Ameya P Shendarkar

20130254343, Sep 26, 2013

May 14, 2012

13/471079

Matthew J. Stevens - Lexington MA, US
Ameya P. Shendarkar - San Mateo CA, US

AKAMAI TECHNOLOGIES INC. - Cambridge MA

G06F 15/16

709219

A server has a firewall module that performs accounting of traffic seen at the server. The traffic includes message exchanges, such as HTTP requests and HTTP responses. The server tests the message exchanges to determine if they match any of several message exchange categories. The server keeps statistics on matching traffic, for example the rate of matching traffic generated by a particular requesting client. Typically, the server is a proxy server that is part of a content delivery network (CDN), and the message exchanges occur between a client requesting content, the proxy server, other servers in the CDN, and/or an origin server from which the proxy server retrieves requested content. Using the message exchange model and the statistics generated thereby, the server can flag particular traffic or clients, and take protective action (e.g., deny, alert). In an alternate embodiment, a central control system gathers statistics from multiple servers for analysis.

20130254260, Sep 26, 2013

May 14, 2012

13/471103

Matthew J. Stevens - Lexington MA, US
Ameya P. Shendarkar - San Mateo CA, US
Walter D. Lichtenstein - Belmont MA, US
Michael D. Szydlo - Jamaica Plain MA, US

AKAMAI TECHNOLOGIES INC. - Cambridge MA

G06F 15/16

709203

A server has a firewall module that performs accounting of traffic seen at the server. The traffic includes message exchanges, such as HTTP requests and HTTP responses. The server tests the message exchanges to determine if they match any of several message exchange categories. The server keeps statistics on matching traffic, for example the rate of matching traffic generated by a particular requesting client. Typically, the server is a proxy server that is part of a content delivery network (CDN), and the message exchanges occur between a client requesting content, the proxy server, other servers in the CDN, and/or an origin server from which the proxy server retrieves requested content. Using the message exchange model and the statistics generated thereby, the server can flag particular traffic or clients, and take protective action (e.g., deny, alert). In an alternate embodiment, a central control system gathers statistics from multiple servers for analysis.

20190222558, Jul 18, 2019

Feb 20, 2018

15/900313

- Cambridge MA, US
Yannis Drougas - Santa Clara CA, US
Ameya Prakash Shendarkar - Oakland CA, US

Akamai Technologies, Inc. - Cambridge MA

H04L 29/06

Among other things, this document describes systems, devices, and methods for executing rules in an application layer firewall, including in particular a web application firewall (WAF). An application layer firewall engine employs symbolic execution techniques that result in improved performance and efficiency. In preferred embodiments, an arbitrary firewall rule can be pre-processed to discover and define a set of one or more properties that an input must have in order for the input to have the potential to trigger the rule. By quickly examining an input for these properties, then application layer firewall can conclude that the input cannot trigger and therefore skip full execution of the rule against the input. This can be repeated for many if not all rules in a firewall ruleset. When a high proportion of the inputs have the required properties for rule-skipping, performance can be dramatically improved.