Patents by Inventor Trevor Tonn
Trevor Tonn has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11531763Abstract: Methods, systems, and computer-readable media for automated code generation using analysis of design diagrams are disclosed. A diagram-to-code system determines one or more security properties of a plurality of components associated with a software product. Relationships between the components are indicated in a software design diagram. At least some of the security properties are determined using input to a user interface. The diagram-to-code system generates one or more secure code packages based (at least in part) on the software design diagram and the one or more security properties. The secure code package(s) implement one or more security controls associated with the software product. The secure code package(s) are provided to a developer. The secure code package(s) and additional program code from the developer are compiled into a compiled software product. Execution of the compiled software product mitigates security vulnerabilities using the one or more security controls.Type: GrantFiled: December 10, 2019Date of Patent: December 20, 2022Assignee: Amazon Technologies, Inc.Inventors: Akshay Gupta, Raghuveer Ketireddy, Trevor Tonn
-
Patent number: 11507655Abstract: A design inspector tool generates secure source code related to stencils and design elements of an architecture diagram. The design inspector tool may retrieve source code from a source code repository that includes source code that is relevant to the stencils and design elements implemented by the design inspector tool. When or after a user modifies the source code, the design inspector tool feeds contextual information associated with the stencils and the design elements into a trained machine learning logic. The trained machine learning logic processes the contextual information to retrieve contextually relevant auto complete secure code suggestions from the source code repository. The contextually relevant auto complete source code suggestions may be presented to the user as an option for replacing or augmenting the modified source code.Type: GrantFiled: December 11, 2019Date of Patent: November 22, 2022Assignee: Amazon Technologies, Inc.Inventors: Raghuveer Ketireddy, Akshay Gupta, Trevor Tonn
-
Patent number: 10860295Abstract: Methods, systems, and computer-readable media for automated detection of ambiguities in software design diagrams are disclosed. One or more graphs are determined that represent a plurality of elements of a design diagram. The one or more graphs comprise a plurality of nodes representing components and a plurality of edges representing relationships between the components. An evaluation of the design diagram with respect to one or more rules is initiated by a rules engine. The evaluation is based (at least in part) on traversal of the one or more graphs. Based (at least in part) on the evaluation, one or more flaws are identified in the design diagram. A modified design diagram is generated that represents remediation of at least a portion of the one or more flaws.Type: GrantFiled: January 3, 2019Date of Patent: December 8, 2020Assignee: Amazon Technologies, Inc.Inventors: Raghuveer Ketireddy, Benjamin Richeson, Trevor Tonn
-
Patent number: 10474811Abstract: A system, method, and computer-readable medium for detecting malicious computer code are provided. Instructions, such as HTML or JavaScript instructions may be received from a server, parsed, and executed. During execution of the instructions, one or more functions of a software application, such as a web browser, may be hooked, and an event object may be created for each called function that is hooked, resulting in a collection of event objects. Rules may be matched with event objects of the collection of event objects to detect malicious code. Attributes from the matched event objects may then be used to locate original malicious script or code injected into a web page.Type: GrantFiled: March 30, 2012Date of Patent: November 12, 2019Assignee: VERISIGN, INC.Inventors: Matthew Cote, Trevor Tonn
-
Patent number: 10395031Abstract: Systems and methods are provided for malware scanning and detection. In one exemplary embodiment, the method includes a hub computing device that receives, from a controller computing device, a scan request, and identifies spoke computing devices for performing the scan request. The method performed by the hub computing device also includes sending to the identified spoke computing devices, the scan request, receiving, from the spoke computing devices, results associated with the scan request, and sending, to the controller computing device, the results associated with the scan request.Type: GrantFiled: December 30, 2010Date of Patent: August 27, 2019Assignee: VERISIGN, INC.Inventors: Karthik Shyamsunder, Trevor Tonn, Ralph Thomas, Alexander Holmes, James Krahulec, Srinivas Sunkara
-
Patent number: 10162970Abstract: Techniques for providing information security threat assessment and amelioration are disclosed. The techniques may include obtaining fundamental data, obtaining document data, preparing fundamental instance nodes from the fundamental data, preparing document nodes from the document data, preparing edges between at least some of the nodes, storing the nodes and the edges in a manner that reflects a graph structure, and causing to be displayed at least a portion of a graph defined by at least one node and at least one edge.Type: GrantFiled: February 5, 2018Date of Patent: December 25, 2018Assignee: Accenture Global Solutions LimitedInventors: Ryan Olson, Trevor Tonn
-
Patent number: 10158664Abstract: A system, method, and computer-readable medium for detecting malicious computer code are provided. A dataset may be accessed and converted to a binary dataset according to a predefined conversion algorithm. One or more cycles in the binary dataset may be identified. Statistical analysis may be performed on the identified one or more cycles. A determination that the set of dataset includes malicious software code may be made based on the performed statistical analysis.Type: GrantFiled: July 22, 2014Date of Patent: December 18, 2018Assignee: VERISIGN, INC.Inventor: Trevor Tonn
-
Publication number: 20180211047Abstract: Techniques for providing information security threat assessment and amelioration are disclosed. The techniques may include obtaining fundamental data, obtaining document data, preparing fundamental instance nodes from the fundamental data, preparing document nodes from the document data, preparing edges between at least some of the nodes, storing the nodes and the edges in a manner that reflects a graph structure, and causing to be displayed at least a portion of a graph defined by at least one node and at least one edge.Type: ApplicationFiled: February 5, 2018Publication date: July 26, 2018Inventors: Ryan OLSON, Trevor TONN
-
Patent number: 10021129Abstract: Systems and methods are provided for malware scanning and detection in a computing system. In one exemplary embodiment, the method includes launching, in a computing device of the computing system, a virtual machine, and launching, in the virtual machine of the computing device, an internet browser. The method also includes requesting, by the internet browser, data from a web page, and performing, using one or more analysis tools, analysis on the web page. In the method, performing analysis on the web page includes performing monitoring and recording of system application programming interface (API) calls, and creating software objects associated with the web page. The method also includes performing antivirus scanning of the software objects, de-obfuscating JavaScript associated with the software objects, and correlating data associated with the performed analysis to determine if the web page is a malicious web page.Type: GrantFiled: May 11, 2016Date of Patent: July 10, 2018Assignee: VERISIGN, INC.Inventors: Ralph Thomas, Michael Lapilla, Trevor Tonn, Gregory Sinclair, Blake Hartstein, Matthew Cote
-
Patent number: 9886581Abstract: Techniques for providing information security threat assessment and amelioration are disclosed. The techniques may include obtaining fundamental data, obtaining document data, preparing fundamental instance nodes from the fundamental data, preparing document nodes from the document data, preparing edges between at least some of the nodes, storing the nodes and the edges in a manner that reflects a graph structure, and causing to be displayed at least a portion of a graph defined by at least one node and at least one edge.Type: GrantFiled: February 25, 2014Date of Patent: February 6, 2018Assignee: Accenture Global Solutions LimitedInventors: Ryan Olson, Trevor Tonn
-
Patent number: 9846780Abstract: Techniques for providing computer security vulnerability intelligence are disclosed. The techniques include obtaining distributable vulnerability data that includes, for each of a plurality of software packages and associated vulnerabilities, threat mitigation information and a threat priority parameter, where the distributable vulnerability data was derived from an intelligence graph including a plurality of fundamental instance nodes, a plurality of document nodes, and a plurality of edges.Type: GrantFiled: February 25, 2015Date of Patent: December 19, 2017Assignee: Accenture Global Solutions LimitedInventors: Trevor Tonn, Ray-yu Chang
-
Patent number: 9779238Abstract: The present invention generally relates to systems and methods for classifying executable files as likely malware or likely benign. The techniques utilize temporally-ordered network behavioral artifacts together with machine learning techniques to perform the classification. Because they rely on network behavioral artifacts, the disclosed techniques may be applied to executable files with obfuscated code.Type: GrantFiled: November 8, 2016Date of Patent: October 3, 2017Assignee: VERISIGN, INC.Inventors: Allison Mankin, Abedelaziz Mohaisen, Trevor Tonn
-
Publication number: 20170053119Abstract: The present invention generally relates to systems and methods for classifying executable files as likely malware or likely benign. The techniques utilize temporally-ordered network behavioral artifacts together with machine learning techniques to perform the classification. Because they rely on network behavioral artifacts, the disclosed techniques may be applied to executable files with obfuscated code.Type: ApplicationFiled: November 8, 2016Publication date: February 23, 2017Inventors: Allison MANKIN, Abedelaziz MOHAISEN, Trevor TONN
-
Publication number: 20160337380Abstract: Systems and methods are provided for malware scanning and detection in a computing system. In one exemplary embodiment, the method includes launching, in a computing device of the computing system, a virtual machine, and launching, in the virtual machine of the computing device, an internet browser. The method also includes requesting, by the internet browser, data from a web page, and performing, using one or more analysis tools, analysis on the web page. In the method, performing analysis on the web page includes performing monitoring and recording of system application programming interface (API) calls, and creating software objects associated with the web page. The method also includes performing antivirus scanning of the software objects, de-obfuscating JavaScript associated with the software objects, and correlating data associated with the performed analysis to determine if the web page is a malicious web page.Type: ApplicationFiled: May 11, 2016Publication date: November 17, 2016Inventors: Ralph Thomas, Michael Lapilla, Trevor Tonn, Gregory Sinclair, Blake Hartstein, Matthew Cote
-
Patent number: 9489514Abstract: The present invention generally relates to systems and methods for classifying executable files as likely malware or likely benign. The techniques utilize temporally-ordered network behavioral artifacts together with machine learning techniques to perform the classification. Because they rely on network behavioral artifacts, the disclosed techniques may be applied to executable files with obfuscated code.Type: GrantFiled: October 6, 2014Date of Patent: November 8, 2016Assignee: VERISIGN, INC.Inventors: Allison Mankin, Abedelaziz Mohaisen, Trevor Tonn
-
Patent number: 9344446Abstract: Systems and methods are provided for malware scanning and detection in a computing system. In one exemplary embodiment, the method includes launching, in a computing device of the computing system, a virtual machine, and launching, in the virtual machine of the computing device, an internet browser. The method also includes requesting, by the internet browser, data from a web page, and performing, using one or more analysis tools, analysis on the web page. In the method, performing analysis on the web page includes performing monitoring and recording of system application programming interface (API) calls, and creating software objects associated with the web page. The method also includes performing antivirus scanning of the software objects, de-obfuscating JavaScript associated with the software objects, and correlating data associated with the performed analysis to determine if the web page is a malicious web page.Type: GrantFiled: September 8, 2014Date of Patent: May 17, 2016Assignee: VERISIGN, INC.Inventors: Ralph Thomas, Michael Lapilla, Trevor Tonn, Gregory Sinclair, Blake Hartstein, Matthew Cote
-
Publication number: 20160028746Abstract: A system, method, and computer-readable medium for detecting malicious computer code are provided. A dataset may be accessed and converted to a binary dataset according to a predefined conversion algorithm. One or more cycles in the binary dataset may be identified. Statistical analysis may be performed on the identified one or more cycles. A determination that the set of dataset includes malicious software code may be made based on the performed statistical analysis.Type: ApplicationFiled: July 22, 2014Publication date: January 28, 2016Inventor: Trevor Tonn
-
Publication number: 20150244734Abstract: Techniques for providing information security threat assessment and amelioration are disclosed. The techniques may include obtaining fundamental data, obtaining document data, preparing fundamental instance nodes from the fundamental data, preparing document nodes from the document data, preparing edges between at least some of the nodes, storing the nodes and the edges in a manner that reflects a graph structure, and causing to be displayed at least a portion of a graph defined by at least one node and at least one edge.Type: ApplicationFiled: February 25, 2014Publication date: August 27, 2015Inventors: Ryan Olson, Trevor Tonn
-
Publication number: 20150242637Abstract: Techniques for providing computer security vulnerability intelligence are disclosed. The techniques include obtaining distributable vulnerability data that includes, for each of a plurality of software packages and associated vulnerabilities, threat mitigation information and a threat priority parameter, where the distributable vulnerability data was derived from an intelligence graph including a plurality of fundamental instance nodes, a plurality of document nodes, and a plurality of edges.Type: ApplicationFiled: February 25, 2015Publication date: August 27, 2015Inventors: Trevor Tonn, Ray-yu Chang
-
Publication number: 20150106931Abstract: The present invention generally relates to systems and methods for classifying executable files as likely malware or likely benign. The techniques utilize temporally-ordered network behavioral artifacts together with machine learning techniques to perform the classification. Because they rely on network behavioral artifacts, the disclosed techniques may be applied to executable files with obfuscated code.Type: ApplicationFiled: October 6, 2014Publication date: April 16, 2015Inventors: Allison Mankin, Abedelaziz Mohaisen, Trevor Tonn