Patents by Inventor Arjun Udupi Raghavendra
Arjun Udupi Raghavendra has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11886587Abstract: Aspects of the present invention disclose a method, computer program product, and system for detecting a malicious process by a selected instance of an anti-malware system. The method includes one or more processors examining a process for indicators of compromise to the process. The method further includes one or more processors determining a categorization of the process based upon a result of the examination. In response to determining that the categorization of the process does not correspond to a known benevolent process and a known malicious process, the method further includes one or more processors executing the process in a secure enclave. The method further includes one or more processors collecting telemetry data from executing the process in the secure enclave. The method further includes one or more processors passing the collected telemetry data to a locally trained neural network system.Type: GrantFiled: October 13, 2020Date of Patent: January 30, 2024Assignee: KYNDRYL, INCInventors: Arjun Udupi Raghavendra, Tim Uwe Scheideler, Matthias Seul, Andrea Giovannini
-
Patent number: 11757912Abstract: A computer-implemented method for protecting a processing environment from malicious incoming network traffic may be provided. The method comprises: in response to receiving incoming network traffic comprising a data packet, performing a packet and traffic analysis of the data packet to determine whether said data packet is non-malicious and malicious, and processing of the data packet in a sandbox environment. Furthermore, the method comprises: in response to detecting that the data packet is non-malicious based on the packet and traffic analysis, releasing the processed data packet from the sandbox environment for further processing in the processing environment, and in response to detecting that the data packet is malicious based on the packet and traffic analysis discarding the data packet.Type: GrantFiled: December 20, 2022Date of Patent: September 12, 2023Assignee: KYNDRYL, INC.Inventors: Arjun Udupi Raghavendra, Tim Uwe Scheideler, Matthias Seul
-
Publication number: 20230118136Abstract: A computer-implemented method for protecting a processing environment from malicious incoming network traffic may be provided. The method comprises: in response to receiving incoming network traffic comprising a data packet, performing a packet and traffic analysis of the data packet to determine whether said data packet is non-malicious and malicious, and processing of the data packet in a sandbox environment. Furthermore, the method comprises: in response to detecting that the data packet is non-malicious based on the packet and traffic analysis, releasing the processed data packet from the sandbox environment for further processing in the processing environment, and in response to detecting that the data packet is malicious based on the packet and traffic analysis discarding the data packet.Type: ApplicationFiled: December 20, 2022Publication date: April 20, 2023Inventors: Arjun Udupi Raghavendra, Tim Uwe Scheideler, Matthias Seul
-
Publication number: 20230049773Abstract: A method for processing security events by applying a rule-based alarm scheme may be provided. The method includes generating a rule index of rules and an indicator of compromise index for each of the rules. The method includes also processing the incoming security event by applying the rules, increasing a current rule counter relating to a triggered rule, and increasing a current indicator of compromise counter pertaining to the triggered rule. Furthermore, the method includes generating a pseudo security event from received data about known attacks and related indicators of compromise, processing the pseudo security events by sequentially applying the rules, increasing a current rule counter of pseudo security events, and increasing a current indicator of compromise counter for pseudo security events, and sorting the rules and sorting within each rule the indicator of compromise values in the indicator of compromise index.Type: ApplicationFiled: October 25, 2022Publication date: February 16, 2023Inventors: Tim Uwe Scheideler, Ivan James Reedman, Arjun Udupi Raghavendra, Matthias Seul
-
Patent number: 11563761Abstract: A computer-implemented method for protecting a processing environment from malicious incoming network traffic may be provided. The method comprises: in response to receiving incoming network traffic comprising a data packet, performing a packet and traffic analysis of the data packet to determine whether said data packet is non-malicious and malicious, and processing of the data packet in a sandbox environment. Furthermore, the method comprises: in response to detecting that the data packet is non-malicious based on the packet and traffic analysis, releasing the processed data packet from the sandbox environment for further processing in the processing environment, and in response to detecting that the data packet is malicious based on the packet and traffic analysis discarding the data packet.Type: GrantFiled: April 23, 2020Date of Patent: January 24, 2023Assignee: Kyndryl, Inc.Inventors: Arjun Udupi Raghavendra, Tim Uwe Scheideler, Matthias Seul
-
Patent number: 11539737Abstract: A method for providing protection of a computing resource constrained device against cyberattacks may include collecting threat intelligence data in form of indicators of compromise (IoC). The indicators may include cyberattack chain related data. The method may also include determining a relevance of the cyberattack chain for the device, measuring a utilization of security measures in terms of their detection of the respective IoCs and their respective responses to the IoCs, measuring a resource consumption of the security measures, and determining a benefit value for at least one the security measure expressed by its utilization and a relevance value of the IoCs detected with it.Type: GrantFiled: October 28, 2020Date of Patent: December 27, 2022Assignee: KYNDRYL, INC.Inventors: Tim Uwe Scheideler, Matthias Seul, Arjun Udupi Raghavendra, Andrea Giovannini
-
Patent number: 11516228Abstract: A method for processing security events by applying a rule-based alarm scheme may be provided. The method includes generating a rule index of rules and an indicator of compromise index for each of the rules. The method includes also processing the incoming security event by applying the rules, increasing a current rule counter relating to a triggered rule, and increasing a current indicator of compromise counter pertaining to the triggered rule. Furthermore, the method includes generating a pseudo security event from received data about known attacks and related indicators of compromise, processing the pseudo security events by sequentially applying the rules, increasing a current rule counter of pseudo security events, and increasing a current indicator of compromise counter for pseudo security events, and sorting the rules and sorting within each rule the indicator of compromise values in the indicator of compromise index.Type: GrantFiled: May 29, 2019Date of Patent: November 29, 2022Assignee: KYNDRYL, INC.Inventors: Tim Uwe Scheideler, Ivan James Reedman, Arjun Udupi Raghavendra, Matthias Seul
-
Publication number: 20220300638Abstract: A computer-implemented method for managing access rights to a knowledge graph is provided. The method comprises splitting, for each user system, its respective portion of the knowledge graph into a plurality of knowledge subgraphs, encrypting each of the knowledge subgraphs, and generating a plurality of private summary graphs. The method also comprises maintaining a collaboration graph comprising one vertex per user system and edges representing collaborations between the users, mapping all private subgraphs of all user systems to one public summary graph, each vertex of the public summary graph comprises less data than the related vertex of the related private summary graphs and wherein none of the vertices of the summary graph comprises any encryption or decryption key, and granting access to a selected knowledge subgraph from a first user system to a second user system.Type: ApplicationFiled: June 8, 2022Publication date: September 22, 2022Inventors: Tim Uwe Scheideler, Arjun Udupi Raghavendra, Matthias Seul
-
Patent number: 11431734Abstract: A computer-implemented method for dynamically identifying security threats comprising a cyber-attack chain composed of a sequence of partial cyber-attacks represented by attack patterns may be provided. The method comprises receiving a sequence of security events, determining, a first cyber-attack pattern by applying a set of predefined rules for detecting an indicator of compromise of a first partial cyber-attack of the cyber-attack chain—thereby, identifying a specific cyber-attack chain—and determining a type and an attribute in the pattern of the first partial cyber-attack. The method comprises further configuring at least one rule for a downstream partial cyber-attack in the specific cyber-attack chain based on the type and the attribute in the attack pattern of the first partial cyber-attack, and adding the at least one configured rule to the set of predefined rules to be used by the correlation engine for dynamically identifying security threats to information technology systems.Type: GrantFiled: April 18, 2019Date of Patent: August 30, 2022Assignee: KYNDRYL, INC.Inventors: Matthias Seul, Arjun Udupi Raghavendra, Tim Uwe Scheideler, Tiziano Airoldi
-
Publication number: 20220269949Abstract: The exemplary embodiments disclose a method, a computer system, and a computer program product for detecting malware. The exemplary embodiments may include aggregating known malware patterns by storing malware patterns and related malware categories of the malware patterns. The exemplary embodiments may additionally include training a first machine-learning system, comprising a generator portion and a discriminator portion, by using the known malware patterns and the related malware categories as training data. The exemplary embodiments may also include generating additional synthetic code patterns by feeding random code samples to the trained first machine-learning system. The exemplary embodiments may further include training a second machine-learning system by using benevolent code patterns and the generated additional synthetic code patterns as training data.Type: ApplicationFiled: February 22, 2021Publication date: August 25, 2022Inventors: Tim Uwe Scheideler, Arjun Udupi Raghavendra, Matthias Seul, Andrea Giovannini
-
Patent number: 11397825Abstract: A computer-implemented method for managing access rights to a knowledge graph is provided. The method comprises splitting, for each user system, its respective portion of the knowledge graph into a plurality of knowledge subgraphs, encrypting each of the knowledge subgraphs, and generating a plurality of private summary graphs. The method also comprises maintaining a collaboration graph comprising one vertex per user system and edges representing collaborations between the users, mapping all private subgraphs of all user systems to one public summary graph, each vertex of the public summary graph comprises less data than the related vertex of the related private summary graphs and wherein none of the vertices of the summary graph comprises any encryption or decryption key, and granting access to a selected knowledge subgraph from a first user system to a second user system.Type: GrantFiled: August 9, 2019Date of Patent: July 26, 2022Assignee: Kyndryl, Inc.Inventors: Tim Uwe Scheideler, Arjun Udupi Raghavendra, Matthias Seul
-
Publication number: 20220131889Abstract: A method for providing protection of a computing resource constrained device against cyberattacks may include collecting threat intelligence data in form of indicators of compromise (IoC). The indicators may include cyberattack chain related data. The method may also include determining a relevance of the cyberattack chain for the device, measuring a utilization of security measures in terms of their detection of the respective IoCs and their respective responses to the IoCs, measuring a resource consumption of the security measures, and determining a benefit value for at least one the security measure expressed by its utilization and a relevance value of the IoCs detected with it.Type: ApplicationFiled: October 28, 2020Publication date: April 28, 2022Inventors: Tim Uwe Scheideler, Matthias Seul, Arjun Udupi Raghavendra, Andrea Giovannini
-
Publication number: 20220114260Abstract: Aspects of the present invention disclose a method, computer program product, and system for detecting a malicious process by a selected instance of an anti-malware system. The method includes one or more processors examining a process for indicators of compromise to the process. The method further includes one or more processors determining a categorization of the process based upon a result of the examination. In response to determining that the categorization of the process does not correspond to a known benevolent process and a known malicious process, the method further includes one or more processors executing the process in a secure enclave. The method further includes one or more processors collecting telemetry data from executing the process in the secure enclave. The method further includes one or more processors passing the collected telemetry data to a locally trained neural network system.Type: ApplicationFiled: October 13, 2020Publication date: April 14, 2022Inventors: Arjun Udupi Raghavendra, Tim Uwe Scheideler, Matthias Seul, Andrea Giovannini
-
Publication number: 20210336977Abstract: A computer-implemented method for protecting a processing environment from malicious incoming network traffic may be provided. The method comprises: in response to receiving incoming network traffic comprising a data packet, performing a packet and traffic analysis of the data packet to determine whether said data packet is non-malicious and malicious, and processing of the data packet in a sandbox environment. Furthermore, the method comprises: in response to detecting that the data packet is non-malicious based on the packet and traffic analysis, releasing the processed data packet from the sandbox environment for further processing in the processing environment, and in response to detecting that the data packet is malicious based on the packet and traffic analysis discarding the data packet.Type: ApplicationFiled: April 23, 2020Publication date: October 28, 2021Inventors: Arjun Udupi Raghavendra, Tim Uwe Scheideler, Matthias Seul
-
Publication number: 20210042438Abstract: A computer-implemented method for managing access rights to a knowledge graph is provided. The method comprises splitting, for each user system, its respective portion of the knowledge graph into a plurality of knowledge subgraphs, encrypting each of the knowledge subgraphs, and generating a plurality of private summary graphs. The method also comprises maintaining a collaboration graph comprising one vertex per user system and edges representing collaborations between the users, mapping all private subgraphs of all user systems to one public summary graph, each vertex of the public summary graph comprises less data than the related vertex of the related private summary graphs and wherein none of the vertices of the summary graph comprises any encryption or decryption key, and granting access to a selected knowledge subgraph from a first user system to a second user system.Type: ApplicationFiled: August 9, 2019Publication date: February 11, 2021Inventors: Tim Uwe Scheideler, Arjun Udupi Raghavendra, Matthias Seul
-
Publication number: 20200382525Abstract: A method for processing security events by applying a rule-based alarm scheme may be provided. The method includes generating a rule index of rules and an indicator of compromise index for each of the rules. The method includes also processing the incoming security event by applying the rules, increasing a current rule counter relating to a triggered rule, and increasing a current indicator of compromise counter pertaining to the triggered rule. Furthermore, the method includes generating a pseudo security event from received data about known attacks and related indicators of compromise, processing the pseudo security events by sequentially applying the rules, increasing a current rule counter of pseudo security events, and increasing a current indicator of compromise counter for pseudo security events, and sorting the rules and sorting within each rule the indicator of compromise values in the indicator of compromise index.Type: ApplicationFiled: May 29, 2019Publication date: December 3, 2020Inventors: Tim Uwe Scheideler, Ivan James Reedman, Arjun Udupi Raghavendra, Matthias Seul
-
Publication number: 20200336497Abstract: A computer-implemented method for dynamically identifying security threats comprising a cyber-attack chain composed of a sequence of partial cyber-attacks represented by attack patterns may be provided. The method comprises receiving a sequence of security events, determining, a first cyber-attack pattern by applying a set of predefined rules for detecting an indicator of compromise of a first partial cyber-attack of the cyber-attack chain—thereby, identifying a specific cyber-attack chain—and determining a type and an attribute in the pattern of the first partial cyber-attack. The method comprises further configuring at least one rule for a downstream partial cyber-attack in the specific cyber-attack chain based on the type and the attribute in the attack pattern of the first partial cyber-attack, and adding the at least one configured rule to the set of predefined rules to be used by the correlation engine for dynamically identifying security threats to information technology systems.Type: ApplicationFiled: April 18, 2019Publication date: October 22, 2020Inventors: Matthias Seul, Arjun Udupi Raghavendra, Tim Uwe Scheideler, Tiziano Airoldi