Patents by Inventor Stephan Chenette
Stephan Chenette has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240056470Abstract: A method includes: generating a transition probability matrix defining a set of transition probabilities for a set of techniques, each transition probability representing a probability of transitioning from a technique i to a technique j; defining a set of emission probability vectors corresponding to the set of techniques, each emission probability vector representing a probability of detecting a technique i and a probability of preventing a technique i; defining an initial technique vector representing an initial probability distribution of techniques; generating a hidden Markov model correlating a target sequence of observations with a hidden state sequence of techniques based on the transition probability matrix, the set of emission probability vectors, and the initial technique vector; and calculating a sequence of techniques, based on the hidden Markov model, exhibiting greatest probability to yield, for each technique in the sequence of techniques, absence of detection or prevention of the technique.Type: ApplicationFiled: August 10, 2023Publication date: February 15, 2024Inventors: Stephen Lincoln, Rajesh Sharma, Jeremy Miller, Stephan Chenette, Albert Lopez
-
Publication number: 20230269266Abstract: A method includes: accessing an attack record defining actions representing a previous known attack on a second computer network; initializing an attack graph; for each action, defining a set of behaviors—analogous to the action and executable by an asset on a target network to emulate an effect of the action on the second computer network—and storing the set of behaviors in a node in the attack graph; connecting nodes in the attack graph according to an order of actions in the known attack; scheduling the asset to selectively execute analogous behaviors stored in the set of nodes in the attack graph; accessing alerts generated by a set of security tools deployed on the target network; and characterizing vulnerability of the target network based on alerts, in the set of alerts, indicating detection and prevention of behaviors executed by the asset according to the attack graph.Type: ApplicationFiled: May 1, 2023Publication date: August 24, 2023Inventors: Rajesh Sharma, Jeremy Miller, Stephan Chenette, Albert Lopez, Shubhi Mittal, Andres Gazzoli
-
Patent number: 11677775Abstract: A method includes: accessing an attack record defining actions representing a previous known attack on a second computer network; initializing an attack graph; for each action, defining a set of behaviors—analogous to the action and executable by an asset on a target network to emulate an effect of the action on the second computer network—and storing the set of behaviors in a node in the attack graph; connecting nodes in the attack graph according to an order of actions in the known attack; scheduling the asset to selectively execute analogous behaviors stored in the set of nodes in the attack graph; accessing alerts generated by a set of security tools deployed on the target network; and characterizing vulnerability of the target network based on alerts, in the set of alerts, indicating detection and prevention of behaviors executed by the asset according to the attack graph.Type: GrantFiled: June 3, 2022Date of Patent: June 13, 2023Assignee: AttackIQ, Inc.Inventors: Rajesh Sharma, Jeremy Miller, Stephan Chenette, Albert Lopez, Shubhi Mittal, Andres Gazzoli
-
Patent number: 11637851Abstract: A cyber security assessment platform is provided. The platform can assess the security posture of a network by deploying one or more scenarios to be executed on one or more assets on the network and analyzing the outcomes of the scenarios. A scenario can be configured to validate a device or network status, and/or mimic an unauthorized cyber-attack. Each scenario can include one or more phases defining an execution path. Related method, apparatus, systems, techniques and articles are also described.Type: GrantFiled: September 17, 2020Date of Patent: April 25, 2023Assignee: AttackIQ, Inc.Inventors: Stephan Chenette, Rajesh Kumar Sharma
-
Publication number: 20220377102Abstract: A method includes: accessing an attack record defining actions representing a previous known attack on a second computer network; initializing an attack graph; for each action, defining a set of behaviors—analogous to the action and executable by an asset on a target network to emulate an effect of the action on the second computer network—and storing the set of behaviors in a node in the attack graph; connecting nodes in the attack graph according to an order of actions in the known attack; scheduling the asset to selectively execute analogous behaviors stored in the set of nodes in the attack graph; accessing alerts generated by a set of security tools deployed on the target network; and characterizing vulnerability of the target network based on alerts, in the set of alerts, indicating detection and prevention of behaviors executed by the asset according to the attack graph.Type: ApplicationFiled: June 3, 2022Publication date: November 24, 2022Inventors: Rajesh Sharma, Jeremy Miller, Stephan Chenette, Albert Lopez, Shubhi Mittal, Andres Gazzoli
-
Publication number: 20210075821Abstract: A cyber security assessment platform is provided. The platform can assess the security posture of a network by deploying one or more scenarios to be executed on one or more assets on the network and analyzing the outcomes of the scenarios. A scenario can be configured to validate a device or network status, and/or mimic an unauthorized cyber-attack. Each scenario can include one or more phases defining an execution path. Related method, apparatus, systems, techniques and articles are also described.Type: ApplicationFiled: September 17, 2020Publication date: March 11, 2021Inventors: Stephan Chenette, Rajesh Kumar Sharma
-
Patent number: 10812516Abstract: A cyber security assessment platform is provided. The platform can assess the security posture of a network by deploying one or more scenarios to be executed on one or more assets on the network and analyzing the outcomes of the scenarios. A scenario can be configured to validate a device or network status, and/or mimic an unauthorized cyber-attack. Each scenario can include one or more phases defining an execution path. Related method, apparatus, systems, techniques and articles are also described.Type: GrantFiled: August 5, 2015Date of Patent: October 20, 2020Assignee: AttackIQ, Inc.Inventors: Stephan Chenette, Rajesh Kumar Sharma
-
Patent number: 9680866Abstract: A system and computer based method are provided for identifying active content in websites on a network. In one aspects, a method for classifying web content includes determining a first property associated with static content of a web page, determining a second property associated with the content of the web page based at least in part on active content associated with the web page, evaluating a logical expression relating the first property and the second property, at least in part by evaluating whether a constant value matches at least a portion of the content of the web page, associating the web page with a category based on a result of the evaluation, and determining whether to allow network access to the web page based on the category.Type: GrantFiled: April 6, 2015Date of Patent: June 13, 2017Assignee: Websense, LLCInventors: Victor L Baddour, Stephan Chenette, Dan Hubbard, Nicholas J Verenini, Ali A Mesdaq
-
Publication number: 20160044057Abstract: A cyber security assessment platform is provided. The platform can assess the security posture of a network by deploying one or more scenarios to be executed on one or more assets on the network and analyzing the outcomes of the scenarios. A scenario can be configured to validate a device or network status, and/or mimic an unauthorized cyber-attack. Each scenario can include one or more phases defining an execution path. Related method, apparatus, systems, techniques and articles are also described.Type: ApplicationFiled: August 5, 2015Publication date: February 11, 2016Inventors: Stephan Chenette, Rajesh Kumar Sharma
-
Publication number: 20150215326Abstract: A system and computer based method are provided for identifying active content in websites on a network. In one aspects, a method for classifying web content includes determining a first property associated with static content of a web page, determining a second property associated with the content of the web page based at least in part on active content associated with the web page, evaluating a logical expression relating the first property and the second property, at least in part by evaluating whether a constant value matches at least a portion of the content of the web page, associating the web page with a category based on a result of the evaluation, and determining whether to allow network access to the web page based on the category.Type: ApplicationFiled: April 6, 2015Publication date: July 30, 2015Inventors: Victor L. Baddour, Stephan Chenette, Dan Hubbard, Nicholas J. Verenini, Ali A. Mesdaq
-
Patent number: 9003524Abstract: A system and computer based method are provided for identifying active content in websites on a network. One embodiment includes a computer based method of classifying web content. The method receives content of a web page, and determines a first property associated with the content, the first property including static content. The method executes active content associated with the webpage, and determines a second property associated with the content based at least in part on the executing, the second property including the active content. The method also evaluates a logical expression relating the first property and the second property, and associates the web page with a category based on a result of the evaluation. The evaluation of the logical expression at least in part evaluates whether a constant value matches at least a portion of the content of the web page.Type: GrantFiled: December 23, 2013Date of Patent: April 7, 2015Assignee: Websense, Inc.Inventors: Victor L. Baddour, Stephan Chenette, Dan Hubbard, Nicholas J Verenini, Ali A. Mesdaq
-
Publication number: 20140115699Abstract: A system and computer based method are provided for identifying active content in websites on a network. One embodiment includes a computer based method of classifying web content. The method receives content of a web page, and determines a first property associated with the content, the first property including static content. The method executes active content associated with the webpage, and determines a second property associated with the content based at least in part on the executing, the second property including the active content. The method also evaluates a logical expression relating the first property and the second property, and associates the web page with a category based on a result of the evaluation. The evaluation of the logical expression at least in part evaluates whether a constant value matches at least a portion of the content of the web page.Type: ApplicationFiled: December 23, 2013Publication date: April 24, 2014Applicant: Websense, Inc.Inventors: Victor L. Baddour, Stephan Chenette, Dan Hubbard, Nicholas J. Verenini, Ali A. Mesdaq
-
Patent number: 8615800Abstract: A system and method are provided for identifying active content in websites on a network. One embodiment includes a method of classifying web content. In one embodiment, the classifications are indicative of active and/or malicious content. The method includes identifying properties associated with the web page based at least partly on the content of the web page and storing said properties in a database of web page properties. The method further includes comparing at least one definition to properties stored in the database of web page properties and identifying the web page with at least one definition based on comparing said definition with said stored properties. The method further includes identifying the web page with at least one category associated with the at least one definition, wherein said category is indicative of active content associated with the web page. Other embodiments include systems configured to perform such methods.Type: GrantFiled: July 10, 2006Date of Patent: December 24, 2013Assignee: Websense, Inc.Inventors: Victor L. Baddour, Stephan Chenette, Dan Hubbard, Nicholas J. Verenini, Ali A. Mesdaq
-
Publication number: 20120222116Abstract: A method and system for detecting a heap corruption exploit of a web browser is described. The method comprises installing or injecting a detection module into the web browser. Next, the detection module patches or hooks all calls to the detection module in order to identify calls indicating a heap corruption exploit. The identified calls are then analyzed to determine whether a heap corruption exploit is occurring.Type: ApplicationFiled: February 25, 2011Publication date: August 30, 2012Applicant: Websense, Inc.Inventor: Stephan Chenette
-
Publication number: 20080010683Abstract: A system and method are provided for identifying active content in websites on a network. One embodiment includes a method of classifying web content. In one embodiment, the classifications are indicative of active and/or malicious content. The method includes identifying properties associated with the web page based at least partly on the content of the web page and storing said properties in a database of web page properties. The method further includes comparing at least one definition to properties stored in the database of web page properties and identifying the web page with at least one definition based on comparing said definition with said stored properties. The method further includes identifying the web page with at least one category associated with the at least one definition, wherein said category is indicative of active content associated with the web page. Other embodiments include systems configured to perform such methods.Type: ApplicationFiled: July 10, 2006Publication date: January 10, 2008Inventors: Victor L. Baddour, Stephan Chenette, Dan Hubbard, Nicholas J. Verenini, Ali A. Mesdaq