178 patents
Page 8 of 9
Utility
Adaptive multipath tunneling in cloud-based systems
8 Apr 21
Systems and methods implemented by a mobile device include establishing a plurality of tunnels to a gateway, wherein each of the plurality of tunnels is on one of a plurality of link layer channels at the mobile device; intercepting network traffic on the mobile device; forwarding the network traffic to one of the plurality of tunnels based on a set of traffic forwarding rules; and responsive to a network change for the mobile device, managing the plurality of tunnels and continuing the forwarding based on the managing.
Abhinav Bansal, Rohit Goyal
Filed: 23 Nov 20
Utility
Web crawler systems and methods to efficiently detect malicious sites
8 Apr 21
Systems and methods include receiving a list of web sites; anonymously browsing to each web site in the list; receiving a response based on the browsing; and analyzing the response to classify each web site as malicious or not based on a plurality of techniques including JavaScript (JS) obfuscation detection based on de-obfuscation.
Deepen Desai, Dhruval Gandhi, Sachin Matte
Filed: 18 Nov 19
Utility
Packet dump utility in a mobile application for efficient troubleshooting
11 Mar 21
Systems and methods include providing functionality for a user device while operating in background on the user device; responsive to a user request, starting collection of packets intercepted by the enterprise application; storing the collected packets on the user device; receiving a selection from the user of an issue type of a plurality of issue types for an issue; and providing the issue type and the collected packets for debugging of the issue type.
Rishabh Gupta, Rohit Goyal
Filed: 13 Aug 20
Utility
Cloud application design for efficient troubleshooting
11 Mar 21
An enterprise application executed on a user device is configured to perform steps of providing functionality for a user device while operating in background on the user device; determining an issue with the functionality of the enterprise application; presenting a user of the user device a list of a plurality of issue types for selection thereof; receiving a selection from the user of an issue type for the issue; and collecting data from the user device based on the selected issue type.
Rohit Goyal, Rishabh Gupta
Filed: 21 Oct 19
Utility
Pattern similarity measures to quantify uncertainty in malware classification
18 Feb 21
Systems and methods include receiving content for classification; classifying the content as one of benign and malicious utilizing a model that has been trained with a training set of data including benign data and malicious data; determining a first pattern associated with the content; comparing the first pattern with a second pattern that is associated with one of the benign data and the malicious data; and determining an uncertainty of the classifying based on a distance between the first pattern and the second pattern.
Changsha Ma, Dianhuan Lin, Rex Shang, Kevin Guo, Howie Xu
Filed: 16 Aug 19
Utility
Cloud policy enforcement based on network trust
28 Jan 21
Systems and methods include obtaining trusted network rules for a plurality of networks, wherein the trusted network rules include whether a network is untrusted or one of a plurality of trusted networks; obtaining policy configurations for each of the trusted network rules, wherein the policy configurations define configurations for a cloud-based system to use with a user device based on a corresponding network where the user device is connected; communicating with the user device and determining which network of the plurality of network the user device is connected; and applying the configurations in the cloud-based system for the user device based on the network the user device is connected.
Vivek Ashwin Raman, Ajit Singh, Vikas Mahajan, Amandeep Singh, Huiju Wu, David Creedy
Filed: 29 Sep 20
Utility
System and method for malware detection on a per packet basis
28 Jan 21
Disclosed is a computer implemented method for malware detection that analyses a file on a per packet basis.
Huihsin Tseng, Hao Xu, Jian L. Zhen
Filed: 12 Oct 20
Utility
Machine learning model abstraction layer for runtime efficiency
6 Jan 21
Systems and methods include training a machine learning model with data for identifying features in monitored traffic in a network; analyzing the trained machine learning model to identify information overhead therein, wherein the information overhead is utilized in part for the training; removing the information overhead in the machine learning model; and providing the machine learning model for runtime use for identifying the features in the monitored traffic, with the removed information overhead from the machine learning model.
Rex Shang, Dianhuan Lin, Changsha Ma, Douglas A. Koch, Shashank Gupta, Parnit Sainion, Visvanathan Thothathri, Narinder Paul, Howie Xu
Filed: 17 Sep 20
Utility
Automated Estimation of Network Security Policy Risk
16 Dec 20
A computer system automatically tests a network communication model by predicting whether particular traffic (whether actual or simulated) should be allowed on the network, and then estimating the accuracy of the network communication model based on the prediction.
John O 'Neil, Michael J. Melson
Filed: 10 Jun 20
Utility
Semi-Automatic Communication Network Microsegmentation
16 Dec 20
A computer system automatically generates a proposal for performing microsegmentation on a network.
Peter Smith, Aparna Ayikkara, Omar Baba, Daniel Einspanjer, Anthony Gelsomini, Thomas C. Hickman, Peter Kahn, Thomas Evan Keiser, JR., Andriy Kochura, Nikitha Koppu, Scott Laplante, Xing Li, Raymond Brian Liu, Sean Lutner, Michael J. Melson, Peter Nahas, John O'Neil, Herman Parfenov, Joseph Riopel, Suji Suresh, Harry Sverdlove
Filed: 10 Jun 20
Utility
Automatic Network Application Security Policy Expansion
16 Dec 20
A system validates the establishment and/or continuation of a connection between two applications over a network.
Peter Nahas, Peter Smith, Harry Sverdlove, John O'Neil, Scott Laplante, Andriy Kochura
Filed: 10 Jun 20
Utility
Automated Software Capabilities Classification
9 Dec 20
A computer system automatically learns which application behavior constitutes “multi-use” behavior by observing the behavior of applications on a network.
John O'Neil, Peter Smith
Filed: 8 Jun 20
Utility
Statistical Network Application Security Policy Generation
9 Dec 20
Embodiments of the present invention generate network communication policies by applying machine learning to existing network communications, and without using information that labels such communications as healthy or unhealthy.
John O'Neil
Filed: 9 Jun 20
Utility
Systems and methods for troubleshooting and performance analysis of cloud-based services
11 Nov 20
Systems and methods for troubleshooting and performance analysis of a cloud-based service include receiving metrics over time from a plurality of analyzers, wherein the metrics include service-related metrics and network-related metrics related to a cloud-based service, wherein each analyzer of the plurality of analyzers is executed at one of a user device accessing the cloud-based service and in the cloud-based service, and wherein at least one analyzer is executed in the cloud-based service; analyzing the metrics to determine a status of the cloud-based service over the time; and identifying issues related to the cloud-based service utilizing the analyzed metrics over the time, wherein the issues include any of an issue on a particular user device, an issue in a network between a particular user device and the cloud service, and an issue within the cloud service.
Amit Sinha, Prem Mohan, Arshi Chadha, Preeti Arora, Ajit Singh, Purvi Desai
Filed: 27 Jul 20
Utility
Cloud based security using DNS
11 Nov 20
The present disclosure includes, responsive to a request from a user device, performing a security check based on policy associated with the user device, wherein the policy includes setting related to content filtering and security; responsive to the security check, performing one of: directly allowing the request to the Internet based on the security check determining the request is allowed by the settings; directly blocking the request based on the security check determining the request is disallowed by the settings; and forwarding the request to a system for inline inspection based on the security check determining the request includes suspicious content, wherein responsive to the inline inspection, the request is one of allowed and blocked.
Patrick Foxhoven, John Chanak, William Fehring
Filed: 27 Jul 20
Utility
Mobile device security, device management, and policy enforcement in a cloud-based system
28 Oct 20
Mobile device security, device management, and policy enforcement are described in a cloud-based system where the “cloud” is used to pervasively enforce security and policy and perform device management regardless of device type, platform, location, etc.
Amit Sinha, Narinder Paul, Srikanth Devarajan
Filed: 9 Jul 20
Utility
Enforcing security policies on mobile devices in a hybrid architecture
21 Oct 20
Systems and methods include intercepting traffic on a mobile device based on a set of rules; determining whether a connection associated with the traffic is allowed based on a local map associated with an application; responsive to the connection being allowed or blocked based on the local map, one of forwarding the traffic associated with the connection when allowed and generating a block of the connection at the mobile device when blocked; and, responsive to the connection not having an entry in the local map, forwarding a request for the connection to a cloud-based system for processing therein.
Vikas Mahajan, Rohit Goyal
Filed: 6 Jul 20
Utility
Quarantining fake, counterfeit, jailbroke, or rooted mobile devices in the cloud
21 Oct 20
Systems and methods include, in a cloud node executing a security service, causing a mobile device to perform a validation check to determine if the mobile device is any of fake, counterfeit, jailbroken, and rooted; responsive to successful validation, allowing traffic to and from the mobile device through the security service; and responsive to unsuccessful validation, preventing traffic to and from the mobile device through the security service.
Sreedhar Pampati, David Creedy, Brijesh Singh
Filed: 29 May 19
Utility
Utilizing Machine Learning for smart quarantining of potentially malicious files
7 Oct 20
Systems and methods include obtaining a file associated with a user for processing; utilizing a combination of policy for the user and machine learning to determine whether to i) quarantine the file and scan the file in a sandbox, ii) allow the file to the user and scan the file in the sandbox, and iii) allow the file to the user without the scan; responsive to the quarantine of the file and the sandbox determining the file is malicious, blocking the file; and, responsive to the quarantine of the file and the sandbox determining the file is benign, allowing the file.
Changsha Ma, Rex Shang, Douglas A. Koch, Dianhuan Lin, Howie Xu, Bharath Kumar, Shashank Gupta, Parnit Sainion, Narinder Paul, Deepen Desai
Filed: 15 Jun 20
Utility
Prudent ensemble models in machine learning with high precision for use in network security
7 Oct 20
Systems and methods include receiving a content item between a user device and a location on the Internet or an enterprise network; utilizing a trained machine learning ensemble model to determine whether the content item is malicious; responsive to the trained machine learning ensemble model determining the content item is malicious or determining the content item is benign but such determining is in a blind spot of the trained ensemble model, performing further processing on the content item; and, responsive to the trained machine learning ensemble model determining the content item is benign with such determination not in a blind spot of the trained machine learning ensemble model, allowing the content item.
Dianhuan Lin, Rex Shang, Changsha Ma, Kevin Guo, Howie Xu
Filed: 4 Apr 19