78 patents
Utility
System and Method for Classifying Human and Non-human Traffice Using Behaviour Authenticity
11 Jan 24
The method and system for performing a completely automated public Turing test to tell computers and humans apart (CAPTCHA).
Zaid IMAM, Rakesh THATHA, Pavan THATHA
Filed: 8 Jul 22
Utility
Characterization of Illegitimate Web Transactions
7 Dec 23
A device and method for configuring a web application firewall (WAF) based on characterization of web attacks are provided.
Doron SHAVIT, Amnon LOTEM, Orly Stan BENCHETRIT
Filed: 3 Jun 22
Utility
System and methods for malware detection using log analytics for channels and super channels
10 Oct 23
A method for operating at least one log-analytics detection platform for detecting security threats associated with a client network, comprising: obtaining, via a communication network, log files from a client network, each log file comprising a log record associated with a channel and including an outbound communications log; extracting a channel feature set for said channels from said log files, said channel feature set comprises data pertaining to an associated entity, at least one channel feature being behavior of communication over a channel; aggregating said channel associated features for each of the channels into a data repository; generating a risk factor characterized by an entity score for said least one entity associated with entities of said channels; and blocking of communication for said entity when said risk factory is indicative of said entity being a security threat.
Amnon Lotem, Doron Peri, Aviv Raff
Filed: 29 Apr 22
Utility
Method and System for Blockchain-based Anti-bot Protection
7 Sep 23
A method for protecting entities against bots is provided.
Alon LELCUK, David AVIV
Filed: 10 May 23
Utility
Method and system for detecting and mitigating HTTPS flood attacks
5 Sep 23
A method for detecting DoS attacks using an encrypted communication protocol includes estimating traffic telemetries of packets of at least ingress traffic passing over an insecure network that is directed to a protected entity by analyzing TCP headers of the packets, the packets using an encrypted version of a non-encrypted communication protocol, the packets being intended for the protected entity; providing at least one rate-based feature and at least one rate-invariant feature based on the estimated traffic telemetries, wherein the rate-based feature and the rate-invariant feature demonstrate a normal behavior of the traffic; and executing a mitigation action when a potential flood DoS attack using the encrypted communication protocol is detected by an evaluation of each of the at least one rate-based feature and the at least one rate-invariant feature with respect to respective baselines to determine whether the behavior of the ingress traffic indicates a potential flood DoS attack.
Ehud Doron, Lev Medvedovsky, David Aviv, Eyal Rundstein, Ronit Lubitch Greenberg, Avishay Balderman
Filed: 31 May 22
Utility
Hardening of Cloud Security Policies
17 Aug 23
Arrangement for hardening cloud security policies of a cloud computing platform includes analyzing a plurality of permission usage maps, one for each cloud entity of a plurality of cloud entities included in the computing platform to discover at least one hardening gap, wherein each hardening gap is at least a difference between permissions granted and permissions used by one of the cloud entities, wherein each of the permission usage maps represents the permissions granted to a respective one of the cloud entities and the permissions used by that respective at least one of the cloud entities; for each discovered hardening gap, computing a risk score designating a potential risk reduction achieved by addressing the hardening gap; generating at least one hardening recommendation for the at least one hardening gap and its respective computed risk score; and applying the at least one hardening recommendation, thereby hardening the cloud computing platform.
Adi RAFF, Amnon LOTEM, Yaniv AMRAM, Leo REZNIK, Tal HALPERN, Nissim PARIENTE
Filed: 19 Apr 23
Utility
Quantile Regression Analysis Method for Detecting Cyber Attacks
10 Aug 23
A system and method for detecting cyber-attacks using quantile regression analysis are disclosed.
Lev MEDVEDOVSKY, David AVIV
Filed: 5 Apr 23
Utility
Techniques for Generating Signatures Characterizing Advanced Application Layer Flood Attack Tools
13 Jul 23
A method and system for generating dynamic applicative signatures of by application layer flood attack tools are provided.
Ehud DORON, Koral HAHAM, David AVIV
Filed: 19 Dec 22
Utility
Techniques for Protecting Web-browsers Against Cross-site Scripting Exploitation Attacks
6 Jul 23
A method and system for detecting client-side cross-site scripting exploitation attacks according to an embodiment are disclosed.
Alon TAMIR, Amir MARMOR, David AVIV
Filed: 29 Dec 22
Utility
Techniques for Detecting Cyber-attack Scanners
29 Jun 23
A method and system for detecting and mitigation a cyber-attack scanner are provided.
Lev MEDVEDOVSKY, David AVIV
Filed: 28 Dec 21
Utility
System and method for automatic WAF service configuration
30 May 23
A method and system for continuously configuring a web application firewall (WAF) are provided.
Vladimir Shalikashvili, Dekel Cohen, Ayelet Shomer
Filed: 30 Dec 19
Utility
Quantile regression analysis method for detecting cyber attacks
16 May 23
A system and method for detecting cyber-attacks using quantile regression analysis are disclosed.
Lev Medvedovsky, David Aviv
Filed: 31 Dec 20
Utility
Hardening of cloud security policies
25 Apr 23
A method and system for hardening cloud security policies of a cloud computing platform are presented.
Adi Raff, Amnon Lotem, Yaniv Amram, Leo Reznik, Tal Halpern, Nissim Pariente
Filed: 3 Jun 19
Utility
System and method for out of path DDoS attack detection
18 Apr 23
A system and method for out-of-path detection of cyber-attacks are provided.
Ehud Doron, Yotam Ben Ezra, David Aviv
Filed: 6 Dec 18
Utility
System and method for detecting bots using semi-supervised deep learning techniques
11 Apr 23
A system of method of detecting bots are presented.
Harisankar Haridas, Mohit Rajput, Rakesh Thatha, Sonal Lalchand Oswal, Neeraj Kumar Gupta
Filed: 18 Sep 19
Utility
Techniques for reducing the time to mitigate of DDoS attacks
14 Mar 23
A system and method for reducing a time to mitigate distributed denial of service (DDoS) attacks are provided.
Ehud Doron, Yotam Ben Ezra, David Aviv
Filed: 20 Dec 18
Utility
Characterization of HTTP flood DDoS attacks
14 Feb 23
A method and system for characterizing application layer flood denial-of-service (DDoS) attacks are provided.
Ehud Doron, Koral Haham, David Aviv
Filed: 23 Nov 21
Utility
Detection and mitigation DDoS attacks performed over QUIC communication protocol
24 Jan 23
A method and system for protecting against quick UDP Internet connection (QUIC) based denial-of-service (DDoS) attacks.
Ehud Doron, David Aviv, Eyal Rundstein, Lev Medvedovsky
Filed: 31 Dec 19
Utility
Techniques for generating signatures characterizing advanced application layer flood attack tools
10 Jan 23
A method and system for characterizing application layer flood denial-of-service (DDoS) attacks carried by advanced application layer flood attack tools.
Ehud Doron, Koral Haham, David Aviv
Filed: 23 Nov 21
Utility
Blockchain-based Admission Processes for Protected Entities
5 Jan 23
Arrangements for controlling access to a protected entity include receiving a redirected client request to access the protected entity that includes a public key of the client; granting, in response to the received redirected request, access tokens of a first type to a client using the public key of the client; identifying a conversion transaction identifying a request to convert the first type of access tokens with access tokens of a second type, the transaction designating the protected entity; determining a conversion value for converting the first-type access tokens into second-type access tokens based on at least one access parameter; converting, using the conversion value, a first sum of the first-type access tokens into a second sum of second-type access tokens; and granting the client access to the protected entity when the sum of second-type of access tokens is received as a payment from the protected entity.
Alon LELCUK, David AVIV
Filed: 29 Jul 22