Monitoring Or Scanning Of Software Or Data Including Attack Prevention Patents (Class 726/22)
-
Patent number: 11416611Abstract: An application downloaded from the network onto a target (production) machine can be validated in a sandbox environment. An execution report can be generated during the validation. When the validated application is executed on the target machine, operations performed by the application are limited based on the execution report.Type: GrantFiled: February 12, 2020Date of Patent: August 16, 2022Assignee: VMWARE, INC.Inventors: Tanmay Ajit Dalvi, Vaibhav Diwakar Kulkarni, Anand Jaysingh Bhalerao
-
Patent number: 11418539Abstract: A method, computer program product, and a system where a processor(s) determines that a destination has been retained as a link in an application. The processor(s) monitors connections of the application to the destination retained as the link, where connecting is providing a locator of the destination to a server(s) to obtain an address for the destination. The processor(s) determines an average time period measured from providing the locator to the server(s) to obtaining the address. The processor(s) retains the returned address for each connection within a given time period. The processor(s) determines that the application has initiated a new connection to the destination and the new connection is incomplete after a time period calculated relative to the average time period has lapsed. The processor(s) provides selectable options in a user interface of the application that are the retained address(es).Type: GrantFiled: February 7, 2019Date of Patent: August 16, 2022Assignee: International Business Machines CorporationInventor: Johnny Shieh
-
Patent number: 11418547Abstract: Embodiments are provided for integrating feedback into alert managing processes having defined alert policies. These policies define conditions that, when satisfied by certain detected activities, triggers an alert to be sent to a client. A determination is made that a current detected activity does satisfy the condition(s). Subsequent to determining that the set of conditions is satisfied and prior to actually generating the alert, the current detected activity is determined to share a relationship with previously received feedback that caused the alert policy to be modified. After being modified, the alert policy specified whether the alert is to be sent to the client, modified and then sent, suspended, or disabled. The alert is then either generated or refrained from being generated based on the alert policy.Type: GrantFiled: October 22, 2019Date of Patent: August 16, 2022Assignee: Microsoft Technology Licensing, LLCInventors: Andrey Karpovsky, Yotam Livny, Fady Nasereldeen, Tamer Salman
-
Patent number: 11416610Abstract: A threat information evaluation apparatus that evaluates threat information includes an allocation unit that allocates threat information in an input threat information list to a security operator or an evaluation unit, and an evaluation unit that evaluates the threat information allocated to the evaluation unit. The allocation unit calculates an estimation accuracy on the basis of evaluation performed by the evaluation unit and evaluation determined by the security operator, and allocates the threat information on the basis of the estimation accuracy.Type: GrantFiled: March 25, 2019Date of Patent: August 16, 2022Assignee: Nippon Telegraph and Telephone CorporationInventors: Hidetoshi Kawaguchi, Yuichi Ishihara
-
Patent number: 11418477Abstract: A local area social networking server limits social networking activity to people likely to be in close physical proximity to one another and likely to be engaged in similar activities, even people previously unknown to each other, by only permitting social networking between computing devices that are connected to one another through a common local area network. The server identifies recipient devices for a message that (i) are coupled to the same local area network as the sending device, (ii) are associated with demographic characteristics that match those specified for the message as intended recipients, and (iii) are indicated by receptivity data to be receptive to the message and the sender.Type: GrantFiled: December 28, 2020Date of Patent: August 16, 2022Assignee: UNILOC 2017 LLCInventor: Craig S. Etchegoyen
-
Patent number: 11418520Abstract: Techniques to facilitate network security analysis and attack response are disclosed herein. In at least one implementation, a passive analysis system receives a copy of network traffic, performs deep analysis on the copy of network traffic, and generates security data points based on the deep analysis. The passive analysis system then provides the security data points to an active inline security device, wherein the active inline security device compares incoming network traffic to the security data points to detect security events.Type: GrantFiled: June 10, 2016Date of Patent: August 16, 2022Assignee: Cequence Security, Inc.Inventors: Shreyans Mehta, Ameya Talwalkar
-
Patent number: 11411918Abstract: Web server security is assessed. Some embodiments analyze data exchanged with a web server to determine a risk associated with accessing the web server. For example, one or more of a type of web application accessed via the web server, a type of interpreted language used to implement the web server, and/or a type and/or version of an http server operable on the web server are examined. Based on the analysis, the risk associated with accessing the web server is determined. Some embodiments then block access to the web server based on the analysis. Alternatively, in some embodiments, a user may be alerted to the risk, and then allowed to proceed upon accepting the risks. Some embodiments share the determined risk assessment with other client devices via a web server risk data store.Type: GrantFiled: May 26, 2020Date of Patent: August 9, 2022Assignee: Microsoft Technology Licensing, LLCInventor: Danut Antoche Albisor
-
Patent number: 11409631Abstract: The invention makes it possible to reuse a verification script without manually modifying the internal parameters of the verification script. A verification automation apparatus 1 adapts a verification script to a system that is to be verified. The verification automation apparatus 1 includes: a verification script acquisition unit 101 that acquires a verification script that includes an execution script for verification work and execution enabling requirements for executing the execution script; a verification configuration search unit 104 that searches the system to be verified, for configurations for which the execution script is executable, using environment information regarding the system to be verified, and the execution enabling requirements; and an execution script materializing unit 105 that materializes the execution script based on the configuration that has been found through the search, so as to be executable in the system to be verified.Type: GrantFiled: June 27, 2019Date of Patent: August 9, 2022Assignee: NEC CORPORATIONInventor: Tatsuya Fukuda
-
Patent number: 11409635Abstract: A computer system includes an operating system, a memory coupled to the operating system, and a processor (e.g., an anti-debug processor) coupled to the operating system. The operating system receives, from a debug process, a request to create an essential debug object for attachment to a target process. The anti-debug processor scans a kernel memory of the operating system for the essential debug object and verifies a presence of the essential debug object in the kernel memory, and scans the kernel memory to identify a process that has stored in the kernel memory the essential debug object. The anti-debug processor then halts the debug process, without using an internal interface or function of the operating system, thereby preventing the debug process from attaching to the target process.Type: GrantFiled: August 23, 2019Date of Patent: August 9, 2022Assignee: Raytheon CompanyInventor: Daniel S. Rose
-
Patent number: 11411974Abstract: The implementations described herein provide a tool for identifying security issues and applying security policies to the service(s) and/or microservices. Rather than a user (such as an administrator) reactively diagnosing security incidents, the systems and methods described herein may provide a tool by which the user can proactively monitor the use of the services and microservices for security issues and control the user of such microservices and services via policies. The systems and methods allow API granular policy control to determine which APIs may be granted or denies access based on a variety of criteria, such as but not limited to the source of the request, the specific API being called, temporal conditions, geography and so forth. The user can identify security concerns or issues on a per API basis.Type: GrantFiled: May 17, 2019Date of Patent: August 9, 2022Assignee: Citrix Systems, Inc.Inventor: Chiradeep Vittal
-
Patent number: 11409869Abstract: Aspects of the present disclosure relate to threat detection of executable files. A plurality of static data points may be extracted from an executable file without decrypting or unpacking the executable file. The executable file may then be analyzed without decrypting or unpacking the executable file. Analysis of the executable file may comprise applying a classifier to the plurality of extracted static data points. The classifier may be trained from data comprising known malicious executable files, known benign executable files and known unwanted executable files. Based upon analysis of the executable file, a determination can be made as to whether the executable file is harmful.Type: GrantFiled: February 14, 2020Date of Patent: August 9, 2022Assignee: Webroot Inc.Inventors: Mauritius Schmidtler, Gaurav Dalal, Reza Yoosoofmiya
-
Patent number: 11405217Abstract: The present application relates to ensuring data consistency between a modular device and an external system. Techniques are described for ensuring data consistency between devices at a control device using configuration signatures. A control device can receive and store a baseline configuration signature for a first modular device. Upon initialization of the first modular device, the control device can receive a current configuration signature from the first modular device. The control device can compare the current configuration signature with the baseline configuration signature and, if a mismatch is found, generate a notification indicating that data subsequently received from the first modular device is of uncertain integrity.Type: GrantFiled: July 2, 2020Date of Patent: August 2, 2022Assignee: Schneider Electric USA, Inc.Inventors: Kevin M. Jefferies, Daniel Martin, Surya Narayana H Govindaraju, Juergen Fiess, Christian Ringwald, Wolfgang Fien
-
Patent number: 11403152Abstract: Embodiments of the disclosure provide a method and system for task orchestration. A method may include: providing, by a task master control unit, an execution instruction of a task related to a module in an application container to a node agent service unit in an auxiliary application container bound to the application container, the auxiliary application container sharing a file system with the application container; and executing, by the node agent service unit, a command for completing the task, in response to acquiring the execution instruction of the task.Type: GrantFiled: September 5, 2019Date of Patent: August 2, 2022Assignee: Beijing Baidu Netcom Science and Technology Co., Ltd.Inventor: Haodong Chen
-
Patent number: 11397813Abstract: Disclosed is a method and system for verifying a regex group. The method comprises verifying of a regex group by creating a flow id through a processor for the regex group when source reaches the sink. The flow id is used for tracking the flow of the regex group. The processor checks in case the flow id is a previously tested flow id. When the flow id is not the previously tested flow id, the processor passes one or more run tasks through a processor forming a queue. The processor tests for one or more vulnerabilities to be associated with the regex group based on the passing, wherein the testing is used to qualify the regex group as a valid regex group.Type: GrantFiled: May 8, 2020Date of Patent: July 26, 2022Assignee: HCL TECHNOLOGIES LIMITEDInventors: Jonathan Afek, Gal Ben-Yair
-
Patent number: 11399045Abstract: A network-accessible service such as a web site may authenticate users through a login process. In order to detect possibly fraudulent login events, the service may implement a framework based on recorded login events. For example, attributes of multiple recorded login events may be analyzed to create a framework that can be applied to attributes of newly received login requests to predict whether the newly received login requests are fraudulent. The framework may comprise criteria, algorithms, rules, models, and/or techniques, and may be constructed using various means such as pattern recognition, machine learning, and/or cluster analysis.Type: GrantFiled: April 10, 2020Date of Patent: July 26, 2022Assignee: T-Mobile USA, Inc.Inventors: James Alexander Latham, Zoltan Homorodi, Michael Engan
-
Patent number: 11392723Abstract: Computer-implemented threat detection method and systems are provided. The method comprises discovering threat data associated with a first entity, translating the threat data to one or more threat models, translating the one or more threat models, using a threat model parameter generator, to at least a parameter threat model and translating the parameter threat model to one or more identification queries. The one or more identification queries may be executed and the generated results may be translated to result data in a first format. The one or more result data models may be published from the result data in one or more formats or to one or more locations.Type: GrantFiled: May 20, 2020Date of Patent: July 19, 2022Assignee: Cyber Team SixInventors: Jason Britt, Patrick A. Westerhaus
-
Patent number: 11394808Abstract: A computer-implemented method to determine which port in a container is a service port. The method includes identifying, a first container, wherein the first container comprises a plurality of ports. The method further includes, training a neural network, wherein the neural network is configured to identify at least one service port from the plurality of ports. The method further includes, monitoring, by a network monitor, a set of data sent to the first container comprising a first parameter. The method includes, identifying a first service port of the plurality of ports. The method further includes, marking the first service port.Type: GrantFiled: August 3, 2020Date of Patent: July 19, 2022Assignee: KYNDRYL, INC.Inventors: Seng Chai Gan, Shikhar Kwatra, Michael Treadway, John David Mandra
-
Patent number: 11392695Abstract: There is disclosed in one example a computer-implemented anti-ransomware method, including: selecting a file for inspection; assigning the file to a type class according to a file type identifier; receiving an expected byte correlation for the type class; computing, according to a byte distribution of the file, a byte correlation for the file; comparing, via statistical analysis, the byte correlation to the expected byte correlation; and determining that the file has been compromised, including determining that the file has a byte correlation that deviates from the expected byte correlation by more than a threshold, taking a ransomware remediation action for the file.Type: GrantFiled: October 5, 2020Date of Patent: July 19, 2022Assignee: McAfee, LLCInventors: Kunal Mehta, Sherin Mary Mathews, Carl D. Woodward, Celeste R. Fralick, Jonathan B. King
-
Patent number: 11388176Abstract: The present disclosure relates to methods and apparatus that collect data regarding malware threats, that organizes this collected malware threat data, and that provides this data to computers or people such that damage associated with these software threats can be quantified and reduced. The present disclosure is also directed to preventing the spread of malware before that malware can damage computers or steal computer data. Methods consistent with the present disclosure may optimize tests performed at different levels of a multi-level threat detection and prevention system. As such, methods consistent with the present disclosure may collect data from various sources that may include endpoint computing devices, firewalls/gateways, or isolated (e.g. “sandbox”) computers. Once this information is collected, it may then be organized, displayed, and analyzed in ways that were not previously possible.Type: GrantFiled: April 30, 2020Date of Patent: July 12, 2022Assignee: SONICWALL INC.Inventors: F. William Conner, MinhDung Joe NguyenLe, Atul Dhablania, Richard Chio, Justin Jose, Lalith Kumar Dampanaboina
-
Patent number: 11386201Abstract: A bus control device is enabled for placement between an input port to which a suspect device would be connected and the bus. In this manner, all message received from the suspect device, such an infotainment system, must pass through the bus control device. A separate intrusion detection device is coupled to the bus. The bus control device is arranged to output a notification message to the intrusion detection device, the notification message comprising information about the received message. The intrusion detection device is arranged to determine the validity of the received message responsive to the received notification message.Type: GrantFiled: August 6, 2017Date of Patent: July 12, 2022Assignee: C2A-SEC, Ltd.Inventor: Shlomo Oberman
-
Patent number: 11388196Abstract: A method for analyzing relationships between clusters of devices includes selecting a first device from a first cluster of devices and selecting a second device from a second cluster of devices. Information related to a first communication link associated with the first device and information related to a second communication link associated with the second device is obtained. A similarity metric is computed based on the obtained information. The similarity metric represents a similarity between the first communication link and the second communication link associated with the second device. A relationship between the first and second clusters is determined using the computed similarity metric. When a cyberattack is detected on the devices in the first cluster or the second cluster, protection of all devices in the first cluster and the second cluster is modified based on the determined relationship in order to defend the respective clusters from the cyberattack.Type: GrantFiled: June 1, 2020Date of Patent: July 12, 2022Assignee: AO Kaspersky LabInventors: Dmitry G. Ivanov, Andrey V. Ladikov, Pavel V. Filonov
-
Patent number: 11386180Abstract: Methods, systems, and apparatus for resource locator remarketing are presented. In one aspect, a method includes receiving visitation data from a publisher, the visitation data specifying a device identifier and a resource locator specifying a resource that was provided to a user device; identifying a content feed that includes regular expressions, each regular expression specifying matching character strings and a set of content items that are eligible to be provided to user devices corresponding to visitation data including a resource locator matching one of the regular expressions; identifying, a first matching regular expression that matches the resource locator specified by the visitation data; selecting a content item from the content items that correspond to the first matching regular expression; and providing data that causes presentation of the selected content item to the user device.Type: GrantFiled: December 7, 2020Date of Patent: July 12, 2022Assignee: Google LLCInventors: Jyotsna Vaideeswaran, Kamal Tiwari, Jayavel Shanmugasundaram, Hongjie Bai
-
Patent number: 11386349Abstract: In one embodiment, a system is configured to identify, based on predetermined criteria, a first set of users of an online system who belong to a population segment. The system may monitor activities performed by the first set of users on the online system over a predetermined period of time and store the monitored activities as time-series data. A feature set associated with the first set of users may be generated by transforming the time-series data into a frequency domain. The system may train a machine-learning model using the feature set and other feature sets to determine whether activities associated with a given set of users exhibit diurnal behavior pattern. Using the trained machine-learning model, the system may determine whether activities performed by a second set of users on the online system exhibit diurnal behavior pattern.Type: GrantFiled: May 16, 2017Date of Patent: July 12, 2022Assignee: Meta Platforms, Inc.Inventors: Nedyalko Prisadnikov, Hüseyin Kerem Cevahir
-
Patent number: 11388193Abstract: Described systems and methods enable a swift and efficient detection of fraudulent Internet domains, i.e., domains used to host or distribute fraudulent electronic documents such as fraudulent webpages and electronic messages. Some embodiments use a reverse IP analysis to select a set of fraud candidates from among a set of domains hosted at the same IP address as a known fraudulent domain. The candidate set is further filtered according to domain registration data. Online content hosted at each filtered candidate domain is further analyzed to identify truly fraudulent domains. A security module may then prevent users from accessing a content of such domains.Type: GrantFiled: December 27, 2018Date of Patent: July 12, 2022Assignee: Bitdefender IPR Management Ltd.Inventor: Alin O. Damian
-
Patent number: 11381527Abstract: The present disclosure relates to information prompt methods and apparatus. One example method includes determining a first communication object from a target communication object set, obtaining first interaction information corresponding to the first communication object, receiving input information by using an information input interface of the first communication object, determining a matching degree between the input information and the first communication object based on the input information and the first interaction information, and performing prompt if the matching degree is less than a first threshold.Type: GrantFiled: February 23, 2017Date of Patent: July 5, 2022Assignee: Huawei Technologies Co., Ltd.Inventor: Xiaobo Yu
-
Patent number: 11381594Abstract: A device includes a processor and a memory. The processor effectuates operations including monitoring enterprise network traffic associated with one or more user equipment (UE). The processor further effectuates operations including comparing the enterprise network traffic to a UE profile associated with each of the one or more UE. The processor further effectuates operations including determining whether the comparison indicates that a predetermined threshold has been exceeded. The processor further effectuates operations including in response to the indication that the predetermined threshold has been exceeded, generating an alert, wherein exceeding the predetermined threshold is indicative of a denial of service attack on an enterprise network or an attempt to remove enterprise data via the one or more UE.Type: GrantFiled: March 26, 2020Date of Patent: July 5, 2022Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.Inventors: Yaron Koral, Arun Jotshi, Ashwin Sridharan, Kartik Pandit
-
Patent number: 11381578Abstract: A system and method are disclosed for network-based file analysis for malware detection. Network content is received from a network tap. A binary packet is identified in the network content. A binary file, including the binary packet, is extracted from the network content. It is determined whether the extracted binary file is detected to be malware.Type: GrantFiled: September 9, 2014Date of Patent: July 5, 2022Assignee: FireEye Security Holdings US LLCInventors: Jayaraman Manni, Ashar Aziz, Fengmin Gong, Upendran Loganathan, Muhammad Amin
-
Patent number: 11381573Abstract: Implementations of this specification include identifying a plurality of transactions to be executed in the blockchain, wherein the transactions are arranged in an execution order, wherein the transactions include one or more smart contract calls to smart contracts each having a whitelist identifying one or more accounts that are authorized to execute the smart contract, and wherein the execution order includes a smart contract call to a smart contract that does not have a whitelist arranged after the plurality of transactions; identifying groups of transactions within the plurality of transactions; instructing nodes of the blockchain network to execute each of the groups of transactions in parallel; determining that the nodes of the blockchain network have completed executing all of the groups of transactions; and in response, instructing the nodes of the blockchain network to execute the smart contract call that does not include a whitelist.Type: GrantFiled: February 1, 2021Date of Patent: July 5, 2022Assignee: Advanced New Technologies Co., Ltd.Inventors: Ning Xia, Guilu Xie, Fuxi Deng
-
Patent number: 11381636Abstract: To address technical problems facing managing multiple sources of information from multiple vehicles, vehicular computing power may be exploited to process such information before sharing with others, which may help reduce network traffic overhead. A technical solution to improve this information processing over vehicular networks by using a hybrid Named Function Network (NFN) and Information Centric Network (ICN), such as in a hybrid NFN/ICN. An NFN may be used to orchestrate computations in a highly dynamic environment after decomposing the computations into a number of small functions. A function may include a digitally signed binary supplied by a car vendor or other trusted authority and executed within a controlled environment, such as a virtual machine, container, Java runtime-environment, or other controlled environment.Type: GrantFiled: June 28, 2019Date of Patent: July 5, 2022Assignee: Intel CorporationInventors: S M Iftekharul Alam, Stepan Karpenko, Satish Chandra Jha, Yi Zhang, Kuilin Clark Chen, Kathiravetpillai Sivanesan, Gabriel Arrobo Vidal, Srikathyayani Srikanteswara, Hassnaa Moustafa, Eve M. Schooler, Sebastian Schoenberg, Venkatesan Nallampatti Ekambaram, Ravikumar Balakrishnan
-
Patent number: 11374971Abstract: A system accesses information regarding a topology of an arrangement of resources, where one of the resources is a multi-tiered resource having a plurality of layers. Based on the information regarding the topology of the arrangement of resources, the system selects one or more layers of the multi-tiered resource for deployment of a deception server that has a reduced security mechanism to act as a decoy to attract attackers of the system. The system deploys the deception server at the selected one or more layers of the multi-tiered resource.Type: GrantFiled: June 21, 2019Date of Patent: June 28, 2022Assignee: MICRO FOCUS LLCInventors: Pramod Kumar Ramachandra, Hemant Kumar Chikkappaiah Honnapura, Pramod Annachira Vitala
-
Patent number: 11372975Abstract: Systems and methods for management of data files using a plurality of interconnected operations associated with a plurality of roles are provided. A method involves receiving, from a user terminal, a request to access a portion of the plurality of interconnected operations corresponding to one of the plurality of roles, obtaining a human representation of the portion, and transmitting the human representation to the user terminal for display thereon. The human representation (i.e., an Episodic Social Network representation) is a spatial arrangement one or more affinity groups blocks interconnected via one or more conditional situation blocks, where each of the affinity groups represents a non-exclusive data file classification associated with a set of temporal and non-temporal characteristics and where each of the conditional situation blocks defines a set of conditions for transferring the data file from one of the affinity groups to another of the affinity groups.Type: GrantFiled: December 20, 2019Date of Patent: June 28, 2022Assignees: THE QUANTUM GROUP, INC.Inventors: Noel J. Guillama, Chester A. Heath
-
Patent number: 11375043Abstract: A program management system includes: a terminal device having a terminal processing unit capable of executing processing to create a computer program, and a terminal communication unit capable of transmitting the computer program created by the terminal processing unit to an outside; and an external device having an external device storage unit storing therein the computer program transmitted from the terminal device, and an external device processing unit capable of executing processing to give approval to the computer program stored in the external device storage unit. The external device storage unit stores therein appropriateness of approval of the computer program as first status information together with the computer program. The external device processing unit is capable of executing processing to manage the computer program based on the first status information.Type: GrantFiled: March 4, 2020Date of Patent: June 28, 2022Assignee: CITIZEN WATCH CO., LTD.Inventors: Ryutaro Uemura, Daisuke Matsuoh
-
Patent number: 11374959Abstract: A system and method for identifying and circumventing a security scanner includes monitoring incoming traffic to a web application, identifying a portion of the incoming traffic as security scanner traffic by comparing the incoming traffic to a security scanner traffic profile, and circumventing the security scanner by providing dummy content or signaling the web application to provide dummy content. The security scanner traffic profile is created by receiving web application traffic generated by a plurality of security scanners; identifying web application traffic features common to at least a portion of the plurality of security scanners by modelling using artificial intelligence, machine learning, and the like; and generating the security scanner traffic profile based on the identified web application traffic features.Type: GrantFiled: November 26, 2018Date of Patent: June 28, 2022Assignee: International Business Machines CorporationInventors: Jason M. Wicker, Travis Cornwell, Matthew Munse
-
Patent number: 11372640Abstract: Methods, systems, and computer program products comprising computer readable instructions for generating efficiency metrics for knowledge workers. Data for symbol contributions of a knowledge worker is used for calculating Knowledge Discovery Efficiency (KEDE), which is a ratio between the symbol contributions of the knowledge worker for a time period indicated by a time aggregation type and a predetermined constant representing an estimated maximum amount of symbol contributions that can be contributed for the time period indicated by the time aggregation type. Templates and fraudulent values of the contributions are excluded from the calculation.Type: GrantFiled: December 21, 2021Date of Patent: June 28, 2022Assignee: Foundation Modern Management InstituteInventor: Dimitar Venelinov Bakardzhiev
-
Patent number: 11368488Abstract: Systems, methods, and apparatuses enable one or more security microservices to optimize a security configuration of a networked environment by applying security policies to resource groups passively to determine whether network sets, resource groups, or security policies should be modified, prior to active enforcement. When security policies are applied passively, security actions that are performed in response to a violation of security policy do not impact network traffic. The one or more security microservices evaluate the results of the passive application of security policies to determine whether there is at least one recommended modification to network sets, resource groups, or security policies. When there is at least one recommended modification, the modification is applied.Type: GrantFiled: October 25, 2019Date of Patent: June 21, 2022Assignee: Fortinet, Inc.Inventors: Manuel Nedbal, Ratinder Paul Singh Ahuja, Manoj Ahluwalia, Jitendra Gaitonde, Rajiv Sreedhar, Ojas Milind Kale, Mark Raymond Lubeck, Yuk Suen Cheng, Suresh Rajanna, David Dvir Adler, Gary Nool
-
Patent number: 11368847Abstract: A networking behavior detector and a networking behavior detection method thereof for an indoor space are provided. The networking behavior detector receives a plurality of radio frequency (RF) signals in the indoor space and converts the RF signals to a plurality of digital signals. Next, the networking behavior detector calculates an energy value of each digital signal and filters out the digital signal, the energy value of which is smaller than a threshold, of the digital signals to generate an analysis signal. Finally, the networking behavior detector retrieves a plurality of energy feature values of each analysis signal to generate a feature datum, and analyzes the feature data through an identification model to generate an identification result. The identification result corresponds to one of a plurality of networking behaviors.Type: GrantFiled: December 3, 2019Date of Patent: June 21, 2022Assignee: INSTITUTE FOR INFORMATION INDUSTRYInventors: Chih-Wei Chen, Chia-Min Lai, Wei-Chen Tou
-
Patent number: 11368428Abstract: A method for reassigning exit internet protocol (IP) addresses in a virtual private network (VPN), the method including selecting a first exit IP address for communicating data associated with a user device having an established VPN connection, receiving a notification that indicates occurrence of a network event associated with the first exit IP address, and communicating, during the established VPN connection, data associated with the user device using a second exit IP address, different from the first exit IP address. Various other aspects are contemplated.Type: GrantFiled: July 25, 2021Date of Patent: June 21, 2022Assignee: UAB 360 ITInventors: Karolis Pabijanskas, Kiril Mikulskij
-
Patent number: 11368435Abstract: A technique for determining the safety of the content of beacon transmissions. A user device extracts beacon identification information from a beacon transmission. The user device queries the beacon registry to obtain the targeted content. The user device provides the targeted content and beacon identification information to a validation service. The validation service evaluates the targeted content and the beacon identification information for safety. The validation service determines a score based on that evaluation and sends the score to the user device. The user device alerts the user or performs background actions such as suppression of transmission of beacon contextual data to other apps on user device based on the score.Type: GrantFiled: January 29, 2016Date of Patent: June 21, 2022Assignee: McAfee, LLCInventors: Siddaraya Revashetti, Priyadarshini Rao Rajan, Sulakshana Zambre, Saira Sunil, Susmita Nayak
-
Patent number: 11368478Abstract: A system for detecting and preventing execution of malware on a target system includes an interface for receiving training data. The training data includes domain names known to be legitimate and domain names known to be associated with malware. The system is configured to train a first model to classify the domain names in the training data as being legitimate domain names or malware-associated domain names using a supervised learning methodology. The system configured to train a second model to predict a correct domain name associated with domain names in the training data using an unsupervised learning methodology. The system configured to train a third model to classify the domain names in the training data as being legitimate domain names or malware-associated domain names based on an output of the first learning model and an output of the second learning model.Type: GrantFiled: February 5, 2020Date of Patent: June 21, 2022Assignee: ACCENTURE GLOBAL SOLUTIONS LIMITEDInventor: Vicknesh Manoselvam
-
Patent number: 11368502Abstract: Systems and methods are described for managing services of a computing device over a mobile network where requests for managed or unmanaged services are translated to corresponding IP addresses sent to the computing device and corresponding requests sent to the translated IP addresses are either permitted, rated, quality controlled or secured if the computing device has a valid data plan or is otherwise permissioned for using the mobile network, are denied if filtered and if the computing device does not have a valid data plan or is not otherwise permissioned and the request corresponds to the first address, and are permitted, rated, quality controlled or not secured even if the computing device does not have a valid data plan or is not otherwise permissioned if the request corresponds to the second address.Type: GrantFiled: September 29, 2020Date of Patent: June 21, 2022Assignee: KAJEET, INC.Inventors: David Pinto, John Shorey, Daniel John Neal
-
Patent number: 11368482Abstract: A threat detection system for a mobile communication system, and a global device and a local device thereof are provided. The threat detection system is used for detecting and defensing low and slow distributed denial-of-service (LSDDoS) attacks. The global device is located in a core network of the mobile communication system, and is used for training a tensor neural network (TNN) model to build a threat classifier. The threat classifier is used for the local device to identify a plurality of threat types. The local device inputs the to-be-identified data into the threat classifier to generate a classification result corresponding to one of the threat types.Type: GrantFiled: January 30, 2020Date of Patent: June 21, 2022Assignee: INSTITUTE FOR INFORMATION INDUSTRYInventors: Yen-Wen Huang, Yi-Hsueh Tsai, Shu-Min Chuang
-
Patent number: 11362833Abstract: An approach is provided for embedding information into probe data. The approach involves retrieving a probe data set comprising a plurality of probe data points collected from a probe device. The approach also involves determining the information to embed, wherein the information is a bit string of a specified length. The approach further involves iteratively selecting at least one bit of the bit string to embed into at least one probe data point of the plurality of probe data points to generate an embedded probe data set until at least a predetermined portion of the bit string is embedded. The approach further involves providing the embedded probe data set as an output.Type: GrantFiled: September 30, 2019Date of Patent: June 14, 2022Assignee: HERE GLOBAL B.V.Inventors: Daniel Rolf, Raul Cajias
-
Patent number: 11362990Abstract: A method for reassigning exit internet protocol (IP) addresses in a virtual private network (VPN), the method comprising activating a first exit IP address for communicating data associated with a user device having an established VPN connection; deactivating, during the established VPN connection, the first exit IP address based at least in part on determining that an amount of data communication associated with the first exit IP address satisfies a data threshold; and activating, during the established VPN connection, a second exit IP address, different from the first exit IP address, for communicating data associated with the user device based at least in part on deactivating the first exit IP address. Various other aspects are contemplated.Type: GrantFiled: July 24, 2021Date of Patent: June 14, 2022Assignee: UAB 360 ITInventors: Karolis Pabijanskas, Kiril Mikulskij
-
Patent number: 11363037Abstract: A machine compromised by malicious activity is detected by identifying an anomalous port opened on an entity of a network. The anomalous port is detected through collaborative filtering using usage patterns derived from normal network traffic using open ports of entities on the network. The collaborative filtering employs single value decomposition with alternating least squares to generate a recommendation score identifying whether an entity having a newly-opened port is likely to be used for malicious activity.Type: GrantFiled: April 1, 2019Date of Patent: June 14, 2022Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC.Inventors: Omer Karin, Ram Haim Pliskin
-
Patent number: 11362995Abstract: Systems and methods for providing pre-emptive intercept warning for online privacy or security are disclosed. In one embodiment, at a privacy security appliance comprising at least one computer processor, a method for may include: (1) establishing a virtual private network (VPN) connection with a computer application executed by a client device; (2) receiving, over the VPN connection, an internet protocol (e.g., HTTP or HTTPS) request for a website host; (3) communicating the internet protocol request to the website host; (4) receiving a response to the internet protocol request from the website host; (5) inspecting the response for privacy or security issues with embedded links in the response; (6) scoring the embedded links based on the inspection; (7) generating a mock webpage based on the response comprising the scoring for the embedded links; and (8) delivering the mock webpage with the scoring to the application over the VPN. The mock webpage may include links to the embedded links.Type: GrantFiled: November 24, 2020Date of Patent: June 14, 2022Assignee: JPMORGAN CHASE BANK, N.A.Inventors: Tuan Dao, Howard Spector
-
Patent number: 11363052Abstract: Methods and systems for generating an attack path based on user and system risk profiles are presented. The method comprises determining user information associated with a computing device; determining system exploitability information of the computing device; determining system criticality information of the computing device; determining a risk profile for the computing device based on the user information, the system exploitability information, and the system criticality information; and generating an attack path based on the risk profile. The attack path indicates a route through which an attacker accesses the computing device. The system exploitability information indicates one or more of: the vulnerability associated with the computing device, an exposure window associated with the computing device, and a protection window associated with the computing device.Type: GrantFiled: July 19, 2019Date of Patent: June 14, 2022Assignee: Qualys, Inc.Inventors: Mayuresh Vishwas Dani, Ankur S. Tyagi, Rishikesh Jayaram Bhide
-
Patent number: 11363038Abstract: Embodiments include a method, system and computer program product for detecting impersonation attempts in social media messaging. Aspects include receiving, via a social media network, a message from a sender to a recipient and analyzing a content of the message to extract factual statements from the message. Aspects also include analyzing a profile of the recipient to extract facts from the profile and comparing each of the factual statements to the facts from the profile. Based on a determination that one of the factual statements are verifiable by at least one of the facts, aspects include assigning a likelihood score to the factual statements. Aspects further include calculating a legitimacy score for the message based at least in part on the likelihood score of each verified factual statement from the message and transmitting the legitimacy score and the message to the recipient.Type: GrantFiled: July 24, 2019Date of Patent: June 14, 2022Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Jasmeet Singh, Andrew R. Freed, Rebecca Rose James, Stephan Roorda
-
Patent number: 11356415Abstract: A method and system for detecting impersonated network traffic by a protected computing device and a network protection system. The method includes the computing device receiving installation of a browser application, the browser application configured to generate requests to communicate with other computers via the World Wide Web and receiving a configuration for the browser application. The browser application is configured to obtain a short-lived password (SLP) in coordination with generating a request and insert the short-lived password into the generated request before transmitting the request. The SLP is synchronized with an expected value generated by the network protection system. The transmitted request is passed to the network protection system and treated as legitimate network traffic by the network protection system only if the network protection system detects and verifies the SLP.Type: GrantFiled: April 22, 2020Date of Patent: June 7, 2022Assignee: Arbor Networks, Inc.Inventor: Bhargav Pendse
-
Patent number: 11349856Abstract: Embodiments provide a computer implemented method in a data processing system comprising a processor and a memory comprising instructions, which are executed by the processor to cause the processor to implement the method of identifying an exploit kit, the method comprising: receiving, by the processor, a web page; extracting, by the processor, a plurality of features of the web page; and determining, by the processor, whether the web page is associated with an exploit kit, through an ensemble classifier model trained using the extracted features.Type: GrantFiled: January 30, 2019Date of Patent: May 31, 2022Assignee: International Business Machines CorporationInventors: Bradley E. Harris, Moazzam Khan, Preeti Ravindra
-
Patent number: 11347839Abstract: Various embodiments are generally directed to techniques for control flow protection with minimal performance overhead, such as by utilizing one or more micro-architectural optimizations to implement a shadow stack (SS) to verify a return address before returning from a function call, for instance. Some embodiments are particularly directed to a computing platform, such as an internet of things (IoT) platform, that overlaps or parallelizes one or more SS access operations with one or more data stack (DS) access operations.Type: GrantFiled: June 26, 2019Date of Patent: May 31, 2022Assignee: INTEL CORPORATIONInventors: Abhishek Basak, Ravi L. Sahita, Vedvyas Shanbhogue