Patents by Inventor Dmitri Rubakha

Dmitri Rubakha has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 11971994
    Abstract: A system for securing electronic devices includes a processor, a storage medium communicatively coupled to the processor, and a monitoring application comprising computer-executable instructions on the medium. The instructions are readable by the processor. The monitoring application is configured to receive an indication that a client has been affected by malware, cause the client to boot from a trusted operating system image, cause a launch of a secured security application on the client from a trusted application image, and analyze a malware status of the client through the secured security application.
    Type: Grant
    Filed: December 30, 2022
    Date of Patent: April 30, 2024
    Assignee: Musarubra US LLC
    Inventors: Dmitri Rubakha, Francisco M. Cuenca-Acuna, Hector R. Juarez, Leandro I. Costantino
  • Publication number: 20240064018
    Abstract: Aspects of the disclosure are directed to point-to-point generation and rotation of security tokens to provide anti-spoof protection in a virtual network stack. Existing public key infrastructure can be leveraged to establish secure connections for control plane purposes. The hosts can run local daemons on machines and can establish secure connections to a control plane as well as to other hosts.
    Type: Application
    Filed: August 16, 2022
    Publication date: February 22, 2024
    Inventors: Dmitri Rubakha, Alejandro Cornejo
  • Patent number: 11848965
    Abstract: Methods and apparatus for secure software defined storage are disclosed. An example apparatus includes memory and a processor to access a read request for data written to a software defined storage location, obtain the requested data from the software defined storage location, perform a classification operation on the requested data to obtain classification data corresponding to the requested data, the classification data to represent whether the requested data includes personally identifiable information, in response to determining that the requested data includes personally identifiable information, apply data loss prevention to the requested data to create response data, determine whether a client requesting the data from the software defined storage location is authorized to access the requested data, and in response to determining that the client requesting data is authorized to access the requested data, transmit the response data to the client.
    Type: Grant
    Filed: April 27, 2021
    Date of Patent: December 19, 2023
    Assignee: MCAFEE, LLC
    Inventors: Dmitri Rubakha, Venkata Ramanan Sambandam, Jonathan King, Igor Polevoy, Andrew V. Holtzmann
  • Publication number: 20230138207
    Abstract: A system for securing electronic devices includes a processor, a storage medium communicatively coupled to the processor, and a monitoring application comprising computer-executable instructions on the medium. The instructions are readable by the processor. The monitoring application is configured to receive an indication that a client has been affected by malware, cause the client to boot from a trusted operating system image, cause a launch of a secured security application on the client from a trusted application image, and analyze a malware status of the client through the secured security application.
    Type: Application
    Filed: December 30, 2022
    Publication date: May 4, 2023
    Inventors: Dmitri Rubakha, Francisco M. Cuenca-Acuna, Hector R. Juarez, Leandro I. Costantino
  • Patent number: 11556652
    Abstract: A system for securing electronic devices includes a processor, a storage medium communicatively coupled to the processor, and a monitoring application comprising computer-executable instructions on the medium. The instructions are readable by the processor. The monitoring application is configured to receive an indication that a client has been affected by malware, cause the client to boot from a trusted operating system image, cause a launch of a secured security application on the client from a trusted application image, and analyze a malware status of the client through the secured security application.
    Type: Grant
    Filed: September 20, 2021
    Date of Patent: January 17, 2023
    Assignee: Musarubra US LLC
    Inventors: Dmitri Rubakha, Francisco M. Cuenca-Acuna, Hector R. Juarez, Leandro I. Costantino
  • Patent number: 11363058
    Abstract: A first storage device or first storage disk including first executable instructions that, when executed, cause a processor to at least: in response to determining a variable associated with a memory page that (1) has been loaded into local memory from a second storage device and (2) has been accessed from the local memory, has a first state, identify the memory page as a modified memory page, the memory page including second executable instructions. The first instructions also cause the processor to, in response to determining the second executable instructions of the modified memory page have been changed since a previous analysis of the modified memory page, perform anti-malware analysis of at least a portion of the modified memory page.
    Type: Grant
    Filed: March 23, 2020
    Date of Patent: June 14, 2022
    Assignee: MCAFEE, LLC
    Inventors: Venkata Ramanan Sambandam, Carl D. Woodward, Dmitri Rubakha, Steven L. Grobman
  • Publication number: 20220075874
    Abstract: A system for securing electronic devices includes a processor, a storage medium communicatively coupled to the processor, and a monitoring application comprising computer-executable instructions on the medium. The instructions are readable by the processor. The monitoring application is configured to receive an indication that a client has been affected by malware, cause the client to boot from a trusted operating system image, cause a launch of a secured security application on the client from a trusted application image, and analyze a malware status of the client through the secured security application.
    Type: Application
    Filed: September 20, 2021
    Publication date: March 10, 2022
    Inventors: Dmitri Rubakha, Francisco M. Cuenca-Acuna, Hector R. Juarez, Leandro I. Costantino
  • Patent number: 11126727
    Abstract: A system for securing electronic devices includes a processor, a storage medium communicatively coupled to the processor, and a monitoring application comprising computer-executable instructions on the medium. The instructions are readable by the processor. The monitoring application is configured to receive an indication that a client has been affected by malware, cause the client to boot from a trusted operating system image, cause a launch of a secured security application on the client from a trusted application image, and analyze a malware status of the client through the secured security application.
    Type: Grant
    Filed: January 24, 2020
    Date of Patent: September 21, 2021
    Assignee: Musarubra US LLC
    Inventors: Dmitri Rubakha, Francisco M. Cuenca-Acuna, Hector R. Juarez, Leandro I. Costantino
  • Publication number: 20210250380
    Abstract: Methods and apparatus for secure software defined storage are disclosed. An example apparatus includes memory and a processor to access a read request for data written to a software defined storage location, obtain the requested data from the software defined storage location, perform a classification operation on the requested data to obtain classification data corresponding to the requested data, the classification data to represent whether the requested data includes personally identifiable information, in response to determining that the requested data includes personally identifiable information, apply data loss prevention to the requested data to create response data, determine whether a client requesting the data from the software defined storage location is authorized to access the requested data, and in response to determining that the client requesting data is authorized to access the requested data, transmit the response data to the client.
    Type: Application
    Filed: April 27, 2021
    Publication date: August 12, 2021
    Inventors: DMITRI RUBAKHA, VENKATA RAMANAN SAMBANDAM, JONATHAN KING, IGOR POLEVOY, ANDREW V. HOLTZMANN
  • Patent number: 11005890
    Abstract: Providing secure software defined storage includes identifying data directed to be stored in a software defined storage location, intercepting the data, performing a security operation on the intercepted data, and transmitting the data to the software defined storage.
    Type: Grant
    Filed: February 22, 2018
    Date of Patent: May 11, 2021
    Assignee: McAfee, LLC
    Inventors: Dmitri Rubakha, Venkata Ramanan Sambandam, Jonathan King, Igor Polevoy, Andrew V. Holtzmann
  • Patent number: 10721273
    Abstract: There is disclosed a computing apparatus, including: a hardware platform; a service mapping requirements table including a plurality of components and having associated therewith a plurality of service requirements; an isolation platform; and a security policy engine configured to: receive a new appliance image for the isolation platform; scan the new appliance image and build a bill of materials (BoM) for the new container image, the BoM including a plurality of components; search the service mapping requirements table for the plurality of components and identify service requirements for the components; and generate a security policy for the new appliance image.
    Type: Grant
    Filed: October 24, 2017
    Date of Patent: July 21, 2020
    Assignee: McAfee LLC
    Inventor: Dmitri Rubakha
  • Publication number: 20200228545
    Abstract: A first storage device or first storage disk including first executable instructions that, when executed, cause a processor to at least: in response to determining a variable associated with a memory page that (1) has been loaded into local memory from a second storage device and (2) has been accessed from the local memory, has a first state, identify the memory page as a modified memory page, the memory page including second executable instructions. The first instructions also cause the processor to, in response to determining the second executable instructions of the modified memory page have been changed since a previous analysis of the modified memory page, perform anti-malware analysis of at least a portion of the modified memory page.
    Type: Application
    Filed: March 23, 2020
    Publication date: July 16, 2020
    Inventors: Venkata Ramanan Sambandam, Carl D. Woodward, Dmitri Rubakha, Steven L. Grobman
  • Publication number: 20200159932
    Abstract: A system for securing electronic devices includes a processor, a storage medium communicatively coupled to the processor, and a monitoring application comprising computer-executable instructions on the medium. The instructions are readable by the processor. The monitoring application is configured to receive an indication that a client has been affected by malware, cause the client to boot from a trusted operating system image, cause a launch of a secured security application on the client from a trusted application image, and analyze a malware status of the client through the secured security application.
    Type: Application
    Filed: January 24, 2020
    Publication date: May 21, 2020
    Inventors: Dmitri Rubakha, Francisco M. Cuenca-Acuna, Hector R. Juarez, Leandro I. Costantino
  • Patent number: 10623438
    Abstract: A technique for detecting malware uses hardware capabilities of the processing element of a programmable device to detect modification of executable code during execution. By monitoring a dirty bit in page tables, pages that have been modified can be detected, allowing analysis of those pages during execution. An indication may then be passed to an anti-malware software to analyze the executable further.
    Type: Grant
    Filed: December 28, 2016
    Date of Patent: April 14, 2020
    Assignee: McAfee, LLC
    Inventors: Venkata Ramanan Sambandam, Carl D. Woodward, Dmitri Rubakha, Steven L. Grobman
  • Patent number: 10546131
    Abstract: A system for securing electronic devices includes a processor, a storage medium communicatively coupled to the processor, and a monitoring application comprising computer-executable instructions on the medium. The instructions are readable by the processor. The monitoring application is configured to receive an indication that a client has been affected by malware, cause the client to boot from a trusted operating system image, cause a launch of a secured security application on the client from a trusted application image, and analyze a malware status of the client through the secured security application.
    Type: Grant
    Filed: April 1, 2016
    Date of Patent: January 28, 2020
    Assignee: McAfee, LLC
    Inventors: Dmitri Rubakha, Francisco M. Cuenca-Acuna, Hector R. Juarez, Leandro I. Costantino
  • Patent number: 10129227
    Abstract: Data aggregation includes receiving, from an electronic device, a plurality of sensor data packets, wherein the plurality of sensor data packets are received from at least one sensor of the electronic device, and wherein each of the plurality of sensor data packets comprise a tag identifying a classification of the sensor data in the sensor data packet, applying a user-specific policy to the plurality of sensor data packets, aggregating the plurality of sensor data packets based on the user-specific policy to obtain aggregated sensor data, and transmitting the aggregated sensor data to a service broker.
    Type: Grant
    Filed: December 23, 2015
    Date of Patent: November 13, 2018
    Assignee: MCAFEE, LLC
    Inventors: Ratinder Ahuja, Dmitri Rubakha, Philip B. Tricca, Samir Shah
  • Publication number: 20180288099
    Abstract: Providing secure software defined storage includes identifying data directed to be stored in a software defined storage location, intercepting the data, performing a security operation on the intercepted data, and transmitting the data to the software defined storage.
    Type: Application
    Filed: February 22, 2018
    Publication date: October 4, 2018
    Inventors: DMITRI RUBAKHA, VENKATA RAMANAN SAMBANDAM, JONATHAN KING, IGOR POLEVOY, ANDREW V. HOLTZMANN
  • Publication number: 20180288052
    Abstract: Techniques related to trusted remote configuration and operation using multiple devices are disclosed. The techniques include a machine-readable medium, on which are stored instructions, comprising instructions that when executed cause a target device to receive, from a connecting device, a capabilities request, measure, in response to the capabilities request, the trusted capabilities of the target device, generate a list of trusted capabilities, transmit, to the connecting device, the list of trusted capabilities, receive, from the connecting device, an access request for a trusted capability, the access request describing a workload for the trusted capability, perform the workload to obtain a result, and transmit, to the connecting device, the obtained result.
    Type: Application
    Filed: March 31, 2017
    Publication date: October 4, 2018
    Inventors: VENKATA RAMANAN SAMBANDAM, CARL D. WOODWARD, DMITRI RUBAKHA
  • Publication number: 20180183814
    Abstract: A technique for detecting malware uses hardware capabilities of the processing element of a programmable device to detect modification of executable code during execution. By monitoring a dirty bit in page tables, pages that have been modified can be detected, allowing analysis of those pages during execution. An indication may then be passed to an anti-malware software to analyze the executable further.
    Type: Application
    Filed: December 28, 2016
    Publication date: June 28, 2018
    Inventors: Venkata Ramanan Sambandam, Carl D. Woodward, Dmitri Rubakha, Steven L. Grobman
  • Patent number: 9996690
    Abstract: In an example, a computing device includes a trusted execution environment (TEE), including an enclave. The enclave may include both a binary translation engine (BTE) and an input verification engine (IVE). In one embodiment, the IVE receives a trusted binary as an input, and analyzes the trusted binary to identify functions, classes, and variables that perform input/output operations. To ensure the security of these interfaces, those operations may be performed within the enclave. The IVE tags the trusted binary and provides the binary to the BTE. The BTE then translates the trusted binary into a second format, including designating the tagged portion for execution within the enclave. The BTE may also sign the new binary in the second format and export it out of the enclave.
    Type: Grant
    Filed: December 27, 2014
    Date of Patent: June 12, 2018
    Assignee: McAfee, LLC
    Inventors: Ned M. Smith, Dmitri Rubakha, Samir Shah, Jason Martin, Micah J. Sheller, Somnath Chakrabarti, Bin Xing