Patents by Inventor Kwan Lin
Kwan Lin has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11368474Abstract: Analyzing and reporting anomalous internet traffic data by accepting a request for a connection to a virtual security appliance, collecting attribute data about the connection, applying an alert module to the data, and automatically generating an alert concerning an identified incident. An alert system for analyzing and reporting the anomalous internet traffic data. A processor to analyze and report anomalous internet traffic data.Type: GrantFiled: April 10, 2018Date of Patent: June 21, 2022Assignee: Rapid7, Inc.Inventors: Roy Hodgman, Wah-Kwan Lin, Vasudha Shivamoggi
-
Publication number: 20220182407Abstract: Approaches provide for securing an electronic environment. A threat analysis service can obtain data for devices, users, and threats from disparate sources and can correlate users to devices and threats to build an understanding of an electronic environment's operational, organizational, and security concerns in order to provide customized security strategies and remediations. Additionally, the threat analysis service can develop a model of an electronic environment's behavior by monitoring and analyzing various the data from the data sources. The model can be updated such that the threat analysis service can tailor its orchestration to complement existing operational processes.Type: ApplicationFiled: February 17, 2022Publication date: June 9, 2022Applicant: Rapid7, Inc.Inventors: Roy Hodgman, Kwan Lin, Vasudha Shivamoggi
-
Patent number: 11356463Abstract: Methods and systems for detecting malicious processes. Methods described herein gather data regarding process locations and calculate one or more inequality indicators related to the process paths based on economic principles. Instances of inequality with respect to process paths may indicate a path is uncommon and therefore the associated binary is used for malicious purposes.Type: GrantFiled: September 18, 2019Date of Patent: June 7, 2022Assignee: Rapid7, Inc.Inventors: Roy Hodgman, Oliver Keyes, Wah-Kwan Lin, Michael Scutt, Timothy Stiller
-
Patent number: 11301494Abstract: Methods, systems, and processes to optimize role level identification for computing resource allocation to perform security operations in networked computing environments. A role level classifier to process a training dataset that corresponds to a clean title is generated from a subset of entities associated with the clean title. An initial effective title determined by the role level classifier based on processing the training dataset is assigned to an entity. A new effective title based on feature differences between the initial effective title and the clean title is re-assigned to the entity. Performance of the generating, the assigning, and the re-assigning is repeated using the new effective title instead of the clean title.Type: GrantFiled: October 8, 2018Date of Patent: April 12, 2022Assignee: Rapid7, Inc.Inventors: Vasudha Shivamoggi, Wah-Kwan Lin, Roy Hodgman
-
Patent number: 11290479Abstract: Approaches provide for securing an electronic environment. A threat analysis service can obtain data for devices, users, and threats from disparate sources and can correlate users to devices and threats to build an understanding of an electronic environment's operational, organizational, and security concerns in order to provide customized security strategies and remediations. Additionally, the threat analysis service can develop a model of an electronic environment's behavior by monitoring and analyzing various the data from the data sources. The model can be updated such that the threat analysis service can tailor its orchestration to complement existing operational processes.Type: GrantFiled: August 11, 2018Date of Patent: March 29, 2022Assignee: Rapid7, Inc.Inventors: Roy Hodgman, Wah-Kwan Lin, Vasudha Shivamoggi
-
Publication number: 20210385253Abstract: Disclosed herein are methods, systems, and processes to detect valid clusters and eliminate spurious clusters in cybersecurity-based computing environments. A cluster detection and elimination model is trained by accessing a dataset with raw data that includes data points associated with computing devices in a network and applying two or more different clustering methodologies independently to the dataset. The resulting cluster detection and elimination model is used to compare two or more clusters to determine whether a cluster from one clustering methodology matches another cluster from another clustering methodology based on centroid locations and shared data points.Type: ApplicationFiled: August 24, 2021Publication date: December 9, 2021Applicant: Rapid7, Inc.Inventors: Vasudha Shivamoggi, Roy Hodgman, Wah-Kwan Lin
-
Publication number: 20210360406Abstract: Methods and systems for classifying a device on a network. The systems and methods may receive network activity data associated with an unknown device. A classifier executing one or more machine learning models may then classify the device as an internet of things (IoT) device or a non-IoT device.Type: ApplicationFiled: August 2, 2021Publication date: November 18, 2021Applicant: Rapid7, Inc.Inventors: Deral Heiland, Dustin Myers, Wah-Kwan Lin
-
Patent number: 11128667Abstract: Disclosed herein are methods, systems, and processes to detect valid clusters and eliminate spurious clusters in cybersecurity-based computing environments. A cluster detection and elimination model is trained by accessing a dataset with raw data that includes data points associated with computing devices in a network and applying two or more different clustering methodologies independently to the dataset. The resulting cluster detection and elimination model is used to compare two or more clusters to determine whether a cluster from one clustering methodology matches another cluster from another clustering methodology based on centroid locations and shared data points.Type: GrantFiled: November 29, 2018Date of Patent: September 21, 2021Assignee: Rapid7, Inc.Inventors: Vasudha Shivamoggi, Roy Hodgman, Wah-Kwan Lin
-
Patent number: 11115823Abstract: Methods and systems for classifying a device on a network. The systems and methods may receive network activity data associated with an unknown device. A classifier executing one or more machine learning models may then classify the device as an internet of things (IoT) device or a non-IoT device.Type: GrantFiled: April 30, 2019Date of Patent: September 7, 2021Assignee: Rapid7, Inc.Inventors: Deral Heiland, Dustin Myers, Wah-Kwan Lin
-
Patent number: 10848516Abstract: Disclosed herein are methods, systems, and processes for utilizing computing entity resolution for network asset correlation. A generated canonical dataset that includes the identities of existing computing devices is accessed and a scanned dataset generated by a security server that includes an identity of a scanned computing device is received. Paired records that include the identities of the existing computing devices and the identity of the scanned computing device are generated from the canonical dataset and the scanned dataset and user input applicable to the paired records that indicates whether the identity of the scanned computing device matches an identity of an existing computing device is received. A network asset correlator that indicates a disparate correlation between each of the existing computing devices and a newly-scanned computing device that is part of a newly-scanned dataset generated by the security server without requiring a subsequent user input is generated.Type: GrantFiled: October 2, 2018Date of Patent: November 24, 2020Assignee: Rapid7, Inc.Inventor: Wah-Kwan Lin
-
Publication number: 20200184367Abstract: Disclosed herein are methods, systems, and processes to automate cluster interpretation in computing environments to develop targeted remediation security actions. To interpret clusters that are generated by a clustering methodology without subjecting clustered data to classifier-based processing, separation quantifiers that indicate a spread in feature values across clusters are determined and used to discover relative feature importances of features that drive the formation of clusters, permitting a security server to identify features that discriminate between clusters.Type: ApplicationFiled: December 10, 2018Publication date: June 11, 2020Inventors: Vasudha Shivamoggi, Roy Hodgman, Wah-Kwan Lin
-
Publication number: 20200177633Abstract: Disclosed herein are methods, systems, and processes to detect valid clusters and eliminate spurious clusters in cybersecurity-based computing environments. A cluster detection and elimination model is trained by accessing a dataset with raw data that includes data points associated with computing devices in a network and applying two or more different clustering methodologies independently to the dataset. The resulting cluster detection and elimination model is used to compare two or more clusters to determine whether a cluster from one clustering methodology matches another cluster from another clustering methodology based on centroid locations and shared data points.Type: ApplicationFiled: November 29, 2018Publication date: June 4, 2020Applicant: Rapid7, Inc.Inventors: Vasudha Shivamoggi, Roy Hodgman, Wah-Kwan Lin
-
Publication number: 20200110833Abstract: Disclosed herein are methods, systems, and processes to optimize role level identification for computing resource allocation to perform security operations in networked computing environments. A role level classifier to process a training dataset that corresponds to a clean title is generated from a subset of entities associated with the clean title. An initial effective title determined by the role level classifier based on processing the training dataset is assigned to an entity. A new effective title based on feature differences between the initial effective title and the clean title is re-assigned to the entity. Performance of the generating, the assigning, and the re-assigning is repeated using the new effective title instead of the clean title.Type: ApplicationFiled: October 8, 2018Publication date: April 9, 2020Applicant: Rapid7, Inc.Inventors: Vasudha Shivamoggi, Wah-Kwan Lin, Roy Hodgman
-
Publication number: 20200106798Abstract: Disclosed herein are methods, systems, and processes for utilizing computing entity resolution for network asset correlation. A generated canonical dataset that includes the identities of existing computing devices is accessed and a scanned dataset generated by a security server that includes an identity of a scanned computing device is received. Paired records that include the identities of the existing computing devices and the identity of the scanned computing device are generated from the canonical dataset and the scanned dataset and user input applicable to the paired records that indicates whether the identity of the scanned computing device matches an identity of an existing computing device is received. A network asset correlator that indicates a disparate correlation between each of the existing computing devices and a newly-scanned computing device that is part of a newly-scanned dataset generated by the security server without requiring a subsequent user input is generated.Type: ApplicationFiled: October 2, 2018Publication date: April 2, 2020Inventor: Wah-Kwan Lin
-
Publication number: 20200053115Abstract: Approaches provide for securing an electronic environment. A threat analysis service can obtain data for devices, users, and threats from disparate sources and can correlate users to devices and threats to build an understanding of an electronic environment's operational, organizational, and security concerns in order to provide customized security strategies and remediations. Additionally, the threat analysis service can develop a model of an electronic environment's behavior by monitoring and analyzing various the data from the data sources. The model can be updated such that the threat analysis service can tailor its orchestration to complement existing operational processes.Type: ApplicationFiled: August 11, 2018Publication date: February 13, 2020Inventors: Roy Hodgman, Wah-Kwan Lin, Vasudha Shivamoggi
-
Patent number: 10462162Abstract: Methods and systems for detecting malicious processes. Methods described herein gather data regarding process locations and calculate one or more inequality indicators related to the process paths based on economic principles. Instances of inequality with respect to process paths may indicate a path is uncommon and therefore the associated binary is used for malicious purposes.Type: GrantFiled: July 24, 2017Date of Patent: October 29, 2019Assignee: Rapid7, Inc.Inventors: Roy Hodgman, Oliver Keyes, Wah-Kwan Lin, Michael Scutt, Timothy Stiller
-
Patent number: 10447813Abstract: Apparatuses, Methods and Storage Media associated with offloading aspects of processing of mobile devices are disclosed. In embodiments, a mobile computing device may comprise one or more processors; memory coupled with the one or more processors; and a shim layer to compressively replicate memory blocks of the memory to a cloud server, compressively offload invocations of object methods of objects resident in a memory block of the memory to the cloud server, and to receive execution results of the invoked object methods. Other embodiments may be described and/or claimed.Type: GrantFiled: March 10, 2015Date of Patent: October 15, 2019Assignee: Intel CorporationInventor: Chit Kwan Lin
-
Publication number: 20190230105Abstract: Analyzing and reporting anomalous internet traffic data by accepting a request for a connection to a virtual security appliance, collecting attribute data about the connection, applying an alert module to the data, and automatically generating an alert concerning an identified incident. An alert system for analyzing and reporting the anomalous internet traffic data. A processor to analyze and report anomalous internet traffic data.Type: ApplicationFiled: April 10, 2018Publication date: July 25, 2019Inventors: Roy Hodgman, Wah-Kwan Lin, Vasudha Shivamoggi
-
Patent number: 10341669Abstract: System and techniques for temporally encoded static spatial images are described herein. A static spatial image may be obtained. Here, the static spatial image defines pixel values over an area. A scan path may be selected. Here, the scan path defines a path across the area of the static spatial image. A window is scanned (e.g., moved or slid) along the scan path on the static spatial image to produce changes in a portion of the window over time. The changes in the portion of the window are recorded along with respective times of the changes.Type: GrantFiled: December 20, 2016Date of Patent: July 2, 2019Assignee: Intel CorporationInventors: Chit Kwan Lin, Gautham N Chinya, Narayan Srinivasa
-
Patent number: 10305976Abstract: A method for managing computing includes replicating a subset of a machine state of a first computing device onto a second computing device, wherein the subset of the machine state is required to execute machine code. Execution of the machine code is offloaded to the second computing device.Type: GrantFiled: September 21, 2015Date of Patent: May 28, 2019Assignee: Intel CorporationInventors: Chit Kwan Lin, Arnab Paul, Gautham N. Chinya