Patents by Inventor Maria Puertas-Calvo
Maria Puertas-Calvo has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240119129Abstract: Systems are provided for improving computer security systems that are based on user risk scores. These systems can be used to improve both the accuracy and usability of the user risk scores by applying multiple tiers of machine learning to different the user risk profile components used to generate the user risk scores and in such a manner as to dynamically generate and modify the corresponding user risk scores.Type: ApplicationFiled: December 18, 2023Publication date: April 11, 2024Inventors: Sayed Hassan ABDELAZIZ, Maria PUERTAS CALVO, Laurentiu Bogdan CRISTOFOR, Rajat LUTHRA
-
Patent number: 11899763Abstract: Systems are provided for improving computer security systems that are based on user risk scores. These systems can be used to improve both the accuracy and usability of the user risk scores by applying multiple tiers of machine learning to different the user risk profile components used to generate the user risk scores and in such a manner as to dynamically generate and modify the corresponding user risk scores.Type: GrantFiled: October 19, 2018Date of Patent: February 13, 2024Assignee: Microsoft Technology Licensing, LLCInventors: Sayed Hassan Abdelaziz, Maria Puertas Calvo, Laurentiu Bogdan Cristofor, Rajat Luthra
-
Publication number: 20230315840Abstract: Methods, systems, apparatuses, and computer-readable storage mediums described herein are configured to detect anomalous post-authentication behavior/state change(s) with respect to a workload identity. For example, audit logs that specify actions performed with respect to the workload identity of a platform-based identity service, a causing state change(s), while another identity is authenticated with the platform-based identity service, are analyzed. The audit log(s) are analyzed via a model for anomaly prediction based on actions. The model generates an anomaly score indicating a probability whether a particular sequence of the actions is indicative of anomalous behavior/state change(s). A determination is made that an anomalous behavior has occurred based on the anomaly score, and when anomalous behavior has occurred, a mitigation action may be performed that mitigates the anomalous behavior.Type: ApplicationFiled: March 30, 2022Publication date: October 5, 2023Inventors: Shinesa Elaine CAMBRIC, Maria Puertas CALVO, Ye XU, Etan Micah BASSERI, Sergio Romero ZAMBRANO, Jeffrey Thomas SAKOWICZ
-
Publication number: 20230262072Abstract: Methods, systems, apparatuses, and computer-readable storage mediums described herein are configured to detect anomalous post-authentication behavior with respect to a user identity. For example, one or more audit logs that specify a plurality of actions performed with respect to the user identity of a platform-based identity service, while the user identity is authenticated with the platform-based identity service, are analyzed. The audit log(s) are analyzed via an anomaly prediction model that generates an anomaly score indicating a probability whether a particular sequence of actions of the plurality of actions is indicative of anomalous behavior. A determination is made that an anomalous behavior has occurred based on the anomaly score. In response to determining that anomalous behavior has occurred, a mitigation action may be performed that mitigates the anomalous behavior.Type: ApplicationFiled: February 11, 2022Publication date: August 17, 2023Inventors: Shinesa Elaine CAMBRIC, Maria Puertas CALVO, Ye XU
-
Publication number: 20230195863Abstract: Some embodiments improve the security of service principals, service accounts, and other application identity accounts by detecting compromise of account credentials. Application identity accounts provide computational services with access to resources, as opposed to human identity accounts which operate on behalf of a particular person. Authentication attempt access data is submitted to a machine learning model which is trained specifically to detect application identity account anomalies. Heuristic rules are applied to the anomaly detection result to reduce false positives, yielding a compromise assessment suitable for access control mechanism usage. Embodiments reflect differences between application identity accounts and human identity accounts, in order to avoid inadvertent service interruptions, improve compromise detection for application identity accounts, and facilitate compromise containment and recovery efforts by focusing on credentials individually.Type: ApplicationFiled: December 21, 2021Publication date: June 22, 2023Inventors: Ye XU, Etan Micah BASSERI, Maria PUERTAS CALVO, Dana Scott KAUFMAN, Alexander T. WEINERT, Andrew NUMAINVILLE
-
Patent number: 11575692Abstract: To detect identity spray attacks, a machine learning model classifies account access attempts as authorized or unauthorized, based on dozens of different pieces of information (machine learning model features). Boosted tree, neural net, and other machine learning model technologies may be employed. Model training data may include user agent reputation data, IP address reputation data, device or agent or location familiarity indications, protocol identifications, aggregate values, and other data. Account credential hash sets or hash lists may serve as model inputs. Hashes may be truncated to further protect user privacy. Classifying an access attempt as unauthorized may trigger application of multifactor authentication, password change requirements, account suspension, or other security enhancements. Statistical or heuristic detections may supplement the model.Type: GrantFiled: December 4, 2020Date of Patent: February 7, 2023Assignee: Microsoft Technology Licensing, LLCInventors: Sergio Romero Zambrano, Andrew Numainville, Maria Puertas Calvo, Abbinayaa Subramanian, Pui Yin Winfred Wong, Dana S. Kaufman, Eliza Kuzmenko
-
Publication number: 20220182397Abstract: To detect identity spray attacks, a machine learning model classifies account access attempts as authorized or unauthorized, based on dozens of different pieces of information (machine learning model features). Boosted tree, neural net, and other machine learning model technologies may be employed. Model training data may include user agent reputation data, IP address reputation data, device or agent or location familiarity indications, protocol identifications, aggregate values, and other data. Account credential hash sets or hash lists may serve as model inputs. Hashes may be truncated to further protect user privacy. Classifying an access attempt as unauthorized may trigger application of multifactor authentication, password change requirements, account suspension, or other security enhancements. Statistical or heuristic detections may supplement the model.Type: ApplicationFiled: December 4, 2020Publication date: June 9, 2022Inventors: Sergio ROMERO ZAMBRANO, Andrew NUMAINVILLE, Maria PUERTAS CALVO, Abbinayaa SUBRAMANIAN, Pui Yin Winfred WONG, Dana S. KAUFMAN, Eliza KUZMENKO
-
Patent number: 11283796Abstract: Methods, systems, and computer program products are provided for real-time compromise detection based on behavioral analytics. The detection runs in real-time, during user authentication, for example, with respect to a resource. The probability that the authentication is coming from a compromised account is assessed. The features of the current authentication are compared with the features from past authentications of the user. After comparison, a match score is generated. The match score is indicative of the similarity of the authentication to the user's history of authentication. This score is then discretized into risk levels based on the empirical probability of compromise based on known past compromised user authentications. The risk levels may be used to detect whether user authentication is occurring via compromised credentials.Type: GrantFiled: September 24, 2019Date of Patent: March 22, 2022Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Maria Puertas Calvo, Lakshmi Priya Gopal, Laurentiu B. Cristofor, Pui-Yin Winfred Wong, Dana S. Kaufman
-
Patent number: 11017088Abstract: Systems are provided for utilizing crowdsourcing and machine learning to improve computer system security processes associated with user risk profiles and sign-in profiles. Risk profiles of known users and logged sign-ins are confirmed by user input as either safe or compromised. This input is used as crowdsourced feedback to generate label data for training/refining machine learning algorithms used to generate corresponding risky profile reports. The risky profile reports are used to provide updated assessments and initial assessments of known users and logged sign-ins, as well as newly discovered users and new sign-in attempts, respectively. These assessments are further confirmed or modified to further update the machine learning and risky profile reports.Type: GrantFiled: October 19, 2018Date of Patent: May 25, 2021Assignee: MICROSOFTTECHNOLOGY LICENSING, LLCInventors: Rajat Luthra, Maria Puertas Calvo, Sayed Hassan Abdelaziz
-
Publication number: 20200412717Abstract: Methods, systems, and computer program products are provided for real-time compromise detection based on behavioral analytics. The detection runs in real-time, during user authentication, for example, with respect to a resource. The probability that the authentication is coming from a compromised account is assessed. The features of the current authentication are compared with the features from past authentications of the user. After comparison, a match score is generated. The match score is indicative of the similarity of the authentication to the user's history of authentication. This score is then discretized into risk levels based on the empirical probability of compromise based on known past compromised user authentications. The risk levels may be used to detect whether user authentication is occurring via compromised credentials.Type: ApplicationFiled: September 24, 2019Publication date: December 31, 2020Inventors: Maria Puertas Calvo, Lakshmi Priya Gopal, Laurentiu B. Cristofor, Pui-Yin Winfred Wong, Dana S. Kaufman
-
Publication number: 20200089887Abstract: Systems are provided for utilizing crowdsourcing and machine learning to improve computer system security processes associated with user risk profiles and sign-in profiles. Risk profiles of known users and logged sign-ins are confirmed by user input as either safe or compromised. This input is used as crowdsourced feedback to generate label data for training/refining machine learning algorithms used to generate corresponding risky profile reports. The risky profile reports are used to provide updated assessments and initial assessments of known users and logged sign-ins, as well as newly discovered users and new sign-in attempts, respectively. These assessments are further confirmed or modified to further update the machine learning and risky profile reports.Type: ApplicationFiled: October 19, 2018Publication date: March 19, 2020Inventors: Rajat Luthra, Maria Puertas Calvo, Sayed Hassan Abdelaziz
-
Publication number: 20200089848Abstract: Systems are provided for improving computer security systems that are based on user risk scores. These systems can be used to improve both the accuracy and usability of the user risk scores by applying multiple tiers of machine learning to different the user risk profile components used to generate the user risk scores and in such a manner as to dynamically generate and modify the corresponding user risk scores.Type: ApplicationFiled: October 19, 2018Publication date: March 19, 2020Inventors: Sayed Hassan Abdelaziz, Maria Puertas Calvo, Laurentiu Bogdan Cristofor, Rajat Luthra
-
Patent number: 9530052Abstract: The sensor adaptation technique applicable to non-contact biometric authentication, specifically in iris recognition, is designed to handle the sensor mismatch problem which occurs when enrollment iris samples and test iris samples are acquired with different sensors. The present system and method are capable of adapting iris data collected from one sensor to another sensor by transforming the iris samples in a fashion bringing the samples belonging to the same person closer than those samples belonging to different persons, irrespective of the sensor acquiring the samples. The sensor adaptation technique is easily incorporable into existing iris recognition systems and uses the training iris samples acquired with different sensors for learning adaptation parameters and subsequently applying the adaptation parameters for sensor adaptation during verification stage to significantly improve the recognition system performance.Type: GrantFiled: March 13, 2014Date of Patent: December 27, 2016Assignee: University of MarylandInventors: Jaishanker K. Pillai, Maria Puertas-Calvo, Ramalingam Chellappa