Patents by Inventor Walid Negm
Walid Negm has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10944772Abstract: Systems, methods, and apparatus, including computer programs encoded on computer storage media, for obtaining, processing, and presenting data related to security events, and for implementing courses of action to protect assets in response to the security events. An event management module identifies malicious activity present on a first network domain and/or a second network domain based on received network domain activity. A threat intelligence module receives data identifying the malicious activity in first data constructs of a predefined data structure. The threat intelligence module obtains additional data related to the identified malicious activity and generates second data constructs that include enriched data regarding the malicious activity. The enriched data includes data describing a campaign in which at least a portion of the malicious activity is involved and one or more courses of action. A course of action module receives the second data constructs and implements a given course of action.Type: GrantFiled: November 15, 2018Date of Patent: March 9, 2021Assignee: Accenture Global Solutions LimitedInventors: Shaan Mulchandani, Amin Hassanzadeh, Elvis Hovor, Shimon Modi, Walid Negm
-
Patent number: 10824736Abstract: Systems, methods, and apparatus, including computer programs encoded on computer storage media, for facilitating communication in an industrial control network. A system includes an industrial control network, one or more controller devices, one or more emulators, and an encryption relay processor. Each controller device can be operable to control one or more operational devices connected to the industrial control network. Each emulator can be configured to communicate with a respective controller device, and each emulator can be configured to reference a respective profile that includes information about security capabilities of the respective controller device. The encryption relay processor can be operable to facilitate communication to and from each emulator over the industrial control network.Type: GrantFiled: November 27, 2017Date of Patent: November 3, 2020Assignee: Accenture Global Services LimitedInventors: Song Luo, Walid Negm, James J. Solderitsch, Shaan Mulchandani, Amin Hassanzadeh, Shimon Modi
-
Publication number: 20190089727Abstract: Systems, methods, and apparatus, including computer programs encoded on computer storage media, for obtaining, processing, and presenting data related to security events, and for implementing courses of action to protect assets in response to the security events. An event management module identifies malicious activity present on a first network domain and/or a second network domain based on received network domain activity. A threat intelligence module receives data identifying the malicious activity in first data constructs of a predefined data structure. The threat intelligence module obtains additional data related to the identified malicious activity and generates second data constructs that include enriched data regarding the malicious activity. The enriched data includes data describing a campaign in which at least a portion of the malicious activity is involved and one or more courses of action. A course of action module receives the second data constructs and implements a given course of action.Type: ApplicationFiled: November 15, 2018Publication date: March 21, 2019Inventors: Shaan Mulchandani, Amin Hassanzadeh, Elvis Hovor, Shimon Modi, Walid Negm
-
Patent number: 10148685Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for determining a network security threat response. A data structure that represents communication events between computing devices of two or more network domains is received. The data structure is analyzed and a threat scenario that is based on a chain of communication events that indicates a potential attack path is determined. The chain of communication events include a sequence of communication events between computing devices proceeding from an originating computing device to a destination computing device, wherein the originating computing device and the destination computing device exist on different network domains. Attack pattern data, for the threat scenario and from a threat intelligence data source, that is associated with communications between computing devices that occurred during one or more prior attacks is received.Type: GrantFiled: July 17, 2017Date of Patent: December 4, 2018Assignee: Accenture Global Services LimitedInventors: Amin Hassanzadeh, Shimon Modi, Shaan Mulchandani, Walid Negm
-
Patent number: 10148679Abstract: Systems, methods, and apparatus, including computer programs encoded on computer storage media, for obtaining, processing, and presenting data related to security events, and for implementing courses of action to protect assets in response to the security events. An event management module identifies malicious activity present on a first network domain and/or a second network domain based on received network domain activity. A threat intelligence module receives data identifying the malicious activity in first data constructs of a predefined data structure. The threat intelligence module obtains additional data related to the identified malicious activity and generates second data constructs that include enriched data regarding the malicious activity. The enriched data includes data describing a campaign in which at least a portion of the malicious activity is involved and one or more courses of action. A course of action module receives the second data constructs and implements a given course of action.Type: GrantFiled: February 23, 2016Date of Patent: December 4, 2018Assignee: Accenture Global Solutions LimitedInventors: Shaan Mulchandani, Amin Hassanzadeh, Elvis Hovor, Shimon Modi, Walid Negm
-
Patent number: 10031529Abstract: Unmanned vehicle (UV) control may include receiving a UV work order and generating a mission request based on the UV work order. The mission request may identify an objective of a mission, assign a UV and a sensor to the mission from a fleet of UVs and sensors, and assign a first movement plan to the mission based on the identified objective of the mission. The assigned UV may be controlled according to the assigned first movement plan, and communication data may be received from the assigned sensor. The communication data may be analyzed to identify an event related to the mission. The identified event and the first movement plan may be analyzed to assign a second movement plan to the mission based on the analysis of the identified event and the first movement plan to meet the identified objective of the mission.Type: GrantFiled: December 29, 2016Date of Patent: July 24, 2018Assignee: ACCENTURE GLOBAL SERVICES LIMITEDInventors: Pramila Mullan, Walid Negm, Edy S. Liongosari, Paul Barsamian, Brian Richards, Sang-Ik Kim, Michael Mui, Robert Fenney
-
Patent number: 10009366Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for determining network related anomaly scores. One of the methods includes generating a network map including at least a plurality of network nodes and a plurality of edges that indicate communications paths between the plurality of network nodes, obtaining first data indicating network activity over the edges and between the plurality of network nodes for a first time period, generating a model of expected network activity over the edges and between the plurality of network nodes for a future time period using the network map and the first data, obtaining second data indicating network activity over the edges and between the plurality of network nodes for a second time period, and determining an anomaly score using a comparison between the second data and the model of expected network activity.Type: GrantFiled: July 12, 2017Date of Patent: June 26, 2018Assignee: Accenture Global Services LimitedInventors: Michael L. Lefebvre, Matthew Carver, Eric Ellett, Walid Negm, Louis William DiValentin, James J. Solderitsch
-
Publication number: 20180144144Abstract: Systems, methods, and apparatus, including computer programs encoded on computer storage media, for facilitating communication in an industrial control network. A system includes an industrial control network, one or more controller devices, one or more emulators, and an encryption relay processor. Each controller device can be operable to control one or more operational devices connected to the industrial control network. Each emulator can be configured to communicate with a respective controller device, and each emulator can be configured to reference a respective profile that includes information about security capabilities of the respective controller device. The encryption relay processor can be operable to facilitate communication to and from each emulator over the industrial control network.Type: ApplicationFiled: November 27, 2017Publication date: May 24, 2018Inventors: Song Luo, Walid Negm, James J. Solderitsch, Shaan Mulchandani, Amin Hassanzadeh, Shimon Modi
-
Patent number: 9870476Abstract: Systems, methods, and apparatus, including computer programs encoded on computer storage media, for facilitating secure communication. A system for facilitating secure communication includes an enterprise network, one or more operational technology networks, and a management server. Each of the operational technology networks can include one or more controller devices operable to control one or more operational devices, and can include a respective site security server and a respective security relay server. The security relay server can be operable to facilitate secure communication between controller devices of the operational technology network and its corresponding site security server. The management server can be a node on the enterprise network and can be operable to communicate with each site security server.Type: GrantFiled: August 28, 2015Date of Patent: January 16, 2018Assignee: Accenture Global Services LimitedInventors: Song Luo, Walid Negm, James J. Solderitsch, Shaan Mulchandani, Amin Hassanzadeh, Shimon Modi
-
Patent number: 9864864Abstract: Systems, methods, and apparatus, including computer programs encoded on computer storage media, for facilitating communication in an industrial control network. A system includes an industrial control network, one or more controller devices, one or more emulators, and an encryption relay processor. Each controller device can be operable to control one or more operational devices connected to the industrial control network. Each emulator can be configured to communicate with a respective controller device, and each emulator can be configured to reference a respective profile that includes information about security capabilities of the respective controller device. The encryption relay processor can be operable to facilitate communication to and from each emulator over the industrial control network.Type: GrantFiled: August 28, 2015Date of Patent: January 9, 2018Assignee: Accenture Global Services LimitedInventors: Song Luo, Walid Negm, James J. Solderitsch, Shaan Mulchandani, Amin Hassanzadeh, Shimon Modi
-
Publication number: 20170318050Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for determining a network security threat response. A data structure that represents communication events between computing devices of two or more network domains is received. The data structure is analyzed and a threat scenario that is based on a chain of communication events that indicates a potential attack path is determined. The chain of communication events include a sequence of communication events between computing devices proceeding from an originating computing device to a destination computing device, wherein the originating computing device and the destination computing device exist on different network domains. Attack pattern data, for the threat scenario and from a threat intelligence data source, that is associated with communications between computing devices that occurred during one or more prior attacks is received.Type: ApplicationFiled: July 17, 2017Publication date: November 2, 2017Inventors: Amin Hassanzadeh, Shimon Modi, Shaan Mulchandani, Walid Negm
-
Publication number: 20170310697Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for determining network related anomaly scores. One of the methods includes generating a network map including at least a plurality of network nodes and a plurality of edges that indicate communications paths between the plurality of network nodes, obtaining first data indicating network activity over the edges and between the plurality of network nodes for a first time period, generating a model of expected network activity over the edges and between the plurality of network nodes for a future time period using the network map and the first data, obtaining second data indicating network activity over the edges and between the plurality of network nodes for a second time period, and determining an anomaly score using a comparison between the second data and the model of expected network activity.Type: ApplicationFiled: July 12, 2017Publication date: October 26, 2017Inventors: Michael L. Lefebvre, Matthew Carver, Eric Ellett, Walid Negm, Louis William DiValentin, James J. Solderitsch
-
Patent number: 9742788Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for correlating domain activity data. First domain activity data from a first network domain and second domain activity data from a second network domain is received. The first domain activity data and the second domain activity data is filtered to remove irrelevant activity data, based on a first set of profile data for devices in the first network domain and a second set of profile data for devices in the second network domain. Unfiltered first and second domain activity data is aggregated. Aggregated unfiltered first and second domain activity data is correlated to determine an attack path for an attack that occurs across the first network domain and the second network domain, based on attack signatures and profiles associated with previously identified attacks. A visualization of the attack path is generated.Type: GrantFiled: August 31, 2015Date of Patent: August 22, 2017Assignee: Accenture Global Services LimitedInventors: Amin Hassanzadeh, Shimon Modi, Shaan Mulchandani, Walid Negm
-
Patent number: 9729568Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for determining network related anomaly scores. One of the methods includes generating a network map including at least a plurality of network nodes and a plurality of edges that indicate communications paths between the plurality of network nodes, obtaining first data indicating network activity over the edges and between the plurality of network nodes for a first time period, generating a model of expected network activity over the edges and between the plurality of network nodes for a future time period using the network map and the first data, obtaining second data indicating network activity over the edges and between the plurality of network nodes for a second time period, and determining an anomaly score using a comparison between the second data and the model of expected network activity.Type: GrantFiled: August 12, 2016Date of Patent: August 8, 2017Assignee: Accenture Global Services LimitedInventors: Michael L. Lefebvre, Matthew Carver, Eric Ellett, Walid Negm, Louis William DiValentin, James J. Solderitsch
-
Patent number: 9712554Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for transforming representations of network activity data. A data structure that represents communication events between computing devices of one or more networks is received. The data structure is analyzed and a set of potential attack paths represented in the data structure is determined. A score is assigned to each potential attack path in the set of potential attack paths. Potential attack paths that have scores that do not meet a predetermined threshold are removed from the set of potential attack paths. Potential attack paths that remain in the set of potential attack paths are ranked, based on each score assigned to each potential attack path, and the data structure that includes a ranked set of potential attack paths is provided.Type: GrantFiled: August 31, 2015Date of Patent: July 18, 2017Assignee: Accenture Global Services LimitedInventors: Amin Hassanzadeh, Shimon Modi, Shaan Mulchandani, Walid Negm
-
Publication number: 20170171235Abstract: Systems, methods, and apparatus, including computer programs encoded on computer storage media, for obtaining, processing, and presenting data related to security events, and for implementing courses of action to protect assets in response to the security events. An event management module identifies malicious activity present on a first network domain and/or a second network domain based on received network domain activity. A threat intelligence module receives data identifying the malicious activity in first data constructs of a predefined data structure. The threat intelligence module obtains additional data related to the identified malicious activity and generates second data constructs that include enriched data regarding the malicious activity. The enriched data includes data describing a campaign in which at least a portion of the malicious activity is involved and one or more courses of action. A course of action module receives the second data constructs and implements a given course of action.Type: ApplicationFiled: February 23, 2016Publication date: June 15, 2017Inventors: Shaan Mulchandani, Amin Hassanzadeh, Elvis Hovor, Shimon Modi, Walid Negm
-
Publication number: 20170108876Abstract: Unmanned vehicle (UV) control may include receiving a UV work order and generating a mission request based on the UV work order. The mission request may identify an objective of a mission, assign a UV and a sensor to the mission from a fleet of UVs and sensors, and assign a first movement plan to the mission based on the identified objective of the mission. The assigned UV may be controlled according to the assigned first movement plan, and communication data may be received from the assigned sensor. The communication data may be analyzed to identify an event related to the mission. The identified event and the first movement plan may be analyzed to assign a second movement plan to the mission based on the analysis of the identified event and the first movement plan to meet the identified objective of the mission.Type: ApplicationFiled: December 29, 2016Publication date: April 20, 2017Applicant: Accenture Global Services LimitedInventors: Pramila MULLAN, Walid NEGM, Edy S. LIONGOSARI, Paul BARSAMIAN, Brian RICHARDS, Sang-Ik KIM, Michael MUI, Robert FENNEY
-
Patent number: 9567077Abstract: Unmanned vehicle (UV) control may include receiving a UV work order and generating a mission request based on the UV work order. The mission request may identify an objective of a mission, assign a UV and a sensor to the mission from a fleet of UVs and sensors, and assign a first movement plan to the mission based on the identified objective of the mission. The assigned UV may be controlled according to the assigned first movement plan, and communication data may be received from the assigned sensor. The communication data may be analyzed to identify an event related to the mission. The identified event and the first movement plan may be analyzed to assign a second movement plan to the mission based on the analysis of the identified event and the first movement plan to meet the identified objective of the mission.Type: GrantFiled: February 11, 2015Date of Patent: February 14, 2017Assignee: ACCENTURE GLOBAL SERVICES LIMITEDInventors: Pramila Mullan, Walid Negm, Edy S. Liongosari, Paul Barsamian, Brian Richards, Sang-Ik Kim, Michael Mui, Robert Fenney
-
Publication number: 20160352768Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for determining network related anomaly scores. One of the methods includes generating a network map including at least a plurality of network nodes and a plurality of edges that indicate communications paths between the plurality of network nodes, obtaining first data indicating network activity over the edges and between the plurality of network nodes for a first time period, generating a model of expected network activity over the edges and between the plurality of network nodes for a future time period using the network map and the first data, obtaining second data indicating network activity over the edges and between the plurality of network nodes for a second time period, and determining an anomaly score using a comparison between the second data and the model of expected network activity.Type: ApplicationFiled: August 12, 2016Publication date: December 1, 2016Inventors: Michael L. Lefebvre, Matthew Carver, Eric Ellett, Walid Negm, Louis William DiValentin, James J. Solderitsch
-
Patent number: 9503467Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for determining network related anomaly scores. One of the methods includes generating a network map including at least a plurality of network nodes and a plurality of edges that indicate communications paths between the plurality of network nodes, obtaining first data indicating network activity over the edges and between the plurality of network nodes for a first time period, generating a model of expected network activity over the edges and between the plurality of network nodes for a future time period using the network map and the first data, obtaining second data indicating network activity over the edges and between the plurality of network nodes for a second time period, and determining an anomaly score using a comparison between the second data and the model of expected network activity.Type: GrantFiled: May 22, 2014Date of Patent: November 22, 2016Assignee: Accenture Global Services LimitedInventors: Michael J. Lefebvre, Matthew Carver, Eric Ellett, Walid Negm, Louis William DiValentin, James J. Solderitsch