公开(公告)号：US12160435B2

公开(公告)日：2024-12-03

申请号：US17542973

申请日：2021-12-06

Applicant: BANK OF AMERICA CORPORATION

Inventor： Brandon Sloane ,  Michael Ogrinz ,  Charles Edward Dudley

IPC: H04L9/40 ,  G06N5/022 ,  H04L41/0816 ,  H04L41/147

Abstract: Systems, computer program products, and methods are described herein for dynamic node analysis for network security response. The present invention is configured to detect, using a node analysis engine, a change in a network security protocol associated with a first node within a distributed network; extract information associated with the change in the network security protocol associated with the first node; identify one or more adjacent nodes with a first degree of separation from the first node in response to detecting the change; determine a first set of changes to the network security protocols for the one or more adjacent nodes based on at least the information associated with the change in the network security protocol of the first node; and automatically implement the first set of changes to the network security protocols of the one or more adjacent nodes with the first degree of separation from the first node.

公开(公告)号：US12107853B2

公开(公告)日：2024-10-01

申请号：US17725920

申请日：2022-04-21

Applicant: BANK OF AMERICA CORPORATION

Inventor： Brandon Sloane ,  Lauren Jenae Alibey ,  Sophie Morgan Danielpour ,  Jinyoung Nathan Kim ,  James Thomas MacAulay ,  Serge Alejandro Neri

IPC: H04L9/40 ,  G06V40/20

CPC classification number: H04L63/0861 ,  G06V40/20 ,  H04L63/10 ,  H04L2463/082

Abstract: The present invention is generally related to systems and methods for providing an improved authentication and verification system through the use of compiled user data and unique user action data collected by the system from a prompted movement analysis. The system may collect and analyze multiple instances of user actions using intelligent machine learning techniques in order to identify patterns unique to the user. The system may then use this information in conjunction with other known information in order to determine the veracity of attempted user authentication or authorization requests.

公开(公告)号：US12105794B2

公开(公告)日：2024-10-01

申请号：US18125420

申请日：2023-03-23

Applicant: BANK OF AMERICA CORPORATION

Inventor： Brandon Sloane ,  John Howard Kling

IPC: G06F21/54 ,  G06F21/31 ,  G06F21/60

CPC classification number: G06F21/54 ,  G06F21/31 ,  G06F21/604

Abstract: A system is provided for electronic data obfuscation and protection using independent destructible data objects. The system may split a set of data into a data portion and a key portion, where the data portion may be stored in a database separately from the key portion. The data portion may further comprise a set of executable code for a time or iteration based destructible data object, where the data object may incrementally decrease a countdown value based on the passage of time and/or iterations. If the countdown value reaches a threshold value without being refreshed, the data object may automatically execute one or more processes to protect the set of data. In this way, the system provides a secure way to prevent unauthorized access to sensitive data.

公开(公告)号：US12015924B2

公开(公告)日：2024-06-18

申请号：US16940518

申请日：2020-07-28

Applicant: Bank of America Corporation

Inventor： Nancy T. Carrier ,  Brandon Sloane

IPC: H04W12/60 ,  G06N5/04 ,  G06N20/00 ,  H04W12/06

CPC classification number: H04W12/60 ,  G06N5/04 ,  G06N20/00 ,  H04W12/06

Abstract: A proxy-based method for improving digital security during a user's travel is provided. The method may include determining a bundle of merchant category classification (MCC) codes. This bundle preferably reflects a baseline travel condition. The baseline travel condition is associated with a user mobile device. The method may also include dynamically updating a characteristic associated with the bundle of MCC codes based on updated travel conditions. The method may also include determining an occurrence of an anomalous user mobile device activity. The determination may be based on a comparison of the updated characteristic associated with the bundle of MCC codes and the baseline travel conditions; and in response to a determination of anomalous user mobile device activity, increasing a security level associated with the mobile device associated with the user.

公开(公告)号：US11968215B2

公开(公告)日：2024-04-23

申请号：US17552571

申请日：2021-12-16

Applicant: BANK OF AMERICA CORPORATION

Inventor： Brandon Sloane ,  Richard Gar Bentley ,  Michael Ogrinz ,  John Howard Kling

IPC: H04L9/40 ,  G06F21/30 ,  G06F21/31 ,  G06F21/32

CPC classification number: H04L63/105 ,  G06F21/30 ,  G06F21/31 ,  H04L63/08 ,  H04L63/104 ,  H04L63/107 ,  H04L63/1416 ,  G06F21/32 ,  H04L2463/082

Abstract: Embodiments of the present invention provide a system for monitoring a cybersecurity mesh network comprising a distributed sensor grid and a plurality of devices for detection of one or more security incidents. In response to determining that one of the one or more security incidents has occurred, and in response to receiving the request from an identified device that requires the first level of authentication, transmitting to the identified device a request for authentication credentials that meet a second level of authentication, wherein the second level of authentication is more strict than the first level of authentication.

公开(公告)号：US11881939B2

公开(公告)日：2024-01-23

申请号：US17494351

申请日：2021-10-05

Applicant: BANK OF AMERICA CORPORATION

Inventor： Brandon Sloane ,  Lydia Lambright

IPC: H04L29/06 ,  H04L9/40

CPC classification number: H04L63/105

Abstract: A system provides for authorization of data access and processing functions within a distributed server network using a delegated proof-of-stake consensus mechanism. In particular, the system may use assign authorization levels to each node within the network environment. Certain actions or processes performed within the network (e.g., potentially damaging actions) may require that the node proposing the action meets a threshold authorization level before authorizing the action. The system may further increase or decrease authorization levels for each node depending on the outcomes of the proposed actions. In this way, the system may provide a secure way to authorize certain actions or processes taken within a computing environment.

公开(公告)号：US20240020222A1

公开(公告)日：2024-01-18

申请号：US18374016

申请日：2023-09-28

Applicant: Bank of America Corporation

Inventor： Brandon Sloane

IPC: G06F11/36 ,  H04L9/00 ,  G06F11/32

CPC classification number: G06F11/3688 ,  G06F11/3692 ,  H04L9/008 ,  G06F11/323 ,  G06F11/3684

Abstract: A homomorphic encryption-based testing computing system provides a risk-based, automated, one-directional push of production data through a homomorphic encryption tool and distributes the encrypted data to use in testing of applications. Data elements and test requirements are considered when automatically selecting a homomorphic encryption algorithm. A decisioning component selects an algorithm to use to homomorphically encrypt the data set and a push mechanism performs one or both of the homomorphic encryption and distribution of the encrypted data set to at least one intended host. Once delivered, the testing software and/or testing procedures proceed using the encrypted data set, where results of the testing may be stored in a data store. A validation mechanism may validate the test data against production data and communicates whether testing was successful.

公开(公告)号：US20230403270A1

公开(公告)日：2023-12-14

申请号：US17839155

申请日：2022-06-13

Applicant: Bank of America Corporation

Inventor： Jinyoung N. Kim ,  James T. MacAulay ,  Lauren J. Alibey ,  Serge A. Neri ,  Brandon Sloane ,  Sophie M. Danielpour

IPC: H04L9/40

CPC classification number: H04L63/0861

Abstract: An apparatus for dynamic user authentication comprises a processor associated with a server. The processor is configured to receive session data associated with a first user, wherein the session data comprises user parameters for a session and to receive an interaction request to authorize an interaction of a first avatar associated with the first user in a virtual environment. The processor is further configured to compare the user parameters of the session data to user parameters of a stored user profile and to authorize the interaction in response to comparing the session data to the stored user profile if a confidence threshold is satisfied. The processor is further configured to train the machine learning algorithm with the received session data to update the user profile, wherein updating the user profile improves information security by authenticating that the first user is authorized to interact via the first avatar.

公开(公告)号：US11824884B2

公开(公告)日：2023-11-21

申请号：US17063317

申请日：2020-10-05

Applicant: BANK OF AMERICA CORPORATION

Inventor： Brandon Sloane ,  Nia Mack

IPC: H04L9/40 ,  H04L43/50 ,  G06N20/00 ,  H04L43/04 ,  G06F18/214

CPC classification number: H04L63/1433 ,  G06F18/214 ,  G06N20/00 ,  H04L43/04 ,  H04L43/50 ,  H04L63/1483

Abstract: Systems, computer program products, and methods are described herein for generating responsive actions based on unauthorized access events associated with imitation networks. The present invention is configured to retrieve information associated with unauthorized access attempts associated with an imitation dataset; generate penetration test scenarios based on at least the types of unauthorized access attempts; initiate the penetration test scenarios on real datasets stored in data repositories within a network environment; determine automated network security responses to the penetration test scenarios; determine the unauthorized access attempts that were not successfully blocked and/or reported; determine actions to be executed in response to the unauthorized access attempts that were not successfully blocked and/or reported; and update the network security features with the actions.

公开(公告)号：US20230344874A1

公开(公告)日：2023-10-26

申请号：US17725138

申请日：2022-04-20

Applicant: BANK OF AMERICA CORPORATION

Inventor： Brandon Sloane ,  Wendell Allen Jenkins

IPC: H04L9/40

CPC classification number: H04L63/205

Abstract: A system is provided for securing electronic devices and electronic data using automated dynamic control modifications. In particular, the system may comprise one or more electronic devices or computing devices, each of which may have a protection module installed thereon, where the security module may be configured by the system. The security module may define a time period within which the computing device must establish an authenticated connection to an authorized and/or trusted network. If the time period elapses without an authenticated connection and/or upon the occurrence of certain predetermined conditions, the security module may perform a secure wipe of the data on the computing device. In this way, the system may provide a way to secure electronic devices and data within the network environment.