Patents by Inventor Ram Keralapura

Ram Keralapura has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 10404554
    Abstract: A method for profiling network traffic of a network. The method includes extracting cells from bi-directional payloads generated by a network application, wherein each cell comprises at least one direction reversal in a corresponding bi-directional flow, generating a cell group comprising a portion of the cells that are similar, analyzing the cell group to generate a signature of the network application, and classifying, based on the signature of the network application, a new bi-directional flow as being generated by the network application.
    Type: Grant
    Filed: September 21, 2016
    Date of Patent: September 3, 2019
    Assignee: Narus, Inc.
    Inventors: Alok Tongaonkar, Ram Keralapura, Antonio Nucci
  • Patent number: 10346939
    Abstract: A method to provide traveler content service. The method includes receiving, from the traveler and prior to the trip, a request to access traveler content during the trip, wherein the request comprises travel ticket information associated with the trip and access information to a source of the traveler content, wherein the trip crosses a region with no access to the source of the traveler content, retrieving, prior to the trip, the traveler content from the source using the access information, transmitting, in response to detecting a first vehicle assigned to the trip at a departure port of the trip, the traveler content to a first traveler content repository onboard the first vehicle to generate a traveler content first onboard copy, and providing, during the trip and by an onboard computer processor of the first vehicle, the traveler content first onboard copy from the first traveler content repository to the traveler.
    Type: Grant
    Filed: December 19, 2012
    Date of Patent: July 9, 2019
    Assignee: Narus, Inc.
    Inventors: Antonio Nucci, Ram Keralapura
  • Patent number: 10218598
    Abstract: A method for analyzing a binary-based application protocol of a network. The method includes obtaining conversations from the network, extracting content of a candidate field from a message in each conversation, calculating a randomness measure of the content to represent a level of randomness of the content across all conversation, calculating a correlation measure of the content to represent a level of correlation, across all of conversations, between the content and an attribute of a corresponding conversation where the message containing the candidate field is located, and selecting, based on the randomness measure and the correlation measure, and using a pre-determined field selection criterion, the candidate offset from a set of candidate offsets as the offset defined by the protocol.
    Type: Grant
    Filed: September 21, 2016
    Date of Patent: February 26, 2019
    Assignee: Narus, Inc.
    Inventors: Ignacio Bermudez, Marios Iliofotou, Marco Mellia, Ram Keralapura, Maurizio Matteo Munafo
  • Patent number: 10142359
    Abstract: System and method to identify a security entity in a computing environment is disclosed. Communication between a user computer and at least one destination computer by a security appliance is monitored by a security appliance. Selective information from the communication is extracted by the security appliance. At least one security entity is identified based on a subset of the selective information. One or more selective information is associated to at least one security entity. A knowledge graph is generated based on the associated selective information.
    Type: Grant
    Filed: April 22, 2016
    Date of Patent: November 27, 2018
    Assignee: AWAKE SECURITY, INC.
    Inventors: Eric Karasuda, Ram Keralapura, Chunsheng Victor Fang, Gary Golomb
  • Patent number: 9992209
    Abstract: System and method to characterize a security entity in a computing environment is disclosed. Communication between a user computer and at least one destination computer by a security appliance is monitored by a security appliance. Selective information from the communication is extracted by the security appliance, selective information indicative of the security entity. A plurality of words from the communication between the identified security entity and at least one destination computer are selectively extracted. A word cloud is generated based on the selectively extracted plurality of words. The word cloud is evaluated to characterize the identified security entity.
    Type: Grant
    Filed: April 22, 2016
    Date of Patent: June 5, 2018
    Assignee: AWAKE SECURITY, INC.
    Inventors: Ram Keralapura, Gary Golomb
  • Publication number: 20170012853
    Abstract: A method for analyzing a binary-based application protocol of a network. The method includes obtaining conversations from the network, extracting content of a candidate field from a message in each conversation, calculating a randomness measure of the content to represent a level of randomness of the content across all conversation, calculating a correlation measure of the content to represent a level of correlation, across all of conversations, between the content and an attribute of a corresponding conversation where the message containing the candidate field is located, and selecting, based on the randomness measure and the correlation measure, and using a pre-determined field selection criterion, the candidate offset from a set of candidate offsets as the offset defined by the protocol.
    Type: Application
    Filed: September 21, 2016
    Publication date: January 12, 2017
    Applicant: Narus, Inc.
    Inventors: Ignacio Bermudez, Marios Iliofotou, Marco Mellia, Ram Keralapura, Maurizio Matteo Munafo
  • Publication number: 20170012836
    Abstract: A method for profiling network traffic of a network. The method includes extracting cells from bi-directional payloads generated by a network application, wherein each cell comprises at least one direction reversal in a corresponding bi-directional flow, generating a cell group comprising a portion of the cells that are similar, analyzing the cell group to generate a signature of the network application, and classifying, based on the signature of the network application, a new bi-directional flow as being generated by the network application.
    Type: Application
    Filed: September 21, 2016
    Publication date: January 12, 2017
    Applicant: Narus, Inc.
    Inventors: Alok Tongaonkar, Ram Keralapura, Antonio Nucci
  • Patent number: 9479405
    Abstract: A method for profiling network traffic of a network. The method includes extracting cells from bi-directional payloads generated by a network application, wherein each cell comprises at least one direction reversal in a corresponding bi-directional flow, generating a cell group comprising a portion of the cells that are similar, analyzing the cell group to generate a signature of the network application, and classifying, based on the signature of the network application, a new bi-directional flow as being generated by the network application.
    Type: Grant
    Filed: December 21, 2012
    Date of Patent: October 25, 2016
    Assignee: Narus, Inc.
    Inventors: Alok Tongaonkar, Ram Keralapura, Antonio Nucci
  • Patent number: 9473380
    Abstract: A method for analyzing a binary-based application protocol of a network. The method includes obtaining conversations from the network, extracting content of a candidate field from a message in each conversation, calculating a randomness measure of the content to represent a level of randomness of the content across all conversation, calculating a correlation measure of the content to represent a level of correlation, across all of conversations, between the content and an attribute of a corresponding conversation where the message containing the candidate field is located, and selecting, based on the randomness measure and the correlation measure, and using a pre-determined field selection criterion, the candidate offset from a set of candidate offsets as the offset defined by the protocol.
    Type: Grant
    Filed: June 13, 2013
    Date of Patent: October 18, 2016
    Assignee: Narus, Inc.
    Inventors: Ignacio Bermudez, Marios Iliofotou, Marco Mellia, Ram Keralapura, Maurizio Matteo Munafo
  • Patent number: 9100326
    Abstract: A method for analyzing an application protocol of a network. The method includes extracting non-alphanumeric tokens from conversations of the network, selecting frequently occurring non-alphanumeric token as a field delimiter candidate for dividing each conversation into a slice-set, analyzing slice-sets of the conversations to determine a statistical measure of matched slices for each conversation, and -o determine a field delimiter candidate score by aggregating the statistical measure of matched slices for all conversations, and selecting the non-alphanumeric token as the field delimiter of the protocol based on the field delimiter candidate score associated with the non-alphanumeric token.
    Type: Grant
    Filed: June 13, 2013
    Date of Patent: August 4, 2015
    Assignee: Narus, Inc.
    Inventors: Marios Iliofotou, Ram Keralapura, Marco Mellia, Ignacio Bermudez
  • Patent number: 8964548
    Abstract: A method for profiling network traffic of a network is presented. The method includes obtaining a cohesive flow-set based on a (port number, transport protocol) pair, identifying a statistically representative training set from the flow-set, identifying a network application associated with the (port number, transport protocol) pair, determining a packet content based signature term of the network application based on the training set, generate a nondeterministic finite automaton (NFA) using the signature terms to represent regular expressions in the training set, matching a portion of a new flow to the NFA in real time and identify a server attached to the new flow as executing the network application, and generate an alert in response to the match for blocking the new flow prior to the server completing a task performed using the new flow.
    Type: Grant
    Filed: March 2, 2011
    Date of Patent: February 24, 2015
    Assignee: Narus, Inc.
    Inventors: Ram Keralapura, Antonio Nucci
  • Patent number: 8819227
    Abstract: A method for profiling network traffic of a network, including obtaining a plurality of flows comprising a plurality of client IP addresses, a plurality of server IP addresses, and a plurality of server ports, extracting a plurality of fully qualified domain names (FQDNs) from a plurality of DNS flows in the network traffic, analyzing correlation between the plurality of flows and the plurality of FQDNs to generate a result, and presenting the result to an administrator user of the network.
    Type: Grant
    Filed: March 19, 2012
    Date of Patent: August 26, 2014
    Assignee: Narus, Inc.
    Inventors: Ram Keralapura, Marco Mellia, Ignacio Bermudez, Antonio Nucci
  • Patent number: 8694630
    Abstract: A method for classifying network traffic, including (1) processing a first working set portion of a flow batch for a first iteration by dividing the first working set portion into clusters and filtering a cluster by (i) identifying a first server port as most frequently occurring comparing to all other server ports in the cluster, (ii) in response to determining that a first frequency of occurrence of the first server port in the cluster exceeds a pre-determined threshold: (a) identifying the cluster as a dominatedPort cluster, (b) removing the cluster from the first working set portion to generate a remainder as a second working set portion, and (c) removing, from the cluster to be added to the second working set portion, one or more flows having different server port than the first server port, and (2) processing the second working set portion for a second iteration.
    Type: Grant
    Filed: November 18, 2011
    Date of Patent: April 8, 2014
    Assignee: Narus, Inc.
    Inventors: Ram Keralapura, Marco Mellia, Luigi Grimaudo
  • Patent number: 8676729
    Abstract: Embodiments of the invention provide a method, system, and computer readable medium for classifying network traffic based on application signatures generated during a training phase using a modified subspace clustering scheme based on feature vectors extracted from network flows in a training set generated by a particular application and applying the signatures to a new feature vector extracted in real-time from current network data. The newly extracted feature vector is projected into the subspaces and compared with the signatures.
    Type: Grant
    Filed: June 14, 2011
    Date of Patent: March 18, 2014
    Assignee: Narus, Inc.
    Inventors: Ram Keralapura, Guowu Xie, Marios Iliofotou
  • Patent number: 8577817
    Abstract: A method for profiling network traffic of a network. The method includes identifying a training set having captured payloads corresponding to a set of flows associated with a network application, determining a set of signature terms from the training set, representing a portion of the captured payloads as regular expressions, representing a regular expression as a path in a term transition state machine (TTSM) including states coupled by at least a link that is assigned a signature term and a transition probability, the transition probability corresponding to a signature term transition to the signature term in the regular expression, and analyzing, based on the TTSM according to at least the transition probability, a flow separate from the set of flows and associated with a server in the network to determine the server as executing the network application.
    Type: Grant
    Filed: March 2, 2011
    Date of Patent: November 5, 2013
    Assignee: Narus, Inc.
    Inventors: Ram Keralapura, Antonio Nucci, Alok Tongaonkar
  • Patent number: 8578024
    Abstract: A method for profiling network traffic of a network, including defining a set of features each corresponding to a set of pre-determined bit positions for selecting a pre-determined number of data bits from each flow in a flow set generated by a network application to form a feature value assigned to the feature for the each flow, identifying the feature as a deterministic feature based on a frequency of occurrence of the feature value, extracting a set of paths from the flow set based on a number of deterministic features, generating a state machine based on the set of paths, and analyzing a new flow associated with a server in the network to determine the server as executing the network application.
    Type: Grant
    Filed: January 5, 2012
    Date of Patent: November 5, 2013
    Assignee: Narus, Inc.
    Inventors: Ram Keralapura, Ruben Torres, Marios Iliofotou, Alok Tongaonkar, Antonio Nucci
  • Patent number: 8494985
    Abstract: A method for profiling network traffic of a network. The method includes identifying a training set having captured payloads corresponding to a set of flows associated with a network application, determining a set of signature terms from the training set, representing a portion of the captured payloads as regular expressions, representing a regular expression as a path in a modified term transition state machine (MTTSM) including states coupled by at least a link that is assigned a signature term, and analyzing, based on the MTTSM, a flow separate from the set of flows and associated with a server in the network to determine the server as executing the network application.
    Type: Grant
    Filed: May 17, 2011
    Date of Patent: July 23, 2013
    Assignee: Narus, Inc.
    Inventors: Ram Keralapura, Alok Tongaonkar, Antonio Nucci
  • Patent number: 8284764
    Abstract: The invention relates to a method for profiling VoIP activity in network traffic. The method includes obtaining a plurality of audio packets from a plurality of packets in the network traffic by analyzing a plurality of parameter sets based on a first pre-determined criterion, wherein each of the plurality of parameter sets corresponds to a packet of the plurality of packets and comprises a packet size and a packet arrival time associated with a corresponding packet of the plurality of packets, generating a count of an IP address by counting at least a portion of the plurality of audio packets, wherein each packet of the portion of the plurality of audio packets comprises the IP address, and identifying an endpoint corresponding to the IP address as a VoIP server and identifying the portion of the plurality of audio packets as VoIP activity associated with the VoIP server when the count exceeds a pre-determined threshold.
    Type: Grant
    Filed: December 15, 2008
    Date of Patent: October 9, 2012
    Assignee: Narus, Inc.
    Inventors: Antonio Nucci, Supranamaya Ranjan, Ram Keralapura
  • Patent number: 8180916
    Abstract: Embodiments of the invention provide a framework for traffic classification that bridges the gap between the packet content inspection and the flow-based behavioral analysis techniques. In particular, IP packets and/or IP flows are used as an input, network nodes are associated to specific network applications by leveraging information gathered from the web, and packet content signatures are extracted in an off-line fashion using clustering and signature extraction algorithms. The signatures learned are systematically exported to a traffic classifier that uses the newly available signatures to classify applications on-the-fly.
    Type: Grant
    Filed: July 17, 2009
    Date of Patent: May 15, 2012
    Assignee: Narus, Inc.
    Inventors: Antonio Nucci, Ram Keralapura, Joshua Robinson
  • Patent number: 8160877
    Abstract: A method for real-time speaker recognition including obtaining speech data of a speaker, extracting, using a processor of a computer, a coarse feature of the speaker from the speech data, identifying the speaker as belonging to a pre-determined speaker cluster based on the coarse feature of the speaker, extracting, using the processor of the computer, a plurality of Mel-Frequency Cepstral Coefficients (MFCC) and a plurality of Gaussian Mixture Model (GMM) components from the speech data, determining a biometric signature of the speaker based on the plurality of MFCC and the plurality of GMM components, and determining in real time, using the processor of the computer, an identity of the speaker by comparing the biometric signature of the speaker to one of a plurality of biometric signature libraries associated with the pre-determined speaker cluster.
    Type: Grant
    Filed: August 6, 2009
    Date of Patent: April 17, 2012
    Assignee: Narus, Inc.
    Inventors: Antonio Nucci, Ram Keralapura