237 patents
Page 5 of 12
Utility
Identifying and protecting against evolving cyberattacks using temporal word embeddings
23 Nov 21
Identifying and protecting against evolving cyberattacks using temporal word embeddings.
Yun Shen
Filed: 30 Jul 19
Utility
Systems and methods for generating user profiles
16 Nov 21
The disclosed computer-implemented method for generating user profiles may include (i) analyzing a data set of user profiles for services, (ii) detecting a measurement of obfuscation that was applied to a specific attribute across multiple user profiles for a specific service, (iii) applying the measurement of obfuscation to true data for a new user by fuzzing the true data to create a fuzzed value, and (iv) generating automatically a new user profile for the specific service by populating the specific attribute within the new user profile with the fuzzed value.
Daniel Kats, Petros Efstathopoulos, Chris Gates
Filed: 28 Nov 18
Utility
Protecting against an impersonation scam in a live video stream
9 Nov 21
Protecting against an impersonation scam in a live video stream.
Acar Tamersoy, Kevin Alejandro Roundy, Daniel Kats, Platon Kotzias
Filed: 26 Jan 21
Utility
Systems and methods for identifying cybersecurity status based on an ontology of vault items
2 Nov 21
The disclosed computer-implemented method for identifying cybersecurity status based on an ontology of vault items may include (i) identifying, at a computing device, the ontology of a plurality of vault items and (ii) performing a security action including (A) calculating, based on the ontology, a respective impact score for each vault item in the plurality of vault items and (B) calculating a master score of a plurality of passwords from (I) a respective password strength of each password in the plurality of passwords and (II) the respective impact score for each vault item associated with each password in the plurality of passwords.
Venkadesan Marimuthu
Filed: 11 Mar 19
Utility
Systems and methods to detect and prevent auto-click attacks
26 Oct 21
The disclosed computer-implemented method for detecting and preventing auto-click attacks may include (1) detecting, by the computing device, a click input, (2) detecting, by the computing device, a finger in proximity to the computing device, (3) analyzing, by the computing device, at least one event associated with the finger, (4) determining, by the computing device, that the click input is an auto-click based on the analysis of the at least one event associated with the finger, and (5) performing a security action in response to determining that the click input is an auto-click.
Sharad Mhaske, Shrikant Pawar
Filed: 6 Dec 18
Utility
Systems and methods for crowdsourced application advisory
12 Oct 21
The disclosed computer-implemented method for crowd sourced application advisory may include determining at least one characteristic associated with an application, collecting, from a plurality of computing devices, a sentiment associated with the application, wherein the sentiment reflects an assessment of the application in light of the at least one characteristic by at least one user of the application, presenting, via a user interface, the at least one characteristic associated with the application, the presentation of the at least one characteristic being modified by the sentiment collected from the plurality of computing devices, and receiving, via the user interface, at least one of a decision to install the application or a decision to uninstall the application.
Nikhil Salunke, Radoslav Stanev, Sudhir Kumar
Filed: 28 Jun 19
Utility
Detecting and preventing password leakage using a device-level network filter
12 Oct 21
A user name, password and associated domain are stored for each account managed by a password manager on a computing device.
Ming Chen
Filed: 25 Mar 19
Utility
Systems and methods for protecting geolocation information
12 Oct 21
The disclosed computer-implemented method for protecting geolocation information may include (i) receiving, by a computing device, a geolocation security policy that defines an area in which access to geolocation information by applications will be at least partially limited to protect the privacy of a user, (ii) detecting, by the computing device, a geolocation of the computing device, (iii) applying, by the computing device, the geolocation security policy to the detected geolocation to determine whether the detected geolocation matches the area in which access to geolocation information by the applications will be at least partially limited, and (iv) performing, by the computing device, a security action to protect the privacy of the user based on determining that the detected geolocation matches the area.
Mark Kennedy
Filed: 19 Dec 17
Utility
Systems and methods for enhancing user privacy
5 Oct 21
The disclosed computer-implemented method for enhancing user privacy may include (i) intercepting, by a privacy-protecting network proxy, network traffic between a client device and a server device, the client device being protected by a network-based privacy solution that inhibits browser fingerprinting through the privacy-protecting network proxy, (ii) detecting, at the privacy-protecting network proxy, that the network traffic indicates an attempt by a browser fingerprinting service to perform browser fingerprinting on the client device, and (iii) modifying, at the privacy-protecting network proxy based on the detecting of the attempt to perform browser fingerprinting, the intercepted network traffic such that browser fingerprinting performed by the browser fingerprinting service is at least partially inhibited.
Qing Li, Chris Ciborowski
Filed: 30 Aug 20
Utility
Systems and methods for providing single sign-on capability
5 Oct 21
The disclosed computer-implemented method for providing single sign-on capability may include intercepting, during an authentication session with a network resource, a single sign-on request generated by an application executing on a computing device, redirecting the single sign-on request to a separate computing device for execution, receiving, in response to authentication of at least one user credential from the separate computing device, an authentication decision that the separate computing device obtained from an identity provider (IDP) by executing the single sign-on request and injecting the authentication decision received from the separate computing device into the application where the single sign-on request was originally generated to complete the authentication session.
Ilya Sokolov, Keith Newstadt
Filed: 25 Jun 18
Utility
Malware fingerprinting on encrypted transport layer security (TLS) traffic
5 Oct 21
Malware fingerprinting on encrypted Transport Layer Security (TLS) traffic.
Leyla Bilge, Matteo Dell'Amico
Filed: 27 Mar 19
Utility
Systems and methods for enforcing secure shared access on computing devices by context pinning
28 Sep 21
The disclosed computer-implemented method for enforcing secure shared access on computing devices by context pinning may include recording, on the computing device, one or more actions performed on one or more applications, determining, based on the recorded actions and applications, a context that defines permitted actions and applications for a guest user of the computing device, monitoring, based on the context, user activity on the computing device, detecting an activity that violates the context, and performing, in response to the detection, a security action.
Anand Darak, Sudhir Kumar
Filed: 12 Mar 19
Utility
Determining security vulnerabilities of Internet of Things devices
28 Sep 21
Determining security vulnerabilities of smart home devices.
Yuqiong Sun, Xueqiang Wang, Susanta K. Nanda, Petros Efstathopoulos
Filed: 28 Mar 19
Utility
Systems and methods for retrieving driver safety scores by passenger devices
21 Sep 21
A computer-implemented method for retrieving driver safety scores by passenger devices may include (i) determining that an operator of a mobile device is a passenger in a vehicle, (ii) gathering, via one or more sensors of the mobile device, identifying information about at least one of the vehicle and a current driver of the vehicle, (iii) identifying, based on the identifying information gathered by the one or more sensors of the mobile device, the current driver of the vehicle, (iv) retrieving a driver safety score for the current driver of the vehicle from a collection of driver safety scores, and (v) performing, by the mobile device, a security action in response to retrieving the driver safety score.
Lei Gu, Matt Boucher
Filed: 27 Oct 20
Utility
Systems and methods for assuring authenticity of electronic sensor data
21 Sep 21
The disclosed method for assuring authenticity of electronic sensor data may include (i) capturing, using a sensor within a device, electronic sensor data, and (ii) digitally signing, using a cryptoprocessor embedded within the device, the electronic sensor data to create a digital signature that verifies that the signed electronic sensor data has not been modified since the electronic sensor data was captured by the sensor.
Daniel Kats, Christopher Gates, Acar Tamersoy, Daniel Marino
Filed: 20 Mar 19
Utility
Systems and methods for providing secure access to vulnerable networked devices
21 Sep 21
The disclosed computer-implemented method for providing secure access to vulnerable networked devices may include identifying a vulnerable network device connected to a local network, identifying local network traffic destined for the vulnerable network device and that has been tagged as safe, passing the local network traffic tagged as safe to the vulnerable network device, and performing a security action on local network traffic destined for the vulnerable network device that has not been tagged as safe.
Ilya Sokolov, Bruce McCorkendale
Filed: 6 Sep 18
Utility
Systems and methods for identifying malware locations based on analyses of backup files
14 Sep 21
The disclosed computer-implemented method for identifying malware locations based on analyses of backup files may include (i) identifying a presence of a backup file set and (ii) performing a security action that may include (a) detecting, based on a scan of the backup file set, malware in the backup file set, (b) determining, based on a location of the malware in a system file structure of the backup file set, a subgraph of the system file structure of the backup file set that includes the malware, (c) identifying a string prefix for the subgraph of the system file structure of the backup file set, (d) using an index to cross-reference the string prefix to a pointer identifying a subgraph of an original file set, and (e) scanning a file in the subgraph of the original file set for the malware.
Bruce McCorkendale
Filed: 19 Dec 19
Utility
Systems and methods for fingerprinting devices
14 Sep 21
The disclosed computer-implemented method for fingerprinting devices may include (i) detecting that a new device has attempted to connect to a network gateway, (ii) attempting to fingerprint the new device as an instance of a known candidate device type by (a) transmitting to the new device, from a security application, a set of network messages that mimic network messages that a second application is configured to transmit to instances of the known candidate device type and (b) confirming, by the security application based on a response from the new device to the set of network messages, that the new device is the instance of the known candidate device type, and (iii) performing a security action to protect a network corresponding to the network gateway based on confirming that the new device is the instance of the known candidate device type.
Yuqiong Sun, Xueqiang Wang, Susanta Nanda, Yun Shen, Pierre-Antoine Vervier, Petros Efstathopoulos
Filed: 27 Dec 18
Utility
Thwarting one-time password theft
7 Sep 21
Thwarting one-time password (OTP) theft.
Venkadesan Marimuthu
Filed: 28 Jan 20
Utility
Systems and methods for managing file backup
7 Sep 21
A computer-implemented method for managing file backup may include (i) detecting, by a computing device, an attempt to upload a file to a backup storage, (ii) calculating a degree of difference between the file and a previous version of the file on the backup storage, (iii) comparing, by the computing device, a list of applications that have written to the file with a list of acceptable applications for the file, (iv) calculating, based on the degree of difference and the comparison of the list of applications, a change score for the file, and (v) applying, based on the change score, a backup policy to the attempt to upload the file.
Mohit Jha, Vinith Raj, Chengi Jimmy Kuo, Amitrajit Banerjee
Filed: 19 Jun 17