Patents by Inventor Roy Hodgman

Roy Hodgman has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20190141012
    Abstract: Methods and systems for classifying malicious locators. A processor is trained on a set of known malicious locators using a non-supervised learning procedure. Once trained, the processor may classify new locators as being generated by a particular generation kit.
    Type: Application
    Filed: January 8, 2019
    Publication date: May 9, 2019
    Inventors: Roy Hodgman, Aditya Kuppa, Suchin Gururangan, Andrew Reece
  • Publication number: 20190141065
    Abstract: Methods and systems for neutralizing malicious locators. Threat actors may shut down their web pages or applications (i.e., resources) that serve malicious content upon receiving request(s) configured to be perceived by the resource as non-browser requests. Therefore, initiating (large-scale) non-browser requests, or requests that are at least perceived as non-browser requests, may effectively act to inhibit, or even nullify, intended attack vectors.
    Type: Application
    Filed: December 31, 2018
    Publication date: May 9, 2019
    Inventors: Roy Hodgman, Aditya Kuppa, Suchin Gururangan, Andrew Reece
  • Patent number: 10205704
    Abstract: Methods and systems for classifying malicious locators. A processor is trained on a set of known malicious locators using a non-supervised learning procedure. Once trained, the processor may classify new locators as being generated by a particular generation kit.
    Type: Grant
    Filed: July 1, 2016
    Date of Patent: February 12, 2019
    Assignee: Rapid 7, Inc.
    Inventors: Roy Hodgman, Aditya Kuppa, Suchin Gururangan, Andrew Reece
  • Patent number: 10200383
    Abstract: Methods and systems for neutralizing malicious locators. Threat actors may shut down their web pages or applications (i.e., resources) that serve malicious content upon receiving request(s) configured to be perceived by the resource as non-browser requests. Therefore, initiating (large-scale) non-browser requests, or requests that are at least perceived as non-browser requests, may effectively act to inhibit, or even nullify, intended attack vectors.
    Type: Grant
    Filed: June 29, 2016
    Date of Patent: February 5, 2019
    Assignee: Rapid7, Inc.
    Inventors: Roy Hodgman, Aditya Kuppa, Suchin Gururangan, Andrew Reece
  • Publication number: 20190028491
    Abstract: Methods and systems for detecting malicious processes. Methods described herein gather data regarding process locations and calculate one or more inequality indicators related to the process paths based on economic principles. Instances of inequality with respect to process paths may indicate a path is uncommon and therefore the associated binary is used for malicious purposes.
    Type: Application
    Filed: July 24, 2017
    Publication date: January 24, 2019
    Inventors: Roy Hodgman, Oliver Keyes, Wah-Kwan Lin, Michael Scutt, Timothy Stiller
  • Patent number: 10033757
    Abstract: Methods and systems for identifying malicious URIs. The system accepts a list of URIs as input and extracts features related to a given URI and uses the features to discover patterns that indicate malicious content. Once trained, the classifier can then classify new inputs as either malicious or non-malicious.
    Type: Grant
    Filed: June 9, 2016
    Date of Patent: July 24, 2018
    Assignee: Rapid7, Inc.
    Inventors: Roy Hodgman, Aditya Kuppa, Suchin Gururangan, Andrew Reece
  • Publication number: 20180139236
    Abstract: Methods and devices for monitoring scan attempts in a network. Various embodiments provide enhancements to existing honeypot devices. These enhancements may include at least one of: (1) a port access module configured to make at least one honeypot port appear to be closed; (2) a mobility module configured to change the address of the honeypot within the network; (3) an emulation module configured to discover a network neighbor's profile and further configured to emulate the network neighbor's profile.
    Type: Application
    Filed: November 11, 2016
    Publication date: May 17, 2018
    Inventors: Roy Hodgman, Jeffrey D. Myers
  • Publication number: 20180007003
    Abstract: Methods and systems for classifying malicious locators. A processor is trained on a set of known malicious locators using a non-supervised learning procedure. Once trained, the processor may classify new locators as being generated by a particular generation kit.
    Type: Application
    Filed: July 1, 2016
    Publication date: January 4, 2018
    Inventors: Roy Hodgman, Aditya Kuppa, Suchin Gururangan, Andrew Reece
  • Publication number: 20180007065
    Abstract: Methods and systems for neutralizing malicious locators. Threat actors may shut down their web pages or applications (i.e., resources) that serve malicious content upon receiving request(s) configured to be perceived by the resource as non-browser requests. Therefore, initiating (large-scale) non-browser requests, or requests that are at least perceived as non-browser requests, may effectively act to inhibit, or even nullify, intended attack vectors.
    Type: Application
    Filed: June 29, 2016
    Publication date: January 4, 2018
    Inventors: Roy Hodgman, Aditya Kuppa, Suchin Gururangan, Andrew Reece
  • Publication number: 20170359368
    Abstract: Methods and systems for identifying malicious URIs. The system accepts a list of URIs as input and extracts features related to a given URI and uses the features to discover patterns that indicate malicious content. Once trained, the classifier can then classify new inputs as either malicious or non-malicious.
    Type: Application
    Filed: June 9, 2016
    Publication date: December 14, 2017
    Inventors: Roy Hodgman, Aditya Kuppa, Suchin Gururangan, Andrew Reece
  • Patent number: 9830599
    Abstract: An improved technique of processing an electronic transaction is disclosed. In the improved technique, a validation operation is performed on a set of standard user input and a set of peripheral device data received by a server connected to a client computer, the validation operation verifying a link between the set of standard user input and the set of peripheral device data. Based on results of the validation operation, an authorization code is assigned to the electronic transaction.
    Type: Grant
    Filed: December 21, 2010
    Date of Patent: November 28, 2017
    Assignee: EMC IP Holding Company LLC
    Inventors: Amnon Khen, Roy Hodgman, Alon Kaufman
  • Patent number: 9660813
    Abstract: A server is configured to communicate with a group of clients over a network in one embodiment. The server maps the group of clients into a plurality of subgroups of bounded size, communicates to a given one of the clients information identifying the particular subgroup to which that client belongs as well as the other clients in that subgroup. The given client utilizes the communicated information to generate a ring signature over the corresponding subgroup of clients based on the communicated information. The subgroup size may be bounded to a minimum size and a maximum size in accordance with a variable privacy parameter. The server can increase or decrease the value of the parameter in order to provide respective increased or decreased privacy to the clients, by making it respectively more or less difficult to determine which client in a corresponding one of the subgroups produced the received ring signature.
    Type: Grant
    Filed: March 27, 2012
    Date of Patent: May 23, 2017
    Assignee: EMC IP Holding Company LLC
    Inventors: Marten Erik van Dijk, Eyal Kolman, Roy Hodgman
  • Patent number: 9594968
    Abstract: There is disclosed a method for use in authenticating a user. The method comprises obtaining a biometric input comprising a plurality of biometric attributes distinct to a user. Additionally, the method comprises selecting at least one biometric attribute in the obtained biometric input as a currently active biometric attribute. Furthermore, the method comprises based on the at least one selected currently active biometric attribute, creating a currently active biometric profile for the user for facilitating the authentication of the user.
    Type: Grant
    Filed: September 27, 2012
    Date of Patent: March 14, 2017
    Assignee: EMC IP Holding Company LLC
    Inventors: Roy Hodgman, Christopher Corde, Joshua Ungar, John G. Linn, Todd A. Morneau
  • Patent number: 9405891
    Abstract: There is disclosed a method for use in authenticating a user. The method comprises obtaining, by an electronic apparatus, a biometric input from a user comprising a plurality of biometric attributes distinct to the user, wherein the biometric attributes comprise at least one currently active and at least one currently inactive biometric attribute for authentication at an authentication server. Additionally, the method comprises selecting, by the electronic apparatus, the at least one currently active biometric attribute for authenticating the user. Furthermore, the method comprises outputting, by the electronic apparatus, an authentication output including at least one biometric factor based on the at least one selected currently active biometric attribute, wherein the authentication output acts as an authentication input to a user authentication operation performed by the authentication server.
    Type: Grant
    Filed: September 27, 2012
    Date of Patent: August 2, 2016
    Assignee: EMC Corporation
    Inventors: Roy Hodgman, Christopher Corde, Joshua Ungar, John G. Linn, Todd A. Morneau
  • Patent number: 9122857
    Abstract: There is disclosed method and system for authenticating user in authentication system comprising verifier and authentication device configured such that verifier and device comprise secret. A first voice sample of user recorded in verifier. Authentication information is generated in device. The device configured such that information generated is dynamic information based on secret. The information generated in device presented to user. An input signal received in verifier comprising a second voice sample of user and response by user to information. The input signal received in verifier in response to user responding to information by voicing response to information. The first and second samples compared in verifier. The information generated by device and response by user to information compared in verifier. An authentication result generated in verifier based on comparison of first and second samples and comparison of information and response. The result used for authenticating user.
    Type: Grant
    Filed: March 23, 2012
    Date of Patent: September 1, 2015
    Assignee: EMC Corporation
    Inventors: Daniel Hassan, Shai Granot, Roy Hodgman
  • Patent number: 9021255
    Abstract: A method includes (a) receiving, at a computing device, a first certificate signing request (1CSR) from a certificate authority (CA), the 1CSR including an embedded second certificate signing request (2CSR), the 2CSR having been received by the CA from an entity seeking a signed certificate from the CA that validates an identity claim made by the entity in the 2CSR, the CA having performed a preliminary verification of the 2CSR prior to embedding it in the 1CSR, (b) verifying that the 1CSR came from the CA, (c) performing a verification procedure on the embedded 2CSR independent of the preliminary verification performed by the CA, to validate the identity claim made by the entity in the 2CSR, and (d) upon successfully validating the identity claim made by the entity in the 2CSR, sending a certificate to the CA, the certificate validating the identity claim made by the entity in the 2CSR.
    Type: Grant
    Filed: June 29, 2012
    Date of Patent: April 28, 2015
    Assignee: EMC Corporation
    Inventors: Idan Aharoni, Roy Hodgman, Ingo Schubert
  • Patent number: 9015231
    Abstract: A server is configured to communicate with a group of clients over a network. Each of the clients obtains a corresponding informational message comprising security-related information such as an indication of compromise (IOC), inserts noise in the information message to generate an anonymized message, and communicates the anonymized message to the server. The anonymized messages communicated by the respective clients to the server may be configured so as to prevent the server from identifying any individual client associated with a particular one of the anonymized messages, while also allowing the server to extract from the anonymized messages collectively one or more characteristics of the underlying informational messages. A given client may insert noise in an informational message by, for example, selecting a noise value from a specified range of noise values, and combining the informational message and the selected noise value to generate the anonymized message.
    Type: Grant
    Filed: March 27, 2012
    Date of Patent: April 21, 2015
    Assignee: EMC Corporation
    Inventors: Roy Hodgman, Marten Erik van Dijk, Eyal Kolman
  • Patent number: 8924726
    Abstract: An improved technique involves generating an encoded representation of encrypted forms of a message which includes an institution's digital signature derived from the message. The institution sends the encoded representation to the user's computer. The user transfers an image of the encoded representation from the user's computer to a separate hand-held device. The user then derives the encrypted forms of the message and the institution's digital signature by decoding the image on the hand-held device; the user then decrypts the encrypted forms of the message and the institution's digital signature on the hand-held device. The user then sees the message without interference from an intrusive agent in a MitB attack. Further, the user can verify the institution's identity as the sender of the message by being able to validate the institution's digital signature. In this way, a MitB attack is very likely to be made apparent to the user.
    Type: Grant
    Filed: June 28, 2011
    Date of Patent: December 30, 2014
    Assignee: EMC Corporation
    Inventors: Roy Hodgman, Daniel Hassan
  • Patent number: 8925058
    Abstract: A technique of authenticating a person involves obtaining, during a current authentication session to authenticate the person, a first authentication factor from the person and a second authentication factor from the person, at least one of the first and second authentication factors being a biometric input. The technique further involves performing an authentication operation which cross references the first authentication factor with the second authentication factor. The technique further involves outputting, as a result of the authentication operation, an authentication result signal indicating whether the authentication operation has determined the person in the current authentication session likely to be legitimate or an imposter. Such authentication, which cross references authentication factors to leverage off of their interdependency, provides stronger authentication than conventional naïve authentication.
    Type: Grant
    Filed: March 29, 2012
    Date of Patent: December 30, 2014
    Assignee: EMC Corporation
    Inventors: Yedidya Dotan, William M. Duane, John Linn, Roy Hodgman, Derek Lin
  • Patent number: 8910281
    Abstract: An improved technique involves searching for emails having a particular template generated by a phishing kit. Such a template typically includes field names corresponding to credentials that a customer inputs into a spoofed web site as part of a phishing attack. The phishing kit used in a phishing attack is typically configured to construct an email so that it arranges the credentials in a regular, tabular fashion. Accordingly, an administrator configures a receiver to search an email server for emails having a sequence of keywords in a format that matches the particular template.
    Type: Grant
    Filed: June 29, 2012
    Date of Patent: December 9, 2014
    Assignee: EMC Corporation
    Inventors: Idan Aharoni, Roy Hodgman