Patents by Inventor Matthias Seul
Matthias Seul has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20230035918Abstract: Approaches presented herein enable detecting and assessing evidence of malware intrusion. More specifically, scans of a system are performed, where the scans detect evidence of malware intrusion, and each of the scans generates a respective result. A severity score is assigned to each respective result of the scans, and an assessment score for the system is computed based on the severity score assigned to each respective result of the scans.Type: ApplicationFiled: July 27, 2021Publication date: February 2, 2023Inventors: Arielle Tovah Orazio, Matthias Seul, Lloyd Wellington Mascarenhas, Christopher Pepin
-
Patent number: 11563761Abstract: A computer-implemented method for protecting a processing environment from malicious incoming network traffic may be provided. The method comprises: in response to receiving incoming network traffic comprising a data packet, performing a packet and traffic analysis of the data packet to determine whether said data packet is non-malicious and malicious, and processing of the data packet in a sandbox environment. Furthermore, the method comprises: in response to detecting that the data packet is non-malicious based on the packet and traffic analysis, releasing the processed data packet from the sandbox environment for further processing in the processing environment, and in response to detecting that the data packet is malicious based on the packet and traffic analysis discarding the data packet.Type: GrantFiled: April 23, 2020Date of Patent: January 24, 2023Assignee: Kyndryl, Inc.Inventors: Arjun Udupi Raghavendra, Tim Uwe Scheideler, Matthias Seul
-
Patent number: 11539737Abstract: A method for providing protection of a computing resource constrained device against cyberattacks may include collecting threat intelligence data in form of indicators of compromise (IoC). The indicators may include cyberattack chain related data. The method may also include determining a relevance of the cyberattack chain for the device, measuring a utilization of security measures in terms of their detection of the respective IoCs and their respective responses to the IoCs, measuring a resource consumption of the security measures, and determining a benefit value for at least one the security measure expressed by its utilization and a relevance value of the IoCs detected with it.Type: GrantFiled: October 28, 2020Date of Patent: December 27, 2022Assignee: KYNDRYL, INC.Inventors: Tim Uwe Scheideler, Matthias Seul, Arjun Udupi Raghavendra, Andrea Giovannini
-
Patent number: 11533384Abstract: A computer system with access to remote files stored on a remote system can predict that a portion of a remote file is likely to be necessary. The computer system may download the portion of the remote file to a local file and update metadata of the local file to reflect the downloaded portion.Type: GrantFiled: March 20, 2020Date of Patent: December 20, 2022Assignee: International Business Machines CorporationInventors: Matthias Seul, Alexandr Pavlovich Korchemniy
-
Publication number: 20220398567Abstract: A node in a blockchain network may generate a secret information proof, generate a private/public key pair, encrypt the secret information proof with the private/public key pair, and submit the proof to a blockchain network.Type: ApplicationFiled: June 15, 2021Publication date: December 15, 2022Inventors: Petr Novotny, Shikhar Kwatra, Nitin Gaur, Matthias Seul
-
Patent number: 11516228Abstract: A method for processing security events by applying a rule-based alarm scheme may be provided. The method includes generating a rule index of rules and an indicator of compromise index for each of the rules. The method includes also processing the incoming security event by applying the rules, increasing a current rule counter relating to a triggered rule, and increasing a current indicator of compromise counter pertaining to the triggered rule. Furthermore, the method includes generating a pseudo security event from received data about known attacks and related indicators of compromise, processing the pseudo security events by sequentially applying the rules, increasing a current rule counter of pseudo security events, and increasing a current indicator of compromise counter for pseudo security events, and sorting the rules and sorting within each rule the indicator of compromise values in the indicator of compromise index.Type: GrantFiled: May 29, 2019Date of Patent: November 29, 2022Assignee: KYNDRYL, INC.Inventors: Tim Uwe Scheideler, Ivan James Reedman, Arjun Udupi Raghavendra, Matthias Seul
-
Publication number: 20220300638Abstract: A computer-implemented method for managing access rights to a knowledge graph is provided. The method comprises splitting, for each user system, its respective portion of the knowledge graph into a plurality of knowledge subgraphs, encrypting each of the knowledge subgraphs, and generating a plurality of private summary graphs. The method also comprises maintaining a collaboration graph comprising one vertex per user system and edges representing collaborations between the users, mapping all private subgraphs of all user systems to one public summary graph, each vertex of the public summary graph comprises less data than the related vertex of the related private summary graphs and wherein none of the vertices of the summary graph comprises any encryption or decryption key, and granting access to a selected knowledge subgraph from a first user system to a second user system.Type: ApplicationFiled: June 8, 2022Publication date: September 22, 2022Inventors: Tim Uwe Scheideler, Arjun Udupi Raghavendra, Matthias Seul
-
Patent number: 11443626Abstract: Methods, computer program products, and systems are presented. The methods include, for instance: obtaining passenger information of one or more passenger traveling within a transportation network; and providing one or more output based on a processing of the passenger information.Type: GrantFiled: June 26, 2020Date of Patent: September 13, 2022Assignee: Quartz Auto Technologies LLCInventors: Tobias Dannat, Andreas Kuehmichel, Tim Scheideler, Matthias Seul, Thomas Allen Snellgrove
-
Patent number: 11431734Abstract: A computer-implemented method for dynamically identifying security threats comprising a cyber-attack chain composed of a sequence of partial cyber-attacks represented by attack patterns may be provided. The method comprises receiving a sequence of security events, determining, a first cyber-attack pattern by applying a set of predefined rules for detecting an indicator of compromise of a first partial cyber-attack of the cyber-attack chain—thereby, identifying a specific cyber-attack chain—and determining a type and an attribute in the pattern of the first partial cyber-attack. The method comprises further configuring at least one rule for a downstream partial cyber-attack in the specific cyber-attack chain based on the type and the attribute in the attack pattern of the first partial cyber-attack, and adding the at least one configured rule to the set of predefined rules to be used by the correlation engine for dynamically identifying security threats to information technology systems.Type: GrantFiled: April 18, 2019Date of Patent: August 30, 2022Assignee: KYNDRYL, INC.Inventors: Matthias Seul, Arjun Udupi Raghavendra, Tim Uwe Scheideler, Tiziano Airoldi
-
Publication number: 20220269949Abstract: The exemplary embodiments disclose a method, a computer system, and a computer program product for detecting malware. The exemplary embodiments may include aggregating known malware patterns by storing malware patterns and related malware categories of the malware patterns. The exemplary embodiments may additionally include training a first machine-learning system, comprising a generator portion and a discriminator portion, by using the known malware patterns and the related malware categories as training data. The exemplary embodiments may also include generating additional synthetic code patterns by feeding random code samples to the trained first machine-learning system. The exemplary embodiments may further include training a second machine-learning system by using benevolent code patterns and the generated additional synthetic code patterns as training data.Type: ApplicationFiled: February 22, 2021Publication date: August 25, 2022Inventors: Tim Uwe Scheideler, Arjun Udupi Raghavendra, Matthias Seul, Andrea Giovannini
-
Patent number: 11397825Abstract: A computer-implemented method for managing access rights to a knowledge graph is provided. The method comprises splitting, for each user system, its respective portion of the knowledge graph into a plurality of knowledge subgraphs, encrypting each of the knowledge subgraphs, and generating a plurality of private summary graphs. The method also comprises maintaining a collaboration graph comprising one vertex per user system and edges representing collaborations between the users, mapping all private subgraphs of all user systems to one public summary graph, each vertex of the public summary graph comprises less data than the related vertex of the related private summary graphs and wherein none of the vertices of the summary graph comprises any encryption or decryption key, and granting access to a selected knowledge subgraph from a first user system to a second user system.Type: GrantFiled: August 9, 2019Date of Patent: July 26, 2022Assignee: Kyndryl, Inc.Inventors: Tim Uwe Scheideler, Arjun Udupi Raghavendra, Matthias Seul
-
Publication number: 20220214960Abstract: Load testing a service having a plurality of different states is provided. A multitude of simulated users accessing the service are divided into a plurality of cohorts. Simulated users within a given cohort share a similar personality type. A load test of the service is performed by applying a set of service requests from each respective cohort to the service. In response to a percentage of simulated users of each cohort encountering a particular state in the service, a user response is determined for the percentage of simulated users within each cohort at that particular state based on a probabilistic user behavior model corresponding to a personality type of each cohort such that user responses at that particular state are distributed in accordance with the probabilistic user behavior model. Distributed user responses at that particular state are applied to the load test in accordance with the probabilistic user behavior model.Type: ApplicationFiled: January 7, 2021Publication date: July 7, 2022Inventors: Jason Zhong, Matthias Seul
-
Publication number: 20220191238Abstract: A processor may detect a risk on a local machine. The processor may determine that the risk warrants a heightened-level remediation. The processor may connect the local machine to a cloud-based desktop environment. The processor may perform the heightened-level remediation on the local machine. The processor may merge data from the cloud-based desktop environment to the local machine in response to the heightened-level remediation being performed.Type: ApplicationFiled: December 15, 2020Publication date: June 16, 2022Inventors: Lloyd Wellington Mascarenhas, Arielle Tovah Orazio, Christopher Pepin, Matthias Seul
-
Publication number: 20220188445Abstract: A computer system controls access to data. A secure container that is based on an image file is instantiated at an endpoint device of a user, wherein the secure container includes encrypted data corresponding to the user. An access request to the secure container is authenticated by verifying credentials of the user. In response to verifying the credentials of the user, access to the data is granted. Access to the data is controlled by decrypting and enabling access to a portion of the data, wherein additional portions of the data are decrypted and made accessible based on user behavior.Type: ApplicationFiled: December 10, 2020Publication date: June 16, 2022Inventors: Arielle Tovah Orazio, Matthias Seul, Christopher Pepin, Lloyd Wellington Mascarenhas
-
Publication number: 20220131889Abstract: A method for providing protection of a computing resource constrained device against cyberattacks may include collecting threat intelligence data in form of indicators of compromise (IoC). The indicators may include cyberattack chain related data. The method may also include determining a relevance of the cyberattack chain for the device, measuring a utilization of security measures in terms of their detection of the respective IoCs and their respective responses to the IoCs, measuring a resource consumption of the security measures, and determining a benefit value for at least one the security measure expressed by its utilization and a relevance value of the IoCs detected with it.Type: ApplicationFiled: October 28, 2020Publication date: April 28, 2022Inventors: Tim Uwe Scheideler, Matthias Seul, Arjun Udupi Raghavendra, Andrea Giovannini
-
Patent number: 11308275Abstract: Embodiments of the present invention provide systems, methods, and computer program products for processing responses from services (e.g., content providers) and managing content tailoring by services and/or recommender systems used by those services. Embodiments of the present invention can afford users with the ability to control the diversity of content in responses provided by services based one or more detected themes of the responses. Furthermore, embodiments of the present invention may be used to provide users with enriched responses from services, without needing cooperation of those services.Type: GrantFiled: June 3, 2019Date of Patent: April 19, 2022Assignee: International Business Machines CorporationInventors: Claudius Link, Matthias Seul
-
Publication number: 20220114260Abstract: Aspects of the present invention disclose a method, computer program product, and system for detecting a malicious process by a selected instance of an anti-malware system. The method includes one or more processors examining a process for indicators of compromise to the process. The method further includes one or more processors determining a categorization of the process based upon a result of the examination. In response to determining that the categorization of the process does not correspond to a known benevolent process and a known malicious process, the method further includes one or more processors executing the process in a secure enclave. The method further includes one or more processors collecting telemetry data from executing the process in the secure enclave. The method further includes one or more processors passing the collected telemetry data to a locally trained neural network system.Type: ApplicationFiled: October 13, 2020Publication date: April 14, 2022Inventors: Arjun Udupi Raghavendra, Tim Uwe Scheideler, Matthias Seul, Andrea Giovannini
-
Patent number: 11290523Abstract: Automatic file transfer is provided. A file is obtained utilizing a file generating application on a mobile device in response to an input from a user. The mobile device connected to a network. The file is automatically transferred from the mobile device to a target service via the network utilizing a high-speed file transfer application running on the mobile device such that high-speed transfer of the file from the mobile device to the target service is enabled even though the file generating application does not support the high-speed transfer.Type: GrantFiled: June 22, 2021Date of Patent: March 29, 2022Assignee: International Business Machines CorporationInventors: Hanna Puhoffa, Matthias Seul, Brian Din, Keira Louise Hopkins
-
Patent number: 11271928Abstract: User bioelectrical authentication is provided. A bioelectrical configuration signature of a user in physical contact with a hardware token is received, via a token reader, during a low range radio frequency user authentication process to permit a secure transaction by the user. The bioelectrical configuration signature of the user is utilized as part of the low range radio frequency user authentication process to authenticate the user to perform the secure transaction.Type: GrantFiled: March 25, 2019Date of Patent: March 8, 2022Assignee: International Business Machines CorporationInventors: Matthias Seul, Nicolo′ Sgobba, Erik Rueger
-
Publication number: 20210336977Abstract: A computer-implemented method for protecting a processing environment from malicious incoming network traffic may be provided. The method comprises: in response to receiving incoming network traffic comprising a data packet, performing a packet and traffic analysis of the data packet to determine whether said data packet is non-malicious and malicious, and processing of the data packet in a sandbox environment. Furthermore, the method comprises: in response to detecting that the data packet is non-malicious based on the packet and traffic analysis, releasing the processed data packet from the sandbox environment for further processing in the processing environment, and in response to detecting that the data packet is malicious based on the packet and traffic analysis discarding the data packet.Type: ApplicationFiled: April 23, 2020Publication date: October 28, 2021Inventors: Arjun Udupi Raghavendra, Tim Uwe Scheideler, Matthias Seul