Patents by Inventor Srikant Vissamsetti
Srikant Vissamsetti has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10542044Abstract: A system reports credentials on nodes of a network. Nodes are assigned to security silos. If a credential reported from a node is found to match a credential found on a node outside of its security silo or be for authentication with a node outside the its security an alert is generated, unless proper precautions are generated. Credentials may be reported as one-way hashes of credentials. Security silos may be automatically generated to segregate at-risk nodes from critical servers based on the presence or use of email clients and browsers. Precautions that may be used to suppress alerts, such as using KERBEROS TGT.Type: GrantFiled: April 29, 2016Date of Patent: January 21, 2020Assignee: ATTIVO NETWORKS INC.Inventors: Venu Vissamsetty, Srikant Vissamsetti, Nitin Jyoti, Harinath Vishwanath Ramchetty
-
Patent number: 10476891Abstract: A system includes one or more “BotMagnet” modules that are exposed to infection by malicious code. The BotMagnets may include one or more virtual machines hosing operating systems in which malicious code may be installed and executed without exposing sensitive data or other parts of a network. In particular, outbound traffic may be transmitted to a Sinkhole module that implements a service requested by the outbound traffic and transmits responses to the malicious code executing within the BotMagnet. Dark space in a network (unused IP addresses, unused ports and absent applications, and invalid usernames and passwords) is consumed by a BotSink such that attempts to access Darkspace resources will be directed to the BotSink, which will engage the source host of such attempts.Type: GrantFiled: July 21, 2015Date of Patent: November 12, 2019Assignee: ATTIVO NETWORKS INC.Inventors: Venu Vissamsetty, Srikant Vissamsetti, Shivakumar Buruganahalli
-
Patent number: 10375110Abstract: Endpoints in a computer network create connections to a deception server without sending any payload data. The connections create records of the connection on the endpoints, by which an attacker accesses the deception server. Received packets that include payload data are determined to be unauthorized. The deception server acquires IP addresses in various VLANS and provides these IP addresses to the endpoints over a secure channel. The connections from the endpoints to the deception server are not performed on the secure channel. IP addresses acquired by the deception server are not assigned to an interface. Instead, NAT is used to route packets including the IP addresses to various engagement servers. Each IP address is assigned a unique hostname in order to appear as multiple distinct servers. The deception server further generates broadcast traffic to generate other records that may be used to lure an attacker to the deception server.Type: GrantFiled: May 12, 2016Date of Patent: August 6, 2019Assignee: ATTIVO NETWORKS INC.Inventors: Venu Vissamsetty, Srikant Vissamsetti, Muthukumar Lakshmanan, Harinath Vishwanath Ramchetty, Vinod Kumar A. Porwal
-
Patent number: 9942270Abstract: A system includes one or more “BotMagnet” modules that are exposed to infection by malicious code. The BotMagnets may include one or more virtual machines hosing operating systems in which malicious code may be installed and executed without exposing sensitive data or other parts of a network. In particular, outbound traffic may be transmitted to a Sinkhole module that implements a service requested by the outbound traffic and transmits responses to the malicious code executing within the BotMagnet. Credentials for services implemented by a BotSink may be planted in an active directory (AD) server. The BotSink periodically uses the credentials thereby creating log entries indicating use thereof. In response to an attacker accessing the services using the credentials, the BotSink engages and monitors an attacker system and may generate an alert.Type: GrantFiled: December 10, 2015Date of Patent: April 10, 2018Assignee: ATTIVO NETWORKS INC.Inventors: Venu Vissamsetty, Satya Das, Srikant Vissamsetti
-
Publication number: 20170331856Abstract: Endpoints in a computer network create connections to a deception server without sending any payload data. The connections create records of the connection on the endpoints, by which an attacker accesses the deception server. Received packets that include payload data are determined to be unauthorized. The deception server acquires IP addresses in various VLANS and provides these IP addresses to the endpoints over a secure channel. The connections from the endpoints to the deception server are not performed on the secure channel. IP addresses acquired by the deception server are not assigned to an interface. Instead, NAT is used to route packets including the IP addresses to various engagement servers. Each IP address is assigned a unique hostname in order to appear as multiple distinct servers. The deception server further generates broadcast traffic to generate other records that may be used to lure an attacker to the deception server.Type: ApplicationFiled: May 12, 2016Publication date: November 16, 2017Inventors: Venu Vissamsetty, Srikant Vissamsetti, Muthukumar Lakshmanan, Harinath Vishwanath Ramchetty, Vinod Kumar A. Porwal
-
Publication number: 20170318054Abstract: A system reports credentials on nodes of a network. Nodes are assigned to security silos. If a credential reported from a node is found to match a credential found on a node outside of its security silo or be for authentication with a node outside the its security an alert is generated, unless proper precautions are generated. Credentials may be reported as one-way hashes of credentials. Security silos may be automatically generated to segregate at-risk nodes from critical servers based on the presence or use of email clients and browsers. Precautions that may be used to suppress alerts, such as using KERBEROS TGT.Type: ApplicationFiled: April 29, 2016Publication date: November 2, 2017Inventors: Venu Vissamsetty, Srikant Vissamsetti, Nitin Jyoti, Harinath Vishwanath Ramchetty
-
Publication number: 20170171244Abstract: A system includes one or more “BotMagnet” modules that are exposed to infection by malicious code. The BotMagnets may include one or more virtual machines hosing operating systems in which malicious code may be installed and executed without exposing sensitive data or other parts of a network. In particular, outbound traffic may be transmitted to a Sinkhole module that implements a service requested by the outbound traffic and transmits responses to the malicious code executing within the BotMagnet. Credentials for services implemented by a BotSink may be planted in an active directory (AD) server. The BotSink periodically uses the credentials thereby creating log entries indicating use thereof. In response to an attacker accessing the services using the credentials, the BotSink engages and monitors an attacker system and may generate an alert.Type: ApplicationFiled: December 10, 2015Publication date: June 15, 2017Inventors: Venu Vissamsetty, Satya Das, Srikant Vissamsetti
-
Publication number: 20170134957Abstract: A method is provided in one example embodiment and includes receiving information for network traffic in a wireless network; correlating the information with a subscriber of a plurality of subscribers; and generating a behavior profile for the subscriber based on the information over a period of time.Type: ApplicationFiled: November 9, 2015Publication date: May 11, 2017Applicant: MCAFEE, INC.Inventors: Bikram Kumar Gupta, Sudarshan Swamy, Srikant Vissamsetti
-
Publication number: 20170026387Abstract: A system includes one or more “BotMagnet” modules that are exposed to infection by malicious code. The BotMagnets may include one or more virtual machines hosing operating systems in which malicious code may be installed and executed without exposing sensitive data or other parts of a network. In particular, outbound traffic may be transmitted to a Sinkhole module that implements a service requested by the outbound traffic and transmits responses to the malicious code executing within the BotMagnet. Dark space in a network (unused IP addresses, unused ports and absent applications, and invalid usernames and passwords) is consumed by a BotSink such that attempts to access Darkspace resources will be directed to the BotSink, which will engage the source host of such attempts.Type: ApplicationFiled: July 21, 2015Publication date: January 26, 2017Inventors: Venu Vissamsetty, Srikant Vissamsetti, Shivakumar Buruganahalli
-
Patent number: 9185093Abstract: A method is provided in one example embodiment and includes receiving information for network traffic in a wireless network; correlating the information with a subscriber of a plurality of subscribers; and generating a behavior profile for the subscriber based on the information over a period of time.Type: GrantFiled: December 31, 2012Date of Patent: November 10, 2015Assignee: McAfee, Inc.Inventors: Bikram Kumar Gupta, Sudarshan Swamy, Srikant Vissamsetti
-
Publication number: 20140189861Abstract: A method is provided in one example embodiment and includes receiving information for network traffic in a wireless network; correlating the information with a subscriber of a plurality of subscribers; and generating a behavior profile for the subscriber based on the information over a period of time.Type: ApplicationFiled: December 31, 2012Publication date: July 3, 2014Inventors: Bikram Kumar Gupta, Sudarshan Swamy, Srikant Vissamsetti
-
Patent number: 8640237Abstract: A system, method and computer program product are provided including a router and a security sub-system coupled to the router. Such security sub-system includes a plurality of virtual firewalls, a plurality of virtual intrusion prevention systems (IPSs), and a plurality of virtual virus scanners. Further, each of the virtual firewalls, IPSs, and virus scanners is assigned to at least one of a plurality of user and is configured in a user-specific.Type: GrantFiled: August 8, 2011Date of Patent: January 28, 2014Assignee: McAfee, Inc.Inventors: Steven M. Haeffele, Ramesh M. Gupta, Ananth Raman, Srikant Vissamsetti
-
Patent number: 8555389Abstract: A system, method and computer program product are provided including a router and a security sub-system coupled to the router. Such security sub-system includes a plurality of virtual firewalls, a plurality of virtual intrusion prevention systems (IPSs), and a plurality of virtual virus scanners. Further, each of the virtual firewalls, IPSs, and virus scanners is assigned to at least one of a plurality of user and is configured in a user-specific.Type: GrantFiled: August 8, 2011Date of Patent: October 8, 2013Assignee: McAfee, Inc.Inventors: Steven M. Haeffele, Ramesh M. Gupta, Ananth Raman, Srikant Vissamsetti
-
Publication number: 20110296516Abstract: A system, method and computer program product are provided including a router and a security sub-system coupled to the router. Such security sub-system includes a plurality of virtual firewalls, a plurality of virtual intrusion prevention systems (IPSs), and a plurality of virtual virus scanners. Further, each of the virtual firewalls, IPSs, and virus scanners is assigned to at least one of a plurality of user and is configured in a user-specific.Type: ApplicationFiled: August 8, 2011Publication date: December 1, 2011Inventors: Steven M. Haeffele, Ramesh M. Gupta, Ananth Raman, Srikant Vissamsetti
-
Publication number: 20110296527Abstract: A system, method and computer program product are provided including a router and a security sub-system coupled to the router. Such security sub-system includes a plurality of virtual firewalls, a plurality of virtual intrusion prevention systems (IPSs), and a plurality of virtual virus scanners. Further, each of the virtual firewalls, IPSs, and virus scanners is assigned to at least one of a plurality of user and is configured in a user-specific.Type: ApplicationFiled: August 8, 2011Publication date: December 1, 2011Inventors: Steven M. Haeffele, Ramesh M. Gupta, Ananth Raman, Srikant Vissamsetti
-
Patent number: 8015611Abstract: A system, method and computer program product are provided including a router and a security sub-system coupled to the router. Such security sub-system includes a plurality of virtual firewalls, a plurality of virtual intrusion prevention systems (IPSs), and a plurality of virtual virus scanners. Further, each of the virtual firewalls, IPSs, and virus scanners is assigned to at least one of a plurality of user and is configured in a user-specific.Type: GrantFiled: September 10, 2007Date of Patent: September 6, 2011Assignee: McAfee, Inc.Inventors: Steven M. Haeffele, Ramesh M. Gupta, Ananth Raman, Srikant Vissamsetti
-
Patent number: 7823204Abstract: A method of detecting intrusions on a computer includes the step of identifying an internet protocol field range describing fields within internet protocol packets received by a computer. A connectivity range is also established which describes a distribution of network traffic received by the computer. An internet protocol field threshold and a connectivity threshold are then determined from the internet protocol field range and connectivity range, respectively. During the operation of the computer, values are calculated for the internet protocol field range and connectivity range. These values are compared to the internet protocol metric threshold and connectivity metric threshold so as to identify an intrusion on the computer.Type: GrantFiled: January 13, 2006Date of Patent: October 26, 2010Assignee: McAfee, Inc.Inventors: Ramesh M. Gupta, Parveen K. Jain, Keith E. Amidon, Fengmin Gong, Srikant Vissamsetti, Steve M. Haeffele, Ananth Raman
-
Patent number: 7624444Abstract: A method of detecting intrusions on a computer includes the step of identifying an internet protocol field range describing fields within internet protocol packets received by a computer. A connectivity range is also established which describes a distribution of network traffic received by the computer. An internet protocol field threshold and a connectivity threshold are then determined from the internet protocol field range and connectivity range, respectively. During the operation of the computer, values are calculated for the internet protocol field range and connectivity range. These values are compared to the internet protocol metric threshold and connectivity metric threshold so as to identify an intrusion on the computer.Type: GrantFiled: June 13, 2002Date of Patent: November 24, 2009Assignee: McAfee, Inc.Inventors: Ramesh M. Gupta, Parveen K. Jain, Keith E. Amidon, Fengmin Gong, Srikant Vissamsetti, Steve M. Haeffele, Ananth Raman
-
Patent number: 7610610Abstract: A system, method and computer program product are provided including a router and a security sub-system coupled to the router. Such security sub-system includes a plurality of virtual firewalls, a plurality of virtual intrusion prevention systems (IPSs), and a plurality of virtual virus scanners. Further, each of the virtual firewalls, IPSs, and virus scanners is assigned to at least one of a plurality of user and is configured in a user-specific.Type: GrantFiled: January 10, 2005Date of Patent: October 27, 2009Assignee: McAfee, Inc.Inventors: Steven M. Haeffele, Ramesh M. Gupta, Ananth Raman, Srikant Vissamsetti
-
Patent number: 7409714Abstract: A method of forming a virtual intrusion detection system includes the step of positioning a set of sensors in a network environment, each sensor supporting multiple logical traffic paths. The method also includes the step of providing a set of sensor management systems corresponding to the set of sensors. This set of sensor management systems enforces a set of virtual intrusion detection systems, wherein each virtual intrusion detection system corresponds to a predetermined logical traffic path through the set of sensors, each virtual detection system providing sensor traffic information solely to authorized parties.Type: GrantFiled: June 13, 2002Date of Patent: August 5, 2008Assignee: McAfee, Inc.Inventors: Ramesh M. Gupta, Parveen K. Jain, Keith E. Amidon, Fengmin Gong, Srikant Vissamsetti, Steve M. Haeffele, Ananth Raman