Patents - stay tuned to the technology

Inventors list

Assignees list

Classification tree browser

Top 100 Inventors

Top 100 Assignees


Ollmann

Gunter Ollmann, Norcross, GA US

Patent application numberDescriptionPublished
20100107257SYSTEM, METHOD AND PROGRAM PRODUCT FOR DETECTING PRESENCE OF MALICIOUS SOFTWARE RUNNING ON A COMPUTER SYSTEM - A system, method and program product for detecting presence of malicious software running on a computer system. The method includes locally querying the system to enumerate a local inventory of tasks and network services running on the system for detecting presence of malicious software running on the system and remotely querying the system from a remote system via a network to enumerate a remote inventory of tasks and network services running on the system for detecting presence of malicious software running on the system, where the local inventory enumerates ports in use on the system and where the remote inventory enumerates ports in use on the system. Further, the method includes collecting the local inventory and the remote inventory and comparing the local inventory with the remote inventory to identify any discrepancies between the local and the remote inventories for detecting presence of malicious software running on the system.04-29-2010
20110167495METHOD AND SYSTEM FOR DETECTING MALWARE - A system and method of analysis. NX domain names are collected from an asset in a real network. The NX domain names are domain names that are not registered. The real network NX domain names are utilized to create testing vectors. The testing vectors are classified as benign vectors or malicious vectors based on training vectors. The asset is then classified as infected if the NX testing vector created from the real network NX domain names is classified as a malicious vector.07-07-2011
20110283361METHOD AND SYSTEM FOR NETWORK-BASED DETECTING OF MALWARE FROM BEHAVIORAL CLUSTERING - A computerized system and method for performing behavioral clustering of malware samples, comprising: executing malware samples in a controlled computer environment fbr a predetermined time to obtain HTTP traffic; clustering the malware samples into at least one cluster based on network behavioral information from the HTTP traffic; and extracting, using the at least one processor, network signatures from the HTTP traffic information for each cluster, the network signatures being indicative of malware infection.11-17-2011
20120084862Detecting Malicious Use of Computer Resources by Tasks Running on a Computer System - A method, apparatus, and computer program product for identifying malware is disclosed. The method identifies processes in a running process list on a host computer system. The method identifies ports assigned to the processes in the running process list on the host computer system. The method determines whether any one of ports that is currently in use in the host computer system is not assigned to any of the processes in the running process list. The method then makes a record that a hidden, running process is present as a characteristic of an attack in response to a determination that one of the ports is currently in use but is not assigned to any of the processes in the running process list in the host computer system.04-05-2012
20140101759METHOD AND SYSTEM FOR DETECTING MALWARE - A system and method of analysis. NX domain names are collected from an asset in a real network. The NX domain names are domain names that are not registered. The real network NX domain names are utilized to create testing vectors. The testing vectors are classified as benign vectors or malicious vectors based on training vectors. The asset is then classified as infected if the NX testing vector created from the real network NX domain names is classified as a malicious vector.04-10-2014
20150026808METHOD AND SYSTEM FOR NETWORK-BASED DETECTING OF MALWARE FROM BEHAVIORAL CLUSTERING - A computerized system and method for performing behavioral clustering of malware samples, comprising: executing malware samples in a controlled computer environment for a predetermined time to obtain HTTP traffic; clustering the malware samples into at least one cluster based on network behavioral information from the HTTP traffic; and extracting, using the at least one processor, network signatures from the HTTP traffic information for each cluster, the network signatures being indicative of malware infection.01-22-2015

Patent applications by Gunter Ollmann, Norcross, GA US

Gunter D. Ollmann, Norcross, GA US

Patent application numberDescriptionPublished
20100154032System and Method for Classification of Unwanted or Malicious Software Through the Identification of Encrypted Data Communication - A method for identifying malware or unauthorized software communications implemented within a computer infrastructure, the method including detecting an encrypted communication and determining identification data for the encrypted communication. Additionally, the method includes comparing the detected encrypted communication to at least one of a list of applications authorized for encrypted communications using the identification data and a list of authorized destinations of encrypted communications using the identification data. Furthermore, the method includes identifying the detected encrypted communication as an unauthorized encrypted communication in response to a determination that at least one of the detected encrypted communication is from an unauthorized application, which is not on the list of applications authorized for encrypted communications, based on the comparing and the detected encrypted communication is to an unauthorized destination, which is not on the list of authorized destinations.06-17-2010
20100154061SYSTEM AND METHOD FOR IDENTIFYING MALICIOUS ACTIVITIES THROUGH NON-LOGGED-IN HOST USAGE - A method for identifying malware activities, implemented within a computer infrastructure, includes receiving a data communication via a data channel and determining a user is not interactively logged in to a host. Additionally, the method includes identifying the data communication as a potential malware communication in response to the determining the user is not interactively logged in to the host.06-17-2010
20120096556SYSTEM AND METHOD FOR IDENTIFYING MALICIOUS ACTIVITIES THROUGH NON-LOGGED-IN HOST USAGE - A method for identifying malware activities, implemented within a computer infrastructure, includes receiving a data communication via a data channel and determining a user is not interactively logged in to a host. Additionally, the method includes identifying the data communication as a potential malware communication in response to the determining the user is not interactively logged in to the host.04-19-2012
20140130169IDENTIFICATION OF MALICIOUS ACTIVITIES THROUGH NON-LOGGED-IN HOST USAGE - A system and associated computer program product for identifying malware. The system includes one or more processors, one or more computer-readable memories, one or more computer-readable storage devices, and program instructions stored on the one or more storage devices for execution by the one or more processors via the one or more memories. The program instructions include program instructions to receive a data communication simulating manual interaction between a user of the computer and the computer. The program instructions may determine that no user was interactively logged on to the computer approximately at a time the data communication was received by the computer, and in response, classify the data communication as a potential malware communication.05-08-2014
20150074812Detecting Malicious Use of Computer Resources by Tasks Running on a Computer System - A method, apparatus, and computer program product for identifying malware is disclosed. The method identifies processes in a running process list on a host computer system. The method identifies ports assigned to the processes in the running process list on the host computer system. The method determines whether any one of ports that is currently in use in the host computer system is not assigned to any of the processes in the running process list. The method then makes a record that a hidden, running process is present as a characteristic of an attack in response to a determination that one of the ports is currently in use but is not assigned to any of the processes in the running process list in the host computer system.03-12-2015

Patent applications by Gunter D. Ollmann, Norcross, GA US

Jens Ollmann, Finsterwalde DE

Patent application numberDescriptionPublished
20120199562METHOD FOR PLASMA-CUTTING A WORKPIECE BY MEANS OF A PLASMA-CUTTING SYSTEM AND PULSATING CURRENT - A method for plasma cutting a workpiece comprises providing a plasma cutting system having a plasma current source and a plasma torch, the plasma torch having an electrode and nozzle where the nozzle is a small distance from the electrode at a lower end of the plasma torch, forming a plasma chamber between the nozzle and the electrode. A current is produced with a plasma current source and the current flows through the plasma torch during the plasma cutting process. The current is then brought to pulsation during at least a partial time period during the plasma cutting process, with the pulsation occurring in a targeted or controlled manner with a freely selectable frequency.08-09-2012

Richard R. Ollmann, Woodbury, MN US

Patent application numberDescriptionPublished
20080229349Recordable optical data storage disc - A recordable data storage disc comprises a substrate having a spirally or concentrically shaped groove pattern. A groove depth of the groove pattern is greater than 90 nanometers, and a track pitch provided by the groove pattern is less than 500 nanometers. The data storage disc further comprises a write-once recording layer formed on the groove pattern, and a reflector layer formed on the recording layer opposite the substrate. The groove depth of greater than 90 nanometers allows a thicker coating of dye to be used for the recording layer compared to other recordable data storage discs with a groove pattern with a groove depth of 90 nanometers or less. The thicker coating of dye allows a lower write power, better modulation when reading a data signal from the disc. The groove depth of greater than 90 nanometers may also allow for more precise push-pull tracking.09-18-2008
20120168690NANOWIRE RECOVERY METHODS, COMPOSITIONS, AND ARTICLES - Methods of recovering compositions comprising nanowires and the product compositions are disclosed and claimed. The product compositions produced by these methods are able to provide equivalent performance to virgin raw materials in transparent conductive film manufacturing processes.07-05-2012
20120207644NANOWIRE PREPARATION METHODS, COMPOSITIONS, AND ARTICLES - Methods of producing metal nanowires employing tubular continuous-flow reactors and their products are described and claimed. Such methods can provide superior nanowire uniformity without agglomeration. Such nanowires are useful for electronic applications.08-16-2012
20120298931VISCOSITY MODIFIER COMPOSITIONS AND METHODS - Disclosed are conductive coatings that exhibit improved clarity, uniformity, and mechanical strength. Such coatings comprising volatile viscosity modifiers are useful for electronics applications.11-29-2012
20120301737TRANSPARENT CONDUCTIVE FILMS, METHODS, AND ARTICLES - Disclosed are compositions and methods that provide flexible transparent conductive films that exhibit low levels of oligomer migration and haze development, without making use of costly substrates based on PEN film or PET films having low oligomer content. Such flexible transparent conductive films are useful in electronic and optical applications.11-29-2012
20130343950NANOWIRE PREPARATION METHODS, COMPOSITIONS, AND ARTICLES - Methods of producing metal nanowires employing tubular continuous-flow reactors and their products are described and claimed. Such methods can provide superior nanowire uniformity without agglomeration. Such nanowires are useful for electronic applications.12-26-2013
20140099486PATTERNED FILMS AND METHODS - Methods of patterning films that enable visual identification of patterned films and the patterned regions on them, while still achieving minimally discernible optical differences between the patterned and unpatterned regions in devices incorporating the patterned films. Such methods can exhibit wide successful manufacturing operating windows and the patterned films are useful in electronic applications.04-10-2014

Patent applications by Richard R. Ollmann, Woodbury, MN US

Website © 2015 Advameg, Inc.