VMware, Inc. patent applications published on November 30th, 2023

Summary of the patent applications from VMware, Inc. on November 30th, 2023

VMware, Inc. has recently filed several patents related to various technologies. These patents cover areas such as modifying settings of a legacy Radio Access Network (RAN) using a RAN intelligent controller framework, intrusion detection with adaptive pattern selection, bypassing pass codes during authentication in a virtual desktop infrastructure (VDI), optimizing reservation workflows in a user interface, classifying malware based on feature reuse frequency, executing unknown processes while preventing sandbox-evading malware, caching data during log intake for real-time reporting services, accessing a data lake with transactional capabilities, collecting and reporting inventory of resources in a data center, and processing asynchronous queries across multiple data cores in a distributed computing system.

Summary of VMware, Inc.'s recent patents:

- Modifying settings of a legacy RAN using a RAN intelligent controller framework. - Intrusion detection with adaptive pattern selection. - Bypassing pass codes during authentication in a VDI. - Optimizing reservation workflows in a user interface. - Classifying malware based on feature reuse frequency. - Executing unknown processes while preventing sandbox-evading malware. - Caching data during log intake for real-time reporting services. - Accessing a data lake with transactional capabilities. - Collecting and reporting inventory of resources in a data center. - Processing asynchronous queries across multiple data cores in a distributed computing system.

Notable applications:

- Modifying settings of a legacy RAN through a command received from an application executing on the RAN intelligent controller framework. - Detecting and classifying malware based on the frequency of feature reuse. - Bypassing pass codes during the authentication process of a VDI using pre-installed certificates and keys. - Optimizing reservation workflows in a user interface by allowing easy switching between single-day and multiple-day reservations. - Executing unknown processes while preventing sandbox-evading malware from causing harm by intercepting function calls and generating sandbox-style responses. - Caching relevant log data for real-time reporting services to improve efficiency. - Providing a version control interface for a data lake with transactional capabilities. - Collecting and reporting inventory of resources in a data center from both hardware and virtual resources. - Processing asynchronous queries across multiple data cores in a distributed computing system and notifying the client when results are available.

Patent applications for VMware, Inc. on November 30th, 2023

OBTAINING SOFTWARE UPDATES FROM NEIGHBORING HOSTS IN A VIRTUALIZED COMPUTING SYSTEM (18360162)

Main Inventor

ARAVINDA HARYADI

Brief explanation

The abstract describes a method for upgrading a host in a virtualized computing system that is managed by a lifecycle manager. Here are the key points:

• The method involves receiving a desired software specification for a hypervisor from the lifecycle manager at the host being upgraded.
• The host then determines a list of required software installation bundles (SIBs) that are needed to meet the desired software specification.
• The method identifies a neighboring host in the cluster for the host being upgraded.
• At least a portion of the required SIBs is downloaded from the neighboring host to the host being upgraded.
• Finally, the method executes an upgrade of the hypervisor in the host using the required SIBs.

In summary, this method provides a way to upgrade the hypervisor of a host in a virtualized computing system by downloading necessary software bundles from a neighboring host in the cluster.

Abstract

An example method of upgrading a host in a cluster under management of a lifecycle manager in a virtualized computing system includes: receiving, from the lifecycle manager at a host in the cluster being upgraded, a desired software specification for a hypervisor of the host; determining, by the host, a list of required software installation bundles (SIBs) to satisfy the desired software specification; identifying a neighboring host in the cluster for the host; downloading, from the neighboring host to the host, at least a portion of the required SIBs; and executing an upgrade of the hypervisor in the host using the required SIBs.

LOGICAL MEMORY ADDRESSING BY SMART NIC ACROSS MULTIPLE DEVICES (17826911)

Main Inventor

Alex Markuze

Brief explanation

The abstract describes a method for sending data messages at a network interface controller (NIC) of a computer. The method involves receiving a header and a logical memory address of a payload for the data message from a network stack executing on the computer. The logical memory address is then translated into a memory address for accessing a specific device connected to the computer. The payload data is read from the memory address of the particular device, and the data message is sent with the header and the payload data.

• The method is used for sending data messages at a network interface controller (NIC) of a computer.
• The method involves receiving a header and a logical memory address of a payload for the data message from a network stack executing on the computer.
• The logical memory address is translated into a memory address for accessing a specific device connected to the computer.
• The payload data is read from the memory address of the particular device.
• The data message is sent with the header received from the network stack and the payload data read from the particular device.

Abstract

Some embodiments provide a method for sending data messages at a network interface controller (NIC) of a computer. From a network stack executing on the computer, the method receives (i) a header for a data message to send and (ii) a logical memory address of a payload for the data message. The method translates the logical memory address into a memory address for accessing a particular one of multiple devices connected to the computer. The method reads payload data from the memory address of the particular device. The method sends the data message with the header received from the network stack and the payload data read from the particular device.

ASYNCHRONOUS QUERIES ON SECONDARY DATA CORES IN A DISTRIBUTED COMPUTING SYSTEM (18227863)

Main Inventor

Ramsés V. MORALES

Brief explanation

The patent application is about techniques for processing asynchronous queries across multiple data cores in a distributed computing system.

• The techniques involve recovering data from secondary data cores stored in the secondary storage system.
• The recovered data is then stored in new data cores generated in the data plane for easy searching.
• Asynchronous queries can be run in parallel, allowing the client to manage the queries dynamically.
• The client also receives notifications when the results of the queries are available.

Abstract

The present disclosure relates generally to techniques for processing asynchronous queries across multiple data cores including secondary data cores stored in the secondary storage system in a distributed computing system. Data from secondary data cores are recovered to new data cores generated in the data plane in order to be accessible for searching. Using this technique, asynchronous queries are run in parallel allowing the client to dynamically manage the queries and receive notifications when results are available.

HYBRID INVENTORY DATA SUMMARIZATION ACROSS HYBRID CLOUD INFRASTRUCTURE (18359746)

Main Inventor

Sachin Thakkar

Brief explanation

- The patent application describes a method for collecting and reporting inventory of resources in a data center.

- The inventory includes both hardware resources and virtual resources provisioned from the hardware. - The method involves executing API calls to collect inventory from both the virtualization management software and the cloud management server. - The collected inventory is stored for future reference. - When an inventory request is received from a central orchestrator, a subset of the stored inventory is initially sent to the orchestrator based on specified parameters. - Periodic updates to the subset of inventory are then sent to the orchestrator.

Abstract

A method of collecting and reporting inventory of resources deployed in a data center that includes hardware resources, a virtualization management software executed to provision virtual resources from the hardware resources, and a cloud management server executed to provision the virtual resources for tenants of the data center, includes the steps of: executing a first API call to the virtualization management software to collect first inventory of virtual resources deployed in the data center and a second API call to the cloud computing management software to collect second inventory of virtual resources deployed in the data center; storing the first and second inventory; and in response to an inventory request from a central orchestrator, initially sending a subset of the stored first and second inventory to the central orchestrator in accordance with parameters included in the inventory request, and thereafter sending updates to the subset to the central orchestrator periodically.

DATA LAKE WITH TRANSACTIONAL SEMANTICS (17827795)

Main Inventor

Christos KARAMANOLIS

Brief explanation

The abstract describes a version control interface that allows access to a data lake with transactional capabilities.

• The interface generates multiple tables for data objects stored in the data lake.
• Each table has name fields and maps columns or rows to the data objects.
• Transactions can read and write data objects across multiple tables, ensuring atomicity, consistency, isolation, and durability.
• Incomplete transactions are accumulated until a complete transaction message is received.
• Upon receiving the complete transaction message, the master branch is updated to reference the data objects.
• Tables can be grouped into data groups to improve the speed of master branch updates.

Abstract

A version control interface provides for accessing a data lake with transactional semantics. Examples generate a plurality of tables for data objects stored in the data lake. The tables each comprise a set of name fields and map a space of columns or rows to a set of the data objects. Transactions read and write data objects and may span a plurality of tables with properties of atomicity, consistency, isolation, durability (ACID). Performing the transaction comprises: accumulating transaction-incomplete messages, indicating that the transaction is incomplete, until a transaction-complete message is received, indicating that the transaction is complete. Upon this occurring, a master branch is updated to reference the data objects according to the transaction-incomplete messages and the transaction-complete message. Tables may be grouped into data groups that provide atomicity boundaries so that different groups may be served by different master branches, thereby improving the speed of master branch updates.

REAL-TIME DASHBOARDS, ALERTS AND ANALYTICS FOR A LOG INTELLIGENCE SYSTEM (18228646)

Main Inventor

Karthik SESHADRI

Brief explanation

- The patent application describes a method for caching data during a log intake process to support real-time reporting services.

- Instead of caching all log data, only the log data relevant to existing queries associated with the real-time reporting services is cached. - This approach helps improve the efficiency of the caching process. - Only specific metrics within the log data are stored for quick access by the real-time reporting services. - The innovation aims to optimize the storage and retrieval of log data for real-time reporting purposes.

Abstract

This disclosure describes how data supporting real-time reporting services can be cached during a log intake process. In particular, instead of caching all the log data being generated by an operational system, only the log data relevant to existing queries associated with the real-time reporting services are cached. In some embodiments, only particular metrics contained within the log data are stored for rapid access by the real-time reporting services.

PREVENTING ACTIVATION OF MALWARE BY EXHIBITING SANDBOX BEHAVIOR IN A NON-SANDBOX ENVIRONMENT (17825684)

Main Inventor

Rayanagouda Bheemanagouda PATIL

Brief explanation

The patent application describes a method for executing unknown processes while preventing sandbox-evading malware from causing harm.

• The method detects a process execution event associated with an executable that is to be executed in a production environment.
• If the executable is determined to be unknown (not analyzed for malware), a sandbox simulator is activated.
• The process of the executable is then executed in the production environment.
• Any function calls made by the executing process are intercepted by the sandbox simulator.
• The sandbox simulator generates sandbox-style responses to these intercepted function calls using sandbox response data.
• The generated sandbox responses are provided to the executing process, making the malware behave as if it is running in a sandbox environment.

Abstract

The disclosure herein describes executing unknown processes while preventing sandbox-evading malware therein from performing malicious behavior. A process execution event associated with an executable is detected, wherein the executable is to be executed in a production environment. The executable is determined to be an unknown executable (e.g., an executable that has not been analyzed for malware) using signature data in the process execution event. A function call hook interface of a sandbox simulator is activated, and a process of the executable is executed in the production environment. Any function calls from the executing process are intercepted by the activated function call hook interface, and sandbox-style responses to the intercepted function call are generated using sandbox response data of the sandbox simulator. The generated sandbox responses are provided to the executing process, whereby malware included in the executable behaves as if the executing process is executing in a sandbox environment.

SYSTEMS AND METHODS FOR CLASSIFYING MALWARE BASED ON FEATURE REUSE (18447928)

Main Inventor

Roman Vasilenko

Brief explanation

- The patent application describes systems and methods for classifying malware based on the frequency of feature reuse.

- The system can identify a malicious feature frequency, a benign feature frequency, and a first weight value. - It can generate a first reuse vector based on the malicious feature frequency and the benign feature frequency. - The system can determine if a training binary (a file used for training) includes a first feature and a second feature. - The second feature is associated with a second reuse vector and a second weight value. - If the first binary includes both features, the system constructs a reuse tensor using the first and second reuse vectors, and the first and second weight values. - The system then trains a malware classification model using the reuse tensor and the known classification associated with the training binary.

Abstract

Systems and methods for classifying malware based on the frequency of feature reuse are provided. The system can identify a malicious feature frequency, a benign feature frequency, and a first weight value. The system can generate a first reuse vector based on the malicious feature frequency and the benign feature frequency. The system can determine that a training binary associated with a known classification includes the first feature and a second feature, the second feature associated with a second reuse vector and a second weight value. The system can construct, responsive to the determination that the first binary includes the first feature and the second feature, a reuse tensor using the first reuse vector, the second reuse vector, the first weight value, and the second weight value. The system can train a malware classification model using the reuse tensor and the known classification associated with the training binary.

OPTIMIZING A RESERVATION USER INTERFACE (18447777)

Main Inventor

Kira Chung

Brief explanation

The patent application describes methods for optimizing a reservation workflow in a user interface. 

• Users can easily switch from making a reservation for a single day to making a reservation for multiple days without having to start the reservation process all over again.
• The user interface can quickly recover from a situation where a booking is unavailable, without requiring the user to go to a different interface to select an alternative booking.

Abstract

Various examples are described for optimizing a reservation workflow in a user interface. In a calendar user interface element, a user can move from a single day reservation to multi-day reservation without having to choose a multi-day reservation to begin the reservation workflow. Additionally, the user interface can instantly recover from an unavailable booking without requiring the user to navigate to another user interface to select an alternative booking.

BYPASSING A USER PASSCODE WHEN ACCESSING A GATEWAY OF A VIRTUAL DISKTOP INFRASTRUCTURE SYSTEM (17867366)

Main Inventor

Hongsheng LI

Brief explanation

The patent application describes a method for bypassing a pass code (such as a PIN) during the authentication process of a virtual desktop infrastructure (VDI) in a virtualized computing environment. 

• The method involves a customized operating system (OS) on the client device that has pre-installed certificates and keys used for authentication.
• These certificates and keys are protected by the PIN, but the method allows the client device to perform the authentication process without requiring the user to manually enter the PIN.
• This is achieved through a public interface that enables the client device to access and use the certificates and keys for authentication without the need for user input.

Abstract

A method enables a user to bypass a pass code, such as personal identification number (PIN), when performing an authentication process between a client device and a gateway/broker of a virtual desktop infrastructure (VDI) provided by a virtualized computing environment. A customized operating system (OS) of the client device includes pre-installed certificates and keys that are used in the authentication process and which are protected by the PIN. Through a public interface, a client device may perform the authentication process without requiring the user to manually enter the PIN.

INTRUSION DETECTION WITH ADAPTIVE PATTERN SELECTION (17752990)

Main Inventor

Russell LU

Brief explanation

The patent application describes methods and systems for intrusion detection with adaptive pattern selection.

• The computer system selects a subset of patterns from a set of multiple patterns based on metric information.
• When a packet is received between a source and destination endpoint, the system performs a first matching operation to determine if the packet matches a particular pattern from the subset.
• If the packet matches the pattern, a second matching operation is performed to determine if the packet matches a specific signature.
• The metric information associated with the pattern is updated based on the first and second matching operations.
• The subset of patterns is then updated based on the updated metric information.

Abstract

Example methods and systems for intrusion detection with adaptive pattern selection are described. In one example, a computer system may perform pattern selection by selecting a subset from a set of multiple patterns based on metric information. In response to receiving a packet belonging to a flow between a source endpoint and a destination endpoint, a first matching operation may be performed to determine whether the packet is matchable to a particular pattern from the set of multiple patterns or the subset. In response to determination that the packet is matchable to the particular pattern, a second matching operation may be performed to determine whether the packet is matchable to a particular signature. The metric information associated with the particular pattern may be updated based on the first matching operation and/or the second matching operation. This way, the subset may be updated based at least on the updated metric information.

TRANSLATING COMMANDS FOR LEGACY RADIO ACCESS NETWORK (17827032)

Main Inventor

Christopher Jon Dent

Brief explanation

The abstract describes a method for modifying settings of a legacy Radio Access Network (RAN) using a RAN intelligent controller framework. 

• The method allows modification of settings of a legacy RAN through a command received from an application executing on the RAN intelligent controller framework.
• The command is translated into a set of API calls to an element management system (EMS) responsible for managing the legacy RAN.
• The API calls are sent to the EMS to modify the desired settings of the legacy RAN.

Abstract

Some embodiments provide a method for modifying settings of a legacy RAN at a first application executing on a RAN intelligent controller (MC) framework. From a second application executing on the MC framework, the method receives a command to modify at least one setting of the legacy RAN. The method translates the command into a set of one or more API calls to an element management system (EMS) for the legacy RAN. the method sends the API calls to the EMS in order to cause the EMS to modify the at least one setting of the legacy RAN.