Patents by Inventor Benyamin HIRSCHBERG
Benyamin HIRSCHBERG has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11595201Abstract: Systems and methods of generating a software module, including: receiving a cryptographic key identification (ID) and a cryptographic operation type from at least one executable program, generating a software module configured to perform the cryptographic operation with a cryptographic key, sending the software module to the at least one executable program, and performing the operation having the cryptographic operation type with the software module, wherein the software module is generated based on at least one of: a transformation of the cryptographic key corresponding to the received cryptographic key ID, and the received cryptographic operation.Type: GrantFiled: February 21, 2020Date of Patent: February 28, 2023Assignee: CYBER ARMOR LTD.Inventors: Benyamin Hirschberg, Leonid Sandler
-
Patent number: 11139983Abstract: Systems and methods of verifying runtime integrity with a trusted execution environment (TEE) may include generating, by a processor in communication with the TEE, a secure communication channel between the TEE and at least one executable program attempting to communicate with the TEE, providing, by the processor, a moving target defense (MTD) module to the at least one executable program via the generated secure communication channel, wherein the MTD module comprises disposable polymorphic code, sending over the secured communication channel, by the processor: data, received from the at least one executable program, and a transformed runtime digest of the at least one executable program, and allowing, by the processor, communication with the TEE when the validity of the transformed runtime digest of the corresponding at least one executable program is verified.Type: GrantFiled: July 11, 2019Date of Patent: October 5, 2021Assignee: CYBER ARMOR LTD.Inventors: Leonid Sandler, Benyamin Hirschberg
-
Publication number: 20210266158Abstract: Systems and methods of generating a software module, including: receiving a cryptographic key identification (ID) and a cryptographic operation type from at least one executable program, generating a software module configured to perform the cryptographic operation with a cryptographic key, sending the software module to the at least one executable program, and performing the operation having the cryptographic operation type with the software module, wherein the software module is generated based on at least one of: a transformation of the cryptographic key corresponding to the received cryptographic key ID, and the received cryptographic operation.Type: ApplicationFiled: February 21, 2020Publication date: August 26, 2021Applicant: CYBER ARMOR LTD.Inventors: Benyamin HIRSCHBERG, Leonid SANDLER
-
Publication number: 20210014068Abstract: Systems and methods of verifying runtime integrity with a trusted execution environment (TEE) may include generating, by a processor in communication with the TEE, a secure communication channel between the TEE and at least one executable program attempting to communicate with the TEE, providing, by the processor, a moving target defense (MTD) module to the at least one executable program via the generated secure communication channel, wherein the MTD module comprises disposable polymorphic code, sending over the secured communication channel, by the processor: data, received from the at least one executable program, and a transformed runtime digest of the at least one executable program, and allowing, by the processor, communication with the TEE when the validity of the transformed runtime digest of the corresponding at least one executable program is verified.Type: ApplicationFiled: July 11, 2019Publication date: January 14, 2021Applicant: CYBER ARMOR LTD.Inventors: Leonid SANDLER, Benyamin HIRSCHBERG
-
Patent number: 10547447Abstract: In one embodiment, a first apparatus includes a processor and an interface, wherein the interface is operative to receive a request from a second apparatus to commence a keyed-hash message authentication code (HMAC) computation, the processor is operative to perform a first computation computing a first part of the HMAC computation using a secret key K as input yielding a first value, the interface is operative to send the first value to the second apparatus, the interface is operative to receive a second value from the second apparatus, the second value resulting from the second apparatus processing the first value with at least part of a message M, the processor is operative to perform a second computation based on the second value and the secret key K yielding an HMAC value, and the interface is operative to send the HMAC value to the second apparatus.Type: GrantFiled: September 4, 2017Date of Patent: January 28, 2020Assignee: Cisco Technology, Inc.Inventors: Benyamin Hirschberg, Yaron Sella, Gilad Taub
-
Patent number: 10540509Abstract: In one embodiment, a method for protecting a file is implemented on a computing device and includes: intercepting a file-access request from an application-process for the file; searching a whitelist for a whitelist entry associated with the application-process and a file-type for the file, where the whitelist entry indicates that the application-process is allowed to access files of the file-type, and upon determining according to the searching that the application-process is allowed to perform the file-access request, allowing the application-process to access the file according to the file-access request.Type: GrantFiled: June 8, 2017Date of Patent: January 21, 2020Assignee: Cisco Technology, Inc.Inventors: Oded Ashkenazi, Moshe Kravchik, Arie Haenel, Benyamin Hirschberg
-
Patent number: 10387648Abstract: In one embodiment, a system includes a central processing unit (CPU) to identify a ransomware process which encrypted a plurality of files yielding a plurality of encrypted files, in response to identifying the ransomware process, dump a memory space and a state of the CPU yielding a memory dump, and search the memory dump for a plurality of candidate encryption keys, and a decryption engine to attempt to decrypt at least one encrypted file of the plurality of encrypted files with different candidate encryption keys of the plurality of candidate encryption keys until the at least one encrypted file is successfully decrypted with one candidate encryption key of the different candidate encryption keys, and decrypt the plurality of encrypted files using the one candidate encryption key. Related apparatus and methods are also described.Type: GrantFiled: October 26, 2016Date of Patent: August 20, 2019Assignee: Cisco Technology, Inc.Inventors: Benyamin Hirschberg, Moshe Kravchik, Arie Haenel, Hillel Solow
-
Publication number: 20180357416Abstract: In one embodiment, a method for protecting a file is implemented on a computing device and includes: intercepting a file-access request from an application-process for the file; searching a whitelist for a whitelist entry associated with the application-process and a file-type for the file, where the whitelist entry indicates that the application-process is allowed to access files of the file-type, and upon determining according to the searching that the application-process is allowed to perform the file-access request, allowing the application-process to access the file according to the file-access request.Type: ApplicationFiled: June 8, 2017Publication date: December 13, 2018Inventors: Oded ASHKENAZI, Moshe Kravchik, Arie Haenel, Benyamin Hirschberg
-
Publication number: 20180241550Abstract: In one embodiment, a first apparatus includes a processor and an interface, wherein the interface is operative to receive a request from a second apparatus to commence a keyed-hash message authentication code (HMAC) computation, the processor is operative to perform a first computation computing a first part of the HMAC computation using a secret key K as input yielding a first value, the interface is operative to send the first value to the second apparatus, the interface is operative to receive a second value from the second apparatus, the second value resulting from the second apparatus processing the first value with at least part of a message M, the processor is operative to perform a second computation based on the second value and the secret key K yielding an HMAC value, and the interface is operative to send the HMAC value to the second apparatus.Type: ApplicationFiled: September 4, 2017Publication date: August 23, 2018Inventors: Benyamin HIRSCHBERG, Yaron SELLA, Gilad TAUB
-
Publication number: 20180114020Abstract: In one embodiment, a system includes a central processing unit (CPU) to identify a ransomware process which encrypted a plurality of files yielding a plurality of encrypted files, in response to identifying the ransomware process, dump a memory space and a state of the CPU yielding a memory dump, and search the memory dump for a plurality of candidate encryption keys, and a decryption engine to attempt to decrypt at least one encrypted file of the plurality of encrypted files with different candidate encryption keys of the plurality of candidate encryption keys until the at least one encrypted file is successfully decrypted with one candidate encryption key of the different candidate encryption keys, and decrypt the plurality of encrypted files using the one candidate encryption key. Related apparatus and methods are also described.Type: ApplicationFiled: October 26, 2016Publication date: April 26, 2018Inventors: Benyamin HIRSCHBERG, Moshe KRAVCHIK, Arie HAENEL, Hillel SOLOW