Dr. Bhavani Thuraisingham

Home

My Work

Patents & Technology Transfer

    PATENTS ISSUED

    The MITRE Corporation

  1. US Patent, October 1994, US5355474A

    System for a multilevel secure database management system using a knowledge base with release-based and other security constraints for query, response, and update modifications (with William Ford and Marie Collins)

    Description: System for processing security constraints (i.e. policies) in a multilevel secure database system. The invention describes the inference controller that handles some constraints during query processing, some during database updated and some during database design operation.

    Citations: 200 including IBM, AT&T, Bellcore, Lucent, HP, BEA Systems, Microsoft, Secure Computing Corp., Facebook, Data General, Novell.

  2. US Patent, January 1996, US5481700A

    An apparatus and method of a multilevel secure database management system based on a multilevel logic programing system (sole inventor)

    Description: A multilevel secure database system that is based on a new logic called Nonmonotonic Typed Multilevel Logic. This system is essentially a logic programming system to process multilevel data.

    Citations: 119 including by IBM, Microsoft, Facebook, BEA Systems, Ontos, Data General, Harris Corp.

  3. US Patent, December 1997, US5694590A

    Apparatus and method for the detection of security violations in multilevel secure databases (with W. Ford)

    Description: An expert system to process data and protect against unauthorized inferences. The system consists of a knowledge base and a reasoning engine.

    Citations: 72 including by IBM, Google, HP, Symantec, Intel, Ontos.

    4. Status of the Patents

    In 2003, former Microsoft CTO Nathan Myhrvold's company (Intellectual Ventures) purchased 4 "must- have" patents from MITRE for a substantial amount which includes Dr. Thuraisingham's three patents listed above.

    The University of Texas at Dallas

  4. US Patent, January 2015, US8965974

    Systems and methods for determining user attribute values by mining user network data and information (Bhavani Thuraisingham, Latifur Khan, Satyen Abrol, Vaibhav Khadilkar)

    Description: A data mining system that analyzes social media data (e.g., twitter) and extracts unknown information such as demographics (location, friendships, travel patterns, etc.)

  5. US Patent, November 2015, US 9165051

    Systems and Methods for Detecting a Novel Data Class (Bhavani Thuraisingham, Latifur Khan, M. Mehedy Masud, Jiawei Han, Jing Gao; this patent is jointly with professor and student from UIUC, although the main inventors are professors and students from UTD)

    Description: A data mining system that forms novel classes. That is, usually data are classified according to predefined classes. When a piece of data does not belong to a particular class, then over time the system forms novel classes and classifies such data.

  6. Large Scale, Automated Detection of SSL/TLS Man-in-the-Middle Vulnerabilities in Android Apps, Patent Application No.: US 14/629876 (B. Thuraisingham, L. Khan, Z. Lin; Patent: US 9,977,904, May 2018)

    Description: This invention describes a system that utilizes a hybrid approach to detect man in the middle attacks for Android applications and other smart phones. In particular, it combines static analysis with highly novel dynamic analysis to develop such a system. This patent is in the process if being issued.

  7. System and Method for Media Data Analytics, Patent Application No.: US 14/746,576. Satyen Abrol, Latifur Khan, Vaibhav Khadilkar, Bhavani Thuraisingham, Nathan McDaniel G. Rajaseker, G. Ganesh. (Approved, October 2020; Issued January 2021)

    Description: A data mining system that forms novel classes. That is, usually data are classified according to predefined classes. When a piece of data does not belong to a particular class, then over time the system forms novel classes and classifies such data.

    This invention together with US 9165051 is being commercialized by Knowledge and Security Analytics, LLC.).

    8. Regarding the patent US 9165051, we have developed a system called InXite based on the technology (invention US 14/746,576) and Knowledge and Security Analytics, LLC (Dr. Thuraisingham's start-up company) is licensing the patent and commercializing the technology.

    Dr. Maria Cordova, the Director of NSF has commended this effort in her address at TAMEST in November 2015 (http://www.nsf.gov/news/speeches/ cordova/15/fc151113_TAMEST.jsp). In particular, she stated the following as shown on the NSF website.

    "Bhavani Thuraisingham (pronounced "Bha-van-e Thu-ra-sing-ham"), from The University of Texas at Dallas, developed a tool to mine data on Twitter, which transferred to a startup company called Knowledge and Security Analytics. She is Professor of Computer Science and Director of the Cyber Security Research Center at UT Dallas."

    Prototype systems have been developed that use novel class detection techniques for detecting malware including zero-day attacks. We will commercialize the technology to detect the new malware unleashed by attackers.

TECHNOLOGY TRANSFER (SAMPLE)

  1. Multilevel Secure Relational Database System: Some aspects of the design of the Lock Data Views System I designed at Honeywell under contract with Rome Air Development Center have been adopted by Oracle in their Trusted Database System product in 1991 (as well as by Sybase and Informix). In particular, Lock Data Views designed a multilevel relational data model and a system architecture that relied on the operating system to provide mandatory access control for query and update processing. This was the design adopted by Oracle in one of their trusted database system products. We worked with NSA to transfer the technology to commercial products.
  2. Distributed Data Dictionary Systems: The Distributed Data Dictionary System I designed and co-developed at Honeywell was transferred to Honeywell Residential Control's Division in 1987 (with Dr. Krishna Mikkilineni et al). The system we designed and developed utilized an entity-relational model as the common representation and transformed the various data models (e.g., relational data models) into the common model. Our design was based on the ANSI IRD standard. The prototype was transferred to Honeywell's division.
  3. Expert System for Control Systems: XIMKON system, an expert system for control systems, I designed and co-developed at Honeywell was transferred to Honeywell's Industrial Automation Systems Division in 1989 (with Dr. Ferit Konar et al). In particular, XIMKON was an expert system that will analyze the sensor data and reasons about the data and give advice to the operator about the status of the industrial plant. We designed and developed XIMKON and the prototype was transferred to Honeywell's division.
  4. Secure Distributed Database System: Some aspects of the secure distributed database system I designed and co-developed at MITRE for the Air Force Rome Laboratory and US Army CECOM was transferred to the Army's MCS (Maneuver Control System) in 1994 (with Harvey Rubinovitz et al). In particular, we first designed and developed a secure distributed database system for the Air Force and subsequently we used our system to connect database systems securely and MITRE Bedford and MITRE McLean. US Army CECOM was extremely interested in this effort and funded us to make significant enhancements to this prototype. In particular, we implemented a distributed constraint processor on top of the secure distributed database system and also enhanced the performance of the system. Our prototype was transferred to US Amy CECOM for the MCS program.
  5. Distributed Real-time Object System/: I was involved in the design and co-development of the software for distributed real-time object systems in C++. Some aspects of the Distributed Real-time Object System design and developed at MITRE for the Air Force were transferred to the AWACS system in 1997 (as well as to the Real-time task force at OMG; with John Maurer et al). In particular, we designed and developed an object-based real-time infrastructure, application, and data manager for the next generating AWACS program for the Air Force. We demonstrated our prototypes to the Air Force and the system was transferred to the AWACS program. In addition, this work was presented to the OMG's Real-time SIG and influenced the subsequent standards developed.
  6. Secure Cloud-based Assured Information Sharing System: Togwther with my colegues I designed and supervised the implementation (of students) of a comprehensive policy-based information sharing system in the Cloud at UTD. The system was revolutionary and the Air Force published a press release on our work (http://www.wpafb.af.mil/News/Article- Display/Article/400150/afosr-funded-initiative-creates-more-secure-environment-for-cloud-computing). We submitted a one-page STTR on this effort to the Air Force which went into the BAA in 2011 and a company is now implementing a product.
  7. Social Media Systems: Together with my colleagues, I designed and supervised the implementation of analyzing and securing social media systems. With respect to analyzing the systems, we designed and developed techniques for extracting demographics information including location in social media systems (twitter). Subsequently we implemented a system called InXite based on technology for marketing and security. Multiple patents were obtained for this work. With respect to privacy we examined Facebook data and showed how privacy could be violated from Facebook posts. With respect to security, e implemented an access control model for FOAF Social media systems.
  8. Data Mining for Malware Detection: Together with my colleague I have designed and supervised the implementation (of students) of several novel data mining tools for malware detection. These tools were based on a concept called novel class detection (which has been patented) and subsequently implemented an ensemble of models for malware analysis and insider treat detect A cloud-based implementation of some of the tools were also cared out. We submitted a one-page STTR on this effort to the Air Force which went into the BAA in 2011 and a company is now implementing a product.
  9. Database Inference Controllers: This has been one of my major contributions to data security and privacy. I designed one of the early database inference controllers and subsequently co-developed am inference controller from scratch hosted on Secure Sybase data server. This system was extended to a distributed environment and transferred to the Arm systems. Subsequently I designed and supervised the implementation of a PhD student on a more modern inference controller using semantic web technologies. More recently I have been exploring the development of an inference controller with big data technologies.