Patents by Inventor Jonathan James Oliver
Jonathan James Oliver has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240152622Abstract: A method of scoring alerts generated by a plurality of endpoints includes the steps of: in response to a new alert generated by a first endpoint of the plurality of endpoints, generating an anomaly score of the new alert; identifying a rule that triggered the new alert and determining a threat score associated with the rule; and generating a security risk score for the new alert based on the anomaly score and the threat score and transmitting the security risk score to a security analytics platform of the endpoints.Type: ApplicationFiled: November 9, 2022Publication date: May 9, 2024Inventors: Shugao XIA, Ritika SINGHAL, Jonathan James OLIVER, Raghav BATTA, Jue MO, Aditya CHOUDHARY
-
Publication number: 20240143746Abstract: Systems and methods are described for employing event context to improve threat detection. Systems and methods of embodiments of the disclosure measure both process deviation and path deviation to determine whether processes are benign or represent threats. Both a process deviation model and a path deviation model are deployed. The process deviation model determines the similarity of a process to past processes, and the path deviation model estimates whether processes have been called out of turn. In this manner, systems and methods of embodiments of the disclosure are able to detect both whether a process is in itself unusual, and whether it is called at an unusual time. This added context contributes to improved threat detection.Type: ApplicationFiled: October 28, 2022Publication date: May 2, 2024Applicant: VMware LLCInventors: Raghav BATTA, Amit CHOPRA, Aditya CHOUDHARY, Lalit Prithviraj JAIN, Anjali MANGAL, Jonathan James OLIVER
-
Patent number: 11804961Abstract: A computer network includes a camera node, a network access node, a verification node, and a display node. Video content recorded by a camera at the camera node is transmitted to the display node and to the verification node for verification. The video content is verified at the display node and at the verification node. Recording metadata of the video content is stored in a distributed ledger and retrieved by the display node to verify the video content. The verification node receives, from the network access node, verification data for verifying the video content.Type: GrantFiled: July 15, 2021Date of Patent: October 31, 2023Assignee: Trend Micro IncorporatedInventors: Jonathan James Oliver, Chia-Yen Chang, Wen-Kwang Tsao, Ping Huan Wu, Federico Maggi, Jiri Gogela, Fyodor Yarochkin
-
Patent number: 11736498Abstract: A system for stateful detection of cyberattacks includes an endpoint computer and a backend computer system. The endpoint computer monitors for cyberattacks and sends out queries for detected security events. The backend computer system stores observation data that are included in the queries. The backend computer system combines current observation data from a current query, relevant observation data from previous queries, and relevant cybersecurity data. The combined data are evaluated for cyberattacks.Type: GrantFiled: January 28, 2020Date of Patent: August 22, 2023Assignee: Trend Micro IncorporatedInventors: Wen-Kwang Tsao, Mun-Hou Wong, Annie Bu, Chia-Yen Chang, Jonathan James Oliver, Liam Huang, Allen Lai, Chien-Yi Chiu, Ping-Huan Wu
-
Patent number: 11263500Abstract: A method for designating a given image as similar/dissimilar with respect to a reference image is provided. The method includes normalizing the image. Normalizing includes performing pre-processing and a lossy compression on the given image to obtain a lossy representation. The pre-processing includes at least one of cropping, fundamental extracting, gray scale converting and lower color bit converting. The method also includes comparing the lossy representation of the given image with a reference representation, which is a version of a reference spam image after the reference spam image has undergone a similar normalizing process as normalizing. The method further includes, if the lossy representation of the given image matches the reference representation, designating the given image similar to the reference image. The method yet also includes, if the lossy representation of the given image does not match the reference representation, designating the given image dissimilar to the reference image.Type: GrantFiled: August 8, 2019Date of Patent: March 1, 2022Assignee: Trend Micro IncorporatedInventors: Jonathan James Oliver, Yun-Chian Chang
-
Patent number: 11182481Abstract: A system for evaluating files for cyber threats includes a machine learning model and a locality sensitive hash (LSH) repository. When the machine learning model classifies a target file as normal, the system searches the LSH repository for a malicious locality sensitive hash that is similar to a target locality sensitive hash of the target file. When the machine learning model classifies the target file as malicious, the system checks if response actions are enabled for the target file. The system reevaluates files that have been declared as normal, and updates the LSH repository in the event of false negatives. The system disables response actions for files that have been reported as false positives.Type: GrantFiled: July 31, 2019Date of Patent: November 23, 2021Assignee: Trend Micro IncorporatedInventors: Jonathan James Oliver, Chia-Yen Chang, Wen-Kwang Tsao, Li-Hsin Hsu
-
Patent number: 11101995Abstract: A computer network includes a camera node, a network access node, a verification node, and a display node. Video content recorded by a camera at the camera node is transmitted to the display node and to the verification node for verification. The video content is verified at the display node and at the verification node. Recording metadata of the video content is stored in a distributed ledger and retrieved by the display node to verify the video content. The verification node receives, from the network access node, verification data for verifying the video content.Type: GrantFiled: March 6, 2019Date of Patent: August 24, 2021Assignee: Trend Micro IncorporatedInventors: Jonathan James Oliver, Chia-Yen Chang, Wen-Kwang Tsao, Ping Huan Wu, Federico Maggi, Jiri Gogela, Fyodor Yarochkin
-
Patent number: 10848455Abstract: Abusive user accounts in a social network are identified from social network data. The social network data are processed to compare postings of the user accounts to identify a group of abusive user accounts. User accounts in the group of abusive user accounts are identified based on posted message content, images included in the messages, and/or posting times. Abusive user accounts can be canceled, suspended, or rate-limited.Type: GrantFiled: September 27, 2018Date of Patent: November 24, 2020Assignee: Trend Micro IncorporatedInventors: Jennifer Rihn, Jonathan James Oliver
-
Patent number: 10834127Abstract: An email attempting to perpetrate a business email compromise (BEC) attack is detected based on similarity of the email to a known BEC email and on similarity of the email to a user email that would have been sent by the purported sender of the email. Metadata of the email is extracted and input to a BEC machine learning model to find the known BEC email among BEC email samples. The extracted metadata are also input to a personal user machine learning model of the purported sender to generate the user email.Type: GrantFiled: April 24, 2018Date of Patent: November 10, 2020Assignee: Trend Micro IncorporatedInventors: Che-Fu Yeh, I-Ting Lien, Ming-Lun Li, Shih-Yu Chou, Po-Yuan Teng, Yuan Jiun Tsui, Cheng-Hsin Hsu, Wen-Kwang Tsao, Shih-Han Hsu, Pei-Yin Wu, Jonathan James Oliver
-
Publication number: 20200026969Abstract: A method for designating a given image as similar/dissimilar with respect to a reference image is provided. The method includes normalizing the image. Normalizing includes performing pre-processing and a lossy compression on the given image to obtain a lossy representation. The pre-processing includes at least one of cropping, fundamental extracting, gray scale converting and lower color bit converting. The method also includes comparing the lossy representation of the given image with a reference representation, which is a version of a reference spam image after the reference spam image has undergone a similar normalizing process as normalizing. The method further includes, if the lossy representation of the given image matches the reference representation, designating the given image similar to the reference image. The method yet also includes, if the lossy representation of the given image does not match the reference representation, designating the given image dissimilar to the reference image.Type: ApplicationFiled: August 8, 2019Publication date: January 23, 2020Applicant: Trend Micro IncorporatedInventors: Jonathan James OLIVER, Yun-Chian CHANG
-
Patent number: 10162967Abstract: A system for evaluating a target file includes an endpoint computer that receives similarity digests of legitimate files, receives a target file, and generates a similarity digest of the target file. The endpoint computer determines whether or not the target file is legitimate based on a comparison of the similarity digest of the target file against the similarity digests of the legitimate files. The system further includes a backend computer system that receives the legitimate files, generates the similarity digests of the legitimate files, and provides the similarity digests of the legitimate files to the endpoint computer.Type: GrantFiled: August 17, 2016Date of Patent: December 25, 2018Assignee: Trend Micro IncorporatedInventors: Jonathan James Oliver, Jayson Pryde, Victor Hargrave, Scott Forman, Chun Cheng
-
Patent number: 10116614Abstract: Abusive user accounts in a social network are identified from social network data. The social network data are processed to compare postings of the user accounts to identify a group of abusive user accounts. User accounts in the group of abusive user accounts are identified based on posted message content, images included in the messages, and/or posting times. Abusive user accounts can be canceled, suspended, or rate-limited.Type: GrantFiled: December 3, 2015Date of Patent: October 30, 2018Assignee: Trend Micro IncorporatedInventors: Jennifer Rihn, Jonathan James Oliver
-
Patent number: 10078750Abstract: Social messages sent or posted by users of a social networking service are collected. Compromised social networking accounts are identified from the collected social messages. Keywords indicative of compromised social networking accounts are extracted from social messages of identified compromised social networking accounts. The keywords are used as search terms in a search query for additional social messages. Additional compromised social networking accounts are identified from search results that are responsive to the search query.Type: GrantFiled: June 13, 2014Date of Patent: September 18, 2018Assignee: Trend Micro IncorporatedInventor: Jonathan James Oliver
-
Patent number: 10057198Abstract: Social network usage in an enterprise environment is controlled by receiving and processing dynamic postings from a social network to identify indicators of prohibited content. The indicators of prohibited content are employed to identify and block prohibited postings from entering an enterprise network.Type: GrantFiled: November 5, 2015Date of Patent: August 21, 2018Assignee: Trend Micro IncorporatedInventors: Bharath Kumar Chandrasekhar, Victor Karl Hargrave, Jonathan James Oliver
-
Patent number: 10027702Abstract: Malicious shortened uniform resource locators are identified by collecting online messages in a computer. Senders and uniform resource locators are extracted from the collected online messages. Sender controlled components are identified in the uniform resource locators. Groups of sender controlled components and senders are formed. Shortened uniform resource locators associated with sender controlled components that are members of malicious groups are identified as malicious.Type: GrantFiled: June 13, 2014Date of Patent: July 17, 2018Assignee: Trend Micro IncorporatedInventor: Jonathan James Oliver
-
Publication number: 20160224655Abstract: Network system provides a real-time adaptive recommendation set of documents with a high statistical measure of relevancy to the requestor device. The recommendation set is optimized based on analyzing text of documents of the interest set, categorizing these documents into clusters, extracting keywords representing the themes or concepts of documents in the clusters, and filtering a population of eligible documents accessible to the system utilizing site and or Internet-wide search engines. The system is either automatically or manually invoked and it develops and presents the recommendation set in real-time. The recommendation set may be presented as a greeting, notification, alert, HTML fragment, fax, voicemail, or automatic classification or routing of customer e-mail, personal e-mail, job postings, and offers for sale or exchange.Type: ApplicationFiled: January 26, 2016Publication date: August 4, 2016Inventors: Jonathan James Oliver, Wray Lindsay Buntine, George Roumeliotis
-
Patent number: 9245013Abstract: Network system provides a real-time adaptive recommendation set of documents with a high statistical measure of relevancy to the requestor device. The recommendation set is optimized based on analyzing text of documents of the interest set, categorizing these documents into clusters, extracting keywords representing the themes or concepts of documents in the clusters, and filtering a population of eligible documents accessible to the system utilizing site and or Internet-wide search engines. The system is either automatically or manually invoked and it develops and presents the recommendation set in real-time. The recommendation set may be presented as a greeting, notification, alert, HTML fragment, fax, voicemail, or automatic classification or routing of customer e-mail, personal e-mail, job postings, and offers for sale or exchange.Type: GrantFiled: October 29, 2007Date of Patent: January 26, 2016Assignee: Dell Software Inc.Inventors: Jonathan James Oliver, Wray Lindsay Buntine, George Roumeliotis
-
Patent number: 9152704Abstract: Network system provides a real-time adaptive recommendation set of documents with a high statistical measure of relevancy to the requestor device. The recommendation set is optimized based on analyzing text of documents of the interest set, categorizing these documents into clusters, extracting keywords representing the themes or concepts of documents in the clusters, and filtering a population of eligible documents accessible to the system utilizing site and or Internet-wide search engines. The system is either automatically or manually invoked and it develops and presents the recommendation set in real-time. The recommendation set may be presented as a greeting, notification, alert, HTML fragment, fax, voicemail, or automatic classification or routing of customer e-mail, personal e-mail, job postings, and offers for sale or exchange.Type: GrantFiled: February 4, 2014Date of Patent: October 6, 2015Assignee: Dell Software Inc.Inventors: Jonathan James Oliver, Wray Lindsay Buntine, George Roumeliotis
-
Patent number: 9027128Abstract: Uniform resource locators (URLs) that include strings matching known malicious budget codes are deemed to be malicious URLs. Compromised websites and compromised IP addresses are identified from the malicious URLs. URLs obtained from network traffic to compromised domain names or compromised IP addresses are inspected to identify candidate budget codes. Candidate budget codes that are confirmed to be malicious budget codes are included in a watch list, which may be distributed to endpoint computers to detect phishing attacks.Type: GrantFiled: February 7, 2013Date of Patent: May 5, 2015Assignee: Trend Micro IncorporatedInventors: Jonathan James Oliver, Maria Estella Lim Manly, Maydalene Edsel Dela Cruz Salvador, Ralph Hernandez, Christopher Talampas
-
Patent number: 8925087Abstract: One embodiment relates to an apparatus for in-the-cloud identification of spam and/or malware. The apparatus includes computer-readable code configured to be executed by the processor so as to receive queries, the queries including hash values embedded therein. The apparatus further includes computer-readable code configured to be executed by the processor so as to detect a group of hash codes which are similar and to identify the group as corresponding to an undesirable network outbreak. Another embodiment relates to an apparatus for in-the-cloud detection of spam and/or malware. The apparatus includes computer-readable code configured to be executed by the processor so as to receive an electronic message, calculate a locality-sensitive hash based on the message, embed the locality-sensitive hash into a query, and send the query to a central analysis system via a network interface. Other embodiments, aspects and features are also disclosed.Type: GrantFiled: June 19, 2009Date of Patent: December 30, 2014Assignee: Trend Micro IncorporatedInventors: Jonathan James Oliver, Yifun Liang