determining that the first amount of time is greater than the threshold amount of time, identifying the shortcode as a cache candidate; determining a time-to-live (TTL) value for the shortcode; and storing content of the shortcode in a cache of a server hosting the webpage until the TTL value expires.
    Type: Application
    Filed: April 8, 2022
    Publication date: October 12, 2023
    Inventors: Igor Seletskiy, Dmitriy Leonov, Ivan Zhmud
  • Publication number: 20230267068
    Abstract: Disclosed herein are systems and methods for selective patching processes. In one exemplary aspect, the method includes: identifying, via a user space patching service, a patch that modifies at least one function included in a process, wherein the process is executed on a computing device; generating a list of target pages in virtual memory of the computing device, wherein the list of target pages includes code associated with the at least one function; marking the target pages as non-executable based on file identification; intercepting, using an amended page-fault event handler, an attempt to execute the code associated with the at least one function by the process; and applying the patch to modify the at least one function.
    Type: Application
    Filed: February 22, 2022
    Publication date: August 24, 2023
    Inventors: Igor SELETSKIY, Pavel BOLDIN
  • Publication number: 20230247050
    Abstract: Disclosed herein are systems and method for signature-based phishing detection by URL feed processing. In one aspect, a method includes crawling data from a plurality of web pages, extracting features of the plurality of web pages, and shortlisting, from the extracted features, features that are predominately found in web pages in the plurality of web pages that are classified as phishing pages. The method further includes generating a signature based on a shortlisted feature monitoring a performance of the signature based on a threshold amount of false positives in phishing attack detections generated by the signature on a plurality of devices. In response to determining that the signature has produced less than the threshold amount of false positives, the method includes enabling remediation actions against the potential phishing attacks including the signature.
    Type: Application
    Filed: February 3, 2022
    Publication date: August 3, 2023
    Inventors: Igor Seletskiy, Nitin Venkatesh
  • Publication number: 20230239323
    Abstract: Disclosed herein are systems and method for automated malicious code replacement. In one exemplary aspect, a method may comprise scanning for malicious content in a file comprising a script written in an interpretable programming language, wherein the malicious content triggers malicious activity on a computing device that stores the file. The method may comprise detecting a malware injection in the file based on the scanning, wherein the malware injection comprises at least one operator that enables the malicious activity. The method may comprise identifying a benign operator that can replace the at least one operator to prevent execution of the malicious activity without causing a syntax error. The method may comprise updating the file by replacing the at least one operator with the benign operator.
    Type: Application
    Filed: January 24, 2022
    Publication date: July 27, 2023
    Inventors: Igor Seletskiy, Andrey Kucherov
  • Publication number: 20230185450
    Abstract: Disclosed herein are systems and method for adjusting storage volume size of an application instance. A method may include: identifying a first application instance running on a computing device, wherein the first application instance has an assigned first storage volume on a device storage of the computing device; collecting, over a period of time, usage data of the device storage; determining, based on the collected usage data, whether a usage capacity of the first storage volume of the first application instance is reaching a maximum capacity of the first storage volume; in response to determining that the usage capacity of the first storage volume is reaching the maximum capacity of the first storage volume, adjusting a size of the first storage volume by a first amount to accommodate usage of the first application instance.
    Type: Application
    Filed: December 14, 2021
    Publication date: June 15, 2023
    Inventors: Arsenii Pastushenko, Igor Seletskiy, Raushan Myrzashova
  • Publication number: 20230168896
    Abstract: Disclosed herein are systems and method for detecting coroutines. A method may include: identifying an application running on a computing device, wherein the application includes a plurality of coroutines; determining an address of a common entry point for coroutines, wherein the common entry point is found in a memory of the application; identifying, using an injected code, at least one stack trace entry for the common entry point; detecting coroutine context data based on the at least one stack trace entry; adding an identifier of a coroutine associated with the coroutine context data to a list of detected coroutines; and storing the list of detected coroutines in target process memory associated with the application.
    Type: Application
    Filed: November 29, 2021
    Publication date: June 1, 2023
    Inventors: Igor Seletskiy, Pavel Boldin
  • Patent number: 11663012
    Abstract: Disclosed herein are systems and method for detecting coroutines. A method may include: identifying an application running on a computing device, wherein the application includes a plurality of coroutines; determining an address of a common entry point for coroutines, wherein the common entry point is found in a memory of the application; identifying, using an injected code, at least one stack trace entry for the common entry point; detecting coroutine context data based on the at least one stack trace entry; adding an identifier of a coroutine associated with the coroutine context data to a list of detected coroutines; and storing the list of detected coroutines in target process memory associated with the application.
    Type: Grant
    Filed: November 29, 2021
    Date of Patent: May 30, 2023
    Assignee: Cloud Linux Software Inc.
    Inventors: Igor Seletskiy, Pavel Boldin