Patents by Inventor Alex Dubrovsky
Alex Dubrovsky has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20230020421Abstract: This disclosure is related to methods and apparatus used to for preventing malicious content from reaching a destination via a dynamic analysis engine may operate in real-time when packetized data is received. Data packets sent from a source computer may be received and be forwarded to an analysis computer that may monitor actions performed by executable program code included within the set of data packets when making determinations regarding whether the data packet set should be classified as malware. In certain instances all but a last data packet of the data packet set may also be sent to the destination computer while the analysis computer executes and monitors the program code included in the data packet set. In instances when the analysis computer identifies that the data packet set does include malware, the malware may be blocked from reaching the destination computer by not sending the last data packet to the destination computer.Type: ApplicationFiled: September 21, 2022Publication date: January 19, 2023Inventors: Senthil Cheetancheri, Alex Dubrovsky, Sachin Holagi
-
Patent number: 11558405Abstract: This disclosure is related to methods and apparatus used to for preventing malicious content from reaching a destination via a dynamic analysis engine may operate in real-time when packetized data is received. Data packets sent from a source computer may be received and be forwarded to an analysis computer that may monitor actions performed by executable program code included within the set of data packets when making determinations regarding whether the data packet set should be classified as malware. In certain instances all but a last data packet of the data packet set may also be sent to the destination computer while the analysis computer executes and monitors the program code included in the data packet set. In instances when the analysis computer identifies that the data packet set does include malware, the malware may be blocked from reaching the destination computer by not sending the last data packet to the destination computer.Type: GrantFiled: December 21, 2020Date of Patent: January 17, 2023Assignee: SonicWALL Inc.Inventors: Senthil Cheetancheri, Alex Dubrovsky, Sachin Holagi
-
Publication number: 20220035919Abstract: Methods and apparatus consistent with the present disclosure may use instrumentation code that remains transparent to an application program that the instrumentation code has been injected into. In certain instances, data sets that include executable code may be received via packetized communications or be received via other means, such as, receiving a file from a data store. The present technique allows a processor executing instrumentation code to monitor actions performed by the program code included in a received data set. Malware may be detected by scanning suspect program code with a malware scanner, malware may be detected by identifying suspicious actions performed by a set of program code, or malware may be detected by a combination of such techniques.Type: ApplicationFiled: October 19, 2021Publication date: February 3, 2022Inventors: Soumyadipta Das, Alex Dubrovsky, Igor Korsunsky
-
Patent number: 11151252Abstract: Methods and apparatus consistent with the present disclosure may use instrumentation code that remains transparent to an application program that the instrumentation code has been injected into. In certain instances, data sets that include executable code may be received via packetized communications or be received via other means, such as, receiving a file from a data store. The present technique allows a processor executing instrumentation code to monitor actions performed by the program code included in a received data set. Malware may be detected by scanning suspect program code with a malware scanner, malware may be detected by identifying suspicious actions performed by a set of program code, or malware may be detected by a combination of such techniques.Type: GrantFiled: October 13, 2017Date of Patent: October 19, 2021Assignee: SONICWALL INC.Inventors: Soumyadipta Das, Alex Dubrovsky, Igor Korsunsky
-
Publication number: 20210185062Abstract: This disclosure is related to methods and apparatus used to for preventing malicious content from reaching a destination via a dynamic analysis engine may operate in real-time when packetized data is received. Data packets sent from a source computer may be received and be forwarded to an analysis computer that may monitor actions performed by executable program code included within the set of data packets when making determinations regarding whether the data packet set should be classified as malware. In certain instances all but a last data packet of the data packet set may also be sent to the destination computer while the analysis computer executes and monitors the program code included in the data packet set. In instances when the analysis computer identifies that the data packet set does include malware, the malware may be blocked from reaching the destination computer by not sending the last data packet to the destination computer.Type: ApplicationFiled: December 21, 2020Publication date: June 17, 2021Inventors: Senthil Cheetancheri, Alex Dubrovsky, Sachin Holagi
-
Patent number: 10873589Abstract: This disclosure is related to methods and apparatus used to for preventing malicious content from reaching a destination via a dynamic analysis engine may operate in real-time when packetized data is received. Data packets sent from a source computer may be received and be forwarded to an analysis computer that may monitor actions performed by executable program code included within the set of data packets when making determinations regarding whether the data packet set should be classified as malware. In certain instances all but a last data packet of the data packet set may also be sent to the destination computer while the analysis computer executes and monitors the program code included in the data packet set. In instances when the analysis computer identifies that the data packet set does include malware, the malware may be blocked from reaching the destination computer by not sending the last data packet to the destination computer.Type: GrantFiled: August 8, 2017Date of Patent: December 22, 2020Assignee: SonicWALL Inc.Inventors: Senthil Cheetancheri, Alex Dubrovsky, Sachin Holagi
-
Publication number: 20190114421Abstract: Methods and apparatus consistent with the present disclosure may use instrumentation code that remains transparent to an application program that the instrumentation code has been injected into. In certain instances, data sets that include executable code may be received via packetized communications or be received via other means, such as, receiving a file from a data store. The present technique allows a processor executing instrumentation code to monitor actions performed by the program code included in a received data set. Malware may be detected by scanning suspect program code with a malware scanner, malware may be detected by identifying suspicious actions performed by a set of program code, or malware may be detected by a combination of such techniques.Type: ApplicationFiled: October 13, 2017Publication date: April 18, 2019Inventors: Soumyadipta Das, Alex Dubrovsky, Igor Korsunsky
-
Publication number: 20190052651Abstract: This disclosure is related to methods and apparatus used to for preventing malicious content from reaching a destination via a dynamic analysis engine may operate in real-time when packetized data is received. Data packets sent from a source computer may be received and be forwarded to an analysis computer that may monitor actions performed by executable program code included within the set of data packets when making determinations regarding whether the data packet set should be classified as malware. In certain instances all but a last data packet of the data packet set may also be sent to the destination computer while the analysis computer executes and monitors the program code included in the data packet set. In instances when the analysis computer identifies that the data packet set does include malware, the malware may be blocked from reaching the destination computer by not sending the last data packet to the destination computer.Type: ApplicationFiled: August 8, 2017Publication date: February 14, 2019Inventors: Senthil Cheetancheri, Alex Dubrovsky, Sachin Holagi
-
Publication number: 20180278580Abstract: The present invention provides the initiation of a transport layer security (TLS) session between a client device and a server using a firewall without interruption. The present invention holds a TLS hello message received from the client device until after the server has been validated. A firewall consistent with the present invention does not interrupt a transport layer control (TCP) connection that was established between the client device and the firewall before the TLS hello message was received by the firewall.Type: ApplicationFiled: May 29, 2018Publication date: September 27, 2018Inventors: Raj Raman, Alex Dubrovsky, Akbal Singh Karlcut
-
Patent number: 9998425Abstract: The present invention provides the initiation of a transport layer security (TLS) session between a client device and a server using a firewall without interruption. The present invention holds a TLS hello message received from the client device until after the server has been validated. A firewall consistent with the present invention does not interrupt a transport layer control (TCP) connection that was established between the client device and the firewall before the TLS hello message was received by the firewall.Type: GrantFiled: January 27, 2015Date of Patent: June 12, 2018Assignee: SonicWALL Inc.Inventors: Raj Raman, Alex Dubrovsky, Akbal Singh Karlcut
-
Publication number: 20160219018Abstract: The present invention provides the initiation of a transport layer security (TLS) session between a client device and a server using a firewall without interruption. The present invention holds a TLS hello message received from the client device until after the server has been validated. A firewall consistent with the present invention does not interrupt a transport layer control (TCP) connection that was established between the client device and the firewall before the TLS hello message was received by the firewall.Type: ApplicationFiled: January 27, 2015Publication date: July 28, 2016Inventors: Raj Raman, Alex Dubrovsky, Akbal Singh Karlcut
-
Patent number: 9391828Abstract: Methods and systems of maintaining a computed relationship between components in a network are disclosed. A relationship represents one or more connections between components. Discovered relationships between components in the network are detected. A discovered relationship represents a direct connection between components. A computed relationship between a class of source component and a class of target component is determined. The computed relationship comprises a number of discovered relationships that, when combined, represent connections between one or more types of the source component and one or more types of the target component. The computed relationship is stored. The discovered relationships that comprise the computed relationship are monitored for a change event. The change event may represent a change in the network, such as the addition or deletion of one or more components.Type: GrantFiled: April 2, 2007Date of Patent: July 12, 2016Assignee: EMC CorporationInventors: Alex Dubrovsky, Vikram Patki, Yifeng Chen
-
Patent number: 7051101Abstract: A management station includes a management application that controls zoning within devices manufactured or provided from different vendors within a network, such as a data storage network. The management application receives a generic zone control command from a user to control zoning within a device in the network. The management application translates the zone control command to one or more vendor specific device zone control commands in a vendor specific device command set that is specifically designed to control zoning within devices from a specific vendor. To perform the translation, the management application identifies the vendor of one or more devices that are affected by the zone control command. Based on this identification, the management application selects an appropriate vendor specific device command set that contains vendor specific zone control commands.Type: GrantFiled: September 13, 2000Date of Patent: May 23, 2006Assignee: EMC CorporationInventors: Alex Dubrovsky, Haim Kirshenberg, Dar S. Efroni, Steven M. Blumenau
-
Patent number: 7003527Abstract: Mechanisms and techniques provide a management application providing an enterprise storage area network application programming interface for managing elements in a storage area network. The management application initializes a plurality of access wrappers that each defines operations for management of a respective class of elements operating within the storage area network. The management application provides, to a management client, connection data associated with a specific element associated with one of the plurality of access wrappers. The connection data identifies connection data parameters for performing management of the specific element in the storage area network. The management application receives at least one generic management command for the specific element. The generic management command includes at least a portion of the associated connection data for the specific element.Type: GrantFiled: June 27, 2002Date of Patent: February 21, 2006Assignee: EMC CorporationInventors: James Edward Lavallee, Alex Dubrovsky, Kevin M. Ligozio, Anthony Michael Fiorentino, Yifeng Chen