Patents by Inventor Aditya Naidu

Aditya Naidu has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 11032302
    Abstract: A method, computer system, and computer program product that generates a whitelist for each subject device in a field area network (FAN). The whitelist includes one or more whitelist entries corresponding to one or more peer devices in the same FAN communicating with the subject device. Each whitelist entry includes one or more attribute values expected in respective traffic between the subject device and each peer device that is represented by a respective whitelist entry. The traffic in the FAN is monitored at one or more points of the FAN for anomaly by use of the whitelist.
    Type: Grant
    Filed: July 30, 2018
    Date of Patent: June 8, 2021
    Assignee: PERSPECTA LABS INC.
    Inventors: Federico Jose Garcia, Aditya Naidu, Stanley Pietrowicz
  • Patent number: 10230599
    Abstract: A computer program product, computer system, and method for performing traffic analysis on a wireless mesh network, includes intercepting a stream of real-time wireless from field probes on the wireless mesh network, wherein the stream comprises non-standard protocol elements and encrypted traffic, creating an ad hoc network parallel to the wireless mesh network, obtaining, from the ad hoc network, the intercepted stream (the analyzing is performed parallel to traffic flow on the wireless mesh network), pre-processing a portion of the intercepted stream the data, where the pre-processing comprises descrambling and processing headers in the stream to differentiate the packets in the stream and create a combined output stream, obtaining the combined output stream and creating indicators by selecting an analysis operator to apply to one or more dissected fields extracted from the output stream, analyzing the packets in the combined output stream utilizing the indicators, and obtaining results from the indicators
    Type: Grant
    Filed: May 26, 2017
    Date of Patent: March 12, 2019
    Assignee: Perspecta Labs Inc.
    Inventors: Stanley Pietrowicz, Michael M. Hylkema, Paul D. Martin, Jason Youzwak, Aditya Naidu
  • Publication number: 20190036954
    Abstract: A method, computer system, and computer program product that generates a whitelist for each subject device in a field area network (FAN). The whitelist includes one or more whitelist entries corresponding to one or more peer devices in the same FAN communicating with the subject device. Each whitelist entry includes one or more attribute values expected in respective traffic between the subject device and each peer device that is represented by a respective whitelist entry. The traffic in the FAN is monitored at one or more points of the FAN for anomaly by use of the whitelist.
    Type: Application
    Filed: July 30, 2018
    Publication date: January 31, 2019
    Inventors: Federico Jose GARCIA, Aditya NAIDU, Stanley PIETROWICZ
  • Publication number: 20170264513
    Abstract: A computer program product, computer system, and method for performing traffic analysis on a wireless mesh network, includes intercepting a stream of real-time wireless from field probes on the wireless mesh network, wherein the stream comprises non-standard protocol elements and encrypted traffic, creating an ad hoc network parallel to the wireless mesh network, obtaining, from the ad hoc network, the intercepted stream (the analyzing is performed parallel to traffic flow on the wireless mesh network), pre-processing a portion of the intercepted stream the data, where the pre-processing comprises descrambling and processing headers in the stream to differentiate the packets in the stream and create a combined output stream, obtaining the combined output stream and creating indicators by selecting an analysis operator to apply to one or more dissected fields extracted from the output stream, analyzing the packets in the combined output stream utilizing the indicators, and obtaining results from the indicators
    Type: Application
    Filed: May 26, 2017
    Publication date: September 14, 2017
    Inventors: Stanley PIETROWICZ, Michael M. HYLKEMA, Paul D. MARTIN, Jason YOUZWAK, Aditya NAIDU
  • Patent number: 9667521
    Abstract: A computer system, computer program product and method of performing traffic analysis on a communications network includes time stamped packets and related metadata from an intercepted steam of real-time traffic on a backhaul network distinct from the communications network, pre-processing the intercepted stream, including separating a portion of the intercepted stream into dissected fields, creating indicators by selecting an analysis operator to apply to one or more of the dissected fields in a logical expression, analyzing the dissected fields in the output streams utilizing the indicators, and obtaining results from the indicators.
    Type: Grant
    Filed: January 27, 2015
    Date of Patent: May 30, 2017
    Assignee: Vencore Labs, Inc.
    Inventors: Stanley Pietrowicz, Michael M. Hylkema, Paul D. Martin, Jason Youzwak, Aditya Naidu
  • Patent number: 9130982
    Abstract: A system and a method for detecting anomalous attacks in Internet network flow operate by counting a number of Internet traffic messages that are detected as anomalous attacks to provide a count; computing a running average of the number of messages that are detected as anomalous attacks; and comparing the count to the running average to provide an anomalous attack alarm if the count is greater than a multiple of the running average. The attacks can include at least one of spoofing attacks or denial of service attacks. A computer readable storage medium stores instructions of a computer program, which when executed by a computer system, results in performance of steps of the method.
    Type: Grant
    Filed: June 13, 2013
    Date of Patent: September 8, 2015
    Assignee: Vencore Labs, Inc.
    Inventors: Yitzchak Gottlieb, Aditya Naidu, Abhrajit Ghosh, Akira Yamada, Yukiko Sawaya, Ayumu Kubota
  • Publication number: 20150215177
    Abstract: A computer system, computer program product and method of performing traffic analysis on a communications network includes time stamped packets and related metadata from an intercepted steam of real-time traffic on a backhaul network distinct from the communications network, pre-processing the intercepted stream, including separating a portion of the intercepted stream into dissected fields, creating indicators by selecting an analysis operator to apply to one or more of the dissected fields in a logical expression, analyzing the dissected fields in the output streams utilizing the indicators, and obtaining results from the indicators.
    Type: Application
    Filed: January 27, 2015
    Publication date: July 30, 2015
    Inventors: Stanley Pietrowicz, Michael M. Hylkema, Paul D. Martin, Jason Youzwak, Aditya Naidu
  • Patent number: 8925079
    Abstract: A method, an apparatus and a program for detecting spoofed Internet Protocol (IP) traffic directed to a network having a plurality of autonomous systems (AS) is provided. The method comprises receiving an incoming packet through an AS, the incoming packet containing a source IP address and a destination IP address, acquiring a corresponding source and destination IP address prefixes, converting the corresponding source and destination IP address prefixes into a source AS number and a destination AS number, determining if the incoming packet arrived from an unexpected source based upon the corresponding destination IP address prefix and the converted source and destination AS number using an unexpected pair tuple table generated from network routing information and generating an alert indicating that the incoming packet is not allowed to enter the network.
    Type: Grant
    Filed: November 14, 2011
    Date of Patent: December 30, 2014
    Assignees: Telcordia Technologies, Inc., KDDI Corporation
    Inventors: Ravichander Vaidyanathan, Abhrajit Ghosh, Aditya Naidu, Akira Yamada, Ayumu Kubota, Yukiko Sawaya, Yutaka Miyake
  • Patent number: 8719913
    Abstract: Aspects of the invention pertain to analyzing and modifying access control lists that are used in computer networks. Access control lists may have many individual entries that indicate whether information can be passed between certain devices in a computer network. The access control lists may include redundant or conflicting entries. An aspect of the invention converts an order-dependent control list into an order-free equivalent. Redundant entries are identified and removed without adversely affecting the access control list. Redundancy may be identified by evaluating the volume contraction ratio, which is the ratio of the volume of spin-off entries to specific original entry in the access control list. This ratio reflects the extent of order-dependent impact on that entry in a given access control list.
    Type: Grant
    Filed: December 10, 2009
    Date of Patent: May 6, 2014
    Assignee: TT Government Solutions, Inc.
    Inventors: Yibei Ling, Aditya Naidu, Rajesh Talpade
  • Publication number: 20130340079
    Abstract: A system and a method for detecting anomalous attacks in Internet network flow operate by counting a number of Internet traffic messages that are detected as anomalous attacks to provide a count; computing a running average of the number of messages that are detected as anomalous attacks; and comparing the count to the running average to provide an anomalous attack alarm if the count is greater than a multiple of the running average. The attacks can include at least one of spoofing attacks or denial of service attacks. A computer readable storage medium stores instructions of a computer program, which when executed by a computer system, results in performance of steps of the method.
    Type: Application
    Filed: June 13, 2013
    Publication date: December 19, 2013
    Inventors: Yitzchak GOTTLIEB, Aditya NAIDU, Abhrajit GHOSH, Akira YAMADA, Yukiko SAWAYA, Ayumu KUBOTA
  • Publication number: 20130125235
    Abstract: A method, an apparatus and a program for detecting spoofed Internet Protocol (IP) traffic directed to a network having a plurality of autonomous systems (AS) is provided. The method comprises receiving an incoming packet through an AS, the incoming packet containing a source IP address and a destination IP address, acquiring a corresponding source and destination IP address prefixes, converting the corresponding source and destination IP address prefixes into a source AS number and a destination AS number, determining if the incoming packet arrived from an unexpected source based upon the corresponding destination IP address prefix and the converted source and destination AS number using an unexpected pair tuple table generated from network routing information and generating an alert indicating that the incoming packet is not allowed to enter the network.
    Type: Application
    Filed: November 14, 2011
    Publication date: May 16, 2013
    Applicants: TELCORDIA TECHNOLOGIES, INC.
    Inventors: Ravichander Vaidyanathan, Abhrajit Ghosh, Aditya Naidu, Akira Yamada, Ayumu Kubota, Yukiko Sawaya, Yutaka Miyake
  • Publication number: 20110283348
    Abstract: Aspects of the invention pertain to integrated compliance analysis of multiple firewalls and access control lists for network segregation and partitioning. Access control lists may have many individual rules that indicate whether information can be passed between certain devices in a computer network. The access control lists in different firewalls in different network segments within a given network may overlap or have inconsistent rules. Aspects of the invention generate differences between firewalls, analyze equivalency of firewalls, generate the intersection (if any) between a pair of firewalls, and generate the union (if any) between firewalls. Such information provides an integrated analysis of multiple interrelated firewalls, including inbound and outbound access control lists for such firewalls, and may be used to manage firewall operation within the network to ensure consistent operation and maintain network security.
    Type: Application
    Filed: May 13, 2010
    Publication date: November 17, 2011
    Applicant: TELCORDIA TECHNOLOGIES, INC.
    Inventors: Yibei Ling, Aditya Naidu, Rajesh Talpade
  • Patent number: 7962635
    Abstract: Aspects of the invention pertain to user session management in load balanced clusters. Multiple application servers communicate with a central data server to ensure there is a single session per user ID. The central data server maintains a user session index and a parameter table. Each time a network access is attempted using a given user ID, a load balancer assigns the session to one of the application servers. The assigned application server queries the central data server to determine whether a session status for the user's login ID is inactive or active. If inactive, a new, unique value is assigned as the session number. If active, the session number is evaluated to determine whether multiple sessions exist. In this case, one of the sessions is terminated to ensure a single session per user ID. Preferably, the terminated session is the earlier session.
    Type: Grant
    Filed: December 7, 2009
    Date of Patent: June 14, 2011
    Assignee: Telcordia Technologies, Inc.
    Inventors: Aditya Naidu, Rajesh Talpade, Harshad Tanna, Sabine Winchell
  • Publication number: 20100217860
    Abstract: Aspects of the invention pertain to user session management in load balanced clusters. Multiple application servers communicate with a central data server to ensure there is a single session per user ID. The central data server maintains a user session index and a parameter table. Each time a network access is attempted using a given user ID, a load balancer assigns the session to one of the application servers. The assigned application server queries the central data server to determine whether a session status for the user's login ID is inactive or active. If inactive, a new, unique value is assigned as the session number. If active, the session number is evaluated to determine whether multiple sessions exist. In this case, one of the sessions is terminated to ensure a single session per user ID. Preferably, the terminated session is the earlier session.
    Type: Application
    Filed: December 7, 2009
    Publication date: August 26, 2010
    Applicant: TELCORDIA TECHNOLOGIES, INC.
    Inventors: Aditya Naidu, Rajesh Talpade, Harshad Tanna, Sabine Winchell
  • Publication number: 20100199344
    Abstract: Aspects of the invention pertain to analyzing and modifying access control lists that are used in computer networks. Access control lists may have many individual entries that indicate whether information can be passed between certain devices in a computer network. The access control lists may include redundant or conflicting entries. An aspect of the invention converts an order-dependent control list into an order-free equivalent. Redundant entries are identified and removed without adversely affecting the access control list. Redundancy may be identified by evaluating the volume contraction ratio, which is the ratio of the volume of spin-off entries to specific original entry in the access control list. This ratio reflects the extent of order-dependent impact on that entry in a given access control list.
    Type: Application
    Filed: December 10, 2009
    Publication date: August 5, 2010
    Applicant: TELCORDIA TECHNOLOGIES, INC.
    Inventors: Yibei Ling, Aditya Naidu, Rajesh Talpade
  • Publication number: 20100199346
    Abstract: Aspects of the invention pertain to analyzing and modifying access control lists that are used in computer networks. Access control lists may have many individual rules that indicate whether information can be passed between certain devices in a computer network. The access control lists may include redundant or conflicting rules. An aspect of the invention determines whether two or more access control lists are equivalent or not. Order-dependent access control lists are converted into order-independent access control lists, which enable checking of semantic equivalence of different access control lists. Upon conversion to an order-independent access control list, lower-precedence rules in the order-free list are checked for overlap with a current higher precedence entry. If overlap exists, existing order-free rules are modified so that spinoff rules have no overlap with the current entry. This is done while maintaining semantic equivalence.
    Type: Application
    Filed: December 10, 2009
    Publication date: August 5, 2010
    Applicant: Telcordia Technologies, Inc.
    Inventors: Yibei Ling, Aditya Naidu, Rajesh Talpade
  • Publication number: 20100042605
    Abstract: An inventive system and method for versioning relational database disjoint records comprises a relational database, configuration files translated into query files, and a version control system, wherein each query file is stored and checked into the version control system, updating a version number of the query file. Each query file comprises a set of query statements. Query files are retrieved from the version control system based on the version number or an independent data item, and put into the database for analysis. In one embodiment, one of the configuration files comprises a configuration of a device, such as a router, a switch, a firewall, or a medical record. The method comprises acquiring configuration files, changing the configuration files into query files and storing the query files, and checking each query file into a version control system, wherein the checking in updates a version number of the query file.
    Type: Application
    Filed: July 31, 2009
    Publication date: February 18, 2010
    Applicant: Telcordia Technologies, Inc.
    Inventors: Yuu-heng Cheng, Alexander Poylisher, Aditya Naidu, Rajesh Talpade, Shrirang Gadgil