&#xfeff;<html>
  <head>
    <META http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="stylesheet" type="text/css" href="html_style_eog.css"/>
<script type="text/javascript">
			function printpage()
			{
			window.print()
			}
			</script>
<script type="text/javascript" src="https://components.uspto.gov/js/ais/40-patentsgazette.js"></script></head>
  <body bgcolor='#FFFFFF' onload='javascript: if ((navigator.appName.indexOf("Netscape")!=-1) && parent.leftFrame!=null) parent.leftFrame.location.reload();'>
    <basefont face="Times New Roman, Times New Roman, Times New Roman " size="2">
      <div style="margin-left: +10pt">
        <table width="90%" border="0" rules="none" align="center">
          <tr align="center">
            <td width="20%" colspan="1" rowspan="2" align="left" valign="top"><a href="https://ppubs.uspto.gov/pubwebapp/external.html?q=11818169.pn.&amp;db=USPAT" target="popup"><input type="button" class="button" value="   Full Text   "></a></td>
            <td class="table_data"><b>US 11,818,169 B2</b></td>
            <td width="20%" colspan="1" rowspan="2" align="right" valign="top">
              <form><input type="button" value="Print this page" onclick="printpage()"></form>
            </td>
          </tr>
          <tr align="center">
            <td colspan="1" class="table_data" style="text-transform: uppercase"><b>Detecting and mitigating attacks using forged authentication objects within a domain</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b> Jason Crabtree,  Vienna, VA (US); and  Andrew Sellers,  Monument, CO (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Assigned to  QOMPLX LLC,  New York, NY (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed by  QOMPLX, Inc.,  Tysons, VA (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed on Oct.  26, 2022, as Appl. No. 17/974,257.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 17/974,257 is a continuation of application No. 17/169,924, filed on Feb.  8, 2021, granted, now 11,570,209.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 17/169,924 is a continuation in part of application No. 15/837,845, filed on Dec.  11, 2017, granted, now 11,005,824, issued on May   11, 2021.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 15/837,845 is a continuation in part of application No. 15/825,350, filed on Nov.  29, 2017, granted, now 10,594,714, issued on Mar.  17, 2020.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 15/825,350 is a continuation in part of application No. 15/725,274, filed on Oct.  4, 2017, granted, now 10,609,079, issued on Mar.  31, 2020.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 15/725,274 is a continuation in part of application No. 15/655,113, filed on Jul.  20, 2017, granted, now 10,735,456, issued on Aug.  4, 2020.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 15/655,113 is a continuation in part of application No. 15/616,427, filed on Jun.  7, 2017, abandoned.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 15/616,427 is a continuation in part of application No. 15/237,625, filed on Aug.  15, 2016, granted, now 10,248,910, issued on Apr.  2, 2019.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 15/237,625 is a continuation in part of application No. 15/206,195, filed on Jul.  8, 2016, abandoned.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 15/206,195 is a continuation in part of application No. 15/186,453, filed on Jun.  18, 2016, abandoned.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 15/186,453 is a continuation in part of application No. 15/166,158, filed on May   26, 2016, abandoned.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 15/166,158 is a continuation in part of application No. 15/141,752, filed on Apr.  28, 2016, granted, now 10,860,962, issued on Dec.  8, 2020.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 15/141,752 is a continuation in part of application No. 15/091,563, filed on Apr.  5, 2016, granted, now 10,204,147, issued on Feb.  12, 2019.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 15/091,563 is a continuation in part of application No. 14/986,536, filed on Dec.  31, 2015, granted, now 10,210,255, issued on Feb.  19, 2019.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 14/986,536 is a continuation in part of application No. 14/925,974, filed on Oct.  28, 2015, abandoned.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 15/616,427 is a continuation in part of application No. 14/925,974, filed on Oct.  28, 2015.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Claims priority of provisional application 62/596,105, filed on Dec.  7, 2017.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Prior Publication US 2023/0123314 A1, Apr.  20, 2023</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>This patent is subject to a terminal disclaimer.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Int. Cl. </b><i><b>H04L 9/40</b></i> (2022.01); <i><b>H04L 9/06</b></i> (2006.01)</td>
          </tr>
        </table>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="75%">
            <col width="15%">
          </colgroup>
          <tr align="left">
            <td class="table_data" align="left"><b>CPC </b><i><b>H04L 63/1466</b></i> (2013.01)&#xa0;[<i><b>H04L 9/0643</b></i> (2013.01); <i><b>H04L 63/1416</b></i> (2013.01); <i><b>H04L 63/1425</b></i> (2013.01)]</td>
            <td class="table_data" align="right"><b>8 Claims</b></td>
          </tr>
        </table>
        <center><img src="US11818169-20231114-D00000.gif" alt="OG exemplary drawing"></center>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="90%">
          </colgroup>
          <tr>
            <td class="table_data" align="center">&#xa0;</td>
          </tr>
          <tr>
            <td valign="top" class="para_text">
              <div class="claim_text_root">1. A system for detecting and mitigating attacks using forged authentication objects within a domain, comprising:<div class="claim_text">a computing device comprising a memory and a processor;</div>
                <div class="claim_text">an authentication object inspector comprising a plurality of programming instructions stored in the memory which, when operating on the processor, causes the computing device to:<div class="claim_text">receive a plurality of first authentication objects known to be generated by an identity provider associated with an authentication domain;</div>
                  <div class="claim_text">store a record of each received first authentication object, with attached metadata comprising a timestamp of when each first authentication object was received, in a time-series database;</div>
                  <div class="claim_text">calculate an authentication object identifier for each first authentication object;</div>
                  <div class="claim_text">store the authentication object identifier of each first authentication object in a database of authentication object identifiers for the identity provider;</div>
                  <div class="claim_text">receive a request for access to a network resource associated with the authentication domain accompanied by a second authentication object;</div>
                  <div class="claim_text">calculate an authentication object identifier of the second authentication object;</div>
                  <div class="claim_text">compare the authentication object identifier of the second authentication object with the authentication object identifiers of the first authentication objects stored in the database of authentication object identifiers to determine whether the authentication object identifier of the second authentication object already exists in the database of authentication object identifiers;</div>
                  <div class="claim_text">where the authentication object identifier of the second authentication object does not exist in the database of authentication object identifiers, generate a notification that the identity provider may be compromised.</div>
                </div>
              </div>
            </td>
          </tr>
        </table>
      </div>
    
  </body>
</html>