Patents by Inventor Swapna Buccapatnam Tirumala
Swapna Buccapatnam Tirumala has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11797887Abstract: Techniques for mapping policy documents to regulatory documents to check for compliance between the policies and documents are provided. In one example, a computer-implemented method determining, by a system operatively coupled to a processor, an information input, a control framework, and a document from a first group consisting of a regulatory document and a policy document, wherein the information input is a corpora from a second group consisting of a domain corpora and a global corpora. The computer-implemented method can also comprise mapping, by the system, the received regulatory document or the received policy document to the control framework using a supervised machine learning technique.Type: GrantFiled: December 28, 2020Date of Patent: October 24, 2023Assignee: International Business Machines CorporationInventors: Swapna Buccapatnam Tirumala, Ashish Jagmohan, Elham Khabiri, Ta-Hsin Li, Matthew Daniel Riemer, Vadim Sheinin, Aditya Vempaty
-
Patent number: 11677643Abstract: A processing system may obtain a first sampled flow record for a first flow in a network, comprising information regarding selected packets of the first flow, derive, from the first sampled flow record, a data volume and a duration of the first flow, and determine a first flow metric for the first flow that is calculated from the data volume and the duration, where the first flow metric is one of a plurality of flow metrics for a plurality of flows, and where the plurality of flow metrics is determined from the plurality of sampled flow records associated with the plurality of flows. The processing system may then classify the first flow into one of at least two classes, based upon the first flow metric and at least a first flow metric threshold.Type: GrantFiled: November 23, 2020Date of Patent: June 13, 2023Assignee: AT&T Intellectual Property I, L.P.Inventors: Carolyn Roche Johnson, Swapna Buccapatnam Tirumala, Fei Wu, Kartik Pandit, Kathleen Meier-Hellstern, Brian Freeman, Richard Koch, Tuan Duong, Mark Lyn, Steven Monetti
-
Publication number: 20230128061Abstract: A method may include a processing system having at least one processor obtaining a first plurality of domain name system traffic records, generating an input aggregate vector from the first plurality of domain name system traffic records, where the input aggregate vector comprises a plurality of features derived from the first plurality of domain name system traffic records, and applying an encoder-decoder neural network to the input aggregate vector to generate a reconstructed vector, where the encoder-decoder neural network is trained with a plurality of aggregate vectors generated from a second plurality of domain name system traffic records. In one example, the processing system may then calculate a distance between the input aggregate vector and the reconstructed vector, and apply at least one remedial action associated with the first plurality of domain name system traffic records when the distance is greater than a threshold distance.Type: ApplicationFiled: October 10, 2022Publication date: April 27, 2023Inventors: Yaron Koral, Rensheng Wang Zhang, Eric Noel, Patrick Velardo, JR., Richard Hellstern, Swapna Buccapatnam Tirumala, Anestis Karasaridis
-
Publication number: 20230076391Abstract: Domains and IPs are scored using domain resolution data to identify malicious domains and IPs. A domain and IP resolution graph for a set of domains and IPs in a system. A seed set of known malicious domains and known malicious IPs is selected from a malicious domain and malicious IP database. A graphical probabilistic propagation inference from the domain and IP resolution graph and the seed set of known malicious domains and known malicious IPs is generated. A malicious score is calculated for each domain in the set of domains and each IP in the set of IPs, and the malicious domain and malicious IP database is updated.Type: ApplicationFiled: November 3, 2022Publication date: March 9, 2023Applicant: AT&T Intellectual Property I, L.P.Inventors: Swapna Buccapatnam Tirumala, Fei Wu, Carolyn Roche Johnson
-
Patent number: 11533293Abstract: Domains and IPs are scored using domain resolution data to identify malicious domains and IPs. A domain and IP resolution graph for a set of domains and IPs in a system. A seed set of known malicious domains and known malicious IPs is selected from a malicious domain and malicious IP database. A graphical probabilistic propagation inference from the domain and IP resolution graph and the seed set of known malicious domains and known malicious IPs is generated. A malicious score is calculated for each domain in the set of domains and each IP in the set of IPs, and the malicious domain and malicious IP database is updated.Type: GrantFiled: February 14, 2020Date of Patent: December 20, 2022Assignee: AT&T Intellectual Property I, L.P.Inventors: Swapna Buccapatnam Tirumala, Fei Wu, Carolyn Roche Johnson
-
Patent number: 11470101Abstract: A method may include a processing system having at least one processor obtaining a first plurality of domain name system traffic records, generating an input aggregate vector from the first plurality of domain name system traffic records, where the input aggregate vector comprises a plurality of features derived from the first plurality of domain name system traffic records, and applying an encoder-decoder neural network to the input aggregate vector to generate a reconstructed vector, where the encoder-decoder neural network is trained with a plurality of aggregate vectors generated from a second plurality of domain name system traffic records. In one example, the processing system may then calculate a distance between the input aggregate vector and the reconstructed vector, and apply at least one remedial action associated with the first plurality of domain name system traffic records when the distance is greater than a threshold distance.Type: GrantFiled: October 3, 2018Date of Patent: October 11, 2022Assignees: AT&T Intellectual Property I, L.P., AT&T Technical Services Company, Inc.Inventors: Yaron Koral, Rensheng Wang Zhang, Eric Noel, Patrick Velardo, Jr., Richard Hellstern, Swapna Buccapatnam Tirumala, Anestis Karasaridis
-
Publication number: 20220166691Abstract: A processing system may obtain a first sampled flow record for a first flow in a network, comprising information regarding selected packets of the first flow, derive, from the first sampled flow record, a data volume and a duration of the first flow, and determine a first flow metric for the first flow that is calculated from the data volume and the duration, where the first flow metric is one of a plurality of flow metrics for a plurality of flows, and where the plurality of flow metrics is determined from the plurality of sampled flow records associated with the plurality of flows. The processing system may then classify the first flow into one of at least two classes, based upon the first flow metric and at least a first flow metric threshold.Type: ApplicationFiled: November 23, 2020Publication date: May 26, 2022Inventors: Carolyn Roche Johnson, Swapna Buccapatnam Tirumala, Fei Wu, Kartik Pandit, Kathleen Meier-Hellstern, Brian Freeman, Richard Koch, Tuan Duong, Mark Lyn, Steven Monetti
-
Publication number: 20210352484Abstract: The present disclosure describes detection and mitigation of malicious wireless devices, in a wireless communication network including a radio access network (RAN) and a core network (CN), in a manner for selectively preventing the malicious wireless devices from using the wireless communication network based on identification of the malicious wireless devices in the wireless communication network. In one example, detection and mitigation of malicious wireless devices may include detecting a malicious wireless device based on identification of malicious activity by the malicious wireless device, identifying the malicious wireless device within the RAN based on correlation of one or more CN-based identifiers of the malicious wireless device within the CN and one or more RAN-based identifiers of the malicious wireless device within the RAN, and preventing the malicious wireless device from using the wireless communication network based on the one or more RAN-based identifiers of the malicious wireless device.Type: ApplicationFiled: May 8, 2020Publication date: November 11, 2021Inventors: Kartik Pandit, Swapna Buccapatnam Tirumala
-
Publication number: 20210266292Abstract: Domains and IPs are scored using domain resolution data to identify malicious domains and IPs. A domain and IP resolution graph for a set of domains and IPs in a system. A seed set of known malicious domains and known malicious IPs is selected from a malicious domain and malicious IP database. A graphical probabilistic propagation inference from the domain and IP resolution graph and the seed set of known malicious domains and known malicious IPs is generated. A malicious score is calculated for each domain in the set of domains and each IP in the set of IPs, and the malicious domain and malicious IP database is updated.Type: ApplicationFiled: February 14, 2020Publication date: August 26, 2021Inventors: Swapna Buccapatnam Tirumala, Fei Wu, Carolyn Roche Johnson
-
Publication number: 20210117794Abstract: Techniques for mapping policy documents to regulatory documents to check for compliance between the policies and documents are provided. In one example, a computer-implemented method determining, by a system operatively coupled to a processor, an information input, a control framework, and a document from a first group consisting of a regulatory document and a policy document, wherein the information input is a corpora from a second group consisting of a domain corpora and a global corpora. The computer-implemented method can also comprise mapping, by the system, the received regulatory document or the received policy document to the control framework using a supervised machine learning technique.Type: ApplicationFiled: December 28, 2020Publication date: April 22, 2021Inventors: Swapna Buccapatnam Tirumala, Ashish Jagmohan, Elham Khabiri, Ta-Hsin Li, Matthew Daniel Riemer, Vadim Sheinin, Aditya Vempaty
-
Patent number: 10922621Abstract: Techniques for mapping policy documents to regulatory documents to check for compliance between the policies and documents are provided. In one example, a computer-implemented method determining, by a system operatively coupled to a processor, an information input, a control framework, and a document from a first group consisting of a regulatory document and a policy document, wherein the information input is a corpora from a second group consisting of a domain corpora and a global corpora. The computer-implemented method can also comprise mapping, by the system, the received regulatory document or the received policy document to the control framework using a supervised machine learning technique.Type: GrantFiled: November 11, 2016Date of Patent: February 16, 2021Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Swapna Buccapatnam Tirumala, Ashish Jagmohan, Elham Khabiri, Ta-Hsin Li, Matthew Daniel Riemer, Vadim Sheinin, Aditya Vempaty
-
Patent number: 10834106Abstract: A method may include a processing system assigning samples of network traffic data to positions in a list, where each of the samples is assigned a cluster identifier corresponding to the respective position, and traversing the list, where for each position, the processing system: increments an order indicator, and when the cluster identifier is not less than the order indicator, computes a distance between a sample assigned to the position and other samples, records a cluster identifier of another sample when a distance between the sample and the other sample is less than a threshold distance, and assigns a minimum cluster identifier that is recorded to all of the samples with cluster identifiers that are recorded. The processing system may determine clusters from cluster identifiers in the list after the traversing and identify at least one cluster as representing anomalous network traffic data.Type: GrantFiled: October 3, 2018Date of Patent: November 10, 2020Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.Inventors: Yaron Koral, Rensheng Wang Zhang, Eric Noel, Patrick Velardo, Jr., Swapna Buccapatnam Tirumala
-
Patent number: 10679136Abstract: A request arrival rate is obtained at a given computing node in a computing network comprising a plurality of distributed computing nodes. A topology of the computing network is determined at the given computing node so as to identify neighboring computing nodes with respect to the given computing node. A probability is computed at the given computing node based on the obtained request arrival rate and the detected network topology. The computed probability is used to select a decision from a set of decision candidates in response to a request received at the given computing node in a given time slot. The selected decision is a decision with a top average reward attributed thereto across the given computing node and the neighboring computing nodes determined based on information shared by the neighboring computing node with the given computing node.Type: GrantFiled: April 23, 2015Date of Patent: June 9, 2020Assignee: International Business Machines CorporationInventors: Swapna Buccapatnam Tirumala, Jian Tan, Li Zhang
-
Publication number: 20200112571Abstract: A method may include a processing system assigning samples of network traffic data to positions in a list, where each of the samples is assigned a cluster identifier corresponding to the respective position, and traversing the list, where for each position, the processing system: increments an order indicator, and when the cluster identifier is not less than the order indicator, computes a distance between a sample assigned to the position and other samples, records a cluster identifier of another sample when a distance between the sample and the other sample is less than a threshold distance, and assigns a minimum cluster identifier that is recorded to all of the samples with cluster identifiers that are recorded. The processing system may determine clusters from cluster identifiers in the list after the traversing and identify at least one cluster as representing anomalous network traffic data.Type: ApplicationFiled: October 3, 2018Publication date: April 9, 2020Inventors: Yaron Koral, Rensheng Wang Zhang, Eric Noel, Patrick Velardo, JR., Swapna Buccapatnam Tirumala
-
Publication number: 20200112574Abstract: A method may include a processing system having at least one processor obtaining a first plurality of domain name system traffic records, generating an input aggregate vector from the first plurality of domain name system traffic records, where the input aggregate vector comprises a plurality of features derived from the first plurality of domain name system traffic records, and applying an encoder-decoder neural network to the input aggregate vector to generate a reconstructed vector, where the encoder-decoder neural network is trained with a plurality of aggregate vectors generated from a second plurality of domain name system traffic records. In one example, the processing system may then calculate a distance between the input aggregate vector and the reconstructed vector, and apply at least one remedial action associated with the first plurality of domain name system traffic records when the distance is greater than a threshold distance.Type: ApplicationFiled: October 3, 2018Publication date: April 9, 2020Inventors: Yaron Koral, Rensheng Wang Zhang, Eric Noel, Patrick Velardo, JR., Richard Hellstern, Swapna Buccapatnam Tirumala, Anestis Karasaridis
-
Publication number: 20180137107Abstract: Techniques for mapping policy documents to regulatory documents to check for compliance between the policies and documents are provided. In one example, a computer-implemented method determining, by a system operatively coupled to a processor, an information input, a control framework, and a document from a first group consisting of a regulatory document and a policy document, wherein the information input is a corpora from a second group consisting of a domain corpora and a global corpora. The computer-implemented method can also comprise mapping, by the system, the received regulatory document or the received policy document to the control framework using a supervised machine learning technique.Type: ApplicationFiled: November 11, 2016Publication date: May 17, 2018Inventors: Swapna Buccapatnam Tirumala, Ashish Jagmohan, Elham Khabiri, Ta-Hsin Li, Matthew Daniel Riemer, Vadim Sheinin, Aditya Vempaty
-
Publication number: 20160314402Abstract: A request arrival rate is obtained at a given computing node in a computing network comprising a plurality of distributed computing nodes. A topology of the computing network is determined at the given computing node so as to identify neighboring computing nodes with respect to the given computing node. A probability is computed at the given computing node based on the obtained request arrival rate and the detected network topology. The computed probability is used to select a decision from a set of decision candidates in response to a request received at the given computing node in a given time slot. The selected decision is a decision with a top average reward attributed thereto across the given computing node and the neighboring computing nodes determined based on information shared by the neighboring computing node with the given computing node.Type: ApplicationFiled: April 23, 2015Publication date: October 27, 2016Inventors: Swapna Buccapatnam Tirumala, Jian Tan, Li Zhang