Patents by Inventor Sean Hittel
Sean Hittel has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20230353592Abstract: The technology disclosed relates to simulating spread of a malware in cloud applications. In particular, the technology disclosed relates to accessing sharing data for files shared between users via sync and share mechanisms of cloud applications, tracing connections between the users by traversing a directed graph constructed based on the sharing data, and simulating spread of a malware based on the traced connections to simulate user exposure to, infection by, and transmission of the malware. The connections are created as a result of syncing and sharing the files via the sync and share mechanisms. The malware is spread by syncing and sharing of infected ones of the files via the sync and share mechanisms.Type: ApplicationFiled: June 30, 2023Publication date: November 2, 2023Inventors: Sean Hittel, Ravindra K. Balupari
-
Patent number: 11736509Abstract: The technology disclosed relates to simulating spread of a malware in cloud applications. In particular, the technology disclosed relates to accessing sharing data for files shared between users via sync and share mechanisms of cloud applications, tracing connections between the users by traversing a directed graph constructed based on the sharing data, and simulating spread of a malware based on the traced connections to simulate user exposure to, infection by, and transmission of the malware. The connections are created as a result of syncing and sharing the files via the sync and share mechanisms. The malware is spread by syncing and sharing of infected ones of the files via the sync and share mechanisms.Type: GrantFiled: December 2, 2020Date of Patent: August 22, 2023Assignee: Netskope, Inc.Inventors: Sean Hittel, Ravindra K. Balupari
-
Publication number: 20220166781Abstract: The technology disclosed relates to detecting a ransomware attack on a cloud-based file storage system. The detecting includes collecting metadata on files at they are manipulated, storing the collected metadata as historical metadata, detecting multiple artifacts of the ransomware attack resulting from ransomware manipulation of the files by (i) comparing at least one of the extension, the magic number and the size included in the historical metadata to at least one of the extension, the magic number and the size included in current metadata of the files to identify a volume of changes in the files, and (ii) detecting that the identified volume of changes exceeds a change volume to determine that the ransomware attack is in progress, and identifying a user/machine that manipulated the files and responding to the determination that the ransomware attack is in progress by restricting further manipulation of other files by the identified user/machine.Type: ApplicationFiled: November 29, 2021Publication date: May 26, 2022Applicant: Netskope, Inc.Inventors: Sean HITTEL, Krishna NARAYANASWAMY, Ravindra K. BALUPARI, Ravi ITHAL
-
Publication number: 20220150262Abstract: The technology disclosed relates to detecting a data attack on a file system stored on an independent data store. The detecting includes scanning a list to identify files of the independent data store that have been updated within a timeframe, assembling current metadata for files identified by the scanning, obtaining historical metadata of the files, determining that a malicious activity is in process by analyzing the current metadata of the files and the historical metadata to identify a pattern of changes that exceeds a predetermined change velocity. Further, the detecting includes determining that the malicious activity is in process by analyzing the current metadata of the files and known patterns of malicious metadata to identify a match between the current metadata and the known patterns of malicious metadata, determining a machine/user that initiated the malicious activity, and implementing a response mechanism that restricts file modifications by the determined machine/user.Type: ApplicationFiled: November 15, 2021Publication date: May 12, 2022Applicant: Netskope, Inc.Inventors: Sean HITTEL, Krishna NARAYANASWAMY, Ravindra K. BALUPARI, Ravi ITHAL
-
Patent number: 11190540Abstract: The technology disclosed relates to detecting a data attack on a local file system. The detecting includes scanning a list to identify files of the local file system that have been updated within a timeframe, reading payloads of files identified by the scanning, calculating current content properties from the payload of the files, obtaining historical content properties of the files, determining that a malicious activity is in process by analyzing the current content properties and the historical content properties to identify a pattern of changes that exceeds a predetermined change velocity. Further, the detecting includes determining that the malicious activity is in process by analyzing the current content properties and known patterns of malicious metadata to identify a match between the current metadata and the known patterns of malicious metadata, determining a machine/user that initiated the malicious activity, and implementing a response mechanism that restricts file modifications by the machine/user.Type: GrantFiled: November 4, 2019Date of Patent: November 30, 2021Assignee: Netskope, Inc.Inventors: Sean Hittel, Krishna Narayanaswamy, Ravindra K. Balupari, Ravi Ithal
-
Patent number: 11178172Abstract: The technology disclosed relates to detecting a data attack on a file system stored on an independent data store. The detecting includes scanning a list to identify files of the independent data store that have been updated within a timeframe, assembling current metadata for files identified by the scanning, obtaining historical metadata of the files, determining that a malicious activity is in process by analyzing the current metadata of the files and the historical metadata to identify a pattern of changes that exceeds a predetermined change velocity. Further, the detecting includes determining that the malicious activity is in process by analyzing the current metadata of the files and known patterns of malicious metadata to identify a match between the current metadata and the known patterns of malicious metadata, determining a machine/user that initiated the malicious activity, and implementing a response mechanism that restricts file modifications by the determined machine/user.Type: GrantFiled: November 8, 2019Date of Patent: November 16, 2021Assignee: NETSKOPE, INC.Inventors: Sean Hittel, Krishna Narayanaswamy, Ravindra K. Balupari, Ravi Ithal
-
Publication number: 20210092147Abstract: The technology disclosed relates to simulating spread of a malware in cloud applications. In particular, the technology disclosed relates to accessing sharing data for files shared between users via sync and share mechanisms of cloud applications, tracing connections between the users by traversing a directed graph constructed based on the sharing data, and simulating spread of a malware based on the traced connections to simulate user exposure to, infection by, and transmission of the malware. The connections are created as a result of syncing and sharing the files via the sync and share mechanisms. The malware is spread by syncing and sharing of infected ones of the files via the sync and share mechanisms.Type: ApplicationFiled: December 2, 2020Publication date: March 25, 2021Applicant: Netskope, Inc.Inventors: Sean HITTEL, Ravindra K. BALUPARI
-
Patent number: 10862916Abstract: The technology disclosed simulates and analyzes spread of malware through an organization as a result of sharing files using cloud-based services. This analysis is based on actual user and file sharing characteristics collected on a user-by-user and file-by-file basis. The technology disclosed traces connections among the users by traversing a directed graph constructed from the user-by-user data and the file-by-file data. It then simulates the spread of malware, from an entry point user zero through the organization, via the cloud-based services, using the directed graph to simulate user exposure to, infection by, and transmission of the malware within the organization. It then produces a visualization of the spread from the entry point user zero, to users within a user partition to which the user zero belongs, at varying transmission distances from the user zero.Type: GrantFiled: March 2, 2018Date of Patent: December 8, 2020Assignee: Netskope, Inc.Inventors: Sean Hittel, Ravindra K. Balupari
-
Publication number: 20200128028Abstract: The technology disclosed relates to detecting a data attack on a file system stored on an independent data store. The detecting includes scanning a list to identify files of the independent data store that have been updated within a timeframe, assembling current metadata for files identified by the scanning, obtaining historical metadata of the files, determining that a malicious activity is in process by analyzing the current metadata of the files and the historical metadata to identify a pattern of changes that exceeds a predetermined change velocity. Further, the detecting includes determining that the malicious activity is in process by analyzing the current metadata of the files and known patterns of malicious metadata to identify a match between the current metadata and the known patterns of malicious metadata, determining a machine/user that initiated the malicious activity, and implementing a response mechanism that restricts file modifications by the determined machine/user.Type: ApplicationFiled: November 8, 2019Publication date: April 23, 2020Applicant: Netskope, Inc.Inventors: Sean HITTEL, Krishna NARAYANASWAMY, Ravindra K. BALUPARI, Ravi ITHAL
-
Publication number: 20200128027Abstract: The technology disclosed relates to detecting a data attack on a local file system. The detecting includes scanning a list to identify files of the local file system that have been updated within a timeframe, reading payloads of files identified by the scanning, calculating current content properties from the payload of the files, obtaining historical content properties of the files, determining that a malicious activity is in process by analyzing the current content properties and the historical content properties to identify a pattern of changes that exceeds a predetermined change velocity. Further, the detecting includes determining that the malicious activity is in process by analyzing the current content properties and known patterns of malicious metadata to identify a match between the current metadata and the known patterns of malicious metadata, determining a machine/user that initiated the malicious activity, and implementing a response mechanism that restricts file modifications by the machine/user.Type: ApplicationFiled: November 4, 2019Publication date: April 23, 2020Applicant: Netskope, Inc.Inventors: Sean Hittel, Krishna Narayanaswamy, Ravindra K. Balupari, Ravi ITHAL
-
Patent number: 10476907Abstract: The technology disclosed relates to detecting a data attack on a file system stored on an independent data store. The detecting includes scanning a list to identify files of the independent data store that have been updated within a timeframe, assembling current metadata for files identified by the scanning, obtaining historical metadata of the files, determining that a malicious activity is in process by analyzing the current metadata of the files and the historical metadata to identify a pattern of changes that exceeds a predetermined change velocity. Further, the detecting includes determining that the malicious activity is in process by analyzing the current metadata of the files and known patterns of malicious metadata to identify a match between the current metadata and the known patterns of malicious metadata, determining a machine/user that initiated the malicious activity, and implementing a response mechanism that restricts file modifications by the determined machine/user.Type: GrantFiled: June 20, 2017Date of Patent: November 12, 2019Assignee: Netskope, Inc.Inventors: Sean Hittel, Krishna Narayanaswamy, Ravindra K. Balupari, Ravi Ithal
-
Patent number: 10469525Abstract: The technology disclosed relates to detecting a data attack on a local file system. The detecting includes scanning a list to identify files of the local file system that have been updated within a timeframe, reading payloads of files identified by the scanning, calculating current content properties from the payload of the files, obtaining historical content properties of the files, determining that a malicious activity is in process by analyzing the current content properties and the historical content properties to identify a pattern of changes that exceeds a predetermined change velocity. Further, the detecting includes determining that the malicious activity is in process by analyzing the current content properties and known patterns of malicious metadata to identify a match between the current metadata and the known patterns of malicious metadata, determining a machine/user that initiated the malicious activity, and implementing a response mechanism that restricts file modifications by the machine/user.Type: GrantFiled: June 20, 2017Date of Patent: November 5, 2019Assignee: Netskope, Inc.Inventors: Sean Hittel, Krishna Narayanaswamy, Ravindra K. Balupari, Ravi Ithal
-
Publication number: 20180288087Abstract: The technology disclosed simulates and analyzes spread of malware through an organization as a result of sharing files using cloud-based services. This analysis is based on actual user and file sharing characteristics collected on a user-by-user and file-by-file basis. The technology disclosed traces connections among the users by traversing a directed graph constructed from the user-by-user data and the file-by-file data. It then simulates the spread of malware, from an entry point user zero through the organization, via the cloud-based services, using the directed graph to simulate user exposure to, infection by, and transmission of the malware within the organization. It then produces a visualization of the spread from the entry point user zero, to users within a user partition to which the user zero belongs, at varying transmission distances from the user zero.Type: ApplicationFiled: March 2, 2018Publication date: October 4, 2018Applicant: Netskope, Inc.Inventors: Sean HITTEL, Ravindra K. BALUPARI
-
Publication number: 20180048657Abstract: The technology disclosed relates to detecting a data attack on a file system stored on an independent data store. The detecting includes scanning a list to identify files of the independent data store that have been updated within a timeframe, assembling current metadata for files identified by the scanning, obtaining historical metadata of the files, determining that a malicious activity is in process by analyzing the current metadata of the files and the historical metadata to identify a pattern of changes that exceeds a predetermined change velocity. Further, the detecting includes determining that the malicious activity is in process by analyzing the current metadata of the files and known patterns of malicious metadata to identify a match between the current metadata and the known patterns of malicious metadata, determining a machine/user that initiated the malicious activity, and implementing a response mechanism that restricts file modifications by the determined machine/user.Type: ApplicationFiled: June 20, 2017Publication date: February 15, 2018Applicant: Netskope, Inc.Inventors: Sean HITTEL, Krishna NARAYANASWAMY, Ravindra K. BALUPARI, Ravi ITHAL
-
Publication number: 20180048658Abstract: The technology disclosed relates to detecting a data attack on a local file system. The detecting includes scanning a list to identify files of the local file system that have been updated within a timeframe, reading payloads of files identified by the scanning, calculating current content properties from the payload of the files, obtaining historical content properties of the files, determining that a malicious activity is in process by analyzing the current content properties and the historical content properties to identify a pattern of changes that exceeds a predetermined change velocity. Further, the detecting includes determining that the malicious activity is in process by analyzing the current content properties and known patterns of malicious metadata to identify a match between the current metadata and the known patterns of malicious metadata, determining a machine/user that initiated the malicious activity, and implementing a response mechanism that restricts file modifications by the machine/user.Type: ApplicationFiled: June 20, 2017Publication date: February 15, 2018Applicant: Netskope, Inc.Inventors: Sean Hittel, Krishna Narayanaswamy, Ravindra K. Balupari, Ravi ITHAL
-
Patent number: 9292691Abstract: A computer-implemented method for protecting users from website security risks using templates may include (1) identifying a section of a website, the section being arranged according to a template that defines a layout for the website, (2) identifying a profile for the section that includes an attribute specific to the section, the attribute indicating acceptable content for the section of the website as distinct from acceptable content for the entire website, (3) identifying content placed within the section of the website in accordance with the template that defines the layout for the website, and (4) determining whether the identified content is acceptable by comparing the attribute specified in the profile for the section of the website to an attribute of the content placed within the section of the website. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: March 12, 2014Date of Patent: March 22, 2016Assignee: Symantec CorporationInventor: Sean Hittel