公开(公告)号：US20240362328A1

公开(公告)日：2024-10-31

申请号：US18382458

申请日：2023-10-20

Applicant: DELTA ELECTRONICS, INC.

Inventor： Shen-Ming CHUNG

IPC: G06F21/56 ,  G06F21/55

CPC classification number: G06F21/565 ,  G06F21/554 ,  G06F21/568

Abstract: A detection method for ransomware collaborated with a detection system having a semantic extracting module with multiple semantic extractors is disclosed and includes following steps: receiving a first file with a first ID; importing the first file to the semantic extracting module to output a first semantic feature of the first file; receiving a second file with a second ID; importing the second file to the semantic extracting module to output a second semantic feature of the second file; computing a distance between the first semantic feature and the second semantic feature if the second ID matches the first ID; and, issuing an alarm when the distance exceeds a threshold.

公开(公告)号：US20240362322A1

公开(公告)日：2024-10-31

申请号：US18139097

申请日：2023-04-25

Applicant: CDW LLC

Inventor： Marty Spain ,  Peter Joseph Dunn

IPC: G06F21/55 ,  G06N20/00

CPC classification number: G06F21/554 ,  G06N20/00 ,  G06F2221/034

Abstract: A method includes receiving historical Internet Protocol data packets; storing the packets; training a machine learning model to generate realistic data packets; and providing the generated realistic data packets to an emulated networking environment. A computing system includes: a processor; a network interface controller; and a memory having stored thereon computer-executable instructions that, when executed by the one or more processors, cause the computing system to: receive historical Internet Protocol data packets; store the packets; train a machine learning model to generate realistic data packets; and provide the generated realistic data packets to an emulated networking environment. A non-transitory computer-readable medium having stored thereon computer-executable instructions that, when executed by the one or more processors, cause a computer to: receive historical Internet Protocol data packets; store the packets; train a machine learning model to generate realistic data packets; and provide the generated realistic data packets to an emulated networking environment.

公开(公告)号：US12130948B2

公开(公告)日：2024-10-29

申请号：US17896277

申请日：2022-08-26

Applicant: VMWARE, INC.

Inventor： Madhavan Kara Bhattathiri ,  Sushma Shadakshari

IPC: G06F21/62 ,  G06F21/55

CPC classification number: G06F21/629 ,  G06F21/554 ,  G06F2221/032

Abstract: Examples herein include methods for dynamically protecting selective content during screen capture on a user device that is running an iOS operating system. The method includes extending a UI class that includes a protected field of an iOS class. The custom class can receive configuration data and determine which elements to protect. The protected elements can be placed within the protected field whereas the non-protected elements can be kept outside of the protected field. The operating system can hide the protected field and its contents during screen capture, while allowing additional content outside the protected field to remain displayed.

公开(公告)号：US12130928B2

公开(公告)日：2024-10-29

申请号：US17522666

申请日：2021-11-09

Applicant: BINARYFLUX PTE. LTD.

Inventor： Sankalp Pandey ,  Chandrakant Sharma ,  Aliaksei Bobryk

IPC: G06F21/57 ,  G06F21/55 ,  G06N3/04

CPC classification number: G06F21/577 ,  G06F21/552 ,  G06F21/554 ,  G06N3/04

Abstract: A method and system for anomaly detection in the banking system with graph network of a plurality of interconnected gateways. The system continuously monitors a plurality of gateways, data flows related to and executed at a first gateway of the plurality of gateways, the gateway data flows including at least one or more of gateways in a network.

公开(公告)号：US12130910B2

公开(公告)日：2024-10-29

申请号：US16869404

申请日：2020-05-07

Applicant: ICU Medical, Inc.

Inventor： S. Sree Vivek ,  Hrishikesh Anil Dandekar ,  Chaitanya Mattur Srinivasamurthy

IPC: G06F21/55 ,  H04L9/08 ,  H04L9/32

CPC classification number: G06F21/554 ,  H04L9/085 ,  H04L9/0894 ,  H04L9/3247 ,  H04L2209/16 ,  H04L2209/88

Abstract: The present disclosure is directed to managing device authorization through the use of digital signature thresholds. Individual components of a device, or individual devices in a network environment, are associated with separate secret shares from which a digital signature can be derived. The digital signature may be used to authorize performance of a function. A threshold number of such secret shares are used in order to derive the digital signature. Therefore, an authorization process that relies on digital signature verification to determine that a function is authorized will do so if a threshold number of secret shares are available at authorization time.

公开(公告)号：US20240354418A1

公开(公告)日：2024-10-24

申请号：US18243158

申请日：2023-09-07

Applicant: Hitachi, Ltd.

Inventor： Nodoka MIMURA ,  Toshiyuki SAITO ,  Jens DOENHOFF ,  Hiroyuki HIGAKI

IPC: G06F21/57 ,  G06F21/55

CPC classification number: G06F21/577 ,  G06F21/552 ,  G06F21/554

Abstract: A vulnerability analysis method including: acquisition processing of acquiring a component parts identifier, which is an identifier of component parts as parts configuring a product for each identifier of the product from each of a plurality of business operators, and business operator inherent data including an identifier of proprietary software but not included in the component parts from each of a plurality of business operators; correspondence identification processing of identifying a correspondence of an identifier of the product and the component parts identifier between different business operators based on previously created correspondence data; target product identification processing of identifying a target product as a product to be investigated; and vulnerability identification processing of identifying all of the proprietary software included in the target product based on the correspondence identification processing, and identifying vulnerability of software included in the target product by referring to a vulnerability DB storing data.

公开(公告)号：US12124565B2

公开(公告)日：2024-10-22

申请号：US17206989

申请日：2021-03-19

Applicant: Adobe Inc.

Inventor： Pratuish Ayanour Veettikattil ,  Vikrant Pundir ,  Vinu C. Warrier

IPC: G06F21/54 ,  G06F21/55 ,  G06F21/64

CPC classification number: G06F21/54 ,  G06F21/554 ,  G06F21/64 ,  G06F2221/033

Abstract: Techniques are provided for detecting executable application that is subjected to tampering or unauthorized modification. A checksum for a portion of the executable application is computed at a run time of the executable application by a tamper detection module encoded in the executable application. The tamper detection module compares the checksum to a pre-determined hash value for the portion of the executable application. If the checksum is different from the hash value, the executable application has been tampered with or otherwise modified. The tamper detection module can then cause an alert to be sent to the user and/or the software vendor indicating that the executable application is not genuine.

公开(公告)号：US20240346136A1

公开(公告)日：2024-10-17

申请号：US18510477

申请日：2023-11-15

Applicant: Entanglement, Inc.

Inventor： Haibo WANG ,  Richard T. HENNIG ,  John LISTER ,  Jason TURNER ,  Rajesh Chawla

IPC: G06F21/55

CPC classification number: G06F21/554 ,  G06F2221/034

Abstract: Systems and methods are described for automated threat detection. For example, the system receives labels that are generated by an unsupervised machine learning model. Using the labels, the system initiates a training process of a supervised machine learning model using the set of labels from the unsupervised machine learning model. The supervised machine learning model can generate a set of clustered data during an inference process. The supervised machine learning model can be updated and stored in a model data store for future inference processes on new data.

公开(公告)号：US12118080B2

公开(公告)日：2024-10-15

申请号：US16556883

申请日：2019-08-30

Applicant: BATTELLE MEMORIAL INSTITUTE

Inventor： Brad Harris ,  Anuja Sonalker ,  Kevin Mayhew

IPC: G06F21/55 ,  G06N20/00 ,  G06N20/10

CPC classification number: G06F21/554 ,  G06N20/00 ,  G06N20/10

Abstract: A security monitoring system for a Controller Area Network (CAN) comprises an Electronic Control Unit (ECU) operatively connected to the CAN bus. The ECU is programmed to classify a message read from the CAN bus as either normal or anomalous using an SVM-based classifier with a Radial Basis Function (RBF) kernel. The classifying includes computing a hyperplane curvature parameter γ of the RBF kernel as γ=ƒ(D) where ƒ( ) denotes a function and D denotes CAN bus message density as a function of time. In some such embodiments γ=ƒ(Var(D)) where Var(D) denotes the variance of the CAN bus message density as a function of time. The security monitoring system may be installed in a vehicle (e.g. automobile, truck, watercraft, aircraft) including a vehicle CAN bus, with the ECU operatively connected to the vehicle CAN bus to read messages communicated on the CAN bus.

公开(公告)号：US20240338449A1

公开(公告)日：2024-10-10

申请号：US18295336

申请日：2023-04-04

Applicant: Dell Products L.P.

Inventor： Ofir Ezrielev ,  Yehiel Zohar ,  Yevgeni Gehtman ,  Tomer Shachar ,  Maxim Balin

IPC: G06F21/56 ,  G06F21/55

CPC classification number: G06F21/566 ,  G06F21/554 ,  G06F2221/034

Abstract: One example method includes, by a first malware detection process, checking an aspect of a production system for evidence of a malware process, identifying the aspects as possibly affected by the malware process, generating cues that identify the aspect, and transmitting the cues to a second malware detection process. The second malware detection process checks the cues to identify the aspect, and determines that the malware process has affected the aspect. The first malware detection process may be an inline process, and the second malware detection process may be an offline process.