Patents by Inventor Nipun Arora
Nipun Arora has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10999323Abstract: Endpoint security systems and methods include a distance estimation module configured to calculate a travel distance between a source Internet Protocol (IP) address and an IP address for a target network endpoint system from a received packet received by a network gateway system based on time-to-live (TTL) information from the received packet. A machine learning model is configured to estimate an expected travel distance between the source IP address and the target network endpoint system IP address based on a sparse set of known source/target distances. A spoof detection module is configured to determine that the received packet has a spoofed source IP address based on a comparison between the calculated travel distance and the expected travel distance. A security module is configured to perform a security action at the network gateway system responsive to the determination that the received packet has a spoofed source IP address.Type: GrantFiled: August 13, 2018Date of Patent: May 4, 2021Inventors: Cristian Lumezanu, Nipun Arora, Haifeng Chen, Bo Zong, Daeki Cho, Mingda Li
-
Patent number: 10929765Abstract: A computer-implemented method for automatically analyzing log contents received via a network and detecting content-level anomalies is presented. The computer-implemented method includes building a statistical model based on contents of a set of training logs and detecting, based on the set of training logs, content-level anomalies for a set of testing logs. The method further includes maintaining an index and metadata, generating attributes for fields, editing model capability to incorporate user domain knowledge, detecting anomalies using field attributes, and improving anomaly quality by using user feedback.Type: GrantFiled: August 16, 2017Date of Patent: February 23, 2021Inventors: Biplob Debnath, Hui Zhang, Jianwu Xu, Nipun Arora, Guofei Jiang, Bo Zong
-
Patent number: 10915535Abstract: Systems and methods for optimizing query execution to improve query processing by a computer are provided. A query is analyzed and translated into a logical plan. A runtime query optimizer is applied to the logical plan to identify a physical plan including operators for execution. The logical plan is translated into the physical plan. Execution of the query is scheduled according to the physical plan.Type: GrantFiled: May 18, 2018Date of Patent: February 9, 2021Inventors: Haifeng Chen, Youfu Li, Daeki Cho, Bo Zong, Nipun Arora, Cristian Lumezanu
-
Patent number: 10911488Abstract: Methods and systems for mitigating a spoofing-based attack include calculating a travel distance between a source Internet Protocol (IP) address and a target IP address from a received packet based on time-to-live information from the received packet. An expected travel distance between the source IP address and the target IP address is estimated based on a sparse set of known source/target distances. It is determined that the received packet has a spoofed source IP address based on a comparison between the calculated travel distance and the expected travel distance. A security action is performed responsive to the determination that the received packet has a spoofed source IP address.Type: GrantFiled: August 13, 2018Date of Patent: February 2, 2021Inventors: Cristian Lumezanu, Nipun Arora, Haifeng Chen, Bo Zong, Daeki Cho, Mingda Li
-
Patent number: 10887344Abstract: Endpoint security systems and methods include a distance estimation module configured to calculate a travel distance between a source Internet Protocol (IP) address and an IP address for a target network endpoint system from a received packet received by the target network endpoint system based on time-to-live (TTL) information from the received packet. A machine learning model is configured to estimate an expected travel distance between the source IP address and the target network endpoint system IP address based on a sparse set of known source/target distances. A spoof detection module is configured to determine that the received packet has a spoofed source IP address based on a comparison between the calculated travel distance and the expected travel distance. A security module is configured to perform a security action at the target network endpoint system responsive to the determination that the received packet has a spoofed source IP address.Type: GrantFiled: August 13, 2018Date of Patent: January 5, 2021Assignee: NEC CorporationInventors: Cristian Lumezanu, Nipun Arora, Haifeng Chen, Bo Zong, Daeki Cho, Mingda Li
-
Publication number: 20190098050Abstract: Endpoint security systems and methods include a distance estimation module configured to calculate a travel distance between a source Internet Protocol (IP) address and an IP address for a target network endpoint system from a received packet received by a network gateway system based on time-to-live (TTL) information from the received packet. A machine learning model is configured to estimate an expected travel distance between the source IP address and the target network endpoint system IP address based on a sparse set of known source/target distances. A spoof detection module is configured to determine that the received packet has a spoofed source IP address based on a comparison between the calculated travel distance and the expected travel distance. A security module is configured to perform a security action at the network gateway system responsive to the determination that the received packet has a spoofed source IP address.Type: ApplicationFiled: August 13, 2018Publication date: March 28, 2019Inventors: Cristian Lumezanu, Nipun Arora, Haifeng Chen, Bo Zong, Daeki Cho, Mingda Li
-
Publication number: 20190098049Abstract: Endpoint security systems and methods include a distance estimation module configured to calculate a travel distance between a source Internet Protocol (IP) address and an IP address for a target network endpoint system from a received packet received by the target network endpoint system based on time-to-live (TTL) information from the received packet. A machine learning model is configured to estimate an expected travel distance between the source IP address and the target network endpoint system IP address based on a sparse set of known source/target distances. A spoof detection module is configured to determine that the received packet has a spoofed source IP address based on a comparison between the calculated travel distance and the expected travel distance. A security module is configured to perform a security action at the target network endpoint system responsive to the determination that the received packet has a spoofed source IP address.Type: ApplicationFiled: August 13, 2018Publication date: March 28, 2019Inventors: Cristian Lumezanu, Nipun Arora, Haifeng Chen, Bo Zong, Daeki Cho, Mingda Li
-
Publication number: 20190098048Abstract: Methods and systems for mitigating a spoofing-based attack include calculating a travel distance between a source Internet Protocol (IP) address and a target IP address from a received packet based on time-to-live information from the received packet. An expected travel distance between the source IP address and the target IP address is estimated based on a sparse set of known source/target distances. It is determined that the received packet has a spoofed source IP address based on a comparison between the calculated travel distance and the expected travel distance. A security action is performed responsive to the determination that the received packet has a spoofed source IP address.Type: ApplicationFiled: August 13, 2018Publication date: March 28, 2019Inventors: Cristian Lumezanu, Nipun Arora, Haifeng Chen, Bo Zong, Daeki Cho, Mingda Li
-
Publication number: 20180365291Abstract: Systems and methods for optimizing query execution to improve query processing by a computer are provided. A query is analyzed and translated into a logical plan. A runtime query optimizer is applied to the logical plan to identify a physical plan including operators for execution. The logical plan is translated into the physical plan. Execution of the query is scheduled according to the physical plan.Type: ApplicationFiled: May 18, 2018Publication date: December 20, 2018Inventors: Haifeng Chen, Youfu Li, Daeki Cho, Bo Zong, Nipun Arora, Cristian Lumezanu
-
Publication number: 20180365294Abstract: Systems and methods for implementing a behavior analysis engine (BAE) to improve computer query processing are provided. A job request to execute an input rule on target log data is received by a BAE service via a user interface. The job request is executed by the BAE service to generate a result by obtaining the input rule from a rule-base, parsing the input rule to create a data structure, optimizing the data structure, and executing one or more operations using the optimized data structure. The result is stored by the BAE service in a result database.Type: ApplicationFiled: May 18, 2018Publication date: December 20, 2018Inventors: Daeki Cho, Nipun Arora, Hui Zhang
-
Patent number: 10114728Abstract: The invention is directed to a computer implemented method and a system that implements an application performance profiler with hardware performance event information. The profiler provides dynamic tracing of application programs, and offers fine-grained hardware performance event profiling at function levels. To control the perturbation on target applications, the profiler also includes a control mechanism to constraint the function profiling overhead within a budget configured by users.Type: GrantFiled: April 10, 2014Date of Patent: October 30, 2018Assignee: NEC CorporationInventors: Hui Zhang, Nipun Arora, Junghwan Rhee, Kai Ma, Guofei Jiang
-
Patent number: 10031788Abstract: Methods and systems for profiling requests include generating request units based on collected kernel events that include complete request units and half-open request units. The generated request units are sequenced based on a causality relationship set that describes causality relationships between kernel events.Type: GrantFiled: September 14, 2016Date of Patent: July 24, 2018Assignee: NEC CorporationInventors: Hui Zhang, Guofei Jiang, Junghwan Rhee, Nipun Arora
-
Publication number: 20180174065Abstract: A computer-implemented method for automatically analyzing log contents received via a network and detecting content-level anomalies is presented. The computer-implemented method includes building a statistical model based on contents of a set of training logs and detecting, based on the set of training logs, content-level anomalies for a set of testing logs. The method further includes maintaining an index and metadata, generating attributes for fields, editing model capability to incorporate user domain knowledge, detecting anomalies using field attributes, and improving anomaly quality by using user feedback.Type: ApplicationFiled: August 16, 2017Publication date: June 21, 2018Inventors: Biplob Debnath, Hui Zhang, Jianwu Xu, Nipun Arora, Guofei Jiang, Bo Zong
-
Publication number: 20180129579Abstract: Systems and methods are disclosed for processing a stream of logged data by: creating one or more models from a set of training logs during a training phase; receiving testing data in real-time and generating anomalies using the models created during the training phase; updating the one or more models during real-time processing of a live stream of logs; and detecting a log anomaly from the live stream of logs.Type: ApplicationFiled: October 16, 2017Publication date: May 10, 2018Inventors: Biplob Debnath, Nipun Arora, Hui Zhang, Guofei Jiang, Mohiuddin Solaimani, Muhammad Ali Gulzar
-
Patent number: 9928155Abstract: Systems and methods are disclosed for handling log data from one or more applications, sensors or instruments by receiving heterogeneous logs from arbitrary/unknown systems or applications; generating regular expression patterns from the heterogeneous log sources using machine learning and extracting a log pattern therefrom; generating models and profiles from training logs based on different conditions and updating a global model database storing all models generated over time; tokenizing raw log messages from one or more applications, sensors or instruments running a production system; transforming incoming tokenized streams are into data-objects for anomaly detection and forwarding of log messages to various anomaly detectors; and generating an anomaly alert from the one or more applications, sensors or instruments running a production system.Type: GrantFiled: November 15, 2016Date of Patent: March 27, 2018Assignee: NEC CorporationInventors: Jianwu Xu, Biplob Debnath, Hui Zhang, Guofei Jiang, Nipun Arora
-
Patent number: 9813301Abstract: Systems and methods for decoupled searching and optimization for one or more data centers, including determining a network topology for one or more networks of interconnected computer systems embedded in the one or more data center, searching for routing candidates based on a network topology determined, and updating and applying one or more objective functions to the routing candidates to determine an optimal routing candidate to satisfy embedding goals based on tenant requests, and to embed the optimal routing candidate in the one or more data centers.Type: GrantFiled: August 19, 2015Date of Patent: November 7, 2017Assignee: NEC CorporationInventors: Qiang Xu, Cristian Lumezanu, Zhuotao Liu, Nipun Arora, Abhishek Sharma, Hui Zhang, Guofei Jiang
-
Patent number: 9736064Abstract: Methods and systems for finding a packet's routing path in a network includes intercepting control messages sent by a controller to one or more switches in a software defined network (SDN). A state of the SDN at a requested time is emulated and one or more possible routing paths through the emulated SDN is identified by replaying the intercepted control messages to one or more emulated switches in the emulated SDN. The one or more possible routing paths correspond to a requested packet injected into the SDN at the requested time.Type: GrantFiled: December 16, 2014Date of Patent: August 15, 2017Assignee: NEC CorporationInventors: Hui Zhang, Behnaz Arzani, Franjo Ivancic, Junghwan Rhee, Nipun Arora, Guofei Jiang
-
Patent number: 9736053Abstract: A computer implemented method for network monitoring includes providing network packet event characterization and analysis for network monitoring that includes supporting summarization and characterization of network packet traces collected across multiple processing elements of different types in a virtual network, including a trace slicing to organize individual packet events into path-based trace slices, a trace characterization to extract at least 2 types of feature matrix describing those trace slices, and a trace analysis to cluster, rank and query packet traces based on metrics of the feature matrix.Type: GrantFiled: March 23, 2015Date of Patent: August 15, 2017Assignee: NEC CorporationInventors: Hui Zhang, Cristian Lumezanu, Junghwan Rhee, Nipun Arora, Qiang Xu, Guofei Jiang
-
Publication number: 20170139806Abstract: Systems and methods are disclosed for handling log data from one or more applications, sensors or instruments by receiving heterogeneous logs from arbitrary/unknown systems or applications; generating regular expression patterns from the heterogeneous log sources using machine learning and extracting a log pattern therefrom; generating models and profiles from training logs based on different conditions and updating a global model database storing all models generated over time; tokenizing raw log messages from one or more applications, sensors or instruments running a production system; transforming incoming tokenized streams are into data-objects for anomaly detection and forwarding of log messages to various anomaly detectors; and generating an anomaly alert from the one or more applications, sensors or instruments running a production system.Type: ApplicationFiled: November 15, 2016Publication date: May 18, 2017Inventors: Jianwu Xu, Biplob Debnath, Hui Zhang, Guofei Jiang, Nipun Arora
-
Publication number: 20170132053Abstract: Methods and systems for profiling requests include generating request units based on collected kernel events that include complete request units and half-open request units. The generated request units are sequenced based on a causality relationship set that describes causality relationships between kernel events.Type: ApplicationFiled: September 14, 2016Publication date: May 11, 2017Inventors: Hui Zhang, Guofei Jiang, Junghwan Rhee, Nipun Arora