Patents by Inventor Kailash Kailash

Kailash Kailash has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 10262136
    Abstract: Systems, methods and apparatus for malware detection detect and stop the distribution of malware and other undesirable content before such content reaches computing systems. A malware detection service external to network edges of a system receives a request from a computer within the system, the request identifying a signature associated with content. The service determines a status indicator of the content using the signature, and transmits the status indicator to the computer.
    Type: Grant
    Filed: August 4, 2008
    Date of Patent: April 16, 2019
    Assignee: Zscaler, Inc.
    Inventors: Kailash Kailash, Robert L. Voit, Jose Raphel
  • Patent number: 10216790
    Abstract: A computer-implemented method and system for querying aggregates in a database include maintaining aggregates based on a dimension in the database with at least two grain sizes; receiving a query of the aggregates for a defined range of the dimension; finding a start and an end for a read operation for a larger grain size of the at least two grain sizes of the aggregates for the defined range; reading a first set from the start to the end in the database of the larger grain size of the at least two grain sizes of the aggregates; reading a second set comprising a smaller grain size of the at least two grain sizes of the aggregates based on the defined range and the start and the end; and adjusting the first set with the second set.
    Type: Grant
    Filed: August 14, 2014
    Date of Patent: February 26, 2019
    Assignee: Zscaler, Inc.
    Inventors: Kailash Kailash, Sushil Pangeni, Chakkaravarthy Periyasamy Balaiah, Lakshmaiah Regoti, Kumar Gaurav
  • Publication number: 20180146012
    Abstract: A distributed security method is implemented in a processing node of a distributed security system comprising one or more processing nodes and one or more authority nodes, wherein the distributed security system is located external to a network edge of an enterprise and external from one of a computer device and a mobile device associated with a user. The distributed security method includes monitoring a content item sent from or requested by an external system which is external from a network edge of the external system; and responsive to a security policy associated with the external system, performing one of allowing the content item through the processing node; precluding the content item at the processing node; and threat detecting the content item at the processing node and one of allowing or precluding the content item based on the threat detecting.
    Type: Application
    Filed: December 29, 2017
    Publication date: May 24, 2018
    Inventors: Kailash KAILASH, Shashidhara Mysore NANJUNDASWAMY, Amarnath MULLICK, Jose Kolenchery RAPPEL
  • Publication number: 20180124070
    Abstract: Systems, methods and apparatus for malware detection detect and stop the distribution of malware and other undesirable content before such content reaches computing systems. A cloud-based malware detection method includes receiving a signature from a computer, wherein the signature which identifies a file and the signature is smaller in size than the file; determining whether the file is trusted, untrusted, or unknown for malware based on the signature; and transmitting whether the file is trusted, untrusted, or unknown for malware to the computer based on the determining, wherein the computer is precluded from distribution of the file responsive to the file being untrusted.
    Type: Application
    Filed: December 28, 2017
    Publication date: May 3, 2018
    Inventors: Kailash KAILASH, Robert L. VOIT, Jose RAPHEL
  • Patent number: 9912638
    Abstract: Systems and methods of integrating log data from a cloud system with an internal management system are described, wherein the cloud system is located externally from a secure network which contains the internal management system. The systems and methods include receiving log data from a cloud system through a secure connection between the secure network and the cloud system; buffering the received log data; filtering the buffered, received log data; and transmitting the filtered, buffered, received log data to the internal management system in a format associated with the internal management system.
    Type: Grant
    Filed: January 15, 2015
    Date of Patent: March 6, 2018
    Assignee: Zscaler, Inc.
    Inventors: Kailash Kailash, Chakkaravarthy Periyasamy Balaiah, Sushil Pangeni, Amit Sinha, Samuel John Crank, Manoj Apte, Sridhar Narasimhan
  • Publication number: 20160269447
    Abstract: A distributed security method is implemented in a processing node of a distributed security system comprising one or more processing nodes and one or more authority nodes, wherein the distributed security system is located external to a network edge of an enterprise and external from one of a computer device and a mobile device associated with a user. The distributed security method includes obtaining security policy data associated with the user and the enterprise from an authority node; monitoring data communications between the user, the enterprise, and the Internet in a processing node; and controlling the data communications between the user, the enterprise, and the Internet based on the monitoring to provide security measures between the user, the enterprise, and the Internet.
    Type: Application
    Filed: May 24, 2016
    Publication date: September 15, 2016
    Inventors: Kailash KAILASH, Shashidhara Mysore NANJUNDASWAMY, Amarnath MULLICK, Jose Kolenchery RAPPEL
  • Patent number: 9379895
    Abstract: Systems, methods and apparatus for a distributed security that provides authentication and authorization management. The system can include a source processor that is used to identify the source associated with a request for authentication or authorization. The source processor can maintain the initial source associated with the request through the use of an association token. The associate token can be transmitted with each subsequent request that includes authentication or authorization data. The source processor can use the associate token to verify that the source associated with the initial request is the same as the source associated with subsequent authentication and authorization requests.
    Type: Grant
    Filed: July 24, 2008
    Date of Patent: June 28, 2016
    Assignee: Zscaler, Inc.
    Inventors: Kailash Kailash, Shashidhara Mysore Nanjundaswamy, Amarnath Mullick, Jose Raphel
  • Patent number: 9342621
    Abstract: Methods, systems, and apparatus, including computer program products, for generating or using augmentation queries. In one aspect, subject phrases for detection in content are identified. Each phrase has a corresponding cardinality of terms. First hash sets for each of the subject phrases are generated, each first hash set including first hashes of bigram term subsets for each of the phrases. Sub-phrase scores for each of the hashes based on the cardinality of each phrase are assigned. The sub-phrase scores a used to detect the subject phrases in hashes of portions of received content. Other implementations of this aspect include corresponding systems, apparatus, and computer program products.
    Type: Grant
    Filed: August 4, 2008
    Date of Patent: May 17, 2016
    Assignee: Zscaler, Inc.
    Inventors: Jose Raphel, Kailash Kailash, Narasimha Datta Nataraja
  • Publication number: 20160048558
    Abstract: A computer-implemented method and system for querying aggregates in a database include maintaining aggregates based on a dimension in the database with at least two grain sizes; receiving a query of the aggregates for a defined range of the dimension; finding a start and an end for a read operation for a larger grain size of the at least two grain sizes of the aggregates for the defined range; reading a first set from the start to the end in the database of the larger grain size of the at least two grain sizes of the aggregates; reading a second set comprising a smaller grain size of the at least two grain sizes of the aggregates based on the defined range and the start and the end; and adjusting the first set with the second set.
    Type: Application
    Filed: August 14, 2014
    Publication date: February 18, 2016
    Applicant: Zscaler, Inc.
    Inventors: Kailash KAILASH, Sushil PANGENI, Chakkaravarthy Periyasamy BALAIAH, Lakshmaiah REGOTI, Kumar GAURAV
  • Patent number: 9154475
    Abstract: Methods, systems, and apparatus, including computer program products, for distributed security system authorization. Client device authentication instructions are executed on a client device to determine if authentication data accessible by the client device authentication instructions are stored at the client device. If the authentication data are stored at the client device, the client device authentication instructions generate authenticated user data and store the authenticated user data at the client device. If the authentication data are not stored at the client device, the client device authentication instructions generate a login environment that allows a user of the client device to input login data. The login data are provided to a verification process that in response to verification provide the authentication data to the client device.
    Type: Grant
    Filed: January 16, 2009
    Date of Patent: October 6, 2015
    Assignee: Zscaler, Inc.
    Inventors: Kailash Kailash, Jeff Forristal, Narinder Paul, Sivaprasad Udupa
  • Publication number: 20150163199
    Abstract: Systems and methods of integrating log data from a cloud system with an internal management system are described, wherein the cloud system is located externally from a secure network which contains the internal management system. The systems and methods include receiving log data from a cloud system through a secure connection between the secure network and the cloud system; buffering the received log data; filtering the buffered, received log data; and transmitting the filtered, buffered, received log data to the internal management system in a format associated with the internal management system.
    Type: Application
    Filed: January 15, 2015
    Publication date: June 11, 2015
    Applicant: Zscaler, Inc.
    Inventors: Kailash Kailash, Chakkaravarthy Periyasamy Balaiah, Sushil Pangeni, Amit Sinha, Samuel John Crank, Manoj Apte, Sridhar Narasimhan
  • Patent number: 9003186
    Abstract: Systems, methods and apparatus for a distributed security that provides authentication and authorization management. The system can include an epoch manager that is used to generate authentication and authorization data that remain valid only for an epoch. The epoch manager can generate an epoch key pair that can be used to encrypt and decrypt the authentication and authorization data during the epoch that the key is valid. The epoch manager can also associate the contents of the data with the epoch in which it was created, so that at decrypting the epoch that the data was generated in can be identified.
    Type: Grant
    Filed: July 24, 2008
    Date of Patent: April 7, 2015
    Assignee: Zscaler, Inc.
    Inventors: Kailash Kailash, Shashidhara Mysore Nanjundaswamy, Amarnath Mullick, Jose Raphel
  • Patent number: 8955091
    Abstract: A system includes an enterprise network including an internal management system communicatively coupled thereon, the enterprise network includes security and the internal management system is disposed behind the security; a cloud system external to the enterprise network and communicatively coupled to the enterprise network, at least one user associated with the enterprise network is configured to communicate through the cloud system for cloud-based services, and the cloud system is configured to log data associated with the at least one user for the cloud-based services; and an external service bridge located in the enterprise network behind the security, the external service bridge is configured to securely communicate with the cloud system to receive the log data and to communicate with the internal management system to provide the log data thereto.
    Type: Grant
    Filed: April 30, 2012
    Date of Patent: February 10, 2015
    Assignee: Zscaler, Inc.
    Inventors: Kailash Kailash, Chakkaravarthy Periyasamy Balaiah, Sushil Pangeni, Amit Sinha, Samuel John Crank, Manoj Apte, Sridhar Narasimhan
  • Patent number: 8887249
    Abstract: Guard tables including absence information are used in a security system to protect a network service from a denial of service attack. A login key corresponding to a login request is hashed and the output of the hash is a bit position in a guard table. The bit value at the bit position in the guard table can be checked to determine if login information corresponding to the key is present. Further processing of the login request can be based on the indicated presence or absence of the information.
    Type: Grant
    Filed: May 28, 2008
    Date of Patent: November 11, 2014
    Assignee: Zscaler, Inc.
    Inventors: Arcady V. Schekochikhin, Srikanth Devarajan, Narinder Paul, Kailash Kailash
  • Patent number: 8869259
    Abstract: A cloud based system that facilitates inspection of secure content and inexpensively detects the presence of a Man-in-the-Middle attack in a client-server communication is disclosed. Through inspection of the server certificate, no Man-in-the-Middle attack between server and the system is ensured; through inspection and designation of the client certificate, absence of a Man-in-the-Middle attack between the cloud based system and the client is ensured. In this way, the cloud based system can perform its usual policy enforcement functions with respect to secure content while avoiding Man-in-the-Middle attacks.
    Type: Grant
    Filed: May 19, 2011
    Date of Patent: October 21, 2014
    Assignee: Zscaler, Inc.
    Inventors: Sivaprasad Udupa, Narinder Paul, Jose Raphel, Kailash Kailash
  • Patent number: 8848710
    Abstract: The present invention is directed towards a method and system for providing a technique referred to as flash caching to respond to requests for an object, such as a dynamically generated object, from multiple clients. This technique of the present invention uses a dynamically generated object stored in a buffer for transmission to a client, for example in response to a request from the client, to also respond to additional requests for the dynamically generated object from other clients while the object is stored in the buffer. Using this technique, the present invention is able to increase cache hit rates for extremely fast changing dynamically generated objects that may not otherwise be cacheable.
    Type: Grant
    Filed: July 25, 2012
    Date of Patent: September 30, 2014
    Assignee: Citrix Systems, Inc.
    Inventors: Prabakar Sundarrajan, Prakash Khemani, Kailash Kailash, Ajay Soni, Rajiv Sinha, Saravana Annamalaisami, Bharat Bhushan K.R., Anil Kumar
  • Patent number: 8806593
    Abstract: Guest accounts arise in a variety of ways. Hotels, Coffee Shops, internet cafes, internet kiosks, etc provide internet access to its guests, aka customers. Cloud based security services can serve as a platform for supporting efficient and safe guest account management. Guest accounts are managed by the cloud service and are associated and disassociated with individuals as needed by the guest account provider. The cloud service can also provide a guest account provider with greater control over guest account usage and accountability.
    Type: Grant
    Filed: May 19, 2011
    Date of Patent: August 12, 2014
    Assignee: Zscaler, Inc.
    Inventors: Jose Raphel, Kailash Kailash, Manoj Shriganesh Apte, Jagtar S Chaudhry
  • Patent number: 8806201
    Abstract: Systems, methods and apparatus for a distributed security that provides authentication and authorization management. The system can include an epoch processor that is used to validate authentication and authorization data that is valid only for an epoch. The epoch processor can maintain a public key that can be used to decrypt the authentication and authorization data during the epoch that the key is valid. The epoch processor can receive a new public key during each epoch. The epoch processor can also determine if the authentication or authorization data was fraudulently generated based on the contents of the data, and verifying whether the data is valid for the epoch in which it was decrypted.
    Type: Grant
    Filed: July 24, 2008
    Date of Patent: August 12, 2014
    Assignee: Zscaler, Inc.
    Inventors: Kailash Kailash, Shashidhara Mysore Nanjundaswamy, Amarnath Mullick, Jose Raphel
  • Patent number: 8799502
    Abstract: A method for maximizing server throughput while avoiding overload of a server is presented. The method involves intercepting, via an interface unit, a client request for information from the server. Next, the interface unit determines the current server performance, where the server performance is based on the number of connections opened to the server, the response time of the server and the rate at which the response time is changing. Finally, the interface unit forwards the client request to the server if the current server performance is close to an optimal performance, whereby avoiding overload of the server.
    Type: Grant
    Filed: October 31, 2006
    Date of Patent: August 5, 2014
    Assignee: Citrix Systems, Inc.
    Inventors: Jose Kolencheril Raphel, Kailash Kailash, Michel K. Susai
  • Patent number: 8788581
    Abstract: A method for maintaining a cache of dynamically generated objects. The method includes storing in the cache dynamically generated objects previously served from an originating server to a client. A communication between the client and server is intercepted by the cache. The cache parses the communication to identify an object determinant and to determine whether the object determinant indicates whether a change has occurred or will occur in an object at the originating server. The cache marks the object stored in the cache as invalid if the object determinant so indicates. If the object has been marked as invalid, the cache retrieves the object from the originating server.
    Type: Grant
    Filed: January 18, 2013
    Date of Patent: July 22, 2014
    Assignee: Citrix Systems, Inc.
    Inventors: Prabakar Sundarrajan, Prakash Khemani, Kailash Kailash, Ajay Soni, Rajiv Sinha, Saravana Annamalaisami, Bharath Bhushan K. R., Anil Kumar