Patents by Inventor Matthew Michael Swann
Matthew Michael Swann has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10671708Abstract: The improved detection of malicious processes executing on a networked computing device is provided. An agent running on the networked computing device monitors the communications transmitted to devices outside of the network to determine whether the process is likely using a periodic beacon signal to communicate with an external control center associated with a potentially malicious party. The agent maintains a dictionary data structure of objects, identifiable by the process identifier and the remote device's address, to track a given process/destination group's communication history. The communication history is updated when new messages are identified for periodic patterns to be identified for the messages, which may be used to identify a process as potentially malicious.Type: GrantFiled: February 11, 2019Date of Patent: June 2, 2020Assignee: Microsoft Technology Licensing, LLCInventors: Kyle Allan Reed, Matthew Michael Swann, Edward Chris Thayer
-
Publication number: 20190243947Abstract: The improved detection of malicious processes executing on a networked computing device is provided. An agent running on the networked computing device monitors the communications transmitted to devices outside of the network to determine whether the process is likely using a periodic beacon signal to communicate with an external control center associated with a potentially malicious party. The agent maintains a dictionary data structure of objects, identifiable by the process identifier and the remote device's address, to track a given process/destination group's communication history. The communication history is updated when new messages are identified for periodic patterns to be identified for the messages, which may be used to identify a process as potentially malicious.Type: ApplicationFiled: February 11, 2019Publication date: August 8, 2019Applicant: Microsoft Technology Licensing, LLCInventors: Kyle Allan Reed, Matthew Michael Swann, Edward Chris Thayer
-
Patent number: 10204214Abstract: The improved detection of malicious processes executing on a networked computing device is provided. An agent running on the networked computing device monitors the communications transmitted to devices outside of the network to determine whether the process is likely using a periodic beacon signal to communicate with an external control center associated with a potentially malicious party. The agent maintains a dictionary data structure of objects, identifiable by the process identifier and the remote device's address, to track a given process/destination group's communication history. The communication history is updated when new messages are identified for periodic patterns to be identified for the messages, which may be used to identify a process as potentially malicious.Type: GrantFiled: September 14, 2016Date of Patent: February 12, 2019Assignee: MICROSOFT TECHNOLOGY LICENSING, LLCInventors: Kyle Allan Reed, Matthew Michael Swann, Edward Chris Thayer
-
Patent number: 10129280Abstract: A modular pipeline for event management in a computer environment is provided to enable the high volume of events that may be relevant to the security and stability of that environment to be gathered and analyzed for relevancy in a lower volume format. The modular pipeline enables event collection to meet various use cases so that the data comprising the events may be held and transmitted in a reduced volume format so that the relevancy of the events, rather than the events themselves, may be used by various systems with less transmission overhead and greater responsiveness. Aspects of the modular pipeline streamline and optimize the performance of a computing device within a network environment and provide for additional analytics of that environment.Type: GrantFiled: September 14, 2016Date of Patent: November 13, 2018Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC.Inventors: Matthew Michael Swann, Henri-Bastien Lamontagne, Zachary Lynn Brown, Kyle Allan Reed
-
Publication number: 20180077177Abstract: The improved detection of malicious processes executing on a networked computing device is provided. An agent running on the networked computing device monitors the communications transmitted to devices outside of the network to determine whether the process is likely using a periodic beacon signal to communicate with an external control center associated with a potentially malicious party. The agent maintains a dictionary data structure of objects, identifiable by the process identifier and the remote device's address, to track a given process/destination group's communication history. The communication history is updated when new messages are identified for periodic patterns to be identified for the messages, which may be used to identify a process as potentially malicious.Type: ApplicationFiled: September 14, 2016Publication date: March 15, 2018Applicant: Microsoft Technology Licensing, LLC.Inventors: Kyle Allan Reed, Matthew Michael Swann, Edward Chris Thayer
-
Publication number: 20180077183Abstract: A modular pipeline for event management in a computer environment is provided to enable the high volume of events that may be relevant to the security and stability of that environment to be gathered and analyzed for relevancy in a lower volume format. The modular pipeline enables event collection to meet various use cases so that the data comprising the events may be held and transmitted in a reduced volume format so that the relevancy of the events, rather than the events themselves, may be used by various systems with less transmission overhead and greater responsiveness. Aspects of the modular pipeline streamline and optimize the performance of a computing device within a network environment and provide for additional analytics of that environment.Type: ApplicationFiled: September 14, 2016Publication date: March 15, 2018Applicant: Microsoft Technology Licensing, LLC.Inventors: Matthew Michael Swann, Henri-Bastien Lamontagne, Zachary Lynn Brown, Kyle Allan Reed
-
Patent number: 9191405Abstract: A canary value is used to validate a message from a non-web browser client application to a web server providing web services to mitigate cross-site forgery attacks. The canary value is generated by the server in party by applying a hash function to a user identifier and a time stamp. The server provides the canary value to the client application in response to receiving a message that does not have a canary or has an expired canary. The client application upon receiving an error message with a canary message will resend the prior message with the canary value present. The client application caches the canary value for subsequent messages until a new canary value is received. The canary value allows the server to ignore messages generated by the client application under control of an attacker.Type: GrantFiled: January 30, 2012Date of Patent: November 17, 2015Assignee: Microsoft Technology Licensing, LLCInventors: Thomas Patrick Gallagher, Venkataramann Renganathan, Brian Thomas Carver, Muhammed Serdar Soran, Matthew Michael Swann, Trace David Ferrier
-
Patent number: 8892897Abstract: A method for creating a password on an electronic computing device is disclosed. On the electronic computing device, a first password is obtained. The first password comprises a string of one or more characters. A first character is appended to the first password to form a second password. A hash function is applied to the second password to generate a first hashed password. The first hashed password comprises a first bit string. A determination is made as to whether the first hashed password includes a predefined sequence of bits. When it is determined that the first hashed password includes the predefined sequence of bits, the second password is designated as an auditable password.Type: GrantFiled: August 24, 2011Date of Patent: November 18, 2014Assignee: Microsoft CorporationInventors: Matthew Michael Swann, David Charles LeBlanc
-
Publication number: 20130198294Abstract: A canary value is used to validate a message from a non-web browser client application to a web server providing web services to mitigate cross-site forgery attacks. The canary value is generated by the server in party by applying a hash function to a user identifier and a time stamp. The server provides the canary value to the client application in response to receiving a message that does not have a canary or has an expired canary. The client application upon receiving an error message with a canary message will resend the prior message with the canary value present. The client application caches the canary value for subsequent messages until a new canary value is received. The canary value allows the server to ignore messages generated by the client application under control of an attacker.Type: ApplicationFiled: January 30, 2012Publication date: August 1, 2013Applicant: Microsoft CorporationInventors: Thomas Patrick Gallagher, Venkataramann Renganathan, Brian Thomas Carver, Muhammed Serdar Soran, Matthew Michael Swann, Trace David Ferrier
-
Publication number: 20130055380Abstract: A method for creating a password on an electronic computing device is disclosed. On the electronic computing device, a first password is obtained. The first password comprises a string of one or more characters. A first character is appended to the first password to form a second password. A hash function is applied to the second password to generate a first hashed password. The first hashed password comprises a first bit string. A determination is made as to whether the first hashed password includes a predefined sequence of bits. When it is determined that the first hashed password includes the predefined sequence of bits, the second password is designated as an auditable password.Type: ApplicationFiled: August 24, 2011Publication date: February 28, 2013Applicant: MICROSOFT CORPORATIONInventors: Matthew Michael Swann, David Charles LeBlanc