公开(公告)号：US20240362327A1

公开(公告)日：2024-10-31

申请号：US18141093

申请日：2023-04-28

Applicant: Palo Alto Networks, Inc.

Inventor： Zhibin Zhang ,  Bo Qu ,  Tao Yan ,  ChienHua Lu

IPC: G06F21/56

CPC classification number: G06F21/564 ,  G06F21/566 ,  G06F2221/034

Abstract: Various techniques for malicious pattern extraction via fuzzing are disclosed. In some embodiments, a system/process/computer program product for malicious pattern extraction via fuzzing includes receiving a malicious sample (e.g., the malicious sample can be an executable file, such as a binary, script, etc., or a file that includes content for inputting into an application, such as for an office productivity suite or another application); mutating the malicious sample using fuzzing; and generating a signature based on a critical path (e.g., a malware signature can be automatically generated by a cloud security service for detection of the malicious sample, and the cloud security service can distribute the malware signature to a plurality of firewalls and/or other security entities to subscribers of a security service).

公开(公告)号：US20240362322A1

公开(公告)日：2024-10-31

申请号：US18139097

申请日：2023-04-25

Applicant: CDW LLC

Inventor： Marty Spain ,  Peter Joseph Dunn

IPC: G06F21/55 ,  G06N20/00

CPC classification number: G06F21/554 ,  G06N20/00 ,  G06F2221/034

Abstract: A method includes receiving historical Internet Protocol data packets; storing the packets; training a machine learning model to generate realistic data packets; and providing the generated realistic data packets to an emulated networking environment. A computing system includes: a processor; a network interface controller; and a memory having stored thereon computer-executable instructions that, when executed by the one or more processors, cause the computing system to: receive historical Internet Protocol data packets; store the packets; train a machine learning model to generate realistic data packets; and provide the generated realistic data packets to an emulated networking environment. A non-transitory computer-readable medium having stored thereon computer-executable instructions that, when executed by the one or more processors, cause a computer to: receive historical Internet Protocol data packets; store the packets; train a machine learning model to generate realistic data packets; and provide the generated realistic data packets to an emulated networking environment.

公开(公告)号：US20240362319A1

公开(公告)日：2024-10-31

申请号：US18765561

申请日：2024-07-08

Applicant: Mobileye Vision Technologies Ltd.

Inventor： Eran BEN-AVI ,  Leonid SMOLYANSKY

IPC: G06F21/51 ,  B60W50/00 ,  G06F21/85

CPC classification number: G06F21/51 ,  G06F21/85 ,  B60W50/00 ,  B60W2050/0083 ,  B60W2420/403 ,  G06F2221/034 ,  G06F2221/2143

Abstract: Disclosed embodiments provide systems and methods that can be used as part of or in combination with autonomous navigation, autonomous driving, or driver assist technology features. As opposed to fully autonomous driving, driver assist technology may refer to any suitable technology to assist drivers in the navigation or control of their vehicles. In various embodiments, the system may include one or more cameras mountable in a vehicle and an associated processor that monitors the environment of the vehicle. In further embodiments, additional types of sensors can be mounted in the vehicle and can be used in the autonomous navigation or driver assist systems. These systems and methods may include the use of a shared cache that is shared by a group of processing units to improve analysis of images captured by the one or more cameras.

公开(公告)号：US12131375B2

公开(公告)日：2024-10-29

申请号：US17660503

申请日：2022-04-25

Applicant: PointPredictive Inc.

Inventor： Frank J. McKenna ,  Timothy J. Grace ,  Gregory Gancarz ,  Michael J. Kennedy

IPC: G06N3/04 ,  G06F21/57 ,  G06N3/08 ,  G06N5/02 ,  G06N5/025 ,  G06N7/01 ,  G06N20/00 ,  G06N20/20 ,  G06Q40/02 ,  G06Q40/03 ,  G06F3/01 ,  G10L15/22

CPC classification number: G06Q40/03 ,  G06F21/577 ,  G06N5/025 ,  G06N7/01 ,  G06N20/00 ,  G06N20/20 ,  G06F3/013 ,  G06F2221/034 ,  G06N3/04 ,  G06N3/08 ,  G10L15/22 ,  G10L2015/223

Abstract: The present disclosure relates generally to a risk-based fraud identification and risk analysis system. For example, the system may receive application data from a first borrower user, determine a segment associated with the application data, apply application data to one or more machine learning (ML) models, and receive a score based at least in part upon output of the ML model.

公开(公告)号：US12130930B2

公开(公告)日：2024-10-29

申请号：US17822350

申请日：2022-08-25

Applicant: Security Compass Technologies Ltd.

Inventor： Deepu Filji ,  Farbod Hosseyndoust Foomany ,  Ehsan Foroughi ,  Rohit Kumar Sethi ,  Geoffrey Whittington ,  Trevor Young

IPC: G06F21/57

CPC classification number: G06F21/577 ,  G06F2221/034

Abstract: A system and method for automation and managing of security requirements and software supply chain in a software development lifecycle in a service-oriented architecture. Shared components can be used in the implementation of multiple software applications and each component has a functionality in the application and a set of controls for its implementation. A requirements library provides a list task requirements for each application which are applicable to the software application based on application context which is adjusted based on the controls required for implementation or controls addressed by the component. The shared components in the component library can be pre-authorized for use and applied to various software projects and applications with tracking, versioning, and dependency management.

公开(公告)号：US12130918B2

公开(公告)日：2024-10-29

申请号：US17646484

申请日：2021-12-30

Applicant: Acronis International GmbH

Inventor： Vladimir Strogov ,  Serguei Beloussov ,  Stanislav Protasov

IPC: G06F21/56 ,  G06F11/14

CPC classification number: G06F21/561 ,  G06F11/1469 ,  G06F2201/84 ,  G06F2221/034

Abstract: The invention relates to data recovery technology. An archive connection driver creates a virtual storage medium that is readable by an operating system, with the operating system running antivirus scanning algorithms on the connected virtual storage medium. Corrupted data and malware are deleted and the relevant data blocks repaired in a connected backup. Corrupted data and infected files are restored in marked invalid data in the backup.

公开(公告)号：US12130916B2

公开(公告)日：2024-10-29

申请号：US17838973

申请日：2022-06-13

Applicant: Musarubra US LLC

Inventor： Sorcha Healy ,  Christiaan Beek

IPC: G06F21/56 ,  G06F21/53 ,  G06N3/045 ,  G06N3/08

CPC classification number: G06F21/56 ,  G06F21/53 ,  G06N3/045 ,  G06N3/08 ,  G06F2221/033 ,  G06F2221/034

Abstract: Apparatus, systems, and methods to classify malware with explainability are disclosed. An example apparatus includes at least one memory; instructions in the apparatus; and processor circuitry. The example processor circuitry is to execute the instructions to: generate feature vectors from a first input; train a neural network model using a first portion of the feature vectors; add one or more fully connected layers to the trained neural network model to form a hybrid model; validate the hybrid model using a second portion of the feature vectors; and deploy the validated hybrid model as a malware classifier, the malware classifier to provide a malware classification with explainability in response to a second input.

公开(公告)号：US12130908B2

公开(公告)日：2024-10-29

申请号：US16864471

申请日：2020-05-01

Applicant: Forcepoint, LLC

Inventor： Alan Ross ,  Tobias Johnathon Ryan

IPC: G06F21/55 ,  G06F21/57

CPC classification number: G06F21/552 ,  G06F21/577 ,  G06F2221/034

Abstract: A system, method, and computer-readable medium are disclosed for detecting malicious entity behavior and providing accurate indicator of behaviors indicating occurrence of malicious behavior. Data input as to the entity behavior is received and monitored from different sources. The entity behavior is monitored over time at time periods. Detection probability is determined at each time period, where the detection probability relates to malicious behavior and increases over time. A trigger indicator of behavior is provided if the detection probability reaches a threshold value.

公开(公告)号：US20240354417A1

公开(公告)日：2024-10-24

申请号：US18758091

申请日：2024-06-28

Applicant: Google LLC

Inventor： Miguel Angel Osorio Lozano ,  Timothy Jay Chen

IPC: G06F21/57 ,  G06F9/4401 ,  H04L9/08 ,  H04L9/30 ,  H04L9/32

CPC classification number: G06F21/575 ,  G06F9/4403 ,  H04L9/0838 ,  H04L9/0866 ,  H04L9/0894 ,  H04L9/30 ,  H04L9/3226 ,  G06F2221/034

Abstract: This document describes systems and techniques for deriving identity and root keys for embedded systems. In aspects, a boot process and key manager of an embedded system may implement a secure or trusted boot process for embedded systems in which code of next-level boot loader or software image is verified using root keys or other protected information before execution of the boot process is passed to the next stage in the boot process. Alternatively or additionally, the key manager may enable sealing and attestation of various levels of root and identity keys to enable respective verification of software or hardware throughout a life cycle of a device to prevent unauthorized access to protected or private code of an embedded system. By so doing, the described aspects may enable an embedded system with a secure boot process and robust identity and root key management system.

公开(公告)号：US20240354407A1

公开(公告)日：2024-10-24

申请号：US18642058

申请日：2024-04-22

Applicant: Sophos Limited

Inventor： Steven John Braggs ,  Tzu-yi Lin

IPC: G06F21/56 ,  G06F9/54

CPC classification number: G06F21/56 ,  G06F9/542 ,  G06F2221/034

Abstract: Malware attacks seek to exploit target computing systems and avoid detection by terminating security, antivirus, or other application process threads in the operating system. Methods and systems for detecting kernel-based thread termination activity enable the detection of thread termination events occurring at the kernel level, in order to identify and mitigate known or suspected malware activity.