Patents by Inventor Thomas Manianghat Mathew

Thomas Manianghat Mathew has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Identifying DNS tunneling domain names by aggregating features per subdomain
    Patent number: 11595357
    Abstract: In one embodiment, a service computes a plurality of features of a subdomain for which a Domain Name System (DNS) query was issued. The service aggregates the plurality of computed features into a feature vector. The service uses the feature vector as input to a machine learning classifier, to determine whether the subdomain is a DNS tunneling domain name. The service provides an indication that the subdomain is a DNS tunneling domain name, when the machine learning classifier determines that the subdomain is a DNS tunneling domain name.
    Type: Grant
    Filed: March 12, 2020
    Date of Patent: February 28, 2023
    Assignee: Cisco Technology, Inc.
    Inventors: David Brandon Rodriguez, Thomas Manianghat Mathew, Gilad Rainer, Dhia Mahjoub, Jingchuan Chen, Christian Neufeld
  • Detection of botnet hosts using global encryption data
    Patent number: 11134073
    Abstract: In one embodiment, a device obtains certificate information for a plurality of network addresses. The device constructs, based on the certificate information, a bipartite graph that maps nodes representing common names from the certificate information to nodes representing autonomous systems. The device determines edge counts from the bipartite graph for the nodes representing the autonomous systems. The device identifies, based on the edge counts, a particular one of the common names as botnet-related by comparing edge counts for the autonomous systems associated with that particular common name to edge counts for the autonomous systems associated with one or more of the other common names.
    Type: Grant
    Filed: January 18, 2019
    Date of Patent: September 28, 2021
    Assignee: Cisco Technology, Inc.
    Inventors: Thomas Manianghat Mathew, Dhia Mahjoub
  • IDENTIFYING DNS TUNNELING DOMAIN NAMES BY AGGREGATING FEATURES PER SUBDOMAIN
    Publication number: 20210126901
    Abstract: In one embodiment, a service computes a plurality of features of a subdomain for which a Domain Name System (DNS) query was issued. The service aggregates the plurality of computed features into a feature vector. The service uses the feature vector as input to a machine learning classifier, to determine whether the subdomain is a DNS tunneling domain name. The service provides an indication that the subdomain is a DNS tunneling domain name, when the machine learning classifier determines that the subdomain is a DNS tunneling domain name.
    Type: Application
    Filed: March 12, 2020
    Publication date: April 29, 2021
    Inventors: David Brandon Rodriguez, Thomas Manianghat Mathew, Gilad Rainer, Dhia Mahjoub, Jingchuan Chen, Christian Neufeld
  • DETECTION OF BOTNET HOSTS USING GLOBAL ENCRYPTION DATA
    Publication number: 20200036701
    Abstract: In one embodiment, a device obtains certificate information for a plurality of network addresses. The device constructs, based on the certificate information, a bipartite graph that maps nodes representing common names from the certificate information to nodes representing autonomous systems. The device determines edge counts from the bipartite graph for the nodes representing the autonomous systems. The device identifies, based on the edge counts, a particular one of the common names as botnet-related by comparing edge counts for the autonomous systems associated with that particular common name to edge counts for the autonomous systems associated with one or more of the other common names.
    Type: Application
    Filed: January 18, 2019
    Publication date: January 30, 2020
    Inventors: Thomas Manianghat Mathew, Dhia Mahjoub