Patents by Inventor Anup K. Ghosh
Anup K. Ghosh has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11916933Abstract: A transparent proxy for malware detection includes a monitor module, a protocol determination module, a challenge generation module, a response determination module, and a data control module. The monitor module examines data originating from an application towards a remote server. The protocol determination module identifies the protocol type used for the data. The challenge generation module produces a challenge for the application based upon the protocol type, sends the challenge to the application, and maintains a state related to the data and the challenge. The response determination module makes a determination if an automatic non-interactive application response is received in response to the challenge from the application. The data control module allows the first data to continue to the remote server when the determination is valid. The data control module reports malware detection and blocks the data to continue to the remote server when the determination is invalid.Type: GrantFiled: May 4, 2022Date of Patent: February 27, 2024Assignee: George Mason Research Foundation, Inc.Inventors: Angelos Stavrou, Sushil Jajodia, Anup K. Ghosh, Rhandi Martin, Charalampos Andrianakis
-
Publication number: 20220278998Abstract: A transparent proxy for malware detection includes a monitor module, a protocol determination module, a challenge generation module, a response determination module, and a data control module. The monitor module examines data originating from an application towards a remote server. The protocol determination module identifies the protocol type used for the data. The challenge generation module produces a challenge for the application based upon the protocol type, sends the challenge to the application, and maintains a state related to the data and the challenge. The response determination module makes a determination if an automatic non-interactive application response is received in response to the challenge from the application. The data control module allows the first data to continue to the remote server when the determination is valid. The data control module reports malware detection and blocks the data to continue to the remote server when the determination is invalid.Type: ApplicationFiled: May 4, 2022Publication date: September 1, 2022Applicant: George Mason Research Foundation, Inc.Inventors: Angelos STAVROU, Sushil JAJODIA, Anup K. GHOSH, Rhandi MARTIN, Charalampos ANDRIANAKIS
-
Patent number: 11330000Abstract: A transparent proxy for malware detection includes a monitor module, a protocol determination module, a challenge generation module, a response determination module, and a data control module. The monitor module examines data originating from an application towards a remote server. The protocol determination module identifies the protocol type used for the data. The challenge generation module produces a challenge for the application based upon the protocol type, sends the challenge to the application, and maintains a state related to the data and the challenge. The response determination module makes a determination if an automatic non-interactive application response is received in response to the challenge from the application. The data control module allows the first data to continue to the remote server when the determination is valid. The data control module reports malware detection and blocks the data to continue to the remote server when the determination is invalid.Type: GrantFiled: March 7, 2019Date of Patent: May 10, 2022Assignee: George Mason Research Foundation, Inc.Inventors: Angelos Stavrou, Sushil Jajodia, Anup K. Ghosh, Rhandi Martin, Charalampos Andrianakis
-
Patent number: 10956184Abstract: An on-demand disposable virtual work system that includes: a virtual machine monitor to host virtual machines, a virtual machine pool manager, a host operating system, a host program permissions list, and a request handler module. The virtual machine pool manager manages virtual machine resources. The host operating system interfaces with a user and virtual machines created with an image of a reference operating system. The host program permissions list may be a black list and/or a white list used to indicate allowable programs. The request handler module allows execution of the program if the program is allowable. If the program is not allowable, the host request handler module: denies program execution and urges a virtual machine specified by the virtual machine pool manager to execute the program. The virtual machine is terminated when the program closes.Type: GrantFiled: October 27, 2017Date of Patent: March 23, 2021Assignee: George Mason Research Foundation, Inc.Inventors: Anup K. Ghosh, Sushil Jajodia, Yih Huang, Jiang Wang
-
Publication number: 20190207961Abstract: A transparent proxy for malware detection includes a monitor module, a protocol determination module, a challenge generation module, a response determination module, and a data control module. The monitor module examines data originating from an application towards a remote server. The protocol determination module identifies the protocol type used for the data. The challenge generation module produces a challenge for the application based upon the protocol type, sends the challenge to the application, and maintains a state related to the data and the challenge. The response determination module makes a determination if an automatic non-interactive application response is received in response to the challenge from the application. The data control module allows the first data to continue to the remote server when the determination is valid. The data control module reports malware detection and blocks the data to continue to the remote server when the determination is invalid.Type: ApplicationFiled: March 7, 2019Publication date: July 4, 2019Applicant: George Mason Research Foundation, Inc.Inventors: Angelos STAVROU, Sushil JAJODIA, Anup K. GHOSH, Rhandi MARTIN, Charalampos ANDRIANAKIS
-
Patent number: 10243975Abstract: A transparent proxy for malware detection includes a monitor module, a protocol determination module, a challenge generation module, a response determination module, and a data control module. The monitor module examines data originating from an application towards a remote server. The protocol determination module identifies the protocol type used for the data. The challenge generation module produces a challenge for the application based upon the protocol type, sends the challenge to the application, and maintains a state related to the data and the challenge. The response determination module makes a determination if an automatic non-interactive application response is received in response to the challenge from the application. The data control module allows the first data to continue to the remote server when the determination is valid. The data control module reports malware detection and blocks the data to continue to the remote server when the determination is invalid.Type: GrantFiled: November 22, 2016Date of Patent: March 26, 2019Assignee: George Mason Research Foundation, Inc.Inventors: Angelos Stavrou, Sushil Jajodia, Anup K. Ghosh, Rhandi Martin, Charalampos Andrianakis
-
Patent number: 10120998Abstract: An embodiment for providing a secure virtual browsing environment includes creating a virtual browsing environment with a virtualized operating system sharing an operating system kernel of a supporting operating system and executing the browser application within the virtual browsing environment. Another embodiment includes receiving a website selection within a browser application, determining if the website selection corresponds to a secure bookmark, and creating a second virtual browsing environment and executing the browser application within the second virtual browsing environment to access the website selection when the website selection corresponds to a website specified as a secure bookmark.Type: GrantFiled: August 29, 2016Date of Patent: November 6, 2018Assignee: George Mason Research Foundation, Inc.Inventors: Anup K. Ghosh, Sushil Jajodia, Yih Huang, Jiang Wang
-
Publication number: 20180046479Abstract: An on-demand disposable virtual work system that includes: a virtual machine monitor to host virtual machines, a virtual machine pool manager, a host operating system, a host program permissions list, and a request handler module. The virtual machine pool manager manages virtual machine resources. The host operating system interfaces with a user and virtual machines created with an image of a reference operating system. The host program permissions list may be a black list and/or a white list used to indicate allowable programs. The request handler module allows execution of the program if the program is allowable. If the program is not allowable, the host request handler module: denies program execution and urges a virtual machine specified by the virtual machine pool manager to execute the program. The virtual machine is terminated when the program closes.Type: ApplicationFiled: October 27, 2017Publication date: February 15, 2018Applicant: George Mason Research Foundation, Inc.Inventors: Anup K. GHOSH, Sushil JAJODIA, Yih HUANG, Jiang WANG
-
Patent number: 9886372Abstract: A method and associated system for automatically correcting an application based on runtime behavior of the application. An incident indicates a performance of the application in which a problem object produces an outcome that had not been expected by a user. An incident flow for the problem object is automatically analyzed. Actual run of the application renders a forward data flow and at least one backward data flow is simulated from an expected outcome of the problem object. The forward data flow and the at least one backward data flow are compared to create a candidate fault list for the problem object. A technical specification that corrects the incident by use of the candidate fault list and a specification of the application is generated.Type: GrantFiled: January 22, 2016Date of Patent: February 6, 2018Assignee: International Business Machines CorporationInventor: Anup K. Ghosh
-
Patent number: 9846588Abstract: An on-demand disposable virtual work system that includes: a virtual machine monitor to host virtual machines, a virtual machine pool manager, a host operating system, a host program permissions list, and a request handler module. The virtual machine pool manager manages virtual machine resources. The host operating system interfaces with a user and virtual machines created with an image of a reference operating system. The host program permissions list may be a black list and/or a white list used to indicate allowable programs. The request handler module allows execution of the program if the program is allowable. If the program is not allowable, the host request handler module: denies program execution and urges a virtual machine specified by the virtual machine pool manager to execute the program. The virtual machine is terminated when the program closes.Type: GrantFiled: September 10, 2014Date of Patent: December 19, 2017Assignee: George Mason Research Foundation, Inc.Inventors: Anup K. Ghosh, Sushil Jajodia, Yih Huang, Jiang Wang
-
Publication number: 20170206348Abstract: An embodiment for providing a secure virtual browsing environment includes creating a virtual browsing environment with a virtualized operating system sharing an operating system kernel of a supporting operating system and executing the browser application within the virtual browsing environment. Another embodiment includes receiving a website selection within a browser application, determining if the website selection corresponds to a secure bookmark, and creating a second virtual browsing environment and executing the browser application within the second virtual browsing environment to access the website selection when the website selection corresponds to a website specified as a secure bookmark.Type: ApplicationFiled: August 29, 2016Publication date: July 20, 2017Applicant: George Mason Research Foundation, Inc.Inventors: Anup K. GHOSH, Sushil JAJODIA, Yih HUANG, Jiang WANG
-
Publication number: 20170201534Abstract: A transparent proxy for malware detection includes a monitor module, a protocol determination module, a challenge generation module, a response determination module, and a data control module. The monitor module examines data originating from an application towards a remote server. The protocol determination module identifies the protocol type used for the data. The challenge generation module produces a challenge for the application based upon the protocol type, sends the challenge to the application, and maintains a state related to the data and the challenge. The response determination module makes a determination if an automatic non-interactive application response is received in response to the challenge from the application. The data control module allows the first data to continue to the remote server when the determination is valid. The data control module reports malware detection and blocks the data to continue to the remote server when the determination is invalid.Type: ApplicationFiled: November 22, 2016Publication date: July 13, 2017Applicant: George Mason Research Foundation, Inc.Inventors: Angelos STAVROU, Sushil JAJODIA, Anup K. GHOSH, Rhandi MARTIN, Charalampos ANDRIANAKIS
-
Patent number: 9531747Abstract: A transparent proxy for malware detection includes a monitor module, a protocol determination module, a challenge generation module, a response determination module, and a data control module. The monitor module examines data originating from an application towards a remote server. The protocol determination module identifies the protocol type used for the data. The challenge generation module produces a challenge for the application based upon the protocol type, sends the challenge to the application, and maintains a state related to the data and the challenge. The response determination module makes a determination if an automatic non-interactive application response is received in response to the challenge from the application. The data control module allows the first data to continue to the remote server when the determination is valid. The data control module reports malware detection and blocks the data to continue to the remote server when the determination is invalid.Type: GrantFiled: September 10, 2014Date of Patent: December 27, 2016Assignee: George Mason Research Foundation, Inc.Inventors: Angelos Stavrou, Sushil Jajodia, Anup K. Ghosh, Rhandi Martin, Charalampos Andrianakis
-
Patent number: 9436822Abstract: An embodiment for providing a secure virtual browsing environment includes creating a virtual browsing environment with a virtualized operating system sharing an operating system kernel of a supporting operating system and executing the browser application within the virtual browsing environment. Another embodiment includes receiving a website selection within a browser application, determining if the website selection corresponds to a secure bookmark, and creating a second virtual browsing environment and executing the browser application within the second virtual browsing environment to access the website selection when the website selection corresponds to a website specified as a secure bookmark.Type: GrantFiled: September 9, 2014Date of Patent: September 6, 2016Assignee: George Mason Research Foundation, Inc.Inventors: Anup K. Ghosh, Sushil Jajodia, Yih Huang, Jiang Wang
-
Publication number: 20160140030Abstract: A method and associated system for automatically correcting an application based on runtime behavior of the application. An incident indicates a performance of the application in which a problem object produces an outcome that had not been expected by a user. An incident flow for the problem object is automatically analyzed. Actual run of the application renders a forward data flow and at least one backward data flow is simulated from an expected outcome of the problem object. The forward data flow and the at least one backward data flow are compared to create a candidate fault list for the problem object. A technical specification that corrects the incident by use of the candidate fault list and a specification of the application is generated.Type: ApplicationFiled: January 22, 2016Publication date: May 19, 2016Inventor: Anup K. GHOSH
-
Patent number: 9342587Abstract: Embodiments of the present invention relate to an approach for reusing information/knowledge. Specifically, embodiments of the present invention provide an approach for retrieving previously stored data to satisfy queries (e.g., jobs/tickets) for solutions to problems while maintaining privacy/security of the data as well as ensuring the quality of the results. In a typical embodiment, a query for a solution to a problem is received and details are extracted therefrom. Using the details, a search is performed on a set of data stored in at least one computer storage device. Based on the search, a set of results will be generated and classified into a set of categories. In any event, the quality of each of the set of results will be assessed based on the usefulness of the set of results.Type: GrantFiled: March 24, 2014Date of Patent: May 17, 2016Assignee: International Business Machines CorporationInventors: Anup K. Ghosh, Sugata Ghosal, Nandakishore Kambhatla, Rose C. Kanjirathinkal, Asidhara Lahiri, Debapriyo Majumdar, Shajith I. Mohamed, Karthik Visweswariah
-
Patent number: 9280406Abstract: A method and associated system for automatically correcting an application based on runtime behavior of the application. An incident indicates a performance of the application in which a problem object produces an outcome that had not been expected by a user or by a ticketing tool. An incident flow for the problem object is automatically analyzed. Actual run of the application renders a forward data flow and at least one backward data flow is simulated from an expected outcome of the problem object. The forward data flow and the backward data flow(s) are compared to create a candidate fault list for the problem object. A technical specification to correct the candidate fault list and a solution to replace the application are subsequently devised.Type: GrantFiled: March 21, 2013Date of Patent: March 8, 2016Assignee: International Business Machines CorporationInventor: Anup K. Ghosh
-
Patent number: 9270697Abstract: A hardware-assisted integrity monitor may include one or more target machines and/or monitor machines. A target machine may include one or more processors, which may include one or more system management modes (SMM). A SMM may include one or more register checking modules, which may be configured to determine one or more current CPU register states. A SMM may include one or more acquiring modules, which may be configured to determine one or more current memory states. A SMM may include one or more network modules, which may be configured to direct one or more communications, for example of one or more current CPU register states and/or current memory states, to a monitor machine. A monitor machine may include one or more network modules and/or analysis modules. An analysis module may be configured to determine memory state differences and/or determine CPU register states differences.Type: GrantFiled: August 22, 2014Date of Patent: February 23, 2016Assignee: George Mason Research Foundation, Inc.Inventors: Anup K. Ghosh, Kun Sun, Jiang Wang, Angelos Stavrou
-
Publication number: 20160019391Abstract: An embodiment for providing a secure virtual browsing environment includes creating a virtual browsing environment with a virtualized operating system sharing an operating system kernel of a supporting operating system and executing the browser application within the virtual browsing environment. Another embodiment includes receiving a website selection within a browser application, determining if the website selection corresponds to a secure bookmark, and creating a second virtual browsing environment and executing the browser application within the second virtual browsing environment to access the website selection when the website selection corresponds to a website specified as a secure bookmark.Type: ApplicationFiled: September 9, 2014Publication date: January 21, 2016Applicant: GEORGE MASON RESEARCH FOUNDATION, INC.Inventors: Anup K. GHOSH, Sushil Jajodia, Yih HUANG, Jiang WANG
-
Publication number: 20150264059Abstract: A transparent proxy for malware detection includes a monitor module, a protocol determination module, a challenge generation module, a response determination module, and a data control module. The monitor module examines data originating from an application towards a remote server. The protocol determination module identifies the protocol type used for the data. The challenge generation module produces a challenge for the application based upon the protocol type, sends the challenge to the application, and maintains a state related to the data and the challenge. The response determination module makes a determination if an automatic non-interactive application response is received in response to the challenge from the application. The data control module allows the first data to continue to the remote server when the determination is valid. The data control module reports malware detection and blocks the data to continue to the remote server when the determination is invalid.Type: ApplicationFiled: September 10, 2014Publication date: September 17, 2015Applicant: George Mason Research Foundation, Inc.Inventors: Angelos STAVROU, Sushil JAJODIA, Anup K. GHOSH, Rhandi MARTIN, Charalampos Andrianakis