Patents by Inventor Zhiyun Qian

Zhiyun Qian has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Differential dependency tracking for attack forensics
    Patent number: 9736173
    Abstract: Methods and systems for intrusion attack recovery include monitoring two or more hosts in a network to generate audit logs of system events. One or more dependency graphs (DGraphs) is generated based on the audit logs. A relevancy score for each edge of the DGraphs is determined. Irrelevant events from the DGraphs are pruned to generate a condensed backtracking graph. An origin is located by backtracking from an attack detection point in the condensed backtracking graph.
    Type: Grant
    Filed: October 9, 2015
    Date of Patent: August 15, 2017
    Assignee: NEC Corporation
    Inventors: Zhichun Li, Zhenyu Wu, Zhiyun Qian, Guofei Jiang, Masoud Akhoondi, Markus Kusano
  • Discovering and constraining idle processes
    Patent number: 9602528
    Abstract: Methods and systems for process constraint include collecting system call information for a process. It is detected whether the process is idle based on the system call information and then whether the process is repeating using autocorrelation to determine whether the process issues system calls in a periodic fashion. The process is constrained if it is idle or repeating to limit an attack surface presented by the process.
    Type: Grant
    Filed: May 14, 2015
    Date of Patent: March 21, 2017
    Assignee: NEC Corporation
    Inventors: Zhiyun Qian, Jun Wang, Zhichun Li, Zhenyu Wu, Junghwan Rhee, Xia Ning, Guofei Jiang
  • DIFFERENTIAL DEPENDENCY TRACKING FOR ATTACK FORENSICS
    Publication number: 20160105454
    Abstract: Methods and systems for intrusion attack recovery include monitoring two or more hosts in a network to generate audit logs of system events. One or more dependency graphs (DGraphs) is generated based on the audit logs. A relevancy score for each edge of the DGraphs is determined. Irrelevant events from the DGraphs are pruned to generate a condensed backtracking graph. An origin is located by backtracking from an attack detection point in the condensed backtracking graph.
    Type: Application
    Filed: October 9, 2015
    Publication date: April 14, 2016
    Inventors: Zhichun Li, Zhenyu Wu, Zhiyun Qian, Guofei Jiang, Masoud Akhoondi, Markus Kusano
  • Duleak: a scalable app engine for high-impact privacy leaks
    Patent number: 9245125
    Abstract: Systems and methods are disclosed for protecting privacy in an application software (app) by detecting application repacking; detecting application tainting, including: detecting descrying information leakage; detecting vulnerability espial; and detecting a privacy leak.
    Type: Grant
    Filed: November 24, 2014
    Date of Patent: January 26, 2016
    Assignee: NEC Laboratories America, Inc.
    Inventors: Zhichun Li, Zhenyu Wu, Zhiyun Qian, Guofei Jiang, Kangjie Lu, Vasileios Kemerlis
  • DISCOVERING AND CONSTRAINING IDLE PROCESSES
    Publication number: 20150334128
    Abstract: Methods and systems for process constraint include collecting system call information for a process. It is detected whether the process is idle based on the system call information and then whether the process is repeating using autocorrelation to determine whether the process issues system calls in a periodic fashion. The process is constrained if it is idle or repeating to limit an attack surface presented by the process.
    Type: Application
    Filed: May 14, 2015
    Publication date: November 19, 2015
    Inventors: Zhiyun Qian, Jun Wang, Zhichun Li, Zhenyu Wu, Junghwan Rhee, Xia Ning, Guofei Jiang
  • DuLeak: A Scalable App Engine for High-Impact Privacy Leaks
    Publication number: 20150242635
    Abstract: Systems and methods are disclosed for protecting privacy in an application software (app) by detecting application repacking; detecting application tainting, including: detecting descrying information leakage; detecting vulnerability espial; and detecting a privacy leak.
    Type: Application
    Filed: November 24, 2014
    Publication date: August 27, 2015
    Inventors: Zhichun Li, Zhenyu Wu, Zhiyun Qian, Guofei Jiang, Kangjie Lu, Vasileios Kemerlis
  • Topology-aware attack mitigation
    Patent number: 8261355
    Abstract: Techniques are disclosed for preventing malicious attacks or other exploits on a computer server. A network manager may be configured to determine a topology of a plurality of network devices and deploy an intrusion prevention system in one or more of the network devices to mitigate attacks against the vulnerable servers. The one or more network devices may be identified based on the topology and one or more constraints for optimizing the deployment of the intrusion prevention systems.
    Type: Grant
    Filed: July 24, 2009
    Date of Patent: September 4, 2012
    Assignee: Cisco Technology, Inc.
    Inventors: Ammar Rayes, Zhiyun Qian
  • TOPOLOGY-AWARE ATTACK MITIGATION
    Publication number: 20110023119
    Abstract: Techniques are disclosed for preventing malicious attacks or other exploits on a computer server. A network manager may be configured to determine a topology of a plurality of network devices and deploy an intrusion prevention system in one or more of the network devices to mitigate attacks against the vulnerable servers. The one or more network devices may be identified based on the topology and one or more constraints for optimizing the deployment of the intrusion prevention systems.
    Type: Application
    Filed: July 24, 2009
    Publication date: January 27, 2011
    Inventors: AMMAR RAYES, Zhiyun QIAN