Patents by Inventor Torsten Zeppenfeld

Torsten Zeppenfeld has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20240144190
    Abstract: An email is received that is from an email sender. From the email, the display name of the email sender, an email address of the email sender, and an email domain of the email sender, is extracted. A score is determined for the email based on at least: the extracted display name of the email sender, the extracted email address of the email sender, and the extracted email domain of the email sender, where the score indicates a probability that the email is from a legitimate sender. Message content of the email is input into multiple classifiers each corresponding to a particular message type. The message type of the email is determined based on output of the classifiers. Based on at least the determined score for the email and the determined message type of the email, a determination is made whether the email is associated with a BEC attack.
    Type: Application
    Filed: December 22, 2023
    Publication date: May 2, 2024
    Inventors: Umalatha Batchu, Torsten Zeppenfeld, Blake Darche, Philip Syme
  • Patent number: 11861563
    Abstract: In an embodiment, the disclosed technologies monitor electronic message traffic between a network and a recipient computer system. An embodiment includes obtaining, from an electronic message received from the network, a triple of a display name, email address, and sending domain, determining a name score for triple, and determining characteristics of the electronic message. The name score of the triple and the characteristics of the electronic message may be used to determine whether the electronic message is a spoofing attack such as a business email compromise (BEC) attack. In response to determining that the electronic message is malicious, an embodiment may cause the network to at least one of modify, delay, re-route, or block transmission of the electronic message to the recipient computer system.
    Type: Grant
    Filed: January 15, 2021
    Date of Patent: January 2, 2024
    Assignee: CLOUDFLARE, INC.
    Inventors: Umalatha Batchu, Torsten Zeppenfeld, Blake Darche, Philip Syme
  • Publication number: 20230153434
    Abstract: In an embodiment, a computer-implemented method includes receiving, from a pre-processor, an output file; where the output file is created by the pre-processor in response to input of an electronic file to the pre-processor; where the electronic file is an attachment to a message that is in-transit to a recipient computer on a network; where the output file contains features that are created by the pre-processor analyzing one or more sub-features of the electronic file; receiving, from a machine learning-based classifier, malware classification data that indicates whether the electronic file does or does not contain malware; where the malware classification data is output by the machine learning-based classifier in response to the machine learning-based classifier determining that the features are or are not indicators of obfuscation; where data used to create the machine learning-based classifier includes output files previously created by the pre-processor; in response to the malware classification data mat
    Type: Application
    Filed: January 17, 2023
    Publication date: May 18, 2023
    Inventors: Torsten Zeppenfeld, Javier Castro
  • Patent number: 11556644
    Abstract: In an embodiment, a computer-implemented method includes receiving, from a pre-processor, an output file; where the output file is created by the pre-processor in response to input of an electronic file to the pre-processor; where the electronic file is an attachment to a message that is in-transit to a recipient computer on a network; where the output file contains features that are created by the pre-processor analyzing one or more sub-features of the electronic file; receiving, from a machine learning-based classifier, malware classification data that indicates whether the electronic file does or does not contain malware; where the malware classification data is output by the machine learning-based classifier in response to the machine learning-based classifier determining that the features are or are not indicators of obfuscation; where data used to create the machine learning-based classifier includes output files previously created by the pre-processor; in response to the malware classification data mat
    Type: Grant
    Filed: December 24, 2018
    Date of Patent: January 17, 2023
    Assignee: CLOUDFLARE, INC.
    Inventors: Torsten Zeppenfeld, Javier Castro
  • Publication number: 20220230142
    Abstract: In an embodiment, the disclosed technologies monitor electronic message traffic between a network and a recipient computer system. An embodiment includes obtaining, from an electronic message received from the network, a triple of a display name, email address, and sending domain, determining a name score for triple, and determining characteristics of the electronic message. The name score of the triple and the characteristics of the electronic message may be used to determine whether the electronic message is a spoofing attack such as a business email compromise (BEC) attack. In response to determining that the electronic message is malicious, an embodiment may cause the network to at least one of modify, delay, re-route, or block transmission of the electronic message to the recipient computer system.
    Type: Application
    Filed: January 15, 2021
    Publication date: July 21, 2022
    Inventors: Umalatha Batchu, Torsten Zeppenfeld, Blake Darche, Philip Syme
  • Patent number: 11050698
    Abstract: In an embodiment, the disclosed technologies monitor electronic message traffic between a network and a recipient computer system. An embodiment includes extracting, from an electronic message received from the network, a sending domain and message data, computing a lookalike score based on the sending domain, and assigning a message type to the electronic message based on the message data. The lookalike score and the message type may be used to determine whether the electronic message is a spoofing attack such as a business email compromise (BEC) attack. In response to determining that the electronic message is malicious, an embodiment may cause the network to at least one of modify, delay, re-route, or block transmission of the electronic message to the recipient computer system.
    Type: Grant
    Filed: September 18, 2020
    Date of Patent: June 29, 2021
    Assignee: Area 1 Security, Inc.
    Inventors: Umalatha N. Batchu, YenHsiang Chang, Torsten Zeppenfeld, Debashri Mukherjee, Paul East
  • Patent number: 10528731
    Abstract: Techniques are described herein for detecting malicious program code stored on computer devices before the code can be executed to potentially compromise a computer network. In an embodiment, a method comprises receiving, at a computer device, a file containing instructions in a programming language; based on a syntax of the programming language, parsing the file to generate parsed information, and based on the parsed information, generating a syntax tree for the file; identifying one or more alphanumeric strings in the syntax tree, and based on the alphanumeric strings, generating a syntax string for the syntax tree; generating a hash digest by applying a piecewise hashing to the alphanumeric strings in the syntax string; determining whether the hash digest indicates that the file contains potentially malicious code; in response to determining that the hash digest indicates that the file contains the potentially malicious code, performing a responsive action.
    Type: Grant
    Filed: September 21, 2017
    Date of Patent: January 7, 2020
    Assignee: AREA 1 SECURITY, INC.
    Inventors: Philip Syme, Torsten Zeppenfeld, Peter Stein
  • Publication number: 20170133017
    Abstract: Systems, methods, and media for determining fraud risk from audio signals and non-audio data are provided herein. Some exemplary methods include receiving an audio signal and an associated audio signal identifier, receiving a fraud event identifier associated with a fraud event, determining a speaker model based on the received audio signal, determining a channel model based on a path of the received audio signal, using a server system, updating a fraudster channel database to include the determined channel model based on a comparison of the audio signal identifier and the fraud event identified, and updating a fraudster voice database to include the determined speaker model based on a comparison of the audio signal identifier and the fraud event identifier.
    Type: Application
    Filed: October 13, 2016
    Publication date: May 11, 2017
    Inventors: Anthony Rajakumar, Torsten Zeppenfeld, Lisa Guerra, Vipul Vyas
  • Patent number: 9571652
    Abstract: Enhanced diarization systems and methods of use are provided herein. Some exemplary methods may include applying one or more rules that affect separation of the call audio data into segments, the rules being associated with the at least one call schema, separating the call audio data into segments according to the one or more rules, grouping segments of call audio data associated with a speaker, and storing in a storage media an identifier and the grouped segments for the speaker.
    Type: Grant
    Filed: April 9, 2012
    Date of Patent: February 14, 2017
    Assignee: VERINT AMERICAS INC.
    Inventors: Torsten Zeppenfeld, Richard Gutierrez, Lisa Guerra, Andrew S. Efron, Anthony Rajakumar
  • Publication number: 20150381801
    Abstract: Systems, methods, and media for disambiguating call data are provided herein. Some exemplary methods include receiving notification of a fraud event including a customer account identifier and a fraud time stamp; determining a time frame that is proximate the fraud time stamp; collecting call events associated with the customer account identifier that occur during the determined time frame, each call event including a unique call event identifier, a voice sample, and a call event time stamp; identifying a first call event belonging to a first speaker and a second call event belonging to a second speaker; and generating a timeline presentation that includes the first call event and call event timestamp and an identification of a first voice sample as belonging to the first speaker, the second call event and call event timestamp and an identification of a second voice sample as belonging to the second speaker.
    Type: Application
    Filed: July 1, 2015
    Publication date: December 31, 2015
    Inventors: Anthony Rajakumar, Lisa Guerra, Torsten Zeppenfeld, Vipul Vyas
  • Patent number: 9172808
    Abstract: Systems and methods for authenticating callers are disclosed that may obtain identifying data and a voice print, and compare the voice print to one or more stored voice prints. Further, one or more initial scores may be calculated based on the data and the comparison, and a confidence interval score may also be calculated. The systems and methods may determine whether to authenticate based on the one or more initial scores and the confidence interval score.
    Type: Grant
    Filed: February 24, 2014
    Date of Patent: October 27, 2015
    Assignee: Verint Americas Inc.
    Inventors: Torsten Zeppenfeld, Joseph James Schmid, Manish Brijkishor Sharma, Lisa Marie Guerra, Richard Gutierrez, Mark Andrew Lazar, Vipul Niranjan Vyas
  • Patent number: 9113001
    Abstract: Systems, methods, and media for disambiguating call data are provided herein. Some exemplary methods include receiving, via a fraud notification system, notification of a fraud event associated with a customer account, the fraud event comprising a time stamp, determining, via a call selection module, unique voice samples or models from call events obtained within a time frame that is temporally proximate the fraud event, and generating a timeline presentation that includes each unique voice sample or model identified in the call events based upon a time stamp associated with the call events.
    Type: Grant
    Filed: May 29, 2012
    Date of Patent: August 18, 2015
    Assignee: Verint Americas Inc.
    Inventors: Anthony Rajakumar, Lisa Guerra, Torsten Zeppenfeld, Vipul Vyas
  • Patent number: 8903859
    Abstract: Systems, methods, and media for generating fused risk scores for determining fraud in call data are provided herein. Some exemplary methods include generating a fused risk score used to determine fraud from call data by generating a fused risk score for a leg of call data, via a fuser module of an analysis system, the fused risk score being generated by fusing together two or more uniquely calculated fraud risk scores, each of the uniquely calculated fraud risk scores being generated by a sub-module of the analysis system; and storing the fused risk score in a storage device that is communicatively couplable with the fuser module.
    Type: Grant
    Filed: March 8, 2012
    Date of Patent: December 2, 2014
    Assignee: Verint Americas Inc.
    Inventors: Torsten Zeppenfeld, N. Nikki Mirghafori, Lisa Guerra, Richard Gutierrez, Anthony Rajakumar
  • Publication number: 20140254778
    Abstract: Systems and methods for authenticating callers are disclosed that may obtain identifying data and a voice print, and compare the voice print to one or more stored voice prints. Further, one or more initial scores may be calculated based on the data and the comparison, and a confidence interval score may also be calculated. The systems and methods may determine whether to authenticate based on the one or more initial scores and the confidence interval score.
    Type: Application
    Filed: February 24, 2014
    Publication date: September 11, 2014
    Applicant: Victrio, Inc.
    Inventors: Torsten Zeppenfeld, Joseph James Schmid, Manish Brijkishor Sharma, Lisa Marie Guerra, Richard Gutierrez, Mark Andrew Lazar, Vipul Niranjan Vyas
  • Patent number: 8649783
    Abstract: An application stored in a mobile device is provisioned using provisioning data received from remote data storage via a network. Provisioning data is obtained at no cost to a user of the mobile device. In some implementations, the provisioning data is received after the mobile device requests to establish a data channel with a data network. The data network is identified using a predetermined identifier that the network recognizes. If the network does not recognize the special identifier, no data channel is established. After a data channel is established, the mobile device requests provisioning data from the remote data storage. In some implementations, the mobile device receives a provisioning message through a predetermined port. The provisioning message either includes provisioning data or prompts the mobile device to obtain provisioning data.
    Type: Grant
    Filed: September 22, 2010
    Date of Patent: February 11, 2014
    Assignee: Nuance Communications, Inc.
    Inventors: Brian Roundtree, Tim Shelton, Gordon Waddell, Pim van Meurs, Jon Witort, Torsten Zeppenfeld
  • Publication number: 20120263285
    Abstract: Systems, methods, and media for disambiguating call data are provided herein. Some exemplary methods include receiving, via a fraud notification system, notification of a fraud event associated with a customer account, the fraud event comprising a time stamp, determining, via a call selection module, unique voice samples or models from call events obtained within a time frame that is temporally proximate the fraud event, and generating a timeline presentation that includes each unique voice sample or model identified in the call events based upon a time stamp associated with the call events.
    Type: Application
    Filed: May 29, 2012
    Publication date: October 18, 2012
    Inventors: Anthony Rajakumar, Lisa Guerra, Torsten Zeppenfeld, Vipul Vyas
  • Publication number: 20120253805
    Abstract: Systems, methods, and media for determining fraud risk from audio signals and non-audio data are provided herein. Some exemplary methods include receiving an audio signal and an associated audio signal identifier, receiving a fraud event identifier associated with a fraud event, determining a speaker model based on the received audio signal, determining a channel model based on a path of the received audio signal, using a server system, updating a fraudster channel database to include the determined channel model based on a comparison of the audio signal identifier and the fraud event identified, and updating a fraudster voice database to include the determined speaker model based on a comparison of the audio signal identifier and the fraud event identifier.
    Type: Application
    Filed: March 8, 2012
    Publication date: October 4, 2012
    Inventors: Anthony Rajakumar, Torsten Zeppenfeld, Lisa Guerra, Vipul Vyas
  • Publication number: 20120254243
    Abstract: Systems, methods, and media for generating fused risk scores for determining fraud in call data are provided herein. Some exemplary methods include generating a fused risk score used to determine fraud from call data by generating a fused risk score for a leg of call data, via a fuser module of an analysis system, the fused risk score being generated by fusing together two or more uniquely calculated fraud risk scores, each of the uniquely calculated fraud risk scores being generated by a sub-module of the analysis system; and storing the fused risk score in a storage device that is communicatively couplable with the fuser module.
    Type: Application
    Filed: March 8, 2012
    Publication date: October 4, 2012
    Inventors: Torsten Zeppenfeld, N. Nikki Mirghafori, Lisa Guerra, Richard Gutierrez, Anthony Rajakumar
  • Publication number: 20120071152
    Abstract: An application stored in a mobile device is provisioned using provisioning data received from remote data storage via a network. Provisioning data is obtained at no cost to a user of the mobile device. In some implementations, the provisioning data is received after the mobile device requests to establish a data channel with a data network. The data network is identified using a predetermined identifier that the network recognizes. If the network does not recognize the special identifier, no data channel is established. After a data channel is established, the mobile device requests provisioning data from the remote data storage. In some implementations, the mobile device receives a provisioning message through a predetermined port. The provisioning message either includes provisioning data or prompts the mobile device to obtain provisioning data.
    Type: Application
    Filed: September 22, 2010
    Publication date: March 22, 2012
    Inventors: Brian Roundtree, Tim Shelton, Gordon Waddell, Pim van Meurs, Jon Witort, Torsten Zeppenfeld
  • Patent number: 7162421
    Abstract: A method and system for barge-in acknowledgement are disclosed. A prompt is attenuated upon detection of speech. The speech is accepted and the prompt is terminated if the speech corresponds to an allowable response.
    Type: Grant
    Filed: May 6, 2002
    Date of Patent: January 9, 2007
    Assignee: Nuance Communications
    Inventors: Torsten Zeppenfeld, Brian Strope, Su-Lin Wu, Ben Shahshahani