Patents by Inventor Thanh Trung Ngo
Thanh Trung Ngo has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11750653Abstract: Systems, methods, and computer-readable media for gathering network intrusion counter-intelligence. A system can maintain a decoy network environment at one or more machines. The system can identify a malicious user accessing network services through the network environment. Further, the system can receive network service access requests from the user at one or more machines in the network environment and subsequently direct the network service access requests from the malicious user to the decoy network environment based on an identification of the malicious user. The network services access requests can be satisfied with network service access responses generated in the decoy network environment. Subsequently, the system can maintain malicious user analytics based on the network service access requests of the malicious user that are directed to the decoy network environment.Type: GrantFiled: December 20, 2021Date of Patent: September 5, 2023Assignee: Cisco Technology, Inc.Inventors: Navindra Yadav, Shih-Chun Chang, Shashi Gandham, Xiaofei Guo, Hoang Viet Nguyen, Xin Liu, Thanh Trung Ngo, Duan Tran, Xuan Loc Bui
-
Patent number: 11627166Abstract: The present disclosure relates to methods, systems, and non-transitory computer readable media for discovering policy scopes within an enterprise network and managing network policies for discovered policy scopes. In one aspect, a method includes identifying one or more communities of devices in an enterprise network; defining, from the one or more communities of devices, policy scopes in the enterprise network; generating a hierarchical representation of the policy scopes; identifying, based on the hierarchical representation of the policy scopes, one or more policies governing traffic flow between devices associated with each of the policy scopes; and managing application of the one or more policies at the devices.Type: GrantFiled: October 6, 2020Date of Patent: April 11, 2023Assignee: Cisco Technology, Inc.Inventors: Weifei Zeng, Sai Ankith Averineni, Omid Madani, Paul Mach, Yash Vipul Doshi, Sasidhar Evuru, Sayeed Mohammed Tasnim, Sameer Salim Mahomed Ali Ladiwala, Chakradhar Reddy Vangeti, Thanh Nhan Nguyen, Varun Malhotra, Shashidhar Gandham, Navindra Yadav, Thanh Trung Ngo, Maxwell Aaron Mechanic
-
Patent number: 11403200Abstract: Systems, methods, and computer-readable for defining host functionalities in a computing environment include obtaining two or more snapshots comprising information pertaining to two or more processes executing in two or more hosts, the two or more snapshots being obtained at two or more points in time from the two or more hosts. One or more long-running processes amongst the two or more processes are identified based on one or more criteria associated with long-running processes. One or more priorities associated with the one or more long-running processes and used for defining functionalities for at least a subset of the two or more hosts, where high priorities are assigned to long-running processes, such as web server or database server processes, which are unique to at least the subset of the two or more hosts. Resources may be provisioned based on these host functionalities.Type: GrantFiled: June 11, 2020Date of Patent: August 2, 2022Assignee: CISCO TECHNOLOGY, INC.Inventors: Xin Liu, Sunil Gupta, Thanh Trung Ngo, Xuan Loc Bui, Hoang Viet Nguyen, Shashi Gandham, Navindra Yadav
-
Publication number: 20220116421Abstract: Systems, methods, and computer-readable media for gathering network intrusion counter-intelligence. A system can maintain a decoy network environment at one or more machines. The system can identify a malicious user accessing network services through the network environment. Further, the system can receive network service access requests from the user at one or more machines in the network environment and subsequently direct the network service access requests from the malicious user to the decoy network environment based on an identification of the malicious user. The network services access requests can be satisfied with network service access responses generated in the decoy network environment. Subsequently, the system can maintain malicious user analytics based on the network service access requests of the malicious user that are directed to the decoy network environment.Type: ApplicationFiled: December 20, 2021Publication date: April 14, 2022Inventors: Navindra Yadav, Shih-Chun Chang, Shashi Gandham, Xiaofei Guo, Hoang Viet Nguyen, Xin Liu, Thanh Trung Ngo, Duan Tran, Xuan Loc Bui
-
Publication number: 20220109701Abstract: The present disclosure relates to methods, systems, and non-transitory computer readable media for discovering policy scopes within an enterprise network and managing network policies for discovered policy scopes. In one aspect, a method includes identifying one or more communities of devices in an enterprise network; defining, from the one or more communities of devices, policy scopes in the enterprise network; generating a hierarchical representation of the policy scopes; identifying, based on the hierarchical representation of the policy scopes, one or more policies governing traffic flow between devices associated with each of the policy scopes; and managing application of the one or more policies at the devices.Type: ApplicationFiled: October 6, 2020Publication date: April 7, 2022Inventors: Weifei Zeng, Sai Ankith Averineni, Omid Madani, Paul Mach, Yash Vipul Doshi, Sasidhar Evuru, Sayeed Mohammed Tasnim, Sameer Salim Mahomed Ali Ladiwala, Chakradhar Reddy Vangeti, Thanh Nhan Nguyen, Varun Malhotra, Shashidhar Gandham, Navindra Yadav, Thanh Trung Ngo, Maxwell Aaron Mechanic
-
Patent number: 11233821Abstract: Systems, methods, and computer-readable media for gathering network intrusion counter-intelligence. A system can maintain a decoy network environment at one or more machines. The system can identify a malicious user accessing network services through the network environment. Further, the system can receive network service access requests from the user at one or more machines in the network environment and subsequently direct the network service access requests from the malicious user to the decoy network environment based on an identification of the malicious user. The network services access requests can be satisfied with network service access responses generated in the decoy network environment. Subsequently, the system can maintain malicious user analytics based on the network service access requests of the malicious user that are directed to the decoy network environment.Type: GrantFiled: January 4, 2018Date of Patent: January 25, 2022Assignee: CISCO TECHNOLOGY, INC.Inventors: Navindra Yadav, Shih-Chun Chang, Shashi Gandham, Xiaofei Guo, Hoang Viet Nguyen, Xin Liu, Thanh Trung Ngo, Duan Tran, Xuan Loc Bui
-
Publication number: 20210389877Abstract: Systems, methods, and computer-readable for defining host functionalities in a computing environment include obtaining two or more snapshots comprising information pertaining to two or more processes executing in two or more hosts, the two or more snapshots being obtained at two or more points in time from the two or more hosts. One or more long-running processes amongst the two or more processes are identified based on one or more criteria associated with long-running processes. One or more priorities associated with the one or more long-running processes and used for defining functionalities for at least a subset of the two or more hosts, where high priorities are assigned to long-running processes, such as web server or database server processes, which are unique to at least the subset of the two or more hosts. Resources may be provisioned based on these host functionalities.Type: ApplicationFiled: June 11, 2020Publication date: December 16, 2021Inventors: Xin Liu, Sunil Gupta, Thanh Trung Ngo, Xuan Loc Bui, Hoang Viet Nguyen, Shashi Gandham, Navindra Yadav
-
Publication number: 20190207976Abstract: Systems, methods, and computer-readable media for gathering network intrusion counter-intelligence. A system can maintain a decoy network environment at one or more machines. The system can identify a malicious user accessing network services through the network environment. Further, the system can receive network service access requests from the user at one or more machines in the network environment and subsequently direct the network service access requests from the malicious user to the decoy network environment based on an identification of the malicious user. The network services access requests can be satisfied with network service access responses generated in the decoy network environment. Subsequently, the system can maintain malicious user analytics based on the network service access requests of the malicious user that are directed to the decoy network environment.Type: ApplicationFiled: January 4, 2018Publication date: July 4, 2019Inventors: Navindra Yadav, Shih-Chun Chang, Shashi Gandham, Xiaofei Guo, Hoang Viet Nguyen, Xin Liu, Thanh Trung Ngo, Duan Tran, Xuan Loc Bui