Patents by Inventor Rajendra A. Gopalakrishna
Rajendra A. Gopalakrishna has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10419479Abstract: Provided are systems, methods, and computer program products for a cyber-vaccination technique. In various implementations, the technique includes determine characteristics of a testing environment. A testing environment can be used to analyze malware programs. The technique can further include configuring a production network device with the characteristics, so that the production network device resembles the testing environment. The production network device is used for network operations, which excludes analyzing malware programs.Type: GrantFiled: March 23, 2017Date of Patent: September 17, 2019Assignee: Acalvio Technologies, Inc.Inventor: Rajendra A. Gopalakrishna
-
Patent number: 10348763Abstract: Provided are methods, network devices, and computer-program products for dynamically configuring a deception mechanism in response to network traffic from a possible network threat. In various implementations, a network deception system can receive a packet from a network. The network deception system can determine an intent associated with the packet by examining the contents of the packet. The network deception system can further configure a deception mechanism to respond to the intent, for example with the appropriate network communications, software or hardware configuration, and/or data.Type: GrantFiled: April 25, 2017Date of Patent: July 9, 2019Assignee: Acalvio Technologies, Inc.Inventors: Rajendra A. Gopalakrishna, Johnson Wu, Sreenivas Gukal, Rammohan Varadarajan
-
Publication number: 20190199748Abstract: Provided are systems, methods, and computer program products for a cyber-vaccination technique. In various implementations, the technique includes determine characteristics of a testing environment. A testing environment can be used to analyze malware programs. The technique can further include configuring a production network device with the characteristics, so that the production network device resembles the testing environment. The production network device is used for network operations, which excludes analyzing malware programs.Type: ApplicationFiled: March 5, 2019Publication date: June 27, 2019Applicant: Acalvio Technologies, Inc.Inventor: Rajendra A. Gopalakrishna
-
Patent number: 10218741Abstract: Provided are systems, methods, and computer program products for a cyber-vaccination technique. In various implementations, the cyber-vaccination technique includes using a network device that is infected by a malware program to determining a marker generated by the malware program. The marker may indicate to the malware program that the network device has been infected by the malware program. Determining the marker can include identifying a placement of the marker on the network device. The technique further includes identifying one or more other network devices that have not previously been infected by the malware program. The technique further includes automatically distributing copies of the marker. When a copy of the marker is received at one of the previously identified, uninfected network devices, the identified network device can place the marker on the identified network device according to the identified placement.Type: GrantFiled: March 23, 2017Date of Patent: February 26, 2019Assignee: ACALVIO TECHNOLOGIES, INC.Inventor: Rajendra A. Gopalakrishna
-
Patent number: 10104120Abstract: Provided are systems, methods, and computer program products for a cyber-antibody technique. In various implementations, the technique includes monitoring, by a network device infected with an unknown malware program, packets set by the network device onto a network. The technique further includes identifying a packet that is associated with the unknown malware program. The packet can be identified from among the monitored packets. Identifying the packet can include determining a characteristic of the packet. The technique further includes identifying packets that have a characteristic similar to the characteristic of the packet. The technique can further include inserting data associated with a known malware program into the identified packets. The technique can further include distributing the characteristic to other network devices, to similarly taint packets that may be issued from those other network devices.Type: GrantFiled: March 23, 2017Date of Patent: October 16, 2018Assignee: ACALVIO TECHNOLOGIES, INC.Inventor: Rajendra A. Gopalakrishna
-
Patent number: 10033762Abstract: Provided are methods, network devices, and computer-program products for a network deception system. The network deception system can engage a network threat with a deception mechanism, and dynamically escalating the deception to maintain the engagement. The system can include super-low, low, and high-interaction deceptions. The super-low deceptions can respond to requests for address information, and requires few computing resources. When network traffic directed to the super-low deception requires a more complex response, the system can initiate a low-interaction deception. The low-interaction deception can emulate multiple devices, which can give the low-interaction deception away as a deception. Hence, when the network traffic includes an attempted connection, the system can initiate a high-interaction deception. The high-interaction more closely emulates a network device, and can be more difficult to identify as a deception.Type: GrantFiled: April 25, 2017Date of Patent: July 24, 2018Assignee: ACALVIO TECHNOLOGIES, INC.Inventors: Johnson Wu, Rajendra A. Gopalakrishna, Sreenivas Gukal, Rammohan Varadarajan
-
Publication number: 20180198806Abstract: Provided are systems, methods, and computer program products for a cyber-vaccination technique. In various implementations, the technique includes determine characteristics of a testing environment. A testing environment can be used to analyze malware programs. The technique can further include configuring a production network device with the characteristics, so that the production network device resembles the testing environment. The production network device is used for network operations, which excludes analyzing malware programs.Type: ApplicationFiled: March 23, 2017Publication date: July 12, 2018Applicant: Acalvio Technologies, Inc.Inventor: Rajendra A. Gopalakrishna
-
Publication number: 20180198821Abstract: Provided are systems, methods, and computer program products for a cyber-vaccination technique. In various implementations, the cyber-vaccination technique includes using a network device that is infected by a malware program to determining a marker generated by the malware program. The marker may indicate to the malware program that the network device has been infected by the malware program. Determining the marker can include identifying a placement of the marker on the network device. The technique further includes identifying one or more other network devices that have not previously been infected by the malware program. The technique further includes automatically distributing copies of the marker. When a copy of the marker is received at one of the previously identified, uninfected network devices, the identified network device can place the marker on the identified network device according to the identified placement.Type: ApplicationFiled: March 23, 2017Publication date: July 12, 2018Applicant: Acalvio Technologies, Inc.Inventor: Rajendra A. Gopalakrishna
-
Publication number: 20180198801Abstract: Provided are systems, methods, and computer program products for a cyber-antibody technique. In various implementations, the technique includes monitoring, by a network device infected with an unknown malware program, packets set by the network device onto a network. The technique further includes identifying a packet that is associated with the unknown malware program. The packet can be identified from among the monitored packets. Identifying the packet can include determining a characteristic of the packet. The technique further includes identifying packets that have a characteristic similar to the characteristic of the packet. The technique can further include inserting data associated with a known malware program into the identified packets. The technique can further include distributing the characteristic to other network devices, to similarly taint packets that may be issued from those other network devices.Type: ApplicationFiled: March 23, 2017Publication date: July 12, 2018Applicant: Acalvio Technologies, Inc.Inventor: Rajendra A. Gopalakrishna
-
Publication number: 20170310705Abstract: Provided are methods, network devices, and computer-program products for dynamically configuring a deception mechanism in response to network traffic from a possible network threat. In various implementations, a network deception system can receive a packet from a network. The network deception system can determine an intent associated with the packet by examining the contents of the packet. The network deception system can further configure a deception mechanism to respond to the intent, for example with the appropriate network communications, software or hardware configuration, and/or data.Type: ApplicationFiled: April 25, 2017Publication date: October 26, 2017Applicant: Acalvio Technologies, Inc.Inventors: Rajendra A. Gopalakrishna, Johnson Wu, Sreenivas Gukal, Rammohan Varadarajan
-
Publication number: 20170310704Abstract: Provided are methods, network devices, and computer-program products for a network deception system. The network deception system can engage a network threat with a deception mechanism, and dynamically escalating the deception to maintain the engagement. The system can include super-low, low, and high-interaction deceptions. The super-low deceptions can respond to requests for address information, and requires few computing resources. When network traffic directed to the super-low deception requires a more complex response, the system can initiate a low-interaction deception. The low-interaction deception can emulate multiple devices, which can give the low-interaction deception away as a deception. Hence, when the network traffic includes an attempted connection, the system can initiate a high-interaction deception. The high-interaction more closely emulates a network device, and can be more difficult to identify as a deception.Type: ApplicationFiled: April 25, 2017Publication date: October 26, 2017Applicant: Acalvio Technologies, Inc.Inventors: Johnson Wu, Rajendra A. Gopalakrishna, Sreenivas Gukal, Rammohan Varadarajan
-
Patent number: 9037865Abstract: Securely providing secret information, such as PINs, to users via an encrypted electronic document is disclosed. The user might receive the encrypted electronic document as an attachment to an e-mail or might access the encrypted electronic document from a web site, as two examples. In order to open the encrypted electronic document, the user may need to provide some information that is on a physical banking card that was issued to the user. Therefore, an extra level of security is provided in that the user needs to be in possession of the physical banking card that may have been delivered by traditional mail, as well as the encrypted electronic document which is delivered via an electronic network.Type: GrantFiled: March 4, 2013Date of Patent: May 19, 2015Assignee: CA, Inc.Inventor: Rajendra A. Gopalakrishna
-
Patent number: 8869238Abstract: System and methods for authenticating a transaction between a user system and a host system are described herein. In one embodiment, the system and methods use a text-reading test (TRT) image as part of the authentication process. The TRT image is presented to the user upon initiation of a transaction by the user. Information provided by a user, via the user system, after perception of the TRT image is compared to the source information in the TRT image. If the user input corresponds to the source information, the user is authenticated and transaction is allowed to proceed.Type: GrantFiled: February 6, 2009Date of Patent: October 21, 2014Assignee: CA, Inc.Inventor: Rajendra A. Gopalakrishna
-
Patent number: 8856269Abstract: A system identifies a real Internet Protocol (IP) address of a computer device having a browser and software for masking the real IP address. The system includes a server in communication with the device through an Anonymous Proxy Server (APS), an algorithm, and a website with embedded dynamic web content from the server. The algorithm identifies the real IP address, and executes the dynamic web content on the browser to open a direct network connection between the server and device. The network connection identifies the real IP address. A method for identifying the real IP address includes embedding dynamic web content within the website, executing the content within the browser when the device accesses the website via a first network connection, thereby opening a second network connection between the server and device. The real IP address is identified over the second network connection, and a security action may be executed.Type: GrantFiled: December 21, 2009Date of Patent: October 7, 2014Assignee: CA, Inc.Inventor: Rajendra A. Gopalakrishna
-
Publication number: 20100217825Abstract: A system identifies a real Internet Protocol (IP) address of a computer device having a browser and software for masking the real IP address. The system includes a server in communication with the device through an Anonymous Proxy Server (APS), an algorithm, and a website with embedded dynamic web content from the server. The algorithm identifies the real IP address, and executes the dynamic web content on the browser to open a direct network connection between the server and device. The network connection identifies the real IP address. A method for identifying the real IP address includes embedding dynamic web content within the website, executing the content within the browser when the device accesses the website via a first network connection, thereby opening a second network connection between the server and device. The real IP address is identified over the second network connection, and a security action may be executed.Type: ApplicationFiled: December 21, 2009Publication date: August 26, 2010Applicant: Arcot Systems, Inc.Inventor: Rajendra A. Gopalakrishna
-
Patent number: 7634470Abstract: The present invention describes techniques for performing searches in an efficient manner while minimizing the memory resources required to perform the searches. According to the techniques of the present invention, the number of comparisons needed to determine if a query element is in included in a set of elements is proportional to the length of the query element and independent of the number of elements in the set of elements.Type: GrantFiled: July 25, 2005Date of Patent: December 15, 2009Assignee: Arcot Systems, Inc.Inventors: Sanguthevar Rajasekaran, Rajendra A. Gopalakrishna
-
Publication number: 20090199272Abstract: System and methods for authenticating a transaction between a user system and a host system are described herein. In one embodiment, the system and methods use a text-reading test (TRT) image as part of the authentication process. The TRT image is presented to the user upon initiation of a transaction by the user. Information provided by a user, via the user system, after perception of the TRT image is compared to the source information in the TRT image. If the user input corresponds to the source information, the user is authenticated and transaction is allowed to proceed.Type: ApplicationFiled: February 6, 2009Publication date: August 6, 2009Applicant: Arcot Systems, Inc.Inventor: Rajendra A. Gopalakrishna
-
Patent number: 6959303Abstract: The present invention describes techniques for performing searches in an efficient manner while minimizing the memory resources required to perform the searches. According to the techniques of the present invention, the number of comparisons needed to determine if a query element is in included in a set of elements is proportional to the length of the query element and independent of the number of elements in the set of elements.Type: GrantFiled: December 4, 2001Date of Patent: October 25, 2005Assignee: Arcot Systems, Inc.Inventors: Sanguthevar Rajasekaran, Rajendra A. Gopalakrishna
-
Patent number: 6928427Abstract: In an authorization system, access is defined by rules, roles and active rules. These definitions are preprocessed to form a bit array for each of a plurality of roles representing the rules that apply to that role. Once a bit array is calculated or generated for a given user based on that user's roles, the user bit array can be cached so that it need not be regenerated for each time the user requests access to resources. The rules used can either be role-based rules or active rules.Type: GrantFiled: March 8, 2002Date of Patent: August 9, 2005Assignee: Arcot Systems, Inc.Inventors: Sanguthevar Rajasekaran, Rajendra A. Gopalakrishna
-
Publication number: 20020143766Abstract: In an authorization system, access is defined by rules, roles and active rules. These definitions are preprocessed to form a bit array for each of a plurality of roles representing the rules that apply to that role. Once a bit array is calculated or generated for a given user based on that user's roles, the user bit array can be cached so that it need not be regenerated for each time the user requests access to resources. The rules used can either be role-based rules or active rules.Type: ApplicationFiled: March 8, 2002Publication date: October 3, 2002Applicant: Arcot Systems, Inc.Inventors: Sanguthevar Rajasekaran, Rajendra A. Gopalakrishna