Patents by Inventor Pau-Chen Cheng
Pau-Chen Cheng has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20220374762Abstract: Techniques for distributed federated learning leverage a multi-layered defense strategy to provide for reduced information leakage. In lieu of aggregating model updates centrally, an aggregation function is decentralized into multiple independent and functionally-equivalent execution entities, each running within its own trusted executed environment (TEE). The TEEs enable confidential and remote-attestable federated aggregation. Preferably, each aggregator entity runs within an encrypted virtual machine that support runtime in-memory encryption. Each party remotely authenticates the TEE before participating in the training. By using multiple decentralized aggregators, parties are enabled to partition their respective model updates at model-parameter granularity, and can map single weights to a specific aggregator entity. Parties also can dynamically shuffle fragmentary model updates at each training iteration to further obfuscate the information dispatched to each aggregator execution entity.Type: ApplicationFiled: May 18, 2021Publication date: November 24, 2022Applicant: International Business Machines CorporationInventors: Jayaram Kallapalayam Radhakrishnan, Ashish Verma, Zhongshu Gu, Enriquillo Valdez, Pau-Chen Cheng, Hani Talal Jamjoom
-
Publication number: 20220374763Abstract: Techniques for distributed federated learning leverage a multi-layered defense strategy to provide for reduced information leakage. In lieu of aggregating model updates centrally, an aggregation function is decentralized into multiple independent and functionally-equivalent execution entities, each running within its own trusted executed environment (TEE). The TEEs enable confidential and remote-attestable federated aggregation. Preferably, each aggregator entity runs within an encrypted virtual machine that support runtime in-memory encryption. Each party remotely authenticates the TEE before participating in the training. By using multiple decentralized aggregators, parties are enabled to partition their respective model updates at model-parameter granularity, and can map single weights to a specific aggregator entity. Parties also can dynamically shuffle fragmentary model updates at each training iteration to further obfuscate the information dispatched to each aggregator execution entity.Type: ApplicationFiled: May 18, 2021Publication date: November 24, 2022Applicant: International Business Machines CorporationInventors: Zhongshu Gu, Jayaram Kallapalayam Radhakrishnan, Ashish Verma, Enriquillo Valdez, Pau-Chen Cheng, Hani Talal Jamjoom, Kevin Eykholt
-
Patent number: 11455569Abstract: Handshake protocol layer features are extracted from training data associated with encrypted network traffic of a plurality of classified devices. Record protocol layer features are extracted from the training data. One or more models are trained based on the extracted handshake protocol layer features and the extracted record protocol layer features. The one or more models are applied to an observed encrypted network traffic stream associated with a device to determine a predicted device classification of the device.Type: GrantFiled: January 9, 2019Date of Patent: September 27, 2022Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Enriquillo Valdez, Pau-Chen Cheng, Ian Michael Molloy, Dimitrios Pendarakis
-
Patent number: 10944556Abstract: A random value generator is provided that comprises a carbon nanotube structure that generates a random output current in response to a voltage input. The random value generator includes a random value output circuit coupled to the carbon nanotube structure that receives the random output current from the carbon nanotube structure and generates a random output value based on the received random output current from the carbon nanotube structure.Type: GrantFiled: February 25, 2019Date of Patent: March 9, 2021Assignee: International Business Machines CorporationInventors: Pau-Chen Cheng, Shu-Jen Han, Jianshi Tang
-
Publication number: 20200219005Abstract: Handshake protocol layer features are extracted from training data associated with encrypted network traffic of a plurality of classified devices. Record protocol layer features are extracted from the training data. One or more models are trained based on the extracted handshake protocol layer features and the extracted record protocol layer features. The one or more models are applied to an observed encrypted network traffic stream associated with a device to determine a predicted device classification of the device.Type: ApplicationFiled: January 9, 2019Publication date: July 9, 2020Applicant: International Business Machines CorporationInventors: Enriquillo Valdez, Pau-Chen Cheng, Ian Michael Molloy, Dimitrios Pendarakis
-
Patent number: 10375116Abstract: Systems and methods for protecting a data item include, upon initiation of transfer of the data item from a server to a client device, determining a sensitivity score and a current protection, level of the data item. A policy is applied to determine an appropriate protection for the data item based upon the sensitivity score and the current protection level. A protected data item is provided to the client device by applying the appropriate protection to the data item.Type: GrantFiled: March 2, 2017Date of Patent: August 6, 2019Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Pau-Chen Cheng, Stephen C. Gates, Lawrence Koved, Wilfried Teiken
-
Publication number: 20190190712Abstract: A random value generator is provided that comprises a carbon nanotube structure that generates a random output current in response to a voltage input. The random value generator includes a random value output circuit coupled to the carbon nanotube structure that receives the random output current from the carbon nanotube structure and generates a random output value based on the received random output current from the carbon nanotube structure.Type: ApplicationFiled: February 25, 2019Publication date: June 20, 2019Inventors: Pau-Chen Cheng, Shu-Jen Han, Jianshi Tang
-
Patent number: 10225082Abstract: A random value generator is provided that comprises a carbon nanotube structure that generates a random output current in response to a voltage input. The random value generator includes a random value output circuit coupled to the carbon nanotube structure that receives the random output current from the carbon nanotube structure and generates a random output value based on the received random output current from the carbon nanotube structure.Type: GrantFiled: July 26, 2016Date of Patent: March 5, 2019Assignee: International Business Machines CorporationInventors: Pau-Chen Cheng, Shu-Jen Han, Jianshi Tang
-
Patent number: 10091181Abstract: Dynamic risk communication associated with a computer device may include automatically detecting one or more security risk factors for the computer device based on current context information associated with the computer device. Whether an attempt is being made via the computer device to manipulate the one or more risk factors in an attempt to reduce a security level of a computer-implemented authentication procedure may be determined. Responsive to determining that the attempt is being made to manipulate the one or more risk factors, a new challenge for additional identification may be communicated for presentation on a user interface device of the computer device while suppressing one or more security risk factors from being presented on the user interface device. Responsive to determining that an attempt is not being made to manipulate the one or more risk factors, the new challenge and one or more security risk factors may be communicated.Type: GrantFiled: June 9, 2017Date of Patent: October 2, 2018Assignee: International Business Machines CorporationInventors: Pau-Chen Cheng, Lawrence Koved, Kapil K. Singh, Calvin B. Swart, Sharon M. Trewin
-
Publication number: 20180034629Abstract: A random value generator is provided that comprises a carbon nanotube structure that generates a random output current in response to a voltage input. The random value generator includes a random value output circuit coupled to the carbon nanotube structure that receives the random output current from the carbon nanotube structure and generates a random output value based on the received random output current from the carbon nanotube structure.Type: ApplicationFiled: July 26, 2016Publication date: February 1, 2018Inventors: Pau-Chen Cheng, Shu-Jen Han, Jianshi Tang
-
Patent number: 9854057Abstract: Embodiments include a network data collection and response system for enhancing security in an enterprise network providing a user-supplied computing device with access to the network. A network data collection and response system tracks network activity of the device and maintains a device inventory recording the device type and configuration information for the device along with a resource utilization profile for the device. The network data collection and response system detects high-risk or unauthorized network activity involving the device through passive monitoring without utilization of a data monitoring agent installed on the device and implements a response action to mitigate the high-risk or unauthorized network.Type: GrantFiled: May 6, 2014Date of Patent: December 26, 2017Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Suresh N. Chari, Pau-Chen Cheng, Xin Hu, Lawrence Koved, Josyula R. Rao, Reiner Sailer, Douglas L. Schales, Kapil K. Singh, Marc P. Stoecklin
-
Patent number: 9807105Abstract: Generating a behavior profile is provided. A newness score is calculated for a data point corresponding to a context of an access request to a resource made by a user of a client device. Newness scores for a plurality of data points corresponding to contexts of a plurality of access requests are aggregated to form an aggregated newness score. In response to determining that the aggregated newness score is greater than or equal to a pre-defined newness score threshold, data points stored in a data point cache and a long-term storage are used to generate a new behavior profile for the user or update an existing behavior profile for the user.Type: GrantFiled: November 11, 2015Date of Patent: October 31, 2017Assignee: International Business Machines CorporationInventors: Pau-Chen Cheng, Lawrence Koved, Kapil K. Singh
-
Patent number: 9781095Abstract: Dynamic risk communication associated with a computer device may include automatically detecting one or more security risk factors for the computer device based on current context information associated with the computer device. Whether an attempt is being made via the computer device to manipulate the one or more risk factors in an attempt to reduce a security level of a computer-implemented authentication procedure may be determined. Responsive to determining that the attempt is being made to manipulate the one or more risk factors, a new challenge for additional identification may be communicated for presentation on a user interface device of the computer device while suppressing one or more security risk factors from being presented on the user interface device. Responsive to determining that an attempt is not being made to manipulate the one or more risk factors, the new challenge and one or more security risk factors may be communicated.Type: GrantFiled: December 18, 2015Date of Patent: October 3, 2017Assignee: International Business Machines CorporationInventors: Pau-Chen Cheng, Lawrence Koved, Kapil K. Singh, Calvin B. Swart, Sharon M. Trewin
-
Publication number: 20170279787Abstract: Dynamic risk communication associated with a computer device may include automatically detecting one or more security risk factors for the computer device based on current context information associated with the computer device. Whether an attempt is being made via the computer device to manipulate the one or more risk factors in an attempt to reduce a security level of a computer-implemented authentication procedure may be determined. Responsive to determining that the attempt is being made to manipulate the one or more risk factors, a new challenge for additional identification may be communicated for presentation on a user interface device of the computer device while suppressing one or more security risk factors from being presented on the user interface device. Responsive to determining that an attempt is not being made to manipulate the one or more risk factors, the new challenge and one or more security risk factors may be communicated.Type: ApplicationFiled: June 9, 2017Publication date: September 28, 2017Inventors: Pau-Chen Cheng, Lawrence Koved, Kapil K. Singh, Calvin B. Swart, Sharon M. Trewin
-
Patent number: 9712565Abstract: Systems and methods for protecting a data item include, upon initiation of transfer of the data item from a server to a client device, determining a sensitivity score and a current protection level of the data item. A policy is applied to determine an appropriate protection for the data item based upon the sensitivity score and the current protection level. A protected data item is provided to the client device by applying the appropriate protection to the data item.Type: GrantFiled: July 11, 2016Date of Patent: July 18, 2017Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Pau-Chen Cheng, Stephen C. Gates, Lawrence Koved, Wilfried Teiken
-
Publication number: 20170180339Abstract: Dynamic risk communication associated with a computer device may include automatically detecting one or more security risk factors for the computer device based on current context information associated with the computer device. Whether an attempt is being made via the computer device to manipulate the one or more risk factors in an attempt to reduce a security level of a computer-implemented authentication procedure may be determined. Responsive to determining that the attempt is being made to manipulate the one or more risk factors, a new challenge for additional identification may be communicated for presentation on a user interface device of the computer device while suppressing one or more security risk factors from being presented on the user interface device. Responsive to determining that an attempt is not being made to manipulate the one or more risk factors, the new challenge and one or more security risk factors may be communicated.Type: ApplicationFiled: December 18, 2015Publication date: June 22, 2017Inventors: Pau-Chen Cheng, Lawrence Koved, Kapil K. Singh, Calvin B. Swart, Sharon M. Trewin
-
Publication number: 20170180332Abstract: Systems and methods for protecting a data item include, upon initiation of transfer of the data item from a server to a client device, determining a sensitivity score and a current protection, level of the data item. A policy is applied to determine an appropriate protection for the data item based upon the sensitivity score and the current protection level.Type: ApplicationFiled: March 2, 2017Publication date: June 22, 2017Inventors: Pau-Chen Cheng, Stephen C. Gates, Lawrence Koved, Wilfried Teiken
-
Patent number: 9686275Abstract: A technique is provided for continuous user authentication through real-time fusion and correlation of multiple factors. Monitored data is continuously obtained from a computer. The monitored data is related to user actions on the computer of a user. A server analyzes the monitored data of the computer to execute a windowing system event sequences modality, a network footprint modality, an application specific user actions modality, and/or a forensic linguistic analysis modality for the user. The user is authenticated on the computer based on a combination of the windowing system event sequences modality, the network footprint modality, the application specific user actions modality, and/or the forensic linguistic analysis modality.Type: GrantFiled: July 7, 2014Date of Patent: June 20, 2017Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Suresh N. Chari, Pau-Chen Cheng, Lawrence Koved, Ian M. Molloy, Youngja Park
-
Publication number: 20170134412Abstract: Generating a behavior profile is provided. A newness score is calculated for a data point corresponding to a context of an access request to a resource made by a user of a client device. Newness scores for a plurality of data points corresponding to contexts of a plurality of access requests are aggregated to form an aggregated newness score. In response to determining that the aggregated newness score is greater than or equal to a pre-defined newness score threshold, data points stored in a data point cache and a long-term storage are used to generate a new behavior profile for the user or update an existing behavior profile for the user.Type: ApplicationFiled: November 11, 2015Publication date: May 11, 2017Inventors: PAU-CHEN CHENG, LAWRENCE KOVED, KAPIL K. SINGH
-
Patent number: 9594921Abstract: Systems and methods for protecting a data item include, upon initiation of transfer of the data item from a server to a client device, determining a sensitivity score and a current protection level of the data item. A policy is applied to determine an appropriate protection for the data item based upon the sensitivity score and the current protection level. A protected data item is provided to the client device by applying the appropriate protection to the data item.Type: GrantFiled: July 23, 2012Date of Patent: March 14, 2017Assignee: International Business Machines CorporationInventors: Pau-Chen Cheng, Stephen C. Gates, Lawrence Koved, Wilfried Teiken