Patents by Inventor Mourad Debbabi
Mourad Debbabi has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20230273994Abstract: A method, system and apparatus are disclosed. According to one or more embodiments, a data node is provided. The data node includes processing circuitry configured to: receive an anomaly estimation for a first privatized dataset, the first private dataset being based on a dataset and a first noise profile, apply a second noise profile to the dataset to generate a second privatized dataset, the second noise profile being based at least on the anomaly estimation, and optionally cause transmission of the second privatized dataset for anomaly estimation.Type: ApplicationFiled: July 16, 2021Publication date: August 31, 2023Inventors: Meisam MOHAMMADY, Mengyuan ZHANG, Yosr JARRAYA, Makan POURZANDI, Han WANG, Yuan Hong, Lingyu WANG, Suryadipta MAJUMDAR, Mourad DEBBABI
-
Publication number: 20230239219Abstract: A method, system and apparatus are disclosed. According to one or more embodiments, a detection node in communication with a network function virtualization, NFV, system operating a NFV stack that is logically separable into a plurality of levels including a first level and a second level is provided. The detection node includes processing circuitry configured to: translate an executed first level event sequence to at least one translated second level event sequence, and compare the at least one translated second level event sequence to an executed second level event sequence to at least in part detect inconsistencies between the at least one translated second level event sequence and the executed second level event sequence where the executed second level event sequence and the executed first level event sequence being part of a multi-level sequence flow.Type: ApplicationFiled: July 9, 2021Publication date: July 27, 2023Inventors: Mengyuan ZHANG, Yosr JARRAYA, Makan POURZANDI, Lingyu WANG, Mourad DEBBABI, Sudershan Lakshmanan Thirunavukkarasu
-
Patent number: 11677762Abstract: A method, computing device and system are disclosed for evaluating security of virtual infrastructures of tenants in a cloud environment. At least one security metric may be calculated for virtual infrastructures of a tenant based on information associated with at least one virtual resource of the first tenant and at least one interaction of the at least one virtual resource of the first tenant with at least one virtual resource of at least one other tenant in a multi-tenant virtualized infrastructure. At least one security parameter may be evaluated for the first tenant based at least in part on at least one of the at least one calculated security metric for monitoring a security level of the first tenant relative to the at least one other tenant in the multi-tenant virtualized infrastructure.Type: GrantFiled: April 23, 2019Date of Patent: June 13, 2023Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)Inventors: Taous Madi, Mengyuan Zhang, Yosr Jarraya, Lingyu Wang, Makan Pourzandi, Mourad Debbabi
-
Patent number: 11509565Abstract: Systems and methods for verifying the validity of a network link are described herein. A verification packet and an associated packet handling flow can be generated and added to a network in order to investigate a link between network nodes (e.g. switches).Type: GrantFiled: December 4, 2018Date of Patent: November 22, 2022Assignee: Telefonaktiebolaget L M Ericsson (publ)Inventors: Amir Alimohammadifar, Lingyu Wang, Yosr Jarraya, Makan Pourzandi, Mourad Debbabi
-
Publication number: 20220215116Abstract: A method, system and apparatus are disclosed. In one or more embodiments, a differential privacy, DP, node is provided. The DP node includes processing circuitry configured to: receive a query request; receive a first input corresponding to a utility parameter; receive a second input corresponding to a privacy parameter; select a baseline DP mechanism type based at least on a query request type of the query request, the first input and the second input, where the baseline DP mechanism type includes at least a noise parameter; generate a noise distribution based on the baseline DP mechanism type using a first value of the noise parameter; and determine a DP query result based on applying the noise distribution to the query request applied on a data set.Type: ApplicationFiled: May 13, 2020Publication date: July 7, 2022Inventors: Mengyuan ZHANG, Yosr JARRAYA, Makan POURZANDI, Meisam MOHAMMADY, Shangyu XIE, Yuan HONG, Lingyu WANG, Mourad DEBBABI
-
Publication number: 20220215127Abstract: Systems and methods for anonymizing data are provided herein. A network node can receive privacy constraints from a data owner and utility requirements from at least one data processor. An anonymization mechanism can be selected for each data attribute in a data set, based on its specified privacy constraint and/or utility requirement, from the available anonymization mechanism(s) appropriate for its associated attribute type.Type: ApplicationFiled: April 29, 2020Publication date: July 7, 2022Applicant: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)Inventors: Momen OQAILY, Yosr JARRAYA, Mengyuan ZHANG, Makan POURZANDI, Lingyu WANG, Mourad DEBBABI
-
Patent number: 11316831Abstract: A node including processing circuitry configured to: generate anonymized data based at least in part on a first cryptographic key and network data, calculate a coordination vector, generate initialized data based at least in part on the anonymized data, a second cryptographic key and the coordination vector, transmit the initialized data, the random vector, a security policy and instructions to analyze n iterations of the initialized data and the security policy using the random vector and the second cryptographic key, and receive results of the analysis of the n iterations of the initialized data and the security policy using the random vector and the second cryptographic key. The analysis of an m iteration of the n iterations correspond to an analysis of the initialized data with prefix preservation where the analysis of the remaining iterations of the n iterations fail to be prefixed preserved.Type: GrantFiled: February 28, 2018Date of Patent: April 26, 2022Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)Inventors: Meisam Mohammady, Yosr Jarraya, Lingyu Wang, Mourad Debbabi, Makan Pourzandi
-
Patent number: 11314884Abstract: A node includes processing circuitry configured to encrypt first network data including a first tenant identifier using a first cryptographic key to generate first encrypted data and anonymize the first encrypted data to generate anonymized data where the anonymizing of the first encrypted data includes segmenting the first encrypted data and the anonymizing of the first encrypted data preserving relationships among the first network data associated with the first tenant identifier, encrypt the anonymized data using a second cryptographic key to generate encrypted anonymized data, transmit the encrypted anonymized data, at least one analysis parameter, at least one security policy and instructions to analyze the encrypted anonymized data using the at least one analysis parameter, the at least one security policy and the second cryptographic key, receive analysis data resulting from the analysis of the encrypted anonymized data, and determine verification results from the received analysis data.Type: GrantFiled: February 28, 2018Date of Patent: April 26, 2022Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)Inventors: Momen Oqaily, Yosr Jarraya, Lingyu Wang, Makan Pourzandi, Mourad Debbabi
-
Publication number: 20210182418Abstract: A node includes processing circuitry configured to encrypt first network data including a first tenant identifier using a first cryptographic key to generate first encrypted data and anonymize the first encrypted data to generate anonymized data where the anonymizing of the first encrypted data includes segmenting the first encrypted data and the anonymizing of the first encrypted data preserving relationships among the first network data associated with the first tenant identifier, encrypt the anonymized data using a second cryptographic key to generate encrypted anonymized data, transmit the encrypted anonymized data, at least one analysis parameter, at least one security policy and instructions to analyze the encrypted anonymized data using the at least one analysis parameter, the at least one security policy and the second cryptographic key, receive analysis data resulting from the analysis of the encrypted anonymized data, and determine verification results from the received analysis data.Type: ApplicationFiled: February 28, 2018Publication date: June 17, 2021Inventors: Momen OQAILY, Yosr JARRAYA, Lingyu WANG, Makan POURZANDI, Mourad DEBBABI
-
Publication number: 20210152572Abstract: A method, computing device and system are disclosed for evaluating security of virtual infrastructures of tenants in a cloud environment. At least one security metric may be calculated for virtual infrastructures of a tenant based on information associated with at least one virtual resource of the first tenant and at least one interaction of the at least one virtual resource of the first tenant with at least one virtual resource of at least one other tenant in a multi-tenant virtualized infrastructure. At least one security parameter may be evaluated for the first tenant based at least in part on at least one of the at least one calculated security metric for monitoring a security level of the first tenant relative to the at least one other tenant in the multi-tenant virtualized infrastructure.Type: ApplicationFiled: April 23, 2019Publication date: May 20, 2021Inventors: Taous MADI, Mengyuan ZHANG, Yosr JARRAYA, Lingyu WANG, Makan POURZANDI, Mourad DEBBABI
-
Publication number: 20200374210Abstract: Systems and methods for verifying the validity of a network link are described herein. A verification packet and an associated packet handling flow can be generated and added to a network in order to investigate a link between network nodes (e.g. switches).Type: ApplicationFiled: December 4, 2018Publication date: November 26, 2020Applicant: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)Inventors: Amir ALIMOHAMMADIFAR, Lingyu WANG, Yosr JARRAYA, Makan POURZANDI, Mourad DEBBABI
-
Publication number: 20190372941Abstract: A node including processing circuitry configured to: generate anonymized data based at least in part on a first cryptographic key and network data, calculate a coordination vector, generate initialized data based at least in part on the anonymized data, a second cryptographic key and the coordination vector, transmit the initialized data, the random vector, a security policy and instructions to analyze n iterations of the initialized data and the security policy using the random vector and the second cryptographic key, and receive results of the analysis of the n iterations of the initialized data and the security policy using the random vector and the second cryptographic key. The analysis of an m iteration of the n iterations correspond to an analysis of the initialized data with prefix preservation where the analysis of the remaining iterations of the n iterations fail to be prefixed preserved.Type: ApplicationFiled: February 28, 2018Publication date: December 5, 2019Applicant: Telefonaktiebolaget LM Ericsson (publ)Inventors: Meisam MOHAMMADY, Yosr JARRAYA, Lingyu WANG, Mourad DEBBABI, Makan POURZANDI
-
Patent number: 10268834Abstract: A method for a survey server for managing query communications between at least a requester server and at least one data holding entity is provided. The requester server holds a first share of a private key and the survey server holds a second share of the private key. An encrypted query is received and then forwarded to at least one data holding entity. A plurality of comparison responses is received. Each comparison response is generated by a private comparison protocol that compares the encrypted query with encrypted data. The encrypted data having been encrypted using the public key. Each comparison response having been partially decrypted with the first share of the private key and placed in the array in a randomized order. The array is decrypted using the second share of the private key. At least one result of the query is determined.Type: GrantFiled: June 26, 2014Date of Patent: April 23, 2019Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)Inventors: Makan Pourzandi, Feras Aljumah, Mourad Debbabi
-
Publication number: 20170124348Abstract: A method for a survey server for managing query communications between at least a requester server and at least one data holding entity is provided. The requester server holds a first share of a private key and the survey server holds a second share of the private key. An encrypted query is received and then forwarded to at least one data holding entity. A plurality of comparison responses is received. Each comparison response is generated by a private comparison protocol that compares the encrypted query with encrypted data. The encrypted data having been encrypted using the public key. Each comparison response having been partially decrypted with the first share of the private key and placed in the array in a randomized order. The array is decrypted using the second share of the private key. At least one result of the query is determined.Type: ApplicationFiled: June 26, 2014Publication date: May 4, 2017Inventors: Makan POURZANDI, Feras ALJUMAH, Mourad DEBBABI
-
Publication number: 20040040029Abstract: A computer based system accelerates code execution by speeding up method calls. A virtual machine includes a loader, interpreter and a thread manager. The loader constructing a hash-table using method signatures, and the interpreter searching the hash-table for locating methods. The interpreter using a method call cache having a pointer to a receiver for accelerating code execution. The thread manager using a depth level for accelerating locking state transitions.Type: ApplicationFiled: March 24, 2003Publication date: February 26, 2004Inventors: Mourad Debbabi, Nadia Tawbi, Sami Zhioua, Mourad Erhioui, Lamia Ketari, Hamdi Yahyaoui