Patents by Inventor Steven E. Sinks
Steven E. Sinks has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240121251Abstract: A network security computing system includes a steganographic communications analysis engine monitoring incoming and outgoing messages on a secure computing network. The steganographic communications analysis engine identifies a pattern of file transfers between a first computing device on the secure computing network and an internal or external message recipient. When a pattern is identified, the steganographic communications analysis engine quarantines an associated computing device from the secure network. The steganographic communications analysis engine analyzes files transferred between the computing device and the recipient for indications of steganographic information and causes display, based on an identified indication of steganography, an indication that the computing device had been compromised by command and control malware.Type: ApplicationFiled: December 18, 2023Publication date: April 11, 2024Applicant: Bank of America CorporationInventors: Steven E. Sinks, Jonathan Sheedy
-
Publication number: 20240121257Abstract: A network traffic correlation engine monitors inbound and/or outbound connection information received from on each host computer system on a network. Each host device on the network store data logs corresponding to information corresponding to communications sent by the device and received by the device. The network traffic correlation engine correlates connections between different hosts throughout the network. If the network traffic correlation engine identified unmatched outbound and inbound connections, the network traffic correlation engine generates an alert to initiate further investigation and may also provide a mapping of the communications showing a possible start device for the connection and/or a type of access that the connections may now be providing.Type: ApplicationFiled: December 18, 2023Publication date: April 11, 2024Inventors: Jonathan Sheedy, Steven E. Sinks
-
Patent number: 11949696Abstract: A system determines baseline deployment properties of operating system deployments stored by a deployment repository and endpoint deployment properties of a deployed operating system executed by an endpoint device. An artificial intelligence model is configured to determine a security response based at least in part on the endpoint deployment properties of the endpoint device. By providing the endpoint deployment properties to the artificial intelligence model, a mismatch value is determined that corresponds to an amount that the endpoint deployment properties are different than the baseline deployment properties. Based on the mismatch value, an action is determined to improve security of the deployed operating system executed by the endpoint device. The determined action is executed to improve security of the deployed operating system.Type: GrantFiled: December 17, 2021Date of Patent: April 2, 2024Assignee: Bank of America CorporationInventors: Jeffrey Wayne Texada, Steven E. Sinks
-
Publication number: 20240106729Abstract: A lateral movement identification tool analyzes communications sent and received from a local host to identify potential instances of lateral movement. When the host-based lateral movement identification tool identifies a host to host connection, the tool processes one or more artificial intelligence algorithms to analyze information from local network resources including a directory service, a local network system such as a network basic input/output system, a domain name system, and event logs. The lateral movement identification tool correlates the aggregated information with identified host to host messaging and sends alerts when lateral movement is suspected. Alerts may be either presented locally or provided to a central console based on configuration information.Type: ApplicationFiled: December 4, 2023Publication date: March 28, 2024Applicant: Bank of America CorporationInventors: Steven E, Sinks, Jonathan Sheedy
-
Patent number: 11888720Abstract: A lateral movement identification tool analyzes communications sent and received from a local host to identify potential instances of lateral movement. When the host-based lateral movement identification tool identifies a host to host connection, the tool processes one or more artificial intelligence algorithms to analyze information from local network resources including a directory service, a local network system such as a network basic input/output system, a domain name system, and event logs. The lateral movement identification tool correlates the aggregated information with identified host to host messaging and sends alerts when lateral movement is suspected. Alerts may be either presented locally or provided to a central console based on configuration information.Type: GrantFiled: February 28, 2023Date of Patent: January 30, 2024Assignee: Bank of America CorporationInventors: Steven E. Sinks, Jonathan Sheedy
-
Patent number: 11888882Abstract: A network traffic correlation engine monitors inbound and/or outbound connection information received from on each host computer system on a network. Each host device on the network store data logs corresponding to information corresponding to communications sent by the device and received by the device. The network traffic correlation engine correlates connections between different hosts throughout the network. If the network traffic correlation engine identified unmatched outbound and inbound connections, the network traffic correlation engine generates an alert to initiate further investigation and may also provide a mapping of the communications showing a possible start device for the connection and/or a type of access that the connections may now be providing.Type: GrantFiled: January 18, 2023Date of Patent: January 30, 2024Assignee: Bank of America CorporationInventors: Jonathan Sheedy, Steven E. Sinks
-
Patent number: 11816638Abstract: Aspects of the disclosure relate to email verification. A computing platform may receive an electronic message and identify one or more portions of content in the message. Then, the computing platform may generate and embed one or more message-specific identifiers into the electronic message and store electronic message information associating the one or more portions of content with the one or more embedded message-specific identifiers. Thereafter, the computing platform may receive an electronic message verification request to verify authenticity of an identified electronic message received by a computing device. The computing platform may prompt a user of the computing device to provide authentication information associated with one or more portions of content of the identified electronic message.Type: GrantFiled: October 14, 2020Date of Patent: November 14, 2023Assignee: Bank of America CorporationInventors: Jonathan Sheedy, Steven E. Sinks, Brian P. Prange, Matthew W. Findley, Jared D. Wilson, Donald C. Hess, Brian Devine
-
Publication number: 20230208739Abstract: A lateral movement identification tool analyzes communications sent and received from a local host to identify potential instances of lateral movement. When the host-based lateral movement identification tool identifies a host to host connection, the tool processes one or more artificial intelligence algorithms to analyze information from local network resources including a directory service, a local network system such as a network basic input/output system, a domain name system, and event logs. The lateral movement identification tool correlates the aggregated information with identified host to host messaging and sends alerts when lateral movement is suspected. Alerts may be either presented locally or provided to a central console based on configuration information.Type: ApplicationFiled: February 28, 2023Publication date: June 29, 2023Applicant: Bank of America CorporationInventors: Steven E. Sinks, Jonathan Sheedy
-
Publication number: 20230199004Abstract: A system determines baseline deployment properties of operating system deployments stored by a deployment repository and endpoint deployment properties of a deployed operating system executed by an endpoint device. An artificial intelligence model is configured to determine a security response based at least in part on the endpoint deployment properties of the endpoint device. By providing the endpoint deployment properties to the artificial intelligence model, a mismatch value is determined that corresponds to an amount that the endpoint deployment properties are different than the baseline deployment properties. Based on the mismatch value, an action is determined to improve security of the deployed operating system executed by the endpoint device. The determined action is executed to improve security of the deployed operating system.Type: ApplicationFiled: December 17, 2021Publication date: June 22, 2023Inventors: Jeffrey Wayne Texada, Steven E. Sinks
-
Publication number: 20230156029Abstract: A network traffic correlation engine monitors inbound and/or outbound connection information received from on each host computer system on a network. Each host device on the network store data logs corresponding to information corresponding to communications sent by the device and received by the device. The network traffic correlation engine correlates connections between different hosts throughout the network. If the network traffic correlation engine identified unmatched outbound and inbound connections, the network traffic correlation engine generates an alert to initiate further investigation and may also provide a mapping of the communications showing a possible start device for the connection and/or a type of access that the connections may now be providing.Type: ApplicationFiled: January 18, 2023Publication date: May 18, 2023Applicant: Bank of America CorporationInventors: Jonathan Sheedy, Steven E. Sinks
-
Patent number: 11632321Abstract: A lateral movement identification tool analyzes communications sent and received from a local host to identify potential instances of lateral movement. When the host-based lateral movement identification tool identifies a host to host connection, the tool processes one or more artificial intelligence algorithms to analyze information from local network resources including a directory service, a local network system such as a network basic input/output system, a domain name system, and event logs. The lateral movement identification tool correlates the aggregated information with identified host to host messaging and sends alerts when lateral movement is suspected. Alerts may be either presented locally or provided to a central console based on configuration information.Type: GrantFiled: September 3, 2021Date of Patent: April 18, 2023Assignee: Bank of America CorporationInventors: Steven E. Sinks, Jonathan Sheedy
-
Patent number: 11601457Abstract: A network traffic correlation engine monitors inbound and/or outbound connection information received from on each host computer system on a network. Each host device on the network store data logs corresponding to information corresponding to communications sent by the device and received by the device. The network traffic correlation engine correlates connections between different hosts throughout the network. If the network traffic correlation engine identified unmatched outbound and inbound connections, the network traffic correlation engine generates an alert to initiate further investigation and may also provide a mapping of the communications showing a possible start device for the connection and/or a type of access that the connections may now be providing.Type: GrantFiled: August 26, 2020Date of Patent: March 7, 2023Assignee: Bank of America CorporationInventors: Jonathan Sheedy, Steven E. Sinks
-
Patent number: 11575694Abstract: A network security computing system includes a steganographic communications analysis engine monitoring incoming and outgoing messages on a secure computing network. The steganographic communications analysis engine identifies a pattern of file transfers between a first computing device on the secure computing network and an internal or external message recipient. When a pattern is identified, the steganographic communications analysis engine quarantines an associated computing device from the secure network. The steganographic communications analysis engine analyzes files transferred between the computing device and the recipient for indications of steganographic information and causes display, based on an identified indication of steganography, an indication that the computing device had been compromised by command and control malware.Type: GrantFiled: January 20, 2021Date of Patent: February 7, 2023Assignee: Bank of America CorporationInventors: Steven E. Sinks, Jonathan Sheedy
-
Publication number: 20220232019Abstract: A network security computing system includes a steganographic communications analysis engine monitoring incoming and outgoing messages on a secure computing network. The steganographic communications analysis engine identifies a pattern of file transfers between a first computing device on the secure computing network and an internal or external message recipient. When a pattern is identified, the steganographic communications analysis engine quarantines an associated computing device from the secure network. The steganographic communications analysis engine analyzes files transferred between the computing device and the recipient for indications of steganographic information and causes display, based on an identified indication of steganography, an indication that the computing device had been compromised by command and control malware.Type: ApplicationFiled: January 20, 2021Publication date: July 21, 2022Inventors: Steven E. Sinks, Jonathan Sheedy
-
Publication number: 20220222648Abstract: Embodiments of the invention are directed to a system, method, and computer program product for completion of a resource transfer using a temporary resource patch. The system receives a request for a resource transaction associated with a temporary resource patch. The system determines whether the temporary resource patch can complete the resource transaction. The system executes the transaction if the temporary resource patch can complete the resource transaction.Type: ApplicationFiled: January 12, 2021Publication date: July 14, 2022Applicant: BANK OF AMERICA CORPORATIONInventors: Cynthia A. Frick, Melissa Major Summitt, Andrea M. Weisberger, Nicholas Gregory Grant, Mark Trenton Cimijotti, Khyree B. Bolden, Steven E. Sinks
-
Publication number: 20220114553Abstract: Aspects of the disclosure relate to email verification. A computing platform may receive an electronic message and identify one or more portions of content in the message. Then, the computing platform may generate and embed one or more message-specific identifiers into the electronic message and store electronic message information associating the one or more portions of content with the one or more embedded message-specific identifiers. Thereafter, the computing platform may receive an electronic message verification request to verify authenticity of an identified electronic message received by a computing device. The computing platform may prompt a user of the computing device to provide authentication information associated with one or more portions of content of the identified electronic message.Type: ApplicationFiled: October 14, 2020Publication date: April 14, 2022Inventors: Jonathan Sheedy, Steven E. Sinks, Brian P. Prange, Matthew W. Findley, Jared D. Wilson, Donald C. Hess, Brian Devine
-
Publication number: 20220070188Abstract: A network traffic correlation engine monitors inbound and/or outbound connection information received from on each host computer system on a network. Each host device on the network store data logs corresponding to information corresponding to communications sent by the device and received by the device. The network traffic correlation engine correlates connections between different hosts throughout the network. If the network traffic correlation engine identified unmatched outbound and inbound connections, the network traffic correlation engine generates an alert to initiate further investigation and may also provide a mapping of the communications showing a possible start device for the connection and/or a type of access that the connections may now be providing.Type: ApplicationFiled: August 26, 2020Publication date: March 3, 2022Inventors: Jonathan Sheedy, Steven E. Sinks
-
Publication number: 20220060502Abstract: A network environment scanning engine may monitor electronic communications received via an external computing network and by an enterprise computing system. The network environment scanning engine after receipt of an electronic message, analyze the electronic message to identify, by a network environment scanning engine using a machine learning algorithm, executable code for execution by a processor of computing device addressed as a recipient of the message. The network environment scanning engine further analyzes, using a machine-learning based algorithm in a virtual security environment, the executable code to identify whether the executable code comprises one or more environment variables.Type: ApplicationFiled: August 24, 2020Publication date: February 24, 2022Inventors: Jonathan Sheedy, Steven E. Sinks
-
Publication number: 20220029907Abstract: A lateral movement identification tool analyzes communications sent and received from a local host to identify potential instances of lateral movement. When the host-based lateral movement identification tool identifies a host to host connection, the tool processes one or more artificial intelligence algorithms to analyze information from local network resources including a directory service, a local network system such as a network basic input/output system, a domain name system, and event logs. The lateral movement identification tool correlates the aggregated information with identified host to host messaging and sends alerts when lateral movement is suspected. Alerts may be either presented locally or provided to a central console based on configuration information.Type: ApplicationFiled: September 3, 2021Publication date: January 27, 2022Inventors: Steven E. Sinks, Jonathan Sheedy
-
Patent number: 11146472Abstract: A lateral movement identification tool analyzes communications sent and received from a local host to identify potential instances of lateral movement. When the host-based lateral movement identification tool identifies a host to host connection, the tool processes one or more artificial intelligence algorithms to analyze information from local network resources including a directory service, a local network system such as a network basic input/output system, a domain name system, and event logs. The lateral movement identification tool correlates the aggregated information with identified host to host messaging and sends alerts when lateral movement is suspected. Alerts may be either presented locally or provided to a central console based on configuration information.Type: GrantFiled: July 21, 2020Date of Patent: October 12, 2021Assignee: Bank of America CorporationInventors: Steven E. Sinks, Jonathan Sheedy