Patents by Inventor Slawomir Grzonkowski

Slawomir Grzonkowski has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 11297083
    Abstract: Identifying and protecting against an attack against an anomaly detector machine learning classifier (ADMLC). In some embodiments, a method may include identifying training data points in a manifold space for an ADMLC, dividing the manifold space into multiple subspaces, merging each of the training data points into one of the multiple subspaces, training a subclassifier for each of the multiple subspaces to determine a decision boundary for each of the multiple subspaces between normal training data points and anomalous training data points, receiving an input data point into the ADMLC, determining whether the input data point is an attack on the ADMLC due to a threshold number of the subclassifiers classifying the input data point as an anomalous input data point, and, in response to identifying the attack against the ADMLC, protecting against the attack.
    Type: Grant
    Filed: August 15, 2019
    Date of Patent: April 5, 2022
    Assignee: CA, Inc.
    Inventors: Aditya Kuppa, Slawomir Grzonkowski
  • Patent number: 11288369
    Abstract: A computer-implemented method for detecting and protecting against malicious use of legitimate computing-system tools may include (i) identifying a computing-system tool that can perform benign actions and malicious actions on a computing system, (ii) creating a set of recorded actions by recording actions performed by the computing-system tool on the computing system over a predetermined period of time, (iii) analyzing the set of recorded actions via a machine learning method that, for each action in the set of recorded actions, determines whether the action is anomalous compared to other actions in the set, (iv) classifying an action in the set of recorded actions as malicious based at least in part on determining that the action is anomalous, and (v) initiating, in response to classifying the action as malicious, a security action related to the action. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: March 28, 2019
    Date of Patent: March 29, 2022
    Assignee: CA, INC.
    Inventors: Slawomir Grzonkowski, Aditya Kuppa
  • Patent number: 11275831
    Abstract: The disclosed computer-implemented method for detecting anomalous system command line data may include (i) receiving command line data from a target computing system, (ii) building a baseline model that utilizes machine-learning to analyze the command line data, the baseline model comprising a support-vector machine (SVM), natural language processing, and a hashing function, (iii) assigning, utilizing the baseline model, a score to each of a plurality of instances of the command line data, and (iv) identifying, based on the score, anomalous commands comprising potentially malicious data when any of the instances of the command line data fails to exceed a threshold. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: March 31, 2019
    Date of Patent: March 15, 2022
    Assignee: NortonLifeLock Inc.
    Inventors: Lamine Aouad, Slawomir Grzonkowski
  • Patent number: 11178170
    Abstract: The disclosed computer-implemented method for detecting anomalous behavior within computing sessions may include (i) identifying, by the computing device, a set of execution events that correspond to a computing session, (ii) providing, by the computing device, the set of execution events as input to an autoencoder, (iii) receiving, by the computing device and from the autoencoder, a reconstruction error associated with autoencoding the set of execution events, (iv) detecting, by the computing device and based on the reconstruction error, an anomaly within the computing session, and (v) performing, by the computing device, a security action to address the anomaly within the computing session. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: January 29, 2019
    Date of Patent: November 16, 2021
    Assignee: CA, Inc.
    Inventors: Aditya Kuppa, Slawomir Grzonkowski, Sidharth Pipriya
  • Patent number: 10977374
    Abstract: Methods and systems are provided for generating a security profile for a new computing system. One example method generally includes obtaining, over a network, information associated with a plurality of existing computing systems and generating, by a clustering algorithm, a set of clusters based on the information associated with the plurality of existing computing systems. The method further includes obtaining external data associated with the computing system and classifying the computing system into a cluster in the set of clusters based on the external data associated with the computing system. The method further includes determining the security profile based on statistics associated with the cluster and transmitting, over the network, an indication of the security profile.
    Type: Grant
    Filed: June 15, 2018
    Date of Patent: April 13, 2021
    Assignee: CA, Inc.
    Inventors: Aditya Kuppa, Pierre-Antoine Vervier, Slawomir Grzonkowski, Yun Shen
  • Publication number: 20200195683
    Abstract: The disclosed computer-implemented method for detecting anomalous behavior within computing sessions may include (i) identifying, by the computing device, a set of execution events that correspond to a computing session, (ii) providing, by the computing device, the set of execution events as input to an autoencoder, (iii) receiving, by the computing device and from the autoencoder, a reconstruction error associated with autoencoding the set of execution events, (iv) detecting, by the computing device and based on the reconstruction error, an anomaly within the computing session, and (v) performing, by the computing device, a security action to address the anomaly within the computing session. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Application
    Filed: January 29, 2019
    Publication date: June 18, 2020
    Inventors: Aditya Kuppa, Slawomir Grzonkowski, Sidharth Pipriya
  • Patent number: 10482244
    Abstract: The disclosed computer-implemented method for efficiently matching files may include (i) analyzing a file to identify a set of functions within the file and relationships between functions within the set of functions, (ii) creating a set of representations for the set of functions by, for each function, combining a representation of a size of the function with a representation of a size of each function identified, when analyzing the file, as having a relationship to the function, (iii) comparing the set of representations of the set of functions with a set of representations of an additional set of functions identified within an additional file, and (iv) determining, based on comparing the sets of representations, that the file matches the additional file. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: March 24, 2017
    Date of Patent: November 19, 2019
    Assignee: Symantec Corporation
    Inventors: Slawomir Grzonkowski, Piotr Krysiuk
  • Patent number: 9667575
    Abstract: A computer-implemented method for detecting webpages belonging to spam campaigns may include (1) identifying a web address of a suspicious webpage that potentially hosts a spam message, (2) capturing an image of the suspicious webpage, (3) comparing the image of the suspicious webpage to at least one spam image from a spam database, the spam image being associated with a spam campaign in the spam database, (4) determining, based on the comparison of the image of the suspicious webpage with the spam image, whether the suspicious webpage is associated with the spam campaign, and (5) updating the spam database in response to the determination of whether the suspicious webpage is associated with the spam campaign. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: November 4, 2013
    Date of Patent: May 30, 2017
    Assignee: Symantec Corporation
    Inventor: Slawomir Grzonkowski
  • Patent number: 9565209
    Abstract: Each node of a metric tree comprises a similarity hash of a member of a dataset of known message threats, calculated using a given similarity hashing algorithm. The nodes are organized into the tree, positioned such that the differences between the similarity hashes are represented as distances between the nodes. Messages are received and tested to determine whether they are malicious. When a message is received, a similarity hash of the message is calculated using the same similarity hashing algorithm that is used to calculate the hashes of the members of the dataset. The tree is searched for a hash of a known message threat that is within a threshold of distance to the hash of the received message. Searching the tree can take the form of traversal from the root node, to determine whether the tree contains a node within the similarity threshold.
    Type: Grant
    Filed: March 31, 2015
    Date of Patent: February 7, 2017
    Assignee: Symantec Corporation
    Inventors: Slawomir Grzonkowski, Alejandro Mosquera Lopez, Dylan Morss, Lamine Aouad
  • Patent number: 8411854
    Abstract: A method of generating a private key for use in an authentication protocol comprises, at a client: receiving a user specific identifier; converting the identifier through a one-way function to a string of a pre-determined length; and mapping said string to a permutation ?priv of a pre-determined order, said permutation being operable with a first graph G1 to generate a second graph G2=?priv(G1).
    Type: Grant
    Filed: December 10, 2008
    Date of Patent: April 2, 2013
    Assignee: National University of Ireland, Galway
    Inventors: Slawomir Grzonkowski, Wojciech Zaremba