Patents by Inventor Ravindra K. BALUPARI
Ravindra K. BALUPARI has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240028625Abstract: The technology disclosed includes a system to perform multi-label support vector machine (SVM) classification of a document. The system creates document features representing frequencies or semantics of words in the document. Trained SVM classification parameters for a plurality of labels are applied to the document features for the document. The system determines positive and negative distances between SVM hyperplanes for the labels and the feature vector. Labels with positive distance to the feature vector are harvested. When the distribution of negative distances is characterized by a mean and standard deviation, the system further harvests the labels with a negative distance such that the harvested labels include the labels with a negative distance between the mean negative distance and zero and separated from the mean negative distance by a predetermined first number of standard deviations.Type: ApplicationFiled: September 28, 2023Publication date: January 25, 2024Inventors: Ravindra K. Balupari, Sandeep Yadav
-
Publication number: 20230370442Abstract: A network security system and method provide dynamic access control for a protected resource using a client-initiated ticket generation scheme. A client application receives, from an access control manager, a limited-use access ticket and may include the limited-use access ticket within application program interface (API) calls to a service application. The service application may forward the limited-use access ticket as a service access ticket to a ticket-based access control layer. A transaction monitor monitors run-time transaction information generated by the API calls to the service application and if the limited-use access ticket is detected in the run-time transaction information, forward the limited-use access ticket to the access control manager to perform validation of the limited-use access ticket.Type: ApplicationFiled: May 16, 2023Publication date: November 16, 2023Inventors: Robert Dykes, Lebin Cheng, Ravindra K. Balupari
-
Patent number: 11809467Abstract: The technology disclosed relates to a system. The system comprises a trained multi-label support vector machine running a one-vs-the-rest classifier. The trained multi-label support vector machine running a one-vs-the-rest classifier is configured with trained parameters. The trained parameters are learned from training the trained multi-label support vector machine running the one-vs-the-rest classifier on document features of documents belonging to a plurality of label classes, and hyperplane determinations on label classes in the plurality of label classes. The trained parameters include distributions of distances between the label classes and the hyperplanes.Type: GrantFiled: August 6, 2021Date of Patent: November 7, 2023Assignee: Netskope, Inc.Inventors: Ravindra K. Balupari, Sandeep Yadav
-
Publication number: 20230353592Abstract: The technology disclosed relates to simulating spread of a malware in cloud applications. In particular, the technology disclosed relates to accessing sharing data for files shared between users via sync and share mechanisms of cloud applications, tracing connections between the users by traversing a directed graph constructed based on the sharing data, and simulating spread of a malware based on the traced connections to simulate user exposure to, infection by, and transmission of the malware. The connections are created as a result of syncing and sharing the files via the sync and share mechanisms. The malware is spread by syncing and sharing of infected ones of the files via the sync and share mechanisms.Type: ApplicationFiled: June 30, 2023Publication date: November 2, 2023Inventors: Sean Hittel, Ravindra K. Balupari
-
Patent number: 11757908Abstract: The technology disclosed works in real time, as base and subordinate HTTP URL requests are received, to attribute subordinate HTTP URL requests to base web pages. The main case uses the “referer” or “referrer” HTTP header field for attribution, directly and through a referer hierarchy to the base web page. A second case, which minimizes false generation of base web page log entries, involves small files, such as cascading style sheets (CSS) files, that often have a blank or no referer field. The technology disclosed applies equivalently to hypertext transfer protocol secure (HTTPS) data (e.g., HTTPS transactions, requests, and/or events).Type: GrantFiled: November 9, 2020Date of Patent: September 12, 2023Assignee: Netskope, Inc.Inventor: Ravindra K. Balupari
-
Patent number: 11736509Abstract: The technology disclosed relates to simulating spread of a malware in cloud applications. In particular, the technology disclosed relates to accessing sharing data for files shared between users via sync and share mechanisms of cloud applications, tracing connections between the users by traversing a directed graph constructed based on the sharing data, and simulating spread of a malware based on the traced connections to simulate user exposure to, infection by, and transmission of the malware. The connections are created as a result of syncing and sharing the files via the sync and share mechanisms. The malware is spread by syncing and sharing of infected ones of the files via the sync and share mechanisms.Type: GrantFiled: December 2, 2020Date of Patent: August 22, 2023Assignee: Netskope, Inc.Inventors: Sean Hittel, Ravindra K. Balupari
-
Publication number: 20230262083Abstract: The technology disclosed works in real time, as base and subordinate HTTP URL requests are received, to attribute subordinate HTTP URL requests to base web pages. The main case uses the “referer” or “referrer” HTTP header field for attribution, directly and through a referer hierarchy to the base web page. A second case, which minimizes false generation of base web page log entries, involves small files, such as cascading style sheets (CSS) files, that often have a blank or no referer field. The technology disclosed applies equivalently to hypertext transfer protocol secure (HTTPS) data (e.g., HTTPS transactions, requests, and/or events).Type: ApplicationFiled: April 25, 2023Publication date: August 17, 2023Applicant: Netskope, Inc.Inventor: Ravindra K. Balupari
-
Patent number: 11652812Abstract: A network security system and method implements dynamic access control for a protected resource using run-time contextual information. In some embodiments, the network security system and method implements a dynamic access ticket scheme for access control where the access ticket is based on run-time application context. In other embodiments, the network security system and method implements policy enforcement actions in response to detected violations using application programming interface (API) to effectively block detected policy violations without negatively impacting the operation of the application or the user of the application. In some embodiments, the network security system uses enterprise social collaboration tools to interact with the end-user or with the system administrator in the event of detected security incidents.Type: GrantFiled: June 17, 2021Date of Patent: May 16, 2023Assignee: ARECABAY, INC.Inventors: Robert Dykes, Lebin Cheng, Ravindra K. Balupari
-
Publication number: 20220166781Abstract: The technology disclosed relates to detecting a ransomware attack on a cloud-based file storage system. The detecting includes collecting metadata on files at they are manipulated, storing the collected metadata as historical metadata, detecting multiple artifacts of the ransomware attack resulting from ransomware manipulation of the files by (i) comparing at least one of the extension, the magic number and the size included in the historical metadata to at least one of the extension, the magic number and the size included in current metadata of the files to identify a volume of changes in the files, and (ii) detecting that the identified volume of changes exceeds a change volume to determine that the ransomware attack is in progress, and identifying a user/machine that manipulated the files and responding to the determination that the ransomware attack is in progress by restricting further manipulation of other files by the identified user/machine.Type: ApplicationFiled: November 29, 2021Publication date: May 26, 2022Applicant: Netskope, Inc.Inventors: Sean HITTEL, Krishna NARAYANASWAMY, Ravindra K. BALUPARI, Ravi ITHAL
-
Publication number: 20220150262Abstract: The technology disclosed relates to detecting a data attack on a file system stored on an independent data store. The detecting includes scanning a list to identify files of the independent data store that have been updated within a timeframe, assembling current metadata for files identified by the scanning, obtaining historical metadata of the files, determining that a malicious activity is in process by analyzing the current metadata of the files and the historical metadata to identify a pattern of changes that exceeds a predetermined change velocity. Further, the detecting includes determining that the malicious activity is in process by analyzing the current metadata of the files and known patterns of malicious metadata to identify a match between the current metadata and the known patterns of malicious metadata, determining a machine/user that initiated the malicious activity, and implementing a response mechanism that restricts file modifications by the determined machine/user.Type: ApplicationFiled: November 15, 2021Publication date: May 12, 2022Applicant: Netskope, Inc.Inventors: Sean HITTEL, Krishna NARAYANASWAMY, Ravindra K. BALUPARI, Ravi ITHAL
-
Patent number: 11329904Abstract: The technology disclosed automates aggregate network traffic monitoring using an aggregation index that maps URLs, domain names, and subdomain names to roll-up families. Network usage records for family members, i.e., URLs, domain names, and subdomain names mapped to the same roll-up family in the aggregation index, are rolled up and attributed to a family root name identifying the roll-up family.Type: GrantFiled: October 19, 2020Date of Patent: May 10, 2022Assignee: Netskope, Inc.Inventors: Ravindra K. Balupari, Shankaran Gnanashanmugam
-
Publication number: 20210374487Abstract: The technology disclosed relates to a system. The system comprises a trained multi-label support vector machine running a one-vs-the-rest classifier. The trained multi-label support vector machine running a one-vs-the-rest classifier is configured with trained parameters. The trained parameters are learned from training the trained multi-label support vector machine running the one-vs-the-rest classifier on document features of documents belonging to a plurality of label classes, and hyperplane determinations on label classes in the plurality of label classes. The trained parameters include distributions of distances between the label classes and the hyperplanes.Type: ApplicationFiled: August 6, 2021Publication date: December 2, 2021Applicant: Netskope, Inc.Inventors: Ravindra K. BALUPARI, Sandeep YADAV
-
Patent number: 11190540Abstract: The technology disclosed relates to detecting a data attack on a local file system. The detecting includes scanning a list to identify files of the local file system that have been updated within a timeframe, reading payloads of files identified by the scanning, calculating current content properties from the payload of the files, obtaining historical content properties of the files, determining that a malicious activity is in process by analyzing the current content properties and the historical content properties to identify a pattern of changes that exceeds a predetermined change velocity. Further, the detecting includes determining that the malicious activity is in process by analyzing the current content properties and known patterns of malicious metadata to identify a match between the current metadata and the known patterns of malicious metadata, determining a machine/user that initiated the malicious activity, and implementing a response mechanism that restricts file modifications by the machine/user.Type: GrantFiled: November 4, 2019Date of Patent: November 30, 2021Assignee: Netskope, Inc.Inventors: Sean Hittel, Krishna Narayanaswamy, Ravindra K. Balupari, Ravi Ithal
-
Publication number: 20210367935Abstract: A network security system and method implements dynamic access control for a protected resource using run-time contextual information. In some embodiments, the network security system and method implements a dynamic access ticket scheme for access control where the access ticket is based on run-time application context. In other embodiments, the network security system and method implements policy enforcement actions in response to detected violations using application programming interface (API) to effectively block detected policy violations without negatively impacting the operation of the application or the user of the application. In some embodiments, the network security system uses enterprise social collaboration tools to interact with the end-user or with the system administrator in the event of detected security incidents.Type: ApplicationFiled: June 17, 2021Publication date: November 25, 2021Inventors: Robert Dykes, Lebin Cheng, Ravindra K. Balupari
-
Patent number: 11178172Abstract: The technology disclosed relates to detecting a data attack on a file system stored on an independent data store. The detecting includes scanning a list to identify files of the independent data store that have been updated within a timeframe, assembling current metadata for files identified by the scanning, obtaining historical metadata of the files, determining that a malicious activity is in process by analyzing the current metadata of the files and the historical metadata to identify a pattern of changes that exceeds a predetermined change velocity. Further, the detecting includes determining that the malicious activity is in process by analyzing the current metadata of the files and known patterns of malicious metadata to identify a match between the current metadata and the known patterns of malicious metadata, determining a machine/user that initiated the malicious activity, and implementing a response mechanism that restricts file modifications by the determined machine/user.Type: GrantFiled: November 8, 2019Date of Patent: November 16, 2021Assignee: NETSKOPE, INC.Inventors: Sean Hittel, Krishna Narayanaswamy, Ravindra K. Balupari, Ravi Ithal
-
Patent number: 11087179Abstract: The technology disclosed includes a system to perform multi-label support vector machine (SVM) classification of a document. The system creates document features representing frequencies or semantics of words in the document. Trained SVM classification parameters for a plurality of labels are applied to the document features for the document. The system determines positive and negative distances between SVM hyperplanes for the labels and the feature vector. Labels with positive distance to the feature vector are harvested. When the distribution of negative distances is characterized by a mean and standard deviation, the system further harvests the labels with a negative distance such that the harvested labels include the labels with a negative distance between the mean negative distance and zero and separated from the mean negative distance by a predetermined first number of standard deviations.Type: GrantFiled: December 19, 2018Date of Patent: August 10, 2021Assignee: Netskope, Inc.Inventors: Sandeep Yadav, Ravindra K. Balupari
-
Patent number: 11070539Abstract: A network security system and method implements dynamic access control for a protected resource using run-time contextual information. In some embodiments, the network security system and method implements a dynamic access ticket scheme for access control where the access ticket is based on run-time application context. In other embodiments, the network security system and method implements policy enforcement actions in response to detected violations using application programming interface (API) to effectively block detected policy violations without negatively impacting the operation of the application or the user of the application. In some embodiments, the network security system uses enterprise social collaboration tools to interact with the end-user or with the system administrator in the event of detected security incidents.Type: GrantFiled: April 4, 2019Date of Patent: July 20, 2021Assignee: ArecaBay, Inc.Inventors: Robert Dykes, Lebin Cheng, Ravindra K. Balupari
-
Publication number: 20210092147Abstract: The technology disclosed relates to simulating spread of a malware in cloud applications. In particular, the technology disclosed relates to accessing sharing data for files shared between users via sync and share mechanisms of cloud applications, tracing connections between the users by traversing a directed graph constructed based on the sharing data, and simulating spread of a malware based on the traced connections to simulate user exposure to, infection by, and transmission of the malware. The connections are created as a result of syncing and sharing the files via the sync and share mechanisms. The malware is spread by syncing and sharing of infected ones of the files via the sync and share mechanisms.Type: ApplicationFiled: December 2, 2020Publication date: March 25, 2021Applicant: Netskope, Inc.Inventors: Sean HITTEL, Ravindra K. BALUPARI
-
Publication number: 20210058420Abstract: The technology disclosed works in real time, as base and subordinate HTTP URL requests are received, to attribute subordinate HTTP URL requests to base web pages. The main case uses the “referer” or “referrer” HTTP header field for attribution, directly and through a referer hierarchy to the base web page. A second case, which minimizes false generation of base web page log entries, involves small files, such as cascading style sheets (CSS) files, that often have a blank or no referer field. The technology disclosed applies equivalently to hypertext transfer protocol secure (HTTPS) data (e.g., HTTPS transactions, requests, and/or events).Type: ApplicationFiled: November 9, 2020Publication date: February 25, 2021Applicant: Netskope, Inc.Inventor: Ravindra K. BALUPARI
-
Publication number: 20210036939Abstract: The technology disclosed automates aggregate network traffic monitoring using an aggregation index that maps URLs, domain names, and subdomain names to roll-up families. Network usage records for family members, i.e., URLs, domain names, and subdomain names mapped to the same roll-up family in the aggregation index, are rolled up and attributed to a family root name identifying the roll-up family.Type: ApplicationFiled: October 19, 2020Publication date: February 4, 2021Applicant: Netskope, Inc.Inventors: Ravindra K. BALUPARI, Shankaran GNANASHANMUGAM