Monitoring Or Scanning Of Software Or Data Including Attack Prevention Patents (Class 726/22)
  • Patent number: 11411974
    Abstract: The implementations described herein provide a tool for identifying security issues and applying security policies to the service(s) and/or microservices. Rather than a user (such as an administrator) reactively diagnosing security incidents, the systems and methods described herein may provide a tool by which the user can proactively monitor the use of the services and microservices for security issues and control the user of such microservices and services via policies. The systems and methods allow API granular policy control to determine which APIs may be granted or denies access based on a variety of criteria, such as but not limited to the source of the request, the specific API being called, temporal conditions, geography and so forth. The user can identify security concerns or issues on a per API basis.
    Type: Grant
    Filed: May 17, 2019
    Date of Patent: August 9, 2022
    Assignee: Citrix Systems, Inc.
    Inventor: Chiradeep Vittal
  • Patent number: 11409869
    Abstract: Aspects of the present disclosure relate to threat detection of executable files. A plurality of static data points may be extracted from an executable file without decrypting or unpacking the executable file. The executable file may then be analyzed without decrypting or unpacking the executable file. Analysis of the executable file may comprise applying a classifier to the plurality of extracted static data points. The classifier may be trained from data comprising known malicious executable files, known benign executable files and known unwanted executable files. Based upon analysis of the executable file, a determination can be made as to whether the executable file is harmful.
    Type: Grant
    Filed: February 14, 2020
    Date of Patent: August 9, 2022
    Assignee: Webroot Inc.
    Inventors: Mauritius Schmidtler, Gaurav Dalal, Reza Yoosoofmiya
  • Patent number: 11409635
    Abstract: A computer system includes an operating system, a memory coupled to the operating system, and a processor (e.g., an anti-debug processor) coupled to the operating system. The operating system receives, from a debug process, a request to create an essential debug object for attachment to a target process. The anti-debug processor scans a kernel memory of the operating system for the essential debug object and verifies a presence of the essential debug object in the kernel memory, and scans the kernel memory to identify a process that has stored in the kernel memory the essential debug object. The anti-debug processor then halts the debug process, without using an internal interface or function of the operating system, thereby preventing the debug process from attaching to the target process.
    Type: Grant
    Filed: August 23, 2019
    Date of Patent: August 9, 2022
    Assignee: Raytheon Company
    Inventor: Daniel S. Rose
  • Patent number: 11409631
    Abstract: The invention makes it possible to reuse a verification script without manually modifying the internal parameters of the verification script. A verification automation apparatus 1 adapts a verification script to a system that is to be verified. The verification automation apparatus 1 includes: a verification script acquisition unit 101 that acquires a verification script that includes an execution script for verification work and execution enabling requirements for executing the execution script; a verification configuration search unit 104 that searches the system to be verified, for configurations for which the execution script is executable, using environment information regarding the system to be verified, and the execution enabling requirements; and an execution script materializing unit 105 that materializes the execution script based on the configuration that has been found through the search, so as to be executable in the system to be verified.
    Type: Grant
    Filed: June 27, 2019
    Date of Patent: August 9, 2022
    Assignee: NEC CORPORATION
    Inventor: Tatsuya Fukuda
  • Patent number: 11411918
    Abstract: Web server security is assessed. Some embodiments analyze data exchanged with a web server to determine a risk associated with accessing the web server. For example, one or more of a type of web application accessed via the web server, a type of interpreted language used to implement the web server, and/or a type and/or version of an http server operable on the web server are examined. Based on the analysis, the risk associated with accessing the web server is determined. Some embodiments then block access to the web server based on the analysis. Alternatively, in some embodiments, a user may be alerted to the risk, and then allowed to proceed upon accepting the risks. Some embodiments share the determined risk assessment with other client devices via a web server risk data store.
    Type: Grant
    Filed: May 26, 2020
    Date of Patent: August 9, 2022
    Assignee: Microsoft Technology Licensing, LLC
    Inventor: Danut Antoche Albisor
  • Patent number: 11403152
    Abstract: Embodiments of the disclosure provide a method and system for task orchestration. A method may include: providing, by a task master control unit, an execution instruction of a task related to a module in an application container to a node agent service unit in an auxiliary application container bound to the application container, the auxiliary application container sharing a file system with the application container; and executing, by the node agent service unit, a command for completing the task, in response to acquiring the execution instruction of the task.
    Type: Grant
    Filed: September 5, 2019
    Date of Patent: August 2, 2022
    Assignee: Beijing Baidu Netcom Science and Technology Co., Ltd.
    Inventor: Haodong Chen
  • Patent number: 11405217
    Abstract: The present application relates to ensuring data consistency between a modular device and an external system. Techniques are described for ensuring data consistency between devices at a control device using configuration signatures. A control device can receive and store a baseline configuration signature for a first modular device. Upon initialization of the first modular device, the control device can receive a current configuration signature from the first modular device. The control device can compare the current configuration signature with the baseline configuration signature and, if a mismatch is found, generate a notification indicating that data subsequently received from the first modular device is of uncertain integrity.
    Type: Grant
    Filed: July 2, 2020
    Date of Patent: August 2, 2022
    Assignee: Schneider Electric USA, Inc.
    Inventors: Kevin M. Jefferies, Daniel Martin, Surya Narayana H Govindaraju, Juergen Fiess, Christian Ringwald, Wolfgang Fien
  • Patent number: 11397813
    Abstract: Disclosed is a method and system for verifying a regex group. The method comprises verifying of a regex group by creating a flow id through a processor for the regex group when source reaches the sink. The flow id is used for tracking the flow of the regex group. The processor checks in case the flow id is a previously tested flow id. When the flow id is not the previously tested flow id, the processor passes one or more run tasks through a processor forming a queue. The processor tests for one or more vulnerabilities to be associated with the regex group based on the passing, wherein the testing is used to qualify the regex group as a valid regex group.
    Type: Grant
    Filed: May 8, 2020
    Date of Patent: July 26, 2022
    Assignee: HCL TECHNOLOGIES LIMITED
    Inventors: Jonathan Afek, Gal Ben-Yair
  • Patent number: 11399045
    Abstract: A network-accessible service such as a web site may authenticate users through a login process. In order to detect possibly fraudulent login events, the service may implement a framework based on recorded login events. For example, attributes of multiple recorded login events may be analyzed to create a framework that can be applied to attributes of newly received login requests to predict whether the newly received login requests are fraudulent. The framework may comprise criteria, algorithms, rules, models, and/or techniques, and may be constructed using various means such as pattern recognition, machine learning, and/or cluster analysis.
    Type: Grant
    Filed: April 10, 2020
    Date of Patent: July 26, 2022
    Assignee: T-Mobile USA, Inc.
    Inventors: James Alexander Latham, Zoltan Homorodi, Michael Engan
  • Patent number: 11392695
    Abstract: There is disclosed in one example a computer-implemented anti-ransomware method, including: selecting a file for inspection; assigning the file to a type class according to a file type identifier; receiving an expected byte correlation for the type class; computing, according to a byte distribution of the file, a byte correlation for the file; comparing, via statistical analysis, the byte correlation to the expected byte correlation; and determining that the file has been compromised, including determining that the file has a byte correlation that deviates from the expected byte correlation by more than a threshold, taking a ransomware remediation action for the file.
    Type: Grant
    Filed: October 5, 2020
    Date of Patent: July 19, 2022
    Assignee: McAfee, LLC
    Inventors: Kunal Mehta, Sherin Mary Mathews, Carl D. Woodward, Celeste R. Fralick, Jonathan B. King
  • Patent number: 11394808
    Abstract: A computer-implemented method to determine which port in a container is a service port. The method includes identifying, a first container, wherein the first container comprises a plurality of ports. The method further includes, training a neural network, wherein the neural network is configured to identify at least one service port from the plurality of ports. The method further includes, monitoring, by a network monitor, a set of data sent to the first container comprising a first parameter. The method includes, identifying a first service port of the plurality of ports. The method further includes, marking the first service port.
    Type: Grant
    Filed: August 3, 2020
    Date of Patent: July 19, 2022
    Assignee: KYNDRYL, INC.
    Inventors: Seng Chai Gan, Shikhar Kwatra, Michael Treadway, John David Mandra
  • Patent number: 11392723
    Abstract: Computer-implemented threat detection method and systems are provided. The method comprises discovering threat data associated with a first entity, translating the threat data to one or more threat models, translating the one or more threat models, using a threat model parameter generator, to at least a parameter threat model and translating the parameter threat model to one or more identification queries. The one or more identification queries may be executed and the generated results may be translated to result data in a first format. The one or more result data models may be published from the result data in one or more formats or to one or more locations.
    Type: Grant
    Filed: May 20, 2020
    Date of Patent: July 19, 2022
    Assignee: Cyber Team Six
    Inventors: Jason Britt, Patrick A. Westerhaus
  • Patent number: 11388193
    Abstract: Described systems and methods enable a swift and efficient detection of fraudulent Internet domains, i.e., domains used to host or distribute fraudulent electronic documents such as fraudulent webpages and electronic messages. Some embodiments use a reverse IP analysis to select a set of fraud candidates from among a set of domains hosted at the same IP address as a known fraudulent domain. The candidate set is further filtered according to domain registration data. Online content hosted at each filtered candidate domain is further analyzed to identify truly fraudulent domains. A security module may then prevent users from accessing a content of such domains.
    Type: Grant
    Filed: December 27, 2018
    Date of Patent: July 12, 2022
    Assignee: Bitdefender IPR Management Ltd.
    Inventor: Alin O. Damian
  • Patent number: 11386349
    Abstract: In one embodiment, a system is configured to identify, based on predetermined criteria, a first set of users of an online system who belong to a population segment. The system may monitor activities performed by the first set of users on the online system over a predetermined period of time and store the monitored activities as time-series data. A feature set associated with the first set of users may be generated by transforming the time-series data into a frequency domain. The system may train a machine-learning model using the feature set and other feature sets to determine whether activities associated with a given set of users exhibit diurnal behavior pattern. Using the trained machine-learning model, the system may determine whether activities performed by a second set of users on the online system exhibit diurnal behavior pattern.
    Type: Grant
    Filed: May 16, 2017
    Date of Patent: July 12, 2022
    Assignee: Meta Platforms, Inc.
    Inventors: Nedyalko Prisadnikov, Hüseyin Kerem Cevahir
  • Patent number: 11386180
    Abstract: Methods, systems, and apparatus for resource locator remarketing are presented. In one aspect, a method includes receiving visitation data from a publisher, the visitation data specifying a device identifier and a resource locator specifying a resource that was provided to a user device; identifying a content feed that includes regular expressions, each regular expression specifying matching character strings and a set of content items that are eligible to be provided to user devices corresponding to visitation data including a resource locator matching one of the regular expressions; identifying, a first matching regular expression that matches the resource locator specified by the visitation data; selecting a content item from the content items that correspond to the first matching regular expression; and providing data that causes presentation of the selected content item to the user device.
    Type: Grant
    Filed: December 7, 2020
    Date of Patent: July 12, 2022
    Assignee: Google LLC
    Inventors: Jyotsna Vaideeswaran, Kamal Tiwari, Jayavel Shanmugasundaram, Hongjie Bai
  • Patent number: 11388196
    Abstract: A method for analyzing relationships between clusters of devices includes selecting a first device from a first cluster of devices and selecting a second device from a second cluster of devices. Information related to a first communication link associated with the first device and information related to a second communication link associated with the second device is obtained. A similarity metric is computed based on the obtained information. The similarity metric represents a similarity between the first communication link and the second communication link associated with the second device. A relationship between the first and second clusters is determined using the computed similarity metric. When a cyberattack is detected on the devices in the first cluster or the second cluster, protection of all devices in the first cluster and the second cluster is modified based on the determined relationship in order to defend the respective clusters from the cyberattack.
    Type: Grant
    Filed: June 1, 2020
    Date of Patent: July 12, 2022
    Assignee: AO Kaspersky Lab
    Inventors: Dmitry G. Ivanov, Andrey V. Ladikov, Pavel V. Filonov
  • Patent number: 11388176
    Abstract: The present disclosure relates to methods and apparatus that collect data regarding malware threats, that organizes this collected malware threat data, and that provides this data to computers or people such that damage associated with these software threats can be quantified and reduced. The present disclosure is also directed to preventing the spread of malware before that malware can damage computers or steal computer data. Methods consistent with the present disclosure may optimize tests performed at different levels of a multi-level threat detection and prevention system. As such, methods consistent with the present disclosure may collect data from various sources that may include endpoint computing devices, firewalls/gateways, or isolated (e.g. “sandbox”) computers. Once this information is collected, it may then be organized, displayed, and analyzed in ways that were not previously possible.
    Type: Grant
    Filed: April 30, 2020
    Date of Patent: July 12, 2022
    Assignee: SONICWALL INC.
    Inventors: F. William Conner, MinhDung Joe NguyenLe, Atul Dhablania, Richard Chio, Justin Jose, Lalith Kumar Dampanaboina
  • Patent number: 11386201
    Abstract: A bus control device is enabled for placement between an input port to which a suspect device would be connected and the bus. In this manner, all message received from the suspect device, such an infotainment system, must pass through the bus control device. A separate intrusion detection device is coupled to the bus. The bus control device is arranged to output a notification message to the intrusion detection device, the notification message comprising information about the received message. The intrusion detection device is arranged to determine the validity of the received message responsive to the received notification message.
    Type: Grant
    Filed: August 6, 2017
    Date of Patent: July 12, 2022
    Assignee: C2A-SEC, Ltd.
    Inventor: Shlomo Oberman
  • Patent number: 11381578
    Abstract: A system and method are disclosed for network-based file analysis for malware detection. Network content is received from a network tap. A binary packet is identified in the network content. A binary file, including the binary packet, is extracted from the network content. It is determined whether the extracted binary file is detected to be malware.
    Type: Grant
    Filed: September 9, 2014
    Date of Patent: July 5, 2022
    Assignee: FireEye Security Holdings US LLC
    Inventors: Jayaraman Manni, Ashar Aziz, Fengmin Gong, Upendran Loganathan, Muhammad Amin
  • Patent number: 11381636
    Abstract: To address technical problems facing managing multiple sources of information from multiple vehicles, vehicular computing power may be exploited to process such information before sharing with others, which may help reduce network traffic overhead. A technical solution to improve this information processing over vehicular networks by using a hybrid Named Function Network (NFN) and Information Centric Network (ICN), such as in a hybrid NFN/ICN. An NFN may be used to orchestrate computations in a highly dynamic environment after decomposing the computations into a number of small functions. A function may include a digitally signed binary supplied by a car vendor or other trusted authority and executed within a controlled environment, such as a virtual machine, container, Java runtime-environment, or other controlled environment.
    Type: Grant
    Filed: June 28, 2019
    Date of Patent: July 5, 2022
    Assignee: Intel Corporation
    Inventors: S M Iftekharul Alam, Stepan Karpenko, Satish Chandra Jha, Yi Zhang, Kuilin Clark Chen, Kathiravetpillai Sivanesan, Gabriel Arrobo Vidal, Srikathyayani Srikanteswara, Hassnaa Moustafa, Eve M. Schooler, Sebastian Schoenberg, Venkatesan Nallampatti Ekambaram, Ravikumar Balakrishnan
  • Patent number: 11381594
    Abstract: A device includes a processor and a memory. The processor effectuates operations including monitoring enterprise network traffic associated with one or more user equipment (UE). The processor further effectuates operations including comparing the enterprise network traffic to a UE profile associated with each of the one or more UE. The processor further effectuates operations including determining whether the comparison indicates that a predetermined threshold has been exceeded. The processor further effectuates operations including in response to the indication that the predetermined threshold has been exceeded, generating an alert, wherein exceeding the predetermined threshold is indicative of a denial of service attack on an enterprise network or an attempt to remove enterprise data via the one or more UE.
    Type: Grant
    Filed: March 26, 2020
    Date of Patent: July 5, 2022
    Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.
    Inventors: Yaron Koral, Arun Jotshi, Ashwin Sridharan, Kartik Pandit
  • Patent number: 11381527
    Abstract: The present disclosure relates to information prompt methods and apparatus. One example method includes determining a first communication object from a target communication object set, obtaining first interaction information corresponding to the first communication object, receiving input information by using an information input interface of the first communication object, determining a matching degree between the input information and the first communication object based on the input information and the first interaction information, and performing prompt if the matching degree is less than a first threshold.
    Type: Grant
    Filed: February 23, 2017
    Date of Patent: July 5, 2022
    Assignee: Huawei Technologies Co., Ltd.
    Inventor: Xiaobo Yu
  • Patent number: 11381573
    Abstract: Implementations of this specification include identifying a plurality of transactions to be executed in the blockchain, wherein the transactions are arranged in an execution order, wherein the transactions include one or more smart contract calls to smart contracts each having a whitelist identifying one or more accounts that are authorized to execute the smart contract, and wherein the execution order includes a smart contract call to a smart contract that does not have a whitelist arranged after the plurality of transactions; identifying groups of transactions within the plurality of transactions; instructing nodes of the blockchain network to execute each of the groups of transactions in parallel; determining that the nodes of the blockchain network have completed executing all of the groups of transactions; and in response, instructing the nodes of the blockchain network to execute the smart contract call that does not include a whitelist.
    Type: Grant
    Filed: February 1, 2021
    Date of Patent: July 5, 2022
    Assignee: Advanced New Technologies Co., Ltd.
    Inventors: Ning Xia, Guilu Xie, Fuxi Deng
  • Patent number: 11374959
    Abstract: A system and method for identifying and circumventing a security scanner includes monitoring incoming traffic to a web application, identifying a portion of the incoming traffic as security scanner traffic by comparing the incoming traffic to a security scanner traffic profile, and circumventing the security scanner by providing dummy content or signaling the web application to provide dummy content. The security scanner traffic profile is created by receiving web application traffic generated by a plurality of security scanners; identifying web application traffic features common to at least a portion of the plurality of security scanners by modelling using artificial intelligence, machine learning, and the like; and generating the security scanner traffic profile based on the identified web application traffic features.
    Type: Grant
    Filed: November 26, 2018
    Date of Patent: June 28, 2022
    Assignee: International Business Machines Corporation
    Inventors: Jason M. Wicker, Travis Cornwell, Matthew Munse
  • Patent number: 11375043
    Abstract: A program management system includes: a terminal device having a terminal processing unit capable of executing processing to create a computer program, and a terminal communication unit capable of transmitting the computer program created by the terminal processing unit to an outside; and an external device having an external device storage unit storing therein the computer program transmitted from the terminal device, and an external device processing unit capable of executing processing to give approval to the computer program stored in the external device storage unit. The external device storage unit stores therein appropriateness of approval of the computer program as first status information together with the computer program. The external device processing unit is capable of executing processing to manage the computer program based on the first status information.
    Type: Grant
    Filed: March 4, 2020
    Date of Patent: June 28, 2022
    Assignee: CITIZEN WATCH CO., LTD.
    Inventors: Ryutaro Uemura, Daisuke Matsuoh
  • Patent number: 11374971
    Abstract: A system accesses information regarding a topology of an arrangement of resources, where one of the resources is a multi-tiered resource having a plurality of layers. Based on the information regarding the topology of the arrangement of resources, the system selects one or more layers of the multi-tiered resource for deployment of a deception server that has a reduced security mechanism to act as a decoy to attract attackers of the system. The system deploys the deception server at the selected one or more layers of the multi-tiered resource.
    Type: Grant
    Filed: June 21, 2019
    Date of Patent: June 28, 2022
    Assignee: MICRO FOCUS LLC
    Inventors: Pramod Kumar Ramachandra, Hemant Kumar Chikkappaiah Honnapura, Pramod Annachira Vitala
  • Patent number: 11372640
    Abstract: Methods, systems, and computer program products comprising computer readable instructions for generating efficiency metrics for knowledge workers. Data for symbol contributions of a knowledge worker is used for calculating Knowledge Discovery Efficiency (KEDE), which is a ratio between the symbol contributions of the knowledge worker for a time period indicated by a time aggregation type and a predetermined constant representing an estimated maximum amount of symbol contributions that can be contributed for the time period indicated by the time aggregation type. Templates and fraudulent values of the contributions are excluded from the calculation.
    Type: Grant
    Filed: December 21, 2021
    Date of Patent: June 28, 2022
    Assignee: Foundation Modern Management Institute
    Inventor: Dimitar Venelinov Bakardzhiev
  • Patent number: 11372975
    Abstract: Systems and methods for management of data files using a plurality of interconnected operations associated with a plurality of roles are provided. A method involves receiving, from a user terminal, a request to access a portion of the plurality of interconnected operations corresponding to one of the plurality of roles, obtaining a human representation of the portion, and transmitting the human representation to the user terminal for display thereon. The human representation (i.e., an Episodic Social Network representation) is a spatial arrangement one or more affinity groups blocks interconnected via one or more conditional situation blocks, where each of the affinity groups represents a non-exclusive data file classification associated with a set of temporal and non-temporal characteristics and where each of the conditional situation blocks defines a set of conditions for transferring the data file from one of the affinity groups to another of the affinity groups.
    Type: Grant
    Filed: December 20, 2019
    Date of Patent: June 28, 2022
    Assignees: THE QUANTUM GROUP, INC.
    Inventors: Noel J. Guillama, Chester A. Heath
  • Patent number: 11368435
    Abstract: A technique for determining the safety of the content of beacon transmissions. A user device extracts beacon identification information from a beacon transmission. The user device queries the beacon registry to obtain the targeted content. The user device provides the targeted content and beacon identification information to a validation service. The validation service evaluates the targeted content and the beacon identification information for safety. The validation service determines a score based on that evaluation and sends the score to the user device. The user device alerts the user or performs background actions such as suppression of transmission of beacon contextual data to other apps on user device based on the score.
    Type: Grant
    Filed: January 29, 2016
    Date of Patent: June 21, 2022
    Assignee: McAfee, LLC
    Inventors: Siddaraya Revashetti, Priyadarshini Rao Rajan, Sulakshana Zambre, Saira Sunil, Susmita Nayak
  • Patent number: 11368428
    Abstract: A method for reassigning exit internet protocol (IP) addresses in a virtual private network (VPN), the method including selecting a first exit IP address for communicating data associated with a user device having an established VPN connection, receiving a notification that indicates occurrence of a network event associated with the first exit IP address, and communicating, during the established VPN connection, data associated with the user device using a second exit IP address, different from the first exit IP address. Various other aspects are contemplated.
    Type: Grant
    Filed: July 25, 2021
    Date of Patent: June 21, 2022
    Assignee: UAB 360 IT
    Inventors: Karolis Pabijanskas, Kiril Mikulskij
  • Patent number: 11368482
    Abstract: A threat detection system for a mobile communication system, and a global device and a local device thereof are provided. The threat detection system is used for detecting and defensing low and slow distributed denial-of-service (LSDDoS) attacks. The global device is located in a core network of the mobile communication system, and is used for training a tensor neural network (TNN) model to build a threat classifier. The threat classifier is used for the local device to identify a plurality of threat types. The local device inputs the to-be-identified data into the threat classifier to generate a classification result corresponding to one of the threat types.
    Type: Grant
    Filed: January 30, 2020
    Date of Patent: June 21, 2022
    Assignee: INSTITUTE FOR INFORMATION INDUSTRY
    Inventors: Yen-Wen Huang, Yi-Hsueh Tsai, Shu-Min Chuang
  • Patent number: 11368488
    Abstract: Systems, methods, and apparatuses enable one or more security microservices to optimize a security configuration of a networked environment by applying security policies to resource groups passively to determine whether network sets, resource groups, or security policies should be modified, prior to active enforcement. When security policies are applied passively, security actions that are performed in response to a violation of security policy do not impact network traffic. The one or more security microservices evaluate the results of the passive application of security policies to determine whether there is at least one recommended modification to network sets, resource groups, or security policies. When there is at least one recommended modification, the modification is applied.
    Type: Grant
    Filed: October 25, 2019
    Date of Patent: June 21, 2022
    Assignee: Fortinet, Inc.
    Inventors: Manuel Nedbal, Ratinder Paul Singh Ahuja, Manoj Ahluwalia, Jitendra Gaitonde, Rajiv Sreedhar, Ojas Milind Kale, Mark Raymond Lubeck, Yuk Suen Cheng, Suresh Rajanna, David Dvir Adler, Gary Nool
  • Patent number: 11368502
    Abstract: Systems and methods are described for managing services of a computing device over a mobile network where requests for managed or unmanaged services are translated to corresponding IP addresses sent to the computing device and corresponding requests sent to the translated IP addresses are either permitted, rated, quality controlled or secured if the computing device has a valid data plan or is otherwise permissioned for using the mobile network, are denied if filtered and if the computing device does not have a valid data plan or is not otherwise permissioned and the request corresponds to the first address, and are permitted, rated, quality controlled or not secured even if the computing device does not have a valid data plan or is not otherwise permissioned if the request corresponds to the second address.
    Type: Grant
    Filed: September 29, 2020
    Date of Patent: June 21, 2022
    Assignee: KAJEET, INC.
    Inventors: David Pinto, John Shorey, Daniel John Neal
  • Patent number: 11368847
    Abstract: A networking behavior detector and a networking behavior detection method thereof for an indoor space are provided. The networking behavior detector receives a plurality of radio frequency (RF) signals in the indoor space and converts the RF signals to a plurality of digital signals. Next, the networking behavior detector calculates an energy value of each digital signal and filters out the digital signal, the energy value of which is smaller than a threshold, of the digital signals to generate an analysis signal. Finally, the networking behavior detector retrieves a plurality of energy feature values of each analysis signal to generate a feature datum, and analyzes the feature data through an identification model to generate an identification result. The identification result corresponds to one of a plurality of networking behaviors.
    Type: Grant
    Filed: December 3, 2019
    Date of Patent: June 21, 2022
    Assignee: INSTITUTE FOR INFORMATION INDUSTRY
    Inventors: Chih-Wei Chen, Chia-Min Lai, Wei-Chen Tou
  • Patent number: 11368478
    Abstract: A system for detecting and preventing execution of malware on a target system includes an interface for receiving training data. The training data includes domain names known to be legitimate and domain names known to be associated with malware. The system is configured to train a first model to classify the domain names in the training data as being legitimate domain names or malware-associated domain names using a supervised learning methodology. The system configured to train a second model to predict a correct domain name associated with domain names in the training data using an unsupervised learning methodology. The system configured to train a third model to classify the domain names in the training data as being legitimate domain names or malware-associated domain names based on an output of the first learning model and an output of the second learning model.
    Type: Grant
    Filed: February 5, 2020
    Date of Patent: June 21, 2022
    Assignee: ACCENTURE GLOBAL SOLUTIONS LIMITED
    Inventor: Vicknesh Manoselvam
  • Patent number: 11362995
    Abstract: Systems and methods for providing pre-emptive intercept warning for online privacy or security are disclosed. In one embodiment, at a privacy security appliance comprising at least one computer processor, a method for may include: (1) establishing a virtual private network (VPN) connection with a computer application executed by a client device; (2) receiving, over the VPN connection, an internet protocol (e.g., HTTP or HTTPS) request for a website host; (3) communicating the internet protocol request to the website host; (4) receiving a response to the internet protocol request from the website host; (5) inspecting the response for privacy or security issues with embedded links in the response; (6) scoring the embedded links based on the inspection; (7) generating a mock webpage based on the response comprising the scoring for the embedded links; and (8) delivering the mock webpage with the scoring to the application over the VPN. The mock webpage may include links to the embedded links.
    Type: Grant
    Filed: November 24, 2020
    Date of Patent: June 14, 2022
    Assignee: JPMORGAN CHASE BANK, N.A.
    Inventors: Tuan Dao, Howard Spector
  • Patent number: 11363038
    Abstract: Embodiments include a method, system and computer program product for detecting impersonation attempts in social media messaging. Aspects include receiving, via a social media network, a message from a sender to a recipient and analyzing a content of the message to extract factual statements from the message. Aspects also include analyzing a profile of the recipient to extract facts from the profile and comparing each of the factual statements to the facts from the profile. Based on a determination that one of the factual statements are verifiable by at least one of the facts, aspects include assigning a likelihood score to the factual statements. Aspects further include calculating a legitimacy score for the message based at least in part on the likelihood score of each verified factual statement from the message and transmitting the legitimacy score and the message to the recipient.
    Type: Grant
    Filed: July 24, 2019
    Date of Patent: June 14, 2022
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Jasmeet Singh, Andrew R. Freed, Rebecca Rose James, Stephan Roorda
  • Patent number: 11362990
    Abstract: A method for reassigning exit internet protocol (IP) addresses in a virtual private network (VPN), the method comprising activating a first exit IP address for communicating data associated with a user device having an established VPN connection; deactivating, during the established VPN connection, the first exit IP address based at least in part on determining that an amount of data communication associated with the first exit IP address satisfies a data threshold; and activating, during the established VPN connection, a second exit IP address, different from the first exit IP address, for communicating data associated with the user device based at least in part on deactivating the first exit IP address. Various other aspects are contemplated.
    Type: Grant
    Filed: July 24, 2021
    Date of Patent: June 14, 2022
    Assignee: UAB 360 IT
    Inventors: Karolis Pabijanskas, Kiril Mikulskij
  • Patent number: 11363052
    Abstract: Methods and systems for generating an attack path based on user and system risk profiles are presented. The method comprises determining user information associated with a computing device; determining system exploitability information of the computing device; determining system criticality information of the computing device; determining a risk profile for the computing device based on the user information, the system exploitability information, and the system criticality information; and generating an attack path based on the risk profile. The attack path indicates a route through which an attacker accesses the computing device. The system exploitability information indicates one or more of: the vulnerability associated with the computing device, an exposure window associated with the computing device, and a protection window associated with the computing device.
    Type: Grant
    Filed: July 19, 2019
    Date of Patent: June 14, 2022
    Assignee: Qualys, Inc.
    Inventors: Mayuresh Vishwas Dani, Ankur S. Tyagi, Rishikesh Jayaram Bhide
  • Patent number: 11363037
    Abstract: A machine compromised by malicious activity is detected by identifying an anomalous port opened on an entity of a network. The anomalous port is detected through collaborative filtering using usage patterns derived from normal network traffic using open ports of entities on the network. The collaborative filtering employs single value decomposition with alternating least squares to generate a recommendation score identifying whether an entity having a newly-opened port is likely to be used for malicious activity.
    Type: Grant
    Filed: April 1, 2019
    Date of Patent: June 14, 2022
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC.
    Inventors: Omer Karin, Ram Haim Pliskin
  • Patent number: 11362833
    Abstract: An approach is provided for embedding information into probe data. The approach involves retrieving a probe data set comprising a plurality of probe data points collected from a probe device. The approach also involves determining the information to embed, wherein the information is a bit string of a specified length. The approach further involves iteratively selecting at least one bit of the bit string to embed into at least one probe data point of the plurality of probe data points to generate an embedded probe data set until at least a predetermined portion of the bit string is embedded. The approach further involves providing the embedded probe data set as an output.
    Type: Grant
    Filed: September 30, 2019
    Date of Patent: June 14, 2022
    Assignee: HERE GLOBAL B.V.
    Inventors: Daniel Rolf, Raul Cajias
  • Patent number: 11356415
    Abstract: A method and system for detecting impersonated network traffic by a protected computing device and a network protection system. The method includes the computing device receiving installation of a browser application, the browser application configured to generate requests to communicate with other computers via the World Wide Web and receiving a configuration for the browser application. The browser application is configured to obtain a short-lived password (SLP) in coordination with generating a request and insert the short-lived password into the generated request before transmitting the request. The SLP is synchronized with an expected value generated by the network protection system. The transmitted request is passed to the network protection system and treated as legitimate network traffic by the network protection system only if the network protection system detects and verifies the SLP.
    Type: Grant
    Filed: April 22, 2020
    Date of Patent: June 7, 2022
    Assignee: Arbor Networks, Inc.
    Inventor: Bhargav Pendse
  • Patent number: 11349862
    Abstract: The disclosure is directed to a system for testing known bad destinations while in a production network. The system can include a source controller and a destination controller in a production network. The source controller and the destination controller can have a configuration of a predetermined set of one or more known bad external destinations to test a security control device of the production network intermediary to the source controller and the destination controller. The source controller can be configured to communicate test traffic generated to a known bad external destination. The test traffic can pass through the security control device with a network identifier of the known bad external destination. The destination controller can be configured to receive the test traffic forwarded by a network device of the production network.
    Type: Grant
    Filed: April 29, 2019
    Date of Patent: May 31, 2022
    Assignee: MANDIANT, INC.
    Inventors: Christopher B. Key, Paul E. Holzberger, Jr., Jeff Seely
  • Patent number: 11347839
    Abstract: Various embodiments are generally directed to techniques for control flow protection with minimal performance overhead, such as by utilizing one or more micro-architectural optimizations to implement a shadow stack (SS) to verify a return address before returning from a function call, for instance. Some embodiments are particularly directed to a computing platform, such as an internet of things (IoT) platform, that overlaps or parallelizes one or more SS access operations with one or more data stack (DS) access operations.
    Type: Grant
    Filed: June 26, 2019
    Date of Patent: May 31, 2022
    Assignee: INTEL CORPORATION
    Inventors: Abhishek Basak, Ravi L. Sahita, Vedvyas Shanbhogue
  • Patent number: 11347574
    Abstract: Methods and systems for managing notifications relating to execution of microservices are described herein. A format of notifications relating to execution of a plurality of microservices may be defined. The format may provide that all notifications generated based on the format comprise code. The code may indicate, for example, an identity of one of a plurality of microservices, a version of the code, an occurrence of an issue in execution of the one of the plurality of microservices, and/or one or more scripts which may be executed to address an issue of the notification. Two or more notifications may be received, and the one or more notifications may be formatted based on the defined format. A third notification may be generated based on a comparison of the two or more notifications. The third notification may be transmitted to a computing device.
    Type: Grant
    Filed: July 2, 2020
    Date of Patent: May 31, 2022
    Assignee: Citrix Systems, Inc.
    Inventors: Jeremy White, Ted Harwood, Wellington Goncalves
  • Patent number: 11349856
    Abstract: Embodiments provide a computer implemented method in a data processing system comprising a processor and a memory comprising instructions, which are executed by the processor to cause the processor to implement the method of identifying an exploit kit, the method comprising: receiving, by the processor, a web page; extracting, by the processor, a plurality of features of the web page; and determining, by the processor, whether the web page is associated with an exploit kit, through an ensemble classifier model trained using the extracted features.
    Type: Grant
    Filed: January 30, 2019
    Date of Patent: May 31, 2022
    Assignee: International Business Machines Corporation
    Inventors: Bradley E. Harris, Moazzam Khan, Preeti Ravindra
  • Patent number: 11340890
    Abstract: Techniques are described herein for, without rebooting a computing device, unloading at least a component of a kernel-mode component of the computing device and loading an updated version of the component of the kernel-mode component. The techniques may be performed by an integrity manager associated with the kernel-mode component. The integrity manager may also determine integrity of the kernel-mode component by causing the kernel-mode component to perform an action associated with a known reaction, determining whether the known reaction occurred, and in response, performing a remediation action or notifying a remote security service. Further, the integrity manager may determine whether any computing device lists include representations of components or connections associated with the kernel-mode component. The integrity manager may then remove the representations from the lists or remove the representations from responses to requests for contents of the computing device lists.
    Type: Grant
    Filed: May 9, 2019
    Date of Patent: May 24, 2022
    Assignee: CrowdStrike, Inc.
    Inventor: Ion-Alexandru Ionescu
  • Patent number: 11340887
    Abstract: The present disclosure relates to a method for performing a software update in a control unit of a motor vehicle. The present disclosure provides that, during driving operation of the motor vehicle, a first analysis device of the motor vehicle is used to predict, for a predefined future time interval in which the control unit is operated in order to generate control data, an idle time interval in which the generation of the control data of at least one software module of the control unit is interrupted during the driving operation at least for a predefined minimum duration because of a vehicle state existing then, and the software update is started at the beginning of the idle time interval.
    Type: Grant
    Filed: April 29, 2019
    Date of Patent: May 24, 2022
    Assignee: Audi AG
    Inventor: Anil Thurimella
  • Patent number: 11343402
    Abstract: A watermark image may be generated that includes a first set of encoded pixels each of which is assigned a first transparency value and a second set of encoded pixels each of which is assigned a second transparency value, the second transparency level being different from the first transparency level. The encoded pixels may be distributed among a set of blank pixels such that each encoded pixel neighbors one or more blank pixels in the watermark image, and in particular at least two blank pixels in the watermark image. Herein, each blank pixel may be assigned the second transparency value. The watermark image may be overlaid and blended over a background source image to create an encoded source image. A decoder system may recover encoded information from the encoded source image.
    Type: Grant
    Filed: April 6, 2020
    Date of Patent: May 24, 2022
    Assignee: Google LLC
    Inventors: Abdullah Hassan Gharaibeh, Michal Dabrowski, Ryan Matthew Haggarty, Igor Foox-Rapoport, Wan Wang, Duncan Geoffrey Hector Wood, Dany Kuminov, Matthew Young-Lai, Bhavin Vyas, George Jacob Levitte, Jean Semere
  • Patent number: 11341248
    Abstract: A system includes a processor coupled to an integrated circuit. The processor includes a non-volatile memory to store instructions to perform a boot process. The boot process is discontinued to prevent unauthorized use of the processor if a value received from the integrated circuit in response to a first value sent to the integrated is not valid.
    Type: Grant
    Filed: December 21, 2018
    Date of Patent: May 24, 2022
    Assignee: Intel Corporation
    Inventors: Haifeng Gong, Vasudevan Srinivasan, Antonio J. Hasbun Marin