Patents by Inventor Anestis Karasaridis
Anestis Karasaridis has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10992536Abstract: Systems, methods and computer readable media are provided to control anycast traffic using a software defined network controller. Telemetry and event data is gathered from a plurality of service nodes in the network. The telemetry and event data sent by an event broker to an analytic application with a resource conditions at each of the plurality of service nodes is determined based on the telemetry and event data. Traffic routing change recommendations are provided to a software defined network controller based on resource conditions at each of the plurality of service nodes and a set of predetermined policies.Type: GrantFiled: August 15, 2016Date of Patent: April 27, 2021Assignee: AT&T Intellectual Property I, L.P.Inventors: Anestis Karasaridis, Douglas M. Nortz, Ashwin Sridharan, Patrick Michael Velardo, Jr.
-
Patent number: 10834114Abstract: A processing system having at least one processor may obtain domain name system (DNS) traffic records of a DNS platform, the DNS traffic records associated with a source device having a first status and that is submitting DNS queries, where a first-tier DNS authoritative server of the DNS platform is configured to forward the DNS queries from the source device to at least a first second-tier DNS authoritative server of the DNS platform designated for the first status. The processing system may further detect anomalous DNS traffic records from the DNS traffic records, identify a change of the source device from a first status to a second status, based upon the detecting the anomalous DNS traffic records, and reconfigure the first-tier DNS authoritative server to redirect the DNS queries from the source device to at least a second second-tier DNS authoritative server designated for the second status.Type: GrantFiled: December 13, 2018Date of Patent: November 10, 2020Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.Inventors: Anestis Karasaridis, Eric Noel, Stephen Chou, Patrick Velardo
-
Publication number: 20200195669Abstract: A processing system having at least one processor may obtain domain name system (DNS) traffic records of a DNS platform, the DNS traffic records associated with a source device having a first status and that is submitting DNS queries, where a first-tier DNS authoritative server of the DNS platform is configured to forward the DNS queries from the source device to at least a first second-tier DNS authoritative server of the DNS platform designated for the first status. The processing system may further detect anomalous DNS traffic records from the DNS traffic records, identify a change of the source device from a first status to a second status, based upon the detecting the anomalous DNS traffic records, and reconfigure the first-tier DNS authoritative server to redirect the DNS queries from the source device to at least a second second-tier DNS authoritative server designated for the second status.Type: ApplicationFiled: December 13, 2018Publication date: June 18, 2020Inventors: Anestis Karasaridis, Eric Noel, Stephen Chou, Patrick Velardo
-
Publication number: 20200112574Abstract: A method may include a processing system having at least one processor obtaining a first plurality of domain name system traffic records, generating an input aggregate vector from the first plurality of domain name system traffic records, where the input aggregate vector comprises a plurality of features derived from the first plurality of domain name system traffic records, and applying an encoder-decoder neural network to the input aggregate vector to generate a reconstructed vector, where the encoder-decoder neural network is trained with a plurality of aggregate vectors generated from a second plurality of domain name system traffic records. In one example, the processing system may then calculate a distance between the input aggregate vector and the reconstructed vector, and apply at least one remedial action associated with the first plurality of domain name system traffic records when the distance is greater than a threshold distance.Type: ApplicationFiled: October 3, 2018Publication date: April 9, 2020Inventors: Yaron Koral, Rensheng Wang Zhang, Eric Noel, Patrick Velardo, JR., Richard Hellstern, Swapna Buccapatnam Tirumala, Anestis Karasaridis
-
Patent number: 10505977Abstract: A system for diffusing denial-of-service attacks by using virtual machines is disclosed. In particular, the system may receive, from a measurement probe, a network transaction measurement associated with a first node in a network. Based on the network transaction measurement, the system may determine if the network transaction measurement satisfies a threshold measurement value. If the network transaction measurement satisfies the threshold measurement value, the system may determine that an attack is occurring at the first node in the network. The system may then identify one or more nodes that have capacity for handling traffic intended for the first node. Once the one or more nodes are identified, the system may launch virtual machines at the one or more nodes to handle legitimate traffic intended for the first node.Type: GrantFiled: November 9, 2017Date of Patent: December 10, 2019Assignee: AT&T Intellectual Property I, L.P.Inventor: Anestis Karasaridis
-
Patent number: 10447713Abstract: Concepts and technologies disclosed herein are directed to internet traffic classification via time-frequency analysis. According to one aspect of the concepts and technologies disclosed herein, a security classification scheme can be implemented to identify potentially malicious activities from normal internet traffic. The security classification scheme can exploit the distinctive characteristics of different types of traffic in both frequency domain and time domain to identify four different cases. Due to the separation of different types of traffic, the security classification scheme can lower the false alarm rate and improve network security. The security classification scheme can utilize a recursive discrete Fourier transform (“DFT”) implementation to enhance computational efficiency.Type: GrantFiled: April 26, 2017Date of Patent: October 15, 2019Assignees: AT&T Intellectual Property I, L.P., AT&T Technical Services Company, Inc.Inventors: Rensheng Zhang, Richard Hellstern, Anestis Karasaridis, Patrick Velardo, Jr.
-
Patent number: 10154111Abstract: A method includes receiving at a cache server a content request from a client system, determining that the cache server is overloaded in response to receiving the content request, and in response to determining that the cache server is overloaded, returning to the client system a domain redirection response including a load status of the cache server.Type: GrantFiled: February 16, 2016Date of Patent: December 11, 2018Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.Inventors: Anestis Karasaridis, David A. Hoeflin
-
Publication number: 20180316693Abstract: Concepts and technologies disclosed herein are directed to internet traffic classification via time-frequency analysis. According to one aspect of the concepts and technologies disclosed herein, a security classification scheme can be implemented to identify potentially malicious activities from normal internet traffic. The security classification scheme can exploit the distinctive characteristics of different types of traffic in both frequency domain and time domain to identify four different cases. Due to the separation of different types of traffic, the security classification scheme can lower the false alarm rate and improve network security. The security classification scheme can utilize a recursive discrete Fourier transform (“DFT”) implementation to enhance computational efficiency.Type: ApplicationFiled: April 26, 2017Publication date: November 1, 2018Applicants: AT&T Intellectual Property I, L.P., AT&T Technical Services Company, Inc.Inventors: Rensheng Zhang, Richard Hellstern, Anestis Karasaridis, Patrick Velardo, JR.
-
Publication number: 20180077197Abstract: A system for diffusing denial-of-service attacks by using virtual machines is disclosed. In particular, the system may receive, from a measurement probe, a network transaction measurement associated with a first node in a network. Based on the network transaction measurement, the system may determine if the network transaction measurement satisfies a threshold measurement value. If the network transaction measurement satisfies the threshold measurement value, the system may determine that an attack is occurring at the first node in the network. The system may then identify one or more nodes that have capacity for handling traffic intended for the first node. Once the one or more nodes are identified, the system may launch virtual machines at the one or more nodes to handle legitimate traffic intended for the first node.Type: ApplicationFiled: November 9, 2017Publication date: March 15, 2018Applicant: AT&T Intellectual Property I, L.P.Inventor: Anestis Karasaridis
-
Publication number: 20180048525Abstract: Systems, methods and computer readable media are provided to control anycast traffic using a software defined network controller. Telemetry and event data is gathered from a plurality of service nodes in the network. The telemetry and event data sent by an event broker to an analytic application with a resource conditions at each of the plurality of service nodes is determined based on the telemetry and event data. Traffic routing change recommendations are provided to a software defined network controller based on resource conditions at each of the plurality of service nodes and a set of predetermined policies.Type: ApplicationFiled: August 15, 2016Publication date: February 15, 2018Inventors: Anestis Karasaridis, Douglas M. Nortz, Ashwin Sridharan, Patrick Michael Velardo, JR.
-
Patent number: 9819697Abstract: A system for diffusing denial-of-service attacks by using virtual machines is disclosed. In particular, the system may receive, from a measurement probe, a network transaction measurement associated with a first node in a network. Based on the network transaction measurement, the system may determine if the network transaction measurement satisfies a threshold measurement value. If the network transaction measurement satisfies the threshold measurement value, the system may determine that an attack is occurring at the first node in the network. The system may then identify one or more nodes that have capacity for handling traffic intended for the first node. Once the one or more nodes are identified, the system may launch virtual machines at the one or more nodes to handle legitimate traffic intended for the first node.Type: GrantFiled: October 25, 2016Date of Patent: November 14, 2017Assignee: AT&T Intellectual Property I, L.P.Inventor: Anestis Karasaridis
-
Publication number: 20170041339Abstract: A system for diffusing denial-of-service attacks by using virtual machines is disclosed. In particular, the system may receive, from a measurement probe, a network transaction measurement associated with a first node in a network. Based on the network transaction measurement, the system may determine if the network transaction measurement satisfies a threshold measurement value. If the network transaction measurement satisfies the threshold measurement value, the system may determine that an attack is occurring at the first node in the network. The system may then identify one or more nodes that have capacity for handling traffic intended for the first node. Once the one or more nodes are identified, the system may launch virtual machines at the one or more nodes to handle legitimate traffic intended for the first node.Type: ApplicationFiled: October 25, 2016Publication date: February 9, 2017Applicant: AT&T Intellectual Property I, L.P.Inventor: Anestis Karasaridis
-
Patent number: 9544268Abstract: A system includes an analyzer module, a content request data collection module, and a domain name server. The content request data collection module is configured to receive a content request sent to a tracking address, collect content request information about the content request, and provide the content request information to the analyzer module. The domain name server is configured to receive an address request from a local domain name server for a cache server address, provide a tracking address to the local domain name server, collect address request information about the address request, and provide the address request information to the analyzer module. The analyzer module is configured to receive the address request information and the content request information, and determine properties of clients served by the local domain name server based on the address request information and the content request information.Type: GrantFiled: June 22, 2015Date of Patent: January 10, 2017Assignee: AT&T Intellectual Property I, L.P.Inventors: Vishwa M. Prasad, Anestis Karasaridis
-
Patent number: 9485273Abstract: A system for diffusing denial-of-service attacks by using virtual machines is disclosed. In particular, the system may receive, from a measurement probe, a network transaction measurement associated with a first node in a network. Based on the network transaction measurement, the system may determine if the network transaction measurement satisfies a threshold measurement value. If the network transaction measurement satisfies the threshold measurement value, the system may determine that an attack is occurring at the first node in the network. The system may then identify one or more nodes that have capacity for handling traffic intended for the first node. Once the one or more nodes are identified, the system may launch virtual machines at the one or more nodes to handle legitimate traffic intended for the first node.Type: GrantFiled: December 9, 2014Date of Patent: November 1, 2016Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.Inventor: Anestis Karasaridis
-
Publication number: 20160164997Abstract: A method includes receiving at a cache server a content request from a client system, determining that the cache server is overloaded in response to receiving the content request, and in response to determining that the cache server is overloaded, returning to the client system a domain redirection response including a load status of the cache server.Type: ApplicationFiled: February 16, 2016Publication date: June 9, 2016Applicant: AT&T INTELLECTUAL PROPERTY I, L.P.Inventors: Anestis Karasaridis, David A. Hoeflin
-
Publication number: 20160164911Abstract: A system for diffusing denial-of-service attacks by using virtual machines is disclosed. In particular, the system may receive, from a measurement probe, a network transaction measurement associated with a first node in a network. Based on the network transaction measurement, the system may determine if the network transaction measurement satisfies a threshold measurement value. If the network transaction measurement satisfies the threshold measurement value, the system may determine that an attack is occurring at the first node in the network. The system may then identify one or more nodes that have capacity for handling traffic intended for the first node. Once the one or more nodes are identified, the system may launch virtual machines at the one or more nodes to handle legitimate traffic intended for the first node.Type: ApplicationFiled: December 9, 2014Publication date: June 9, 2016Inventor: Anestis Karasaridis
-
Patent number: 9307044Abstract: A method includes receiving at a cache server a content request from a client system, determining that the cache server is overloaded in response to receiving the content request, and in response to determining that the cache server is overloaded, returning to the client system a domain redirection response including a load status of the cache server.Type: GrantFiled: March 28, 2012Date of Patent: April 5, 2016Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.Inventors: Anestis Karasaridis, David A. Hoeflin
-
Publication number: 20150288652Abstract: A system includes an analyzer module, a content request data collection module, and a domain name server. The content request data collection module is configured to receive a content request sent to a tracking address, collect content request information about the content request, and provide the content request information to the analyzer module. The domain name server is configured to receive an address request from a local domain name server for a cache server address, provide a tracking address to the local domain name server, collect address request information about the address request, and provide the address request information to the analyzer module. The analyzer module is configured to receive the address request information and the content request information, and determine properties of clients served by the local domain name server based on the address request information and the content request information.Type: ApplicationFiled: June 22, 2015Publication date: October 8, 2015Inventors: Vishwa M. Prasad, Anestis Karasaridis
-
Patent number: 9088554Abstract: A system and method for receiving a plurality of values related to providing services on a network, determining at least one constraint value based on the plurality of values, performing a distribution analysis using the plurality of values and the at least one constraint value and outputting a result derived from the distribution analysis.Type: GrantFiled: December 29, 2006Date of Patent: July 21, 2015Assignee: AT&T INTELLECTUAL PROPERTY II, L.P.Inventors: Anestis Karasaridis, David A. Hoeflin
-
Patent number: 9065867Abstract: A system includes an analyzer module, a content request data collection module, and a domain name server. The content request data collection module is configured to receive a content request sent to a tracking address, collect content request information about the content request, and provide the content request information to the analyzer module. The domain name server is configured to receive an address request from a local domain name server for a cache server address, provide a tracking address to the local domain name server, collect address request information about the address request, and provide the address request information to the analyzer module. The analyzer module is configured to receive the address request information and the content request information, and determine properties of clients served by the local domain name server based on the address request information and the content request information.Type: GrantFiled: February 10, 2014Date of Patent: June 23, 2015Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.Inventors: Vishwa M. Prasad, Anestis Karasaridis