Patents by Inventor Michael Locasto
Michael Locasto has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11729196Abstract: A method, apparatus and system for determining a weakness or risk for devices of an Internet-of-things (IoT) network include determining a representation of a physical environment of the IoT network and expected physical and cyber interactions between the devices of the IoT network based at least in part on operating characteristics of the devices of the IoT network, monitoring the physical environment and actual interactions between the devices to generate a network model including at least one of uncharacteristic physical or cyber interaction paths between the devices, based on the determined network model, determining at least one weakness or risk of at least one of the IoT network or of at least one of the devices, and providing a metric of security of at least one of the IoT network or of at least one of the devices based on at least one of the determined weakness or risk.Type: GrantFiled: August 13, 2018Date of Patent: August 15, 2023Assignee: SRI InternationalInventors: Gabriela F. Ciocarlie, Ioannis Agadakos, Chien-Ying Chen, Matteo Campanelli, Prashant Anantharaman, Monowar Hasan, Ulf Lindqvist, Michael Locasto, Bogdan Copos, Tancrède Lepoint, Matthew Filippone
-
Publication number: 20230019995Abstract: A method may involve applying, by a testing computing device, a distortion to a computing device under test. The distortion includes operating the computing device under test at a performance range of a computational resource that could cause the computing device under test to operate outside a normal range. The method may also involve receiving, by the testing computing device and in response to the applying of the distortion, one or more digital signals from the computing device under test. The method may further involve comparing, by the testing computing device, the one or more digital signals to one or more baseline digital signals associated with the computing device under test. The method may also involve detecting, based on the comparing, a presence of at least one anomalous element that could be indicative of a hostile element in the computing device under test.Type: ApplicationFiled: July 15, 2022Publication date: January 19, 2023Inventors: Michael Locasto, Bruce DeBruhl, Ulf Lindqvist, David Stoker, Ioannis Agadakos
-
Publication number: 20200162500Abstract: A method, apparatus and system for determining a weakness or risk for devices of an Internet-of-things (IoT) network include determining a representation of a physical environment of the IoT network and expected physical and cyber interactions between the devices of the IoT network based at least in part on operating characteristics of the devices of the IoT network, monitoring the physical environment and actual interactions between the devices to generate a network model including at least one of uncharacteristic physical or cyber interaction paths between the devices, based on the determined network model, determining at least one weakness or risk of at least one of the IoT network or of at least one of the devices, and providing a metric of security of at least one of the IoT network or of at least one of the devices based on at least one of the determined weakness or risk.Type: ApplicationFiled: August 13, 2018Publication date: May 21, 2020Inventors: Gabriela F. CIOCARLIE, Ioannis AGADAKOS, Chien-Ying CHEN, Matteo CAMPANELLI, Prashant ANANTHARAMAN, Monowar HASAN, Ulf LINDQVIST, Michael LOCASTO, Bogdan COPOS, Tancrède LEPOINT, Matthew FILIPPONE
-
Patent number: 10038704Abstract: Systems and methods for correlating and distributing intrusion alert information among collaborating computer systems are provided. These systems and methods provide an alert correlator and an alert distributor that enable early signs of an attack to be detected and rapidly disseminated to collaborating systems. The alert correlator utilizes data structures to correlate alert detections and provide a mechanism through which threat information can be revealed to other collaborating systems. The alert distributor uses an efficient technique to group collaborating systems and then pass data between certain members of those groups according to a schedule. In this way data can be routinely distributed without generating excess traffic loads.Type: GrantFiled: September 4, 2015Date of Patent: July 31, 2018Assignee: The Trustees of Columbia University in the City of New YorkInventors: Salvatore J. Stolfo, Tal Malkin, Angelos D. Keromytis, Vishal Misra, Michael Locasto, Janak Parekh
-
Publication number: 20150381639Abstract: Systems and methods for correlating and distributing intrusion alert information among collaborating computer systems are provided. These systems and methods provide an alert correlator and an alert distributor that enable early signs of an attack to be detected and rapidly disseminated to collaborating systems. The alert correlator utilizes data structures to correlate alert detections and provide a mechanism through which threat information can be revealed to other collaborating systems. The alert distributor uses an efficient technique to group collaborating systems and then pass data between certain members of those groups according to a schedule. In this way data can be routinely distributed without generating excess traffic loads.Type: ApplicationFiled: September 4, 2015Publication date: December 31, 2015Inventors: Salvatore J. Stolfo, Tal Malkin, Angelos D. Keromytis, Vishal Misra, Michael Locasto, Janak Parekh
-
Patent number: 9135438Abstract: Systems and methods for correlating and distributing intrusion alert information among collaborating computer systems are provided. These systems and methods provide an alert correlator and an alert distributor that enable early signs of an attack to be detected and rapidly disseminated to collaborating systems. The alert correlator utilizes data structures to correlate alert detections and provide a mechanism through which threat information can be revealed to other collaborating systems. The alert distributor uses an efficient technique to group collaborating systems and then pass data between certain members of those groups according to a schedule. In this way data can be routinely distributed without generating excess traffic loads.Type: GrantFiled: January 16, 2013Date of Patent: September 15, 2015Assignee: The Trustees of Columbia University in the City of New YorkInventors: Salvatore J Stolfo, Tal Malkin, Angelos D Keromytis, Vishal Misra, Michael Locasto, Janak Parekh
-
Patent number: 8381295Abstract: Systems and methods for correlating and distributing intrusion alert information among collaborating computer systems are provided. These systems and methods provide an alert correlator and an alert distributor that enable early signs of an attack to be detected and rapidly disseminated to collaborating systems. The alert correlator utilizes data structures to correlate alert detections and provide a mechanism through which threat information can be revealed to other collaborating systems. The alert distributor uses an efficient technique to group collaborating systems and then pass data between certain members of those groups according to a schedule. In this way data can be routinely distributed without generating excess traffic loads.Type: GrantFiled: July 9, 2010Date of Patent: February 19, 2013Assignee: The Trustees of Columbia University in the City of New YorkInventors: Salvatore J Stolfo, Tal Malkin, Angelos D Keromytis, Vishal Misra, Michael Locasto, Janak Parekh
-
Publication number: 20100281541Abstract: Systems and methods for correlating and distributing intrusion alert information among collaborating computer systems are provided. These systems and methods provide an alert correlator and an alert distributor that enable early signs of an attack to be detected and rapidly disseminated to collaborating systems. The alert correlator utilizes data structures to correlate alert detections and provide a mechanism through which threat information can be revealed to other collaborating systems. The alert distributor uses an efficient technique to group collaborating systems and then pass data between certain members of those groups according to a schedule. In this way data can be routinely distributed without generating excess traffic loads.Type: ApplicationFiled: July 9, 2010Publication date: November 4, 2010Applicant: The Trustees of Columbia University in the City of New YorkInventors: Salvatore J. Stolfo, Tal Malkin, Angelos D. Keromytis, Vishal Misra, Michael Locasto, Janak Parekh
-
Patent number: 7779463Abstract: Systems and methods for correlating and distributing intrusion alert information among collaborating computer systems are provided. These systems and methods provide an alert correlator and an alert distributor that enable early signs of an attack to be detected and rapidly disseminated to collaborating systems. The alert correlator utilizes data structures to correlate alert detections and provide a mechanism through which threat information can be revealed to other collaborating systems. The alert distributor uses an efficient technique to group collaborating systems and then pass data between certain members of those groups according to a schedule. In this way data can be routinely distributed without generating excess traffic loads.Type: GrantFiled: June 9, 2004Date of Patent: August 17, 2010Assignee: The Trustees of Columbia University in the City of New YorkInventors: Salvatore J. Stolfo, Tal Malkin, Angelos D. Keromytis, Vishal Misra, Michael Locasto, Janak Parekh
-
Patent number: 7490268Abstract: In accordance with the present invention, computer implemented methods and systems are provided that allow an application to automatically recover from software failures and attacks. Using one or more sensors, failures may be detected in the application. In response to detecting the failure, the portion of the application's code that caused the failure is isolated. Using the input vectors that caused the failure, information regarding the failure (e.g., the type of failure), a core dump file (e.g., stack trace), etc., an emulator-based vaccine that repairs the failure is constructed. In response to verifying that the vaccine repaired the failure, the application is automatically updated with the emulator-based vaccine without user intervention. Application community features that efficiently use the resources available in software monoculture is also provided.Type: GrantFiled: June 1, 2005Date of Patent: February 10, 2009Assignee: The Trustees of Columbia University in the City of New YorkInventors: Angelos D. Keromytis, Michael Locasto, Stylianos Sidiroglou
-
Publication number: 20060195745Abstract: In accordance with the present invention, computer implemented methods and systems are provided that allow an application to automatically recover from software failures and attacks. Using one or more sensors, failures may be detected in the application. In response to detecting the failure, the portion of the application's code that caused the failure is isolated. Using the input vectors that caused the failure, information regarding the failure (e.g., the type of failure), a core dump file (e.g., stack trace), etc., an emulator-based vaccine that repairs the failure is constructed. In response to verifying that the vaccine repaired the failure, the application is automatically updated with the emulator-based vaccine without user intervention. Application community features that efficiently use the resources available in software monoculture is also provided.Type: ApplicationFiled: June 1, 2005Publication date: August 31, 2006Inventors: Angelos Keromytis, Michael Locasto, Stylianos Sidiroglou
-
Publication number: 20050257264Abstract: Systems and methods for correlating and distributing intrusion alert information among collaborating computer systems are provided. These systems and methods provide an alert correlator and an alert distributor that enable early signs of an attack to be detected and rapidly disseminated to collaborating systems. The alert correlator utilizes data structures to correlate alert detections and provide a mechanism through which threat information can be revealed to other collaborating systems. The alert distributor uses an efficient technique to group collaborating systems and then pass data between certain members of those groups according to a schedule. In this way data can be routinely distributed without generating excess traffic loads.Type: ApplicationFiled: June 9, 2004Publication date: November 17, 2005Inventors: Salvatore Stolfo, Tal Malkin, Angelos Keromytis, Vishal Misra, Michael Locasto, Janak Parekh