Patents by Inventor Nitin Jyoti
Nitin Jyoti has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11888897Abstract: A system includes one or more “BotMagnet” modules that are exposed to infection by malicious code. The BotMagnets may include one or more virtual machines hosting operating systems in which malicious code may be installed and executed without exposing sensitive data or other parts of a network. In particular, outbound traffic may be transmitted to a Sinkhole module that implements a service requested by the outbound traffic and transmits responses to the malicious code executing within the BotMagnet. Credentials for services implemented by a BotSink may be planted in an active directory (AD) server. The BotSink periodically uses the credentials thereby creating log entries indicating use thereof. When an attacker accesses the services using the credentials, the BotSink engages and monitors an attacker system and may generate an alert. Decoy services may be assigned to a domain and associated with names according to a naming convention of the domain.Type: GrantFiled: August 24, 2022Date of Patent: January 30, 2024Assignee: SentinelOne, Inc.Inventors: Venu Vissamsetty, Nitin Jyoti, Pavan Patel, Prashanth Srinivas Mysore
-
Publication number: 20230065321Abstract: A system includes one or more “BotMagnet” modules that are exposed to infection by malicious code. The BotMagnets may include one or more virtual machines hosting operating systems in which malicious code may be installed and executed without exposing sensitive data or other parts of a network. In particular, outbound traffic may be transmitted to a Sinkhole module that implements a service requested by the outbound traffic and transmits responses to the malicious code executing within the BotMagnet. Credentials for services implemented by a BotSink may be planted in an active directory (AD) server. The BotSink periodically uses the credentials thereby creating log entries indicating use thereof. When an attacker accesses the services using the credentials, the BotSink engages and monitors an attacker system and may generate an alert. Decoy services may be assigned to a domain and associated with names according to a naming convention of the domain.Type: ApplicationFiled: August 24, 2022Publication date: March 2, 2023Inventors: Venu Vissamsetty, Nitin Jyoti, Pavan Patel, Prashanth Srinivas Mysore
-
Patent number: 11470115Abstract: A system includes one or more “BotMagnet” modules that are exposed to infection by malicious code. The BotMagnets may include one or more virtual machines hosting operating systems in which malicious code may be installed and executed without exposing sensitive data or other parts of a network. In particular, outbound traffic may be transmitted to a Sinkhole module that implements a service requested by the outbound traffic and transmits responses to the malicious code executing within the BotMagnet. Credentials for services implemented by a BotSink may be planted in an active directory (AD) server. The BotSink periodically uses the credentials thereby creating log entries indicating use thereof. When an attacker accesses the services using the credentials, the BotSink engages and monitors an attacker system and may generate an alert. Decoy services may be assigned to a domain and associated with names according to a naming convention of the domain.Type: GrantFiled: February 9, 2018Date of Patent: October 11, 2022Assignee: Attivo Networks, Inc.Inventors: Venu Vissamsetty, Nitin Jyoti, Pavan Patel, Prashanth Srinivas Mysore
-
Patent number: 10542044Abstract: A system reports credentials on nodes of a network. Nodes are assigned to security silos. If a credential reported from a node is found to match a credential found on a node outside of its security silo or be for authentication with a node outside the its security an alert is generated, unless proper precautions are generated. Credentials may be reported as one-way hashes of credentials. Security silos may be automatically generated to segregate at-risk nodes from critical servers based on the presence or use of email clients and browsers. Precautions that may be used to suppress alerts, such as using KERBEROS TGT.Type: GrantFiled: April 29, 2016Date of Patent: January 21, 2020Assignee: ATTIVO NETWORKS INC.Inventors: Venu Vissamsetty, Srikant Vissamsetti, Nitin Jyoti, Harinath Vishwanath Ramchetty
-
Publication number: 20190253453Abstract: A system includes one or more “BotMagnet” modules that are exposed to infection by malicious code. The BotMagnets may include one or more virtual machines hosing operating systems in which malicious code may be installed and executed without exposing sensitive data or other parts of a network. In particular, outbound traffic may be transmitted to a Sinkhole module that implements a service requested by the outbound traffic and transmits responses to the malicious code executing within the BotMagnet. Credentials for services implemented by a BotSink may be planted in an active directory (AD) server. The BotSink periodically uses the credentials thereby creating log entries indicating use thereof. When an attacker accesses the services using the credentials, the BotSink engages and monitors an attacker system and may generate an alert. Decoy services may be assigned to a domain and associated with names according to a naming convention of the domain.Type: ApplicationFiled: February 9, 2018Publication date: August 15, 2019Inventors: Venu Vissamsetty, Nitin Jyoti, Pavan Patel, Prashanth Srinivas Mysore
-
Patent number: 9852296Abstract: A file stored in a first portion of a computer memory of a computer is determined to be a malicious file. A duplicate of the file is stored in a quarantine area in the computer memory, the quarantine area being in a second portion of the computer memory that is different from the first portion of the computer memory. One or more protection processes are performed on the file. The determination that the file is a malicious file is determined to be a false positive and the file is restored, during a boot sequence, to a state prior to the one or more protection processes being performed on the file.Type: GrantFiled: September 25, 2015Date of Patent: December 26, 2017Assignee: McAfee, LLCInventors: Prabhat Kumar Singh, Nitin Jyoti, Gangadharasa Srinivasa
-
Publication number: 20170318054Abstract: A system reports credentials on nodes of a network. Nodes are assigned to security silos. If a credential reported from a node is found to match a credential found on a node outside of its security silo or be for authentication with a node outside the its security an alert is generated, unless proper precautions are generated. Credentials may be reported as one-way hashes of credentials. Security silos may be automatically generated to segregate at-risk nodes from critical servers based on the presence or use of email clients and browsers. Precautions that may be used to suppress alerts, such as using KERBEROS TGT.Type: ApplicationFiled: April 29, 2016Publication date: November 2, 2017Inventors: Venu Vissamsetty, Srikant Vissamsetti, Nitin Jyoti, Harinath Vishwanath Ramchetty
-
Patent number: 9703958Abstract: A file stored in a first portion of a computer memory of a computer is determined to be a malicious file. A duplicate of the file is stored in a quarantine area in the computer memory, the quarantine area being in a second portion of the computer memory that is different from the first portion of the computer memory. One or more protection processes are performed on the file. The determination that the file is a malicious file is determined to be a false positive and the file is restored, during a boot sequence, to a state prior to the one or more protection processes being performed on the file.Type: GrantFiled: September 25, 2015Date of Patent: July 11, 2017Assignee: McAfee, Inc.Inventors: Prabhat Kumar Singh, Nitin Jyoti, Gangadharasa Srinivasa
-
Patent number: 9607150Abstract: A file stored in a first portion of a computer memory of a computer is determined to be a malicious file. A duplicate of the file is stored in a quarantine area in the computer memory, the quarantine area being in a second portion of the computer memory that is different from the first portion of the computer memory. One or more protection processes are performed on the file. The determination that the file is a malicious file is determined to be a false positive and the file is restored, during a boot sequence, to a state prior to the one or more protection processes being performed on the file.Type: GrantFiled: May 11, 2015Date of Patent: March 28, 2017Assignee: McAfee, Inc.Inventors: Prabhat Kumar Singh, Nitin Jyoti, Gangadharasa Srinivasa
-
Patent number: 9323928Abstract: Systems and methods for detecting malicious processes in a non-signature based manner are disclosed. The system and method may include gathering features of processes running on an electronic device, applying a set of rules to the features, and applying a statistical analysis to the results of the rules application to determine whether a process should be classified into one or more of a plurality of process categories.Type: GrantFiled: June 1, 2011Date of Patent: April 26, 2016Assignee: McAfee, Inc.Inventors: Romanch Agarwal, Prabhat Kumar Singh, Nitin Jyoti, Harinath Ramachetty Vishwanath, Palasamudram Ramagopal Prashanth
-
Publication number: 20160019392Abstract: A file stored in a first portion of a computer memory of a computer is determined to be a malicious file. A duplicate of the file is stored in a quarantine area in the computer memory, the quarantine area being in a second portion of the computer memory that is different from the first portion of the computer memory. One or more protection processes are performed on the file. The determination that the file is a malicious file is determined to be a false positive and the file is restored, during a boot sequence, to a state prior to the one or more protection processes being performed on the file.Type: ApplicationFiled: September 25, 2015Publication date: January 21, 2016Applicant: MCAFEE, INC.Inventors: Prabhat Kumar Singh, Nitin Jyoti, Gangadharasa Srinivasa
-
Publication number: 20160021129Abstract: A file stored in a first portion of a computer memory of a computer is determined to be a malicious file. A duplicate of the file is stored in a quarantine area in the computer memory, the quarantine area being in a second portion of the computer memory that is different from the first portion of the computer memory. One or more protection processes are performed on the file. The determination that the file is a malicious file is determined to be a false positive and the file is restored, during a boot sequence, to a state prior to the one or more protection processes being performed on the file.Type: ApplicationFiled: September 25, 2015Publication date: January 21, 2016Applicant: McAfee, Inc.Inventors: Prabhat Kumar Singh, Nitin Jyoti, Gangadharasa Srinivasa
-
Publication number: 20150347755Abstract: A file stored in a first portion of a computer memory of a computer is determined to be a malicious file. A duplicate of the file is stored in a quarantine area in the computer memory, the quarantine area being in a second portion of the computer memory that is different from the first portion of the computer memory. One or more protection processes are performed on the file. The determination that the file is a malicious file is determined to be a false positive and the file is restored, during a boot sequence, to a state prior to the one or more protection processes being performed on the file.Type: ApplicationFiled: May 11, 2015Publication date: December 3, 2015Applicant: MCAFEE, INC.Inventors: Prabhat Kumar Singh, Nitin Jyoti, Gangadharasa Srinivasa
-
Patent number: 9032523Abstract: A file stored in a first portion of a computer memory of a computer is determined to be a malicious file. A duplicate of the file is stored in a quarantine area in the computer memory, the quarantine area being in a second portion of the computer memory that is different from the first portion of the computer memory. One or more protection processes are performed on the file. The determination that the file is a malicious file is determined to be a false positive and the file is restored, during a boot sequence, to a state prior to the one or more protection processes being performed on the file.Type: GrantFiled: September 16, 2013Date of Patent: May 12, 2015Assignee: McAfee, Inc.Inventors: Prabhat Kumar Singh, Nitin Jyoti, Gangadharasa Srinivasa
-
Patent number: 8732296Abstract: A system, method, and computer program product are provided for redirecting internet relay chat (IRC) traffic identified utilizing a port-independent algorithm and controlling IRC based malware. In use, IRC traffic communicated via a network is identified utilizing a port-independent algorithm. Furthermore, the IRC traffic is redirected to a honeypot.Type: GrantFiled: May 6, 2009Date of Patent: May 20, 2014Assignee: McAfee, Inc.Inventors: Vinoo Thomas, Nitin Jyoti, Cedric Cochin, Rachit Mathur
-
Patent number: 8677493Abstract: A method for providing malware cleaning includes detecting potential malware on a first device connected to a network. A request including information to allow a second device connected to the network to determine an appropriate cleaning response is sent from the first device to the second device over the network. Upon receiving the request, the second device attempts to identify an appropriate cleaning response and, if a response is identified, sends the cleaning response over the network to the first device. The cleaning response is usable by the first device to address the detected potential malware.Type: GrantFiled: September 7, 2011Date of Patent: March 18, 2014Assignee: McAfee, Inc.Inventors: Prabhat Kumar Singh, Palasamudram Ramagopal Prashanth, Nitin Jyoti
-
Patent number: 8667582Abstract: A system, method, and computer program product are provided for directing predetermined network traffic to a honeypot. In use, predetermined network traffic originating from a node in a local area network and/or a virtual private network is identified. Further, the predetermined network traffic is directed to a honeypot.Type: GrantFiled: December 10, 2007Date of Patent: March 4, 2014Assignee: McAfee, Inc.Inventors: Vinoo Thomas, Nitin Jyoti
-
Publication number: 20140026218Abstract: A file stored in a first portion of a computer memory of a computer is determined to be a malicious file. A duplicate of the file is stored in a quarantine area in the computer memory, the quarantine area being in a second portion of the computer memory that is different from the first portion of the computer memory. One or more protection processes are performed on the file. The determination that the file is a malicious file is determined to be a false positive and the file is restored, during a boot sequence, to a state prior to the one or more protection processes being performed on the file.Type: ApplicationFiled: September 16, 2013Publication date: January 23, 2014Applicant: McAfee, Inc.Inventors: Prabhat Kumar Singh, Nitin Jyoti, Gangadharasa Srinivasa
-
Publication number: 20130242743Abstract: A system, method, and computer program product are provided for directing predetermined network traffic to a honeypot. In use, predetermined network traffic originating from a node in a local area network and/or a virtual private network is identified. Further, the predetermined network traffic is directed to a honeypot.Type: ApplicationFiled: December 10, 2007Publication date: September 19, 2013Inventors: Vinoo Thomas, Nitin Jyoti
-
Patent number: 8539583Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for rolling back protection processes. In one aspect, a method includes determining that a file is a malicious file, storing a duplicate of the file in a quarantine area, performing one or more protection processes on the file, if the determination that the file is a malicious file is a false positive determination, restoring the file by a pre-boot rollback process to a state prior to the one or more protection processes performed on the file, and booting the computer with the restored file, and if the determination that the file is a malicious file is not a false positive determination, not restoring the file to a state prior to the one or more protection processes performed on the file, and booting the computer.Type: GrantFiled: November 3, 2009Date of Patent: September 17, 2013Assignee: McAfee, Inc.Inventors: Prabhat Kumar Singh, Nitin Jyoti, Gangadharasa Srinivasa