46 patents
Utility
System and methods for malware detection using log analytics for channels and super channels
10 Oct 23
A method for operating at least one log-analytics detection platform for detecting security threats associated with a client network, comprising: obtaining, via a communication network, log files from a client network, each log file comprising a log record associated with a channel and including an outbound communications log; extracting a channel feature set for said channels from said log files, said channel feature set comprises data pertaining to an associated entity, at least one channel feature being behavior of communication over a channel; aggregating said channel associated features for each of the channels into a data repository; generating a risk factor characterized by an entity score for said least one entity associated with entities of said channels; and blocking of communication for said entity when said risk factory is indicative of said entity being a security threat.
Amnon Lotem, Doron Peri, Aviv Raff
Filed: 29 Apr 22
Utility
Method and system for detecting and mitigating HTTPS flood attacks
5 Sep 23
A method for detecting DoS attacks using an encrypted communication protocol includes estimating traffic telemetries of packets of at least ingress traffic passing over an insecure network that is directed to a protected entity by analyzing TCP headers of the packets, the packets using an encrypted version of a non-encrypted communication protocol, the packets being intended for the protected entity; providing at least one rate-based feature and at least one rate-invariant feature based on the estimated traffic telemetries, wherein the rate-based feature and the rate-invariant feature demonstrate a normal behavior of the traffic; and executing a mitigation action when a potential flood DoS attack using the encrypted communication protocol is detected by an evaluation of each of the at least one rate-based feature and the at least one rate-invariant feature with respect to respective baselines to determine whether the behavior of the ingress traffic indicates a potential flood DoS attack.
Ehud Doron, Lev Medvedovsky, David Aviv, Eyal Rundstein, Ronit Lubitch Greenberg, Avishay Balderman
Filed: 31 May 22
Utility
System and method for automatic WAF service configuration
30 May 23
A method and system for continuously configuring a web application firewall (WAF) are provided.
Vladimir Shalikashvili, Dekel Cohen, Ayelet Shomer
Filed: 30 Dec 19
Utility
Quantile regression analysis method for detecting cyber attacks
16 May 23
A system and method for detecting cyber-attacks using quantile regression analysis are disclosed.
Lev Medvedovsky, David Aviv
Filed: 31 Dec 20
Utility
Hardening of cloud security policies
25 Apr 23
A method and system for hardening cloud security policies of a cloud computing platform are presented.
Adi Raff, Amnon Lotem, Yaniv Amram, Leo Reznik, Tal Halpern, Nissim Pariente
Filed: 3 Jun 19
Utility
System and method for out of path DDoS attack detection
18 Apr 23
A system and method for out-of-path detection of cyber-attacks are provided.
Ehud Doron, Yotam Ben Ezra, David Aviv
Filed: 6 Dec 18
Utility
System and method for detecting bots using semi-supervised deep learning techniques
11 Apr 23
A system of method of detecting bots are presented.
Harisankar Haridas, Mohit Rajput, Rakesh Thatha, Sonal Lalchand Oswal, Neeraj Kumar Gupta
Filed: 18 Sep 19
Utility
Techniques for reducing the time to mitigate of DDoS attacks
14 Mar 23
A system and method for reducing a time to mitigate distributed denial of service (DDoS) attacks are provided.
Ehud Doron, Yotam Ben Ezra, David Aviv
Filed: 20 Dec 18
Utility
Characterization of HTTP flood DDoS attacks
14 Feb 23
A method and system for characterizing application layer flood denial-of-service (DDoS) attacks are provided.
Ehud Doron, Koral Haham, David Aviv
Filed: 23 Nov 21
Utility
Detection and mitigation DDoS attacks performed over QUIC communication protocol
24 Jan 23
A method and system for protecting against quick UDP Internet connection (QUIC) based denial-of-service (DDoS) attacks.
Ehud Doron, David Aviv, Eyal Rundstein, Lev Medvedovsky
Filed: 31 Dec 19
Utility
Techniques for generating signatures characterizing advanced application layer flood attack tools
10 Jan 23
A method and system for characterizing application layer flood denial-of-service (DDoS) attacks carried by advanced application layer flood attack tools.
Ehud Doron, Koral Haham, David Aviv
Filed: 23 Nov 21
Utility
Detection and mitigation of flood type DDoS attacks against cloud-hosted applications
27 Dec 22
A system and method for protecting cloud-hosted applications against hypertext transfer protocol (HTTP) flood distributed denial-of-service (DDoS) attacks are provided.
Ehud Doron, Nir Ilani, David Aviv, Yotam Ben Ezra, Amit Bismut, Yuriy Arbitman
Filed: 24 Aug 17
Utility
Baselining techniques for detecting anomalous HTTPS traffic behavior
15 Nov 22
A system and method for detecting anomalous hypertext transfer protocol secure (HTTPS) traffic are provided.
Lev Medvedovsky, David Aviv, Ehud Doron
Filed: 19 Dec 19
Utility
System and method for attack sequence matching
25 Oct 22
A method and system for matching event sequences for predictive detection of cyber-attacks are discussed.
Yotam Ben Ezra, Mor Krispil
Filed: 29 Jul 20
Utility
System and method to detect and block bot traffic
20 Sep 22
A system and method for bot detection utilizing storage variables are presented.
Rakesh Thatha, Jyoti Kakatkar
Filed: 26 Mar 19
Utility
Blockchain-based admission processes for protected entities
6 Sep 22
A method and system for controlling access to a protected entity.
Alon Lelcuk, David Aviv
Filed: 23 Dec 20
Utility
System and method for analytics based WAF service configuration
23 Aug 22
A method and system for configuring a web application firewall (WAF) device.
Dekel Cohen
Filed: 26 May 20
Utility
Distributed denial of service (DDoS) defense techniques for applications hosted in cloud computing platforms
2 Aug 22
A defense platform for protecting a cloud-hosted application against distributed denial-of-services (DDoS) attacks, wherein the defense platform is deployed out-of-path of incoming traffic of the cloud-hosted application hosted in a plurality of cloud computing platforms, comprising: a detector; a mitigator; and a controller communicatively connected to the detector and the mitigator; wherein the detector is configured to: receive telemetries related to behavior of the cloud-hosted application from sources deployed in the plurality of cloud computing platforms; and detect, based on the telemetries, a potential DDoS attack; wherein, the controller, upon detection of a potential DDoS attack, is configured to: divert traffic directed to the cloud-hosted application to the mitigator; cause the mitigator to perform at least one mitigation action to remove malicious traffic from the diverted traffic; and cause injection of clean traffic to at least one of the plurality of cloud computing platforms hosting the cloud-hosted application.
Ehud Doron, Nir Ilani, David Aviv, Yotam Ben Ezra, Amit Bismut
Filed: 28 Feb 18
Utility
System and method for stateless distribution of bidirectional flows with network address translation
19 Jul 22
A method for stateless distribution of bidirectional flows with network address translation (NAT) comprises: determining an original source port for a first packet of a front-end received from a client device, wherein the original source port is associated with a processing core; selecting a new source port for a back-end flow, wherein the new source port is selected such that the back-end flow is returned to the processing core of the front-end flow; replacing the original source port with the new source port; and transmitting the incoming flow to a destination server.
Shy Marom
Filed: 30 Sep 15
Utility
System and method for providing insights on distributed denial of service attacks
5 Jul 22
A system and method for generating insights on distributed denial of service (DDoS) attacks are provided.
Ehud Doron, Yotam Ben Ezra, David Aviv
Filed: 11 Dec 18