Resumes
Resumes
Thusitha Jayawardena Phones & Addresses
-
12 Hidden Pond Ln, Holmdel, NJ 07733 (732) 787-2801
-
22 Bristlecone Dr, Howell, NJ 07731 (732) 785-9203
-
Tinton Falls, NJ
-
Tucson, AZ
-
12 Hidden Pond Ln, Holmdel, NJ 07733 (732) 600-0856
Work
Position:
Professional/Technical
Publications
Us Patents
Apparatus And Method For Group-Wise Detection Of Failure Condition
View pageUS Patent:
6807151, Oct 19, 2004
Filed:
Mar 27, 2000
Appl. No.:
09/536515
Inventors:
Thusitha Jayawardena - Howell NJ
Assignee:
ATT Corp - Bedminster NJ
International Classification:
H04J 306
US Classification:
370241, 370470, 370506, 370518, 327141, 375357, 375375
Abstract:
Group-wise testing of the clocks arriving at a switching office is undertaken by multiplexing the clocks onto a single line and developing a signal therefrom that is indicative of a problem, if it exists, in any of the component signals that were multiplexed. In one embodiment, the developed signal is a gated portion of the multiplexed signal. That signal is integrated over an integration frame and compared to the integrated signal of another integration frame. A difference between the two compared signals indicates that at least one of the clocks is out of frequency synch. Subsequent tests identify the offending clock, or clocks.
Detection Of Routing Loops Based On Time-To-Live Expiries
View pageUS Patent:
7752666, Jul 6, 2010
Filed:
Dec 21, 2007
Appl. No.:
11/963039
Inventors:
Thusitha Jayawardena - Holmdel NJ, US
William J. Shugard - Berkley Heights NJ, US
William J. Shugard - Berkley Heights NJ, US
Assignee:
AT&T Labs, Inc. - Austin TX
International Classification:
G06F 11/00
US Classification:
726 23, 370351
Abstract:
A method and system for detecting routing loops and time-to-live (TTL) expiry attacks in a telecommunications network are disclosed. The detection of routing loops and TTL expiry attacks can be achieved based on the comparison of TTL expiries occurring on two or more routers in the network. A quantity of TTL expiries associated with a router can be summed. Additionally, a quantity of TTL expiries associated with other routers that are operatively coupled to the router can be summed. A difference between the sums can be calculated and a determination of whether a routing loop exists can be made in response to the difference.
Method For Distributed Denial-Of-Service Attack Mitigation By Selective Black-Holing In Mpls Vpns
View pageUS Patent:
7925766, Apr 12, 2011
Filed:
Feb 18, 2004
Appl. No.:
10/782512
Inventors:
Thusitha Jayawardena - Holmdel NJ, US
Luis E. Morales - Freehold NJ, US
Luis E. Morales - Freehold NJ, US
Assignee:
AT&T Intellectual Property II, L.P. - Atlanta GA
International Classification:
G06F 15/16
G06F 11/00
H04J 3/10
G06F 11/00
H04J 3/10
US Classification:
709229, 370401, 709230, 709249, 726 22, 726 23, 726 24
Abstract:
A system and method for aiding the handling of DDoS attacks in which VPN traffic entering an ISP network at some points will be black-holed, while VPN traffic entering the ISP network at other points will be routed, as it should be, to the system-under-attack. Thus, the system-under-attack is made available to some of the user community and made unavailable to suspect portions of the user community. Furthermore, the number of entry points where black-holing of VPN traffic occurs can be selected and changed in real-time during a DDoS attack.
Method For Bi-Directional Symmetric Routing In Multi-Homed Networks With Stateful Firewalls
View pageUS Patent:
8139572, Mar 20, 2012
Filed:
Aug 19, 2005
Appl. No.:
11/207973
Inventors:
Rudi Distler - Holmdel NJ, US
Mark N. Evans - Hillsborough NJ, US
Thusitha Jayawardena - Holmdel NJ, US
Mark N. Evans - Hillsborough NJ, US
Thusitha Jayawardena - Holmdel NJ, US
Assignee:
AT & T Intellectual Property II, LP - Atlanta GA
International Classification:
H04L 12/28
US Classification:
370389, 370427
Abstract:
There are provided systems and methods for symmetric bi-directional routing in multi-homed IP networks which includes sending an IP packet having a source address from a first host and substituting the source address with an exterior routing address by a first network address translation gateway or firewall of the first host using conditional substitution. The IP packet, with the exterior routing address, is optionally routed via intermediate networks and firewalls and received by a first gateway or firewall of a second host. The second host responds to the first host along a route which traverses the same set of firewall gateways as the initial IP packet by using the exterior routing address as a destination address. The exterior routing address is converted back to the source address by the first network address translation gateway of the first host.
System And Method For Location, Time-Of-Day, And Quality-Of-Service Based Prioritized Access Control
View pageUS Patent:
8254257, Aug 28, 2012
Filed:
Dec 11, 2009
Appl. No.:
12/636198
Inventors:
Thusitha Jayawardena - Holmdel NJ, US
Gustavo de los Reyes - Fair Haven NJ, US
Gustavo de los Reyes - Fair Haven NJ, US
Assignee:
AT&T Intellectual Property I, LP - Reno NV
International Classification:
G06F 11/00
G06F 15/173
H04L 12/66
H04L 12/56
G06F 15/173
H04L 12/66
H04L 12/56
US Classification:
370235, 370352, 370401, 709223
Abstract:
A priority server for a provider network includes a traffic volume detection module, a traffic analyzer module, and a rules module. The traffic volume detection module receives operational information from the provider network and determines that a host is experiencing a flash event based upon the operational information. The traffic analyzer module determines that the flash event is not a distributed denial of service attack on the host. When it is determined that the flash event is not a distributed denial of service attack, the rules module provides a priority rule to an access router that is coupled to the host. The priority rule is based upon a characteristic of packets routed in the provider network that are associated with the flash event, and the characteristic is determined not solely by information included in the packets.
Methods, Devices, Systems, And Computer Program Products For Edge Driven Communications Network Security Monitoring
View pageUS Patent:
8302189, Oct 30, 2012
Filed:
Nov 30, 2009
Appl. No.:
12/627733
Inventors:
Gustavo de los Reyes - Fair Haven NJ, US
Thusitha Jayawardena - Holmdel NJ, US
Gang Xu - Piscataway NJ, US
Thusitha Jayawardena - Holmdel NJ, US
Gang Xu - Piscataway NJ, US
Assignee:
AT&T Intellectual Property I, L.P. - Reno NV
International Classification:
G06F 21/00
US Classification:
726 22, 713188, 726 24
Abstract:
An edge monitoring approach can be utilized to detect an attack which includes a plurality of relatively low bandwidth attacks, which are aggregated at a victim sub-network. The aggregated low bandwidth attacks can generate a relatively high bandwidth attack including un-solicited data traffic directed to the victim' so that the aggregated attack becomes more detectable at an edge monitor circuit located proximate to the victim. Related systems, devices, and computer program products are also disclosed.
System And Method To Detect And Mitigate Distributed Denial Of Service Attacks Using Random Internet Protocol Hopping
View pageUS Patent:
8566465, Oct 22, 2013
Filed:
Sep 17, 2010
Appl. No.:
12/884976
Inventors:
Gang Xu - Piscataway NJ, US
Gustavo de los Reyes - Fair Haven NJ, US
Thusitha Jayawardena - Holmdel NJ, US
Xiao Pan - Middletown NJ, US
Gustavo de los Reyes - Fair Haven NJ, US
Thusitha Jayawardena - Holmdel NJ, US
Xiao Pan - Middletown NJ, US
Assignee:
AT&T Intellectual Property I, L.P. - Atlanta GA
International Classification:
G06F 15/173
US Classification:
709229, 709226
Abstract:
A method includes sending a first redirect instruction to a first client in response to a first session request received at a service address, and establishing a first session with the first client in response to a second session request received at the first redirect address indicated by the first redirect instruction. Additionally, the method includes determining a first service interval has passed, and sending a second redirect instruction to a second client in response to a third session request received at the service address after the first service interval has passed. The method still further includes establishing a second session with the second client in response to the fourth session request received at the second redirect address indicated by the second redirect instruction after the first service interval has passed, and rejecting the fifth session request received from a third client at the first redirect address after the first service interval has passed.
Method And System For Controlling Physical Components Via A Virtual Environment
View pageUS Patent:
8578287, Nov 5, 2013
Filed:
Dec 22, 2008
Appl. No.:
12/341238
Inventors:
Gustavo De Los Reyes - Fair Haven NJ, US
Sanjay MacWan - Marlboro NJ, US
Gang Xu - Piscataway NJ, US
Howard Shirokmann - Point Pleasant NJ, US
Rachel Rosencrantz - Boulder CO, US
Thusitha Jayawardena - Holmdel NJ, US
Sanjay MacWan - Marlboro NJ, US
Gang Xu - Piscataway NJ, US
Howard Shirokmann - Point Pleasant NJ, US
Rachel Rosencrantz - Boulder CO, US
Thusitha Jayawardena - Holmdel NJ, US
Assignee:
AT & T Intellectual Property, LP. - Atlanta GA
International Classification:
G06F 3/048
US Classification:
715771
Abstract:
A computer readable storage medium storing a set of instructions that are executable by a processor, the set of instructions being operable to store a virtual representation of a plurality of physical components, display the virtual representation, receive user interaction with at least one of the virtual representations and send a command to the physical component corresponding to the user interaction.