Patents by Inventor Farshad Rostamabadi
Farshad Rostamabadi has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10972493Abstract: Techniques for automatically grouping malware based on artifacts are disclosed. In some embodiments, a system, process, and/or computer program product for automatically grouping malware based on artifacts includes receiving a plurality of samples for performing automated malware analysis to generate log files based on the automated malware analysis; processing the log files to extract features associated with malware; clustering the plurality of samples based on the extracted features; and performing an action based on the clustering output.Type: GrantFiled: January 21, 2020Date of Patent: April 6, 2021Assignee: Palo Alto Networks, Inc.Inventors: Shadi Rostami-Hesarsorkh, Sudarshan Vasudevan, William Redington Hewlett, II, Farshad Rostamabadi
-
Publication number: 20200162494Abstract: Techniques for automatically grouping malware based on artifacts are disclosed. In some embodiments, a system, process, and/or computer program product for automatically grouping malware based on artifacts includes receiving a plurality of samples for performing automated malware analysis to generate log files based on the automated malware analysis; processing the log files to extract features associated with malware; clustering the plurality of samples based on the extracted features; and performing an action based on the clustering output.Type: ApplicationFiled: January 21, 2020Publication date: May 21, 2020Inventors: Shadi Rostami-Hesarsorkh, Sudarshan Vasudevan, William Redington Hewlett, II, Farshad Rostamabadi
-
Patent number: 10581892Abstract: Techniques for automatically grouping malware based on artifacts are disclosed. In some embodiments, a system, process, and/or computer program product for automatically grouping malware based on artifacts includes receiving a plurality of samples for performing automated malware analysis to generate log files based on the automated malware analysis; processing the log files to extract features associated with malware; clustering the plurality of samples based on the extracted features; and performing an action based on the clustering output.Type: GrantFiled: January 18, 2019Date of Patent: March 3, 2020Assignee: Palo Alto Networks, Inc.Inventors: Shadi Rostami-Hesarsorkh, Sudarshan Vasudevan, William Redington Hewlett, II, Farshad Rostamabadi
-
Patent number: 10554736Abstract: Techniques for categorizing mobile uniform resource locators (URLs) that are used by mobile applications are disclosed. A URL is extracted from a mobile application. A category for the URL is determined based on a categorization of the mobile application. The URL and its determined category are then generated as output.Type: GrantFiled: August 21, 2018Date of Patent: February 4, 2020Assignee: Palo Alto Networks, Inc.Inventors: Seokkyung Chung, Farshad Rostamabadi, William Redington Hewlett, II, Zhi Xu, Shadi Rostami-Hesarsorkh, Lin Xu, Lee Klarich
-
Patent number: 10530789Abstract: Techniques for alerting and tagging using a malware analysis platform for threat intelligence made actionable are disclosed. In some embodiments, a system, process, and/or computer program product for alerting and tagging using a malware analysis platform for threat intelligence made actionable includes receiving a plurality of samples for performing automated malware analysis to generate log files based on the automated malware analysis; processing the log files to extract artifacts associated with the log files; determining whether a tag matches any of the plurality of samples based on the artifacts; and performing an action based on whether the tag matches any of the plurality of samples.Type: GrantFiled: May 3, 2019Date of Patent: January 7, 2020Assignee: Palo Alto Networks, Inc.Inventors: Farshad Rostamabadi, Shadi Rostami-Hesarsorkh, Sudarshan Vasudevan, Bilal Malik
-
Patent number: 10484404Abstract: Techniques for alerting and tagging using a malware analysis platform for threat intelligence made actionable are disclosed. In some embodiments, a system, process, and/or computer program product for alerting and tagging using a malware analysis platform for threat intelligence made actionable includes receiving a plurality of samples for performing automated malware analysis to generate log files based on the automated malware analysis; processing the log files to extract artifacts associated with the log files; determining whether a tag matches any of the plurality of samples based on the artifacts; and performing an action based on whether the tag matches any of the plurality of samples.Type: GrantFiled: May 3, 2019Date of Patent: November 19, 2019Assignee: Palo Alto Networks, Inc.Inventors: Farshad Rostamabadi, Shadi Rostami-Hesarsorkh, Sudarshan Vasudevan, Bilal Malik
-
Publication number: 20190268357Abstract: Techniques for alerting and tagging using a malware analysis platform for threat intelligence made actionable are disclosed. In some embodiments, a system, process, and/or computer program product for alerting and tagging using a malware analysis platform for threat intelligence made actionable includes receiving a plurality of samples for performing automated malware analysis to generate log files based on the automated malware analysis; processing the log files to extract artifacts associated with the log files; determining whether a tag matches any of the plurality of samples based on the artifacts; and performing an action based on whether the tag matches any of the plurality of samples.Type: ApplicationFiled: May 3, 2019Publication date: August 29, 2019Inventors: Farshad Rostamabadi, Shadi Rostami-Hesarsorkh, Sudarshan Vasudevan, Bilal Malik
-
Patent number: 10333948Abstract: Techniques for alerting and tagging using a malware analysis platform for threat intelligence made actionable are disclosed. In some embodiments, a system, process, and/or computer program product for alerting and tagging using a malware analysis platform for threat intelligence made actionable includes receiving a plurality of samples for performing automated malware analysis to generate log files based on the automated malware analysis; processing the log files to extract artifacts associated with the log files; determining whether a tag matches any of the plurality of samples based on the artifacts; and performing an action based on whether the tag matches any of the plurality of samples.Type: GrantFiled: February 29, 2016Date of Patent: June 25, 2019Assignee: Palo Alto Networks, Inc.Inventors: Farshad Rostamabadi, Shadi Rostami-Hesarsorkh, Sudarshan Vasudevan, Bilal Malik
-
Publication number: 20190158525Abstract: Techniques for automatically grouping malware based on artifacts are disclosed. In some embodiments, a system, process, and/or computer program product for automatically grouping malware based on artifacts includes receiving a plurality of samples for performing automated malware analysis to generate log files based on the automated malware analysis; processing the log files to extract features associated with malware; clustering the plurality of samples based on the extracted features; and performing an action based on the clustering output.Type: ApplicationFiled: January 18, 2019Publication date: May 23, 2019Inventors: Shadi Rostami-Hesarsorkh, Sudarshan Vasudevan, William Redington Hewlett, II, Farshad Rostamabadi
-
Patent number: 10230749Abstract: Techniques for automatically grouping malware based on artifacts are disclosed. In some embodiments, a system, process, and/or computer program product for automatically grouping malware based on artifacts includes receiving a plurality of samples for performing automated malware analysis to generate log files based on the automated malware analysis; processing the log files to extract features associated with malware; clustering the plurality of samples based on the extracted features; and performing an action based on the clustering output.Type: GrantFiled: February 29, 2016Date of Patent: March 12, 2019Assignee: Palo Alto Networks, Inc.Inventors: Shadi Rostami-Hesarsorkh, Sudarshan Vasudevan, William Redington Hewlett, II, Farshad Rostamabadi
-
Patent number: 10200390Abstract: Techniques for automatically determining whether malware samples are similar are disclosed. In some embodiments, a system, process, and/or computer program product for automatically determining whether malware samples are similar includes receiving a plurality of samples for performing automated malware analysis to generate log files based on the automated malware analysis; comparing the log files based on the automated malware analysis; determining whether any of the plurality of samples are similar based on the comparison of the log files based on the automated malware analysis; and performing an action based on determining that at least two samples are similar.Type: GrantFiled: February 29, 2016Date of Patent: February 5, 2019Assignee: Palo Alto Networks, Inc.Inventors: Shadi Rostami-Hesarsorkh, Sudarshan Vasudevan, Farshad Rostamabadi
-
Patent number: 10200389Abstract: Techniques for a malware analysis platform for threat intelligence made actionable are disclosed. In some embodiments, a system, process, and/or computer program product for a malware analysis platform for threat intelligence made actionable includes receiving a plurality of samples for performing automated malware analysis to generate log files based on the automated malware analysis; processing the log files to determine artifacts associated with malware; and performing an action based on an artifact.Type: GrantFiled: February 29, 2016Date of Patent: February 5, 2019Assignee: Palo Alto Networks, Inc.Inventors: Farshad Rostamabadi, Shadi Rostami-Hesarsorkh, Sudarshan Vasudevan
-
Publication number: 20190014169Abstract: Techniques for categorizing mobile uniform resource locators (URLs) that are used by mobile applications are disclosed. A URL is extracted from a mobile application. A category for the URL is determined based on a categorization of the mobile application. The URL and its determined category are then generated as output.Type: ApplicationFiled: August 21, 2018Publication date: January 10, 2019Inventors: Seokkyung Chung, Farshad Rostamabadi, William Redington Hewlett, II, Zhi Xu, Shadi Rostami-Hesarsorkh, Lin Xu, Lee Klarich
-
Patent number: 10079876Abstract: Categorizing mobile uniform resource locators (URLs) used by a mobile application is disclosed. A plurality of URLs is extracted from the mobile application. A category is assigned to at least one URL included in the plurality of URLs. The category is assigned to the URL based on a categorization of the mobile application.Type: GrantFiled: September 30, 2014Date of Patent: September 18, 2018Assignee: Palo Alto Networks, Inc.Inventors: Seokkyung Chung, Farshad Rostamabadi, William Hewlett, Zhi Xu, Shadi Rostami-Hesarsorkh, Lin Xu, Lee Klarich
-
Patent number: 10003574Abstract: A first unclassified uniform resource locator (URL) is received. An originally primary bloom filter is initialized. A second bloom filter is initialized. In response to receiving a “no match” result from querying the primary bloom filter for the received first unclassified URL, insert operations are performed on both the originally primary bloom filter and the secondary bloom filter. At a time subsequent to inserting the first unclassified URL into both the originally primary and secondary bloom filters, a determination is made that a false positive rate associated with the originally primary bloom filter exceeds a threshold. In response to the determination, the secondary bloom filter is designated as a replacement primary.Type: GrantFiled: March 20, 2017Date of Patent: June 19, 2018Assignee: Palo Alto Networks, Inc.Inventors: Farshad Rostamabadi, Shadi Rostami-Hesarsorkh
-
Publication number: 20170251003Abstract: Techniques for automatically determining whether malware samples are similar are disclosed. In some embodiments, a system, process, and/or computer program product for automatically determining whether malware samples are similar includes receiving a plurality of samples for performing automated malware analysis to generate log files based on the automated malware analysis; comparing the log files based on the automated malware analysis; determining whether any of the plurality of samples are similar based on the comparison of the log files based on the automated malware analysis; and performing an action based on determining that at least two samples are similar.Type: ApplicationFiled: February 29, 2016Publication date: August 31, 2017Inventors: Shadi Rostami-Hesarsorkh, Sudarshan Vasudevan, Farshad Rostamabadi
-
Publication number: 20170250997Abstract: Techniques for alerting and tagging using a malware analysis platform for threat intelligence made actionable are disclosed. In some embodiments, a system, process, and/or computer program product for alerting and tagging using a malware analysis platform for threat intelligence made actionable includes receiving a plurality of samples for performing automated malware analysis to generate log files based on the automated malware analysis; processing the log files to extract artifacts associated with the log files; determining whether a tag matches any of the plurality of samples based on the artifacts; and performing an action based on whether the tag matches any of the plurality of samples.Type: ApplicationFiled: February 29, 2016Publication date: August 31, 2017Inventors: Farshad Rostamabadi, Shadi Rostami-Hesarsorkh, Sudarshan Vasudevan, Bilal Malik
-
Publication number: 20170251002Abstract: Techniques for a malware analysis platform for threat intelligence made actionable are disclosed. In some embodiments, a system, process, and/or computer program product for a malware analysis platform for threat intelligence made actionable includes receiving a plurality of samples for performing automated malware analysis to generate log files based on the automated malware analysis; processing the log files to determine artifacts associated with malware; and performing an action based on an artifact.Type: ApplicationFiled: February 29, 2016Publication date: August 31, 2017Inventors: Farshad Rostamabadi, Shadi Rostami-Hesarsorkh, Sudarshan Vasudevan
-
Patent number: 9634992Abstract: A first unclassified uniform resource locator (URL) is received. An originally primary bloom filter is initialized. A second bloom filter is initialized. In response to receiving a “no match” result from querying the primary bloom filter for the received first unclassified URL, insert operations are performed on both the originally primary bloom filter and the secondary bloom filter. At a time subsequent to inserting the first unclassified URL into both the originally primary and secondary bloom filters, a determination is made that a false positive rate associated with the originally primary bloom filter exceeds a threshold. In response to the determination, the secondary bloom filter is designated as a replacement primary.Type: GrantFiled: February 28, 2015Date of Patent: April 25, 2017Assignee: Palo Alto Networks, Inc.Inventors: Farshad Rostamabadi, Shadi Rostami-Hesarsorkh