Patents by Inventor Martin Haerterich

Martin Haerterich has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 11366982
    Abstract: Various examples are directed to systems and methods for detecting training data for a generative model. A computer system may access generative model sample data and a first test sample. The computer system may determine whether a first generative model sample of the plurality of generative model samples is within a threshold distance of the first test sample and whether a second generative model sample of the plurality of generative model samples is within the threshold distance of the first test sample. The computer system may determine that a probability that the generative model was trained with the first test sample is greater than or equal to a threshold probability based at least in part on whether the first generative model sample is within the threshold distance of the first test sample, the determining also based at least in part on whether the second generative model sample is within the threshold distance of the first test sample.
    Type: Grant
    Filed: September 24, 2018
    Date of Patent: June 21, 2022
    Assignee: SAP SE
    Inventors: Martin Haerterich, Benjamin Hilprecht, Daniel Bernau
  • Publication number: 20220138348
    Abstract: Data is received that specifies a bound for an adversarial posterior belief ?c that corresponds to a likelihood to re-identify data points from the dataset based on a differentially private function output. Privacy parameters ?, ? are then calculated based on the received data that govern a differential privacy (DP) algorithm to be applied to a function to be evaluated over a dataset. The calculating is based on a ratio of probabilities distributions of different observations, which are bound by the posterior belief ?c as applied to a dataset. The calculated privacy parameters are then used to apply the DP algorithm to the function over the dataset. Related apparatus, systems, techniques and articles are also described.
    Type: Application
    Filed: October 30, 2020
    Publication date: May 5, 2022
    Inventors: Daniel Bernau, Philip-William Grassal, Hannah Keller, Martin Haerterich
  • Publication number: 20220070150
    Abstract: Various examples are directed to systems and methods for obscuring personal information in a sensor data stream. A system may apply an encoder model to the sensor data stream to generate a latent space representation of the sensor data stream. The system may also apply a noise-scaling parameter to the latent space representation of the sensor data stream and apply a decoder model to the latent space representation of the sensor data stream to generate an obscured data stream.
    Type: Application
    Filed: September 2, 2020
    Publication date: March 3, 2022
    Inventors: Martin Haerterich, Benjamin Weggenmann, Florian Knoerzer
  • Patent number: 10834102
    Abstract: A client comprising a web browser is provided. The client is configured to: run an application in the web browser, the application comprising a sensor including sensor JavaScript code, wherein running the application comprises executing the sensor JavaScript code as the first JavaScript code in the web browser to activate the sensor; and wherein the sensor is configured to: gather data with respect to the application at runtime; and check predetermined application-specific rules against the gathered data for detecting client-side attacks at runtime.
    Type: Grant
    Filed: January 5, 2018
    Date of Patent: November 10, 2020
    Assignee: SAP SE
    Inventors: Martin Johns, Martin Haerterich, Christoph Haefner
  • Publication number: 20200193298
    Abstract: A system is described that can include a machine learning model and at least one programmable processor communicatively coupled to the machine learning model. The machine learning model can receive data, generate a continuous probability distribution associated with the data, sample a latent variable from the continuous probability distribution to generate a plurality of samples, and generate reconstructed data from the plurality of samples. The at least one programmable processor can compute a reconstruction error by determining a distance between the reconstructed data and the data, and generate, based on the reconstruction error, an indication representing whether a specific record within the received data was used to train the machine learning model. Related apparatuses, methods, techniques, non-transitory computer programmable products, non-transitory machine-readable medium, articles, and other systems are also within the scope of this disclosure.
    Type: Application
    Filed: December 13, 2018
    Publication date: June 18, 2020
    Inventors: Benjamin Hilprecht, Daniel Bernau, Martin Haerterich
  • Publication number: 20200097763
    Abstract: Various examples are directed to systems and methods for detecting training data for a generative model. A computer system may access generative model sample data and a first test sample. The computer system may determine whether a first generative model sample of the plurality of generative model samples is within a threshold distance of the first test sample and whether a second generative model sample of the plurality of generative model samples is within the threshold distance of the first test sample. The computer system may determine that a probability that the generative model was trained with the first test sample is greater than or equal to a threshold probability based at least in part on whether the first generative model sample is within the threshold distance of the first test sample, the determining also based at least in part on whether the second generative model sample is within the threshold distance of the first test sample.
    Type: Application
    Filed: September 24, 2018
    Publication date: March 26, 2020
    Inventors: Martin Haerterich, Benjamin Hilprecht, Daniel Bernau
  • Patent number: 10491615
    Abstract: A sequence of events by a single user with at least one computing system are monitored. Each event characterizes user interaction with the at least one computing system and the sequence of events form a plurality of pairwise disjoint log samples. Thereafter, it is determined, using an adjacency graph trained using a plurality of log samples generated by a plurality of users, whether any of the log samples is anomalous. Data can be provided that characterizes the log samples determined to be anomalous. Related apparatus, systems, techniques and articles are also described.
    Type: Grant
    Filed: January 9, 2017
    Date of Patent: November 26, 2019
    Assignee: SAP SE
    Inventor: Martin Haerterich
  • Patent number: 10454969
    Abstract: Various embodiments of systems, computer program products, and methods to automatically generate low-interaction honeypots to protect application landscapes through are described herein. In an aspect, representative applications associated with resources in a network are identified. The low-interaction honeypots are automatically generated for the identified representative applications. Further, the representative applications are probed to retrieve responses corresponding to different requests. Templates are generated corresponding to request-response pairs by parsing the responses and the requests. During operation, new requests for accessing the resources are responded based on the generated templates. The new requests and corresponding responses are recorded.
    Type: Grant
    Filed: July 17, 2017
    Date of Patent: October 22, 2019
    Assignee: SAP SE
    Inventors: Martin Haerterich, Martin Johns, Marius Musch
  • Patent number: 10339311
    Abstract: Various examples are directed to detecting anomalous modifications to a software component. For example, a computing device may receive, from a version control system, version metadata describing properties of a plurality of commits for the software component. The computing device may generate a plurality of commit clusters based, at least in part, on the properties of the plurality of commits. The computing device may determine a first anomalous commit of the plurality of commits and generate an alert message indicating a first code segment modified by the first commit.
    Type: Grant
    Filed: February 17, 2017
    Date of Patent: July 2, 2019
    Assignee: SAP SE
    Inventors: Martin Haerterich, Martin Johns
  • Patent number: 10242180
    Abstract: Systems and methods are provided herein for establishing a protection framework for a component. Identified assets of a component requiring protection from a potential attack are received. A list of assets is generated based on the identified assets. A protection framework is configured to include at least one defensive pattern to protect the list of assets against the potential attack. The protection framework is executed to establish a hardened boundary between the component and an attack surface of the component.
    Type: Grant
    Filed: January 11, 2017
    Date of Patent: March 26, 2019
    Assignee: SAP SE
    Inventors: Christoph Haefner, Martin Johns, Martin Haerterich
  • Publication number: 20190020683
    Abstract: Various embodiments of systems, computer program products, and methods to automatically generate low-interaction honeypots to protect application landscapes through are described herein. In an aspect, representative applications associated with resources in a network are identified. The low-interaction honeypots are automatically generated for the identified representative applications. Further, the representative applications are probed to retrieve responses corresponding to different requests. Templates are generated corresponding to request-response pairs by parsing the responses and the requests. During operation, new requests for accessing the resources are responded based on the generated templates. The new requests and corresponding responses are recorded.
    Type: Application
    Filed: July 17, 2017
    Publication date: January 17, 2019
    Inventors: MARTIN HAERTERICH, Martin Johns, Marius Musch
  • Patent number: 10162858
    Abstract: Methods, systems, and computer-readable storage media for optimizing query processing in encrypted databases. In some implementations, actions include receiving a query that is to be used to query an encrypted database, generating a plurality of query plans based on the query, each query plan including a local query and one or more remote queries, the local query being executable at a client-side and the one or more remote queries being executable at a server-side, selecting an optimal query plan from the plurality of query plans, providing one or more remote queries of the optimal query plan to the server-side for execution, receiving one or more remote results, and processing a local query of the optimal query plan and the one or more remote results to provide a final query result.
    Type: Grant
    Filed: July 31, 2013
    Date of Patent: December 25, 2018
    Assignee: SAP SE
    Inventors: Florian Kerschbaum, Patrick Grofig, Martin Haerterich, Mathias Kohler, Andreas Schaad, Axel Schroepfer, Walter Tighzert
  • Patent number: 10061925
    Abstract: A number of events are counted in different layers of a computing environment during execution of a software application. The number of counted events can be compared to a previously generated cluster set to determine that at least one of the counted events is an outlier. Data can then be provided that characterizes the at least one of the counted events determined to be an outlier. In some cases, some or all of the functionality of the software application can be selectively disabled. Related apparatus, systems, techniques and articles are also described.
    Type: Grant
    Filed: June 20, 2016
    Date of Patent: August 28, 2018
    Assignee: SAP SE
    Inventors: Martin Haerterich, Martin Johns
  • Publication number: 20180239898
    Abstract: Various examples are directed to detecting anomalous modifications to a software component, For example, a computing device may receive, from a version control system, version metadata describing properties of a plurality of commits for the software component. The computing device may generate a plurality of commit clusters based, at least in part, on the properties of the plurality of commits. The computing device may determine a first anomalous commit of the plurality of commits and generate an alert message indicating a first code segment modified by the first commit.
    Type: Application
    Filed: February 17, 2017
    Publication date: August 23, 2018
    Inventors: Martin Haerterich, Martin Johns
  • Publication number: 20180198807
    Abstract: A client comprising a web browser is provided. The client is configured to: run an application in the web browser, the application comprising a sensor including sensor JavaScript code, wherein running the application comprises executing the sensor JavaScript code as the first JavaScript code in the web browser to activate the sensor; and wherein the sensor is configured to: gather data with respect to the application at runtime; and check predetermined application-specific rules against the gathered data for detecting client-side attacks at runtime.
    Type: Application
    Filed: January 5, 2018
    Publication date: July 12, 2018
    Inventors: Martin Johns, Martin Haerterich, Christoph Haefner
  • Publication number: 20180196939
    Abstract: Systems and methods are provided herein for establishing a protection framework for a component. Identified assets of a component requiring protection from a potential attack are received. A list of assets is generated based on the identified assets. A protection framework is configured to include at least one defensive pattern to protect the list of assets against the potential attack. The protection framework is executed to establish a hardened boundary between the component and an attack surface of the component.
    Type: Application
    Filed: January 11, 2017
    Publication date: July 12, 2018
    Inventors: Christoph Haefner, Martin Johns, Martin Haerterich
  • Publication number: 20180198810
    Abstract: A sequence of events by a single user with at least one computing system are monitored. Each event characterizes user interaction with the at least one computing system and the sequence of events form a plurality of pairwise disjoint log samples. Thereafter, it is determined, using an adjacency graph trained using a plurality of log samples generated by a plurality of users, whether any of the log samples is anomalous. Data can be provided that characterizes the log samples determined to be anomalous. Related apparatus, systems, techniques and articles are also described.
    Type: Application
    Filed: January 9, 2017
    Publication date: July 12, 2018
    Inventor: Martin Haerterich
  • Patent number: 9852385
    Abstract: Disclosed is a mechanism to process business object IDs in inbound and outbound processing. The mechanism takes into account a mapping table, matching capabilities, number ranges, inbound error and conflict handling, inbound processing, outbound processing, initial load, and data migration.
    Type: Grant
    Filed: December 8, 2011
    Date of Patent: December 26, 2017
    Assignee: SAP SE
    Inventors: Knut Heusermann, Matthias Becker, Christian Hohmann, Sophie Kraut, Torsten Buecheler, Xenia Rieger, Dietmar Henkes, Guang Yang, Olga Kreindlina, Thomas Vogt, Walter Zimmermann, Oliver Berger, Martin Haerterich, Marcus Echter, Albert Neumueller, Stefan Moeller
  • Publication number: 20170364680
    Abstract: A number of events are counted in different layers of a computing environment during execution of a software application. The number of counted events can be compared to a previously generated cluster set to determine that at least one of the counted events is an outlier. Data can then be provided that characterizes the at least one of the counted events determined to be an outlier. In some cases, some or all of the functionality of the software application can be selectively disabled. Related apparatus, systems, techniques and articles are also described.
    Type: Application
    Filed: June 20, 2016
    Publication date: December 21, 2017
    Inventors: Martin HAERTERICH, Martin JOHNS
  • Patent number: 9754000
    Abstract: According to one general aspect, a method may include replicating, to a software-as-a-service application, a plurality of pieces of master data from a physically remote master database. The method may also include converting the plurality of pieces of master data into one or more pieces of local data of the software-as-a-service application. The method may include changing one or more of either the pieces of master data or the pieces of local data. The method may further include synchronizing the changed pieces of either master data or local data between the remote master database and the software-as-a-service application.
    Type: Grant
    Filed: December 21, 2012
    Date of Patent: September 5, 2017
    Assignee: SAP SE
    Inventors: Olga Kreindlina, Oliver Berger, Santhosh N, Karthik Narayanan Mohan, Walter Zimmermann, Torsten Buecheler, Sophie Kraut, Albert Neumueller, Steffen Witt, Dietmar Henkes, Guang Yang, Thomas Vogt, Matthias Becker, Martin Haerterich, Stefan Moeller, Kritesh Vasing, Knut Heusermann, Christian Hohmann, Marcus Echter, Xenia Rieger, Mohit V. Gadkari, Mukesh Kumar