Patents by Inventor Satyendra Yadav
Satyendra Yadav has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10771484Abstract: Intrusion preludes may be detected (including detection using fabricated responses to blocked network requests), and particular sources of network communications may be singled out for greater scrutiny, by performing intrusion analysis on packets blocked by a firewall. An integrated intrusion detection system uses an end-node firewall that is dynamically controlled using invoked-application information and a network policy. The system may use various alert levels to trigger heightened monitoring states, alerts sent to a security operation center, and/or logging of network activity for later forensic analysis. The system may monitor network traffic to block traffic that violates the network policy, monitor blocked traffic to detect an intrusion prelude, and monitor traffic from a potential intruder when an intrusion prelude is detected.Type: GrantFiled: May 17, 2018Date of Patent: September 8, 2020Assignee: Intel CorporationInventor: Satyendra Yadav
-
Publication number: 20190124095Abstract: Intrusion preludes may be detected (including detection using fabricated responses to blocked network requests), and particular sources of network communications may be singled out for greater scrutiny, by performing intrusion analysis on packets blocked by a firewall. An integrated intrusion detection system uses an end-node firewall that is dynamically controlled using invoked-application information and a network policy. The system may use various alert levels to trigger heightened monitoring states, alerts sent to a security operation center, and/or logging of network activity for later forensic analysis. The system may monitor network traffic to block traffic that violates the network policy, monitor blocked traffic to detect an intrusion prelude, and monitor traffic from a potential intruder when an intrusion prelude is detected.Type: ApplicationFiled: May 17, 2018Publication date: April 25, 2019Inventor: Satyendra Yadav
-
Patent number: 10110632Abstract: Methods, machines, and systems manage security policies of heterogeneous infrastructure and computing devices of a network. Security policy repository houses security policies that are pushed over the network by a policy decision point PDP to appropriate security-enabled devices (policy enforcement points (PEPs)) for enforcement. Using a closed feedback loop, a policy feedback point (PFP) collects and processes data from intrusions, alerts, violations, and other abnormal behaviors from a variety of PEPs or logs produced from PEPs. This data is sent as feedback to the policy repository. The PDP detects the data and analyzes it to determine if policy updates (which can be dynamic and automatic) need to be adaptively made and dynamically pushed to PEPs. The PDP can also send console messages or alerts to consoles or administrators.Type: GrantFiled: March 31, 2003Date of Patent: October 23, 2018Assignee: Intel CorporationInventors: Hong C. Li, Ravi Sahita, Satyendra Yadav
-
Patent number: 10044738Abstract: Intrusion preludes may be detected (including detection using fabricated responses to blocked network requests), and particular sources of network communications may be singled out for greater scrutiny, by performing intrusion analysis on packets blocked by a firewall. An integrated intrusion detection system uses an end-node firewall that is dynamically controlled using invoked-application information and a network policy. The system may use various alert levels to trigger heightened monitoring states, alerts sent to a security operation center, and/or logging of network activity for later forensic analysis. The system may monitor network traffic to block traffic that violates the network policy, monitor blocked traffic to detect an intrusion prelude, and monitor traffic from a potential intruder when an intrusion prelude is detected.Type: GrantFiled: September 22, 2015Date of Patent: August 7, 2018Assignee: Intel CorporationInventor: Satyendra Yadav
-
Publication number: 20160088002Abstract: Intrusion preludes may be detected (including detection using fabricated responses to blocked network requests), and particular sources of network communications may be singled out for greater scrutiny, by performing intrusion analysis on packets blocked by a firewall. An integrated intrusion detection system uses an end-node firewall that is dynamically controlled using invoked-application information and a network policy. The system may use various alert levels to trigger heightened monitoring states, alerts sent to a security operation center, and/or logging of network activity for later forensic analysis. The system may monitor network traffic to block traffic that violates the network policy, monitor blocked traffic to detect an intrusion prelude, and monitor traffic from a potential intruder when an intrusion prelude is detected.Type: ApplicationFiled: September 22, 2015Publication date: March 24, 2016Inventor: Satyendra Yadav
-
Patent number: 9143525Abstract: Intrusion preludes may be detected (including detection using fabricated responses to blocked network requests), and particular sources of network communications may be singled out for greater scrutiny, by performing intrusion analysis on packets blocked by a firewall. An integrated intrusion detection system uses an end-node firewall that is dynamically controlled using invoked-application information and a network policy. The system may use various alert levels to trigger heightened monitoring states, alerts sent to a security operation center, and/or logging of network activity for later forensic analysis. The system may monitor network traffic to block traffic that violates the network policy, monitor blocked traffic to detect an intrusion prelude, and monitor traffic from a potential intruder when an intrusion prelude is detected.Type: GrantFiled: June 10, 2014Date of Patent: September 22, 2015Assignee: Intel CorporationInventor: Satyendra Yadav
-
Publication number: 20150058914Abstract: Intrusion preludes may be detected (including detection using fabricated responses to blocked network requests), and particular sources of network communications may be singled out for greater scrutiny, by performing intrusion analysis on packets blocked by a firewall. An integrated intrusion detection system uses an end-node firewall that is dynamically controlled using invoked-application information and a network policy. The system may use various alert levels to trigger heightened monitoring states, alerts sent to a security operation center, and/or logging of network activity for later forensic analysis. The system may monitor network traffic to block traffic that violates the network policy, monitor blocked traffic to detect an intrusion prelude, and monitor traffic from a potential intruder when an intrusion prelude is detected.Type: ApplicationFiled: June 10, 2014Publication date: February 26, 2015Inventor: Satyendra Yadav
-
Patent number: 8752173Abstract: Intrusion preludes may be detected (including detection using fabricated responses to blocked network requests), and particular sources of network communications may be singled out for greater scrutiny, by performing intrusion analysis on packets blocked by a firewall. An integrated intrusion detection system uses an end-node firewall that is dynamically controlled using invoked-application information and a network policy. The system may use various alert levels to trigger heightened monitoring states, alerts sent to a security operation center, and/or logging of network activity for later forensic analysis. The system may monitor network traffic to block traffic that violates the network policy, monitor blocked traffic to detect an intrusion prelude, and monitor traffic from a potential intruder when an intrusion prelude is detected.Type: GrantFiled: December 29, 2009Date of Patent: June 10, 2014Assignee: Intel CorporationInventor: Satyendra Yadav
-
Patent number: 7805502Abstract: Automatically finding and using network services. An extensible framework is defined which allows any network service, new or old, to be defined. A base schema is defined that defines existing network services, and extension schemes may also be defined which are specific to new network services. A vendor can define the schemas in XML, as well as using software plug-ins and configuration data. The information is stored on a network provider's server. Clients can browse the network providers server for available services. Any available services can be accepted. When this happens, a form is provided to the client; the client fills out the form; and returns it. The information on the form is associated with the XML schemas and used to select and automatically configure the network service.Type: GrantFiled: October 27, 2006Date of Patent: September 28, 2010Assignee: Intel CorporationInventors: Linda S. Cline, Satyendra Yadav
-
Patent number: 7769868Abstract: A method and system are disclosed. The method includes receiving a first request from a user at a dispatcher that corresponds to a first transaction. The method further includes creating at the dispatcher a unique identifier that is associated with the user. The unique identifier is based on data that is received from the user. A server is then assigned to the first request by adding an entry to a mapping table that is maintained by the dispatcher. The unique identifier is then associated with the assigned server.Type: GrantFiled: March 29, 2006Date of Patent: August 3, 2010Assignee: Intel CorporationInventors: Manav Mishra, Satyendra Yadav
-
Publication number: 20100122317Abstract: Intrusion preludes may be detected (including detection using fabricated responses to blocked network requests), and particular sources of network communications may be singled out for greater scrutiny, by performing intrusion analysis on packets blocked by a firewall. An integrated intrusion detection system uses an end-node firewall that is dynamically controlled using invoked-application information and a network policy. The system may use various alert levels to trigger heightened monitoring states, alerts sent to a security operation center, and/or logging of network activity for later forensic analysis. The system may monitor network traffic to block traffic that violates the network policy, monitor blocked traffic to detect an intrusion prelude, and monitor traffic from a potential intruder when an intrusion prelude is detected.Type: ApplicationFiled: December 29, 2009Publication date: May 13, 2010Inventor: Satyendra Yadav
-
Patent number: 7448067Abstract: The invention is a system and method for applying a uniform network security policy. The security policy is described using a computer-readable file. The computer-readable file may be filtered and/or translated into other files that may be used as inputs to security devices. An example of one such security device is a remote system security controller, which is responsible for ensuring that remote devices outside the corporate network enforce the corporate security policy. In addition, the system is capable of updating the security policy of all network components based on feedback received from one or more devices.Type: GrantFiled: September 30, 2002Date of Patent: November 4, 2008Assignee: Intel CorporationInventor: Satyendra Yadav
-
Patent number: 7366186Abstract: An apparatus comprises a forwarding component configured to forward data by looking up a routing table, another forwarding component configured to receive the data, and an intermediate forwarding component bridging the two components to forward the data without looking up the routing table.Type: GrantFiled: June 30, 2000Date of Patent: April 29, 2008Assignee: Intel CorporationInventors: Anand Rangarajan, Sanjay Bakshi, Satyendra Yadav
-
Patent number: 7343488Abstract: The invention is a system to secure data. The data security system includes data, a data security system enforcer, a local policy database, and a centralized policy manager. When a block level file access request is received, the data security system enforcer checks the local policy database to see if the file access request is authorized. If the file access request is authorized, then the file access request is performed. Intrusions may be determined based on the type and number of unauthorized file access requests. Forensic analysis may be performed on a database logging file access requests (both authorized and unauthorized).Type: GrantFiled: September 30, 2002Date of Patent: March 11, 2008Assignee: Intel CorporationInventor: Satyendra Yadav
-
Patent number: 7336923Abstract: A method, apparatus and system for extending wireless network coverage is generally presented. In this regard, an extender agent is introduced to determine whether a wireless communication(s) was intended for a client(s) on an extended coverage network serviced by a client receiving the communication.Type: GrantFiled: December 3, 2003Date of Patent: February 26, 2008Assignee: Intel CorporationInventor: Satyendra Yadav
-
Patent number: 7290059Abstract: A server hosting system including a server cluster and a plurality of dispatchers, the plurality of dispatchers providing multiple points of entry into the server cluster. The server cluster and plurality of dispatchers are interconnected by a network, such as a system area network. Each of the dispatchers maintains a local dispatch table, and the local dispatch tables of the plurality of dispatchers, respectively, share data over the network.Type: GrantFiled: August 13, 2001Date of Patent: October 30, 2007Assignee: Intel CorporationInventor: Satyendra Yadav
-
Publication number: 20070209070Abstract: Intrusion preludes may be detected (including detection using fabricated responses to blocked network requests), and particular sources of network communications may be singled out for greater scrutiny, by performing intrusion analysis on packets blocked by a firewall. An integrated intrusion detection system uses an end-node firewall that is dynamically controlled using invoked-application information and a network policy. The system may use various alert levels to trigger heightened monitoring states, alerts sent to a security operation center, and/or logging of network activity for later forensic analysis. The system may monitor network traffic to block traffic that violates the network policy, monitor blocked traffic to detect an intrusion prelude, and monitor traffic from a potential intruder when an intrusion prelude is detected.Type: ApplicationFiled: February 5, 2007Publication date: September 6, 2007Inventor: Satyendra Yadav
-
Publication number: 20070043631Abstract: Automatically finding and using network services. An extensible framework is defined which allows any network service, new or old, to be defined. A base schema is defined that defines existing network services, and extension schemes may also be defined which are specific to new network services. A vendor can define the schemas in XML, as well as using software plug-ins and configuration data. The information is stored on a network provider's server. Clients can browse the network providers server for available services. Any available services can be accepted. When this happens, a form is provided to the client; the client fills out the form; and returns it. The information on the form is associated with the XML schemas and used to select and automatically configure the network service.Type: ApplicationFiled: October 27, 2006Publication date: February 22, 2007Inventors: Linda Cline, Satyendra Yadav
-
Patent number: 7174566Abstract: Intrusion preludes may be detected (including detection using fabricated responses to blocked network requests), and particular sources of network communications may be singled out for greater scrutiny, by performing intrusion analysis on packets blocked by a firewall. An integrated intrusion detection system uses an end-node firewall that is dynamically controlled using invoked-application information and a network policy. The system may use various alert levels to trigger heightened monitoring states, alerts sent to a security operation center, and/or logging of network activity for later forensic analysis. The system may monitor network traffic to block traffic that violates the network policy, monitor blocked traffic to detect an intrusion prelude, and monitor traffic from a potential intruder when an intrusion prelude is detected.Type: GrantFiled: February 1, 2002Date of Patent: February 6, 2007Assignee: Intel CorporationInventor: Satyendra Yadav
-
Patent number: 7139792Abstract: In one aspect of the invention is a method for locking in all client requests having the same session I.D. to the same server to facilitate secure e-commerce transactions. A client's session I.D. is mapped to an SSL context between a dispatcher and a server such that all subsequent client requests having the same session I.D. are forwarded to the same server.Type: GrantFiled: September 29, 2000Date of Patent: November 21, 2006Assignee: Intel CorporationInventors: Manav Mishra, Satyendra Yadav