Artificial intelligence (AI) techniques for learning and modeling internal networks
Granted: November 12, 2019
Patent Number:
10474788
Introduced here are techniques for modeling networks in a discrete manner. More specifically, various embodiments concern a virtual machine that collects data regarding a network and applies algorithms to the data to discover network elements, which can be used to discover the topology of the network and model the network. The algorithms applied by the virtual machine may also recognize patterns within the data corresponding to naming schemes, subnet structures, application logic, etc.…
Device-based PIN authentication process to protect encrypted data
Granted: November 5, 2019
Patent Number:
10469469
Techniques are disclosed for providing a device-based PIN authentication process used to protect encrypted data stored on a computing system, such as a tablet or mobile device. A client component and a server component each store distinct cryptographic keys needed to access encrypted data on the client. The mobile device stores a vault encryption key used to decrypt encrypted sensitive data stored on the mobile device. The vault key is encrypted using a first encryption key and stored on…
Systems and methods for securely sharing cloud-service credentials within a network of computing devices
Granted: November 5, 2019
Patent Number:
10469457
A computer-implemented method for securely sharing cloud-service credentials within a network of computing devices may include (i) identifying, by a central computing device, a set of networked devices, (ii) encrypting, by the central computing device, at least one user credential for a cloud service, (iii) dividing, by the central computing device, a decryption key for decrypting the user credential into a set of fragments such that a minimum number of fragments, as defined by a…
Method and system for performing fraud detection for users with infrequent activity
Granted: November 5, 2019
Patent Number:
10467687
A method of categorizing a recent transaction as anomalous includes a) receiving information about a recent transaction and b) accessing information about one or more historical transactions. The one or more historical transactions have at least one party in common with the recent transaction. The method also includes c) determining a similarity value between the recent transaction and a transaction i of the one or more historical transactions and d) determining if the similarity value…
Systems and methods for generating memory images of computing devices
Granted: November 5, 2019
Patent Number:
10466924
The disclosed computer-implemented method for generating memory images of computing devices may include (1) monitoring a computing device to detect changes made to data stored within the computing device, (2) maintaining a log that describes the data changes made by recording, in response to detecting a change made to a portion of data, both a state of the portion of data after the data change occurred and a time at which the data change occurred, (3) detecting an event that triggers…
Systems and methods for chaining virtual private networks
Granted: October 29, 2019
Patent Number:
10462050
The disclosed computer-implemented method for chaining virtual private networks may include (i) establishing a virtual private network client that routes network traffic to a virtual private network, (ii) establishing an additional virtual private network client that routes the network traffic to an additional virtual private network, (iii) configuring the virtual private network client for split routing such that the virtual private network client routes different ranges of incoming…
Systems and methods for managing wireless-network deauthentication attacks
Granted: October 29, 2019
Patent Number:
10462672
The disclosed computer-implemented method for managing wireless-network deauthentication attacks may include (1) detecting, at the wireless access point, a deauthentication signal, transmitted over a wireless network that is managed at least in part by the wireless access point, that prompts a target computing device to disconnect from the wireless network, (2) determining both that the deauthentication signal is directed to the target computing device and that the deauthentication…
Systems and methods for enforcing access-control policies in an arbitrary physical space
Granted: October 29, 2019
Patent Number:
10462184
The disclosed computer-implemented method for enforcing access-control policies in an arbitrary physical space may include (i) identifying a collection of devices that are located within a predetermined physical space, (ii) determining the physical location of each device in the collection of devices, (iii) establishing, based on the collection of devices, (a) a list of controlled devices that are subject to an access-control policy and (b) a list of monitoring devices that are capable…
Systems and methods for securing push authentications
Granted: October 29, 2019
Patent Number:
10462113
The disclosed computer-implemented method for securing push authentications may include (i) receiving, by a security service and from a security service relying party, a push authentication for a user that the security service relying party encrypted using a public key assigned to a client device of the user, (ii) forwarding, by the security service, the push authentication to the client device of the user, (iii) receiving, by the security service, a response to the push authentication…
Systems and methods for reporting the attempted transmission of sensitive information
Granted: October 29, 2019
Patent Number:
10462091
The disclosed computer-implemented method for reporting the attempted transmission of sensitive information may include (1) identifying an attempt by at least one software program running on a computing device to transmit data to one or more intended recipients, (2) determining that the data of the attempted transmission includes sensitive information, (3) identifying an intended recipient of the attempted transmission, and (4) notifying a user of the computing device both that the…
Systems and methods for real-time scam protection on phones
Granted: October 22, 2019
Patent Number:
10455085
The disclosed computer-implemented method for using electronic text information to automatically determine untrustworthy voice calls, at least a portion of the method being performed by a computing device comprising at least one processor, may include (1) during a voice call, receiving, by the computing device, text information representing contents of the voice call, (2) analyzing, by the computing device, the text information representing the contents of the voice call, (3)…
Detecting network packet injection
Granted: October 22, 2019
Patent Number:
10454965
A method for preventing suspicious activity on a computer network is described. In one embodiment, the method includes determining a first identifier of a first packet from a connection associated with network traffic, calculating a first value based at least in part on a portion of data included in the first packet, determining a second identifier of a second packet from the connection associated with the network traffic, the second identifier matching the first identifier, calculating…
Systems and methods for data visualization
Granted: October 22, 2019
Patent Number:
10454964
The disclosed computer-implemented method for data visualization may include (i) identifying a data set that includes data entities and relationships between the data entities, (ii) dividing the data entities into groups, (iii) responding to a request to display the data set within a graphical user interface by portraying the data set as concentric rings, each given ring portraying a corresponding group and portraying data entities within the corresponding group as arcs of the given…
Apparatus and method for utilizing fourier transforms to characterize network traffic
Granted: October 22, 2019
Patent Number:
10454792
A non-transitory computer readable storage medium, comprising executable instructions to collect network traffic data, produce a Fourier signature from the network traffic data, associate the Fourier signature with a known pattern, collect new network traffic data, produce a new Fourier signature from the new network traffic data, compare the new Fourier signature with the Fourier signature to selectively identify a match and associate the new network traffic data with the known pattern…
Method to efficiently apply personalized machine learning models by selecting models using active instance attributes
Granted: October 22, 2019
Patent Number:
10452993
A method for applying personalized machine learning models is provided. The method includes producing one or more feature vectors that represents features of one of a plurality of files of a file system and selecting, from a plurality of personalized machine learning models that model user accesses to the files of the file system a subset of the personalized machine learning models each of which has a plurality of non-zero weights corresponding to non-zero features of the one or more…
Modeling malicious behavior that occurs in the absence of users
Granted: October 22, 2019
Patent Number:
10452841
Systems, apparatuses, methods, and computer readable mediums for modeling malicious behavior that occurs in the absence of users. A system trains an anomaly detection model using attributes associated with a first plurality of events representing system activity on one or more clean machines when users are not present. Next, the system utilizes the trained anomaly detection model to remove benign events from a second plurality of events captured from infected machines when users are not…
Cascade classifier ordering
Granted: October 22, 2019
Patent Number:
10452839
A method for improving cascade classifier ordering is described. In one embodiment, the method may include determining an efficacy rating of a first current configuration, generating a decreasing sequence of values for a control parameter, and selecting a current value of the control parameter according to the decreasing sequence of values. In some cases, the method may include randomly selecting a first test configuration among the plurality of configurations based at least in part on…
Providing joint access to an isolated computer object by both an isolated computer application and a non-isolated computer application
Granted: October 22, 2019
Patent Number:
10452838
Providing joint access to an isolated computer object by both an isolated computer application and a non-isolated computer application. In one embodiment, a method may include executing a first computer application as a virtualized first computer application in an isolation layer, executing a second computer application as an actual second computer application in an operating system outside the isolation layer, creating a virtualized second computer object in the isolation layer in a…
Systems and methods for performing human-verification procedures
Granted: October 15, 2019
Patent Number:
10445481
The disclosed computer-implemented method for performing human-verification procedures may include (1) detecting, at a computing device, an attempt to access a computing resource that is to be protected from being accessed by automated bots, (2) in response to detecting the attempt to access the computing resource, presenting, on the computing device, an audiovisual display that is configured to produce at least one expected reaction from human users, the expected reaction being…
Systems and methods for preventing vulnerable files from being opened
Granted: October 15, 2019
Patent Number:
10445516
A computer-implemented method for preventing vulnerable files from being opened may include (1) registering a security application as a universal file opener, (2) receiving, at the security application, a request to open a file, (3) identifying at least one other application on the computing device that is capable of opening the file, (4) determining, based on a security analysis, that there is a security risk in opening the file with the other application that is capable of opening the…
