Patents by Inventor Manikandan Kenyan
Manikandan Kenyan has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11991268Abstract: A first example network security platform disclosed herein is to store a cryptographic session key from a server, the cryptographic session key associated with an encrypted network traffic flow between the server and a client different from the first network security platform. This disclosed first example network security platform is also to access a query from a second network security platform requesting the cryptographic session key, and generate a response including the cryptographic session key to send to the second network security platform.Type: GrantFiled: July 19, 2021Date of Patent: May 21, 2024Assignee: McAfee, LLCInventors: Manikandan A. Kenyan, Anil Abraham
-
Patent number: 11805097Abstract: A network security platform (NSP) device and interaction method are disclosed. The interaction method provides network packet analysis for secure transmission protocols using ephemeral keys or keys that are negotiated dynamically. The NSP may be part of an Intrusion Protection System, or firewall. The disclosed approach does not use man-in-the-middle proxy. Instead, it includes monitoring connections ends: client and/or server, to intercept the required data or negotiated (or changed) encryption keys. Decrypted data may be sent to an NSP sensor in a secure manner for analysis. Alternatively, intercepted keys used for the encrypt/decrypt operations may be sent to an NSP sensor in a secure manner every time they are changed. The NSP sensor may then use the obtained keys to decrypt traffic prior to providing it to the inspection engines. Embodiments focused on inbound traffic to a web server may coordinate between a web server and an NSP.Type: GrantFiled: December 25, 2020Date of Patent: October 31, 2023Assignee: Skyhigh Security LLCInventors: Manikandan Kenyan, Shelendra Sharma, Anil Abraham
-
Patent number: 11671371Abstract: There is disclosed in one example a method of a work node synchronously load balancing to a multi-node service having an expected maximum of n work nodes, including: provisioning a flow table having m bucket groups, m?1, the bucket groups including n slots each; enumerating a static integer self-identification id0; initializing the flow table with id0 in each slot; performing a discovery iteration, including: discovering a peer device; enumerating a static integer identification idx for the peer device; assigning idx to each slot corresponding to a home position for the peer device; and load balancing slots not assigned to a home position according to a deterministic algorithm; and discovering additional nodes and performing discovery iteration for the additional nodes.Type: GrantFiled: July 29, 2020Date of Patent: June 6, 2023Assignee: Musarubra US LLCInventors: Anil Abraham, Manikandan Kenyan, Ashok Babu Thangamani
-
Publication number: 20220038377Abstract: There is disclosed in one example a method of a work node synchronously load balancing to a multi-node service having an expected maximum of n work nodes, including: provisioning a flow table having m bucket groups, m?1, the bucket groups including n slots each; enumerating a static integer self-identification id0; initializing the flow table with id0 in each slot; performing a discovery iteration, including: discovering a peer device; enumerating a static integer identification idx for the peer device; assigning idx to each slot corresponding to a home position for the peer device; and load balancing slots not assigned to a home position according to a deterministic algorithm; and discovering additional nodes and performing discovery iteration for the additional nodes.Type: ApplicationFiled: July 29, 2020Publication date: February 3, 2022Applicant: McAfee, LLCInventors: Anil Abraham, Manikandan Kenyan, Ashok Babu Thangamani
-
Publication number: 20210351918Abstract: A first example network security platform disclosed herein is to store a cryptographic session key from a server, the cryptographic session key associated with an encrypted network traffic flow between the server and a client different from the first network security platform. This disclosed first example network security platform is also to access a query from a second network security platform requesting the cryptographic session key, and generate a response including the cryptographic session key to send to the second network security platform.Type: ApplicationFiled: July 19, 2021Publication date: November 11, 2021Inventors: Manikandan A. Kenyan, Anil Abraham
-
Patent number: 11070363Abstract: A first example network security platform disclosed herein includes a platform selector to determine a platform selection value based on a first parameter value in a first message from a client and a second parameter value in a second message from a server, the first and second messages associated with establishment of an encrypted network traffic flow between the client and the server. The example first network security platform also includes a key retriever to obtain a cryptographic session key associated with the encrypted network traffic flow from a selected one of a cluster of network security platforms based on the platform selection value, the first network security platform included in the cluster of network security platforms. The example first network security platform further includes a traffic analyzer to analyze network traffic associated with the encrypted network traffic flow based on the cryptographic session key.Type: GrantFiled: December 21, 2018Date of Patent: July 20, 2021Assignee: McAfee, LLCInventors: Manikandan A. Kenyan, Anil Abraham
-
Publication number: 20210119966Abstract: A network security platform (NSP) device and interaction method are disclosed. The interaction method provides network packet analysis for secure transmission protocols using ephemeral keys or keys that are negotiated dynamically. The NSP may be part of an Intrusion Protection System, or firewall. The disclosed approach does not use man-in-the-middle proxy. Instead, it includes monitoring connections ends: client and/or server, to intercept the required data or negotiated (or changed) encryption keys. Decrypted data may be sent to an NSP sensor in a secure manner for analysis. Alternatively, intercepted keys used for the encrypt/decrypt operations may be sent to an NSP sensor in a secure manner every time they are changed. The NSP sensor may then use the obtained keys to decrypt traffic prior to providing it to the inspection engines. Embodiments focused on inbound traffic to a web server may coordinate between a web server and an NSP.Type: ApplicationFiled: December 25, 2020Publication date: April 22, 2021Inventors: Manikandan Kenyan, Shelendra Sharma, Anil Abraham
-
Patent number: 10880268Abstract: A network security platform (NSP) device and interaction method are disclosed. The interaction method provides network packet analysis for secure transmission protocols using ephemeral keys or keys that are negotiated dynamically. The NSP may be part of an Intrusion Protection System, or firewall. The disclosed approach does not use man-in-the-middle proxy. Instead, it includes monitoring connections ends: client and/or server, to intercept the required data or negotiated (or changed) encryption keys. Decrypted data may be sent to an NSP sensor in a secure manner for analysis. Alternatively, intercepted keys used for the encrypt/decrypt operations may be sent to an NSP sensor in a secure manner every time they are changed. The NSP sensor may then use the obtained keys to decrypt traffic prior to providing it to the inspection engines. Embodiments focused on inbound traffic to a web server may coordinate between a web server and an NSP.Type: GrantFiled: April 5, 2018Date of Patent: December 29, 2020Assignee: MCAFEE, LLCInventors: Manikandan Kenyan, Shelendra Sharma, Anil Abraham
-
Patent number: 10778642Abstract: A network security platform (NSP) device and interaction method are disclosed. The interaction method provides network packet analysis for secure transmission protocols using ephemeral keys or keys that are negotiated dynamically. The NSP may be part of an Intrusion Protection System, or firewall. The disclosed approach does not use man-in-the-middle proxy. Instead, it includes monitoring connections ends: client and/or server, to intercept the required data or negotiated (or changed) encryption keys. Decrypted data may be sent to an NSP sensor in a secure manner for analysis. Alternatively, intercepted keys used for the encrypt/decrypt operations may be sent to an NSP sensor in a secure manner every time they are changed. The NSP sensor may then use the obtained keys to decrypt traffic prior to providing it to the inspection engines. Embodiments focused on inbound traffic to a web server may coordinate between a web server and an NSP.Type: GrantFiled: April 5, 2018Date of Patent: September 15, 2020Assignee: MCAFEE, LLCInventors: Manikandan Kenyan, Shelendra Sharma, Anil Abraham
-
Publication number: 20190332771Abstract: A system configured to detect malware is described. The system configured to detect malware including a data collector configured to detect at least a first hypertext transfer object in a chain of a plurality of hypertext transfer objects. The data collector further configured to analyze at least the first hypertext transfer object for one or more events. And, the data collector configured to generate a list of events based on the analysis of at least the first hypertext transfer object.Type: ApplicationFiled: July 10, 2019Publication date: October 31, 2019Inventors: Alexander BURT, Mikola BILOGORSKIY, McEnroe NAVARAJ, Frank JAS, Liang HAN, Yucheng TING, Manikandan KENYAN, Fengmin GONG, Ali GOLSHAN, Shishir SINGH
-
Patent number: 10354072Abstract: A system configured to detect malware is described. The system configured to detect malware including a data collector configured to detect at least a first hypertext transfer object in a chain of a plurality of hypertext transfer objects. The data collector further configured to analyze at least the first hypertext transfer object for one or more events. And, the data collector configured to generate a list of events based on the analysis of at least the first hypertext transfer object.Type: GrantFiled: April 20, 2018Date of Patent: July 16, 2019Assignee: Cyphort Inc.Inventors: Alexander Burt, Mikola Bilogorskiy, McEnroe Navaraj, Frank Jas, Liang Han, Yucheng Ting, Manikandan Kenyan, Fengmin Gong, Ali Golshan, Shishir Singh
-
Publication number: 20190199683Abstract: A network security platform (NSP) device and interaction method are disclosed. The interaction method provides network packet analysis for secure transmission protocols using ephemeral keys or keys that are negotiated dynamically. The NSP may be part of an Intrusion Protection System, or firewall. The disclosed approach does not use man-in-the-middle proxy. Instead, it includes monitoring connections ends: client and/or server, to intercept the required data or negotiated (or changed) encryption keys. Decrypted data may be sent to an NSP sensor in a secure manner for analysis. Alternatively, intercepted keys used for the encrypt/decrypt operations may be sent to an NSP sensor in a secure manner every time they are changed. The NSP sensor may then use the obtained keys to decrypt traffic prior to providing it to the inspection engines. Embodiments focused on inbound traffic to a web server may coordinate between a web server and an NSP.Type: ApplicationFiled: April 5, 2018Publication date: June 27, 2019Inventors: Manikandan Kenyan, Shelendra Sharma, Anil Abraham
-
Publication number: 20190199684Abstract: A network security platform (NSP) device and interaction method are disclosed. The interaction method provides network packet analysis for secure transmission protocols using ephemeral keys or keys that are negotiated dynamically. The NSP may be part of an Intrusion Protection System, or firewall. The disclosed approach does not use man-in-the-middle proxy. Instead, it includes monitoring connections ends: client and/or server, to intercept the required data or negotiated (or changed) encryption keys. Decrypted data may be sent to an NSP sensor in a secure manner for analysis. Alternatively, intercepted keys used for the encrypt/decrypt operations may be sent to an NSP sensor in a secure manner every time they are changed. The NSP sensor may then use the obtained keys to decrypt traffic prior to providing it to the inspection engines. Embodiments focused on inbound traffic to a web server may coordinate between a web server and an NSP.Type: ApplicationFiled: April 5, 2018Publication date: June 27, 2019Inventors: Manikandan Kenyan, Shelendra Sharma, Anil Abraham
-
Publication number: 20180247058Abstract: A system configured to detect malware is described. The system configured to detect malware including a data collector configured to detect at least a first hypertext transfer object in a chain of a plurality of hypertext transfer objects. The data collector further configured to analyze at least the first hypertext transfer object for one or more events. And, the data collector configured to generate a list of events based on the analysis of at least the first hypertext transfer object.Type: ApplicationFiled: April 20, 2018Publication date: August 30, 2018Inventors: Alexander BURT, Mikola BILOGORSKIY, McEnroe NAVARAJ, Frank JAS, Liang HAN, Yucheng TING, Manikandan KENYAN, Fengmin GONG, Ali GOLSHAN, Shishir SINGH
-
Patent number: 9953163Abstract: A system configured to detect malware is described. The system configured to detect malware including a data collector configured to detect at least a first hypertext transfer object in a chain of a plurality of hypertext transfer objects. The data collector further configured to analyze at least the first hypertext transfer object for one or more events. And, the data collector configured to generate a list of events based on the analysis of at least the first hypertext transfer object.Type: GrantFiled: February 20, 2015Date of Patent: April 24, 2018Assignee: Cyphort Inc.Inventors: Alexander Burt, Mikola Bilogorskiy, McEnroe Navaraj, Frank Jas, Liang Han, Yucheng Ting, Manikandan Kenyan, Fengmin Gong, Ali Golshan, Shishir Singh
-
Patent number: 9686293Abstract: Systems and methods for monitoring malware events in a computer networking environment are described. The systems and methods including the steps of identifying suspect objects; transmitting the suspect objects to an inspection service, wherein the inspection service inspects the suspect objects using a plurality of inspection methods to create digital information about the nature of the potential threat posed by the suspect objects; transmitting said digital information to an analytical service operating, wherein the analytical service performs a plurality of analytical algorithms to categorize the suspect objects with one or more scores for each suspect object based on their security threat; transmitting said one or more scores to a correlation facility which aggregates a plurality of scores; and generating an infection verification pack comprising routines which, when run on an end-point machine within the computer networking environment, will mitigate a suspected security threat.Type: GrantFiled: February 23, 2015Date of Patent: June 20, 2017Assignee: Cyphort Inc.Inventors: Ali Golshan, Fengmin Gong, Frank Jas, Nick Bilogorskiy, Neal Vu, Chenghuai Lu, Alexander Burt, Manikandan Kenyan, Yucheng Ting
-
Publication number: 20150242628Abstract: A system configured to detect malware is described. The system configured to detect malware including a data collector configured to detect at least a first hypertext transfer object in a chain of a plurality of hypertext transfer objects. The data collector further configured to analyze at least the first hypertext transfer object for one or more events. And, the data collector configured to generate a list of events based on the analysis of at least the first hypertext transfer object.Type: ApplicationFiled: February 20, 2015Publication date: August 27, 2015Inventors: Alexander Burt, Nick Bilogorskiy, McEnroe Navaraj, Frank Jas, Liang Han, Yucheng Ting, Manikandan Kenyan, Fengmin Gong, Ali Golshan, Shishir Singh
-
Publication number: 20150244732Abstract: Systems and methods for monitoring malware events in a computer networking environment are described.Type: ApplicationFiled: February 23, 2015Publication date: August 27, 2015Inventors: Ali Golshan, Fengmin Gong, Frank Jas, Nick Bilogorskiy, Neal Vu, Chenghuai Lu, Alexander Burt, Manikandan Kenyan, Yucheng Ting