32 patents
Utility
System and Method for Classifying Human and Non-human Traffice Using Behaviour Authenticity
11 Jan 24
The method and system for performing a completely automated public Turing test to tell computers and humans apart (CAPTCHA).
Zaid IMAM, Rakesh THATHA, Pavan THATHA
Filed: 8 Jul 22
Utility
Characterization of Illegitimate Web Transactions
7 Dec 23
A device and method for configuring a web application firewall (WAF) based on characterization of web attacks are provided.
Doron SHAVIT, Amnon LOTEM, Orly Stan BENCHETRIT
Filed: 3 Jun 22
Utility
Method and System for Blockchain-based Anti-bot Protection
7 Sep 23
A method for protecting entities against bots is provided.
Alon LELCUK, David AVIV
Filed: 10 May 23
Utility
Hardening of Cloud Security Policies
17 Aug 23
Arrangement for hardening cloud security policies of a cloud computing platform includes analyzing a plurality of permission usage maps, one for each cloud entity of a plurality of cloud entities included in the computing platform to discover at least one hardening gap, wherein each hardening gap is at least a difference between permissions granted and permissions used by one of the cloud entities, wherein each of the permission usage maps represents the permissions granted to a respective one of the cloud entities and the permissions used by that respective at least one of the cloud entities; for each discovered hardening gap, computing a risk score designating a potential risk reduction achieved by addressing the hardening gap; generating at least one hardening recommendation for the at least one hardening gap and its respective computed risk score; and applying the at least one hardening recommendation, thereby hardening the cloud computing platform.
Adi RAFF, Amnon LOTEM, Yaniv AMRAM, Leo REZNIK, Tal HALPERN, Nissim PARIENTE
Filed: 19 Apr 23
Utility
Quantile Regression Analysis Method for Detecting Cyber Attacks
10 Aug 23
A system and method for detecting cyber-attacks using quantile regression analysis are disclosed.
Lev MEDVEDOVSKY, David AVIV
Filed: 5 Apr 23
Utility
Techniques for Generating Signatures Characterizing Advanced Application Layer Flood Attack Tools
13 Jul 23
A method and system for generating dynamic applicative signatures of by application layer flood attack tools are provided.
Ehud DORON, Koral HAHAM, David AVIV
Filed: 19 Dec 22
Utility
Techniques for Protecting Web-browsers Against Cross-site Scripting Exploitation Attacks
6 Jul 23
A method and system for detecting client-side cross-site scripting exploitation attacks according to an embodiment are disclosed.
Alon TAMIR, Amir MARMOR, David AVIV
Filed: 29 Dec 22
Utility
Techniques for Detecting Cyber-attack Scanners
29 Jun 23
A method and system for detecting and mitigation a cyber-attack scanner are provided.
Lev MEDVEDOVSKY, David AVIV
Filed: 28 Dec 21
Utility
Blockchain-based Admission Processes for Protected Entities
5 Jan 23
Arrangements for controlling access to a protected entity include receiving a redirected client request to access the protected entity that includes a public key of the client; granting, in response to the received redirected request, access tokens of a first type to a client using the public key of the client; identifying a conversion transaction identifying a request to convert the first type of access tokens with access tokens of a second type, the transaction designating the protected entity; determining a conversion value for converting the first-type access tokens into second-type access tokens based on at least one access parameter; converting, using the conversion value, a first sum of the first-type access tokens into a second sum of second-type access tokens; and granting the client access to the protected entity when the sum of second-type of access tokens is received as a payment from the protected entity.
Alon LELCUK, David AVIV
Filed: 29 Jul 22
Utility
System and Methods for Malware Detection Using Log Analytics for Channels and Super Channels
20 Oct 22
A method for operating at least one log-analytics detection platform for detecting security threats associated with a client network, comprising: obtaining, via a communication network, log files from a client network, each log file comprising a log record associated with a channel and including an outbound communications log; extracting a channel feature set for said channels from said log files, said channel feature set comprises data pertaining to an associated entity, at least one channel feature being behavior of communication over a channel; aggregating said channel associated features for each of the channels into a data repository; generating a risk factor characterized by an entity score for said least one entity associated with entities of said channels; and blocking of communication for said entity when said risk factory is indicative of said entity being a security threat.
Amnon LOTEM, Doron PERI, Aviv RAFF
Filed: 29 Apr 22
Utility
Method and System for Detecting and Mitigating HTTPS Flood Attacks
15 Sep 22
A method for detecting DoS attacks using an encrypted communication protocol includes estimating traffic telemetries of packets of at least ingress traffic passing over an insecure network that is directed to a protected entity by analyzing TCP headers of the packets, the packets using an encrypted version of a non-encrypted communication protocol, the packets being intended for the protected entity; providing at least one rate-based feature and at least one rate-invariant feature based on the estimated traffic telemetries, wherein the rate-based feature and the rate-invariant feature demonstrate a normal behavior of the traffic; and executing a mitigation action when a potential flood DoS attack using the encrypted communication protocol is detected by an evaluation of each of the at least one rate-based feature and the at least one rate-invariant feature with respect to respective baselines to determine whether the behavior of the ingress traffic indicates a potential flood DoS attack.
Ehud DORON, Lev MEDVEDOVSKY, David AVIV, Eyal RUNDSTEIN, Ronit LUBITCH GREENBERG, Avishay BALDERMAN
Filed: 31 May 22
Utility
Method and System for Blockchain Based Cyber Protection of Network Entities
9 Dec 21
A system and method for controlling authorization to a protected entity are provided.
Alon LELCUK, David AVIV
Filed: 20 Aug 21
Utility
System and Method for Analytics Based Waf Service Configuration
2 Dec 21
A method and system for configuring a web application firewall (WAF) device.
Dekel COHEN
Filed: 26 May 20
Utility
Techniques for Protecting Against Excessive Utilization of Cloud Services
9 Sep 21
An out-of-path defense platform protecting against excessive utilization of a cloud service providing a cloud hosted application comprising a controller communicatively coupled to a detector and a mitigator; wherein the detector receives telemetries from sources that are configured to collect telemetries related to the traffic between end user devices and an edge network that distributes traffic for the cloud hosted application, the telemetries being out-of-path information for traffic to and from the cloud-hosted application, wherein a portion of the telemetries relate to operation of a portion of a cloud computing platform hosting the cloud-hosted application, and detects, using the collected telemetries and a learned normal utilization behavior of each cloud service for the cloud-hosted application, excessive utilization of a cloud service by the cloud hosted application; and wherein the controller, upon detection of the excessive utilization, causes mitigation, by the mitigator, of the excessive utilization of each cloud service.
Ehud DORON, Nir ILANI, David AVIV, Yotam BEN EZRA, Amit BISMUT
Filed: 15 Mar 21
Utility
Techniques for Disaggregated Detection and Mitigation of Distributed Denial-of-service Attacks
22 Jul 21
A system, and method therefor for disaggregated detection denial-of-service (DDoS) are provided.
David AVIV, Doron SHAVIT, Benny ROCHWERGER
Filed: 30 Dec 20
Utility
System and Method for Automatic Waf Service Configuration
1 Jul 21
A method and system for continuously configuring a web application firewall (WAF) are provided.
Vladimir SHALIKASHVILI, Dekel COHEN, Ayelet SHOMER
Filed: 30 Dec 19
Utility
Baselining Techniques for Detecting Anomalous HTTPS Traffic Behavior
24 Jun 21
A system and method for detecting anomalous hypertext transfer protocol secure (HTTPS) traffic are provided.
Lev MEDVEDOVSKY, David AVIV, Ehud DORON
Filed: 19 Dec 19
Utility
System and Method for Analytics Based Waf Service Configuration
24 Jun 21
A system and method for configuring a web application firewall (WAF) is provided.
Ayelet SHOMER, Dekel COHEN, Vladimir SHALIKASHVILI
Filed: 17 Dec 20
Utility
Blockchain-based Admission Processes for Protected Entities
20 May 21
A method and system for controlling access to a protected entity.
Alon Lelcuk, David Aviv
Filed: 23 Dec 20
Utility
DETECTION AND MITIGATION OF SLOW APPLICATION LAYER DDoS ATTACKS
20 May 21
A method and system for protecting cloud-hosted applications against application-layer slow DDoS attacks are provided.
Ehud DORON, Nir ILANI, David AVIV, Yotam BEN EZRA, Amit BISMUT, Yuriy ARBITMAN
Filed: 23 Dec 20