Patents Assigned to Mu Dynamics, Inc.
-
Patent number: 8612530Abstract: Various embodiments are directed to testing a pass-through device under test. For example, a computer system may receive a scenario describing a model of a message exchange involving the device under test, which specifies, for at least one message a source address location, a destination address location, and an identifier location. The computer system may also execute a plurality of instances of the scenario. Executing each instance may comprise generating a first outgoing message based on the model of the message exchange; and transmitting the first outgoing message to the device under test. Additionally, the computer system may receive and apply a filter to the first forwarded message from the device under test. Applying the filter may extract a second message exchange identifier value from the identifier location of the first forwarded message. Using the second message exchange identifier, the first forwarded message may be matched to at least one outgoing message.Type: GrantFiled: October 24, 2011Date of Patent: December 17, 2013Assignee: Mu Dynamics, Inc.Inventors: Dmitrijs F. Sapovalovs, Sundar Vasan, Kowsik Guruswamy
-
Patent number: 8590048Abstract: A security analyzer includes a single software application that both sends test messages to a device under analysis (DUA) and receives response messages generated by the DUA in response to the test messages. In this way, synchronization of which response messages correspond to which test messages can be reduced or avoided. The software application further determines whether the DUA operated correctly by analyzing the received response messages.Type: GrantFiled: January 6, 2012Date of Patent: November 19, 2013Assignee: Mu Dynamics, Inc.Inventor: Kowsik Guruswamy
-
Patent number: 8316447Abstract: A security analyzer analyzes a security of a device-under-analysis (DUA). In one embodiment, the security analyzer identifies two or more valid message-delivery preconditions for a communication protocol supported by the DUA. One of the identified valid message-delivery preconditions is selected and the security analyzer delivers an attack to the DUA according to the selected message-delivery precondition. The same or similar attacks can also be delivered to the DUA via other message-delivery preconditions. Based on the DUA's response, the security analyzer determines whether a vulnerability has been found.Type: GrantFiled: November 8, 2006Date of Patent: November 20, 2012Assignee: Mu Dynamics, Inc.Inventor: Kowsik Guruswamy
-
Patent number: 8250658Abstract: A security analysis methodology is used to analyze the security of a device-under-analysis (DUA) with respect to a particular protocol message exchange. First, the mutation points that exist in the message exchange are determined. Then, the message exchange is executed multiple times—once for each mutation point. Each execution applies the mutation associated with that particular mutation point (e.g., a particular message during the exchange is modified in a particular way) to create a mutated message exchange. In other words, each message exchange with an applied mutation point corresponds to a test case.Type: GrantFiled: September 20, 2007Date of Patent: August 21, 2012Assignee: Mu Dynamics, Inc.Inventors: Adam Bozanich, Kowsik Guruswamy, Marshall A. Beddoe
-
Publication number: 20120137370Abstract: A security analyzer tests the security of a device by attacking the device and observing the device's response. Attacking the device includes sending one or more messages to the device. A message can be generated by the security analyzer or generated independently of the security analyzer. The security analyzer uses various methods to identify a particular attack that causes a device to fail or otherwise alter its behavior. Monitoring includes analyzing data (other than messages) output from the device in response to an attack. Packet processing analysis includes analyzing one or more messages generated by the device in response to an attack. Instrumentation includes establishing a baseline snapshot of the device's state when it is operating normally and then attacking the device in multiple ways while obtaining snapshots periodically during the attacks.Type: ApplicationFiled: January 6, 2012Publication date: May 31, 2012Applicant: Mu Dynamics, Inc.Inventor: Kowsik Guruswamy
-
Publication number: 20120124670Abstract: A security analyzer includes a single software application that both sends test messages to a device under analysis (DUA) and receives response messages generated by the DUA in response to the test messages. In this way, synchronization of which response messages correspond to which test messages can be reduced or avoided. The software application further determines whether the DUA operated correctly by analyzing the received response messages.Type: ApplicationFiled: January 6, 2012Publication date: May 17, 2012Applicant: Mu Dynamics, Inc.Inventor: KOWSIK GURUSWAMY
-
Patent number: 8095982Abstract: A security analyzer includes a single software application that both sends test messages to a device under analysis (DUA) and receives response messages generated by the DUA in response to the test messages. In this way, synchronization of which response messages correspond to which test messages can be reduced or avoided. The software application further determines whether the DUA operated correctly by analyzing the received response messages.Type: GrantFiled: February 10, 2006Date of Patent: January 10, 2012Assignee: Mu Dynamics, Inc.Inventor: Kowsik Guruswamy
-
Patent number: 8095983Abstract: A security analyzer tests the security of a device by attacking the device and observing the device's response. Attacking the device includes sending one or more messages to the device. A message can be generated by the security analyzer or generated independently of the security analyzer. The security analyzer uses various methods to identify a particular attack that causes a device to fail or otherwise alter its behavior. Monitoring includes analyzing data (other than messages) output from the device in response to an attack. Packet processing analysis includes analyzing one or more messages generated by the device in response to an attack. Instrumentation includes establishing a baseline snapshot of the device's state when it is operating normally and then attacking the device in multiple ways while obtaining snapshots periodically during the attacks.Type: GrantFiled: February 10, 2006Date of Patent: January 10, 2012Assignee: Mu Dynamics, Inc.Inventor: Kowsik Guruswamy
-
Patent number: 8074097Abstract: A system and method for analyzing and/or testing member devices in a multi-device system. The multi-device system includes a device-under-analysis (DUA) and a device-under-observation (DUO). An analyzer that is external to the multi-device system generates and sends test messages to the DUA. The analyzer monitors the health of the multi-device system through the DUO and detects a system-wide impact of the DUA caused by the test messages. The analyzer analyzes the DUA based on the test messages and the system-wide impact.Type: GrantFiled: July 27, 2010Date of Patent: December 6, 2011Assignee: MU Dynamics, Inc.Inventors: Marshall A. Beddoe, Thomas A. Maufer
-
Publication number: 20110271348Abstract: A security analyzer is capable of generating attacks to test the security of a device under analysis. The security analyzer further has the capability to generate a portable, executable program to generate specified attacks. In this way, others can recreate the attacks without requiring access to the security analyzer.Type: ApplicationFiled: June 7, 2011Publication date: November 3, 2011Applicant: Mu Dynamics, Inc.Inventor: Kowsik GURUSWAMY
-
Publication number: 20110238852Abstract: A test system (and corresponding method and computer program product) for generating unit tests for a heterogeneous network system and validating test results to ensure that the network system functions properly is described. In one embodiment, the test system is an appliance that is capable of normalizing communication protocols supported by component systems of the network system. The test system creates objects and methods corresponding to component systems and their supported protocol commands in the network system, and generates unit test cases based on the objects, the methods, and the normalized protocols. The test system transmits the unit test cases to the component systems, receives test results, and validates the test results to ensure that the network system functions properly.Type: ApplicationFiled: June 6, 2011Publication date: September 29, 2011Applicant: Mu Dynamics, Inc.Inventors: Kowsik GURUSWAMY, James Maze
-
Patent number: 7958230Abstract: A test system (and corresponding method and computer program product) for generating unit tests for a heterogeneous network system and validating test results to ensure that the network system functions properly is described. In one embodiment, the test system is an appliance that is capable of normalizing communication protocols supported by component systems of the network system. The test system creates objects and methods corresponding to component systems and their supported protocol commands in the network system, and generates unit test cases based on the objects, the methods, and the normalized protocols. The test system transmits the unit test cases to the component systems, receives test results, and validates the test results to ensure that the network system functions properly.Type: GrantFiled: September 19, 2008Date of Patent: June 7, 2011Assignee: MU Dynamics, Inc.Inventors: Kowsik Guruswamy, James Maze
-
Patent number: 7958560Abstract: A security analyzer is capable of generating attacks to test the security of a device under analysis. The security analyzer further has the capability to generate a portable, executable program to generate specified attacks. In this way, others can recreate the attacks without requiring access to the security analyzer.Type: GrantFiled: February 10, 2006Date of Patent: June 7, 2011Assignee: Mu Dynamics, Inc.Inventor: Kowsik Guruswamy
-
Patent number: 7954161Abstract: A system and method to identify and characterize nonfatal failures of a device-under-analysis (DUA). A security analyzer executes attacks to test the security of the DUA. During the attacks, the security analyzer periodically sends an instrumentation command to the DUA and measures the time the DUA takes to successfully respond to the instrumentation command (the response time sample). The security analyzer uses the response time samples to identify and/or characterize the nonfatal failures in the DUA caused by the attacks.Type: GrantFiled: June 8, 2007Date of Patent: May 31, 2011Assignee: MU Dynamics, Inc.Inventors: Kowsik Guruswamy, Ajit Sancheti
-
Patent number: 7774637Abstract: A system and method for analyzing and/or testing member devices in a multi-device system. The multi-device system includes a device-under-analysis (DUA) and a device-under-observation (DUO). An analyzer that is external to the multi-device system generates and sends test messages to the DUA. The analyzer monitors the health of the multi-device system through the DUO and detects a system-wide impact of the DUA caused by the test messages. The analyzer analyzes the DUA based on the test messages and the system-wide impact.Type: GrantFiled: September 5, 2007Date of Patent: August 10, 2010Assignee: Mu Dynamics, Inc.Inventors: Marshall A. Beddoe, Thomas A. Maufer
-
Publication number: 20100106742Abstract: A discovery system (and corresponding method and computer program product) for automatically discovering assets and their roles and functional relationships in a network system is described. In one aspect, the discovery system interrogates known assets through protocol messages, normalizes response messages, and contextually analyzes the normalized response message to identify additional assets and their roles and functional relationships with the interrogated assets. The discovery system can recursively interrogate newly discovered assets to discover additional assets. In another aspect of the present invention, the discovery system is scheduled to periodically interrogate known assets for up-to-date information of the assets and their roles and functional relationships. Such information can be used to provide various services.Type: ApplicationFiled: October 29, 2008Publication date: April 29, 2010Applicant: Mu Dynamics, Inc.Inventor: Kowsik Guruswamy
-
Publication number: 20100077072Abstract: A test system (and corresponding method and computer program product) for generating unit tests for a heterogeneous network system and validating test results to ensure that the network system functions properly is described. In one embodiment, the test system is an appliance that is capable of normalizing communication protocols supported by component systems of the network system. The test system creates objects and methods corresponding to component systems and their supported protocol commands in the network system, and generates unit test cases based on the objects, the methods, and the normalized protocols. The test system transmits the unit test cases to the component systems, receives test results, and validates the test results to ensure that the network system functions properly.Type: ApplicationFiled: September 19, 2008Publication date: March 25, 2010Applicant: MU DYNAMICS, INC.Inventors: Kowsik Guruswamy, James Maze