Computer Virus Detection By Cryptography Patents (Class 713/188)
  • Patent number: 11836258
    Abstract: A method for software code analysis includes receiving source code of an application program, which includes one or more calls from respective entry points in the source code to a library program. The source code is automatically analyzed in order to generate a first data flow graph (DFG), representing a flow of data to be engendered upon running the application program. One or more vulnerabilities are identified in the library program. The library program is automatically analyzed to generate a second DFG linking at least one of the entry points in the source code to at least one of the vulnerabilities. The first DFG is combined with the second DFG in order to track the flow of data from the application program to the at least one of the vulnerabilities and to report at least one of the vulnerabilities as being exploitable.
    Type: Grant
    Filed: July 22, 2021
    Date of Patent: December 5, 2023
    Assignee: CHECKMARX LTD.
    Inventors: Maty Siman, Or Chen
  • Patent number: 11838322
    Abstract: A phishing site detection device extracts, from a phishing kit, a condition of access sources with which the access to a phishing site is blocked. Then, the phishing site detection device accesses a phishing site constructed by the phishing kit using one or more extracted conditions of access sources, and stores an access result for each condition of access sources in an access result storage module. Thereafter, the phishing site detection device sets a condition of access sources with which the access to the phishing site constructed by the phishing kit is blocked, accesses a website to be detected, and determines whether the website is a phishing site on the basis of the access result.
    Type: Grant
    Filed: October 10, 2019
    Date of Patent: December 5, 2023
    Assignee: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Hirokazu Kodera, Toshiki Shibahara, Daiki Chiba, Yuta Takata, Kazufumi Aoki
  • Patent number: 11836247
    Abstract: Systems and methods for detecting malicious behavior in a network by analyzing process interaction ratios (PIRs) are provided. According to one embodiment, information regarding historical process activity is maintained. The historical process activity includes information regarding various processes hosted by computing devices of a private network. Information regarding process activity within the private network is received for a current observation period. For each process, for each testing time period of a number of testing time periods within the current observation period, a PIR is determined based on (i) a number of unique computing devices that host the process and (ii) a number of unique users that have executed the process. A particular process is identified as potentially malicious when a measure of deviation of the PIR of the particular process from a historical PIR mean of the particular process exceeds a pre-defined or configurable threshold during a testing time period.
    Type: Grant
    Filed: March 30, 2020
    Date of Patent: December 5, 2023
    Assignee: Fortinet, Inc.
    Inventors: Ernest Mugambi, Partha Bhattacharya, Gun Sumlut
  • Patent number: 11831729
    Abstract: A computing system includes persistent storage configured to store representations of software applications installed on computing devices, and a software application configured to perform operations, including retrieving, from the persistent storage, a first plurality of representations of a first plurality of software applications installed on a particular computing device and a second plurality of representations of a second plurality of software applications installed on a reference computing device. The operations also include determining a device fingerprint of the particular computing device based on the first plurality of representations and a reference device fingerprint of the reference computing device based on the second plurality of representations, and comparing the device fingerprint to the reference device fingerprint.
    Type: Grant
    Filed: March 19, 2021
    Date of Patent: November 28, 2023
    Assignee: ServiceNow, Inc.
    Inventors: Shay Herzog, Aakash Umeshbhai Bhagat, Olga Zateikin, Robert Bitterfeld, Asaf Garty
  • Patent number: 11824875
    Abstract: A threat intelligence gateway (TIG) may protect TCP/IP networks from network (e.g., Internet) threats by enforcing certain policies on in-transit packets that are crossing network boundaries. The policies may be composed of packet filtering rules with packet-matching criteria derived from cyber threat intelligence (CTI) associated with Internet threats. These CTI-derived packet-filtering rules may be created offline by policy creation and management servers, which may distribute the policies to subscribing TIGs that subsequently enforce the policies on in-transit packets. Each packet filtering rule may specify a disposition that may be applied to a matching in-transit packet, such as deny/block/drop the in-transit packet or pass/allow/forward the in-transit packet, and also may specify directives that may be applied to a matching in-transit packet, such as log, capture, spoof-tcp-rst, etc.
    Type: Grant
    Filed: December 19, 2022
    Date of Patent: November 21, 2023
    Assignee: Centripetal Networks, LLC
    Inventors: Sean Moore, Jonathan R. Rogers, Vincent Mutolo, Peter P. Geremia
  • Patent number: 11824886
    Abstract: A method includes receiving a scan request requesting to scan a set of network-connected assets designated for a network scan. For each respective network-connected asset, the method includes scanning, at a network security scanner using a first scanning privilege level, the respective network-connected asset. The method includes determining, based on the scan using the first scanning privilege level, whether the respective network-connected asset has a vulnerability. In response, the method includes scanning, at the network security scanner using a second scanning privilege level, the respective network-connected asset. The second scanning privilege level defines a lower level of access the network security scanner has than the first scanning privilege level. The method includes determining, based on the scans, an exposure level of the vulnerability. The method includes reporting the exposure level of the vulnerability to a user of the respective network-connected asset.
    Type: Grant
    Filed: April 29, 2021
    Date of Patent: November 21, 2023
    Assignee: Google LLC
    Inventors: Sebastian Lekies, Jean-Baptiste Cid
  • Patent number: 11816233
    Abstract: An apparatus includes a CPU, a CPU boot ROM that stores a program to be executed by the CPU, a secure microcontroller that detects modification of the program, and a secure-microcontroller boot ROM that stores a recovery program for recovering the program in response to the secure microcontroller detecting modification of the program. The secure-microcontroller boot ROM is accessible from the secure microcontroller, and is not accessible from the CPU.
    Type: Grant
    Filed: October 6, 2021
    Date of Patent: November 14, 2023
    Assignee: CANON KABUSHIKI KAISHA
    Inventor: Hiroshi Yamamizu
  • Patent number: 11816213
    Abstract: Method and system for protecting an executing environment from malicious code elements, one exemplary method including compiling a set of trustworthy code elements, each code element being executable using an application. The method further includes determining whether the file contains an embedded code element. If the file contains an embedded element, the embedded code element can be authenticated based on the stored set of code elements, to determine whether the embedded code element is trustworthy. Access to the file can be enabled in response to an authentication result that the embedded code element is trustworthy.
    Type: Grant
    Filed: December 8, 2020
    Date of Patent: November 14, 2023
    Assignee: VOTIRO CYBERSEC LTD.
    Inventors: Aviv Grafi, Yehuda Neeman
  • Patent number: 11818148
    Abstract: A method including determining, by an infrastructure device, harmful patterns indicating characteristics of harmful traits included in affected data known to include harmful content, and clean patterns indicating characteristics of clean traits included in clean data known to be free of the harmful content; training, by the infrastructure device, a machine learning model to indicate presence of the harmful content based at least in part on utilizing the harmful patterns and the clean patterns; transmitting, by the infrastructure device to a user device, the harmful patterns, the clean patterns, and the machine learning model; and determining, by the user device, whether given data includes the harmful content based at least in part on utilizing the harmful patterns, the clean patterns, and the machine learning model. Various other aspects are contemplated.
    Type: Grant
    Filed: May 15, 2022
    Date of Patent: November 14, 2023
    Assignee: UAB 360 IT
    Inventors: Aleksandr {hacek over (S)}ev{hacek over (c)}enko, Mantas Briliauskas
  • Patent number: 11818503
    Abstract: A conference system with low standby power consumption includes a transmitter, an image data source, a receiver, and a display device. The transmitter includes a battery for providing power, at least one link port for accessing data, and a processor coupled to the battery and the at least one link port. The image data source is used for transmitting the image data to the transmitter. The receiver is linked to the transmitter for receiving the image data. The display device is linked to the receiver for displaying the image data. When the transmitter and the image data source are electrically coupled, the processor ceases to use the battery of the transmitter and controls the image data source for providing power to the transmitter. When the transmitter and the image data source are separated, the processor uses the battery of the transmitter for driving firmware of the transmitter.
    Type: Grant
    Filed: June 8, 2022
    Date of Patent: November 14, 2023
    Assignee: BenQ Corporation
    Inventors: Chia-Nan Shih, Chen-Chi Wu, Chin-Fu Chiang, Chuang-Wei Wu, Jung-Kun Tseng
  • Patent number: 11816074
    Abstract: Systems and methods for virtual image testing. An example method may comprise receiving, by a messaging application, an identifier of a file residing a file system. Configuring a file serving process to respond to content requests specifying the file. Transmitting, by the messaging application, a notification comprising a uniform resource locator derived from the file identifier.
    Type: Grant
    Filed: September 23, 2021
    Date of Patent: November 14, 2023
    Assignee: Red Hat, Inc.
    Inventors: Ilan Gersht, Arie Bregman
  • Patent number: 11811731
    Abstract: Techniques for packet classification for network routing are disclosed. In some embodiments, packet classification for network routing includes receiving packets associated with a new flow at a security controller from a network device, in which the network device performs packet forwarding; classifying the flow; and determining an action for the flow based on a policy (e.g., a security policy). In some embodiments, the network device is a Software Defined Network (SDN) network device (e.g., a packet forwarding device that supports the OpenFlow protocol or another protocol).
    Type: Grant
    Filed: June 14, 2022
    Date of Patent: November 7, 2023
    Assignee: Palo Alto Networks, Inc.
    Inventors: Nir Zuk, Marc Joseph Benoit
  • Patent number: 11811801
    Abstract: System, method, and software for detecting anomalies in data generated by microservices. In one embodiment, an anomaly detector collects performance metrics for a microservice deployed in a data center for an application. The anomaly detector transforms the performance metrics into a time-series structured dataset for the microservice, and feeds the structured dataset to a machine learning system to determine whether an anomaly exists in the structured dataset based on an anomaly detection model. The anomaly detector performs an anomaly classification with the machine learning system based on an anomaly classification model and the structured dataset when an anomaly is detected in the structured dataset, and performs an action based on the anomaly classification.
    Type: Grant
    Filed: August 21, 2020
    Date of Patent: November 7, 2023
    Assignee: Nokia Solutions and Networks Oy
    Inventors: Hyunseok Chang, Muralidharan Kodialam, T. V. Lakshman, Sarit Mukherjee
  • Patent number: 11810117
    Abstract: The disclosed computer-implemented method for protecting customer payment data against malware attacks on inline frame payment forms may include (i) detecting a payment form in a payment page on an online merchant website (e.g., by monitoring the website for a user entry of payment information during a customer transaction session or by analyzing, in hypertext markup language associated with an inline frame (iframe), a document object model (DOM)) to identify the payment form, (ii) identifying the iframe on the online merchant website, (iii) determining whether the iframe is associated with a trusted domain utilized for processing the payment information to complete the customer transaction session, and (iv) performing a security action that protects against a potential malware attack by preventing completion of the customer transaction upon determining that the iframe is unassociated with the trusted domain. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: July 21, 2021
    Date of Patent: November 7, 2023
    Assignee: GEN DIGITAL INC.
    Inventor: Bahaa Naamneh
  • Patent number: 11805149
    Abstract: A determination method includes determining an attack type of an attack code included in an attack request on the server, carrying out emulation of an attack by the attack code on the server in accordance with the determined attack type, and in a case of succeeding in an attack on the server as a result of the emulation, extracting a feature appearing in a response from the server, and examining whether a plurality of responses respectively corresponding to a plurality of requests to the server after the attack request each have the extracted feature, and in a case where at least any one of the plurality of responses has the extracted feature, determining that an attack by the attack code has succeeded, by a processor.
    Type: Grant
    Filed: April 15, 2019
    Date of Patent: October 31, 2023
    Assignee: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Yo Kanemoto, Kazufumi Aoki
  • Patent number: 11799881
    Abstract: A method for resisting spread of unwanted code and data without scanning incoming electronic files for unwanted code and data, the method comprising the steps, performed by a computer system, includes receiving, at the computer system, an incoming electronic file containing content data encoded and arranged in accordance with a predetermined file type corresponding to a set of rules, determining a purported predetermined file type of the incoming electronic file by analysing the encoded and arranged content data, the purported predetermined file type and the associated set of rules specifying allowable content data for the purported predetermined file type, parsing the content data by dividing the content data into separate parts in accordance with a predetermined data format identified by the associated set of rules corresponding to the purported predetermined file type and determining nonconforming data in the content data by identifying content data that does not conform to the purported predetermined file
    Type: Grant
    Filed: December 29, 2021
    Date of Patent: October 24, 2023
    Assignee: Glasswall (IP) Limited
    Inventor: Nicholas John Scales
  • Patent number: 11792175
    Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for a security system with dynamic insurance integration. In some implementations, a security token is generated in response to a user requesting a risk assessment. The security token is provided to a third-party server. A request from the third-party server for monitoring data collected by a security system associated with the user is received. Monitoring data is provided to the third-party server. An indication of the risk assessment from the third-party server is received.
    Type: Grant
    Filed: July 13, 2020
    Date of Patent: October 17, 2023
    Assignee: Alarm.com Incorporated
    Inventor: Stephen Nodder
  • Patent number: 11790090
    Abstract: In an illustrative embodiment, methods and systems for cybersecurity assessment of an organization's technology infrastructure include identifying features of the technology infrastructure and automatically generating a threat profile relevant to both the technology infrastructure and the organization's business (and/or business objectives), where the threat profile includes potential threat actors and threat scenarios applicable to the technology infrastructure. The methods and systems may include evaluating cybersecurity controls of the organization's technology infrastructure in light of the threat profile to identify and rate vulnerabilities within the technology infrastructure.
    Type: Grant
    Filed: March 19, 2021
    Date of Patent: October 17, 2023
    Assignee: Aon Global Operations SE Singapore Branch
    Inventors: Anthony R. Belfiore, Jr., Mani Dhesi, Adam Peckman, Joseph Martinez
  • Patent number: 11785019
    Abstract: A system and a method are disclosed for verifying a suspicious electronic communication. To this end, a secure communications service may detect an electronic communication comprising an identifier of a purported originator of the electronic communication and an identifier of an intended recipient, and determine that an attribute of the electronic communication corresponds to a suspicious attribute. Responsively, the service may intercept the electronic communication and storing the electronic communication in purgatory memory, so as to prevent the electronic communication from being populated in a private repository of the intended recipient, transmit a verification message, and receive a reply to the verification message that verifies the authenticity of the electronic communication.
    Type: Grant
    Filed: October 14, 2021
    Date of Patent: October 10, 2023
    Assignee: Material Security Inc.
    Inventors: Ryan M. Noon, Abhishek Agrawal, Christopher J. Park
  • Patent number: 11782713
    Abstract: A first set of instructions, which is provided access to a first address space, is scheduled for execution at a first hardware thread of a processor. Prior to executing an instruction of a second set of instructions, which accesses a second address space, at the first hardware thread, a determination is made that the second address space is accessible from a second hardware thread of the processor.
    Type: Grant
    Filed: August 27, 2019
    Date of Patent: October 10, 2023
    Assignee: Amazon Technologies, Inc.
    Inventors: Amit Shah, Jan Hendrik Schoenherr, Karimallah Ahmed Mohammed Raslan, Marius Hillenbrand, Filippo Sironi
  • Patent number: 11777989
    Abstract: Systems, methods, and computer-readable media are disclosed for systems and methods for automated deployment of decoy production networks. Example methods may include detecting, by one or more computer processors coupled to memory, an unauthorized user in a production network environment, determining a computer-executable payload associated with the unauthorized user, and initiating a first virtual decoy production network environment. Methods may include causing the computer-executable payload to be executed in the first virtual decoy production network environment, and recording telemetry data associated with execution of the computer-executable payload in the first virtual decoy production network environment.
    Type: Grant
    Filed: May 1, 2023
    Date of Patent: October 3, 2023
    Assignee: Raymond James Financial, Inc.
    Inventors: Al-Nath Tuting, Anthony Latteri, Benjamin Michael Weber, Michael Dylan McKinley
  • Patent number: 11777948
    Abstract: Systems and methods of identifying over-privileged access in a computing system are disclosed. The method includes receiving configuration information for the computing system, selecting an identity that can access the computing system and determining access privileges for the selected identity using at least the received configuration information, the access privileges identifying one or more computing resource or service accessible to the selected identity, determining at least one role assumable by the identified one or more computing resource or service accessible to the selected identity, and determining whether the identified one or more computing resource or service accessible to the selected identity can elevate its privileges. In a case where it is determined that the identified one or more computing resource or service accessible to the selected identity can elevate its privileges, the method provides notification that the identity has over-privileged access to the computing system.
    Type: Grant
    Filed: February 24, 2021
    Date of Patent: October 3, 2023
    Assignee: CLOUD SECURE LABS LLC
    Inventors: Anuraag Agarwwal, Irwin Emmanuel Dathala
  • Patent number: 11768943
    Abstract: The present description concerns a method of starting a first application configured to be implemented by at least one low-level operating system of a secure element, including the verification of at least a first piece of information updated after each operation of resetting of the secure element, the first piece of information being associated with the at least one low-level operating system.
    Type: Grant
    Filed: December 1, 2021
    Date of Patent: September 26, 2023
    Assignee: Proton World International N.V.
    Inventor: Olivier Van Nieuwenhuyze
  • Patent number: 11770388
    Abstract: Network infrastructure can be automatically detected. A network sensor detects a new network message. A source-address of the new network message is extracted. A plurality of addresses are assembled based on the source-address. These are recursed, using each of the unique similar-addresses as current addresses. Metadata is assembled for each of the addresses in the plurality of addresses. For each particular address in the plurality of addresses, a risk-label is assigned out of a plurality of possible risk-labels, by weighing a plurality of factors; and performing a network security action with the risk-label.
    Type: Grant
    Filed: December 9, 2019
    Date of Patent: September 26, 2023
    Assignee: Target Brands, Inc.
    Inventors: Breanna Laconic, Alex Foster
  • Patent number: 11763132
    Abstract: Detecting sequences of computer-executed operations, including training a BLSTM to determine forward and backward probabilities of encountering each computer-executed operations within a training set of consecutive computer-executed operations in forward and backward execution directions of the operations, and identifying reference sequences of operations within the training set where for each given one of the sequences the forward probability of encountering a first computer-executed operation in the given sequence is below a predefined lower threshold, the forward probability of encountering a last computer-executed operation in the given sequence is above a predefined upper threshold, the backward probability of encountering the last computer-executed operation in the given sequence is below the predefined lower threshold, and the backward probability of encountering the first computer-executed operation in the given sequence is above the predefined upper threshold, and where the predefined lower threshold
    Type: Grant
    Filed: June 11, 2019
    Date of Patent: September 19, 2023
    Assignee: International Business Machines Corporation
    Inventors: Guy Lev, Boris Rozenberg, Yehoshua Sagron
  • Patent number: 11755609
    Abstract: Methods, apparatus, and processor-readable storage media for automatically detecting data offloading methods using data bucketing and machine learning techniques are provided herein. An example computer-implemented method includes obtaining operations data and configuration data for one or more storage objects in a database; determining one or more times at which data offloading is to be carried out for at least one of the storage objects in the database, wherein determining the one or more times includes processing at least a portion of the operations data using one or more machine learning techniques; generating at least one data offloading protocol, comprising one or more data offloading methods, by processing at least a portion of the configuration data; and automatically executing, in accordance with the one or more determined times, the at least one generated data offloading protocol for at least a portion of the one or more storage objects in the database.
    Type: Grant
    Filed: April 20, 2021
    Date of Patent: September 12, 2023
    Assignee: Dell Products L.P.
    Inventors: Akanksha Goel, Selvaraj Subbaian, Debashish Sahu, Rajeshkanna Murugesan
  • Patent number: 11755740
    Abstract: An information handling system may include a processor, a basic input/output system (BIOS) communicatively coupled to the processor, and a security agent comprising a program of instructions embodied in non-transitory computer-readable media and configured to, when read and executed by the processor: retrieve a BIOS policy, retrieve BIOS configuration information, based on the BIOS policy and the BIOS configuration information, determine a deviation of one or more BIOS attributes of the BIOS configuration information, and perform remediation of the one or more BIOS attributes based on the deviation.
    Type: Grant
    Filed: August 2, 2021
    Date of Patent: September 12, 2023
    Assignee: Dell Products L.P.
    Inventors: Andy Yiu, Qin Ye
  • Patent number: 11750663
    Abstract: Techniques and mechanisms are disclosed enabling efficient collection of forensic data from client devices, also referred to herein as endpoint devices, of a networked computer system. Embodiments described herein further enable correlating forensic data with other types of non-forensic data from other data sources. A network security application described herein further enables generating various dashboards, visualizations, and other interfaces for managing forensic data collection, and displaying information related to collected forensic data and information related to identified correlations between items of forensic data and other items of non-forensic data.
    Type: Grant
    Filed: July 9, 2021
    Date of Patent: September 5, 2023
    Assignee: Splunk Inc.
    Inventor: Brian Luger
  • Patent number: 11750651
    Abstract: Techniques for using honeypots to lure attackers and gather data about attackers and attack patterns on Infrastructure-as-a-Service (IaaS) instances. The gathered data may then be analyzed and used to proactively prevent such attacks.
    Type: Grant
    Filed: September 1, 2020
    Date of Patent: September 5, 2023
    Assignee: Oracle International Corporation
    Inventors: Christopher James Ries, Nikkolas Anthony Lavorato, Kevin Raymond, Jr., Philip Nathan Andrews, III, Christa Agnes Johnson Scura
  • Patent number: 11743285
    Abstract: Techniques and mechanisms are disclosed enabling efficient collection of forensic data from client devices, also referred to herein as endpoint devices, of a networked computer system. Embodiments described herein further enable correlating forensic data with other types of non-forensic data from other data sources. A network security application described herein further enables generating various dashboards, visualizations, and other interfaces for managing forensic data collection, and displaying information related to collected forensic data and information related to identified correlations between items of forensic data and other items of non-forensic data.
    Type: Grant
    Filed: July 31, 2019
    Date of Patent: August 29, 2023
    Assignee: Splunk Inc.
    Inventor: Brian Luger
  • Patent number: 11743194
    Abstract: A system is provided for delivering network services. The system receives an inventory of network assets and a scope of available network services. For each asset of at least a subset of the assets, the system selects importance-related ranking attributes and scannability-related ranking attributes from the available service characteristics of the asset. Based on the importance-related ranking attributes, the system determines an importance of the asset. Based on the scannability-related ranking attributes or the or a scope of available network services, the system determines a scannability of the asset. Based on the importance and scannability of the asset, the system determines a priority of the asset. Based on the priorities of the assets, the system determines a prioritized asset inventory.
    Type: Grant
    Filed: February 1, 2022
    Date of Patent: August 29, 2023
    Assignee: Bit Discovery Inc.
    Inventors: Robert Stephen Hansen, Jeremiah Jacob Grossman
  • Patent number: 11736517
    Abstract: A distributed data storage system can consist an attack module connected to distributed data storage system that has at least one host connected to a first data storage device and a second data storage device via a network controller. A susceptibility to a third-party attack in the distributed data storage system may be identified with the attack module, which prompts the generation of an attack counter strategy with the attack module. The attack counter strategy can have at least one proactive action directed at preventing a future third-party attack on the detected susceptibility that is executed prior to a third-party attack to temporarily randomize execution timing of a data access operation of the distributed data storage system.
    Type: Grant
    Filed: February 10, 2020
    Date of Patent: August 22, 2023
    Assignee: SEAGATE TECHNOLOGY LLC
    Inventor: Michael H. Miller
  • Patent number: 11727114
    Abstract: Computer-implemented methods and systems are provided for the detection of software presence remotely through the web browser by detecting the presence of webinjects in a web browser that visits a detection webpage. The methods can include delivering a detection webpage to a web browser, in which the detection webpage has detection code configured to detect a presence of the webinject in the detection webpage; and inspecting, by the detection code, rendering of content of the detection webpage in the browser to detect webinject content in the detection webpage by the webinject, the webinject content including one or more Hypertext Markup Language (HTML) components. The method can further include, if webinject content is detected, generating a fingerprint for each of the one or more HTML components; transmitting the one or more fingerprints to an external server; and classifying, by the external server, the webinject based on the one or more fingerprints.
    Type: Grant
    Filed: August 13, 2021
    Date of Patent: August 15, 2023
    Assignee: BitSight Technologies, Inc.
    Inventor: Tiago Bagulho Monteiro Pereira
  • Patent number: 11727031
    Abstract: Systems and methods for formatting data are disclosed. For example, a system may include at least one memory storing instructions and one or more processors configured to execute the instructions to perform operations. The operations may include receiving data comprising a plurality of sequences of data values and training a recurrent neural network model to output conditional probabilities of subsequent data values based on preceding data values in the data value sequences. The operations may include generating conditional probabilities using the trained recurrent neural network model and the received data. The operations may include determining a data format of a subset of the data value sequences, based on the generated conditional probabilities, and reformatting at least one of the data value sequences according to the determined data format.
    Type: Grant
    Filed: June 6, 2022
    Date of Patent: August 15, 2023
    Assignee: Capitai One Services, LLC
    Inventors: Anh Truong, Reza Farivar, Austin Walters, Jeremy Goodsitt
  • Patent number: 11714905
    Abstract: In general, in one aspect, a method for machine learning recognition of portable executable files as malware includes providing training data comprising features of portable executable files and a descriptive information for the portable executable files, the descriptive information comprising a family or type of malware. The method may include training a model using the training data to detect malware. The method may include using the trained model to recognize malware by providing features of a portable executable file as input and providing a threat score and descriptive information as output.
    Type: Grant
    Filed: May 8, 2020
    Date of Patent: August 1, 2023
    Assignee: Sophos Limited
    Inventors: Felipe Nicolás Ducau, Konstantin Berlin
  • Patent number: 11709943
    Abstract: A security assessment scheduling tool uses a configuration file that is configurable via a user interface, to specify one or more elements of an application to be analyzed during the scoping process. Further, the security assessment scheduling tool may automatically schedule assessments for large numbers of applications using one or more constraining optimization techniques and/or via modeling the scheduling problem as an RCPSP problem. The security assessment scheduling tool processes the RCPSP problem for a defined period of time and then schedules remaining unscheduled applications within a specified time period thereby allowing the security assessment scheduling tool to schedule assessments of tens of thousands of applications.
    Type: Grant
    Filed: August 11, 2020
    Date of Patent: July 25, 2023
    Assignee: Bank of America Corporation
    Inventors: Steven Tokarz, Steven George
  • Patent number: 11711380
    Abstract: Disclosed herein are systems and methods for parallel malware scanning in a cloud environment. In one exemplary aspect, a method may comprise identifying a plurality of agents connected to a server, wherein each agent is configured to synchronize data between a different computing device and the server. The method may comprise receiving, from a first agent of the plurality of agents, a request to scan the synchronized data for malware. In response to determining, from the plurality of agents, at least one other agent that comprises the synchronized data, the method may comprise partitioning the synchronized data into a plurality of portions. The method may comprise assigning a first portion for scanning to the first agent and at least one other portion for scanning to the at least one other agent, and aggregating scan results from the first agent and the at least one other agent.
    Type: Grant
    Filed: October 1, 2020
    Date of Patent: July 25, 2023
    Assignee: Acronis International GmbH
    Inventors: Iliya Sotirov, Serguei Beloussov, Stanislav Protasov
  • Patent number: 11711393
    Abstract: A method may include obtaining a request to unblock a predetermined website in a network and that is associated with a predetermined list. The predetermined list may be used to determine whether a respective user device among various user devices can access one or more websites. The method may further include determining an impact level of the predetermined website for an organization using a machine-learning algorithm and website gateway data. The method may further include determining a probability of a security breach using the machine-learning algorithm and threat data. The method may further include determining whether to unblock the predetermined website based on the impact level and the probability of a security breach. The method may further include transmitting, in response to determining that the predetermined website should be unblocked, a command that modifies the predetermined list to enable the respective user device to access the predetermined website.
    Type: Grant
    Filed: October 19, 2020
    Date of Patent: July 25, 2023
    Assignee: SAUDI ARABIAN OIL COMPANY
    Inventors: Ibrahim Uthman Assiry, Sultan Saadaldean Alsharif, John A. Gwilliams, Nada Essa Alnoaimi
  • Patent number: 11701976
    Abstract: An authentication between a wireless charger and a device configured to receive wireless energy from the wireless charger includes establishing a wireless data channel between the wireless charger and the device. An authentication challenge signal is driven onto a transmit charging coil of the wireless charger and a receive charging coil of the device is configured to receive the authentication challenge signal. The device sends an authentication response signal to the wireless charger based at least in part on the authentication challenge signal.
    Type: Grant
    Filed: December 15, 2017
    Date of Patent: July 18, 2023
    Assignee: WiBotic Inc.
    Inventor: Benjamin Waters
  • Patent number: 11704405
    Abstract: This disclosure provides techniques for pooling and searching network security events reported by multiple sources. As information representing a security event is received from one source, it is searched against a central or distributed database representing events reported from multiple, diverse sources (e.g., different client networks). Either the search or correlated results can be filtered and/or routed according at least one characteristic associated with the networks, for example, to limit correlation to events reported by what are presumed to be similarly situated networks. The disclosed techniques facilitate faster identification of high-relevancy security event information, and thereby help facilitate faster threat identification and mitigation. Various techniques can be implemented as standalone software (e.g., for use by a private network) or for a central pooling and/or query service. This disclosure also provides different examples of actions that can be taken in response to search results.
    Type: Grant
    Filed: December 1, 2021
    Date of Patent: July 18, 2023
    Assignee: ServiceNow, Inc.
    Inventors: Richard Reybok, Andreas Seip Haugsnes, Kurt Joseph Zettel, II, Jeffrey Rhines, Henry Geddes, Volodymyr Osypov, Scott Lewis, Sean Brady, Mark Manning
  • Patent number: 11700275
    Abstract: A method comprises receiving, at a network infrastructure device, a flow of packets, determining, using the network infrastructure device and for a first subset of the packets, that the first subset corresponds to a first datagram and determining a first length of the first datagram, determining, using the network infrastructure device and for a second subset of the packets, that the second subset corresponds to a second datagram that was received after the first datagram, and determining a second length of the second datagram, determining, using the network infrastructure device, a duration value between a first arrival time of the first datagram and a second arrival time of the second datagram, sending, to a collector device that is separate from the network infrastructure device, the first length, the second length, and the duration value for analysis.
    Type: Grant
    Filed: June 28, 2021
    Date of Patent: July 11, 2023
    Assignee: Cisco Technology, Inc.
    Inventors: David McGrew, Andrew Zawadowskiy, Donovan O'Hara, Saravanan Radhakrishnan, Tomas Pevny, Daniel G. Wing
  • Patent number: 11694770
    Abstract: Volatile organic compounds classification by receiving test data associated with detecting volatile organic compounds (VOCs), analyzing the test data according to a set of data features associated with known VOCs, determining a match between each feature of the test data and a corresponding feature of the set of data features, yielding a set of matches, defining a first degree of anomaly for the test data according to the set of matches, and classifying the test data according to the first degree of anomaly.
    Type: Grant
    Filed: October 26, 2020
    Date of Patent: July 4, 2023
    Assignee: International Business Machines Corporation
    Inventors: Vito Paolo Pastore, Simone Bianco, Nimrod Megiddo, Andrea Fasoli, Aminat Adebiyi, Mohammed Abdi, Alberto Mannari, Luisa Dominica Bozano
  • Patent number: 11695822
    Abstract: System and methods are provided for implementing a Unified Integration Pattern (UIP) protocol for centralized handling of data feeds between client systems. In embodiments, a method includes: receiving an authentication Application Program Interface (API) message and data file transfer request for a data transfer event from a sending client system in a network of distinct client systems; authenticating the sending client system based on the authentication API message; uploading a data file from the sending client system based on the authenticating; receiving a notification API message from the sending client system indicating that that uploading of the data file to the computer system is complete; sending the data file to a receiving client system in the network of distinct client systems based on API message and data file request and the notification API message; and sending a notification message to the sending client system regarding the data transfer event.
    Type: Grant
    Filed: July 16, 2021
    Date of Patent: July 4, 2023
    Assignee: ADP, Inc.
    Inventors: Bryant Kwon, Joseph E Dela-Cruz, Younik Lee
  • Patent number: 11693961
    Abstract: Methods and apparatus consistent with the present disclosure may be used after a computer network has been successfully attacked by new malicious program code. Such methods may include collecting data from computers that have been affected by the new malicious program code and this data may be used to identify a type of damage performed by the new malicious code. The collected data may also include a copy of the new malicious program code. Methods consistent with the present disclosure may also include allowing the new malicious program code to execute at an isolated computer while actions and instructions that cause the damage are identified. Signatures may be generated from the identified instructions after which the signatures or data that describes the damaging actions are provided to computing resources such that those resources can detect the new malware program code.
    Type: Grant
    Filed: December 3, 2020
    Date of Patent: July 4, 2023
    Assignee: SonicWall Inc.
    Inventors: Zhuangzhi Duo, Atul Dhablania
  • Patent number: 11683337
    Abstract: The system inhibits malware, which has infected user equipment (UE), from establishing a communication channel between to the UE and a malware command and control (C2) website. A malware threat detector detects traffic generated by user equipment generated by malware. The system extracts the logs of these detections and processes the packet capture and extracts the fully qualified domain name (FQDN). The FQDN is then transmitted to a malware information sharing platform and added to the domain name system response policy zone (DNS RPZ). The DNS RPZ can block subsequent access to the malware C2 website due to the inclusion of the FQDN on the DNS RPZ.
    Type: Grant
    Filed: June 11, 2020
    Date of Patent: June 20, 2023
    Assignee: T-Mobile USA, Inc.
    Inventor: David Killion
  • Patent number: 11675901
    Abstract: There is disclosed in one example a computing apparatus, including: a hardware platform including a processor and a memory; and instructions encoded within the memory to instruct the processor to: receive a client event report, the client event report including an operating system event trace for an attempt to exploit a patched vulnerability, and first feature data for a malware object that made the attempt; receive second feature data for an unknown object; compare the first feature data to the second feature data; and if the second feature data match the first feature data above a threshold, convict the unknown object as malware.
    Type: Grant
    Filed: December 22, 2020
    Date of Patent: June 13, 2023
    Assignee: McAfee, LLC
    Inventors: Amit Kumar, Prashanth Palasamudram Ramagopal, German Lancioni
  • Patent number: 11671477
    Abstract: A firewall may identify a uniform resource locator (URL) being transmitted to a user device, the URL link pointing to a host system. The firewall can then modify the URL link to point instead to a sandbox system. Once a user at the user device selects the URL link (e.g., by clicking or touching it in a browser), the firewall receives the user device's HTTP request and directs it to the sandbox system, which generates a new HTTP request that is then sent through the firewall to the host system. The host system then sends host content to the sandbox system instead of to the user device. The user device may then be presented with a representation of the host content as rendered at the sandbox system (e.g., through a remote desktop interface).
    Type: Grant
    Filed: April 12, 2022
    Date of Patent: June 6, 2023
    Assignee: SONICWALL INC.
    Inventor: Hugo Vazquez Carames
  • Patent number: 11665193
    Abstract: A plant management method includes: acquiring correlation information indicating a correlation between a component subjected to a cyberattack and a component to be possibly affected by the cyberattack when a plant including a plurality of components is subjected to the cyberattack; and zoning the plurality of components on the basis of the correlation information.
    Type: Grant
    Filed: March 31, 2022
    Date of Patent: May 30, 2023
    Assignee: CHIYODA CORPORATION
    Inventors: Shizuka Ikawa, Takehito Yasui, Kazuya Furuichi, Yuki Hamada
  • Patent number: 11665165
    Abstract: An object of this invention is to obtain a whitelist generator with which the accuracy of data relating to the specifications of normal communication serving as an automatic generation source can be guaranteed, whereby the accuracy of a generated whitelist can be guaranteed over an entire whitelist generation flow. The whitelist generator is applied to a system formed from a plurality of devices, the plurality of devices being configured to exchange data with each other, in order to generate a whitelist used for whitelisting intrusion detection, and includes a model verification unit that verifies, on the basis of an input model, at least one of whether or not normal communication in the system has been modeled correctly and whether or not the model is logically consistent, and a model conversion unit that converts the verified model into a whitelist.
    Type: Grant
    Filed: January 23, 2017
    Date of Patent: May 30, 2023
    Assignee: Mitsubishi Electric Corporation
    Inventors: Koichi Shimizu, Teruyoshi Yamaguchi, Tsunato Nakai, Takeshi Ueda, Nobuhiro Kobayashi, Benoit Boyer
  • Patent number: 11652832
    Abstract: Disclosed are various approaches for automating the detection and identification of anomalous devices in a management service. Device check-ins are received by a management service and housed in a data store. The quantity of device check-ins over various time periods can be analyzed using various approaches to identify anomalous devices.
    Type: Grant
    Filed: July 1, 2020
    Date of Patent: May 16, 2023
    Assignee: VMware, Inc.
    Inventors: Kar-Fai Tse, Chaoting Xuan, Ravish Chawla, Erich Stuntebeck, Stephen Jonathan Parry-Barwick