Patents by Inventor Sean Moore

Sean Moore has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20260156132
    Abstract: Packets may be received by a packet security gateway. Responsive to a determination that an overload condition has occurred in one or more networks associated with the packet security gateway, a first group of packet filtering rules may be applied to at least some of the packets. Applying the first group of packet filtering rules may include allowing at least a first portion of the packets to continue toward their respective destinations. Responsive to a determination that the overload condition has been mitigated, a second group of packet filtering rules may be applied to at least some of the packets. Applying the second group of packet filtering rules may include allowing at least a second portion of the packets to continue toward their respective destinations.
    Type: Application
    Filed: September 23, 2025
    Publication date: June 4, 2026
    Inventors: Sean Moore, Steven Rogers, John Daniel Scoggins, SR.
  • Patent number: 12647336
    Abstract: A computing system may identify packets received by a network device from a host located in a first network and may generate log entries corresponding to the packets received by the network device. The computing system may identify packets transmitted by the network device to a host located in a second network and may generate log entries corresponding to the packets transmitted by the network device. Utilizing the log entries corresponding to the packets received by the network device and the log entries corresponding to the packets transmitted by the network device, the computing system may correlate the packets transmitted by the network device with the packets received by the network device.
    Type: Grant
    Filed: February 27, 2024
    Date of Patent: June 2, 2026
    Assignee: Centripetal Networks, LLC
    Inventors: David K. Ahn, Peter P. Geremia, Pierre Mallett, III, Sean Moore, Robert T. Perry
  • Publication number: 20260149693
    Abstract: Methods, systems, and computer-readable media for efficiently detecting threat incidents for cyber threat analysis are described herein. In various embodiments, a computing device, which may be located at a boundary between a protected network associated with the enterprise and an unprotected network, may combine one or more threat indicators received from one or more threat intelligence providers; may generate one or more packet capture and packet filtering rules based on the combined threat indicators; and, may capture or filter, on a packet-by-packet basis, at least one packet based on the generated rules. In other embodiments, a computing device may generate a packet capture file comprising raw packet content and corresponding threat context information, wherein the threat context information may comprise a filtering rule and an associated threat indicator that caused the packet to be captured.
    Type: Application
    Filed: June 30, 2025
    Publication date: May 28, 2026
    Inventors: David K. Ahn, Sean Moore
  • Patent number: 12603862
    Abstract: A packet-filtering network appliance such as a threat intelligence gateway (TIG) protects TCP/IP networks from Internet threats by enforcing certain policies on in-transit packets that are crossing network boundaries. The policies are composed of packet filtering rules derived from cyber threat intelligence (CTI). Logs of rule-matching packets and their associated flows are sent to cyberanalysis applications located at security operations centers (SOCs) and operated by cyberanalysts. Some cyber threats/attacks, or incidents, are composed of many different flows occurring at a very high rate, which generates a flood of logs that may overwhelm computer, storage, network, and cyberanalysis resources, thereby compromising cyber defenses.
    Type: Grant
    Filed: August 30, 2024
    Date of Patent: April 14, 2026
    Assignee: Centripetal Networks, LLC
    Inventors: John Fenton, Peter Geremia, Richard Goodwin, Sean Moore, Vincent Mutolo, Jess P. Parnell, Jonathan R. Rogers
  • Patent number: 12563103
    Abstract: Methods and systems for protecting a secured network are presented. For example, one or more packet security gateways may be associated with a security policy management server. At each packet security gateway, a dynamic security policy may be received from the security policy management server, packets associated with a network protected by the packet security gateway may be received, and at least one of multiple packet transformation functions specified by the dynamic security policy may be performed on the packets.
    Type: Grant
    Filed: May 7, 2024
    Date of Patent: February 24, 2026
    Assignee: Centripetal Networks, LLC
    Inventors: Steven Rogers, Sean Moore, David K. Ahn, Peter P. Geremia
  • Publication number: 20260046272
    Abstract: A packet-filtering system described herein may be configured to filter packets with encrypted hostnames in accordance with one or packet-filtering rules. The packet-filtering system may resolve a plaintext hostname from ciphertext comprising an encrypted Server Name Indication (eSNI) value. The packet-filtering system may resolve the plaintext hostname using a plurality of techniques. Once the plaintext hostname is resolved, the packet-filtering system may then use the plaintext hostname to determine whether the packets are associated with one or more threat indicators. If the packet-filtering system determines that the packets are associated with one or more threat indicators, the packet-filtering system may apply a packet filtering operation associated with the packet-filtering rules to the packets.
    Type: Application
    Filed: February 13, 2025
    Publication date: February 12, 2026
    Inventors: Sean Moore, Vincent Mutolo, Jonathan R. Rogers
  • Publication number: 20260025389
    Abstract: Malicious homoglyphic domain name (MHDN) generation and associated cyber security applications are described. MHDN generation may be performed by, for example, generating, based on training data, a set of operations for use in generating the one or more potential MHDNs, wherein each operation of the set of operations may be configured to modify a base domain name according to a respective homoglyphic characteristic. The set of operations may be used to generate one or more candidate MHDN mutators. The candidate MHDN mutators may be tested for fitness values corresponding to respective likelihoods of generating an MHDN and the candidate MHDN mutators may be applied to one or more base domain names to generate potential MHDNs.
    Type: Application
    Filed: April 8, 2025
    Publication date: January 22, 2026
    Inventors: Vincent Mutolo, Alexander Chinchilli, Sean Moore, Matthew Sparrow, Connor Tess
  • Patent number: 12513115
    Abstract: The attack vectors for some denial-of-service cyber attacks on the Internet's Domain Name System (DNS) are bad, bogus, or unregistered domain name DNS requests to resolve domain names that are not registered in the DNS. Some other cyber attacks steal sensitive data by encoding the data in bogus domain names, or domain names otherwise not registered in the DNS, that are transferred across networks in bogus DNS requests. A DNS gatekeeper may filter in-transit packets containing DNS requests and may efficiently determine if a request's domain name is registered in the DNS. When the domain name is not registered in the DNS, the DNS gatekeeper may take one of a plurality of protective actions. The DNS gatekeeper drops requests determined not to be legitimate, which may prevent an attack.
    Type: Grant
    Filed: October 11, 2023
    Date of Patent: December 30, 2025
    Assignee: Centripetal Networks, LLC
    Inventors: Sean Moore, Jonathan R. Rogers, Steven Rogers
  • Patent number: 12513175
    Abstract: A packet-filtering system configured to filter packets in accordance with packet-filtering rules may receive data indicating network-threat indicators and may configure the packet-filtering rules to cause the packet-filtering system to identify packets comprising unencrypted data, and packets comprising encrypted data. A portion of the unencrypted data may correspond to one or more of the network-threat indicators, and the packet-filtering rules may be configured to cause the packet-filtering system to determine, based on the portion of the unencrypted data, that the packets comprising encrypted data correspond to the one or more network-threat indicators.
    Type: Grant
    Filed: February 2, 2024
    Date of Patent: December 30, 2025
    Assignee: Centripetal Networks, LLC
    Inventors: David K. Ahn, Sean Moore, Douglas M. Disabello
  • Patent number: 12506710
    Abstract: Aspects of this disclosure relate to filtering network data transfers. In some variations, multiple packets may be received. A determination may be made that a portion of the packets have packet header field values corresponding to a packet filtering rule. Responsive to such a determination, an operator specified by the packet filtering rule may be applied to the portion of packets having the packet header field values corresponding to the packet filtering rule. A further determination may be made that one or more of the portion of the packets have one or more application header field values corresponding to one or more application header field criteria specified by the operator. Responsive to such a determination, at least one packet transformation function specified by the operator may be applied to the one or more of the portion of the packets.
    Type: Grant
    Filed: July 1, 2022
    Date of Patent: December 23, 2025
    Assignee: Centripetal Networks, LLC
    Inventor: Sean Moore
  • Publication number: 20250358295
    Abstract: A threat intelligence gateway (TIG) may protect TCP/IP networks from network (e.g., Internet) threats by enforcing certain policies on in-transit packets that are crossing network boundaries. The policies may be composed of packet filtering rules with packet-matching criteria derived from cyber threat intelligence (CTI) associated with Internet threats. These CTI-derived packet-filtering rules may be created offline by policy creation and management servers, which may distribute the policies to subscribing TIGs that subsequently enforce the policies on in-transit packets. Each packet filtering rule may specify a disposition that may be applied to a matching in-transit packet, such as deny/block/drop the in-transit packet or pass/allow/forward the in-transit packet, and also may specify directives that may be applied to a matching in-transit packet, such as log, capture, spoof-tcp-rst, etc.
    Type: Application
    Filed: December 23, 2024
    Publication date: November 20, 2025
    Inventors: Sean Moore, Jonathan R. Rogers, Vincent Mutolo, Peter P. Geremia
  • Patent number: 12463942
    Abstract: In some variations, first and second rule sets may be received by a network protection device. The first and second rule sets may be preprocessed. The network protection device may be configured to process packets in accordance with the first rule set. Packets may be received by the network protection device. A first portion of the packets may be processed in accordance with the first rule set. The network protection device may be reconfigured to process packets in accordance with the second rule set. A second portion of the packets may be processed in accordance with the second rule set.
    Type: Grant
    Filed: December 22, 2022
    Date of Patent: November 4, 2025
    Assignee: Centripetal Networks, LLC
    Inventors: David K. Ahn, Steven Rogers, Sean Moore
  • Publication number: 20250337763
    Abstract: HyperText Markup Language (HTML) content analysis (HCA) using machine learning is described. A feature vector schema may be generated based on domain names corresponding to HTML webpages and corresponding indications of a status of the HTML webpage. The schema may map each position in a feature vector of a given HTML webpage to a resource identifier. Information may be processed using the schema to generate respective feature vectors. The feature vectors may be used to train a model to generate risk indicators for HTML webpages. A potentially parked domain webpage or a potentially malicious domain webpage may be received. A feature vector for the webpage may be generated and inputted to the model. The model may generate a risk indicator for the webpage. The risk indicator may be output and may cause responsive actions. The model may be updated based on a determination indicating whether the webpage was a parked domain webpage or a malicious domain webpage.
    Type: Application
    Filed: April 29, 2025
    Publication date: October 30, 2025
    Inventors: Shamir Smith, Daniel Rogers, Vincent Mutolo, Sean Moore, Alexander Chinchilli, Connor Tess, Bashiri Smith
  • Patent number: 12452270
    Abstract: Packets may be received by a packet security gateway. Responsive to a determination that an overload condition has occurred in one or more networks associated with the packet security gateway, a first group of packet filtering rules may be applied to at least some of the packets. Applying the first group of packet filtering rules may include allowing at least a first portion of the packets to continue toward their respective destinations. Responsive to a determination that the overload condition has been mitigated, a second group of packet filtering rules may be applied to at least some of the packets. Applying the second group of packet filtering rules may include allowing at least a second portion of the packets to continue toward their respective destinations.
    Type: Grant
    Filed: November 4, 2022
    Date of Patent: October 21, 2025
    Assignee: Centripetal Networks, LLC
    Inventors: Sean Moore, Steven Rogers, John Daniel Scoggins, Sr.
  • Patent number: 12413553
    Abstract: Methods and systems are disclosed for integrating cyber threat intelligence (CTI), threat metadata, and threat intelligence gateways with analysis systems to form efficient and effective system for active, proactive, and reactive network protection. A network gateway may be composed of multiple stages. A first stage may include a threat intelligence gateway (TIG). A second stage may include one or more cyber analysis systems that ingest TIG-filtered communications and associated threat metadata signals. A third stage may include network protection logic that determines which protective actions. The gateway may be provisioned and configured with rules that specify the network protection policies to be enforced. The gateway may ingest all communications flowing between the protected network and the unprotected network.
    Type: Grant
    Filed: March 14, 2022
    Date of Patent: September 9, 2025
    Assignee: Centripetal Networks, LLC
    Inventors: Sean Moore, Jess P. Parnell, Jonathan R. Rogers
  • Publication number: 20250274433
    Abstract: Methods, apparatuses, systems, and machine-readable media are disclosed for improving packet filtering efficiency by reducing processing time and/or by reducing memory usage. Any of various types of data structures, such as flat hash maps and/or ruletrees, may be used by a packet filtering appliance to search for cybersecurity policy packet filtering rules that should be applied to in-transit packets. The packet filtering appliance may search the index data structures for matches of search objects, in the form of values that the packet filtering appliance extracts from in-transit packets, to threat indicator matching criteria of the policy rules. Each of the index data structures may map rule identifiers (rule IDs) of policy rules to keys that are based on (or that comprise) the matching criteria of those rules.
    Type: Application
    Filed: May 14, 2025
    Publication date: August 28, 2025
    Inventors: Sean Moore, Vincent Mutolo, Alexander Chinchilli, Paul Sprague, Christopher T. Rodney, Justin Makoto Leach
  • Patent number: 12395481
    Abstract: SSL/TLS certificate filtering devices, systems and processes may filter packets based on risk associated with each packet. A risk score may be determined for each packet based on associated threats and risks. Risk scores may be determined based on certificates, certificate authorities, and/or end users associated with each packet. The certificates may be scored and/or categorized by threats and risk.
    Type: Grant
    Filed: February 22, 2021
    Date of Patent: August 19, 2025
    Assignee: Centripetal Networks, LLC
    Inventors: Sean Moore, David K. Ahn
  • Publication number: 20250247363
    Abstract: A packet-filtering network appliance such as a threat intelligence gateway (TIG) protects TCP/IP networks from Internet threats by enforcing certain policies on in-transit packets that are crossing network boundaries. The policies are composed of packet filtering rules derived from cyber threat intelligence (CTI). Logs of rule-matching packets and their associated flows are sent to cyberanalysis applications located at security operations centers (SOCs) and operated by cyberanalysts. Some cyber threats/attacks, or incidents, are composed of many different flows occurring at a very high rate, which generates a flood of logs that may overwhelm computer, storage, network, and cyberanalysis resources, thereby compromising cyber defenses.
    Type: Application
    Filed: August 30, 2024
    Publication date: July 31, 2025
    Inventors: John Fenton, Peter Geremia, Richard Goodwin, Sean Moore, Vincent Mutolo, Jess P. Parnell, Jonathan R. Rogers
  • Patent number: 12375447
    Abstract: Methods, systems, and computer-readable media for efficiently detecting threat incidents for cyber threat analysis are described herein. In various embodiments, a computing device, which may be located at a boundary between a protected network associated with the enterprise and an unprotected network, may combine one or more threat indicators received from one or more threat intelligence providers; may generate one or more packet capture and packet filtering rules based on the combined threat indicators; and, may capture or filter, on a packet-by-packet basis, at least one packet based on the generated rules. In other embodiments, a computing device may generate a packet capture file comprising raw packet content and corresponding threat context information, wherein the threat context information may comprise a filtering rule and an associated threat indicator that caused the packet to be captured.
    Type: Grant
    Filed: June 16, 2023
    Date of Patent: July 29, 2025
    Assignee: Centripetal Networks, LLC
    Inventors: David K. Ahn, Sean Moore
  • Publication number: 20250240272
    Abstract: An enterprise organization may operate a central network and one or more remote networks, each comprising a plurality of computing devices. For protection against malicious actors, the central network may be configured to filter network traffic associated with the computing devices based on identified threats. Traffic corresponding to computing devices connected to the remote network may be tunneled to the central network for filtering by the central network. A tunnel gateway device, associated with the remote network, may efficiently identify which communications are associated with Internet threats, and tunnel such identified traffic to the central network, where actions may be taken to protect the enterprise network.
    Type: Application
    Filed: August 30, 2024
    Publication date: July 24, 2025
    Inventors: Sean Moore, Peter P. Geremia