Patents by Inventor Jia-Sian Jhang
Jia-Sian Jhang has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11977655Abstract: A computer-implemented method, a computer system, and computer program product for associating security events. The method includes obtaining a result of implementation of one or more Locality-Sensitive Hashing (LSH) functions to feature data of a first event detected by a first device. The method also includes mapping the result to one or more positions in a data structure. In response to data elements of the one or more positions indicating first information associating with the one or more positions exists in a storage, the method includes obtaining the first information from the storage. The method further includes sending the first information to the first device.Type: GrantFiled: August 25, 2020Date of Patent: May 7, 2024Assignee: International Business Machines CorporationInventors: Jia-Sian Jhang, Chen-Yu Kuo, Hsiao-Yung Chen, Lu Cheng Lin, Chien Wen Jung
-
Publication number: 20220067190Abstract: A computer-implemented method, a computer system, and computer program product for associating security events. The method includes obtaining a result of implementation of one or more Locality-Sensitive Hashing (LSH) functions to feature data of a first event detected by a first device. The method also includes mapping the result to one or more positions in a data structure. In response to data elements of the one or more positions indicating first information associating with the one or more positions exists in a storage, the method includes obtaining the first information from the storage. The method further includes sending the first information to the first device.Type: ApplicationFiled: August 25, 2020Publication date: March 3, 2022Inventors: Jia-Sian Jhang, Chen-Yu Kuo, Hsiao-Yung Chen, Lu Cheng Lin, Chien Wen Jung
-
Patent number: 11222020Abstract: Embodiments of the present invention relate to a method, system and computer program product for compacting data in a distributed storage system. According to the method, a query request is received from a client, wherein the query request comprises information of a previous query request of the client. A first query result of the query request and a second query result of the previous query request are retrieved. A delta data and a first indicator are sent to the client in response to the first query result being different from the second query result, wherein the delta data is the data of the first query result excluding the data comprised in both first and second query results, and the first indicator indicates the data comprised in both the first and the second query results.Type: GrantFiled: August 21, 2019Date of Patent: January 11, 2022Assignee: International Business Machines CorporationInventors: Jia-Sian Jhang, Hsiao-Yung Chen, Shr-an Su, Pao-Chuan Liao, Yung Wen YW Deng
-
Publication number: 20210056109Abstract: Embodiments of the present invention relate to a method, system and computer program product for compacting data in a distributed storage system. According to the method, a query request is received from a client, wherein the query request comprises information of a previous query request of the client. A first query result of the query request and a second query result of the previous query request are retrieved. A delta data and a first indicator are sent to the client in response to the first query result being different from the second query result, wherein the delta data is the data of the first query result excluding the data comprised in both first and second query results, and the first indicator indicates the data comprised in both the first and the second query results.Type: ApplicationFiled: August 21, 2019Publication date: February 25, 2021Inventors: Jia-Sian Jhang, Hsiao-Yung Chen, Shr-an Su, Pao-Chuan Liao, Yung Wen YW Deng
-
Patent number: 10681085Abstract: Establishing Transport Layer Security/Secure Sockets Layer (TLS/SSL) sessions with destination servers for Internet of Things (IoT) devices is provided. A request is sent to establish a TLS/SSL session with a target destination server in a set of destination servers using destination server information related to a particular IoT device in a plurality of IoT devices. A TLS/SSL session is established with the target destination server corresponding to the particular IoT device. TLS/SSL session credential information is received for the particular IoT device from the target destination server. The TLS/SSL session credential information for the particular IoT device is saved in a session credential information table. The TLS/SSL session is suspended with the target destination server corresponding to the particular IoT device.Type: GrantFiled: October 16, 2017Date of Patent: June 9, 2020Assignee: International Business Machines CorporationInventors: Kuo-Chun Chen, Wei-Hsiang Hsiung, Sheng-Tung Hsu, Jia-Sian Jhang
-
Patent number: 10623418Abstract: A method for implementing an Internet of Things security appliance is presented. The method may include intercepting a data packet sent from a server to a client computing device. The method may include performing a security check on the data packet using security modules. The method may include determining the data packet is not malicious based on the security check. The method may include determining a shadow tester to test the data packet based on a type associated with the client computing device. The method may include creating a virtualization environment of the client computing device using the shadow tester. The method may include analyzing behaviors associated with the data packet within the virtualization environment using detection modules. The method may include determining the behaviors do not violate a behavior policy associated with the client computing device. The method may include transmitting the data packet to the client computing device.Type: GrantFiled: September 12, 2018Date of Patent: April 14, 2020Assignee: International Business Machines CorporationInventors: KuoChun Chen, Sheng-Tung Hsu, Jia-Sian Jhang, Chun-Shuo Lin
-
Patent number: 10284563Abstract: A method for providing a transparent asynchronous network flow exchange is provided. The method may include receiving a query request from a requester, whereby the received query request is associated with a network packet. The method may also include determining if the network packet contains a plurality of defined signatures. The method may further include in response to determining that the network packet contains a plurality of defined signatures, authenticating a plurality of information associated with the network packet. The method may additionally include determining a plurality of flow related security information associated with the network packet based on the authentication of the plurality of information. The method may include sending the determined plurality of flow related security information to the requester.Type: GrantFiled: December 20, 2017Date of Patent: May 7, 2019Assignee: International Business Machines CorporationInventors: KuoChun Chen, Jia-Sian Jhang, Cheng-Ta Lee, Chun-Shuo Lin
-
Publication number: 20190116205Abstract: Establishing Transport Layer Security/Secure Sockets Layer (TLS/SSL) sessions with destination servers for Internet of Things (IoT) devices is provided. A request is sent to establish a TLS/SSL session with a target destination server in a set of destination servers using destination server information related to a particular IoT device in a plurality of IoT devices. A TLS/SSL session is established with the target destination server corresponding to the particular IoT device. TLS/SSL session credential information is received for the particular IoT device from the target destination server. The TLS/SSL session credential information for the particular IoT device is saved in a session credential information table. The TLS/SSL session is suspended with the target destination server corresponding to the particular IoT device.Type: ApplicationFiled: October 16, 2017Publication date: April 18, 2019Inventors: Kuo-Chun Chen, Wei-Hsiang Hsiung, Sheng-Tung Hsu, Jia-Sian Jhang
-
Patent number: 10237284Abstract: A method for implementing an Internet of Things security appliance is presented. The method may include intercepting a data packet sent from a server to a client computing device. The method may include performing a security check on the data packet using security modules. The method may include determining the data packet is not malicious based on the security check. The method may include determining a shadow tester to test the data packet based on a type associated with the client computing device. The method may include creating a virtualization environment of the client computing device using the shadow tester. The method may include analyzing behaviors associated with the data packet within the virtualization environment using detection modules. The method may include determining the behaviors do not violate a behavior policy associated with the client computing device. The method may include transmitting the data packet to the client computing device.Type: GrantFiled: March 31, 2016Date of Patent: March 19, 2019Assignee: International Business Machines CorporationInventors: KuoChun Chen, Sheng-Tung Hsu, Jia-Sian Jhang, Chun-Shuo Lin
-
Publication number: 20190014132Abstract: A method for implementing an Internet of Things security appliance is presented. The method may include intercepting a data packet sent from a server to a client computing device. The method may include performing a security check on the data packet using security modules. The method may include determining the data packet is not malicious based on the security check. The method may include determining a shadow tester to test the data packet based on a type associated with the client computing device. The method may include creating a virtualization environment of the client computing device using the shadow tester. The method may include analyzing behaviors associated with the data packet within the virtualization environment using detection modules. The method may include determining the behaviors do not violate a behavior policy associated with the client computing device. The method may include transmitting the data packet to the client computing device.Type: ApplicationFiled: September 12, 2018Publication date: January 10, 2019Inventors: KuoChun Chen, Sheng-Tung Hsu, Jia-Sian Jhang, Chun-Shuo Lin
-
Publication number: 20180115553Abstract: A method for providing a transparent asynchronous network flow exchange is provided. The method may include receiving a query request from a requester, whereby the received query request is associated with a network packet. The method may also include determining if the network packet contains a plurality of defined signatures. The method may further include in response to determining that the network packet contains a plurality of defined signatures, authenticating a plurality of information associated with the network packet. The method may additionally include determining a plurality of flow related security information associated with the network packet based on the authentication of the plurality of information. The method may include sending the determined plurality of flow related security information to the requester.Type: ApplicationFiled: December 20, 2017Publication date: April 26, 2018Inventors: KuoChun Chen, Jia-Sian Jhang, Cheng-Ta Lee, Chun-Shuo Lin
-
Patent number: 9882908Abstract: A method for providing a transparent asynchronous network flow exchange is provided. The method may include receiving a query request from a requester, whereby the received query request is associated with a network packet. The method may also include determining if the network packet contains a plurality of defined signatures. The method may further include in response to determining that the network packet contains a plurality of defined signatures, authenticating a plurality of information associated with the network packet. The method may additionally include determining a plurality of flow related security information associated with the network packet based on the authentication of the plurality of information. The method may include sending the determined plurality of flow related security information to the requester.Type: GrantFiled: August 12, 2015Date of Patent: January 30, 2018Assignee: International Business Machines CorporationInventors: KuoChun Chen, Jia-Sian Jhang, Cheng-Ta Lee, Chun-Shuo Lin
-
Publication number: 20170289176Abstract: A method for implementing an Internet of Things security appliance is presented. The method may include intercepting a data packet sent from a server to a client computing device. The method may include performing a security check on the data packet using security modules. The method may include determining the data packet is not malicious based on the security check. The method may include determining a shadow tester to test the data packet based on a type associated with the client computing device. The method may include creating a virtualization environment of the client computing device using the shadow tester. The method may include analyzing behaviors associated with the data packet within the virtualization environment using detection modules. The method may include determining the behaviors do not violate a behavior policy associated with the client computing device. The method may include transmitting the data packet to the client computing device.Type: ApplicationFiled: March 31, 2016Publication date: October 5, 2017Inventors: KuoChun Chen, Sheng-Tung Hsu, Jia-Sian Jhang, Chun-Shuo Lin
-
Publication number: 20170048256Abstract: A method for providing a transparent asynchronous network flow exchange is provided. The method may include receiving a query request from a requester, whereby the received query request is associated with a network packet. The method may also include determining if the network packet contains a plurality of defined signatures. The method may further include in response to determining that the network packet contains a plurality of defined signatures, authenticating a plurality of information associated with the network packet. The method may additionally include determining a plurality of flow related security information associated with the network packet based on the authentication of the plurality of information. The method may include sending the determined plurality of flow related security information to the requester.Type: ApplicationFiled: August 12, 2015Publication date: February 16, 2017Inventors: KuoChun Chen, Jia-Sian Jhang, Cheng-Ta Lee, Chun-Shuo Lin