SYSTEM AND METHOD FOR THREAT DETECTION AND PREVENTION

SYSTEM AND METHOD FOR THREAT DETECTION AND PREVENTION

INVENTIV.ORG

Invented by PALANKI; Hiranmayi, AMERICAN EXPRESS TRAVEL RELATED SERVICES COMPANY, INC.

Let’s take a close look at a new patent application that is changing how we keep software safe. This patent uses smart computer models to find bad code and help protect online shops and banks from digital thieves. We’ll break it down so anyone can understand why it matters and how it works, even if you’re new to the world of computer security.

Background and Market Context

Today, almost everything we buy, sell, or pay for happens online. You type in your credit card on a website, and in the blink of an eye, your money moves from your bank to the store. This is easy for shoppers and great for business. But it also gives sneaky hackers a chance to steal private information. Once hackers get into the payment process, they can take credit card numbers, passwords, and other secrets. This isn’t just a small problem. Every year, these attacks cost people and companies a lot of money and trust.

One trick hackers use is called web skimming or digital skimming. Imagine a thief hiding inside a cash register, grabbing your credit card info as you pay. That’s what happens online when bad code slips into websites you trust. Some attacks, like Magecart, are famous for this. They hide inside the website’s code, waiting for someone to type in payment details, and then send that info straight to the criminals.

These attacks are tricky because they often hide inside real code on honest websites. Sometimes even the bank or store doesn’t know the code is there because it sits on a partner or third-party website. It’s like hiding a pickpocket in a crowd—hard to spot and easy to miss. Old ways to spot these threats don’t work well enough anymore. Hackers keep finding new ways in, and the tools that guard websites can’t keep up.

That’s why there’s a huge need for smarter, faster ways to catch bad code before it can do harm. Online stores, banks, and anyone who handles money online want to stop these attacks before they start. They want to find and fix problems before customers lose money or trust.

This is where the patent comes in. It’s about a system that uses machine learning—computers that learn from examples—to find and stop these sneaky attacks. The goal is to make sure only safe, protected code makes it onto websites that handle payments or private data. This keeps shoppers and businesses safe.

Scientific Rationale and Prior Art

Let’s talk about how people have tried to solve this problem in the past. Most online security tools use rules to spot bad code. They look for certain words or patterns in the code, kind of like a spellchecker looking for misspelled words. If they see something suspicious, they block it. But hackers are clever. They change how their code looks so these tools can’t spot it. They might use new words, hide the code in strange places, or break up the code into tiny pieces. This makes it really hard for old tools to keep up.

Some tools also check if a website is connecting to known bad places on the internet, called rogue domains. But again, hackers can create new rogue domains faster than security lists can keep up. Other tools look for “indicators of compromise”—signs that something is wrong, like certain files or changes in the website’s behavior. These are helpful, but if the attacker does something new, these signs might not be there.

A few newer tools use machine learning. This is where computers look at lots of examples of bad and good code and learn patterns that humans might miss. But most of these tools still have weaknesses. They might need the code to look very similar to examples they’ve seen before, or they might make mistakes and block safe code, which annoys developers.

Some systems try to protect code by adding “content security policies” or “sub-resource integrity hashes.” These are like putting a lock on the code or checking its fingerprint to make sure it hasn’t been changed. But even these protections can be skipped or broken if not set up just right, and not every website uses them.

The new patent builds on these old ideas but tries to fix their weak spots. It uses the latest kind of machine learning called large language models (LLMs). These LLMs don’t just look for exact matches or simple patterns. They can understand the code in a deeper way, like how a person might read a story and know if something feels off, even if the words are new.

The patent also uses vector databases. Think of these as giant libraries where every piece of code is turned into a math picture. When new code shows up, the system checks if its “math picture” looks like pictures of known bad code or good protection code. This makes it much harder for hackers to fool the system just by changing a few words or moving things around.

What makes this patent special is not just spotting bad code, but also checking if good protection is there. It doesn’t just say “block this” or “let this through.” It looks for two things: is there bad code, and is there good protection? Only when the code is clean and protected does it move forward. This double-check is something most older tools don’t do.

So, the big leap here is using smarter machine learning, deeper code understanding, and a double-layered check to keep online payments safe. It’s like having both a security guard and a safety inspector at the door, each with the best training possible.

Invention Description and Key Innovations

Now, let’s go step by step through the patent’s main ideas. The invention is a smart system that helps spot and block dangerous code before it can harm an online store, bank, or any place where people enter private data.

First, this system collects lots of training data. It gets examples of bad code (like digital skimmers), signs of attacks (like connections to rogue domains), and examples of good, protective code (like scripts that guard against hacking). This data comes from many places, including special feeds that track the latest threats.

All these examples are turned into “vectors.” You can think of a vector as a way to turn code into numbers that computers can compare, kind of like turning words into coordinates on a map. These vectors go into a special database. This makes it fast and easy for the system to check new code against old examples.

The system uses two machine learning models. One is trained to spot bad code. The other is trained to find code that protects against threats. Both models are built using large language models (LLMs), which are very good at understanding patterns in language and code.

When a new app or website wants to go live, the system runs both models. The first model checks if the code is like any known bad code. If it finds close matches, it raises a red flag. The second model checks if the code includes good protection, like security rules or safety checks.

After both models run, the system uses a set of rules, called promotion rules, to decide what to do. If the code looks safe and has good protection, it gets promoted—it’s allowed to go live. If it looks risky or doesn’t have enough protection, it’s blocked. The system can also alert the developer, telling them what was wrong and how to fix it.

Let’s look at what makes this invention stand out:

1. Two Models Working Together: Most tools only look for bad code. This system also checks for good protection. It’s like checking if a door is locked and if the alarm is set before letting anyone in.

2. Large Language Models for Code: LLMs are very good at reading and understanding language. Here, they’re used to read computer code. This means the system can spot sneaky tricks that older systems might miss.

3. Vector Databases for Fast Checks: By turning code into vectors, the system can quickly compare new code to a huge library of known threats and protections. This means it can keep up with new attacks much faster.

4. Learning from Real Threats: The system keeps learning. It crawls the web and threat feeds to find the latest attacks and safety tricks. This way, it stays up to date and gets smarter over time.

5. Actionable Feedback for Developers: When the system blocks code, it doesn’t just say “no.” It gives clear feedback, telling developers what to fix or add. This helps developers write safer code faster.

6. Custom Rules for Different Teams: The promotion rules can be set by each company. Some teams might want very strict checks, while others allow more freedom. The system can be tuned for each case.

7. Works for Both New and Existing Apps: The system can check code before it goes live, or review apps already in use. If something risky is found in a live app, it can pull it offline or warn the team.

8. Automatic Code Suggestions: Beyond just blocking, the system can suggest code fixes or even generate safe code based on best practices. This helps teams build secure apps from the start.

All these features mean the invention isn’t just about stopping attacks. It’s about building a safer online world from the ground up, teaching teams how to write better code and stopping problems before they start.

In Practice: Imagine you’re a developer writing a new payment app. Before your code goes to the real website, you run it through this system. The first model checks for any sign of bad code, even if you didn’t mean to include it. The second model checks if you’ve added all the right protections. If something is missing, you get a report telling you exactly what to fix. Once your code is clean and safe, it’s allowed to go live. This means customers can trust your app, and you can sleep better at night.

The system can be used by big banks, small online shops, or any team that wants to keep their users safe. It can run on the cloud or on private servers, and it keeps learning every day. As hackers come up with new tricks, the system gets better at spotting and stopping them.

Conclusion

This patent shows a big step forward in software security. By combining powerful language models, smart databases, and clear rules, it helps catch threats that old tools miss. It doesn’t just block bad code—it also teaches teams how to protect their users better. As more business moves online, systems like this will be key to keeping everyone safe. Whether you’re a developer, a business owner, or just someone who shops online, you can feel a bit more secure knowing inventions like this are working behind the scenes.

Click here https://ppubs.uspto.gov/pubwebapp/ and search 20250217479.

--- oOo ---

Patent FAQs - Patent Guide

Check out some our latest posts on patent filling and patent news:

Related Blogs

Disclaimer:

The information provided on this blog does not, and is not intended to, constitute legal advice; instead, all information, content, and materials available on this site are for general informational purposes only. Information on this website may not constitute the most up-to-date legal or other information. This website contains links to other third-party websites. Such links are only for the reader, user or browser; we do not recommend or endorse the contents of the third-party sites.

Readers of this website should contact their attorney to obtain advice for any particular legal matter. No reader, user, or browser of this site should act or refrain from acting based on information on this site without first seeking legal advice from counsel in the relevant jurisdiction. Only your attorney can provide assurances that the information contained herein – and your interpretation of it – is applicable or appropriate to your particular situation. Use of and access to this website or any links or resources within this site do not create an attorney-client relationship between the reader, user, or browser and website authors, contributors, contributing law firms, and their respective employers.

The views expressed at or through this site are those of the authors writing in their individual capacities only – not this site. All liability for actions taken or not taken based on the contents of this site are expressly disclaimed. The content on this posting is provided “as is;” no representations are made that the content is error-free.