Patents by Inventor Sriranga Seetharamaiah
Sriranga Seetharamaiah has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20220279012Abstract: Methods, apparatus, systems, and articles of manufacture are disclosed to identify and report cloud-based security vulnerabilities. An example apparatus includes memory, instructions, and processor circuitry. The example processor circuitry is to execute the instructions to assess a first security vulnerability associated with an application programming interface (API) of a cloud compute network, the first security vulnerability corresponding to at least one call to the API that deviates from a baseline report, the baseline report based on at least one communication in the cloud compute network, and assess a second security vulnerability associated with identity and access management in the cloud compute network based on an entity in the cloud compute network permitted to access a service provided by the cloud compute network, the second security vulnerability corresponding to an unauthorized request to access at least one of a device of the cloud compute network or the service.Type: ApplicationFiled: May 16, 2022Publication date: September 1, 2022Inventors: Sriranga Seetharamaiah, Cedric Cochin
-
Patent number: 11368479Abstract: Methods, apparatus, systems and articles of manufacture are disclosed to identify and report cloud-based security vulnerabilities. An apparatus comprising: a security vulnerability detector to, in response to a resource monitor monitoring a threshold amount of activity in a resource of a cloud computing environment, determine one or more security vulnerabilities associated with the resource and the cloud computing environment; a vulnerability processor to correlate the one or more security vulnerabilities with one or more kill chains to exploit at least one security vulnerability in the cloud computing environment; and a report generator to generate a report including a story graph indicating a subset of at least one of: (a) the one or more security vulnerabilities associated with the one or more kill chains, (b) one or more remediation actions to obviate the one or more security vulnerabilities, or (c) threat intelligence feeds associated with the one or more security vulnerabilities.Type: GrantFiled: December 27, 2019Date of Patent: June 21, 2022Assignee: Musarubra US LLCInventors: Sriranga Seetharamaiah, Cedric Cochin
-
Patent number: 11290469Abstract: A disclosed apparatus includes a connection detector to detect a communication as including a request to connect to a device at a data link layer of an Open Systems Interconnection model; a threat monitor to determine whether the communication is a threat; and a threat manager to, when the threat monitor determines the communication is a threat, at least one of generate a notification to prompt a user about the threat or block the communication.Type: GrantFiled: June 26, 2019Date of Patent: March 29, 2022Assignee: MCAFEE, LLCInventors: Suresh Gangadharan, Sriranga Seetharamaiah
-
Publication number: 20210226975Abstract: Methods, systems, and media for detecting anomalous network activity are provided. In some embodiments, a method for detecting anomalous network activity is provided, the method comprising: receiving information indicating network activity, wherein the information includes IP addresses corresponding to devices participating in the network activity; generating a graph representing the network activity, wherein each node of the graph indicates an IP address of a device; generating a representation of the graph, wherein the representation of the graph reduces a dimensionality of information indicated in the graph; identifying a plurality of clusters of network activity based on the representation of the graph; determining that at least one cluster corresponds to anomalous network activity; and in response to determining that the at least one cluster corresponds to anomalous network activity, causing a network connection of at least one device included in the at least one cluster to be blocked.Type: ApplicationFiled: April 6, 2021Publication date: July 22, 2021Inventors: Sherin M. Mathews, Vaisakh Shaj, Sriranga Seetharamaiah, Carl D. Woodward, Kantheti VVSMB Kumar
-
Patent number: 11005868Abstract: Methods, systems, and media for detecting anomalous network activity are provided. In some embodiments, a method for detecting anomalous network activity is provided, the method comprising: receiving information indicating network activity, wherein the information includes IP addresses corresponding to devices participating in the network activity; generating a graph representing the network activity, wherein each node of the graph indicates an IP address of a device; generating a representation of the graph, wherein the representation of the graph reduces a dimensionality of information indicated in the graph; identifying a plurality of clusters of network activity based on the representation of the graph; determining that at least one cluster corresponds to anomalous network activity; and in response to determining that the at least one cluster corresponds to anomalous network activity, causing a network connection of at least one device included in the at least one cluster to be blocked.Type: GrantFiled: September 21, 2018Date of Patent: May 11, 2021Assignee: McAfee, LLCInventors: Sherin M. Mathews, Vaisakh Shaj, Sriranga Seetharamaiah, Carl D. Woodward, Kantheti VVSMB Kumar
-
Publication number: 20210099478Abstract: Methods, apparatus, systems and articles of manufacture are disclosed to identify and report cloud-based security vulnerabilities. An apparatus comprising: a security vulnerability detector to, in response to a resource monitor monitoring a threshold amount of activity in a resource of a cloud computing environment, determine one or more security vulnerabilities associated with the resource and the cloud computing environment; a vulnerability processor to correlate the one or more security vulnerabilities with one or more kill chains to exploit at least one security vulnerability in the cloud computing environment; and a report generator to generate a report including a story graph indicating a subset of at least one of: (a) the one or more security vulnerabilities associated with the one or more kill chains, (b) one or more remediation actions to obviate the one or more security vulnerabilities, or (c) threat intelligence feeds associated with the one or more security vulnerabilities.Type: ApplicationFiled: December 27, 2019Publication date: April 1, 2021Inventors: Sriranga Seetharamaiah, Cedric Cochin
-
Patent number: 10860718Abstract: Techniques for protecting a computer system against fileless malware are described. One technique includes a virtual machine (VM) locker logic/module implemented by one or more processors receiving information about input/output (I/O) requests associated with injection of data into a process. The logic/module can generate or update an information log to reflect that the process includes data from an external source. The data from the external source can include fileless malware. The technique also includes the logic/module intercepting an execution request by a process (e.g., the process that includes data from an external source, another process, etc.), where an execute privilege located in an operating system mediated access control mechanism approves the request. Next, the logic/module determines that the process requesting execution is included in the log and removes an execute privilege located in a hypervisor mediated access control mechanism to deny the request.Type: GrantFiled: September 19, 2017Date of Patent: December 8, 2020Assignee: McAfee, LLCInventors: Sriranga Seetharamaiah, Carl D. Woodward
-
Publication number: 20200120111Abstract: A disclosed apparatus includes a connection detector to detect a communication as including a request to connect to a device at a data link layer of an Open Systems Interconnection model; a threat monitor to determine whether the communication is a threat; and a threat manager to, when the threat monitor determines the communication is a threat, at least one of generate a notification to prompt a user about the threat or block the communication.Type: ApplicationFiled: June 26, 2019Publication date: April 16, 2020Inventors: SURESH GANGADHARAN, SRIRANGA SEETHARAMAIAH
-
Publication number: 20200099708Abstract: Methods, systems, and media for detecting anomalous network activity are provided. In some embodiments, a method for detecting anomalous network activity is provided, the method comprising: receiving information indicating network activity, wherein the information includes IP addresses corresponding to devices participating in the network activity; generating a graph representing the network activity, wherein each node of the graph indicates an IP address of a device; generating a representation of the graph, wherein the representation of the graph reduces a dimensionality of information indicated in the graph; identifying a plurality of clusters of network activity based on the representation of the graph; determining that at least one cluster corresponds to anomalous network activity; and in response to determining that the at least one cluster corresponds to anomalous network activity, causing a network connection of at least one device included in the at least one cluster to be blocked.Type: ApplicationFiled: September 21, 2018Publication date: March 26, 2020Inventors: Sherin M. Mathews, Vaisakh Shaj, Sriranga Seetharamaiah, Carl D. Woodward, Kantheti VVSMB Kumar
-
Publication number: 20190034633Abstract: Techniques for protecting a computer system against fileless malware are described. One technique includes a virtual machine (VM) locker logic/module implemented by one or more processors receiving information about input/output (I/O) requests associated with injection of data into a process. The logic/module can generate or update an information log to reflect that the process includes data from an external source. The data from the external source can include fileless malware. The technique also includes the logic/module intercepting an execution request by a process (e.g., the process that includes data from an external source, another process, etc.), where an execute privilege located in an operating system mediated access control mechanism approves the request. Next, the logic/module determines that the process requesting execution is included in the log and removes an execute privilege located in a hypervisor mediated access control mechanism to deny the request.Type: ApplicationFiled: September 19, 2017Publication date: January 31, 2019Inventors: Sriranga Seetharamaiah, Carl D. Woodward
-
Patent number: 10148682Abstract: Utilizing a virtual desktop interface, including receiving, from a server, a clone image comprising an instance of an operating system and an application executing on the server, and a copy of scan results, identify initiation of the application using the clone image, in response to identifying initiation of the application, determine that the copy of scan results includes scan results of the application, and in response to determining the copy of scan results includes scan results of the application, executing the application without any further scan of the application.Type: GrantFiled: June 12, 2015Date of Patent: December 4, 2018Assignee: McAfee, LLCInventor: Sriranga Seetharamaiah
-
Publication number: 20160366173Abstract: Utilizing a virtual desktop interface, including receiving, from a server, a clone image comprising an instance of an operating system and an application executing on the server, and a copy of scan results, identify initiation of the application using the clone image, in response to identifying initiation of the application, determine that the copy of scan results includes scan results of the application, and in response to determining the copy of scan results includes scan results of the application, executing the application without any further scan of the application.Type: ApplicationFiled: June 12, 2015Publication date: December 15, 2016Inventor: Sriranga Seetharamaiah
-
Patent number: 8789070Abstract: A system for virtualization of a local device includes a proxy configured to report, to a remote system, a status of a local Universal Serial Bus (“USB”) device of the system, and to receive a transaction request designated for the local device from the remote system. The system further includes a generic device driver configured to receive the transaction request for the local device, and to provide a result of the transaction request. The proxy is further configured to provide the result of the transaction request to the remote system. The local device is remote to the remote system, which is configured to include a device-specific driver for the local device. A system for utilizing a local device of a remote system is also provided. The system may include an agent and a virtual bus driver. Methods and machine-readable media are also provided.Type: GrantFiled: December 6, 2007Date of Patent: July 22, 2014Assignee: Wyse Technology L.L.C.Inventors: Daniel Ernesto Barreto, Shishuang Wang, Jayadev Marulappa Niranjanmurthy, Sriranga Seetharamaiah
-
Patent number: 8683466Abstract: A technique for composing a virtual desktop associated with one or more applications in a virtualized computing environment. The technique includes generating file system level metadata in the desktop image for applications that create a perception that data blocks in the desktop image have been allocated to applications, but not actually copying any of the application data into the allocated blocks. Instead, the technique builds a mapping table between disk block numbers and the application data, which can be stored in a separate application store. The disclosed techniques provide a more efficient way to compose a virtual desktop, compared to current virtual desktop adoption techniques.Type: GrantFiled: May 24, 2011Date of Patent: March 25, 2014Assignee: VMware, Inc.Inventors: Sam Arun Raj Seeniraj, Neeraj Sanjeev Kulkarni, Sriranga Seetharamaiah
-
Publication number: 20120304168Abstract: A technique for composing a virtual desktop associated with one or more applications in a virtualized computing environment. The technique includes generating file system level metadata in the desktop image for applications that create a perception that data blocks in the desktop image have been allocated to applications, but not actually copying any of the application data into the allocated blocks. Instead, the technique builds a mapping table between disk block numbers and the application data, which can be stored in a separate application store. The disclosed techniques provide a more efficient way to compose a virtual desktop, compared to current virtual desktop adoption techniques.Type: ApplicationFiled: May 24, 2011Publication date: November 29, 2012Applicant: VMWARE, INC.Inventors: Sam Arun RAJ SEENIRAJ, Neeraj Sanjeev KULKARNI, Sriranga SEETHARAMAIAH
-
Patent number: 8010630Abstract: A system for redirecting a local device to a remote system includes a proxy configured to communicate with a remote access module. The remote access module is configured to establish a remote access connection between a system and a remote system. The proxy is configured to receive socket connection information for establishing a socket connection between the system and the remote system. The proxy is also configured to receive, from the remote system over the socket connection, at least one device transaction designated for a virtual device local to the remote system. The virtual device may correspond with a Universal Serial Bus device locally connected to the system. A system for automatically redirecting a local device to a remote system, as well as a system for utilizing a local device of a remote system, are also provided. Methods and machine-readable media are also provided.Type: GrantFiled: December 6, 2007Date of Patent: August 30, 2011Assignee: Wyse Technology Inc.Inventors: Daniel Ernesto Barreto, Jayadev Marulappa Niranjanmurthy, Shishuang Wang, Sriranga Seetharamaiah
-
Publication number: 20090150550Abstract: A system for redirecting a local device to a remote system includes a proxy configured to communicate with a remote access module. The remote access module is configured to establish a remote access connection between a system and a remote system. The proxy is configured to receive socket connection information for establishing a socket connection between the system and the remote system. The proxy is also configured to receive, from the remote system over the socket connection, at least one device transaction designated for a virtual device local to the remote system. The virtual device may correspond with a Universal Serial Bus device locally connected to the system. A system for automatically redirecting a local device to a remote system, as well as a system for utilizing a local device of a remote system, are also provided. Methods and machine-readable media are also provided.Type: ApplicationFiled: December 6, 2007Publication date: June 11, 2009Applicant: Wyse Technology Inc.Inventors: Daniel Ernesto Barreto, Jayadev Marulappa Niranjanmurthy, Shishuang Wang, Sriranga Seetharamaiah
-
Publication number: 20090150909Abstract: A system for virtualization of a local device includes a proxy configured to report, to a remote system, a status of a local Universal Serial Bus (“USB”) device of the system, and to receive a transaction request designated for the local device from the remote system. The system further includes a generic device driver configured to receive the transaction request for the local device, and to provide a result of the transaction request. The proxy is further configured to provide the result of the transaction request to the remote system. The local device is remote to the remote system, which is configured to include a device-specific driver for the local device. A system for utilizing a local device of a remote system is also provided. The system may include an agent and a virtual bus driver. Methods and machine-readable media are also provided.Type: ApplicationFiled: December 6, 2007Publication date: June 11, 2009Applicant: Wyse Technology Inc.Inventors: Daniel Ernesto Barreto, Shishuang Wang, Jayadev Marulappa Niranjanmurthy, Sriranga Seetharamaiah