公开(公告)号：US11816215B2

公开(公告)日：2023-11-14

申请号：US17673168

申请日：2022-02-16

Applicant: UAB 360 IT

Inventor： Mohamed Adly Amer Elgaafary ,  Aleksandr Sevcenko

IPC: G06F21/56

CPC classification number: G06F21/565 ,  G06F2221/034

Abstract: Systems and methods for archive scanning are provided herein. In some embodiments, a method includes: selecting an archive; reading a metadata representing a plurality of files within the archive; reading a plurality of hash strings from the archive; comparing the plurality of hash strings with a database of hash strings; and determining, based on the comparing, if the plurality of files within the archive represent a security threat based on the plurality of hash strings.

公开(公告)号：US20230336546A1

公开(公告)日：2023-10-19

申请号：US17721309

申请日：2022-04-14

Applicant: UAB 360 IT

Inventor： Mohamed Adly Amer Elgaafary

IPC: H04L9/40 ,  G06V40/12 ,  G06F16/435

CPC classification number: H04L63/0861 ,  G06V40/12 ,  G06F16/436

Abstract: A method including storing, by a device in a database, a trusted fingerprint determined based at least in part on encrypting trusted connection information included in a trusted transmission packet received from a trusted source application; determining, by the device, a current fingerprint based at least in part on encrypting current connection information included in a current transmission packet received from a current source application; comparing, by the device, the current fingerprint with the trusted fingerprint; and processing, by the device, the current transmission packet based at least in part on a result of comparing the current fingerprint with the trusted fingerprint. Various other aspects are contemplated.

公开(公告)号：US12235957B2

公开(公告)日：2025-02-25

申请号：US17988821

申请日：2022-11-17

Applicant: UAB 360 IT

Inventor： Mohamed Adly Amer Elgaafary ,  Mantas Briliauskas

IPC: G06F21/56 ,  G06F16/13

Abstract: Systems and methods for recent file malware scanning are provided herein. In some embodiments, a security system may include a processor programmed to download one or more files; filter, by a first driver, the one or more downloaded files using a security zone identifier; scan, by the first driver, the filtered subset of one or more files for malware; store, by a second driver, a first set of information associated with each of the scanned files to indicate that each the filtered subset of one or more files have been scanned, wherein the first set of information is stored as metadata using alternative data stream (ADS) associated with each scanned file; monitor, by the second driver, changes to existing files based on the metadata stored; send instructions to rescan any existing file that has changed for malware; and update the information associated with any rescanned file's metadata using the ADS.

公开(公告)号：US11831640B2

公开(公告)日：2023-11-28

申请号：US17721309

申请日：2022-04-14

Applicant: UAB 360 IT

Inventor： Mohamed Adly Amer Elgaafary

IPC: H04L29/00 ,  H04L9/40 ,  G06F16/435 ,  G06V40/12

CPC classification number: H04L63/0861 ,  G06F16/436 ,  G06V40/12

Abstract: A method including storing, by a device in a database, a trusted fingerprint determined based at least in part on encrypting trusted connection information included in a trusted transmission packet received from a trusted source application; determining, by the device, a current fingerprint based at least in part on encrypting current connection information included in a current transmission packet received from a current source application; comparing, by the device, the current fingerprint with the trusted fingerprint; and processing, by the device, the current transmission packet based at least in part on a result of comparing the current fingerprint with the trusted fingerprint. Various other aspects are contemplated.

公开(公告)号：US20230300148A1

公开(公告)日：2023-09-21

申请号：US17699087

申请日：2022-03-19

Applicant: UAB 360 IT

Inventor： Mohamed Adly Amer Elgaafary

IPC: H04L9/40 ,  G06F21/56

CPC classification number: H04L63/14 ,  G06F21/567 ,  G06F2221/033

Abstract: A method including transmitting, by an infrastructure device, a current fingerprint associated with a first instance of a source application; receiving, by the infrastructure device, respective results associated with comparing the current fingerprint with respective verification fingerprints, which are associated with instances of the source application other than the first instance; determining, by the infrastructure device based at least in part on the respective results, a determination result indicating whether the first instance of the source application is to be utilized for transmitting a transmission packet; and transmitting, by the infrastructure device, the determination result to indicate whether the first instance of the source application is to be utilized for transmitting the transmission packet. Various other aspects are contemplated.

公开(公告)号：US11582187B1

公开(公告)日：2023-02-14

申请号：US17675006

申请日：2022-02-18

Applicant: UAB 360 IT

Inventor： Vykintas Maknickas ,  Mohamed Adly Amer Elgaafary ,  Aleksandr {hacek over (S)}ev{hacek over (c)}enko

IPC: H04L9/40

Abstract: A method and apparatus for providing IP address filtering. The method identifies one or more suspicious Uniform Resource Locators (URLs) and resolves the one or more suspicious URLs to one or more suspicious IP addresses. A suspicious IP address list is created containing the one or more suspicious IP addresses. The suspicious IP address list may be used to facilitate a security response to filter one or more of the IP addresses in the suspicious IP address list.

公开(公告)号：US20240214393A1

公开(公告)日：2024-06-27

申请号：US18599025

申请日：2024-03-07

Applicant: UAB 360 IT

Inventor： Mohamed Adly Amer Elgaafary

IPC: H04L9/40 ,  G06F21/56

CPC classification number: H04L63/126 ,  G06F21/567 ,  H04L63/14 ,  G06F2221/033

Abstract: The present disclosure discloses configuring a transmitting device to determine verification information including a current fingerprint associated with a first instance of a source application stored on the transmitting device, the current fingerprint (i) being determined based on utilizing one or more connection parameters associated with an external device communicating with the first instance of the source application, and (ii) uniquely identifying the first instance of the source application; configuring the transmitting device to transmit verification information including the current fingerprint; configuring the transmitting device to receive a determination result determined by the receiving device based on a comparison of the current fingerprint with a verification fingerprint that uniquely identifies a second instance of the source application stored on another device; and configuring the transmitting device to selectively transmit transmission data utilizing the first instance of the source application based on the determination result. Various other aspects are contemplated.

公开(公告)号：US11902291B2

公开(公告)日：2024-02-13

申请号：US17721301

申请日：2022-04-14

Applicant: UAB 360 IT

Inventor： Mohamed Adly Amer Elgaafary

IPC: G06F21/00 ,  H04L9/40

CPC classification number: H04L63/126 ,  H04L63/0254 ,  H04L63/145

Abstract: A method including configuring a security device to store, in a database, a trusted fingerprint determined based at least in part on encrypting trusted connection information included in a trusted transmission packet received from a trusted source application; configuring the security device to determine a current fingerprint based at least in part on encrypting current connection information included in a current transmission packet received from a current source application; configuring the security device to compare the current fingerprint with the trusted fingerprint; and configuring the security device to process the current transmission packet based at least in part on a result of comparing the current fingerprint with the trusted fingerprint. Various other aspects are contemplated.

公开(公告)号：US11838297B2

公开(公告)日：2023-12-05

申请号：US17698028

申请日：2022-03-18

Applicant: UAB 360 IT

Inventor： Mohamed Adly Amer Elgaafary

IPC: H04L9/40

CPC classification number: H04L63/126

Abstract: A method including transmitting, by a transmitting device, verification information including a current fingerprint associated with a first instance of a source application stored on the transmitting device; receiving, by the transmitting device, a determination result determined based at least in part on a comparison of the current fingerprint with a verification fingerprint associated with a second instance of the source application stored on another device; and selectively transmitting, by the transmitting device, transmission data utilizing the first instance of the source application based at least in part on the determination result. Various other aspects are contemplated.

公开(公告)号：US20230336568A1

公开(公告)日：2023-10-19

申请号：US17721301

申请日：2022-04-14

Applicant: UAB 360 IT

Inventor： Mohamed Adly Amer Elgaafary

IPC: H04L9/40

CPC classification number: H04L63/126 ,  H04L63/0254 ,  H04L63/145

Abstract: A method including configuring a security device to store, in a database, a trusted fingerprint determined based at least in part on encrypting trusted connection information included in a trusted transmission packet received from a trusted source application; configuring the security device to determine a current fingerprint based at least in part on encrypting current connection information included in a current transmission packet received from a current source application; configuring the security device to compare the current fingerprint with the trusted fingerprint; and configuring the security device to process the current transmission packet based at least in part on a result of comparing the current fingerprint with the trusted fingerprint. Various other aspects are contemplated.