Patents by Inventor Dinil Mon DIVAKARAN

Dinil Mon DIVAKARAN has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20240323208
    Abstract: Disclosed herein are systems and methods for detecting anomalous behavior (e.g., attacks) in devices within a network. In an exemplary aspect, a method includes intercepting a first plurality of packets being transmitted in a network with a plurality of devices; identifying, from the first plurality of packets, a subset of packets corresponding to a device of the network; extracting a plurality of deterministic features from the subset of packets; calculating, based on the subset of packets, a risk score associated with the device based on a deviation of the features from a deterministic profile of the device, a first probability of the subset of packets exhibiting anomalous behavior based on a per-device model, and a second probability of the plurality of packets exhibiting anomalous behavior based on a network model; classifying anomalies into attack categories, and executing a remediation action to resolve anomalous behavior in the device.
    Type: Application
    Filed: March 20, 2023
    Publication date: September 26, 2024
    Inventors: Dinil Mon Divakaran, Philipp Gysel, Candid Wüest, Serg Bell, Stanislav Protasov
  • Publication number: 20240220619
    Abstract: Disclosed herein are systems and methods for selecting files for malware analysis. In one aspect, a method may include identifying, in a cloud network, a backup of a client machine; extracting, from the backup, at least one file of a given file type; determining whether to include the at least one file in a sandbox of the cloud network by performing a static analysis of the at least one file; selecting the at least one file for inclusion in the sandbox based on the static analysis; monitoring, for a period of time, a behavior of the at least one file in the sandbox by performing a dynamic analysis of the at least one file; and in response to determining that the at least one file is malicious based on the dynamic analysis, performing a remediation action on the at least one file.
    Type: Application
    Filed: December 29, 2022
    Publication date: July 4, 2024
    Inventors: Dinil Mon DIVAKARAN, Candid Wüest, Serg Bell, Stanislaw Protasov
  • Patent number: 11588833
    Abstract: A traceback solution is provided. For a network of autonomous systems, the traceback solution traces the autonomous system path taken by traffic flows. Every link in the traceback path is created, verified, and audited by autonomous systems. Multiple autonomous systems may take part in the process, making the system robust against fake information. The database used to store the validated traceback paths is a decentralized and distributed storage. Multiple copies of the database may be maintained by the network of autonomous systems. The database may be accessible by any participating autonomous system; and is not accessible from outside the network of autonomous systems. The traceback solution achieves both validation and non-repudiation property among the ASes. The traceback solution mitigates some important attack scenarios that might be targeted specifically at the traceback solution.
    Type: Grant
    Filed: December 26, 2017
    Date of Patent: February 21, 2023
    Assignee: Agency for Science, Technology and Research
    Inventors: Le Su, Dinil Mon Divakaran, Vrizlynn Ling Ling Thing
  • Patent number: 11128658
    Abstract: A method for IP traceback is provided comprising receiving a traceback request including the identity of a traceback-deployed autonomous system closest to the destination node in a network routing path, recursively querying a traceback server associated with the traceback-deployed autonomous system to receive the identity of a preceding traceback-deployed autonomous system in the network routing path, and determining the network routing path based on the received identities of traceback-deployed autonomous systems. Additionally, authentication for traceback request is achieved using token delivery, wherein token is fragmented and marking of a packet is performed when a field on the packet matches at least one token fragment.
    Type: Grant
    Filed: March 23, 2017
    Date of Patent: September 21, 2021
    Assignee: AGENCY FOR SCIENCE, TECHNOLOGY AND RESEARCH
    Inventors: Long Cheng, Dinil Mon Divakaran, Wee Yong Lim, Vrizlynn Thing
  • Publication number: 20210058410
    Abstract: A traceback solution is provided. For a network of autonomous systems, the traceback solution traces the autonomous system path taken by traffic flows. Every link in the traceback path is created, verified, and audited by autonomous systems. Multiple autonomous systems may take part in the process, making the system robust against fake information. The database used to store the validated traceback paths is a decentralized and distributed storage. Multiple copies of the database may be maintained by the network of autonomous systems. The database may be accessible by any participating autonomous system; and is not accessible from outside the network of autonomous systems. The traceback solution achieves both validation and non-repudiation property among the ASes. The traceback solution mitigates some important attack scenarios that might be targeted specifically at the traceback solution.
    Type: Application
    Filed: December 26, 2017
    Publication date: February 25, 2021
    Inventors: Le Su, Dinil Mon Divakaran, Vrizlynn Ling Ling Thing
  • Publication number: 20200322168
    Abstract: A method, a computer-readable medium, and an apparatus for IP traceback are provided. The apparatus may generate a group public key shared by a plurality of routers controlled by a service provider. The apparatus may generate a unique private signing key for a router of the plurality of routers. The private signing key may be used to generate a group signature for a session of network traffic. The group public key may be applied to the group signature to identify the service provider. The apparatus may identify the router by applying the group public key and a master secret key to the group signature. The apparatus may deploy preventive or mitigate action on the identified router.
    Type: Application
    Filed: November 30, 2017
    Publication date: October 8, 2020
    Inventors: Le Su, Dinil Mon Divakaran, Vrizlynn Ling Ling Thing
  • Publication number: 20190104151
    Abstract: A method for IP traceback is provided comprising receiving a traceback request including the identity of a traceback-deployed autonomous system closest to the destination node in a network routing path, recursively querying a traceback server associated with the traceback-deployed autonomous system to receive the identity of a preceding traceback-deployed autonomous system in the network routing path, and determining the network routing path based on the received identities of traceback-deployed autonomous systems. Additionally, authentication for traceback request is achieved using token delivery, wherein token is fragmented and marking of a packet is performed when a field on the packet matches at least one token fragment.
    Type: Application
    Filed: March 23, 2017
    Publication date: April 4, 2019
    Inventors: Long CHENG, Dinil Mon DIVAKARAN, Wee Yong LIM, Vrizlynn THING