Patents by Inventor Lukas Bajer

Lukas Bajer has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 12160429
    Abstract: In one embodiment, a device obtains input features for a neural network-based model. The device pre-defines a set of neurons of the model to represent known behaviors associated with the input features. The device constrains weights for a plurality of outputs of the model. The device trains the neural network-based model using the constrained weights for the plurality of outputs of the model and by excluding the pre-defined set of neurons from updates during the training.
    Type: Grant
    Filed: July 24, 2023
    Date of Patent: December 3, 2024
    Assignee: Cisco Technology, Inc.
    Inventors: Petr Somol, Martin Kopp, Jan Kohout, Jan Brabec, Marc René Jacques Marie Dupont, Cenek Skarda, Lukas Bajer, Danila Khikhlukha
  • Publication number: 20240356957
    Abstract: Techniques for identifying malicious threats for investigation using network telemetry data. The techniques include receiving network telemetry data regarding a computer network and also receiving information regarding one or more known malicious nodes which are designated as seeds. A Risk Map Graph (RMG) is constructing using the one or more seeds and the relationship data. The RMG is used to assign risk scores to the network nodes. Data regarding the most at-risk nodes is sent to a security service for investigation. Data is received from the security service as to which of the selected nodes is malicious. These malicious nodes are designated as new seeds, and another RMG is constructed with these new seed nodes. This process can be continuously iterated until either the security budget has been reached or all relevant nodes have been investigated.
    Type: Application
    Filed: September 27, 2023
    Publication date: October 24, 2024
    Inventors: Lukas Bajer, Pavel Prochazka, Michal Mares
  • Publication number: 20240106836
    Abstract: In one embodiment, a device obtains input features for a neural network-based model. The device pre-defines a set of neurons of the model to represent known behaviors associated with the input features. The device constrains weights for a plurality of outputs of the model. The device trains the neural network-based model using the constrained weights for the plurality of outputs of the model and by excluding the pre-defined set of neurons from updates during the training.
    Type: Application
    Filed: July 24, 2023
    Publication date: March 28, 2024
    Inventors: Petr Somol, Martin Kopp, Jan Kohout, Jan Brabec, Marc René Jacques Marie Dupont, Cenek Skarda, Lukas Bajer, Danila Khikhlukha
  • Publication number: 20230281300
    Abstract: Techniques for identifying malicious actors across datasets of different origin. The techniques may include receiving input data indicative of network interactions between entities and modalities. Based at least in part on the input data, a maliciousness score associated with a first entity may be determined. In some instances, a value of the maliciousness score may be partially based on a number of the modalities that are interacting with the first entity and also interacting with one or more malicious entities. The techniques may further include determining whether the value of the maliciousness score exceeds a threshold value and, based at least in part on the value of the maliciousness score exceeding the threshold value, a request may be made to identify the first entity as a new malicious entity.
    Type: Application
    Filed: June 23, 2022
    Publication date: September 7, 2023
    Inventors: Pavel Prochazka, Stepan Dvorak, Lukas Bajer, Martin Kopp, Kyrylo Shcherbin
  • Patent number: 11750621
    Abstract: In one embodiment, a device obtains input features for a neural network-based model. The device pre-defines a set of neurons of the model to represent known behaviors associated with the input features. The device constrains weights for a plurality of outputs of the model. The device trains the neural network-based model using the constrained weights for the plurality of outputs of the model and by excluding the pre-defined set of neurons from updates during the training.
    Type: Grant
    Filed: March 26, 2020
    Date of Patent: September 5, 2023
    Assignee: Cisco Technology, Inc.
    Inventors: Petr Somol, Martin Kopp, Jan Kohout, Jan Brabec, Marc René Jacques Marie Dupont, Cenek Skarda, Lukas Bajer, Danila Khikhlukha
  • Patent number: 11245675
    Abstract: In one embodiment, a traffic analysis service obtains telemetry data regarding encrypted traffic associated with a particular device in the network, wherein the telemetry data comprises Transport Layer Security (TLS) features of the traffic. The service determines, based on the TLS features from the obtained telemetry data, a set of one or more TLS fingerprints for the traffic associated with the particular device. The service calculates a measure of similarity between the set of one or more TLS fingerprints for the traffic associated with the particular device and a set of one or more TLS fingerprints of traffic associated with a second device. The service determines, based on the measure of similarity, that the particular device and the second device were operated by the same user.
    Type: Grant
    Filed: November 18, 2019
    Date of Patent: February 8, 2022
    Assignee: Cisco Technology, Inc.
    Inventors: Jan Kohout, Martin Kopp, Jan Brabec, Lukas Bajer
  • Publication number: 20210306350
    Abstract: In one embodiment, a device obtains input features for a neural network-based model. The device pre-defines a set of neurons of the model to represent known behaviors associated with the input features. The device constrains weights for a plurality of outputs of the model. The device trains the neural network-based model using the constrained weights for the plurality of outputs of the model and by excluding the pre-defined set of neurons from updates during the training.
    Type: Application
    Filed: March 26, 2020
    Publication date: September 30, 2021
    Inventors: Petr Somol, Martin Kopp, Jan Kohout, Jan Brabec, Marc René Jacques Marie Dupont, Cenek Skarda, Lukas Bajer, Danila Khikhlukha
  • Patent number: 11019095
    Abstract: In one embodiment, a device in a network obtains log data regarding replication of files stored on an endpoint client to a file replication service. The device tracks, based on the obtained logs, encryption changes to the files that convert the files from unencrypted files to encrypted files. The device determines that the tracked encryption changes to the files are indicative of a ransomware infection on the endpoint client. The device initiates a mitigation action regarding the ransomware infection.
    Type: Grant
    Filed: January 30, 2019
    Date of Patent: May 25, 2021
    Assignee: Cisco Technology, Inc.
    Inventors: Martin Grill, Lukas Bajer, Martin Kopp, Jan Kohout
  • Publication number: 20210152526
    Abstract: In one embodiment, a traffic analysis service obtains telemetry data regarding encrypted traffic associated with a particular device in the network, wherein the telemetry data comprises Transport Layer Security (TLS) features of the traffic. The service determines, based on the TLS features from the obtained telemetry data, a set of one or more TLS fingerprints for the traffic associated with the particular device. The service calculates a measure of similarity between the set of one or more TLS fingerprints for the traffic associated with the particular device and a set of one or more TLS fingerprints of traffic associated with a second device. The service determines, based on the measure of similarity, that the particular device and the second device were operated by the same user.
    Type: Application
    Filed: November 18, 2019
    Publication date: May 20, 2021
    Inventors: Jan Kohout, Martin Kopp, Jan Brabec, Lukas Bajer
  • Patent number: 10749770
    Abstract: In one embodiment, a traffic analysis service obtains telemetry data regarding network traffic associated with a device in a network. The traffic analysis service forms a histogram of frequencies of the traffic features from the telemetry data for the device. The traffic features are indicative of endpoints with which the device communicated. The traffic analysis service associates a device type with the device, by comparing the histogram of the traffic features from the telemetry data to histograms of traffic features associated with other devices. The traffic analysis service initiates, based on the device type associated with the device, an adjustment to treatment of the traffic associated with the device by the network.
    Type: Grant
    Filed: October 10, 2018
    Date of Patent: August 18, 2020
    Assignee: Cisco Technology, Inc.
    Inventors: Jan Kohout, Martin Grill, Martin Kopp, Lukas Bajer
  • Publication number: 20200244672
    Abstract: In one embodiment, a device in a network obtains log data regarding replication of files stored on an endpoint client to a file replication service. The device tracks, based on the obtained logs, encryption changes to the files that convert the files from unencrypted files to encrypted files. The device determines that the tracked encryption changes to the files are indicative of a ransomware infection on the endpoint client. The device initiates a mitigation action regarding the ransomware infection.
    Type: Application
    Filed: January 30, 2019
    Publication date: July 30, 2020
    Inventors: Martin Grill, Lukas Bajer, Martin Kopp, Jan Kohout
  • Publication number: 20200120004
    Abstract: In one embodiment, a traffic analysis service obtains telemetry data regarding network traffic associated with a device in a network. The traffic analysis service forms a histogram of frequencies of the traffic features from the telemetry data for the device. The traffic features are indicative of endpoints with which the device communicated. The traffic analysis service associates a device type with the device, by comparing the histogram of the traffic features from the telemetry data to histograms of traffic features associated with other devices. The traffic analysis service initiates, based on the device type associated with the device, an adjustment to treatment of the traffic associated with the device by the network.
    Type: Application
    Filed: October 10, 2018
    Publication date: April 16, 2020
    Inventors: Jan Kohout, Martin Grill, Martin Kopp, Lukas Bajer