公开(公告)号：US20180365451A1

公开(公告)日：2018-12-20

申请号：US15420736

申请日：2017-01-31

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Geoffrey Ndu ,  Pratyusa K. Manadhata ,  Christopher I. Dalton ,  Adrian Shaw ,  Stuart Haber

IPC: G06F21/78 ,  G06F21/60 ,  G06F21/72 ,  H04L9/06

Abstract: Examples relate to Input/Output (I/O) data encryption and decryption. In an example, an encryption/decryption engine on an Integrated Circuit (IC) of a computing device obtains at least one plaintext data. Some examples determine, by the encryption/decryption engine, whether the at least one plaintext data is to be sent to a memory in the computing device or to an I/O device. Some examples apply, when the at least one plaintext data is to be sent to the I/O device and by the encryption/decryption engine, an encryption primitive of a block cipher encryption algorithm to the at least one plaintext data to create output encrypted data, wherein an initialization vector that comprises a random number is applied to the encryption primitive.

公开(公告)号：US20180121122A1

公开(公告)日：2018-05-03

申请号：US15573582

申请日：2015-09-30

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Amro J. Awad ,  Pratyusa K. Manadhata ,  William G. Home

IPC: G06F3/06

CPC classification number: G06F3/0632 ,  G06F3/0611 ,  G06F3/0652 ,  G06F3/0659 ,  G06F3/0679 ,  G06F12/0246 ,  G06F13/16 ,  G06F13/1668 ,  G06F2212/1024 ,  G06F2212/7201 ,  G06F2212/7203

Abstract: A technique includes receiving, in a memory controller, a request to read data that is stored in the region of memory. The technique includes using the memory controller to manage access to the memory based on an initialization state indicator for the region of memory. Managing the access includes determining whether the region of memory is associated with the initialized state based on the indicator; and based at least in part on the determination, selectively bypassing accessing the memory and using the memory controller to provide data having a provide a predetermined data pattern.

公开(公告)号：US11240256B2

公开(公告)日：2022-02-01

申请号：US15420417

申请日：2017-01-31

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Tomasz Jaroslaw Bania ,  William G. Horne ,  Renato Keshet ,  Pratyusa K. Manadhata ,  Manish Marwah ,  Brent James Miller ,  Barak Raz ,  Tomas Sander

IPC: G06F21/00 ,  H04L29/06

Abstract: In some examples, a plurality of alerts relating to issues in a computing arrangement are received, where the plurality of alerts generated based on events in the computing arrangement. A subset of the plurality of alerts is grouped into a bundle of alerts, the grouping being based on a criterion. The bundle of alerts is communicated to cause processing of the alerts in the bundle of alerts together.

公开(公告)号：US11218497B2

公开(公告)日：2022-01-04

申请号：US15437230

申请日：2017-02-20

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Tomasz Jaroslaw Bania ,  William G. Horne ,  Pratyusa K. Manadhata ,  Tomas Sander

IPC: H04L29/06

Abstract: A technique includes determining relations among a plurality of entities that are associated with a computer system; and selectively grouping behavior anomalies that are exhibited by the plurality of entities into collections based at least in part on the determined relations among the entities. The technique includes selectively reporting the collections to a security operations center.

公开(公告)号：US10764307B2

公开(公告)日：2020-09-01

申请号：US15573872

申请日：2015-08-28

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Pratyusa K. Manadhata

IPC: G06F12/14 ,  H04L29/06 ,  H04L29/08 ,  H04L12/26

Abstract: Examples herein disclose an extraction of data from a payload field within a domain name system (DNS) packet. The extracted data is classified according to a level of risk associated with the extracted data. Based on the classification, the DNS packet may be determined as malicious.

公开(公告)号：US20180262516A1

公开(公告)日：2018-09-13

申请号：US15754617

申请日：2015-08-28

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Loai Zomlot ,  Pratyusa K. Manadhata

IPC: H04L29/06 ,  H04L29/12

CPC classification number: H04L63/14 ,  H04L61/1511 ,  H04L63/1425

Abstract: Example embodiments disclosed herein relate to propagating belief information about malicious and benign nodes. In one example, a domain name system (DNS) resolution graph including multiple nodes is determined. In this example, a first subset of nodes is determined based on an initial benign value or an initial unknown value associated with the respective nodes. In the example, benign belief information is propagated for the first subset based on the respective initial benign values. Moreover, in the example, a second subset of the nodes is determined based on an initial malicious value or an initial unknown value. Malicious belief information is propagated for the second subset based on the respective malicious values. The propagated belief information is copied to a DNS resolution graph.

公开(公告)号：US20180241761A1

公开(公告)日：2018-08-23

申请号：US15437230

申请日：2017-02-20

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Tomasz Jaroslaw Bania ,  William G. Horne ,  Pratyusa K. Manadhata ,  Tomas Sander

IPC: H04L29/06

CPC classification number: H04L63/1425

Abstract: A technique includes determining relations among a plurality of entities that are associated with a computer system; and selectively grouping behavior anomalies that are exhibited by the plurality of entities into collections based at least in part on the determined relations among the entities. The technique includes selectively reporting the collections to a security operations center.

公开(公告)号：US10728264B2

公开(公告)日：2020-07-28

申请号：US15433136

申请日：2017-02-15

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Sandeep N. Bhatt ,  Pratyusa K. Manadhata ,  Tomas Sander

IPC: H04L29/06 ,  G06N20/00

Abstract: A technique includes receiving data identifying behavior anomalies that are exhibited by entities that are associated with a computer system. The technique includes associating the behavior anomalies with contexts based at least in part on threat intelligence to provide modified anomalies. The threat intelligence associates the contexts with indicators of potential breach. The technique includes characterizing the behavior anomaly identification based at least in part on the threat intelligence. The characterization includes applying machine learning to features of the modified anomalies to classify the identified behavior anomalies.

公开(公告)号：US10705745B2

公开(公告)日：2020-07-07

申请号：US15573582

申请日：2015-09-30

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Amro J. Awad ,  Pratyusa K. Manadhata ,  William G. Horne

IPC: G06F3/06 ,  G06F13/16 ,  G06F12/02

Abstract: A technique includes receiving, in a memory controller, a request to read data that is stored in the region of memory. The technique includes using the memory controller to manage access to the memory based on an initialization state indicator for the region of memory. Managing the access includes determining whether the region of memory is associated with the initialized state based on the indicator; and based at least in part on the determination, selectively bypassing accessing the memory and using the memory controller to provide data having a provide a predetermined data pattern.

公开(公告)号：US10686817B2

公开(公告)日：2020-06-16

申请号：US15754282

申请日：2015-09-21

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Prasad V. Rao ,  Sandeep N. Bhatt ,  William G. Horne ,  Pratyusa K. Manadhata ,  Miranda Jane Felicity Mowbray

IPC: H04L29/06 ,  H04L29/12

Abstract: Examples determine a number of hosts, within an enterprise, which are resolving a particular domain. Based on the number of hosts within the enterprise resolving the particular domain, the examples identify whether the particular domain is benign.