Patents by Inventor Fadi Ali EL-MOUSSA
Fadi Ali EL-MOUSSA has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11856029Abstract: The present disclosure relates to securing networks against attacks launched via connection of peripheral devices to networked devices.Type: GrantFiled: June 14, 2021Date of Patent: December 26, 2023Assignee: BRITISH TELECOMMUNICATIONS public limited companyInventors: Daniel Bastos, Fadi Ali El-Moussa, Behnam Azvine
-
Publication number: 20230353452Abstract: A method of managing a network of connected network devices can include detecting that a device descriptor file for a first network device has been updated and stored to a data store managed by a peer-to-peer network of computing systems; analyzing the updated device descriptor file stored to the data store; analyzing historical information stored in the data store regarding other device descriptor file updates related to the first network device or related to other network devices; performing predictive analytics processing on the results of the analyzing and generating a result; and storing the result of the performing predictive analytics processing to the data store.Type: ApplicationFiled: May 1, 2023Publication date: November 2, 2023Inventors: Jonathan ROSCOE, Fadi Ali EL-MOUSSA
-
Patent number: 11449612Abstract: A computer implemented method for decrypting an encrypted data store at a target computer system, the data store being encrypted by a ransomware algorithm using a searchable encryption algorithm, the method including determining an encryption algorithm used by the ransomware algorithm; determining seed parameters used by the encryption algorithm to generate an encryption key; generating the encryption key using the seed parameters; and decrypting the encrypted data store.Type: GrantFiled: September 12, 2019Date of Patent: September 20, 2022Assignee: British Telecommunications Public Limited CompanyInventors: George Kallos, Fadi Ali El-Moussa
-
Patent number: 11270016Abstract: A computer implemented method of identifying an encryption algorithm used by a ransomware algorithm, the ransomware algorithm encrypting a data store of a target computer system using a searchable encryption algorithm, the method including intercepting an ordered plurality of messages communicated from the target computer system to a ransomware server computer system, each message including a payload storing an encrypted unit of data from the target computer system; inspecting a final byte in the encrypted unit of data in each message to identify a byte value used by an encryption algorithm of the ransomware as a padding byte to pad messages to the size of an integral multiple of units of encryption for the encryption algorithm; training an autoencoder based on a position of a message in the ordered plurality of messages and the padding byte to provide a trained autoencoder adapted to differentiate the encryption algorithm used by the ransomware from other different encryption algorithms.Type: GrantFiled: September 12, 2019Date of Patent: March 8, 2022Assignee: British Telecommunications Public Limited CompanyInventors: George Kallos, Fadi Ali El-Moussa
-
Publication number: 20220021709Abstract: The present disclosure relates to securing networks against attacks launched via connection of peripheral devices to networked devices.Type: ApplicationFiled: June 14, 2021Publication date: January 20, 2022Inventors: Daniel BASTOS, Fadi Ali El-Moussa, Behnam Azvine
-
Publication number: 20200082084Abstract: A computer implemented method for decrypting an encrypted data store at a target computer system, the data store being encrypted by a ransomware algorithm using a searchable encryption algorithm, the method including determining an encryption algorithm used by the ransomware algorithm; determining seed parameters used by the encryption algorithm to generate an encryption key; generating the encryption key using the seed parameters; and decrypting the encrypted data store.Type: ApplicationFiled: September 12, 2019Publication date: March 12, 2020Applicant: British Telecommunications Public Limited CompanyInventors: George Kallos, Fadi Ali El-Moussa
-
Publication number: 20200084236Abstract: A computer implemented method of identifying a ransomware algorithm, the ransomware algorithm having associated a predetermined responsive action for mitigating the effect of the ransomware algorithm in use, the method including exposing a target computer system to the ransomware algorithm, the target computer system containing a predetermined set of sample data stored therein that is encrypted by the ransomware algorithm using a searchable encryption algorithm; intercepting an index of the searchable encryption algorithm; training an autoencoder based on the index to provide a trained autoencoder adapted to identify the ransomware algorithm based on the index.Type: ApplicationFiled: September 12, 2019Publication date: March 12, 2020Applicant: British Telecommunications Public Limited CompanyInventors: George Kallos, Fadi Ali El-Moussa
-
Publication number: 20200082109Abstract: A computer implemented method of identifying an encryption algorithm used by a ransomware algorithm, the ransomware algorithm encrypting a data store of a target computer system using a searchable encryption algorithm, the method including intercepting an ordered plurality of messages communicated from the target computer system to a ransomware server computer system, each message including a payload storing an encrypted unit of data from the target computer system; inspecting a final byte in the encrypted unit of data in each message to identify a byte value used by an encryption algorithm of the ransomware as a padding byte to pad messages to the size of an integral multiple of units of encryption for the encryption algorithm; training an autoencoder based on a position of a message in the ordered plurality of messages and the padding byte to provide a trained autoencoder adapted to differentiate the encryption algorithm used by the ransomware from other different encryption algorithms.Type: ApplicationFiled: September 12, 2019Publication date: March 12, 2020Applicant: British Telecommunications Public Limited CompanyInventors: George Kallos, Fadi Ali El-Moussa
-
Patent number: 10228929Abstract: A computer system having a system memory and being arranged to permit a target program (90) installed on the system to be modified in a trusted manner. The system comprises a White-list Management Agent, WMA, module (10) for receiving, at a notification receiver (12), a notification that the target program (90) which is loaded into the system memory of the computer system has performed an update operation on the target program resulting in the generation and storage of a modified version of the target program on a storage device associated with the computer system. The WMA module is operable, upon receipt of a target program update notification, to determine if the program (90) as loaded into the system memory is in a trusted state by measuring the program (90) using a program measurer module (14) and comparing this, using a comparator (16), with a pre-stored value contained in a program whitelist (30), the pre-stored value being obtained from the program whitelist (30) using a whitelist reader/writer (18).Type: GrantFiled: August 15, 2014Date of Patent: March 12, 2019Assignee: BRITISH TELECOMMUNICATIONS public limited companyInventors: Fadi Ali El-Moussa, Andrew Paverd
-
Publication number: 20160203313Abstract: A computer system having a system memory and being arranged to permit a target program (90) installed on the system to be modified in a trusted manner. The system comprises a White-list Management Agent, WMA, module (10) for receiving, at a notification receiver (12), a notification that the target program (90) which is loaded into the system memory of the computer system has performed an update operation on the target program resulting in the generation and storage of a modified version of the target program on a storage device associated with the computer system. The WMA module is operable, upon receipt of a target program update notification, to determine if the program (90) as loaded into the system memory is in a trusted state by measuring the program (90) using a program measurer module (14) and comparing this, using a comparator (16), with a pre-stored value contained in a program whitelist (30), the pre-stored value being obtained from the program whitelist (30) using a whitelist reader/writer (18).Type: ApplicationFiled: August 15, 2014Publication date: July 14, 2016Inventors: Fadi Ali EL-MOUSSA, Andrew PAVERD