Patents by Inventor Sean Moore

Sean Moore has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20240396871
    Abstract: Methods, apparatuses, systems, and machine-readable media are disclosed for improving packet filtering efficiency by reducing processing time and/or by reducing memory usage. Any of various types of data structures, such as flat hash maps and/or ruletrees, may be used by a packet filtering appliance to search for cybersecurity policy packet filtering rules that should be applied to in-transit packets. The packet filtering appliance may search the index data structures for matches of search objects, in the form of values that the packet filtering appliance extracts from in-transit packets, to threat indicator matching criteria of the policy rules. Each of the index data structures may map rule identifiers (rule IDs) of policy rules to keys that are based on (or that comprise) the matching criteria of those rules.
    Type: Application
    Filed: May 23, 2024
    Publication date: November 28, 2024
    Inventors: Sean Moore, Vincent Mutolo, Alexander Chinchilli, Paul Sprague, Christopher T. Rodney, Justin Makoto Leach
  • Patent number: 12152229
    Abstract: An electroporation apparatus has an electroporation probe terminals for linking with electrodes. A foam is injected at the treatment site to displace blood rather than mixing with it, increasing the contact time of a higher concentration of active agent with the tissue and thus resulting in greater efficacy. With foam solutions, a lower concentration of agent can be used to obtain the same therapeutic effect as in their liquid counterpart, reducing the prevalence of side effects associated with higher concentrations. A foam solution compared to an equivalent liquid solution enables more efficient cell electroporation particularly where bipolar pulses have been employed by mitigating an increase in tissue conductivity as would normally be observed with a comparable liquid solution. A more efficient cell permeabilisation would result in better results where electroporation is being delivered alone or as a tool to aid in the uptake of molecules into the cell.
    Type: Grant
    Filed: October 18, 2023
    Date of Patent: November 26, 2024
    Assignee: MIRAI MEDICAL LIMITED
    Inventors: Declan Soden, Colin Forde, Sean Kinsella, Tony Moore
  • Publication number: 20240341302
    Abstract: Numerous fields of basic research, medicine, and technology require an understanding of the biological composition and diversity in water samples. A common approach to acquiring such information is to collect samples ‘in the field’ and to subsequently extract nucleic acids in a laboratory for sequence analyses. A challenge to this pipeline is the preservation of the abundance and quality of the nucleic acids present in and around the organisms because, once a sample is harvested, it is no longer connected to the environment that established it. Many organisms, particularly microbes, rapidly adapt to such environmental changes and the relative abundance and quality of nucleic acids within them can change in a manner of minutes. A common methodology intended to address this problem is to filter the water to collect microorganisms on site and then to store the filters in a frozen state until they are processed.
    Type: Application
    Filed: August 9, 2022
    Publication date: October 17, 2024
    Inventor: Sean MOORE
  • Publication number: 20240348631
    Abstract: A packet-filtering system configured to filter packets in accordance with packet-filtering rules may receive data indicating network-threat indicators and may configure the packet-filtering rules to cause the packet-filtering system to identify packets comprising unencrypted data, and packets comprising encrypted data. A portion of the unencrypted data may correspond to one or more of the network-threat indicators, and the packet-filtering rules may be configured to cause the packet-filtering system to determine, based on the portion of the unencrypted data, that the packets comprising encrypted data correspond to the one or more network-threat indicators.
    Type: Application
    Filed: February 2, 2024
    Publication date: October 17, 2024
    Inventors: David K. Ahn, Sean Moore, Douglas M. Disabello
  • Patent number: 12113771
    Abstract: A packet-filtering network appliance such as a threat intelligence gateway (TIG) protects TCP/IP networks from Internet threats by enforcing certain policies on in-transit packets that are crossing network boundaries. The policies are composed of packet filtering rules derived from cyber threat intelligence (CTI). Logs of rule-matching packets and their associated flows are sent to cyberanalysis applications located at security operations centers (SOCs) and operated by cyberanalysts. Some cyber threats/attacks, or incidents, are composed of many different flows occurring at a very high rate, which generates a flood of logs that may overwhelm computer, storage, network, and cyberanalysis resources, thereby compromising cyber defenses.
    Type: Grant
    Filed: June 8, 2023
    Date of Patent: October 8, 2024
    Assignee: Centripetal Networks, LLC
    Inventors: John Fenton, Peter Geremia, Richard Goodwin, Sean Moore, Vincent Mutolo, Jess P. Parnell, Jonathan R. Rogers
  • Patent number: 12113772
    Abstract: An enterprise organization may operate a central network and one or more remote networks, each comprising a plurality of computing devices. For protection against malicious actors, the central network may be configured to filter network traffic associated with the computing devices based on identified threats. Traffic corresponding to computing devices connected to the remote network may be tunneled to the central network for filtering by the central network. A tunnel gateway device, associated with the remote network, may efficiently identify which communications are associated with Internet threats, and tunnel such identified traffic to the central network, where actions may be taken to protect the enterprise network.
    Type: Grant
    Filed: September 15, 2023
    Date of Patent: October 8, 2024
    Assignee: Centripetal Networks, LLC
    Inventors: Sean Moore, Peter P. Geremia
  • Patent number: 12107893
    Abstract: Methods and systems for protecting a secured network are presented. For example, one or more packet security gateways may be associated with a security policy management server. At each packet security gateway, a dynamic security policy may be received from the security policy management server, packets associated with a network protected by the packet security gateway may be received, and at least one of multiple packet transformation functions specified by the dynamic security policy may be performed on the packets.
    Type: Grant
    Filed: April 14, 2021
    Date of Patent: October 1, 2024
    Assignee: Centripetal Networks, LLC
    Inventors: Steven Rogers, Sean Moore, David K. Ahn, Peter P. Geremia
  • Publication number: 20240259345
    Abstract: The attack vectors for some denial-of-service cyber attacks on the Internet's Domain Name System (DNS) are bad, bogus, or unregistered domain name DNS requests to resolve domain names that are not registered in the DNS. Some other cyber attacks steal sensitive data by encoding the data in bogus domain names, or domain names otherwise not registered in the DNS, that are transferred across networks in bogus DNS requests. A DNS gatekeeper may filter in-transit packets containing DNS requests and may efficiently determine if a request's domain name is registered in the DNS. When the domain name is not registered in the DNS, the DNS gatekeeper may take one of a plurality of protective actions. The DNS gatekeeper drops requests determined not to be legitimate, which may prevent an attack.
    Type: Application
    Filed: October 11, 2023
    Publication date: August 1, 2024
    Inventors: Sean Moore, Jonathan R. Rogers, Steven Rogers
  • Patent number: 12034710
    Abstract: Systems, devices, and methods are disclosed for selectively decrypting SSL/TLS communications. Contents of the decrypted communications that may result in some action; for example, to terminate the communications, or to log and store the plaintext packets of the communications for subsequent content inspection and analysis. A SSL/TLS proxy may examine the information contained in the TLS handshake protocol and/or examine other information associated with the connection. Based on the examination, a proxy may determine whether or not to decrypt the encrypted communications. The proxy may take additional actions based on content inspection.
    Type: Grant
    Filed: December 20, 2021
    Date of Patent: July 9, 2024
    Assignee: Centripetal Networks, LLC
    Inventor: Sean Moore
  • Patent number: 12028311
    Abstract: Network devices that are inserted inline into network links and process in-transit packets may significantly improve their packet-throughput performance by not assigning L3 IP addresses and L2 MAC addresses to their network interfaces and thereby process packets through a logical fast path that bypasses the slow path through the operating system kernel. When virtualizing such Bump-In-The-Wire (BITW) devices for deployment into clouds, the network interfaces must have L3 IP and L2 MAC addresses assigned to them. Thus, packets are processed through the slow path of a virtual BITW device, significantly reducing the performance. By adding new logic to the virtual BITW device and/or configuring proxies, addresses, subnets, and/or routing tables, a virtual BITW device can process packets through the fast path and potentially improve performance accordingly. For example, the virtual BITW device may be configured to enforce a virtual path (comprising the fast path) through the virtual BITW device.
    Type: Grant
    Filed: June 21, 2023
    Date of Patent: July 2, 2024
    Assignee: Centripetal Networks, LLC
    Inventors: Richard Goodwin, Paul Sprague, Peter Geremia, Sean Moore
  • Patent number: 12019745
    Abstract: A cyber threat intelligence (CTI) gateway device may receive rules for filtering TCP/IP packet communications events that are configured to cause the CTI gateway device to identify communications corresponding to indicators, signatures, and behavioral patterns of network threats. The CTI gateway device may receive packets that compose endpoint-to-endpoint communication events and, for each event, may determine that the event corresponds to criteria specified by a filtering rule. The criteria may correspond to one or more of the network threat indicators, signatures, and behavioral patterns. The CTI gateway may create a log of the threat event and forward the threat event log to a task queue managed by a cyberanalysis workflow application. Human cyberanalysts use the cyberanalysis workflow application to service the task queue by removing the task at the front of the queue, investigating the threat event, and deciding whether the event is a reportable finding that should be reported to the proper authorities.
    Type: Grant
    Filed: September 20, 2023
    Date of Patent: June 25, 2024
    Assignee: Centripetal Networks, LLC
    Inventors: Sean Moore, Jonathan R. Rogers, Jess P. Parnell, Zachary Ehnerd
  • Patent number: 12021835
    Abstract: A packet gateway may protect TCP/IP networks by enforcing security policies on in-transit packets that are crossing network boundaries. The policies may include packet filtering rules derived from cyber threat intelligence (CTI). The rapid growth in the volume of CTI and in the size of associated CTI-derived policies, coupled with ever-increasing network link speeds and network traffic volume, may cause the costs of sufficient computational resources to be prohibitive. To efficiently process packets, a packet gateway may be provided with at least one probabilistic data structure, such as a Bloom filter, for testing packets to determine if packet data may match a packet filtering rule. Packet filtering rules may be grouped into subsets of rules, and a data structure may be provided for determining a matching subset of rules associated with a particular packet.
    Type: Grant
    Filed: April 7, 2021
    Date of Patent: June 25, 2024
    Assignee: Centripetal Networks, LLC
    Inventors: Sean Moore, Jonathan R. Rogers, Steven Rogers
  • Patent number: 12015626
    Abstract: A packet-filtering device may receive packet-filtering rules configured to cause the packet-filtering device to identify packets corresponding to network-threat indicators. The packet-filtering device may receive packets and, for each packet, may determine that the packet corresponds to criteria specified by a packet-filtering rule. The criteria may correspond to one or more of the network-threat indicators. The packet-filtering device may apply an operator specified by the packet-filtering rule. The operator may be configured to cause the packet-filtering device to either prevent the packet from continuing toward its destination or allow the packet to continue toward its destination.
    Type: Grant
    Filed: September 8, 2023
    Date of Patent: June 18, 2024
    Assignee: Centripetal Networks, LLC
    Inventors: David K. Ahn, Keith A. George, Peter P. Geremia, Pierre Mallett, III, Sean Moore, Robert T. Perry, Jonathan R. Rogers
  • Patent number: 12015590
    Abstract: Enterprise users' mobile devices typically access the Internet without being protected by the enterprise's network security policy, which exposes the enterprise network to Internet-mediated attack by malicious actors. This is because the conventional approach to protecting the mobile devices and associated enterprise network is to tunnel all of the devices' Internet communications to the enterprise network, which is very inefficient since typically only a very small percentage of Internet communications originating from an enterprise's mobile devices are communicating with Internet hosts that are associated with threats. In the present disclosure, the mobile device efficiently identifies which communications are associated with Internet threats, and tunnels only such identified traffic to the enterprise network, where actions may be taken to protect the enterprise network.
    Type: Grant
    Filed: June 10, 2022
    Date of Patent: June 18, 2024
    Assignee: Centripetal Networks, LLC
    Inventors: Sean Moore, Peter P. Geremia
  • Patent number: 12010135
    Abstract: A packet-filtering system configured to filter packets in accordance with packet-filtering rules may receive data indicating network-threat indicators and may configure the packet-filtering rules to cause the packet-filtering system to identify packets comprising unencrypted data, and packets comprising encrypted data. A portion of the unencrypted data may correspond to one or more of the network-threat indicators, and the packet-filtering rules may be configured to cause the packet-filtering system to determine, based on the portion of the unencrypted data, that the packets comprising encrypted data correspond to the one or more network-threat indicators.
    Type: Grant
    Filed: September 19, 2023
    Date of Patent: June 11, 2024
    Assignee: Centripetal Networks, LLC
    Inventors: David K. Ahn, Sean Moore, Douglas M. Disabello
  • Publication number: 20240187422
    Abstract: Malicious homoglyphic domain name (MHDN) detection and associated cyber security applications are described. A domain name may be received that may be a potential MHDN. Homoglyphic domain name detection may be performed by, for example, generating a normalized character string corresponding to the input domain name by applying one or more normalization operations to the input domain name, wherein the one or more normalization operations may be configured to reduce homoglyphic characteristics in the input domain name; and generating a plurality of segmentations of the normalized character string, wherein generating each segmentation, of the plurality of segmentations, may comprise segmenting the normalized character string into a respective plurality of segments, and wherein each segmentation may comprise a different plurality of segments. A segmentation may be selected based on cost values corresponding to each respective segmentation determined using a cost function.
    Type: Application
    Filed: February 13, 2024
    Publication date: June 6, 2024
    Inventors: Vincent Mutolo, Alexander Chinchilli, Sean Moore, Matthew Sparrow, Connor Tess
  • Patent number: 11997109
    Abstract: Malicious homoglyphic domain name (MHDN) detection and associated cyber security applications are described. A domain name may be received that may be a potential MHDN. Homoglyphic domain name detection may be performed by, for example, generating a normalized character string corresponding to the input domain name by applying one or more normalization operations to the input domain name, wherein the one or more normalization operations may be configured to reduce homoglyphic characteristics in the input domain name; and generating a plurality of segmentations of the normalized character string, wherein generating each segmentation, of the plurality of segmentations, may comprise segmenting the normalized character string into a respective plurality of segments, and wherein each segmentation may comprise a different plurality of segments. A segmentation may be selected based on cost values corresponding to each respective segmentation determined using a cost function.
    Type: Grant
    Filed: July 17, 2023
    Date of Patent: May 28, 2024
    Assignee: Centripetal Networks, LLC
    Inventors: Vincent Mutolo, Alexander Chinchilli, Sean Moore, Matthew Sparrow, Connor Tess
  • Publication number: 20240171542
    Abstract: A packet-filtering system described herein may be configured to filter packets with encrypted hostnames in accordance with one or packet-filtering rules. The packet-filtering system may resolve a plaintext hostname from ciphertext comprising an encrypted Server Name Indication (eSNI) value. The packet-filtering system may resolve the plaintext hostname using a plurality of techniques. Once the plaintext hostname is resolved, the packet-filtering system may then use the plaintext hostname to determine whether the packets are associated with one or more threat indicators. If the packet-filtering system determines that the packets are associated with one or more threat indicators, the packet-filtering system may apply a packet filtering operation associated with the packet-filtering rules to the packets.
    Type: Application
    Filed: November 13, 2023
    Publication date: May 23, 2024
    Applicant: Centripetal Networks, LLC
    Inventors: Sean Moore, Vincent Mutolo, Jonathan R. Rogers
  • Publication number: 20240154977
    Abstract: A threat intelligence gateway (TIG) may protect TCP/IP networks from network (e.g., Internet) threats by enforcing certain policies on in-transit packets that are crossing network boundaries. The policies may be composed of packet filtering rules with packet-matching criteria derived from cyber threat intelligence (CTI) associated with Internet threats. These CTI-derived packet-filtering rules may be created offline by policy creation and management servers, which may distribute the policies to subscribing TIGs that subsequently enforce the policies on in-transit packets. Each packet filtering rule may specify a disposition that may be applied to a matching in-transit packet, such as deny/block/drop the in-transit packet or pass/allow/forward the in-transit packet, and also may specify directives that may be applied to a matching in-transit packet, such as log, capture, spoof-tcp-rst, etc.
    Type: Application
    Filed: October 13, 2023
    Publication date: May 9, 2024
    Inventors: Sean Moore, Jonathan R. Rogers, Vincent Mutolo, Peter P. Geremia
  • Patent number: 11956338
    Abstract: A computing system may identify packets received by a network device from a host located in a first network and may generate log entries corresponding to the packets received by the network device. The computing system may identify packets transmitted by the network device to a host located in a second network and may generate log entries corresponding to the packets transmitted by the network device. Utilizing the log entries corresponding to the packets received by the network device and the log entries corresponding to the packets transmitted by the network device, the computing system may correlate the packets transmitted by the network device with the packets received by the network device.
    Type: Grant
    Filed: May 19, 2023
    Date of Patent: April 9, 2024
    Assignee: Centripetal Networks, LLC
    Inventors: David K. Ahn, Peter P. Geremia, Pierre Mallett, III, Sean Moore, Robert T. Perry