Patents by Inventor Ayman Jarrous
Ayman Jarrous has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11295013Abstract: An apparatus, a computer program product and a method for dimensionality reduction comprising: obtaining a set of Application Programming Interface (API) functions of a system invocable by a program, and a set of artifacts. Each artifact is associated with at least one API function and indicative of a functionality thereof. The method further comprising: clustering the API functions based on an analysis of the artifacts to create a set of clusters smaller than the set of API functions, such that each cluster comprises API functions having a similar functionality; and performing a dimensionality reduction to a feature vector using the set of clusters.Type: GrantFiled: December 11, 2017Date of Patent: April 5, 2022Assignee: International Business Machines CorporationInventors: Fady Copty, Ayman Jarrous, Tamer Salman, Maksim Shudrak
-
Patent number: 10798075Abstract: A system, an apparatus, a computer program product and a method for obfuscation-based security and authentication. The method comprises: obtaining a different key for each different device; obfuscating an interface layer utilized by components of the device to interact, using the key, to produce an obfuscated interface layer; and providing, directly or indirectly, the two components with the key to allow the two components to utilize the obfuscated interface layer to interact with each other. The system comprises a plurality of devices that are instances of a same device and a server coupled to a memory retaining a plurality of keys, each of which is used to obfuscate interface layers of a different device to produce heterogeneous set of devices instead of a homogenous set of devices. Communications and operations with the plurality of devices are performed in an obfuscated manner through the server.Type: GrantFiled: January 29, 2018Date of Patent: October 6, 2020Assignee: International Business Machines CorporationInventors: Fady Copty, Ayman Jarrous, Ronen Levy, Sharon Keidar Barner
-
Patent number: 10762199Abstract: A method, computer program product, and computer system are provided. A processor receives an executable file for execution by an operating system, where the executable file includes a plurality of sections in a first order. A processor determines a second order that indicates a loading order for the plurality of sections, where the second order is distinct from the first order. A processor loads the plurality of sections of the executable file into a plurality of locations in memory of a device based on the second order. A processor resolves one or more memory references for the plurality of sections based on the plurality of locations in memory. A processor executes the plurality of sections of the executable file in the plurality of locations in memory.Type: GrantFiled: May 9, 2018Date of Patent: September 1, 2020Assignee: International Business Machines CorporationInventors: Ayman Jarrous, Dov Murik, Omer-Yehuda Boehm, Nitzan Peleg
-
Patent number: 10742642Abstract: In some examples, a system for authenticating users can include a processor to train a first predictive application based on a first set of user engagements with advertisements, wherein the first predictive application is associated with a first advertising identifier. The processor can also train a second predictive application based on a second set of user engagements with the advertisements, wherein the second predictive application is associated with a second advertising identifier. Additionally, the processor can compare the first predictive application and the second predictive application and authenticate a user in response to detecting a similarity of the first predictive application and the second predictive application is below a threshold value, wherein authenticating the user enables the user to access a resource or service.Type: GrantFiled: October 25, 2018Date of Patent: August 11, 2020Assignee: International Business Machines CorporationInventors: Ayelet Avni, Fady Copty, Ayman Jarrous, Sharon Keidar-Barner, Shiri Lemel
-
Patent number: 10599330Abstract: Challenging a current user of a computing device by measuring characteristics of user actions sensed by a computing device, determining that the measurements meet a uniqueness condition with respect to corresponding measurements in a comparison set of actions, recording the user actions and their measurements in a set of challenge actions associated with an authorized user, and responsive to a challenge requirement to determine whether a current user of the computing device is the authorized user, selecting challenge actions associated with an authorized user, prompting the current user to perform the selected challenge actions that are then sensed by the computing device, measuring characteristics of the prompted actions, and determining that the measurements of the characteristics of the prompted actions meet a similarity condition with respect to measurements of corresponding characteristics of the selected challenge actions.Type: GrantFiled: September 23, 2018Date of Patent: March 24, 2020Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Ayman Jarrous, Alexandra Shulman-Peleg, Eitan Menahem
-
Publication number: 20190294326Abstract: Challenging a current user of a computing device by measuring characteristics of user actions sensed by a computing device, determining that the measurements meet a uniqueness condition with respect to corresponding measurements in a comparison set of actions, recording the user actions and their measurements in a set of challenge actions associated with an authorized user, and responsive to a challenge requirement to determine whether a current user of the computing device is the authorized user, selecting challenge actions associated with an authorized user, prompting the current user to perform the selected challenge actions that are then sensed by the computing device, measuring characteristics of the prompted actions, and determining that the measurements of the characteristics of the prompted actions meet a similarity condition with respect to measurements of corresponding characteristics of the selected challenge actions.Type: ApplicationFiled: September 23, 2018Publication date: September 26, 2019Inventors: AYMAN JARROUS, ALEXANDRA SHULMAN-PELEG, EITAN MENAHEM
-
Patent number: 10417412Abstract: A method, computer product and computerized system, the method comprising: obtaining computer code, wherein the computer code is comprised of code blocks arranged in a first order and providing a functionality, wherein each code block of the code blocks comprises one or more program instructions; determining, by a processor, one or more constraints on reordering the code blocks in a second order, such that a second computer code comprising the code blocks arranged in the second order, when executed, provides the functionality; and providing the constraints to an automatic solver for determining the second order.Type: GrantFiled: February 15, 2017Date of Patent: September 17, 2019Assignee: International Business Machines CorporationInventors: Fady Copty, Ayman Jarrous, Tamer Salman
-
Patent number: 10387655Abstract: A method, apparatus and product for using a predictive model to predict if inputs reach a vulnerability of a program. Given a sample input, which when provided to a program being executed, is configured to cause execution of the program to reach a vulnerability, a set of variant inputs and labels thereof is generated based on the sample input and execution of the program with each variant input. A predictive model is trained based on the set of variant inputs and labels thereof, and provided to an input analysis platform configured to analyze an input; whereby the input analysis platform is enabled to predict whether an input would cause the program to reach the vulnerability prior to executing the program with the input and perform a responsive action accordingly.Type: GrantFiled: February 15, 2017Date of Patent: August 20, 2019Assignee: International Business Machines CorporationInventors: Fady Copty, Ayman Jarrous, Sharon Keidar-Barner, Tamer Salman
-
Publication number: 20190238524Abstract: A system, an apparatus, a computer program product and a method for obfuscation-based security and authentication. The method comprises: obtaining a different key for each different device; obfuscating an interface layer utilized by components of the device to interact, using the key, to produce an obfuscated interface layer; and providing, directly or indirectly, the two components with the key to allow the two components to utilize the obfuscated interface layer to interact with each other. The system comprises a plurality of devices that are instances of a same device and a server coupled to a memory retaining a plurality of keys, each of which is used to obfuscate interface layers of a different device to produce heterogeneous set of devices instead of a homogenous set of devices. Communications and operations with the plurality of devices are performed in an obfuscated manner through the server.Type: ApplicationFiled: January 29, 2018Publication date: August 1, 2019Inventors: Fady Copty, Ayman Jarrous, Ronen Levy, Sharon Keidar Barner
-
Patent number: 10360402Abstract: An example system includes a processor to receive hashed sensitive data including attributes, a hashing function, and text classifiers. The processor is to also monitor a user interface and detect an input text or an output text. The processor is to further scan the detected input text or the detected output text to detect a candidate based on the text classifiers. The processor is also to hash the detected candidate using the hashing function to generate a hashed candidate. The processor is to match the hashed candidate with hashed sensitive data. The processor is to also further extract an attribute from the matched hashed sensitive data. The processor is to intercept the output text based at least on the extracted attribute.Type: GrantFiled: November 15, 2016Date of Patent: July 23, 2019Assignee: International Business Machines CorporationInventors: Ariel Farkash, Ayman Jarrous, Micha Moffie, Gal Peretz, Tamer Salman
-
Publication number: 20190180029Abstract: An apparatus, a computer program product and a method for dimensionality reduction comprising: obtaining a set of Application Programming Interface (API) functions of a system invocable by a program, and a set of artifacts. Each artifact is associated with at least one API function and indicative of a functionality thereof. The method further comprising: clustering the API functions based on an analysis of the artifacts to create a set of clusters smaller than the set of API functions, such that each cluster comprises API functions having a similar functionality; and performing a dimensionality reduction to a feature vector using the set of clusters.Type: ApplicationFiled: December 11, 2017Publication date: June 13, 2019Inventors: Fady Copty, Ayman Jarrous, Tamer Salman, Maksim Shudrak
-
Publication number: 20190132306Abstract: In some examples, a system for authenticating users can include a processor to train a first predictive application based on a first set of user engagements with advertisements, wherein the first predictive application is associated with a first advertising identifier. The processor can also train a second predictive application based on a second set of user engagements with the advertisements, wherein the second predictive application is associated with a second advertising identifier. Additionally, the processor can compare the first predictive application and the second predictive application and authenticate a user in response to detecting a similarity of the first predictive application and the second predictive application is below a threshold value, wherein authenticating the user enables the user to access a resource or service.Type: ApplicationFiled: October 25, 2018Publication date: May 2, 2019Inventors: Ayelet Avni, Fady Copty, Ayman Jarrous, Sharon Keidar-Barner, Shiri Lemel
-
Patent number: 10223527Abstract: A method, computer product and computerized system, the method comprising: receiving computer code to be protected, wherein the computer code comprising of code blocks arranged consecutively; modifying the computer code, whereby a modified computer code is created, wherein said modifying comprises: introducing a padding area inbetween every two code blocks, wherein each padding area comprises one or more computer instructions; and storing the modified computer code in a computer readable medium.Type: GrantFiled: September 20, 2016Date of Patent: March 5, 2019Assignee: International Business Machines CorporationInventors: Eitan Farchi, Ayman Jarrous, Tamer Salman
-
Patent number: 10082954Abstract: Challenging a current user of a computing device by measuring characteristics of user actions sensed by a computing device, determining that the measurements meet a uniqueness condition with respect to corresponding measurements in a comparison set of actions, recording the user actions and their measurements in a set of challenge actions associated with an authorized user, and responsive to a challenge requirement to determine whether a current user of the computing device is the authorized user, selecting challenge actions associated with an authorized user, prompting the current user to perform the selected challenge actions that are then sensed by the computing device, measuring characteristics of the prompted actions, and determining that the measurements of the characteristics of the prompted actions meet a similarity condition with respect to measurements of corresponding characteristics of the selected challenge actions.Type: GrantFiled: September 4, 2015Date of Patent: September 25, 2018Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Ayman Jarrous, Alexandra Shulman-Peleg, Eitan Menahem
-
Publication number: 20180260559Abstract: A method, computer program product, and computer system are provided. A processor receives an executable file for execution by an operating system, where the executable file includes a plurality of sections in a first order. A processor determines a second order that indicates a loading order for the plurality of sections, where the second order is distinct from the first order. A processor loads the plurality of sections of the executable file into a plurality of locations in memory of a device based on the second order. A processor resolves one or more memory references for the plurality of sections based on the plurality of locations in memory. A processor executes the plurality of sections of the executable file in the plurality of locations in memory.Type: ApplicationFiled: May 9, 2018Publication date: September 13, 2018Inventors: AYMAN JARROUS, Dov Murik, Omer-Yehuda Boehm, Nitzan Peleg
-
Publication number: 20180232523Abstract: A method, apparatus and product for using a predictive model to predict if inputs reach a vulnerability of a program. Given a sample input, which when provided to a program being executed, is configured to cause execution of the program to reach a vulnerability, a set of variant inputs and labels thereof is generated based on the sample input and execution of the program with each variant input. A predictive model is trained based on the set of variant inputs and labels thereof, and provided to an input analysis platform configured to analyze an input; whereby the input analysis platform is enabled to predict whether an input would cause the program to reach the vulnerability prior to executing the program with the input and perform a responsive action accordingly.Type: ApplicationFiled: February 15, 2017Publication date: August 16, 2018Inventors: Fady Copty, Ayman Jarrous, Sharon Keidar-Barner, Tamer Salman
-
Publication number: 20180232518Abstract: A method, computer product and computerized system, the method comprising: obtaining computer code, wherein the computer code is comprised of code blocks arranged in a first order and providing a functionality, wherein each code block of the code blocks comprises one or more program instructions; determining, by a processor, one or more constraints on reordering the code blocks in a second order, such that a second computer code comprising the code blocks arranged in the second order, when executed, provides the functionality; and providing the constraints to an automatic solver for determining the second order.Type: ApplicationFiled: February 15, 2017Publication date: August 16, 2018Inventors: FADY COPTY, Ayman Jarrous, Tamer Salman
-
Patent number: 9984247Abstract: Accessing a password-secured computer software application by acquiring an input password, generating at a first computer an output password from the input password using password generation data, where the output password differs from the input password, and providing the output password to a second computer as part of a request to access a password-secured computer software application using the output password, where the password-secured computer software application is accessible using the output password, and where the password-secured computer software application is inaccessible using the input password.Type: GrantFiled: November 19, 2015Date of Patent: May 29, 2018Assignee: International Business Machines CorporationInventors: Ariel Farkash, Ayman Jarrous, Micha Moffie
-
Publication number: 20180137303Abstract: An example system includes a processor to receive hashed sensitive data including attributes, a hashing function, and text classifiers. The processor is to also monitor a user interface and detect an input text or an output text. The processor is to further scan the detected input text or the detected output text to detect a candidate based on the text classifiers. The processor is also to hash the detected candidate using the hashing function to generate a hashed candidate. The processor is to match the hashed candidate with hashed sensitive data. The processor is to also further extract an attribute from the matched hashed sensitive data. The processor is to intercept the output text based at least on the extracted attribute.Type: ApplicationFiled: November 15, 2016Publication date: May 17, 2018Inventors: ARIEL FARKASH, AYMAN JARROUS, MICHA MOFFIE, GAL PERETZ, TAMER SALMAN
-
Publication number: 20180082056Abstract: A method, computer product and computerized system, the method comprising: receiving computer code to be protected, wherein the computer code comprising of code blocks arranged consecutively; modifying the computer code, whereby a modified computer code is created, wherein said modifying comprises: introducing a padding area inbetween every two code blocks, wherein each padding area comprises one or more computer instructions; and storing the modified computer code in a computer readable medium.Type: ApplicationFiled: September 20, 2016Publication date: March 22, 2018Inventors: Eitan Farchi, Ayman Jarrous, Tamer Saiman