Patents by Inventor Ya Hsuan Tsai
Ya Hsuan Tsai has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11288376Abstract: A source code analysis tool is augmented to support rule-based analysis of code to attempt to identify certain lexical information indicative of hard-coded secret (e.g., password) support in the code. The tool takes the source code as input, parses the content with a lexical analyzer based on language grammar, and processes the resulting data through preferably a pair of rule-based engines. Preferably, one engine is configured to identify variables explicitly intended to be used as a hard-coded secret, and the other engine is configured to identify data strings that could potentially support such a secret. The outputs of these rules engines are consolidated and evaluated to identify a likelihood that the code under examination includes support for a hard-coded secret. The result is then provided to the developer for further action to address any potential security vulnerability identified by the analysis.Type: GrantFiled: May 2, 2019Date of Patent: March 29, 2022Assignee: International Business Machines CorporationInventors: Ya-Hsuan Tsai, Chun-Shuo Lin, Chuang Hsin-Yu
-
Patent number: 11121871Abstract: A technique to secure a wireless communication link that is being shared among a wireless access point (AP), and each of a set of wireless clients (each a mobile station (STA)) that are coupled to the AP over the communication link. A typical implementation is a WPA2-PSK communication link. In this approach, and in lieu of a single secret key being shared by all AP-STA pairs, each AP-STA pair derives its own unique WLAN shared secret, preferably via a Diffie-Hellman (DH) key exchange. The WLAN shared secret is then used to generate WPA2-PSK keys, namely, pairwise master key (PMK) and pairwise transient key (PTK), that establish an 802.11 standards-compliant secure link.Type: GrantFiled: October 22, 2018Date of Patent: September 14, 2021Assignee: International Business Machines CorporationInventors: Chih-Wei Hsiao, Chih-Wen Chao, Wei-Hsiang Hsiung, Ya-Hsuan Tsai
-
Patent number: 10891646Abstract: A method of locating one or more endpoint connectors of a network cable wherein the network cable includes a first endpoint connector and a second endpoint connector comprises: one or more processors capturing an incoming packet carrying therein a specific identifier, wherein the specific identifier is a specific bit string that has been predefined to trigger an activation of one or more indicating devices located on one or more endpoint connectors on the network cable; determining that the incoming packet carries therein the specific identifier; and in response to determining that the incoming packet carries therein the specific identifier, triggering an activation of a first indicating device indicative of a location of the first endpoint connector.Type: GrantFiled: January 31, 2019Date of Patent: January 12, 2021Assignee: International Business Machines CorporationInventors: Chun-Fei Chang, Ming Da Ho, Ming-Pin Hsueh, Ya Hsuan Tsai
-
Publication number: 20200349259Abstract: A source code analysis tool is augmented to support rule-based analysis of code to attempt to identify certain lexical information indicative of hard-coded secret (e.g., password) support in the code. The tool takes the source code as input, parses the content with a lexical analyzer based on language grammar, and processes the resulting data through preferably a pair of rule-based engines. Preferably, one engine is configured to identify variables explicitly intended to be used as a hard-coded secret, and the other engine is configured to identify data strings that could potentially support such a secret. The outputs of these rules engines are consolidated and evaluated to identify a likelihood that the code under examination includes support for a hard-coded secret. The result is then provided to the developer for further action to address any potential security vulnerability identified by the analysis.Type: ApplicationFiled: May 2, 2019Publication date: November 5, 2020Applicant: International Business Machines CorporationInventors: Ya-Hsuan Tsai, Chun-Shuo Lin, Chuang Hsin-Yu
-
Publication number: 20200127829Abstract: A technique to secure a wireless communication link that is being shared among a wireless access point (AP), and each of a set of wireless clients (each a mobile station (STA)) that are coupled to the AP over the communication link. A typical implementation is a WPA2-PSK communication link. In this approach, and in lieu of a single secret key being shared by all AP-STA pairs, each AP-STA pair derives its own unique WLAN shared secret, preferably via a Diffie-Hellman (DH) key exchange. The WLAN shared secret is then used to generate WPA2-PSK keys, namely, pairwise master key (PMK) and pairwise transient key (PTK), that establish an 802.11 standards-compliant secure link.Type: ApplicationFiled: October 22, 2018Publication date: April 23, 2020Applicant: International Business Machines CorporationInventors: Chih-Wei Hsiao, Chih-Wen Chao, Wei-Hsiang Hsiung, Ya-Hsuan Tsai
-
Patent number: 10607016Abstract: Techniques are provided for decrypting an encrypted file within an enterprise network. The techniques include identifying by a password collecting module a password entered during a file encryption procedure performed at a terminal and storing the password; receiving an encrypted file by a data leakage protection (DLP) module; and attempting to decrypt the encrypted file with the password by the DLP module.Type: GrantFiled: July 24, 2017Date of Patent: March 31, 2020Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Ya Hsuan Tsai, Ying-Hung Yu, Hariharan Mahadevan
-
Publication number: 20190188746Abstract: A method of locating one or more endpoint connectors of a network cable wherein the network cable includes a first endpoint connector and a second endpoint connector comprises: one or more processors capturing an incoming packet carrying therein a specific identifier, wherein the specific identifier is a specific bit string that has been predefined to trigger an activation of one or more indicating devices located on one or more endpoint connectors on the network cable; determining that the incoming packet carries therein the specific identifier; and in response to determining that the incoming packet carries therein the specific identifier, triggering an activation of a first indicating device indicative of a location of the first endpoint connector.Type: ApplicationFiled: January 31, 2019Publication date: June 20, 2019Inventors: Chun-FeI Chang, Ming Da Ho, Ming-Pin Hsueh, Ya Hsuan Tsai
-
Patent number: 10277467Abstract: A method of locating endpoint connectors of a network cable comprises: capturing an incoming packet carrying therein a specific identifier from an echo request instruction; determining whether the incoming packet carries therein the specific identifier; and in response to determining that the incoming packet received carries therein the specific identifier, triggering an indicating device indicative of locations of endpoint connectors of a network cable.Type: GrantFiled: November 25, 2014Date of Patent: April 30, 2019Assignee: International Business Machines CorporationInventors: Chun-Fei Chang, Ming Da Ho, Ming-Pin Hsueh, Ya Hsuan Tsai
-
Publication number: 20180018467Abstract: Techniques are provided for decrypting an encrypted file within an enterprise network. The techniques include identifying by a password collecting module a password entered during a file encryption procedure performed at a terminal and storing the password; receiving an encrypted file by a data leakage protection (DLP) module; and attempting to decrypt the encrypted file with the password by the DLP module.Type: ApplicationFiled: July 24, 2017Publication date: January 18, 2018Applicant: International Business Machines CorporationInventors: Ya Hsuan Tsai, Ying-Hung Yu, Hariharan Mahadevan
-
Patent number: 9727739Abstract: Techniques are provided for decrypting an encrypted file within an enterprise network. The techniques include identifying by a password collecting module a password entered during a file encryption procedure performed at a terminal and storing the password; receiving an encrypted file by a data leakage protection (DLP) module; and attempting to decrypt the encrypted file with the password by the DLP module.Type: GrantFiled: July 21, 2014Date of Patent: August 8, 2017Assignee: International Business Machines CorporationInventors: Ya Hsuan Tsai, Ying-Hung Yu, Mahadevan Hariharan
-
Patent number: 9565210Abstract: A session of network communications is processed between a client terminal and a server by intercepting a request generated from a network transport unit of the client terminal, generating an intermediate session ID for the client terminal, asking the server to establish a session, receiving a response sent from the server using a server session ID after the session is established, associating the server session ID with the intermediate session ID and sending the response to the network transport unit using the intermediate session ID.Type: GrantFiled: August 22, 2012Date of Patent: February 7, 2017Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Wei-Hsiang Hsiung, Wei-Shiau Suen, Ya Hsuan Tsai, Rick M F Wu
-
Patent number: 9117078Abstract: Creating a policy to be used by a malware prevention system uses multiple events triggered by malware. A sample of malicious computer code or malware is executed in a computer system having a kernel space and a user space. Event data relating to multiple events caused by the malicious code executing on the computer system are captured and stored. The event data is configured using a specific property that facilitates malware behavior analysis. A behavior list is then created utilizing the multiple events and associated event data. The behavior list, together with data in a malware behavior database, is used to derive a policy for use in a malware prevention system. The computer system is free of any malicious code, including viruses, Trojan horses, or any other unwanted software code. The malicious computer code executes without any constraints so that the execution behavior of the malicious code may be observed and captured.Type: GrantFiled: September 17, 2008Date of Patent: August 25, 2015Assignee: Trend Micro Inc.Inventors: Hao-Liang Chien, Ming-Chang Shih, Ya-Hsuan Tsai
-
Publication number: 20150156103Abstract: A method of locating endpoint connectors of a network cable comprises: capturing an incoming packet carrying therein a specific identifier from an echo request instruction; determining whether the incoming packet carries therein the specific identifier; and in response to determining that the incoming packet received carries therein the specific identifier, triggering an indicating device indicative of locations of endpoint connectors of a network cable.Type: ApplicationFiled: November 25, 2014Publication date: June 4, 2015Inventors: Chun-Fei Chang, Ming Da Ho, Ming-Pin Hsueh, Ya Hsuan Tsai
-
Publication number: 20140344573Abstract: Techniques are provided for decrypting an encrypted file within an enterprise network. The techniques include identifying by a password collecting module a password entered during a the encryption procedure performed at a terminal and storing the password: receiving an encrypted file by a data leakage protection (DLP) module; and attempting to decrypt the encrypted file with the password by the DLP module.Type: ApplicationFiled: July 21, 2014Publication date: November 20, 2014Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Ya Hsuan Tsai, Ying-Hung Yu, Mahadevan Hariharan
-
Publication number: 20140189349Abstract: A method of decrypting an encrypted file within an enterprise network is provided. The method includes identifying by a password collecting module a password entered during a file encryption procedure performed at a terminal and storing the password; receiving an encrypted file by a data leakage protection (DLP) module; and attempting to decrypt the encrypted file with the password by the DLP module.Type: ApplicationFiled: December 27, 2013Publication date: July 3, 2014Applicant: International Business Machines CorporationInventors: Ya Hsuan Tsai, Ying-Hung Yu
-
Publication number: 20130054823Abstract: A session of network communications is processed between a client terminal and a server by intercepting a request generated from a network transport unit of the client terminal, generating an intermediate session ID for the client terminal, asking the server to establish a session, receiving a response sent from the server using a server session ID after the session is established, associating the server session ID with the intermediate session ID and sending the response to the network transport unit using the intermediate session ID.Type: ApplicationFiled: August 22, 2012Publication date: February 28, 2013Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Wei-Hsiang Hsiung, Wei-Shiau Suen, Ya Hsuan Tsai, Rick M. F. Wu