[Maarten Van Horenbeeck] [About me]

Patents

Automatic fraudulent digital certificate detection
Issued Feb 24, 2015 Patent issuer and number us 8,966,659
Muhammad Umar Janjua, Yogesh Mehta, Maarten Van Horenbeeck, Anooshiravan Saboori, Nelly Porter, Vassil D. Bakalov, Bryston Nitta - Microsoft Corporation

A computing device analyzes digital certificates received from various different sites (e.g., accessed via the Internet or other network) in order to automatically detect fraudulent digital certificates. The computing device maintains a record of the digital certificates it receives from these various different sites. A certificate screening service operating remotely from the computing device also accesses these various different sites and maintains a record of the digital certificates that the service receives from these sites. In response to a request to access a target site the computing device receives a current digital certificate from the target site. The computing device determines whether the current digital certificate is genuine or fraudulent based on one or more of previously received digital certificates for the target site, confirmation certificates received from the certificate screening service, and additional characteristics of the digital certificates and/or the target site.

Detecting network attacks based on network records
Issued Aug 23, 2016 Patent issuer and number us 9,426,171
Matthew Ryan Jezorek, Maarten Van Horenbeeck, Richie Lai - Amazon Technologies, Inc.

Techniques for analyzing access to a network-based resource may be provided. For example, a client record associated with the access to the network-based resource over a network may be compared to a provider record. The client record may indicate an address of the network based resource and can be received from a computing resource. The provider record can also indicate the address and can be received from a trusted computing resource. Based on the comparison, an issue associated with the access to the network-based resource over the network may be detected.

Detecting network attacks based on a hash
Issued Oct 18, 2016 Patent issuer and number us 9,473,516
Matthew Ryan Jezorek, Maarten Van Horenbeeck, Richie Lai - Amazon Technologies, Inc.

Techniques for analyzing access to a network-based document may be provided. For example, a portion of the network-based document for hashing may be identified. A client hash of the portion may be accessed. The client hash may be based on an access of a client to the network-based document over a network. A provider hash of the portion may be also accessed. The provider hash may be based on a trusted version of the portion. The client hash and the provider hash may be compared. Based on the comparison, an issue associated with the access to the network-based document over the network may be detected.

Techniques for Data Routing and Management using Risk Classification and Data Sampling
Issued May 23, 2017 Patent issuer and number us 9,661,011
Maarten Van Horenbeeck, Christopher Michael Anderson, Katharine Nicole Harrison, Matthew Ryan Jezorek, Jon Arron McClintock, Tushaar Sethi - Amazon Technologies, Inc.

Techniques described and suggested herein include various systems and methods for determining risk levels associated with transiting data, and routing portions of the data in accordance with the determined risk levels. For example, a risk analyzer may apply risk classifiers to transiting data to determine overall risk levels of some or all of the transiting data. A traffic router may route transiting data according to determined risk profiles for the data. A sandbox may be implemented to compare, for a given input, expected and observed outputs for a subset of the transiting data, so as to determine risk profiles associated with at least the subset.

Detecting network attacks based on network requests
Issued Sep 5, 2017 Patent issuer and number us 9,756,058
Matthew Ryan Jezorek, Maarten Van Horenbeeck, Richie Lai - Amazon Technologies, Inc.

Based on an access of a client device to the network-based document, information associated with this access may be recorded. The information may be analyzed to determine whether a condition associated with the direct access may be violated. An issue may be detected with the client device access based on a determination that the condition may be violated.

Event-based data path detection
Issued Dec 5, 2017 Patent issuer and number us 9,838,260
Jon Arron McClintock, Dominique Imjya Brezinski, Tushaar Sethi, Maarten Van Horenbeeck - Amazon Technologies, Inc.

A method and apparatus for path detection are disclosed. In the method and apparatus, a data path may link two path-end nodes in a network. Event data for the network may be received and may be used to determine, for each node resident on the path, proximity measures to each path-end node. The proximity measure of network nodes may be evaluated to determine whether a path exists between the two path-end nodes.