Patents by Inventor Sushil Jajodia
Sushil Jajodia has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11916933Abstract: A transparent proxy for malware detection includes a monitor module, a protocol determination module, a challenge generation module, a response determination module, and a data control module. The monitor module examines data originating from an application towards a remote server. The protocol determination module identifies the protocol type used for the data. The challenge generation module produces a challenge for the application based upon the protocol type, sends the challenge to the application, and maintains a state related to the data and the challenge. The response determination module makes a determination if an automatic non-interactive application response is received in response to the challenge from the application. The data control module allows the first data to continue to the remote server when the determination is valid. The data control module reports malware detection and blocks the data to continue to the remote server when the determination is invalid.Type: GrantFiled: May 4, 2022Date of Patent: February 27, 2024Assignee: George Mason Research Foundation, Inc.Inventors: Angelos Stavrou, Sushil Jajodia, Anup K. Ghosh, Rhandi Martin, Charalampos Andrianakis
-
Publication number: 20220278998Abstract: A transparent proxy for malware detection includes a monitor module, a protocol determination module, a challenge generation module, a response determination module, and a data control module. The monitor module examines data originating from an application towards a remote server. The protocol determination module identifies the protocol type used for the data. The challenge generation module produces a challenge for the application based upon the protocol type, sends the challenge to the application, and maintains a state related to the data and the challenge. The response determination module makes a determination if an automatic non-interactive application response is received in response to the challenge from the application. The data control module allows the first data to continue to the remote server when the determination is valid. The data control module reports malware detection and blocks the data to continue to the remote server when the determination is invalid.Type: ApplicationFiled: May 4, 2022Publication date: September 1, 2022Applicant: George Mason Research Foundation, Inc.Inventors: Angelos STAVROU, Sushil JAJODIA, Anup K. GHOSH, Rhandi MARTIN, Charalampos ANDRIANAKIS
-
Patent number: 11330000Abstract: A transparent proxy for malware detection includes a monitor module, a protocol determination module, a challenge generation module, a response determination module, and a data control module. The monitor module examines data originating from an application towards a remote server. The protocol determination module identifies the protocol type used for the data. The challenge generation module produces a challenge for the application based upon the protocol type, sends the challenge to the application, and maintains a state related to the data and the challenge. The response determination module makes a determination if an automatic non-interactive application response is received in response to the challenge from the application. The data control module allows the first data to continue to the remote server when the determination is valid. The data control module reports malware detection and blocks the data to continue to the remote server when the determination is invalid.Type: GrantFiled: March 7, 2019Date of Patent: May 10, 2022Assignee: George Mason Research Foundation, Inc.Inventors: Angelos Stavrou, Sushil Jajodia, Anup K. Ghosh, Rhandi Martin, Charalampos Andrianakis
-
Patent number: 10956184Abstract: An on-demand disposable virtual work system that includes: a virtual machine monitor to host virtual machines, a virtual machine pool manager, a host operating system, a host program permissions list, and a request handler module. The virtual machine pool manager manages virtual machine resources. The host operating system interfaces with a user and virtual machines created with an image of a reference operating system. The host program permissions list may be a black list and/or a white list used to indicate allowable programs. The request handler module allows execution of the program if the program is allowable. If the program is not allowable, the host request handler module: denies program execution and urges a virtual machine specified by the virtual machine pool manager to execute the program. The virtual machine is terminated when the program closes.Type: GrantFiled: October 27, 2017Date of Patent: March 23, 2021Assignee: George Mason Research Foundation, Inc.Inventors: Anup K. Ghosh, Sushil Jajodia, Yih Huang, Jiang Wang
-
Publication number: 20190207961Abstract: A transparent proxy for malware detection includes a monitor module, a protocol determination module, a challenge generation module, a response determination module, and a data control module. The monitor module examines data originating from an application towards a remote server. The protocol determination module identifies the protocol type used for the data. The challenge generation module produces a challenge for the application based upon the protocol type, sends the challenge to the application, and maintains a state related to the data and the challenge. The response determination module makes a determination if an automatic non-interactive application response is received in response to the challenge from the application. The data control module allows the first data to continue to the remote server when the determination is valid. The data control module reports malware detection and blocks the data to continue to the remote server when the determination is invalid.Type: ApplicationFiled: March 7, 2019Publication date: July 4, 2019Applicant: George Mason Research Foundation, Inc.Inventors: Angelos STAVROU, Sushil JAJODIA, Anup K. GHOSH, Rhandi MARTIN, Charalampos ANDRIANAKIS
-
Patent number: 10243975Abstract: A transparent proxy for malware detection includes a monitor module, a protocol determination module, a challenge generation module, a response determination module, and a data control module. The monitor module examines data originating from an application towards a remote server. The protocol determination module identifies the protocol type used for the data. The challenge generation module produces a challenge for the application based upon the protocol type, sends the challenge to the application, and maintains a state related to the data and the challenge. The response determination module makes a determination if an automatic non-interactive application response is received in response to the challenge from the application. The data control module allows the first data to continue to the remote server when the determination is valid. The data control module reports malware detection and blocks the data to continue to the remote server when the determination is invalid.Type: GrantFiled: November 22, 2016Date of Patent: March 26, 2019Assignee: George Mason Research Foundation, Inc.Inventors: Angelos Stavrou, Sushil Jajodia, Anup K. Ghosh, Rhandi Martin, Charalampos Andrianakis
-
Patent number: 10120998Abstract: An embodiment for providing a secure virtual browsing environment includes creating a virtual browsing environment with a virtualized operating system sharing an operating system kernel of a supporting operating system and executing the browser application within the virtual browsing environment. Another embodiment includes receiving a website selection within a browser application, determining if the website selection corresponds to a secure bookmark, and creating a second virtual browsing environment and executing the browser application within the second virtual browsing environment to access the website selection when the website selection corresponds to a website specified as a secure bookmark.Type: GrantFiled: August 29, 2016Date of Patent: November 6, 2018Assignee: George Mason Research Foundation, Inc.Inventors: Anup K. Ghosh, Sushil Jajodia, Yih Huang, Jiang Wang
-
Publication number: 20180046479Abstract: An on-demand disposable virtual work system that includes: a virtual machine monitor to host virtual machines, a virtual machine pool manager, a host operating system, a host program permissions list, and a request handler module. The virtual machine pool manager manages virtual machine resources. The host operating system interfaces with a user and virtual machines created with an image of a reference operating system. The host program permissions list may be a black list and/or a white list used to indicate allowable programs. The request handler module allows execution of the program if the program is allowable. If the program is not allowable, the host request handler module: denies program execution and urges a virtual machine specified by the virtual machine pool manager to execute the program. The virtual machine is terminated when the program closes.Type: ApplicationFiled: October 27, 2017Publication date: February 15, 2018Applicant: George Mason Research Foundation, Inc.Inventors: Anup K. GHOSH, Sushil JAJODIA, Yih HUANG, Jiang WANG
-
Patent number: 9846588Abstract: An on-demand disposable virtual work system that includes: a virtual machine monitor to host virtual machines, a virtual machine pool manager, a host operating system, a host program permissions list, and a request handler module. The virtual machine pool manager manages virtual machine resources. The host operating system interfaces with a user and virtual machines created with an image of a reference operating system. The host program permissions list may be a black list and/or a white list used to indicate allowable programs. The request handler module allows execution of the program if the program is allowable. If the program is not allowable, the host request handler module: denies program execution and urges a virtual machine specified by the virtual machine pool manager to execute the program. The virtual machine is terminated when the program closes.Type: GrantFiled: September 10, 2014Date of Patent: December 19, 2017Assignee: George Mason Research Foundation, Inc.Inventors: Anup K. Ghosh, Sushil Jajodia, Yih Huang, Jiang Wang
-
Publication number: 20170206348Abstract: An embodiment for providing a secure virtual browsing environment includes creating a virtual browsing environment with a virtualized operating system sharing an operating system kernel of a supporting operating system and executing the browser application within the virtual browsing environment. Another embodiment includes receiving a website selection within a browser application, determining if the website selection corresponds to a secure bookmark, and creating a second virtual browsing environment and executing the browser application within the second virtual browsing environment to access the website selection when the website selection corresponds to a website specified as a secure bookmark.Type: ApplicationFiled: August 29, 2016Publication date: July 20, 2017Applicant: George Mason Research Foundation, Inc.Inventors: Anup K. GHOSH, Sushil JAJODIA, Yih HUANG, Jiang WANG
-
Publication number: 20170201534Abstract: A transparent proxy for malware detection includes a monitor module, a protocol determination module, a challenge generation module, a response determination module, and a data control module. The monitor module examines data originating from an application towards a remote server. The protocol determination module identifies the protocol type used for the data. The challenge generation module produces a challenge for the application based upon the protocol type, sends the challenge to the application, and maintains a state related to the data and the challenge. The response determination module makes a determination if an automatic non-interactive application response is received in response to the challenge from the application. The data control module allows the first data to continue to the remote server when the determination is valid. The data control module reports malware detection and blocks the data to continue to the remote server when the determination is invalid.Type: ApplicationFiled: November 22, 2016Publication date: July 13, 2017Applicant: George Mason Research Foundation, Inc.Inventors: Angelos STAVROU, Sushil JAJODIA, Anup K. GHOSH, Rhandi MARTIN, Charalampos ANDRIANAKIS
-
Patent number: 9531747Abstract: A transparent proxy for malware detection includes a monitor module, a protocol determination module, a challenge generation module, a response determination module, and a data control module. The monitor module examines data originating from an application towards a remote server. The protocol determination module identifies the protocol type used for the data. The challenge generation module produces a challenge for the application based upon the protocol type, sends the challenge to the application, and maintains a state related to the data and the challenge. The response determination module makes a determination if an automatic non-interactive application response is received in response to the challenge from the application. The data control module allows the first data to continue to the remote server when the determination is valid. The data control module reports malware detection and blocks the data to continue to the remote server when the determination is invalid.Type: GrantFiled: September 10, 2014Date of Patent: December 27, 2016Assignee: George Mason Research Foundation, Inc.Inventors: Angelos Stavrou, Sushil Jajodia, Anup K. Ghosh, Rhandi Martin, Charalampos Andrianakis
-
Patent number: 9436822Abstract: An embodiment for providing a secure virtual browsing environment includes creating a virtual browsing environment with a virtualized operating system sharing an operating system kernel of a supporting operating system and executing the browser application within the virtual browsing environment. Another embodiment includes receiving a website selection within a browser application, determining if the website selection corresponds to a secure bookmark, and creating a second virtual browsing environment and executing the browser application within the second virtual browsing environment to access the website selection when the website selection corresponds to a website specified as a secure bookmark.Type: GrantFiled: September 9, 2014Date of Patent: September 6, 2016Assignee: George Mason Research Foundation, Inc.Inventors: Anup K. Ghosh, Sushil Jajodia, Yih Huang, Jiang Wang
-
Patent number: 9325729Abstract: Systems and methods for determining a safety level of a network vulnerable to attack from at least one origin to at least one target are described. Machines, components, and vulnerabilities in a network may be associated to one another. Degrees of similarity among the vulnerabilities may be determined and subsets of vulnerabilities may be grouped based on their determined degrees of similarity to one another. This data may be used to generate an attack graph describing exploitation of vulnerabilities and grouped vulnerabilities and defining vulnerability exploit condition relationships between at least one origin and at least one target. The attack graph may be analyzed using a k-zero day metric function to determine a safety level.Type: GrantFiled: July 7, 2014Date of Patent: April 26, 2016Assignees: George Mason Research Foundation, Inc., The United States of America, as represented by the Secretary of Commerce, The National Institute of Standards and TechnologyInventors: Sushil Jajodia, Lingyu Wang, Steven Noel, Anoop Singhal
-
Publication number: 20160019391Abstract: An embodiment for providing a secure virtual browsing environment includes creating a virtual browsing environment with a virtualized operating system sharing an operating system kernel of a supporting operating system and executing the browser application within the virtual browsing environment. Another embodiment includes receiving a website selection within a browser application, determining if the website selection corresponds to a secure bookmark, and creating a second virtual browsing environment and executing the browser application within the second virtual browsing environment to access the website selection when the website selection corresponds to a website specified as a secure bookmark.Type: ApplicationFiled: September 9, 2014Publication date: January 21, 2016Applicant: GEORGE MASON RESEARCH FOUNDATION, INC.Inventors: Anup K. GHOSH, Sushil Jajodia, Yih HUANG, Jiang WANG
-
Patent number: 9203861Abstract: A system and method for determining at least one hardening strategy to prevent at least one attack, comprising: performing processing associated with obtaining at least one attack graph, the at least one attack graph comprising at least one goal condition, at least one initial condition, and at least one exploit; performing processing associated with obtaining at least one allowable action that disables the at least one initial condition; performing processing associated with obtaining costs associated with the at least one allowable action; and performing processing associated with utilizing the at least one allowable action to determine at least one recommended strategy from the at least one allowable action taking into account the costs.Type: GrantFiled: June 21, 2013Date of Patent: December 1, 2015Assignee: GEORGE MASON UNIVERSITYInventors: Massimiliano Albanese, Sushil Jajodia, Steven Noel
-
Publication number: 20150264059Abstract: A transparent proxy for malware detection includes a monitor module, a protocol determination module, a challenge generation module, a response determination module, and a data control module. The monitor module examines data originating from an application towards a remote server. The protocol determination module identifies the protocol type used for the data. The challenge generation module produces a challenge for the application based upon the protocol type, sends the challenge to the application, and maintains a state related to the data and the challenge. The response determination module makes a determination if an automatic non-interactive application response is received in response to the challenge from the application. The data control module allows the first data to continue to the remote server when the determination is valid. The data control module reports malware detection and blocks the data to continue to the remote server when the determination is invalid.Type: ApplicationFiled: September 10, 2014Publication date: September 17, 2015Applicant: George Mason Research Foundation, Inc.Inventors: Angelos STAVROU, Sushil JAJODIA, Anup K. GHOSH, Rhandi MARTIN, Charalampos Andrianakis
-
Publication number: 20150212842Abstract: An on-demand disposable virtual work system that includes: a virtual machine monitor to host virtual machines, a virtual machine pool manager, a host operating system, a host program permissions list, and a request handler module. The virtual machine pool manager manages virtual machine resources. The host operating system interfaces with a user and virtual machines created with an image of a reference operating system. The host program permissions list may be a black list and/or a white list used to indicate allowable programs. The request handler module allows execution of the program if the program is allowable. If the program is not allowable, the host request handler module: denies program execution and urges a virtual machine specified by the virtual machine pool manager to execute the program. The virtual machine is terminated when the program closes.Type: ApplicationFiled: September 10, 2014Publication date: July 30, 2015Applicant: GEORGE MASON RESEARCH FOUNDATION, INC.Inventors: Anup K. GHOSH, Sushil JAJODIA, Yih HUANG, Jiang WANG
-
Patent number: 8935773Abstract: A transparent proxy for malware detection includes a monitor module, a protocol determination module, a challenge generation module, a response determination module, and a data control module. The monitor module examines data originating from an application towards a remote server. The protocol determination module identifies the protocol type used for the data. The challenge generation module produces a challenge for the application based upon the protocol type, sends the challenge to the application, and maintains a state related to the data and the challenge. The response determination module makes a determination if an automatic non-interactive application response is received in response to the challenge from the application. The data control module allows the first data to continue to the remote server when the determination is valid. The data control module reports malware detection and blocks the data to continue to the remote server when the determination is invalid.Type: GrantFiled: April 9, 2010Date of Patent: January 13, 2015Assignee: George Mason Research Foundation, Inc.Inventors: Angelos Stavrou, Sushil Jajodia, Anup Ghosh, Rhandi Martin, Charalampos Andrianakis
-
Patent number: 8918884Abstract: Systems and methods for determining a safety level of a network vulnerable to attack from at least one origin to at least one target are described. Machines, components, and vulnerabilities in a network may be associated to one another. Degrees of similarity among the vulnerabilities may be determined and subsets of vulnerabilities may be grouped based on their determined degrees of similarity to one another. This data may be used to generate an attack graph describing exploitation of vulnerabilities and grouped vulnerabilities and defining vulnerability exploit condition relationships between at least one origin and at least one target. The attack graph may be analyzed using a k-zero day metric function to determine a safety level.Type: GrantFiled: January 11, 2012Date of Patent: December 23, 2014Assignees: The United States of America, as represented by the Secretary of Commerce, The National Institute of Standards and Technology, George Mason Intellectual Properties, Inc.Inventors: Sushil Jajodia, Lingyu Wang, Steven Noel, Anoop Singhal