Patents by Inventor Ali Islam
Ali Islam has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20260129062Abstract: Techniques for machine learning for prioritizing traffic in multi-purpose inline cloud analysis (MICA) to enhance malware detection are disclosed. In some embodiments, a system, a process, and/or a computer program product for machine learning for prioritizing traffic in multi-purpose inline cloud analysis (MICA) to enhance malware detection includes processing a set of data for network security analysis to extract a file; determining that the file is to be offloaded to a cloud security entity for security processing based at least in part on a prefilter model that is implemented as a machine learning model; forwarding the file to the cloud security entity using a multi-purpose inline cloud analysis (MICA) channel; and performing an action in response to receiving a verdict from the cloud security entity.Type: ApplicationFiled: December 19, 2025Publication date: May 7, 2026Inventors: Sheng Yang, Curtis Leland Carmony, Ali Islam, Kashyap Tavarekere Ananthapadmanabha, William Redington Hewlett, II
-
Publication number: 20260093819Abstract: Assessments of guardrails of LLMs, whether used by an application or within an AI/LM stack, must be dynamic to protect against the ongoing engineering of jailbreaking prompts. An assessment framework has been created that facilitates assessment of language model guardrails. The assessment framework includes a prompt generator and has access to sensitive data (e.g., source code, trade secret, confidential documents, etc.) that occurs in training data of a model being assessed. The framework provides the prompt generator jailbreaking strategies and categories of the sensitive data (e.g., program code, trade secret, confidential document.). With the data categories and the strategies, the prompt generator generates different prompts and submits them to the AI-powered application or LM stack being assessed. The assessment framework then analyzes the outputs/responses from the AI-powered application or LM stack to determine whether guardrails have been subverted and any of the sensitive data has been exfiltrated.Type: ApplicationFiled: September 30, 2024Publication date: April 2, 2026Inventors: Feng Xiao, Yang Ji, Wenjun Hu, Danny Tsechansky, Ali Islam
-
Patent number: 12531886Abstract: Techniques for machine learning for prioritizing traffic in multi-purpose inline cloud analysis (MICA) to enhance malware detection are disclosed. In some embodiments, a system, a process, and/or a computer program product for machine learning for prioritizing traffic in multi-purpose inline cloud analysis (MICA) to enhance malware detection includes processing a set of data for network security analysis to extract a file; determining that the file is to be offloaded to a cloud security entity for security processing based at least in part on a prefilter model that is implemented as a machine learning model; forwarding the file to the cloud security entity using a multi-purpose inline cloud analysis (MICA) channel; and performing an action in response to receiving a verdict from the cloud security entity.Type: GrantFiled: October 31, 2023Date of Patent: January 20, 2026Assignee: Palo Alto Networks, Inc.Inventors: Sheng Yang, Curtis Leland Carmony, Ali Islam, Kashyap Tavarekere Ananthapadmanabha, William Redington Hewlett, II
-
Publication number: 20250141894Abstract: Techniques for machine learning for prioritizing traffic in multi-purpose inline cloud analysis (MICA) to enhance malware detection are disclosed. In some embodiments, a system, a process, and/or a computer program product for machine learning for prioritizing traffic in multi-purpose inline cloud analysis (MICA) to enhance malware detection includes processing a set of data for network security analysis to extract a file; determining that the file is to be offloaded to a cloud security entity for security processing based at least in part on a prefilter model that is implemented as a machine learning model; forwarding the file to the cloud security entity using a multi-purpose inline cloud analysis (MICA) channel; and performing an action in response to receiving a verdict from the cloud security entity.Type: ApplicationFiled: October 31, 2023Publication date: May 1, 2025Inventors: Sheng Yang, Curtis Leland Carmony, Ali Islam, Kashyap Tavarekere Ananthapadmanabha, William Redington Hewlett, II
-
Patent number: 10637880Abstract: A method for detecting a cyber-attack by performing a first analysis on content within a first portion of a communication to determine whether the content includes a first high quality indicator. The first high quality indicator identifies a correlation of the content with a malicious activity. Subsequent to the first analysis, performing a second analysis on a second portion of the communication to determine one or more supplemental indicators. Thereafter, the communication is classified as part of a cyber-attack when (i) a value associated with the first high quality indicator exceeds a first threshold without consideration of the one or more supplemental indicators, or (ii) upon failing to exceed the first threshold and being greater than a second threshold, using the values representing the one or more supplemental indicators with the first value to classify the communication as being part of the cyber-attack.Type: GrantFiled: July 23, 2018Date of Patent: April 28, 2020Assignee: FireEye, Inc.Inventors: Ali Islam, Zheng Bu
-
Patent number: 10200384Abstract: A system and method for detecting malicious activity through one or more local analyzers and a central analyzer. The local analyzer captures packets that are part of communications over a network, generates a signature from information obtained from one or more of the captured packets, and determines whether the signature matches any signature of a first plurality of signatures stored in a first storage device that is accessible to the first local analyzer. The central analyzer remotely receives a portion of the information and the signature from the first local analyzer in response to the signature failing to match any of the signatures stored in the first storage device. The central analyzer determines whether the signature matches any global signature stored within a second storage device that is accessible to the central analyzer.Type: GrantFiled: August 29, 2016Date of Patent: February 5, 2019Assignee: FireEye, Inc.Inventors: Atif Mushtaq, Todd Rosenberry, Ashar Aziz, Ali Islam
-
Patent number: 10033753Abstract: One embodiment of a method for detecting a cyber-attack features first and second analyzes. The first analysis is conducted on content of a communication to determine at least a first high quality indicator. The first high quality indicator represents a first probative value for classification. The second analysis is conducted on metadata related to the content to determine supplemental indicator(s). Each of the supplemental indicator(s) is represented by a probative value for classification. The communication is classified as being part of the cyber-attack when the first probative value exceeds a predetermined threshold without consideration of the corresponding probative values for the supplemental indicator(s).Type: GrantFiled: April 24, 2017Date of Patent: July 24, 2018Assignee: FireEye, Inc.Inventors: Ali Islam, Zheng Bu
-
Patent number: 9635039Abstract: Techniques may automatically detect bots or botnets running in a computer or other digital device by detecting command and control communications, called “call-backs,” from malicious code that has previously gained entry into the digital device. Callbacks are detected using an approach employing both a set of high quality indicators and a set of supplemental indicators. The high quality indicators are selected since they provide a strong correlation with callbacks, and may be sufficient for the techniques to determine that the network outbound communications actually constitute callbacks. If not, the supplemental indicators may be used in conjunction with the high quality indicators to declare the outbound communications as callbacks.Type: GrantFiled: May 15, 2013Date of Patent: April 25, 2017Assignee: FireEye, Inc.Inventors: Ali Islam, Zheng Bu
-
Patent number: 9560059Abstract: A decryption scheme for recover of a decrypted object without a cryptographic key is described. First, logical operation(s) are conducted on data associated with a first data string expected at a first location within an object having the predetermined format and data within the encrypted object at the first location to recover data associated with a portion of a cryptographic key from the encrypted object. Thereafter, logical operation(s) are conducted on that data and a first portion of the encrypted object at a second location to produce a result. Responsive to the result including data associated with the plaintext version of the second data string, logical operation(s) are conducted on a second portion of the encrypted object and the data associated with the plaintext version of the second data string to recover data associated with the cryptographic key. Thereafter, the encrypted object may be decrypted using the cryptographic key.Type: GrantFiled: November 16, 2015Date of Patent: January 31, 2017Assignee: FireEye, Inc.Inventor: Ali Islam
-
Patent number: 9430646Abstract: Techniques may automatically detect bots or botnets running in a computer or other digital device by detecting command and control communications, called “call-backs,” from malicious code that has previously gained entry into the digital device. Callbacks are detected using a distributed approach employing one or more local analyzers and a central analyzer. The local analyzers capture packets of outbound communications, generate header signatures, and analyze the captured packets using various techniques. The techniques may include packet header signature matching against verified callback signatures, deep packet inspection. The central analyzer receives the header signatures and related header information from the local analyzers, may perform further analysis (for example, on-line host reputation analysis); determines using a heuristics analysis whether the signatures correspond to callbacks; and generally coordinates among the local analyzers.Type: GrantFiled: March 14, 2013Date of Patent: August 30, 2016Assignee: FireEye, Inc.Inventors: Atif Mushtaq, Todd Rosenberry, Ashar Aziz, Ali Islam
-
Patent number: 9402549Abstract: Methods and apparatus to estimate ventricular volumes are disclosed. An example computer-implemented method includes preparing a sample set using a prior probability model for a left ventricle and a right ventricle and using a likelihood function to assign a weight to each sample within the sample set. The example method also includes, based on the weighted sample set, determining an area of the right ventricle and the left ventricle.Type: GrantFiled: November 27, 2013Date of Patent: August 2, 2016Assignee: General Electric CompanyInventors: Zhijie Wang, Shuo Li, Ali Islam, Aashish Goela
-
Patent number: 9189627Abstract: According to one embodiment, a computerized method comprises receiving an encrypted object and conducting a first static scanning operation on the encrypted object to decrypt the encrypted object in real-time. Thereafter, a second static scanning operation is conducted on the decrypted object to determine whether the decrypted object is suspected of including malware. Based on the results of the second static scanning operation, the decrypted object may be classified to identify a suspected presence of malware.Type: GrantFiled: November 21, 2013Date of Patent: November 17, 2015Assignee: FireEye, Inc.Inventor: Ali Islam
-
Publication number: 20150146950Abstract: Methods and apparatus to estimate ventricular volumes are disclosed. An example computer-implemented method includes preparing a sample set using a prior probability model for a left ventricle and a right ventricle and using a likelihood function to assign a weight to each sample within the sample set. The example method also includes, based on the weighted sample set, determining an area of the right ventricle and the left ventricle.Type: ApplicationFiled: November 27, 2013Publication date: May 28, 2015Applicant: General Electric CompanyInventors: Zhijie Wang, Shuo Li, Ali Islam, Aashish Goela
-
Patent number: 8849003Abstract: Example methods, apparatus and articles of manufacture to process cardiac images to detect heart motion abnormalities are disclosed. A disclosed example method includes using a filter coefficient based on a plurality of cardiac images to characterize motion of a heart; computing an information-theoretic metric from the filter coefficient; and comparing the information-theoretic metric to a threshold to determine whether the motion of the heart is abnormal.Type: GrantFiled: May 20, 2013Date of Patent: September 30, 2014Assignees: General Electric Company, London Health Sciences Centre Research Inc.Inventors: Kumaradevan Punithakumar, Shuo Li, Ismail Ben Ayed, Ian Ross, Ali Islam, Richard Rankin
-
Patent number: 8811705Abstract: Example methods, apparatus and articles of manufacture to track endocardial motion are disclosed. A disclosed example method includes segmenting a plurality of cardiac images of a left ventricle to form respective ones of a plurality of segmented images, updating a plurality of models based on the plurality of segmented images to form respective ones of a plurality of motion estimates for the left ventricle, computing a plurality of probabilities for respective ones of the plurality of models, and computing a weighted sum of the plurality of motion estimates based on the plurality of probabilities, the weighted sum representing a predicted motion of the left ventricle.Type: GrantFiled: December 11, 2009Date of Patent: August 19, 2014Assignees: General Electric Company, London Health Sciences Centre Research Inc.Inventors: Kumaradevan Punithakumar, Shuo Li, Ismail Ben Ayed, Ian Ross, Ali Islam, Richard Rankin
-
Publication number: 20130251210Abstract: Example methods, apparatus and articles of manufacture to process cardiac images to detect heart motion abnormalities are disclosed. A disclosed example method includes using a filter coefficient based on a plurality of cardiac images to characterize motion of a heart; computing an information-theoretic metric from the filter coefficient; and comparing the information-theoretic metric to a threshold to determine whether the motion of the heart is abnormal.Type: ApplicationFiled: May 20, 2013Publication date: September 26, 2013Applicant: General Electric CompanyInventors: Kumaradevan Punithakumar, Shuo Li, Ismail Ben Ayed, Ian Ross, Ali Islam, Richard Rankin
-
Patent number: 8478012Abstract: Example methods, apparatus and articles of manufacture to process cardiac images to detect heart motion abnormalities are disclosed. A disclosed example method includes adapting a state of a state-space model based on a plurality of cardiac images to characterize motion of a heart, computing an information-theoretic metric from the state of the state-space model, and comparing the information-theoretic metric to a threshold to determine whether the motion of the heart is abnormal.Type: GrantFiled: December 8, 2009Date of Patent: July 2, 2013Assignee: General Electric CompanyInventors: Kumaradevan Punithakumar, Shuo Li, Ismail Ben Ayed, Ian Ross, Ali Islam, Richard Rankin
-
Publication number: 20110064290Abstract: Example methods, apparatus and articles of manufacture to track endocardial motion are disclosed. A disclosed example method includes segmenting a plurality of cardiac images of a left ventricle to form respective ones of a plurality of segmented images, updating a plurality of models based on the plurality of segmented images to form respective ones of a plurality of motion estimates for the left ventricle, computing a plurality of probabilities for respective ones of the plurality of models, and computing a weighted sum of the plurality of motion estimates based on the plurality of probabilities, the weighted sum representing a predicted motion of the left ventricle.Type: ApplicationFiled: December 11, 2009Publication date: March 17, 2011Inventors: Kumaradevan Punithakumar, Shuo Li, Ismail Ben Ayed, Ian Ross, Ali Islam, Richard Rankin
-
Publication number: 20110064284Abstract: Example methods, apparatus and articles of manufacture to process cardiac images to detect heart motion abnormalities are disclosed. A disclosed example method includes adapting a state of a state-space model based on a plurality of cardiac images to characterize motion of a heart, computing an information-theoretic metric from the state of the state-space model, and comparing the information-theoretic metric to a threshold to determine whether the motion of the heart is abnormal.Type: ApplicationFiled: December 8, 2009Publication date: March 17, 2011Inventors: Kumaradevan Punithakumar, Shuo Li, Ismail Ben Ayed, Ian Ross, Ali Islam, Richard Rankin