[Maarten Van Horenbeeck] [About me]
Patents
Automatic fraudulent digital certificate detection
Issued Feb 24, 2015 Patent issuer and number us 8,966,659
Muhammad Umar Janjua, Yogesh Mehta, Maarten Van Horenbeeck, Anooshiravan Saboori, Nelly Porter, Vassil D. Bakalov, Bryston Nitta - Microsoft Corporation
A computing device analyzes digital certificates received from various different sites (e.g., accessed via the Internet or other network) in order to automatically detect fraudulent digital certificates. The computing device maintains a record of the digital certificates it receives from these various different sites. A certificate screening service operating remotely from the computing device also accesses these various different sites and maintains a record of the digital certificates that the service receives from these sites. In response to a request to access a target site the computing device receives a current digital certificate from the target site. The computing device determines whether the current digital certificate is genuine or fraudulent based on one or more of previously received digital certificates for the target site, confirmation certificates received from the certificate screening service, and additional characteristics of the digital certificates and/or the target site.
Detecting network attacks based on network records
Issued Aug 23, 2016 Patent issuer and number us 9,426,171
Matthew Ryan Jezorek, Maarten Van Horenbeeck, Richie Lai - Amazon Technologies, Inc.
Techniques for analyzing access to a network-based resource may be provided. For example, a client record associated with the access to the network-based resource over a network may be compared to a provider record. The client record may indicate an address of the network based resource and can be received from a computing resource. The provider record can also indicate the address and can be received from a trusted computing resource. Based on the comparison, an issue associated with the access to the network-based resource over the network may be detected.
Detecting network attacks based on a hash
Issued Oct 18, 2016 Patent issuer and number us 9,473,516
Matthew Ryan Jezorek, Maarten Van Horenbeeck, Richie Lai - Amazon Technologies, Inc.
Techniques for analyzing access to a network-based document may be provided. For example, a portion of the network-based document for hashing may be identified. A client hash of the portion may be accessed. The client hash may be based on an access of a client to the network-based document over a network. A provider hash of the portion may be also accessed. The provider hash may be based on a trusted version of the portion. The client hash and the provider hash may be compared. Based on the comparison, an issue associated with the access to the network-based document over the network may be detected.
Techniques for Data Routing and Management using Risk Classification and Data Sampling
Issued May 23, 2017 Patent issuer and number us 9,661,011
Maarten Van Horenbeeck, Christopher Michael Anderson, Katharine Nicole Harrison, Matthew Ryan Jezorek, Jon Arron McClintock, Tushaar Sethi - Amazon Technologies, Inc.
Techniques described and suggested herein include various systems and methods for determining risk levels associated with transiting data, and routing portions of the data in accordance with the determined risk levels. For example, a risk analyzer may apply risk classifiers to transiting data to determine overall risk levels of some or all of the transiting data. A traffic router may route transiting data according to determined risk profiles for the data. A sandbox may be implemented to compare, for a given input, expected and observed outputs for a subset of the transiting data, so as to determine risk profiles associated with at least the subset.
Detecting network attacks based on network requests
Issued Sep 5, 2017 Patent issuer and number us 9,756,058
Matthew Ryan Jezorek, Maarten Van Horenbeeck, Richie Lai - Amazon Technologies, Inc.
Based on an access of a client device to the network-based document, information associated with this access may be recorded. The information may be analyzed to determine whether a condition associated with the direct access may be violated. An issue may be detected with the client device access based on a determination that the condition may be violated.
Analyzing distributed datasets
Issued May 1, 2018 Patent issuer and number us 9,960,975
Maarten Van Horenbeeck, Matt Jezorek - Amazon Technologies, Inc.
Techniques for analyzing a dataset may be provided. For example, a configuration file may be accessed. The dataset may be analyzed based on a condition identified in the configuration file. A report may be generated and transmitted based on the analysis. Another report generated based on an analysis of another dataset according to another configuration file may be accessed. The dataset may be further analyzed based on this report to determine if a reported observation may also be associated with the dataset. If so, a confirmation may be generated and transmitted.
Identifying sensitive data writes to data stores
Issued Oct 30, 2018 Patent issuer and number us 10,114,960
Jon Arron McClintock, Tushaar Sethi, Maarten Van Horenbeeck - Amazon Technologies, Inc.
Techniques for detecting access to computer system data by applications running on a computer system are described herein. Data access event log entries are recorded, the log entries including one or more metadata items associated with how the computer system application accessed the computer system data. The log entries are analyzed using correlations with other computer system events and, if improper access is detected, one or more operations relating to the type of data accessed and the type of violation are performed to mitigate the improper data access.
Secure streamlined provisioning of remote access terminals
Issued Jan 22, 2019 Patent issuer and number us 10,187,362
Jon Arron McClintock, John Duksta, Katey Harrison, Matt Jezorek, Brian Lee, Maarten Van Horenbeeck - Amazon Technologies, Inc.
Techniques for detecting access to computer system data by applications running on a computer system are described herein. Data access event log entries are recorded, the log entries including one or more metadata items associated with how the computer system application accessed the computer system data. The log entries are analyzed using correlations with other computer system events and, if improper access is detected, one or more operations relating to the type of data accessed and the type of violation are performed to mitigate the improper data access.