Patents by Inventor Suresh K. Damodaran
Suresh K. Damodaran has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240015062Abstract: Disclosed herein are systems and methods for reducing or mitigation alert fatigue from real-time alerts in cyber-physical systems or other types of edge computing systems are provided. In one or more examples, the edge computing system monitor can look for one or more patterns within received data that can indicate malicious activity or other conditions that may warrant a real-time or near-real time response from the operator. In one or more examples, a detection of any of the specified patterns in the streaming data can trigger an alert to the operator of the edge computing system. In one or more examples, the alerts can be suppressed until the number of alerts associated with a particular pattern crosses a pre-determined threshold. Additionally or alternatively, alerts can be suppressed based on a duration that the alerts have been generated. The suppression of alerts can be configured to reduce operator alert fatigue.Type: ApplicationFiled: July 11, 2022Publication date: January 11, 2024Applicant: The MITRE CorporationInventors: Suresh K. DAMODARAN, Jesus N. ABELARDE, JR., Benjamin Robert SCHMIDT, Peter MALINOVSKY, Bryan Lewis QUINN
-
Publication number: 20240015169Abstract: Accordingly, systems and methods for facilitating operator assisted responses to real-time alerts in cyber-physical systems or other types of edge computing systems are provided. In one or more examples, an edge computing system of an enterprise computing network (where an operator is stationed to operate it), can comprise an edge computing system monitor. In one or more examples, the edge computing system monitor can receive streaming analytic data from one or more components of the edge computing system. In one or more examples, the edge computing system monitor can look for one or more patterns within the received data that can be indicative of malicious activity or other conditions that may warrant a real-time or near-real time response from the operator. In one or more examples, a detection of any of the specified patterns in the streaming data can trigger an alert to the operator of the edge computing system.Type: ApplicationFiled: July 11, 2022Publication date: January 11, 2024Applicant: The MITRE CorporationInventors: Suresh K. DAMODARAN, Jesus N. ABELARDE, JR., Benjamin Robert SCHMIDT
-
Publication number: 20230385283Abstract: Provided herein are systems and methods for detecting predefined patterns in streaming data being transmitted in a distributed computing system that contains a plurality of computing devices wherein the plurality of computing devices are collectively configured to execute a distributed software program. In one or more examples, a detection engine can be implemented on a computing device and can be configured to receive streaming data that is being transmitted between computing devices of the system. The detection engine can be further configured to analyze the streaming data to determine if the data matches one or more patterns that is specified by a watch point which can be converted into a happened before language expression. In one or more examples, the streaming data can be converted into an intermediate log file that is compared against patterns expressed by a regular expression and if a match is found, an alert can be generated.Type: ApplicationFiled: August 11, 2023Publication date: November 30, 2023Applicant: The MITRE CorporationInventors: Suresh K. DAMODARAN, Richard A. Moffitt, Richard B. Lamourine, Joshua D. Guttman
-
Patent number: 11762858Abstract: Predefined patterns are detected in streaming data being transmitted in a distributed computing system that contains a plurality of computing devices wherein the plurality of computing devices are collectively configured to execute a distributed software program. In one or more examples, a detection engine can be implemented on a computing device and can be configured to receive streaming data that is being transmitted between computing devices of the system. The detection engine can be further configured to analyze the streaming data to determine if the data matches one or more patterns that is specified by a watch point which can be converted into a happened before language expression. In one or more examples, the streaming data can be converted into an intermediate log file that is compared against patterns expressed by a regular expression and if a match is found, an alert can be generated.Type: GrantFiled: March 19, 2020Date of Patent: September 19, 2023Assignee: The MITRE CorporationInventors: Suresh K. Damodaran, Richard A. Moffitt, Richard B. Lamourine, Joshua D. Guttman
-
Publication number: 20230115976Abstract: Described are systems and methods for evaluating cyber effects in a cyber physical system (CPS). In some embodiments, a simulation model of the CPS is built and includes a plurality of component sets. The plurality of component sets includes at least one component in the simulation model. A control component is inserted into the simulation model. One or more connections between the plurality of component sets is routed through the control component. A cyber-attack on a component set selected from the plurality of component sets can be simulated by configuring the control component to control an output transmitted via a routed connection between the plurality of component sets. The model components may be iteratively replaced by CPS components, including software or physical components, to improve the cyber-attack and evaluation fidelity.Type: ApplicationFiled: December 5, 2022Publication date: April 13, 2023Applicant: The MITRE CorporationInventors: Suresh K. DAMODARAN, Saurabh MITTAL
-
Patent number: 11573874Abstract: Systems and methods for automatically injecting effects in cyber-physical systems and their simulations are provided herein. In one example, the cyber-physical system under test can include one or more watch-point monitors that can analyze messages between components of the system to determine the presence of one or more particular patterns present in the messages being passed between components of the system during operation. In one or more examples, upon detection of one or more conditions matching a watch point, the systems and methods presented herein can activate an effect and inject it into the cyber-physical system under test based on the detected watch point. In one or more examples, the systems and methods can provide a domain-specific “effects language” (EL) that can allow a user to specify a watch point and an effect corresponding to the watch point.Type: GrantFiled: January 5, 2021Date of Patent: February 7, 2023Assignee: The MITRE CorporationInventors: Suresh K. Damodaran, Caleb Stepanian, Paul D. Rowe
-
Patent number: 11522903Abstract: Described are systems and methods for evaluating cyber effects in a cyber-physical system (CPS). In some embodiments, a simulation model of the CPS is built and includes an attacked component set and an evaluated component set. A control component is inserted into the simulation model. One or more direct connections between the attacked component set and the evaluated component set are disconnected. One or more indirect connections are identified and then disconnected from the simulation model with disconnected direct connections. The one or more direct connections and indirect connections are routed through the control component. A cyber-attack on the attacked component set can be simulated by configuring the control component to control outputs transmitted via a routed connection, the routed connection being one of the routed direct or indirect connections. The simulated components of the simulation model can be progressively and iteratively replaced by corresponding components from the CPS.Type: GrantFiled: October 9, 2020Date of Patent: December 6, 2022Assignee: The MITRE CorporationInventors: Suresh K. Damodaran, Saurabh Mittal
-
Publication number: 20220214952Abstract: Systems and methods for automatically injecting effects in cyber-physical systems and their simulations are provided herein. In one example, the cyber-physical system under test can include one or more watch-point monitors that can analyze messages between components of the system to determine the presence of one or more particular patterns present in the messages being passed between components of the system during operation. In one or more examples, upon detection of one or more conditions matching a watch point, the systems and methods presented herein can activate an effect and inject it into the cyber-physical system under test based on the detected watch point. In one or more examples, the systems and methods can provide a domain-specific “effects language” (EL) that can allow a user to specify a watch point and an effect corresponding to the watch point.Type: ApplicationFiled: January 5, 2021Publication date: July 7, 2022Applicant: The MITRE CorporationInventors: Suresh K. DAMODARAN, Caleb STEPANIAN, Paul D. ROWE
-
Publication number: 20210294805Abstract: Provided herein are systems and methods for detecting predefined patterns in streaming data being transmitted in a distributed computing system that contains a plurality of computing devices wherein the plurality of computing devices are collectively configured to execute a distributed software program. In one or more examples, a detection engine can be implemented on a computing device and can be configured to receive streaming data that is being transmitted between computing devices of the system. The detection engine can be further configured to analyze the streaming data to determine if the data matches one or more patterns that is specified by a watch point which can be converted into a happened before language expression. In one or more examples, the streaming data can be converted into an intermediate log file that is compared against patterns expressed by a regular expression and if a match is found, an alert can be generated.Type: ApplicationFiled: March 19, 2020Publication date: September 23, 2021Applicant: The MITRE CorporationInventors: Suresh K. DAMODARAN, Richard A. MOFFITT, Richard B. LAMOURINE, Joshua D. GUTTMAN
-
Publication number: 20210029155Abstract: Described are systems and methods for evaluating cyber effects in a cyber-physical system (CPS). In some embodiments, a simulation model of the CPS is built and includes an attacked component set and an evaluated component set. A control component is inserted into the simulation model. One or more direct connections between the attacked component set and the evaluated component set are disconnected. One or more indirect connections are identified and then disconnected from the simulation model with disconnected direct connections. The one or more direct connections and indirect connections are routed through the control component. A cyber-attack on the attacked component set can be simulated by configuring the control component to control outputs transmitted via a routed connection, the routed connection being one of the routed direct or indirect connections. The simulated components of the simulation model can be progressively and iteratively replaced by corresponding components from the CPS.Type: ApplicationFiled: October 9, 2020Publication date: January 28, 2021Applicant: The MITRE CorporationInventors: Suresh K. DAMODARAN, Saurabh MITTAL
-
Patent number: 10862919Abstract: Described are systems and methods for evaluating cyber effects in a cyber-physical system (CPS). In some embodiments, a simulation model of the CPS is built and includes an attacked component set and an evaluated component set. A control component is inserted into the simulation model. One or more direct connections between the attacked component set and the evaluated component set are disconnected. One or more indirect connections are identified and then disconnected from the simulation model with disconnected direct connections. The one or more direct connections and indirect connections are routed through the control component. A cyber-attack on the attacked component set can be simulated by configuring the control component to control outputs transmitted via a routed connection, the routed connection being one of the routed direct or indirect connections. The simulated components of the simulation model can be progressively and iteratively replaced by corresponding components from the CPS.Type: GrantFiled: April 20, 2018Date of Patent: December 8, 2020Assignee: The MITRE CorporationInventors: Suresh K. Damodaran, Saurabh Mittal
-
Patent number: 10649884Abstract: A graphical user interface configured to facilitate replay debugging in distributed software programs is provided. In one or more examples, the graphical user interface provides a visual progress bar, wherein a position on the visual progress bar corresponds to a log file generated when the distributed software program is executed. The user can manipulate the graphical user to replay the log files and visualize the state of the playback through the visual progress bar. The graphical user interface can also allow the user to provide watch points and can allow the user to visualize variables that are contained within the log files. The watch points can represent one or more conditions. The log files can be analyzed to determine if they meet the condition specified in the watch point, and if the log files meet the condition, a visual indication can be provided on the visual progress bar.Type: GrantFiled: February 8, 2018Date of Patent: May 12, 2020Assignee: The MITRE CorporationInventors: Suresh K. Damodaran, Brendan T. Sileo, Alexander J. Padin, Caroline Lee
-
Patent number: 10521331Abstract: A graphical user interface configured to facilitate replay debugging in distributed software programs is provided. The graphical user interface can allow the user to provide watchpoints and can allow the user to visualize variables that are contained within the log files. The watchpoints can represent one or more conditions. The user defined watchpoints can be converted into regex expressions and applied to the log files to determine if they meet the condition specified in the watchpoint, and if the log files meet the condition, a visual indication can be provided on a visual progress bar.Type: GrantFiled: August 31, 2018Date of Patent: December 31, 2019Assignee: The MITRE CorporationInventors: Suresh K. Damodaran, Joshua D. Guttman
-
Publication number: 20190243746Abstract: A graphical user interface configured to facilitate replay debugging in distributed software programs is provided. In one or more examples, the graphical user interface provides a visual progress bar, wherein a position on the visual progress bar corresponds to a log file generated when the distributed software program is executed. The user can manipulate the graphical user to replay the log files and visualize the state of the playback through the visual progress bar. The graphical user interface can also allow the user to provide watch points and can allow the user to visualize variables that are contained within the log files. The watch points can represent one or more conditions. The log files can be analyzed to determine if they meet the condition specified in the watch point, and if the log files meet the condition, a visual indication can be provided on the visual progress bar.Type: ApplicationFiled: February 8, 2018Publication date: August 8, 2019Applicant: The MITRE CorporationInventors: Suresh K. DAMODARAN, Brendan T. SILEO, Alexander J. PADIN, Caroline LEE
-
Patent number: 10324964Abstract: Systems and methods are disclosed that provide high-level, ontology-based analysis of low-level data stored within an unstructured key/value store. The systems and methods allow an analyst to make sense of massive amounts of data from diverse sources without having any knowledge of the underlying physical data storage. The systems and methods provide flexible ontology assisted addressing, embedding such addressing in existing query languages such as widely used Structured Query Language (SQL), and returning results and provenance information of the results.Type: GrantFiled: November 18, 2014Date of Patent: June 18, 2019Assignee: MASSACHUSETTS INSTITUTE OF TECHNOLOGYInventors: Suresh K. Damodaran, Benjamin D. O'Gwynn
-
Publication number: 20180309780Abstract: Described are systems and methods for evaluating cyber effects in a cyber-physical system (CPS). In some embodiments, a simulation model of the CPS is built and includes an attacked component set and an evaluated component set. A control component is inserted into the simulation model. One or more direct connections between the attacked component set and the evaluated component set are disconnected. One or more indirect connections are identified and then disconnected from the simulation model with disconnected direct connections. The one or more direct connections and indirect connections are routed through the control component. A cyber-attack on the attacked component set can be simulated by configuring the control component to control outputs transmitted via a routed connection, the routed connection being one of the routed direct or indirect connections. The simulated components of the simulation model can be progressively and iteratively replaced by corresponding components from the CPS.Type: ApplicationFiled: April 20, 2018Publication date: October 25, 2018Applicant: The MITRE CorporationInventors: Suresh K. DAMODARAN, Saurabh MITTAL
-
Publication number: 20170300558Abstract: Systems and methods are disclosed that provide high-level, ontology-based analysis of low-level data stored within an unstructured key/value store. The systems and methods allow an analyst to make sense of massive amounts of data from diverse sources without having any knowledge of the underlying physical data storage. The systems and methods provide flexible ontology assisted addressing, embedding such addressing in existing query languages such as widely used Structured Query Language (SQL), and returning results and provenance information of the results.Type: ApplicationFiled: November 18, 2014Publication date: October 19, 2017Applicant: MASSACHUSETTS INSTITUTE OF TECHNOLOGYInventors: Suresh K. Damodaran, Benjamin D. O'Gwynn
-
Patent number: 9367610Abstract: Systems and methods are disclosed that provide high-level, ontology-based analysis of low-level data stored within an unstructured key/value store. The systems and methods allow an analyst to make sense of massive amounts of data from diverse sources without having any knowledge of the underlying physical data storage. Additional features include feasibility queries to determine if requested data exists in the key/value store before performing an expensive query; automatic query optimization using secondary indexes; and a usage history service to identify performance bottlenecks and fine tune the storage schema.Type: GrantFiled: January 16, 2014Date of Patent: June 14, 2016Assignee: MASSACHUSETTS INSTITUTE OF TECHNOLOGYInventors: Suresh K. Damodaran, Benjamin D. O'Gwynn, Tamara H. Yu
-
Publication number: 20150199424Abstract: Systems and methods are disclosed that provide high-level, ontology-based analysis of low-level data stored within an unstructured key/value store. The systems and methods allow an analyst to make sense of massive amounts of data from diverse sources without having any knowledge of the underlying physical data storage. Additional features include feasibility queries to determine if requested data exists in the key/value store before performing an expensive query; automatic query optimization using secondary indexes; and a usage history service to identify performance bottlenecks and fine tune the storage schema.Type: ApplicationFiled: January 16, 2014Publication date: July 16, 2015Applicant: MASSACHUSETTS INSTITUTE OF TECHNOLOGYInventors: Suresh K. Damodaran, Benjamin D. O'Gwynn, Tamara H. Yu
-
Patent number: 8302861Abstract: A computer implemented system and method for managing inventory includes determining a value for a parameter indicative of a response time associated with at least one transaction for an item of inventory. In conjunction with executing any particular transaction, an inventory update method is selected from a plurality of inventory update methods based at least in part on the determined value. A record indicative of an inventory level of the item is modified according to the selected inventory update method. A first inventory update method alters a locked inventory record and a second inventory update method alters a freely accessible proxy for the locked inventory record.Type: GrantFiled: May 22, 2007Date of Patent: November 6, 2012Assignee: IBM International Group B.V.Inventors: Sanjeev Siotia, Nitin Kapoor, Suresh K. Damodaran