Patents by Inventor Tirumaleswar Reddy Konda
Tirumaleswar Reddy Konda has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20220377048Abstract: Methods, systems, and media for dynamically separating Internet of Things (IoT) devices in a network are provided. In accordance with some embodiments of the disclosed subject matter, a method for dynamically separating IoT devices in a network is provided, the method comprising: detecting a first IoT device in the network; monitoring network communication of the first IoT device; determining device information of the first IoT device based on the monitored network communication; and causing the first IoT device to communicate on a first subnet of a plurality of subnets in the network based on the device information.Type: ApplicationFiled: August 8, 2022Publication date: November 24, 2022Inventors: Himanshu Srivastava, Tirumaleswar Reddy Konda, Piyush P. Joshi, Harsha R. Joshi, Srikanth Nalluri, Dattatraya Kulkarni, Siddaraya Revashetti
-
Patent number: 11496440Abstract: Mechanisms for split tunneling are provided. The mechanisms identify user devices and determine that communications for a first device of the user devices are to be tunneled. These mechanisms also receive a DNS request from a second device of the user devices, modify the DNS request to request meta information corresponding to a domain identified in the DNS request, and send the DNS request to a DNS server. The mechanisms further receive a response to the DNS request, wherein the response includes the meta information, determine that communications for the second device are not to be tunneled based at least in part on the meta information, and cause the communications for the first device to be tunneled and the communications for the second device to not be tunneled.Type: GrantFiled: May 6, 2019Date of Patent: November 8, 2022Assignee: McAfee, LLCInventors: Tirumaleswar Reddy Konda, Harsha R. Joshi, Eric Wuehler, Shashank Jain
-
Publication number: 20220321528Abstract: There is disclosed in an example a gateway device, including a hardware computing platform, and a secure domain name system (DNS) engine having circuitry and stored instructions to-program the circuitry, the secure DNS engine to communicatively couple to an endpoint via a local network, begin a secure DNS transaction with the endpoint, determine whether the endpoint supports delegated credentials, and after determining that the endpoint supports delegated credentials, establish a secure DNS session with the endpoint using a delegated credential.Type: ApplicationFiled: August 13, 2021Publication date: October 6, 2022Applicant: McAfee, LLCInventors: Tirumaleswar Reddy Konda, Shashank Jain, Himanshu Srivastava
-
Publication number: 20220321362Abstract: There is disclosed in one example a network gateway device, including: a hardware platform including a processor and a memory; a network interface, including network interface hardware; and instructions encoded within the memory to instruct the processor to: receive from an endpoint device, via the network interface, a signed security posture data structure, the signed security posture data structure including information about a security posture of the endpoint device; cryptographically verify the signed security posture data structure; and according to the signed security posture data structure, assign a network security policy to the endpoint device.Type: ApplicationFiled: March 31, 2021Publication date: October 6, 2022Applicant: McAfee, LLCInventors: Tirumaleswar Reddy Konda, Shashank Jain, Piyush Pramod Joshi, Himanshu Srivastava
-
Patent number: 11444944Abstract: There is disclosed in one example an enrollment over secure transport (EST)-capable gateway device, including: a hardware platform including a processor and a memory; a first network interface to communicatively couple to an external network, including an external DNS server; a second network interface to communicatively couple to a home network; a caching DNS server including a local DNS cache, and logic to provide DNS services to the home network; and an EST proxy to authenticate to a local endpoint on the home network, provision a DNS server certificate on the local endpoint, provision an authentication domain name (ADN) on the local endpoint, and provide encrypted domain name system (DNS) services to the local endpoint.Type: GrantFiled: February 11, 2020Date of Patent: September 13, 2022Assignee: McAfee, LLCInventors: Tirumaleswar Reddy Konda, Shashank Jain, Himanshu Srivastava, Naveen Kumar Reddy Kandadi, Piyush Pramod Joshi
-
Publication number: 20220253527Abstract: There is disclosed in one example a hardware computing platform, including: a processor; a memory; a network interface; and a security module, including instructions to cause the processor to: receive a request to download a file via the network interface; download a first portion of the file into a buffer of the memory; analyze the first portion for malware characteristics; assign a security classification to the file according to the analysis of the first portion; and act on the security classification.Type: ApplicationFiled: February 5, 2021Publication date: August 11, 2022Inventors: Abhishek Tripathi, Mayur Arvind Bhole, Nithya Nadig Shikarpur, Tirumaleswar Reddy Konda, Mayank Bhatnagar
-
Patent number: 11411972Abstract: Methods, systems, and media for dynamically separating Internet of Things (IoT) devices in a network are provided. In accordance with some embodiments of the disclosed subject matter, a method for dynamically separating IoT devices in a network is provided, the method comprising: detecting a first IoT device in the network; monitoring network communication of the first IoT device; determining device information of the first IoT device based on the monitored network communication; and causing the first IoT device to communicate on a first subnet of a plurality of subnets in the network based on the device information.Type: GrantFiled: November 13, 2018Date of Patent: August 9, 2022Assignee: McAfee, LLCInventors: Himanshu Srivastava, Tirumaleswar Reddy Konda, Piyush P. Joshi, Harsha R. Joshi, Srikanth Nalluri, Dattatraya Kulkarni, Siddaraya Revashetti
-
Publication number: 20220239696Abstract: There is disclosed in one example a gateway apparatus, including: a hardware platform including a processor and a memory; and instructions stored within the memory to instruct the processor to: provide a domain name system (DNS) server, the DNS server to provide an encrypted DNS service, and to cache resolved domain names; receive an outgoing network packet; determine a destination address of the outgoing network packet; and upon determining that the destination address was not cached, apply a security policy.Type: ApplicationFiled: January 25, 2021Publication date: July 28, 2022Applicant: McAfee, LLCInventors: Tirumaleswar Reddy Konda, Shashank Jain, Piyush Pramod Joshi, Himanshu Srivastava
-
Publication number: 20220225113Abstract: A technique for collecting and using signal reputation data, comprising obtaining a plurality of signal reputation data corresponding to a plurality of locations, categorizing the signal reputation data into groups, calculating signal circles for at least some of the groups based on a representative signal value for the corresponding group, calculating a signal reputation score for each signal circle, determining a best signal circle for a user mobile device within a predetermined distance of dead zones, and sending the best signal circle to the user mobile device based at least in part on the signal reputation score and a location of the user mobile device. In some embodiments, the technique may include some but not all of these actions and additional actions, such as suspending obtaining signal reputation data based on battery status.Type: ApplicationFiled: October 25, 2021Publication date: July 14, 2022Inventors: Raja SINHA, Dattatraya KULKARNI, Srikanth NALLURI, Anjan Kumar NAYAK, Tirumaleswar Reddy KONDA, Susmita NAYAK, Purushothaman B, Harsha R. JOSHI
-
Publication number: 20220201021Abstract: Methods, apparatus, systems and articles of manufacture are disclosed to build privacy preserving models. An example apparatus disclosed herein includes a training manager to generate a first modeling plan for client-side resources, and transmit the first modeling plan to the client-side resources. The example apparatus also includes a data aggregator to search for a primary validation flag in response to retrieving client-side model parameters, and an accuracy calculator to, in response to detecting the primary validation flag, perform a secondary validation corresponding to the client-side model parameters using a server-side ground truth data set, and determine whether to update the global model with the client-side model parameters based on a comparison of results of the secondary validation and a validation threshold.Type: ApplicationFiled: December 17, 2020Publication date: June 23, 2022Inventors: Piyush P. Joshi, Abhishek Tripathi, Tirumaleswar Reddy Konda
-
Publication number: 20220174044Abstract: Methods, apparatus, systems and articles of manufacture for communicating encrypted data via a virtual private network are disclosed. An example computer system disclosed herein includes a memory including instructions that, when executed, cause one or more processors to establish a first tunnel and a second tunnel between a VPN client and a VPN server. The instructions further cause the one or more processors to access a request message to be sent via the VPN and determine, in response to a payload being formatted using a first protocol, whether a packet associated with the request message includes an encrypted server name indication (SNI). The instructions further cause the one or more processors to, in response to the packet including the encrypted SNI, encrypt the header of the request message to form an encrypted header, create an encrypted message including the encrypted header and the payload of the request message, and transmit the encrypted message through the first tunnel.Type: ApplicationFiled: December 2, 2020Publication date: June 2, 2022Inventors: Tirumaleswar Reddy Konda, Shashank Jain, Himanshu Srivastava
-
Publication number: 20220104017Abstract: There is disclosed in an example, a gateway apparatus, including a hardware platform having a processor and a memory; a wireless network interface; and instructions encoded within the memory to instruct the processor to: provide a first virtual access point (VAP) secured by an IEEE 802.1x extensible authentication protocol (EAP) enterprise security method; provide a second VAP secured by a WiFi protected access pre-shared key (WPA-PSK) method; onboard a device, comprising determining whether the device supports the EAP method, and enrolling the device with the EAP method if the device supports the EAP method; and if the device does not support the EAP method, enrolling the device with the WPA-PSK method.Type: ApplicationFiled: August 17, 2021Publication date: March 31, 2022Applicant: McAfee, LLCInventors: Tirumaleswar Reddy Konda, Piyush Pramod Joshi, Devika Mishra, Shashank Jain
-
Publication number: 20220070193Abstract: Methods, apparatus, systems and articles of manufacture are disclosed to analyze telemetry data of a network device for malicious activity. An example apparatus includes an interface to obtain first telemetry data, a rules generator to, using the first telemetry data, generate a global block list using a machine learning model, the machine learning model generated based on a device specific block list and a device specific allow list, and a model manager to transmit the global block list to a gateway, the gateway to facilitate on-path classification of second telemetry data.Type: ApplicationFiled: December 3, 2020Publication date: March 3, 2022Inventors: Tirumaleswar Reddy KONDA, Shashank JAIN, Abhishek TRIPATHI, Piyush Pramod JOSHI
-
Patent number: 11245685Abstract: Methods, apparatus, systems and articles of manufacture are disclosed to verify encrypted handshakes. An example apparatus includes a message copier to clone a client introductory message, the client introductory message is included in a first handshake for network communication between a client and a server, a connection establisher to initiate a second handshake between the apparatus and the server based on the cloned client introductory message, and a decrypter to, in response to the second handshake, decrypt a certificate sent by the server.Type: GrantFiled: March 7, 2019Date of Patent: February 8, 2022Assignee: MCAFEE, LLCInventors: Tirumaleswar Reddy Konda, Harsha R. Joshi, Shashank Jain, Himanshu Srivastava, Srikanth Nalluri, Naveen Kandadi
-
Patent number: 11245721Abstract: Particular embodiments described herein provide for a system that can be configured to facilitate the use of a blockchain for distributed denial of service attack mitigation, the system can include a network security provider and a validating node. The network security provider can recognize that a distributed denial of service (DDoS) attack is occurring, create a block that includes data related to the DDoS attack, and publish the block that includes the data related to the DDoS attack for addition to a blockchain. The validating node can validate the block that includes the data related to the DDoS attack and the block that includes the data related to the DDoS attack can be added to the blockchain. The block that includes the data related to the DDoS attack can be analyzed to determine how to mitigate a similar DDoS attack.Type: GrantFiled: December 19, 2018Date of Patent: February 8, 2022Assignee: McAfee, LLCInventors: Tirumaleswar Reddy Konda, Harsha Ramamurthy Joshi, Piyush Pramod Joshi, Eric Donald Wuehler
-
Publication number: 20210385230Abstract: There is disclosed in one example a computing apparatus, including: a hardware platform including a processor, a memory, and a network interface; and instructions encoded within the memory to instruct the processor to: receive an incoming packet via the network interface; extract from the incoming packet a source port and a source internet protocol (IP) address; correlate the source port and source IP to a device identifier (ID); receive a network policy for the device ID; and apply the network policy to the incoming packet.Type: ApplicationFiled: July 20, 2020Publication date: December 9, 2021Applicant: McAfee, LLCInventors: Harsha Ramamurthy Joshi, Tirumaleswar Reddy Konda, Shashank Jain, Piyush Pramod Joshi, Himanshu Srivastava
-
Patent number: 11166170Abstract: A technique for collecting and using signal reputation data, comprising obtaining a plurality of signal reputation data corresponding to a plurality of locations, categorizing the signal reputation data into groups, calculating signal circles for at least some of the groups based on a representative signal value for the corresponding group, calculating a signal reputation score for each signal circle, determining a best signal circle for a user mobile device within a predetermined distance of dead zones, and sending the best signal circle to the user mobile device based at least in part on the signal reputation score and a location of the user mobile device. In some embodiments, the technique may include some but not all of these actions and additional actions, such as suspending obtaining signal reputation data based on battery status.Type: GrantFiled: September 28, 2018Date of Patent: November 2, 2021Assignee: MCAFEE, LLCInventors: Raja Sinha, Dattatraya Kulkarni, Srikanth Nalluri, Anjan Kumar Nayak, Tirumaleswar Reddy Konda, Susmita Nayak, Purushothaman B, Harsha R. Joshi
-
Publication number: 20210329028Abstract: Example methods, apparatus, systems and articles of manufacture to implement cooperative mitigation of distributed denial of service attacks originating in local networks are disclosed. An example network element disclosed herein is to detect a first distributed denial of service attack associated with first network traffic received by an Internet service provider network, the first network traffic originating from a first device connected to a local network. The disclosed example network element is also to implement a threat signaling client to transmit first information describing the first distributed denial of service attack to a threat signaling server implemented by a local network router of the local network, and receive second information from the threat signaling server of the local network, the second information to provide a notification when the first network traffic associated with the first distributed denial of service attack has been mitigated.Type: ApplicationFiled: June 28, 2021Publication date: October 21, 2021Inventors: Tirumaleswar Reddy Konda, Harsha R. Joshi, Himanshu Srivastava, Srikanth Nalluri, Dattatraya Kulkarni
-
Publication number: 20210312050Abstract: Methods, apparatus, systems and articles of manufacture are disclosed to verify application permission safety.Type: ApplicationFiled: April 26, 2021Publication date: October 7, 2021Inventors: Dattatraya Kulkarni, Himanshu Srivastava, Raj Vardhan, Raja Sinha, Srikanth Nalluri, Tirumaleswar Reddy Konda
-
Patent number: 11128438Abstract: Sharing IoT device (IoTd) profile data is provided, comprising: generating at least one access control rule to protect an IoTd; publishing first IoTd profile data in a first new block (FNB) of a blockchain of a blockchain network (BN), wherein the first IoTd profile data comprises the at least one access control rule; and committing the FNB to the blockchain based on a consensus algorithm by: a manufacturer of the IoTd committing the FNB to the blockchain; a security vendor (SV) participating in the BN committing the FNB to the blockchain when the SV is a sole SV participating in the BN; or the SV committing the FNB to the blockchain based on consensus among at least the SV and a plurality of security vendors when the SV and the plurality of security vendors are participating in the BN.Type: GrantFiled: August 27, 2018Date of Patent: September 21, 2021Assignee: McAfee, LLCInventors: Tirumaleswar Reddy Konda, Harsha R. Joshi, Eric D. Wuehler, Piyush P. Joshi