Columbia University In the City of New York 1991 - 2001
Doctorates, Doctor of Philosophy, Computer Science
Skills:
File Systems Storage Computer Science Algorithms Distributed Systems Operating Systems Latex C Software Engineering Software Development Computer Security Parallel Computing Machine Learning C++ Computer Architecture High Performance Computing Linux Perl
Us Patents
Systems And Methods For Detection Of New Malicious Executables
Matthew G. Schultz - Ithaca NY, US Eleazar Eskin - Santa Monica CA, US Erez Zadok - Middle Island NY, US Manasi Bhattacharyya - Flushing NY, US Stolfo Salvatore J. - Ridgewood NJ, US
Assignee:
The Trustees of Columbia University in the City of New York - New York NY
International Classification:
G06F 11/00 G06F 12/14
US Classification:
726 24, 726 13, 713188
Abstract:
A system and methods for detecting malicious executable attachments at an email processing application of a computer system using data mining techniques. The email processing application may be located at the server or at the client or host. The executable attachments are filtered from said email, and byte sequence features are extracted from the executable attachment. The executable attachments are classified by comparing the byte sequence feature of the executable attachment to a classification rule set derived from byte sequence features of a data set of known executables having a predetermined class in a set of classes, e. g. , malicious or benign. The system is also able to classify executable attachments as borderline when the difference between the probability that the executable is malicious and the probability that the executable is benign are within a predetermined threshold. The system can notify the user when the number of borderline attachments exceeds the threshold in order to refine the classification rule set.
System And Methods For Detection Of New Malicious Executables
Matthew Schultz - Ithaca NY, US Eleazar Eskin - Santa Monica CA, US Erez Zadok - Middle Island NY, US Manasi Bhattacharyya - Flushing NY, US Stolfo Salvatore - Ridgewood NJ, US
International Classification:
G06F011/30
US Classification:
713/188000
Abstract:
A system and methods for detecting malicious executable attachments at an email processing application of a computer system using data mining techniques. The email processing application may be located at the server or at the client or host. The executable attachments are filtered from said email, and byte sequence features are extracted from the executable attachment. The executable attachments are classified by comparing the byte sequence feature of the executable attachment to a classification rule set derived from byte sequence features of a data set of known executables having a predetermined class in a set of classes, e.g., malicious or benign. The system is also able to classify executable attachments as borderline when the difference between the probability that the executable is malicious and the probability that the executable is benign are within a predetermined threshold. The system can notify the user when the number of borderline attachments exceeds the threshold in order to refine the classification rule set.
Erez Zadok - Stony Brook NY, US Charles Wright - Port Jefferson Station NY, US Akshat Aranya - New Delhi, IN Abhijith Das - Westbury NY, US Yevgeniy Miretskiy - Coram NY, US Kiran-Kumar Muniswamy-Reddy - Bangalore, IN Andrew Himmer - Arlington MA, US
International Classification:
G06F015/16
US Classification:
726024000, 709230000
Abstract:
An operating system kernel, including a protocol stack, includes a network layer for receiving a message from a data network, a stackable file system layer coupled to the network layer for inspecting the message, wherein the stackable file system layer is coupled to a storage device, the stackable file system determining and storing file system level information determined from the message, and a wrapped file system comprising a file targeted by the message coupled to the stackable file system layer for receiving the message inspected by the stackable file system.
Shrikar Archak - Bangalore, IN Sagar Dixit - Pune, IN Richard P. Spillane - Clifton Park NY, US Erez Zadok - Stony Brook NY, US
International Classification:
G06F 12/08
US Classification:
711104, 711118, 711E12041
Abstract:
A method for maintaining an index in multi-tier data structure includes providing a plurality of a storage devices forming the multi-tier data structure, caching an index of key-value pairs across the multi-tier data structure, wherein each of the key-value pairs includes a key, and one of a data value and a data pointer, the key-value pairs stored in the multi-tier data structure, providing a journal for interfacing with the multi-tier data structure, providing a plurality of zone allocators recording which zones of the multi-tier data structure are in used, and providing a plurality of zone managers for controlling access to cache lines of the multi-tier data structure through the journal and zone allocators, wherein each zone manager maintains a header object pointing to data to be stored in an allocated zone.
Molecular Analysis Using A Magnetic Sifter And Nanowell System
- Albany NY, US Sugar Dixit - Bibevewadi, MH Richard P. Spillane - Clifton Park NY, US Erez Zadok - Stony Brook NY, US
International Classification:
C12Q 1/68
Abstract:
A method for identification of circulating tumor cells (CTCs) in a blood sample uses magnetic enrichment and a nanowell assay. The CTCs are magnetically labeled with cancer cell markers conjugated to magnetic nanoparticles and then separated by passing the blood sample through a magnetic sifter. The enriched CTCs are then loaded into a microfluidic single-cell molecular assay comprising an array of 25,600 or more nanowells, each containing at most a single one of the CTCs. Using multiple fluorescent gene markers, simultaneous multiple-color multiplexed gene expression of the CTCs is performed, preferably using RT-PCR. Images of fluorescence signals from individual nanowells are analyzed to identify CTCs.
- Albany NY, US SAGAR DIXIT - Bibevewadi, MH RICHARD P. SPILLANE - Clifton Park NY, US EREZ ZADOK - Stony Brook NY, US
International Classification:
G06F 17/30 G06F 12/08
Abstract:
A method for maintaining an index in multi-tier data structure includes providing a plurality of a storage devices forming the multi-tier data structure, caching an index of key-value pairs across the multi-tier data structure, wherein each of the key-value pairs includes a key, and one of a data value and a data pointer, the key-value pairs stored in the multi-tier data structure, providing a journal for interfacing with the multi-tier data structure, providing a plurality of zone allocators recording which zones of the multi-tier data structure are in used, and providing a plurality of zone managers for controlling access to cache lines of the multi-tier data structure through the journal and zone allocators, wherein each zone manager maintains a header object pointing to data to be stored in an allocated zone.