Patents by Inventor Sherin Mary Mathews
Sherin Mary Mathews has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11977630Abstract: There is disclosed in one example a ransomware mitigation engine, including: a processor; a convolutional neural network configured to provide file type identification (FTI) services including: identifying an access operation of a file as a write to the file or newly creating the file; computing a byte correlation factor for the file; classifying the file as belonging to a file type; determining with a screening confidence that the file type is correct for the file; determining that the screening confidence is below a screening confidence threshold; and circuitry and logic to provide heuristic analysis including: receiving notification that the confidence is below the confidence threshold; performing a statistical analysis of the file to determine a difference between an expected value and a computed value; determining from the difference, with a detection confidence, that the file has been compromised; and identifying the file as having been compromised by a ransomware attack.Type: GrantFiled: July 18, 2022Date of Patent: May 7, 2024Assignee: McAfee, LLCInventors: Kunal Mehta, Sherin Mary Mathews, Carl D. Woodward, Celeste R. Fralick, Jonathan B. King
-
Publication number: 20220350886Abstract: There is disclosed in one example a ransomware mitigation engine, including: a processor; a convolutional neural network configured to provide file type identification (FTI) services including: identifying an access operation of a file as a write to the file or newly creating the file; computing a byte correlation factor for the file; classifying the file as belonging to a file type; determining with a screening confidence that the file type is correct for the file; determining that the screening confidence is below a screening confidence threshold; and circuitry and logic to provide heuristic analysis including: receiving notification that the confidence is below the confidence threshold; performing a statistical analysis of the file to determine a difference between an expected value and a computed value; determining from the difference, with a detection confidence, that the file has been compromised; and identifying the file as having been compromised by a ransomware attack.Type: ApplicationFiled: July 18, 2022Publication date: November 3, 2022Applicant: McAfee, LLCInventors: Kunal Mehta, Sherin Mary Mathews, Carl D. Woodward, Celeste R. Fralick, Jonathan B. King
-
Patent number: 11392695Abstract: There is disclosed in one example a computer-implemented anti-ransomware method, including: selecting a file for inspection; assigning the file to a type class according to a file type identifier; receiving an expected byte correlation for the type class; computing, according to a byte distribution of the file, a byte correlation for the file; comparing, via statistical analysis, the byte correlation to the expected byte correlation; and determining that the file has been compromised, including determining that the file has a byte correlation that deviates from the expected byte correlation by more than a threshold, taking a ransomware remediation action for the file.Type: GrantFiled: October 5, 2020Date of Patent: July 19, 2022Assignee: McAfee, LLCInventors: Kunal Mehta, Sherin Mary Mathews, Carl D. Woodward, Celeste R. Fralick, Jonathan B. King
-
Publication number: 20210019403Abstract: There is disclosed in one example a computer-implemented anti-ransomware method, including: selecting a file for inspection; assigning the file to a type class according to a file type identifier; receiving an expected byte correlation for the type class; computing, according to a byte distribution of the file, a byte correlation for the file; comparing, via statistical analysis, the byte correlation to the expected byte correlation; and determining that the file has been compromised, including determining that the file has a byte correlation that deviates from the expected byte correlation by more than a threshold, taking a ransomware remediation action for the file.Type: ApplicationFiled: October 5, 2020Publication date: January 21, 2021Applicant: McAfee, LLCInventors: Kunal Mehta, Sherin Mary Mathews, Carl D. Woodward, Celeste R. Fralick, Jonathan B. King
-
Patent number: 10795994Abstract: There is disclosed in one example a ransomware mitigation engine, including: a processor; a convolutional neural network configured to provide file type identification (FTI) services including: identifying an access operation of a file as a write to the file or newly creating the file; computing a byte correlation factor for the file; classifying the file as belonging to a file type; determining with a screening confidence that the file type is correct for the file; determining that the screening confidence is below a screening confidence threshold; and circuitry and logic to provide heuristic analysis including: receiving notification that the confidence is below the confidence threshold; performing a statistical analysis of the file to determine a difference between an expected value and a computed value; determining from the difference, with a detection confidence, that the file has been compromised; and identifying the file as having been compromised by a ransomware attack.Type: GrantFiled: September 26, 2018Date of Patent: October 6, 2020Assignee: McAfee, LLCInventors: Kunal Mehta, Sherin Mary Mathews, Carl D. Woodward, Celeste R. Fralick, Jonathan B. King
-
Publication number: 20200097653Abstract: There is disclosed in one example a ransomware mitigation engine, including: a processor; a convolutional neural network configured to provide file type identification (FTI) services including: identifying an access operation of a file as a write to the file or newly creating the file; computing a byte correlation factor for the file; classifying the file as belonging to a file type; determining with a screening confidence that the file type is correct for the file; determining that the screening confidence is below a screening confidence threshold; and circuitry and logic to provide heuristic analysis including: receiving notification that the confidence is below the confidence threshold; performing a statistical analysis of the file to determine a difference between an expected value and a computed value; determining from the difference, with a detection confidence, that the file has been compromised; and identifying the file as having been compromised by a ransomware attack.Type: ApplicationFiled: September 26, 2018Publication date: March 26, 2020Inventors: Kunal Mehta, Sherin Mary Mathews, Carl D. Woodward, Celeste R. Fralick, Jonathan B. King