Monitoring Or Scanning Of Software Or Data Including Attack Prevention Patents (Class 726/22)
-
Patent number: 12088622Abstract: Embodiments of the present disclosure provide a method and system for defending against cyber-attacks, and a computer storage medium. An apparatus for defending against cyber-attacks randomly generates a new keyword. The apparatus for defending against cyber-attacks transmits the new keyword to a transmitting device and a receiving device, respectively. The receiving device updates a keyword set of the receiving device to include the new keyword, acquires a keyword carried in a communication message transmitted by the transmitting device, and determines whether the communication message is a cyber-attack message according to the keyword carried and the keyword set. The receiving device discards the communication message in response to the communication message being determined to be a cyber-attack message.Type: GrantFiled: April 7, 2020Date of Patent: September 10, 2024Assignee: XI'AN ZHONGXING NEW SOFTWARE CO. LTD.Inventors: Cangming Liu, Xianjin Hong
-
Patent number: 12088600Abstract: An anomaly detection system is disclosed capable of reporting anomalous processes or hosts in a computer network using machine learning models trained using unsupervised training techniques. In embodiments, the system assigns observed processes to a set of process categories based on the file system path of the program executed by the process. The system extracts a feature vector for each process or host from the observation records and applies the machine learning models to the feature vectors to determine an outlier metric each process or host. The processes or hosts with the highest outlier metrics are reported as detected anomalies to be further examined by security analysts. In embodiments, the machine learnings models may be periodically retrained based on new observation records using unsupervised machine learning techniques. Accordingly, the system allows the models to learn from newly observed data without requiring the new data to be manually labeled by humans.Type: GrantFiled: September 17, 2020Date of Patent: September 10, 2024Assignee: Rapid7, Inc.Inventors: Jocelyn Beauchesne, John Lim Oh, Vasudha Shivamoggi, Roy Donald Hodgman
-
Patent number: 12088604Abstract: A security system environment that uses artificial intelligence (AI) and machine learning (ML) (collectively “AI/ML”) to provide dynamic detection of potential security breaches and a mixed realty interface to decision the potential security breaches.Type: GrantFiled: May 10, 2022Date of Patent: September 10, 2024Assignee: BANK OF AMERICA CORPORATIONInventors: Sakshi Bakshi, Durga Prasad Kutthumolu
-
Patent number: 12086236Abstract: Disclosed herein are systems and methods for identifying a cryptor that encodes files of a computer system. An exemplary method comprises, identifying one or more files into which a data entry is performed by a suspect process; for each identified file, determining characteristics of the identified file, identifying classes of file modifications using a trained machine learning model and respective characteristics of the identified file, identifying a suspect process as being associated with the cryptor based on the identified classes of file modification of the file, and protecting the computer system from the cryptor.Type: GrantFiled: May 14, 2021Date of Patent: September 10, 2024Assignee: AO Kaspersky LabInventors: Evgeny I. Lopatin, Dmitry A. Kondratyev
-
Patent number: 12081568Abstract: An extraction apparatus includes processing circuitry configured to receive an input of information about a plurality of web pages including a hypertext markup language (HTML) element that is known to reach a malicious web page through browser operation and an HTML element that is known to reach a benign web page through browser operation, classify the plurality of web pages whose input is received into clusters, extract an HTML element that reaches the malicious web page and an HTML element that reaches the benign web page from a web page of each cluster that is classified to extract a first character string included in HTML elements that are extracted, and extract, as a keyword, a second character string that characterizes the HTML element that reaches the malicious web page from the first character string.Type: GrantFiled: May 28, 2019Date of Patent: September 3, 2024Assignee: NIPPON TELEGRAPH AND TELEPHONE CORPORATIONInventors: Takashi Koide, Daiki Chiba
-
Patent number: 12079126Abstract: A microprocessor includes a cache memory, a store queue, and a load/store unit. Each entry of the store queue holds store data associated with a store instruction. The load/store unit, during execution of a load instruction, makes a determination that an entry of the store queue holds store data that includes some but not all bytes of load data requested by the load instruction, cancels execution of the load instruction in response to the determination, and writes to an entry of a structure from which the load instruction is subsequently issuable for re-execution an identifier of a store instruction that is older in program order than the load instruction and an indication that the load instruction is not eligible to re-execute until the identified older store instruction updates the cache memory with store data.Type: GrantFiled: May 18, 2022Date of Patent: September 3, 2024Assignee: Ventana Micro Systems Inc.Inventors: John G. Favor, Srivatsan Srinivasan
-
Patent number: 12079625Abstract: A pipeline (e.g., a DevOps or DevSecOps pipeline) may include utilities corresponding to stages within the pipeline. A device may execute the pipeline on a version of a codebase, where the version of the codebase is associated with an immutable identifier of a version control management system. The device may generate metadata for one or more of the utilities of the pipeline based executing the pipeline on the version of the codebase. The device may store the metadata at a database, where the immutable identifier is designated as a primary key for the stored metadata. The device may verify the metadata at one or more gates of the pipeline based on a comparison of the stored metadata to a set of policy information associated with the one or more gates.Type: GrantFiled: January 6, 2023Date of Patent: September 3, 2024Assignee: Ally Financial Inc.Inventors: Josef Hoenzsch, Joynal Abedin, William Aaron McDonald
-
Patent number: 12079378Abstract: A method includes: detecting, by a computing device, connection of a universal serial bus device to a computer; determining, by the computing device, that the computer is in a locked mode; detecting, by the computer device, input to the computer within a predetermined time of detecting the connection; determining, by the computing device as a result of the computer being locked and detecting the input, that the input is a threat to the computer; creating, by the computing device, a temporary virtual environment; receiving, by the computing device, the input into the temporary virtual environment; processing, by the computing device, the input in the temporary virtual environment; and recording, by the computing device, information related to the input.Type: GrantFiled: October 25, 2021Date of Patent: September 3, 2024Assignee: KYNDRYL, INC.Inventor: Cesar Augusto Rodriguez Bravo
-
Patent number: 12079811Abstract: The present disclosure relates to systems, non-transitory computer-readable media, and methods for relaying payloads with digital policy criteria for dispute requests of network transactions from a first digital system to a second digital system, for the second digital system to automatically implement the digital policy criteria. In particular, in one or more embodiments, the disclosed system receives payloads comprising digital policy criteria and policy identifier(s) and determines whether to approve or deny dispute requests based on incoming dispute requests.Type: GrantFiled: May 24, 2022Date of Patent: September 3, 2024Assignee: Chime Financial, Inc.Inventors: Siddhi Soman, Steven Holinaty, Anthea Maniulit, Devadas Allya, Matteo Vinci, Sumanth Thikka
-
Patent number: 12081985Abstract: Implementations of the present disclosure relate to intrusion detection information. A method comprises detecting, by an access point (AP), at least one device in a wireless communication network to be an illegal device. The method also comprises obtaining, by the AP, intrusion detection information related to the at least one device, the intrusion detection information comprising at least one identifier of the at least one device.Type: GrantFiled: October 27, 2021Date of Patent: September 3, 2024Assignee: Hewlett Packard Enterprise Development LPInventors: Junpeng Wu, Tong Zhang
-
Patent number: 12081588Abstract: Techniques and systems for detecting malicious activity within a network are provided herein. A method for detecting malicious activity within a network may include receiving, by a network-based authentication system, a network transaction. The network-based authentication system may identify a first attribute of the network transaction. The method may also include selecting, by the network-based authentication system, a first learning statistical model and a second learning statistical model from a plurality of models for handling the network transaction. Each of the first learning statistical model and the second learning statistical model may create a likelihood that the network transaction is authentic. The first learning statistical model may calculate a first score and the second learning statistical score may calculate a second score. Based on a comparison of the first score to a first threshold and the second score to a second threshold, the network transaction may be authenticated.Type: GrantFiled: January 13, 2023Date of Patent: September 3, 2024Assignee: The Western Union CompanyInventors: Noel Brandt, Robert Enzaldo, Charles Champion, Brent Lemieux
-
Patent number: 12074802Abstract: A technique for performing adaptive rate limiting of flow probes is described. The technique includes sending a plurality of flow probes from a first service engine to at least one other service engine. The flow probes are sent at a rate that does not exceed a rate limit. A flow probe of the plurality of flow probes is generated in response to the first service engine receiving a mid-flow packet for a flow that is not recognized by the first service engine. A recipient service engine of the flow probe responds with a success indicator if the recipient service engine recognizes the flow. The technique also includes determining a success rate associated with success indicators received from the at least one other service engine and comparing the success rate with a first threshold. The rate limit is adjusted in response to a comparison result.Type: GrantFiled: October 25, 2021Date of Patent: August 27, 2024Assignee: VMware LLCInventor: George Mathew
-
Patent number: 12070611Abstract: A stimulation system can include one or more stimulating components, each of which can include one or more electrodes and one or more leads. Each lead can be connected at a first end of the lead to an electrode of the one or more electrodes and can be connected at a second end of the lead to a bonding pad of the one or more bonding pads. The stimulation system can also include a cylindrical substrate. Each stimulating component can be secured to a surface of the cylindrical substrate. The stimulation system can further include a skull-mount package that includes electronics that identify stimulation parameters. The bonding pads can be electrically connected to the electronics. The skull-mount package can further include one or more bonding pads. Each lead can be directly electrically and physically connected to a bonding pad of the one or more bonding pads.Type: GrantFiled: September 13, 2019Date of Patent: August 27, 2024Assignee: VERILY LIFE SCIENCES LLCInventors: Shivkumar Sabesan, Bo Lu, Annapurna Karicherla
-
Patent number: 12074798Abstract: A method including assigning, by a virtual private network (VPN) server, a first exit internet protocol (IP) address to communicate data associated with a user device having an established VPN connection with the VPN server; determining, by the VPN server, occurrence of a network event associated with the first exit IP address; and assigning, by the VPN server based at least in part on determining occurrence of the network event, a second exit IP address to communicate the data associated with the user device during the established VPN connection, the second exit IP address being different from the first exit IP address is disclosed. Various other aspects are contemplated.Type: GrantFiled: June 29, 2023Date of Patent: August 27, 2024Assignee: UAB 360 ITInventors: Karolis Pabijanskas, Kiril Mikulskij
-
Patent number: 12072949Abstract: A webpage scoring method used with a search engine and an electronic device are disclosed. The method includes: analyzing a webpage content of a target webpage to obtain environmental rating information corresponding to the target webpage; performing a keyword search by the search engine; and presenting a search result related to the target webpage with the environmental rating information in a window interface.Type: GrantFiled: December 6, 2022Date of Patent: August 27, 2024Assignee: Acer IncorporatedInventors: Sheng-Hsiung Yao, Ling-Fan Tsao
-
Patent number: 12074849Abstract: The subject disclosure provides systems and methods for application-specific network data filtering. Application-specific network data filtering may be performed by a sandboxed process prior to providing the network data to an application to which the network data is directed. Any malicious or otherwise potentially harmful data that is included in the network data may be removed by the application-specific network data filter or may be allowed to corrupt the application specific network data filtering operations within the sandbox, thereby preventing the malicious or harmful data from affecting the application or other portions of an electronic device. In one or more implementations, a first process such as an application-specific network data filtering process may request allocation of memory for the first process from second process, such as an application, that is separate from a memory manager of the electronic device.Type: GrantFiled: June 21, 2021Date of Patent: August 27, 2024Assignee: Apple Inc.Inventors: Ivan Krstic, Damien P. Sorresso, David P Remahl, Elliot C. Liskin, Justin S. Hogg, Kevin J. Lindeman, Lucia E. Ballard, Nicholas J. Circosta, Richard J. Cooper, Ryan A. Williams, Steven C. Vittitoe, Zachariah J. Riggle, Patrick R. Metcalfe, Andrew T. Whitehead
-
Patent number: 12069073Abstract: Cyber threat defense systems and methods are provided. The system includes a network module, an analyzer module and a classifier. The network module ingests network data, which is provided to one or more machine learning models included in the analyzer module. Each machine learning model identifies metrics associated with the network data and outputs a score indicative of whether anomalous network data metrics are caused by a cyber threat. These output scores are provided to the classifier, which determines a probability that a cybersecurity breach has occurred.Type: GrantFiled: February 26, 2021Date of Patent: August 20, 2024Assignee: Darktrace Holdings LimitedInventors: Dickon Murray Humphrey, Timothy Owen Bazalgette, Andres Curto Martin
-
Patent number: 12069069Abstract: Devices and methods to identify malicious usage of a network device. In at least one embodiment, a network device comprises circuitry for performing a networking function and collecting telemetry data indicative of the performance of the networking function. The network device obtains an inference of a network traffic pattern using a machine learning model, and responds to the inference.Type: GrantFiled: June 14, 2021Date of Patent: August 20, 2024Assignee: MELLANOX TECHNOLOGIES LTD.Inventors: Yair Chasdai, David Daniel Pilnik, Liran Daniel, Gary Mataev
-
Patent number: 12067127Abstract: A system may include persistent storage containing representations of configuration items discovered in a managed network, where the configuration items include computing devices and software applications installed on the computing devices. One or more processors may be configured to: (i) obtain results of a vulnerability analysis performed on a software application, where the results indicate that the software application exhibits a vulnerability, (i) determine a count of computing devices on which the software application is installed, (iii) calculate a security threat score for the vulnerability, where the security threat score is based on a severity factor of the vulnerability and the count of computing devices, (iv) provide, to a first entity, a first indication of the software application and the vulnerability, and (v) provide, to a second entity, a second indication of the software application, the vulnerability, and the security threat score.Type: GrantFiled: August 10, 2022Date of Patent: August 20, 2024Assignee: ServiceNow, Inc.Inventors: Kurt Joseph Zettel, II, David Victor Barkovic, Richard Kenneth Reybok
-
Patent number: 12063237Abstract: A method for tracing malicious endpoints in communication with a back end may include: providing a reverse proxy to intercept traffic exchanged between a client and the back end; providing a processing unit with an algorithm; intercepting, using the proxy, each TLS Client HELLO directed to the back end and generating a TLS Client HELLO hash using the algorithm; intercepting and processing, using the proxy, each HTTP request to extract a Client User Agent; processing the Client User Agent to generate an Agent hash; processing the HELLO hash and Agent hash by calculating a number of occurrences in which the HELLO hash is associated with the Agent hash to obtain a relative frequency value, to determine whether the HELLO hash is common to or anomalous for the Agent hash of the client; and performing one or more attack protection actions of a Man-in-the-Middle type if the HELLO hash is anomalous.Type: GrantFiled: October 22, 2021Date of Patent: August 13, 2024Assignee: Cleafy Società per AzioniInventors: Nicolò Pastore, Carmine Giangregorio, Andrea Sessa
-
Patent number: 12063227Abstract: Systems and methods for threat response in computer environments can include detecting, by one or more processors, a threat to the computer environment, and identifying a subset of assets of the plurality of assets associated with the threat. The one or more processors can determine from a predefined set of resolutions a plurality of resolutions executable to resolve the threat for the subset of assets. The one or more processors can execute, for each resolution of the plurality of resolutions, a trained model to simulate the resolution for the subset of assets. The one or more processors can select, based at least on results of execution of each resolution, a resolution among the plurality of resolutions to be implemented.Type: GrantFiled: October 1, 2021Date of Patent: August 13, 2024Assignee: Acentium IncInventor: Amine Hamdi
-
Patent number: 12063230Abstract: There are provided measures for trust related management of artificial intelligence or machine learning pipelines. Such measures exemplarily include, at a first network entity managing artificial intelligence or machine learning trustworthiness in a network, transmitting a first artificial intelligence or machine learning trustworthiness related message towards a second network entity managing artificial intelligence or machine learning trustworthiness in an artificial intelligence or machine learning pipeline in the network, and receiving a second artificial intelligence or machine learning trustworthiness related message from the second network entity, where the first artificial intelligence or machine learning trustworthiness related message includes at least one criterion related to an artificial intelligence or machine learning trustworthiness aspect.Type: GrantFiled: April 12, 2022Date of Patent: August 13, 2024Assignee: NOKIA TECHNOLOGIES OYInventors: Janne Ali-Tolppa, Tejas Subramanya
-
Patent number: 12061730Abstract: The present disclosure provides a security assessment apparatus, a method, and a program capable of making an assessment of a security risk simply and appropriately. The security assessment apparatus according to the present disclosure is a security assessment apparatus of a facility to be controlled using a controller, including: an identification unit (15) configured to identify a compromised component which puts the facility into an unsafe situation based on data regarding a plurality of components provided in the facility and control program code of the controller, thereby generating a list of the compromised component; and a compromised behavior generating unit (16) configured to generate a compromised behavior of a selected component selected from the list of the compromised component.Type: GrantFiled: February 14, 2019Date of Patent: August 13, 2024Assignee: NEC CORPORATIONInventors: Taniya Singh, Masafumi Watanabe, Hirofumi Ueda
-
Patent number: 12062098Abstract: A method for protecting computing assets includes detecting a set of events in a networked computing environment using a set of event sensors distributed in the networked computing environment, determining a risk factor by applying the set of events to a detection model using an inference server in communication with the set of event sensors, and communicating the risk factor to an insurance server from the inference server.Type: GrantFiled: November 23, 2021Date of Patent: August 13, 2024Assignee: COMPUTED FUTURES INCInventors: Frederick Venter, Jayendra Pathak
-
Patent number: 12063247Abstract: Embodiments are described herein relating to systems and methods for blocking access to phishing-related content accessible via links that are presented via applications being executed on electronic devices based at least in part on implied intent on the part of users using the electronic devices. For example, anti-phishing software may be configured to detect selection of potential phishing-related links that are presented via the applications being executed on the electronic devices, to determine authenticity of the potential phishing-related links, and to take appropriate action based on the authenticity of the potential phishing-related links. For example, the anti-phishing software may be configured to analyze content associated with the potential phishing-related links (e.g., to estimate user intent) and/or to access potential phishing-related content at locations corresponding to the potential phishing-related links (e.g.Type: GrantFiled: June 29, 2021Date of Patent: August 13, 2024Assignee: United Services Automobile Association (USAA)Inventors: Thomas Wayne Schwarz, Jr., Sean Carl Mitchem, Timothy Blair Chalmers, Robert Lee Black, Gideon Bowie Luck
-
Patent number: 12058150Abstract: Network security is applied to identify malicious activity occurring on a network or at network nodes from a coordinated attack. For instance, a device, comprising a memory and a processor, can generate a first flag signal representative of a first flag applicable to first data and a second flag signal representative of a second flag applicable to second data in response to the first and second data being determined to be related and directed to a common destination node using identifiers associated with network equipment.Type: GrantFiled: June 18, 2021Date of Patent: August 6, 2024Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.Inventors: Joseph Soryal, Dylan Chamberlain Reid
-
Patent number: 12058611Abstract: A 5G network includes an access network (AN), a 5G Core (5GC), one or more campus network components each configured to run 5GC software associated to a campus network, and one or more public network components each configured to run 5GC software associated to a public network. The 5GC comprises a central cloud having functionally separated instances, including: a public 5GC instance configured to host the public network realized as a network slice; a private 5GC instance configured to host one or more campus networks, wherein the one or more campus networks are realized as Network Slices; and a data layer instance configured to host Unified Data Repository (UDR) functionality. Unified Data Management (UDM) functions of both 5GC instances are connected to the data layer instance. A Network Slice Selection Function (NSSF) contains the information about network slices present in both 5GC instances.Type: GrantFiled: December 9, 2022Date of Patent: August 6, 2024Assignee: DEUTSCHE TELEKOM AGInventors: Jakob Belschner, Josep Colom Ikuno, Stefanus Roemer, Sacha Gastel, Vasil Aleksiev, Piotr Karas
-
Patent number: 12056090Abstract: Embodiments of the disclosure provide systems and methods for analyzing log files. Automated processing of log files can comprise reading a log file generated during execution of an application and comprising a plurality of log events and generating a plurality of templates based on the plurality of log events in the log file. Each template can map a log event to a candidate value for the log event. The plurality of log events can be aggregated into a plurality of groups based on the candidate value mapped to each log event in the plurality of templates and the plurality of groups of log events can be ranked. The log file can be partitioned based on the ranking of the plurality of groups of log events and one or more groups of log events can be provided to an analysis process based on the partitioning of the log file.Type: GrantFiled: May 10, 2023Date of Patent: August 6, 2024Assignee: Micro Focus LLCInventors: Pezhman Jasper Sheini, Manish Marwah, Martin Fraser Arlitt
-
Patent number: 12058148Abstract: Various embodiments of apparatuses and methods for distributed threat sensor analysis and correlation of a malware threat intelligence system are described. In some embodiments, the system comprises a plurality of threat sensors, deployed at different network addresses and physically located in different geographic regions in a provider network, which detect interactions from sources. In some embodiments, a distributed threat sensor analysis and correlation service obtains significance scores for different sources of the interactions with the plurality of threat sensors. The service determines which of the sources are malicious actors based on the significance scores. The service receives identifiers of known actors such as compute instances in the provider network, client devices in a client network, or deployed IoT devices in a remote network, and correlates the malicious actors with the known actors to identify which known actors might be infected by malware.Type: GrantFiled: May 1, 2020Date of Patent: August 6, 2024Assignee: Amazon Technologies, Inc.Inventor: Nima Sharifi Mehr
-
Patent number: 12057991Abstract: Methods, systems, and devices are described for orchestrating server management in a modern IT network. The described techniques may be implemented to manage any number of networked severs, whether local, remote, or both. Server orchestration may leverage a central, cloud-based management system and/or one or more autonomous agents installed on servers with the network. The autonomous agents may each be registered with the supervisory server and may have awareness of one another.Type: GrantFiled: May 23, 2023Date of Patent: August 6, 2024Assignee: JumpCloud, Inc.Inventors: Rajat Bhargava, James Brown, Christopher Marie
-
Patent number: 12058137Abstract: Systems and methods may generally be used to automatically curate a blocklist of internet protocol (IP) addresses. An example method may include using risk factor scores for a particular IP address that was blocked by a traffic control component to determine whether to add the particular IP address to a blocklist. The example method may include, in response to a determination to add the particular IP address to the blocklist, generating an IP address entry in the blocklist for the particular IP address, the IP address entry optionally including a corresponding time-based expiration. The example method may include outputting the blocklist or the IP address entry, such as in response to a request from a firewall.Type: GrantFiled: October 20, 2021Date of Patent: August 6, 2024Assignee: Wells Fargo Bank, N.A.Inventors: Upul D. Hanwella, Shawna K. Murphy Butterworth, Bryan D. Hall, James Condron Hudson, Christian Tobias Sorensen, Samantha T. Grosby, Nicola A. Maiorana, Richard Joseph Schroeder, Shailesh Hedaoo, William Norton Hebert
-
Patent number: 12058152Abstract: A dynamic cloud-based threat detection system is disclosed. The system comprises a network broker that receives communication sessions associated with communication device(s) via a network and selects and sends a predefined number of packets of each communication session to a detection based on packet selection rules. The communication device(s) comprises customer premises equipment (CPE) and/or a mobile communication device. The detection engine receives and inspects the predefined number of packets of each communication session and a governor that initiates blocking of particular communication traffic based on the inspection. The system also comprises a dynamic optimizer that monitors factor(s) and creates and sends updated packet rules to the network broker based on the monitoring. The network broker selects and sends a different predefined number of packets of each of a second plurality of communication sessions to the detection engine for inspection based on the updated packet selection rules.Type: GrantFiled: December 28, 2021Date of Patent: August 6, 2024Assignee: CYBER ADAPT, INC.Inventors: Simon Williams, Michael Weinberger, Sam Stover, David Kramer
-
Patent number: 12058147Abstract: The present disclosure relates to methods and apparatus that collect data regarding malware threats, that organizes this collected malware threat data, and that provides this data to computers or people such that damage associated with these software threats can be quantified and reduced. The present disclosure is also directed to preventing the spread of malware before that malware can damage computers or steal computer data. Methods consistent with the present disclosure may optimize tests performed at different levels of a multi-level threat detection and prevention system. As such, methods consistent with the present disclosure may collect data from various sources that may include endpoint computing devices, firewalls/gateways, or isolated (e.g. “sandbox”) computers. Once this information is collected, it may then be organized, displayed, and analyzed in ways that were not previously possible.Type: GrantFiled: July 12, 2022Date of Patent: August 6, 2024Assignee: SonicWALL Inc.Inventors: F. William Conner, MinhDung Joe NguyenLe, Atul Dhablania, Richard Chio, Justin Jose, Lalith Kumar Dampanaboina
-
Patent number: 12058234Abstract: A system may provide blockchain-based storage node control for unified proof-of-storage interaction for off-chain data chunk storage. The system may include verification circuitry that may provide a challenge to a storage node to audit the storage status of a data chunk. The verification circuitry may obtain identities for the storage node and data chunk based on blockchain records. The verification circuitry may obtain a challenge answer from the storage node in response. The verification circuitry may analyze the challenge answer in view of a challenge key to confirm whether the storage node has possession of the data chunk. When the storage node has possession of the data chunk chain circuitry may add a verification record to the blockchain.Type: GrantFiled: March 27, 2020Date of Patent: August 6, 2024Assignees: Accenture Global Solutions Limited, The Trustees of the Stevens Institute of TechnologyInventors: Giuseppe Ateniese, Giuseppe Giordano, Luca Schiatti, Abdoulaye Faye, Andrea Maria Milazzo, Danilo Francati, Angelo Massimo Perillo
-
Patent number: 12050693Abstract: Systems and methods for attributing user behavior from multiple technical telemetry sources are provided. An example method includes determining that the user has logged into the computing device, in response of the determination, collecting log data from a plurality of telemetry sources associated with the computing device, extracting, from the log data, activity data concerning activities of the computing device, analyzing the activity data to determine that the activity data are attributed to the user, generating, based on the activity data, behavior attributes of the user, associating the behavior attributes with a unique identifier of the computing device, and estimating security integrity of the computing device based on a comparison of the behavior attributes to reference behavior attributes. The reference behavior attributes include further behavior attributes determined using log data of at least one further computing device associated with the user.Type: GrantFiled: January 29, 2021Date of Patent: July 30, 2024Assignee: vArmour Networks, Inc.Inventors: Hsisheng Wang, Paul Bigbee, Marc Woolward, Keith Stewart, Meng Xu
-
Patent number: 12050706Abstract: A computing device may include a memory storing a first dataset and a second dataset and a processor configured to provide an operating system. The computing device may also include a container defined by a programmed boundary within at least the memory and provided by the operating system. A resource executed within the container may access the first dataset without accessing the second dataset. However, the resource may access the second dataset in response to a generation of a certificate. The resource may originate from following a hyperlink in a communication.Type: GrantFiled: December 21, 2020Date of Patent: July 30, 2024Assignee: United Services Automobile Association (USAA)Inventors: Ashley Raine Philbrick, Ryan Thomas Russell, David Joaquin Harris, Sacha Melquiades De'Angeli
-
Patent number: 12052270Abstract: A threat management facility for an enterprise network integrates native threat management capabilities with threat data from a cloud service provider used by the enterprise. By properly authenticating to the cloud service and mapping data feeds from the cloud service to a native threat management environment, the threat management facility can extend threat detection and management capabilities beyond endpoint-centric techniques.Type: GrantFiled: May 26, 2022Date of Patent: July 30, 2024Assignee: Sophos LimitedInventors: Biju Balakrishnan Nair, Brian Steven Vysocky, Jr.
-
Patent number: 12052271Abstract: A threat management facility receives data from a variety of sources such as compute instances within an enterprise network, cloud service providers supporting the enterprise network, and third-party data providers such as geolocation services. In order to facilitate prompt notification of potential risks, the threat management facility may incrementally update data for use in threat assessments as the data becomes available from these different sources, and create suitable alerts or notifications whenever the currently accumulated data provides an indication of threat meeting a predetermined threshold.Type: GrantFiled: May 26, 2022Date of Patent: July 30, 2024Assignee: Sophos LimitedInventors: Andrew J. Thomas, Mangal Rakesh Vankadaru, Prakash Kumar Talreja, Timothy Rayment, Biju Balakrishnan Nair
-
Patent number: 12045808Abstract: Methods and systems for providing browser extension are disclosed. In some embodiments, the browser extension system includes a communication device in communication with a computing device and a networked system. The browser extension system also includes a processor configured to perform operations comprising: maintaining data associated with the computing device; detecting, through a browser extension application running on the computing device, a field in a web page associated with the networked system and provided by a web browser application running on the computing device; and in response to detecting the field: (i) automatically populating the field, through the browser extension application, with a secure token mapped to the data, (ii) detecting, through the browser extension application, a submission script associated with the web page, and (iii) automatically executing the submission script to submit the secure token through the browser extension application to the networked system.Type: GrantFiled: April 21, 2023Date of Patent: July 23, 2024Assignee: Capital One Services, LLCInventors: Matthew de Ganon, Thomas S. Poole, Paul Y. Moreton, Dwij Trivedi, Kunal Arora, Katherine H. McHugh
-
Patent number: 12045335Abstract: A computer-implemented method for software detection is disclosed. The computer-implemented method includes scanning a list of file systems present on a computer system and described by a respective mount point for a signature from a set of predetermined signatures. The computer-implemented method further includes responsive to detecting the signature from the set of predetermined signatures, selecting a particular plugin from a predetermined list of plugins based, at least in part, on the detected signature. The computer-implemented method further includes querying, using the plug-in, an operating environment of the filesystem for data indicative of software running in the operating environment. The computer-implemented method further includes determining software running in the operating environment based, at least in part, on the data returned from querying the operating environment of the filesystem.Type: GrantFiled: March 29, 2022Date of Patent: July 23, 2024Assignee: International Business Machines CorporationInventors: Grzegorz Piotr Szczepanik, Piotr Kalandyk, Łukasz Józef Matyasik, Piotr Jan Kotara
-
Patent number: 12045341Abstract: An unauthorized communication detection device that detects unauthorized communication in a manufacturing system that manufactures products includes: an obtainer that obtains operation information of the manufacturing system; a storage that stores element information indicating one or more target elements among a plurality of elements related to manufacturing of the products; a specifier that specifies, for each of a plurality of communications performed in the manufacturing system, an element corresponding to the communication, based on the operation information; a calculator that calculates an abnormal degree of each of one or more communications, which satisfy that the element specified by the specifier is included in the one or more target elements indicated by the element information, among the plurality of communications; and a determiner that determines that, when an abnormal degree calculated by the calculator is larger than a threshold value, a communication corresponding to the abnormal degree is thType: GrantFiled: June 7, 2019Date of Patent: July 23, 2024Assignee: PANASONIC INTELLECTUAL PROPERTY MANAGEMENT CO., LTD.Inventors: Hiroshi Amano, Narumi Atsuta, Noriaki Hamada, Yosuke Tajika, Nobutaka Kawaguchi, Yuichi Higuchi, Taichi Shimizu
-
Patent number: 12047484Abstract: A method for executing a function, secured by temporal desynchronization, includes when a first legitimate instruction is loaded, noting the opcode of this first legitimate instruction, then constructing a dummy instruction on the basis of this noted opcode, the dummy instruction thus constructed being identical to the first legitimate instruction except that its operands are different, then incorporating the dummy instruction thus constructed into a sequence of dummy instructions used to delay the time at which a second legitimate instruction is executed.Type: GrantFiled: March 11, 2022Date of Patent: July 23, 2024Assignee: Commissariat à l'Energie Atomique et aux Energies AlternativesInventors: Gaëtan Leplus, Olivier Savry
-
Patent number: 12045338Abstract: Provided is a method of securing a software code of an application including at least one constant data. The method produces secure software code can then be executed on a processor. The method includes fragmenting current constant data into several valid data chunks of random length, encoding and storing the valid data chunks at random locations in the application software code, identifying all occurrences of the current constant data in the application software code and replacing each of them with a call to a Runtime application self-protection (RASP) agent for reading the current constant data, and inserting, at random locations of a control flow graph of the application software code, RASP check instructions which when executed at runtime. The RASP agent being configured for running in the application runtime environment and being capable of controlling application execution and detecting and preventing real-time attacks.Type: GrantFiled: April 8, 2020Date of Patent: July 23, 2024Assignee: THALES DIS CPL USA, INC.Inventors: Peter Garba, Roman Rohleder
-
Patent number: 12045344Abstract: Aspects of the disclosure relate to preventing unauthorized screen capture activity. A computing platform may detect, via an infrared sensor associated with a computing device, an infrared signal from a second device attempting an unauthorized image capture of contents being displayed by a display device of the computing device. Subsequently, the computing platform may determine, via the computing platform, the contents being displayed by the display device. Then, the computing platform may retrieve a record of the contents being displayed by the display device. Then, the computing platform may determine a risk level associated with the infrared signal. Subsequently, the computing platform may perform, via the computing platform and based on the risk level, a remediation task to prevent the unauthorized image capture.Type: GrantFiled: May 16, 2023Date of Patent: July 23, 2024Assignee: Bank of America CorporationInventors: Michael Beveridge, Elizabeth R. Liuzzo, Daniel Horne, Marci Landy
-
Patent number: 12045346Abstract: Systems, methods, and computer-readable media for cybersecurity are disclosed. The systems and methods may involve receiving, by an application capable of JavaScript execution, code for execution; executing, before execution of the received code, an intercepting code, wherein the intercepting code is configured to intercept at least one application programming interface (API) invocation by the received code; intercepting, by the intercepting code, an API invocation by the received code; determining that the intercepted API invocation results in a manipulation of a backing store object; and modifying an execution of the intercepted API invocation, wherein the modified execution results in a nonpredictable environment state.Type: GrantFiled: October 30, 2023Date of Patent: July 23, 2024Assignee: SERAPHIC ALGORITHMS, LTD.Inventor: Avihay Cohen
-
Patent number: 12045267Abstract: A computing device including a memory and a processor is provided. The memory stores processor executable instructions for an entity engine. The processor is coupled to the memory. The processor executes the entity engine to cause the computing device to model entities, which hold or classify data. The processor executes the entity engine to cause the computing device to store in the memory a list identifying each of the entities and the entities themselves in correspondence with the list. The processor executes the entity engine to cause the computing device to provide, in response to a selection input from an external system, access to the entities based on the list. The access includes providing the list to the external system, receiving the selection input identifying a first entity of the entities, and exporting the first entity from the memory to the external system.Type: GrantFiled: May 19, 2023Date of Patent: July 23, 2024Assignee: UiPath, Inc.Inventors: Ankit Saraf, Mircea Grigore, Palak Kadakia
-
Patent number: 12047397Abstract: Methods and systems for detecting threats using threat signatures loaded in a computing device.Type: GrantFiled: May 23, 2022Date of Patent: July 23, 2024Assignee: Sophos LimitedInventors: Santosh Subramanya, Shankar Jayaraman, Sajimon Kurien, Mukesh Kumar, Guruskanthan Viswanathan, Sean McDonald
-
Patent number: 12045326Abstract: A disclosed method installs an I/O trap protocol to provide an authentication callback function for handling I/O trap events. I/O trap events may include write operations accessing any of one or more identified I/O addresses. An I/O trap event may be registered with the authentication callback function for each of one or more identified I/O addresses. Original values of data may be stored in a memory resource. Any occurrences of an I/O trap event triggers the authentication callback function to perform I/O trap operations. The I/O trap operations may include determining whether the I/O trap event is associated with an approved driver and, if not, restoring data stored at the identified I/O address to an original value. Installing the I/O trap protocol may include installing the I/O trap protocol during a system management mode (SMM) phase of a UEFI boot sequence.Type: GrantFiled: July 14, 2022Date of Patent: July 23, 2024Assignee: Dell Products L.P.Inventors: Sumanth Vidyadhara, Karunakar Poosapalli, Bibby Yeh
-
Patent number: 12041079Abstract: A computer system and process for mitigating a Distributed Denial of Service (DDoS) attack to one or more protected computer networks by determining keywords and/or patterns in HyperText Transfer Protocol (HTTP) responses. Stored HTTP responses are analyzed to extract one or more HTTP characteristics for each stored HTTP response. One or more patterns having one or more keywords in each stored HTTP response is determined utilizing the extracted one or more HTTP characteristics for each stored HTTP response. A hash value is determined for each determined pattern, which is preferably stored in a hash structure accompanied by its respective determined HTTP characteristics. Each hash value accompanied by its respective determined HTTP characteristics is stored as a mitigation filter candidate if the hash value contains a determined pattern consisting of at least a predetermined percentage of all determined patterns stored in the hash structure.Type: GrantFiled: May 12, 2022Date of Patent: July 16, 2024Assignee: ARBOR NETWORKS, INC.Inventors: Steinthor Bjarnason, Ellis Roland Dobbins
-
Patent number: 12039038Abstract: Examples of the present disclosure describe systems and methods for behavioral threat detection definition. In an example, a behavior rule comprising a set of rule instructions is used to define one or more events indicative of a behavior. For example, a set of events from which one event must be matched may be defined or a set of events from which all events must be matched may be defined. In some examples, events are matched based on an event name or type, or may be matched based on one or more parameters. Exact and/or inexact matching may be used. The set of rule instructions ultimately specifies one or more halt instructions, thereby indicating that a determination as to the presence of the behavior has been made. Example determinations include, but are not limited to, a match determination, a non-match determination, or an indication that additional monitoring should be performed.Type: GrantFiled: April 19, 2023Date of Patent: July 16, 2024Assignee: OPEN TEXT INC.Inventors: Eric Klonowski, Fred Krenson