Vulnerability Assessment Patents (Class 726/25)
  • Patent number: 11930026
    Abstract: An integration manager identifies one or more services accessible by a computer system; determines a set of action components associated with the computer system, wherein each action component of the set of action components is configured to provide a functionality associated with at least one of the one or more services; receives, from a user of the computer system, a selection of a first action component from the set of action components; determines, based at least in part on the first action component, a second action component from the set of action components; links the first action component with the second action component, wherein an output of the first action component is linked to an input of the second action component; and generates an executable workflow, the executable workflow comprising the first action component linked with the second action component.
    Type: Grant
    Filed: July 9, 2021
    Date of Patent: March 12, 2024
    Assignee: EJ2 Communications, Inc.
    Inventor: Austin McDaniel
  • Patent number: 11930046
    Abstract: A system is provided for determining vulnerability metrics for graph-based configuration security. During operation, the system generates a multi-layer graph for a system with a plurality of interconnected components. The system determines, based on the multi-layer subgraph, a model for a multi-step attack on the system by: calculating, based on a first set of variables and a first set of tunable parameters, a likelihood of exploiting a vulnerability in the system; and calculating, based on a second set of variables and a second set of tunable parameters, an exposure factor indicating an impact of exploiting a vulnerability on the utility of an associated component. The system determines, based on the model, a set of attack paths that can be used in the multi-step attack and recommends a configuration change in the system, thereby facilitating optimization of system security to mitigate attacks on the system while preserving system functionality.
    Type: Grant
    Filed: June 17, 2021
    Date of Patent: March 12, 2024
    Assignee: Xerox Corporation
    Inventors: Massimiliano Albanese, Marc E. Mosko
  • Patent number: 11928219
    Abstract: A level of classification for each piece of data of one or more pieces of data is determined. A layer of encryption for each piece of data of the one or more pieces of data is determined. A type of encryption for each piece of data of the one or more pieces of data is determined. Other mechanisms applied to each piece of data of the one or more pieces of data is determined. A first constant for the layer of encryption, a second constant for the type of encryption, a third constant for the other mechanisms applied is determined. A risk factor for each piece of data of the one or more pieces of data is determined.
    Type: Grant
    Filed: June 16, 2021
    Date of Patent: March 12, 2024
    Assignee: International Business Machines Corporation
    Inventors: Rinkesh I. Bansal, Mahesh Shivram Paradkar, Raghuraman Seshadri, Nagendra Ramamurthy Pattavardhanam
  • Patent number: 11928212
    Abstract: Aspects of the disclosure relate to spear phishing simulation using machine learning. A computing platform may send, to an enterprise user device, a spear phishing message. The computing platform may receive initial user interaction information indicating how a user of the enterprise user device interacted with the spear phishing message. Based on the initial user interaction information and using a series of branching message templates, the computing platform may generate additional spear phishing messages. The computing platform may receive additional user interaction information indicating how the user interacted with the additional spear phishing messages. Based on the initial user interaction information and the additional user interaction information, the computing platform may compute spear phishing scores.
    Type: Grant
    Filed: October 8, 2020
    Date of Patent: March 12, 2024
    Assignee: Proofpoint, Inc.
    Inventor: Nicholas Patrick McClay
  • Patent number: 11924646
    Abstract: The disclosure describes systems and techniques for assessing risk of an open Wi-Fi network, at a consumer's request, before the consumer performs a transaction. The system receives a Wi-Fi network risk assessment request associated with a Wi-Fi network connection of a mobile device. Upon receiving the request, the system retrieves connection-related data from the mobile device. The connection-related data is associated with the Wi-Fi network connection. The system performs a Wi-Fi risk assessment of the Wi-Fi network connection. The system transmits a result of the risk assessment to the mobile device for presentation on the mobile device. The system also transmits the result of the risk assessment to an issuer server. The issuer server is associated with a payment account of the consumer. Moreover, the system transmits a step-up authentication alert to the issuer server.
    Type: Grant
    Filed: December 31, 2021
    Date of Patent: March 5, 2024
    Assignee: Mastercard International Incorporated
    Inventors: Sachin Kumar Singh, Kaushal Naveen Shetty, Venkata Satya Sivajee Pinnamaneni
  • Patent number: 11924239
    Abstract: Systems, computer-implemented methods, and computer program products that facilitate vulnerability and attack technique association are provided. According to an embodiment, a system can comprise a memory that stores computer executable components and a processor that executes the computer executable components stored in the memory. The computer executable components can comprise a map component that defines mappings between vulnerability data representing a vulnerability of a computing resource and attack data representing at least one attack technique. The computer executable components can further comprise an estimation component that analyzes the mappings to estimate a probability that the vulnerability will be exploited to attack the computing resource.
    Type: Grant
    Filed: October 23, 2020
    Date of Patent: March 5, 2024
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Lilian Mathias Ngweta, Steven Ocepek, Constantin Mircea Adam, Sai Zeng, Muhammed Fatih Bulut, Milton H. Hernandez
  • Patent number: 11924241
    Abstract: Systems, methods, and apparatus related to network security. In one approach, various endpoint devices communicate with a network gateway and/or API mode CASB over one or more networks. All communications by the endpoint devices with remote servers and clouds pass through the network gateway (and/or by cloud service access when using an API mode CASB). The gateway and/or CASB gathers metadata from the endpoint devices and/or network devices. The metadata indicates characteristics of the communications by the endpoint devices on the networks and/or processes running on the endpoint devices. The gateway and/or CASB identifies security risks using at least the metadata, and in response dynamically performs remediation actions for one or more of the networks in real-time to limit or block propagation of a cyber attack associated with one or more of the identified security risks.
    Type: Grant
    Filed: September 26, 2023
    Date of Patent: March 5, 2024
    Assignee: Lookout, Inc.
    Inventors: Meenakshi Sundaram Lakshmanan, Balaji Prasad, Brian James Buck, Tyler S. Croak
  • Patent number: 11921861
    Abstract: Methods, systems, and computer program products for providing the status of model extraction in the presence of colluding users are provided herein. A computer-implemented method includes generating, for each of multiple users, a summary of user input to a machine learning model; comparing the generated summaries to boundaries of multiple feature classes within an input space of the machine learning model; computing correspondence metrics based at least in part on the comparisons; identifying, based at least in part on the computed metrics, one or more of the multiple users as candidates for extracting portions of the machine learning model in an adversarial manner; and generating and outputting an alert, based on the identified users, to an entity related to the machine learning model.
    Type: Grant
    Filed: May 21, 2018
    Date of Patent: March 5, 2024
    Assignee: International Business Machines Corporation
    Inventors: Manish Kesarwani, Vijay Arya, Sameep Mehta
  • Patent number: 11922375
    Abstract: Systems and techniques for providing security data points from an electronic message are presented. A system can determine a first interne protocol (IP) address of a computing device in response to a user of the computing device opening an email sent to an email address corresponding to a particular electronic account of the user, the email comprising an IP address tracking mechanism. The system can also compare the first IP address with one or more second IP addresses corresponding to one or more electronic accesses of the particular electronic account. Furthermore, the system can determine if an account access anomaly exists in regard to the particular electronic account based on a result of the comparing. The system can also implement a security measure impacting an ability of the particular electronic account to conduct one or more transactions in response to the account access anomaly existing for the particular electronic account.
    Type: Grant
    Filed: October 30, 2021
    Date of Patent: March 5, 2024
    Assignee: PayPal, Inc.
    Inventor: George Chen Kaidi
  • Patent number: 11916954
    Abstract: An indication is received that a first online platform has undergone/is undergoing a first electronic attack made by one or more actors engaged in online malicious actions with the first online platform. Responsive to the indication of the first electronic attack, one or more vulnerability characteristics of the first online platform are determined, where the vulnerability characteristics are associated with the first electronic attack. A plurality of other online platforms are analyzed to identify a second online platform that shares at least one of the vulnerability characteristics with the first online platform. Based on the determining and/or the analyzing, the second online platform is predicted to be a potential target for a second electronic attack having an attack vector in common with the first electronic attack that corresponds to the shared vulnerability characteristics. An action is performed to mitigate potential damage of the second electronic attack.
    Type: Grant
    Filed: November 16, 2021
    Date of Patent: February 27, 2024
    Assignee: PAYPAL, INC.
    Inventors: Yuri Shafet, Bradley Wardman, Ilya Chernyakov
  • Patent number: 11916953
    Abstract: A method of generating a baseline of expected behavior on a single machine or endpoint to accurately fingerprint the native behavior of the NTLM protocol on that particular endpoint in a network. By limiting the scope of a baseline to a single endpoint, the scope of the baseline can consist of expected behavior (including supported hash functions, version strings and various feature flags). Deviations from these behaviors are considered evidence of a redundant implementation of NTLM utilized by an attacker and thus as evidence of an attempted PTH attack. Using this method it is possible to accurately detect PTH attacks originating from all publicly known non-standard implementations of NTLM existing in tools such as Impacket, Metasploit, and Invoke-TheHash.
    Type: Grant
    Filed: September 23, 2019
    Date of Patent: February 27, 2024
    Assignee: Cybereason, Inc.
    Inventor: Phillip Tsukerman
  • Patent number: 11916895
    Abstract: A network-connected device service receives a request to authenticate a network-connected device. The network-connected device service determines, from a digital certificate identified in the request, a set of parameters of the digital certificate. The network-connected device service utilizes the set of parameters to identify, from a set of digital certificate clusters, a digital certificate cluster associated with the set of parameters. Through an audit of the digital certificate clusters, the network-connected device service determines whether the digital certificate cluster is indicative of the digital certificate being anomalous.
    Type: Grant
    Filed: November 1, 2018
    Date of Patent: February 27, 2024
    Assignee: Amazon Technologies, Inc.
    Inventor: Nima Sharifi Mehr
  • Patent number: 11899788
    Abstract: A system dividing unit (110) divides a target system into a plurality of sub-systems. A root system selection unit (122) selects a sub-system in which a threat on security occurs, as a root system from among the plurality of sub-systems. A root tree generation unit (131) generates an attack tree of the root system, as a root tree. A descendant system selection unit (132) selects one sub-system or more located on an intrusion course to the root system, as one descendent system or more from among the plurality of sub-systems. A descendant tree generation unit (133) generates one attack tree or more corresponding to the one descendent system or more, as one descendent tree or more. A sub-attack tree integration unit (140) integrates the root tree and the one descendent tree or more, to thereby generate an attack tree of the target system.
    Type: Grant
    Filed: April 29, 2021
    Date of Patent: February 13, 2024
    Assignee: MITSUBISHI ELECTRIC CORPORATION
    Inventors: Ryosuke Shimabe, Takeshi Asai, Kiyoto Kawauchi
  • Patent number: 11902314
    Abstract: A device may receive security data identifying assets of an entity, security issues associated with the assets, and objectives associated with the assets and may utilize a data model to generate, based on the security data, asset related data identifying mapped sets of security data. The device may process a first portion of the asset related data, with a first model, to calculate an asset risk likelihood score for an asset of the assets and may process a second portion of the asset related data, with a second model, to calculate an asset criticality score for the asset. The device may process a third portion of the asset related data, with a third model, to calculate an asset control effectiveness score for the asset and may combine the scores to generate a security risk score for the asset. The device may provide the security risk score for display.
    Type: Grant
    Filed: August 3, 2021
    Date of Patent: February 13, 2024
    Assignee: Accenture Global Solutions Limited
    Inventors: Md. Faisal Zaman, Andrew Poole, Gaurav Shivhare, Sneha Shinde, Grant Kevin Harris, Jeffrey Mark Recor
  • Patent number: 11902312
    Abstract: A method, apparatus and product for assessing security threats from lateral movements and mitigation thereof. The method comprising statically analyzing the network to determine for each asset of a list of assets in a network, potential network lateral movements therefrom to other assets; dynamically analyzing the network to validate each potential network lateral movement identified by the static analysis; generating a graph of network lateral movements, wherein the graph comprises nodes and directed edges, wherein a node of the graph represents an asset of the list of assets, wherein a direct edge of the graph connecting a source node to a target node represents a validated network lateral movement from a source asset, represented by the source node, to a target asset, represented by the target node; and utilizing the graph of network lateral movements to assess security risk to the network.
    Type: Grant
    Filed: November 1, 2019
    Date of Patent: February 13, 2024
    Assignee: CYMULATE LTD.
    Inventors: Avihai Ben-Yosef, Shmuel Ur
  • Patent number: 11902294
    Abstract: A system, method, and computer-readable medium are disclosed for performing a security operation. The security operation includes: monitoring an entity, the monitoring observing at least one electronically-observable data source; deriving an observable based upon the monitoring of the electronically-observable data source; associating a human factor with the entity; identifying an event of analytic utility, the event of analytic utility being derived from the observable from the electronic data source; analyzing the event of analytic utility, the analyzing the event of analytic utility taking into account the human factor associated with the entity enacting the event of analytic utility; generating a risk score in response to the analyzing, the risk score taking into account the human factor associated with the entity; and, performing the security operation when the risk score meets a security risk parameter.
    Type: Grant
    Filed: December 31, 2020
    Date of Patent: February 13, 2024
    Assignee: Forcepoint LLC
    Inventors: Raffael Marty, Nicolas Christian Fischbach
  • Patent number: 11899812
    Abstract: A system, method and program product for implementing a compound security platform for providing secure access to private data in an encrypted storage area. A disclosed system includes an application configured to receive queries from application users requiring access to encrypted private data; a middle security layer callable from the application to facilitate predefined access to the encrypted private data; a root security layer configured to receive a decryption request from the middle security layer, perform decryption on specified encrypted private data, and return decrypted data to the middleware layer; a hashing system that generates a content hash of the middle security layer and root security layer to ensure integrity of the middle security layer and root security layer; and an auditing detection system that detects malicious auditing of parameters.
    Type: Grant
    Filed: June 10, 2021
    Date of Patent: February 13, 2024
    Assignee: JJD SOFTWARE LLC
    Inventor: Justin Donohoe
  • Patent number: 11902269
    Abstract: In some embodiments, reducing network traffic related to network operations may be facilitated. In some embodiments, information for an operation comprising a message to authenticate the operation may be received from a client device. A machine learning model trained on information regarding a plurality of historical operation and corresponding execution result may be obtained, where the plurality of historical operations were executed on a client device of a same type as the client device. Using the machine learning model, the information for the operation may be processed to predict an execution result for authenticating the operation. The execution result may be transmitted to the client device to prevent execution of the operation in response to the execution result indicating that authenticating the operation will be unsuccessful.
    Type: Grant
    Filed: November 4, 2022
    Date of Patent: February 13, 2024
    Assignee: Capital One Services, LLC
    Inventors: Sunil Pradhan Sharma, Ravikanth Kompella, Rajendra Prasad Mokshagundam
  • Patent number: 11895178
    Abstract: An operating method of a server to provide an advertisement, which includes: receiving HTTP request from a client; acquiring HTTP response to the HTTP request, which includes first advertisement information; amending the HTTP response—including obfuscating at least a partial field of the HTTP response including the first advertisement information; and transferring the amended HTTP response to the client.
    Type: Grant
    Filed: March 23, 2022
    Date of Patent: February 6, 2024
    Assignee: Adshield, Inc.
    Inventor: Sang Hyeon Jeon
  • Patent number: 11895144
    Abstract: Disclosed are implementations, including a method that includes monitoring dataflow streams in a network comprising multiple computing nodes, and determining network security characteristics for a dataflow stream, from the monitored dataflow streams, relating to security, authentication, and access events for accessing, via the dataflow stream, one or more of the multiple nodes. The method further includes determining potential violations by the dataflow stream of security policies defined for operation of the network, access functionality for the network, or identity attributes used by the network, based, at least in part, on the determined network security characteristics for the dataflow stream, and based on network-operation data comprising one or more of network security data, network identity data, and network access data. The network-operation data is stored in one or more data storage units in the network, and is configured to manage network access and operation for the multiple computing nodes.
    Type: Grant
    Filed: May 21, 2021
    Date of Patent: February 6, 2024
    Assignee: AUTHMIND INC.
    Inventors: Shlomo Yanay, Ankur Panchbudhe
  • Patent number: 11895143
    Abstract: Systems, methods, and software described herein provide action recommendations to administrators of a computing environment based on effectiveness of previously implemented actions. In one example, an advisement system identifies a security incident for an asset in the computing environment, and obtains enrichment information for the incident. Based on the enrichment information a rule set and associated recommended security actions are identified for the incident. Once the recommended security actions are identified, a subset of the action recommendations are organized based on previous action implementations in the computing environment, and the subset is provided to an administrator for selection.
    Type: Grant
    Filed: May 20, 2021
    Date of Patent: February 6, 2024
    Assignee: Splunk Inc.
    Inventors: Sourabh Satish, Oliver Friedrichs, Atif Mahadik, Govind Salinas
  • Patent number: 11893110
    Abstract: An attack estimation device includes a storage unit configured to hold an attack tree, an abstract attack tree, and log check management information, and a prediction unit configured to predict, when a detection alert is received, a range of compromise from the attack by referring to the information in the storage unit. The prediction unit is configured to: determine that an attack of an unknown pattern has occurred as the attack when indicators of compromise that correspond to the attack are not successfully identified; identify an abstract attack name by referring to the abstract attack tree; and predict a range of compromise from the attack of an unknown pattern by identifying a device in which indicators of the attack of an unknown pattern are likely to be left, and by identifying a specific place in the log of the identified device, by referring to the log check management information.
    Type: Grant
    Filed: July 27, 2021
    Date of Patent: February 6, 2024
    Assignee: Mitsubishi Electric Corporation
    Inventors: Hisashi Naito, Kiyoto Kawauchi
  • Patent number: 11895141
    Abstract: An apparatus and method for analyzing organizational digital security are described. The apparatus includes at least a processor and a memory communicatively coupled to the at least a processor. The memory includes instructions configuring the at least a processor to receive organizational data associated with a plurality of organizational resources for an organization, analyze the organizational data, determine an integrity indicator based on the surveying of the organizational data, and generate a continuity indicator as a function of the integrity indicator.
    Type: Grant
    Filed: December 1, 2022
    Date of Patent: February 6, 2024
    Inventors: Reuben Vandeventer, David Imrem
  • Patent number: 11895107
    Abstract: A computing device comprising a secure browser extension for a web browser monitors for satisfaction of one or more operating conditions to identify whether one or more unauthorized applications are intercepting web browser communications. Based on satisfaction of at least one operating condition, the secure browser extension of the computing device sends an HTTPS request to a known service via the web browser. The secure browser extension receives an HTTPS response to the HTTPS request via the web browser. The secure browser extension determines whether the certificate included in the HTTPS response is trusted by the secure browser extension. Based on determining the certificate is not trusted, the secure browser extension terminates the web browser session and generates a notification for display at the computing device that indicates web browser communications are compromised.
    Type: Grant
    Filed: December 20, 2022
    Date of Patent: February 6, 2024
    Assignee: Bank of America Corporation
    Inventors: Andrew Paul Montgomery, Sanjay Bhanu, Stuart David Ford, Ricardo Varanda
  • Patent number: 11886584
    Abstract: Disclosed herein are systems and methods for detecting potentially malicious changes in an application. In one aspect, an exemplary method comprises, selecting a first file to be analyzed and at least one second file similar to the first file, for each of the at least one second file, calculating at least one set of features, identifying a set of distinguishing features of the first file by finding, for each of the at least one second file, a difference between a set of features of the first file and the calculated at least one set of features of the second file, and detecting a presence of potentially malicious changes in the identified set of distinguishing features of the first file.
    Type: Grant
    Filed: November 17, 2021
    Date of Patent: January 30, 2024
    Assignee: AO KASPERSKY LAB
    Inventors: Anton A Kivva, Lev V Pikman, Igor A Golovin
  • Patent number: 11888858
    Abstract: Various aspects of methods, systems, and use cases for verification and attestation of operations in an edge computing environment are described, based on use of a trust calculus and established definitions of trustworthiness properties. In an example, an edge computing verification node is configured to: obtain a trust representation, corresponding to an edge computing feature, that is defined with a trust calculus and provided in a data definition language; receive, from an edge computing node, compute results and attestation evidence from the edge computing feature; attempt validation of the attestation evidence based on attestation properties defined by the trust representation; and communicate an indication of trustworthiness for the compute results, based on the validation of the attestation evidence. In further examples, the trust representation and validation is used in a named function network (NFN), for dynamic composition and execution of a function.
    Type: Grant
    Filed: October 6, 2020
    Date of Patent: January 30, 2024
    Assignee: Intel Corporation
    Inventors: Ned M. Smith, Sunil Cheruvu, Francesc Guim Bernat, Kshitij Arun Doshi, Eve M. Schooler, Dario Sabella
  • Patent number: 11888887
    Abstract: Systems and methods for computing times to remediate for asset vulnerabilities are described herein. In an embodiment, a server computer receives first vulnerability data for a plurality of entities identifying asset vulnerabilities and timing data corresponding to the vulnerability data indicating an amount of time between identification of an asset vulnerability and a result of the asset vulnerability. The server computer identifies a strict subset of the first vulnerability data that belongs to a particular category of a first plurality of categories. The server computer receives second vulnerability data for a particular entity identifying asset vulnerabilities. The server computer identifies a strict subset of the second vulnerability data the belongs to the particular category. Based, at least in part, on the strict subset of the first vulnerability data, the server computer computes a time to remediate the asset vulnerabilities in the strict subset of the second vulnerability data.
    Type: Grant
    Filed: April 27, 2021
    Date of Patent: January 30, 2024
    Inventors: Michael Roytman, Edward T. Bellis, Jason Rolleston
  • Patent number: 11887704
    Abstract: A computer-implemented method provides a requested medical data record to a receiving entity. The method includes receiving a set of medical data records and receiving or initiating a joint data index and, for each medical data record of the set, applying a plurality of hash functions to a patient identifier corresponding to the medical data record to determine a hash vector, the patient identifier corresponding to the medical data record identifying the patient being subject of the medical data record, and updating the joint data index based on the hash vector. Furthermore, it includes providing the joint data index to the receiving entity and receiving a request for a record, corresponding to a request patient identifier and being based on the joint data index, from the receiving entity. The method includes providing the requested medical data record to the receiving entity via a secure communication channel.
    Type: Grant
    Filed: September 14, 2020
    Date of Patent: January 30, 2024
    Assignee: SIEMENS HEALTHCARE GMBH
    Inventors: Ricardo Daniel Carneiro Gomes, Shiva Ashish Thumparthy, Ilya Sher, Zeev Glozman, Christoph Pedain
  • Patent number: 11886586
    Abstract: Behavior report generation monitors the behavior of unknown sample files executing in a sandbox. Behaviors are encoded and feature vectors created based upon a q-gram for each sample. Prototypes extraction includes extracting prototypes from the training set of feature vectors using a clustering algorithm. Once prototypes are identified in this training process, the prototypes with unknown labels are reviewed by domain experts who add a label to each prototype. A K-Nearest Neighbor Graph is used to merge prototypes into fewer prototypes without using a fixed distance threshold and then assigning a malware family name to each remaining prototype. An input unknown sample can be classified using the remaining prototypes and using a fixed distance. For the case that no such prototype is close enough, the behavior report of a sample is rejected and tagged as an unknown sample or that of an emerging malware family.
    Type: Grant
    Filed: March 6, 2020
    Date of Patent: January 30, 2024
    Assignee: Trend Micro, Inc.
    Inventors: Yin-Ming Chang, Hsing-Yun Chen, Hsin-Wen Kung, Li-Chun Sung, Si-Wei Wang
  • Patent number: 11888875
    Abstract: One embodiment of the described invention is directed to a key management module and a consumption quota monitoring module deployed within a cybersecurity system. The key management module is configured to assign a first key to a subscriber and generate one or more virtual keys, based at least in part on the first key, for distribution to the subscriber. A virtual key is included as part of a submission received from the subscriber to authenticate the subscriber and verify that the subscriber is authorized to perform a task associated with the submission. The consumption quota monitoring module is configured to monitor a number of submissions received from the subscriber.
    Type: Grant
    Filed: December 5, 2022
    Date of Patent: January 30, 2024
    Assignee: Musarubra US LLC
    Inventors: Sai Vashisht, Sumer Deshpande
  • Patent number: 11889416
    Abstract: According to an embodiment, an information processing apparatus comprises a device interface, a network interface, a power supply part, a battery and a control part. A power supply part is configured to supply electric power from an external power supply. A control part is configured to: perform a conversion process on data from a terminal device, and transmit the data to a network; and when the power supply from the power supply part is stopped, transmit, to another information processing apparatus through the network interface, a first message indicating that a pass-through mode in which data is relayed between the terminal device and the network without being subjected to the conversion process is set, and set the pass-through mode.
    Type: Grant
    Filed: March 12, 2021
    Date of Patent: January 30, 2024
    Assignees: KABUSHIKI KAISHA TOSHIBA, Toshiba Infrastructure Systems & Solutions Corporation
    Inventors: Keita Taniguchi, Issei Hatanaka
  • Patent number: 11886389
    Abstract: A device may receive, from a user device, a transaction request associated with a first entity and identify a distributed ledger associated with the first entity, the distributed ledger including a set of blocks recording work data associated with the first entity. The set of blocks may include: a first subset of blocks including data specifying work performed by the first entity, and a second subset of blocks including data verifying a portion of the work performed by the first entity and specified by the data included in the first subset of blocks. The device may determine that a transaction, associated with the transaction request, is associated with the first subset of blocks and the second subset of blocks. Based on predetermined instructions that correspond to the transaction and the distributed ledger, the device may perform the transaction.
    Type: Grant
    Filed: October 22, 2021
    Date of Patent: January 30, 2024
    Assignee: Capital One Services, LLC
    Inventors: Walter Miller, Robert Martin, Bradley Smith
  • Patent number: 11886572
    Abstract: Upgrade to a Trusted Application in a Trusted Execution Environment compliant to a Trusted Execution Environment standard to an as-a-server functioning by running, inside the Trusted Execution Environment, each instance of a Multi Instance/Single Session Trusted-Server Trusted Application compliant to the TEE standard in an infinite state-full loop polling a session of a Single Instance/Multi Session Trusted-Pipe Trusted Application, the single session of each of the instance of the Trusted-Server Trusted Application being adapted to perform a task as a server, said Trusted-Pipe Trusted Application being further polled by the Customer Application and opening session depending on command coming from the Customer Application.
    Type: Grant
    Filed: September 17, 2019
    Date of Patent: January 30, 2024
    Assignee: THALES DIS FRANCE SAS
    Inventor: Geoffroy Cogniaux
  • Patent number: 11886965
    Abstract: A substantial learning curve is required to construct integration processes in an integration platform. This can make it difficult for novice users to construct effective integration processes, and for expert users to construct integration processes quickly and efficiently. Accordingly, embodiments for building and operating a model to predict next steps, during construction of an integration process via a graphical user interface, are disclosed. The model may comprise a Markov chain, prediction tree, or an artificial neural network (e.g., graph neural network, recurrent neural network, etc.) or other machine-learning model that predicts a next step based on a current sequence of steps. In addition, the graphical user interface may display the suggested next steps according to a priority (e.g., defined by confidence values associated with each step).
    Type: Grant
    Filed: October 27, 2022
    Date of Patent: January 30, 2024
    Assignee: BOOMI, LP
    Inventors: Daniel Schwartz, Shailendra Burman, Anil Enum, Swagata Ashwani
  • Patent number: 11880470
    Abstract: A method, computerized apparatus and computer program product, the method comprising: obtaining user code; obtaining an indication of at least one vulnerability, the vulnerability associated with one or more sets comprising at least a first instruction type and a second instruction type; scanning the code using dependency analysis, to obtain for one set: one or more first instructions of the first instruction type, one or more second instructions of the second instruction type, and further instructions associated with entities relevant to the first instruction and the second instruction; eliminating instructions other than the first instruction, the second instruction and one of the further instructions, thereby obtaining a collection of instructions that behaves differently from the user code; and providing the collection of instructions for vulnerability detection.
    Type: Grant
    Filed: October 4, 2021
    Date of Patent: January 23, 2024
    Assignee: WHITESOURCE LTD.
    Inventors: Aharon Abadi, Bar Makovitzki, Ron Shemer
  • Patent number: 11882135
    Abstract: Systems and methods for a machine-learning based approach for dynamically generating incident-specific playbooks for a security orchestration and automated response (SOAR) platform are provided. The SOAR platform captures information regarding execution of a sequence of actions performed by analysts responsive to a first incident of a first type. The captured information is fed into a machine-learning model. When a second incident, observed by the SOAR platform, is similar in nature to the first incident or the first type a recommended sequence of actions is generated based on the machine-learning model for use by an analyst in connection with responding to the second incident. In response to rejection of the recommended sequence by the analyst, revising the recommended sequence based on input provided by the analyst and storing the revised recommendation sequence in a form of a revised playbook for response to subsequent incidents that are similar to the second incident.
    Type: Grant
    Filed: January 5, 2023
    Date of Patent: January 23, 2024
    Assignee: Fortinet, Inc.
    Inventors: Abhishek Narula, Christopher Carsey, Amit Jain, Pooja Singh
  • Patent number: 11882144
    Abstract: In an embodiment, a management system obtains a criticality rules table that includes a plurality of rules mapped to corresponding criticality scores indicative of a level of risk in the event that an associated asset of a managed network is compromised by a third party. The one embodiment, the criticality rules table is updated based upon machine learning and/or feedback from an operator of the managed network. In another embodiment, the criticality rules table is used to assign one or more criticality scores to one or more assets based on one or more attributes of one or more assets, and the criticality rules table.
    Type: Grant
    Filed: January 24, 2022
    Date of Patent: January 23, 2024
    Assignee: TENABLE, INC.
    Inventors: Barry Sheridan, Vincent Gilcreest, Anthony Bettini, Matthew Ray Everson, Wei Tai, Renaud Deraison
  • Patent number: 11874934
    Abstract: Systems and methods for providing user-induced variable identification of end-to-end computing system security impact information via a user interface are disclosed. The system receives at a graphical user interface (GUI), a user calibration of a graphical security vulnerability element. The system then determines a set of computing system components that interact with data associated with the network operation based on a transmission of the network operation associated with a computing system. The system then determines a set of security vulnerabilities associated with each computing system component of the set of computing system components using a third-party resource. The system then applies a decision engine on the set of security vulnerabilities to determine a set of impacted computing-aspects associated with the set of computing system components.
    Type: Grant
    Filed: May 31, 2023
    Date of Patent: January 16, 2024
    Inventors: Prithvi Narayana Rao, Pramod Goyal
  • Patent number: 11868481
    Abstract: This invention discloses a method for discovering vulnerabilities of operating system access control based on model checking. In this method, security attribute and security specifications of operating system access control module are analyzed to construct the access control model. To discover vulnerabilities in the model, security analysis is performed for access control functionality with theorem proving techniques, and consistency of abstract machine specification and correctness and completeness of the components are verified with model checking tools. This method provides theoretical and technical support for studies in the field of operating system security.
    Type: Grant
    Filed: July 27, 2021
    Date of Patent: January 9, 2024
    Assignee: ZHEJIANG UNIVERSITY
    Inventors: Rui Chang, Zhuoruo Zhang, Shaoping Pan, Kui Ren
  • Patent number: 11870798
    Abstract: A method for minimizing scan disruptions includes receiving a scan request requesting to scan a set of network-connected assets. Each network-connected asset is associated with corresponding network characteristics. The method includes partitioning the set of network-connected assets into a plurality of groups based on the corresponding network characteristics. For each respective group, simultaneously, the method includes determining an ordered list for scanning each network-connected asset in the respective group, scanning a first network-connected asset of the respective group based on the ordered list, and, after scanning the first network-connected asset, determining a post-scan health status of the first network-connected asset. The method includes determining, using the post-scan health status, that a health of the first network-connected asset is degraded.
    Type: Grant
    Filed: April 23, 2021
    Date of Patent: January 9, 2024
    Assignee: Google LLC
    Inventors: Claudio Criscione, David Aslanian, Sebastian Lekies, Joseph Nelson
  • Patent number: 11868484
    Abstract: Systems and methods for determining and displaying platform-specific end-to-end security vulnerabilities via a graphical user interface (GUI) are disclosed. To provide users with visual indications of vulnerable computing aspects associated with a computing platform, the system identifies computing aspects associated with a platform. The system then obtains from a security entity, security-vulnerability descriptions that are associated with the platform. Using the security-vulnerability descriptions, the system then determines threat levels for each security-vulnerability description and then, using the determined threat levels, determines a computing aspect impact level for each computing aspect associated with the platform. The system then generates for display on a GUI, a graphical layout comprising each computing aspect impact level for each computing aspect associated with the platform.
    Type: Grant
    Filed: July 27, 2023
    Date of Patent: January 9, 2024
    Assignee: CITIBANK, N.A.
    Inventors: Prithvi Narayana Rao, Pramod Goyal
  • Patent number: 11868748
    Abstract: A deployment platform, computer-readable medium, and computer-implemented method for intelligent execution of a solution on a computer network, including receiving an instruction to execute a solution in a local runtime environment on the deployment platform, the solution including solution code written in a solution language, determining, by a helper program on the deployment platform, whether the solution is executable on the deployment platform based on the solution language and either launching, by the helper program, the solution on the deployment platform when the solution is executable on the deployment platform or launching, by the helper program, the solution on a remote platform on the computer network that is configured to execute the solution when the solution is not executable on the deployment platform, the helper program being configured to communicate with the launched solution to enable the launched solution to interface with the local runtime environment on the deployment platform.
    Type: Grant
    Filed: November 8, 2021
    Date of Patent: January 9, 2024
    Assignee: Informatica LLC
    Inventor: Hemshankar Sahu
  • Patent number: 11870802
    Abstract: Systems, methods, and software described herein provide security actions based on related security threat communications. In one example, a method of operating an advisement system includes identifying a security threat within the computing environment, wherein the computing environment comprises a plurality of computing assets. The method further provides obtaining descriptor information for the security threat, and retrieving related communication interactions based on the descriptor information. The method also includes generating a response to the security threat based on the related communication interactions.
    Type: Grant
    Filed: March 31, 2022
    Date of Patent: January 9, 2024
    Assignee: Splunk Inc.
    Inventors: Sourabh Satish, Oliver Friedrichs, Atif Mahadik, Govind Salinas
  • Patent number: 11870794
    Abstract: An identifying device (10) includes a preprocessing (11) that extracts a communication connection pattern including a set of a communication source identifier and a communication destination identifier from traffic data, a comparing unit (131) that adds an ID to a communication connection pattern group including a new communication connection pattern not included in a whitelist when the new communication connection pattern is present in the communication connection pattern group, a graph feature amount generating unit (14) that generates a graph feature amount of the communication connection pattern group to which the ID has been added and adds this ID to the graph feature amount, an abnormality determining unit (16) that determines whether the generated graph feature amount is normal using a model (161) having learned the graph feature amount, and an identifying unit (132) that retrieves a new communication.
    Type: Grant
    Filed: May 23, 2019
    Date of Patent: January 9, 2024
    Assignee: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Hiroki Nagayama, Bo Hu, Kazunori Kamiya, Yukio Nagafuchi
  • Patent number: 11870811
    Abstract: Embodiments are directed to systems that attempt to establish trust in relation to operations on a customer endpoint of a computer network. The systems monitor, in real-time, operations to file systems, registries, application processes and threads, and OS kernels at the customer endpoint. The systems maintain compute components affected by the operation in a quarantine state. The systems then attempt to establish trust in the affected compute components (e.g., by applying rule-based policies). The systems remove the affected compute components from the quarantine state, if trust of the one or more affected compute components is established. The systems execute callback routines to mitigate results of the operation, if trust of the affected compute components is not established.
    Type: Grant
    Filed: March 26, 2019
    Date of Patent: January 9, 2024
    Assignee: Virsec Systems, Inc.
    Inventors: Satya V. Gupta, Piyush Gupta
  • Patent number: 11870793
    Abstract: Particular embodiments described herein provide for an electronic device that can be configured to identify a process running on the electronic device, assign a reputation to the process if the process has a known reputation, determine if the process includes executable code, determine a reputation for the executable code, and combine the reputation for the executable code with the reputation assigned to the process to create a new reputation for the process.
    Type: Grant
    Filed: September 30, 2020
    Date of Patent: January 9, 2024
    Assignee: McAfee, LLC
    Inventor: Joel R. Spurlock
  • Patent number: 11861016
    Abstract: Generation of a first prediction model is caused based on first training data, where the first prediction model enables determining whether an exploit to be developed for software vulnerabilities will be used in an attack. For each training instance in the first training data, the first prediction model is used to generate a score. Each training instance is added to second training data if the score is greater than a threshold value. The second training data is a subset of the first training data. Generation of a second prediction model is caused based on the second training data, where the second prediction model enables determining whether an exploit to be developed for software vulnerabilities will be used in an attack.
    Type: Grant
    Filed: April 6, 2021
    Date of Patent: January 2, 2024
    Inventors: Michael Roytman, Jay Jacobs
  • Patent number: 11863563
    Abstract: The appropriate scoping of an access policy can be determined using the observed access and usage of various resources covered under that policy. Information about access requests received over a period of time can be logged, and actions represented in the log data can be mapped to the permissions of the access policy. A new access policy can be generated that includes grant permissions only for those actions that were received and/or granted during the monitored period of time. The new policy can be processed using policy logic to ensure that changes in permission comply with rules or policies for the target resources. The new policy can be at least partially implemented, or can be provided to an authorized user, who can choose to adopt or deny the new policy, or to accept some of the recommendations for modifying the current policy.
    Type: Grant
    Filed: March 16, 2018
    Date of Patent: January 2, 2024
    Assignee: Amazon Technologies, Inc.
    Inventors: Neha Rungta, Tyler Stuart Bray, Kasper Søe Luckow, Alexander Watson, Jeff Puchalski, John Cook, Michael Gough
  • Patent number: 11861013
    Abstract: Systems and methods are provided for the classification of identified security vulnerabilities in software applications, and their triage based on automated decision-tree triage and/or machine learning. The disclosed system may generate a report listing detected potential vulnerability issues, and automatically determine whether the potential vulnerability issues are exploitable using automated triage policies containing decision trees or by extracting vulnerability features from the report and processing the extracted vulnerability features using machine learning models.
    Type: Grant
    Filed: September 28, 2020
    Date of Patent: January 2, 2024
    Assignee: Accenture Global Solutions Limited
    Inventors: Finbarr Tarrant, Gopal Kavanadala Sridhar, Jee Hyub Kim, Navdeep Sharma, Eanna Mulrooney, Anton Plotnikov, Karel Kohout, Mário Lauande Lacroix, Richard Levine, Johnny Obando
  • Patent number: 11861007
    Abstract: Techniques for detecting container threats are described. A method of detecting container threats includes receiving, by a scanning agent on a scanner container on a host in a provider network, event data from a plurality of collection agents corresponding to a plurality of customer containers on the host, determining, by the scanning agent, the event data matches at least one known threat, and generating, by the scanning agent, event findings associated with the event data.
    Type: Grant
    Filed: March 26, 2021
    Date of Patent: January 2, 2024
    Assignee: Amazon Technologies, Inc.
    Inventors: Mircea Ciubotariu, Shlomo Yehezkel, Peter Ferrie