Abstract: A method and system for controlling multi-tiered mitigation of cyber-attacks.

Abstract: A method and a trust broker system for blockchain-based anti-bot protection are provided. The method includes identifying, on a blockchain network, a request from a client to access a protected entity; selecting an access policy in response to the access request, wherein the access policy includes at least one game to be performed by the client; causing execution of the at least one game defined in the access policy; identifying, on the blockchain network, results of the at least one game, wherein the results are deposited by the client upon completion of the game; determining a bias of the client based on the completion results, wherein the determined bias is utilized for a cyber-security assessment of the client, wherein the determined bias for the client is maintained on the blockchain network; and granting or denying access to the protected entity by the client based on the determined bias.

Abstract: A system for direct imaging and diagnosing of abnormal cells in a target tissue includes a disposable optical speculum and an image acquisition system having the speculum assembled on and mechanically secured thereto. The image acquisition system is arranged to capture at least one of a single image or multiple images or video of cells within the target tissue using at least one of bright field or dark field ring illumination divided into independently operated segments to obtain a plurality of data sets. An image analysis and control unit in communication with the image acquisition system analyzes the data sets and applies algorithms to the data sets for diagnosing abnormal cells.

Abstract: A system and method for real-time tuning of inference systems based on quality of incoming data. The method comprises: periodically receiving traffic data collected by a plurality of collectors deployed in a network; determining at least a normalized variance of a current sample of the received traffic data; estimating, based in part on the normalized variance, a standard deviation of the received traffic data and a fading coefficient of a baseline filter; determining a current baseline value based on a previous baseline value, the fading coefficient, and the current sample of the traffic data; and dynamically setting at least one membership function of the inference system based in part on the current baseline value and the standard deviation.

Abstract: A method and system for determining a cost to allow a blockchain-based admission to a protected entity. The method includes identifying, in a blockchain network, a conversion transaction identifying a conversion of a first-type of access tokens with access tokens of a second-type, wherein the transaction designates at least the protected entity; determining a conversion value for converting the first-type of access tokens into the second-type access tokens, wherein the conversion value is determined based on at least one access parameter; and converting, based on the determined conversion value, a first sum of the first-type access tokens into a second sum of the second-type access-tokens, wherein a client spends the second sum of the second-type access tokens to access the protected entity, the determined conversion value is the access cost to the protected entity.

Abstract: A method and system for blockchain-based access to a protected entity are provided. The method includes granting access tokens of a first-type to a client; identifying, in a blockchain network, a conversion transaction identifying a request to convert the first-type of access tokens with access tokens of a second-type, wherein the transaction designates at least the protected entity; determining a conversion value for converting the first-type of access tokens into the second-type of access tokens, wherein the conversion value is determined based on at least one access parameter; converting, based on the determined conversion value, a first sum of the first-type of access tokens into a second sum of the second-type of access-tokens; and granting the client access to the protected entity when the sum of the second-type of access tokens is received as a payment from the protected entity.

Abstract: A system and method for blockchain-based access authorization to a protected entity. The method includes: receiving, by the protected entity, an access request to a protected entity, wherein the access request is received from a client device; extracting a unique client identifier from the received access request; causing the client device to perform an admission process; monitoring a blockchain network to identify at least one admission transaction, wherein the at least one admission transaction designates admission criteria; determining if the admission criteria satisfy a set of conditions for accessing the protected entity; and granting access to the client device when the admission criteria satisfies the set of conditions, wherein the access is access to the protected entity.

Abstract: A method and a trust broker system for blockchain-based anti-bot protection are provided. The method includes identifying, on a blockchain network, a request from a client to access a protected entity; selecting an access policy in response to the access request, wherein the access policy includes at least one game to be performed by the client; causing execution of the at least one game defined in the access policy; identifying, on the blockchain network, results of the at least one game, wherein the results are deposited by the client upon completion of the game; determining a bias of the client based on the completion results, wherein the determined bias is utilized for a cyber-security assessment of the client, wherein the determined bias for the client is maintained on the blockchain network; and granting or denying access to the protected entity by the client based on the determined bias.

Abstract: A method and system for detecting and mitigation recursive domain name system (DNS) cyber-attacks are disclosed. The method includes receiving DNS queries directed to a DNS resolver, wherein the DNS resolver is communicatively connected between at least one client and at least one name server; parsing each received DNS query to extract a hostname identified therein; updating at least one array of Bloom filters using the extracted hostname; computing a ratio of an unrecognized hostnames per sample (UPS) based on the contents of the at least one array; and determining if the UPS ratio is abnormal, wherein an abnormal UPS ratio is an indication of an attack.

Abstract: A method and system for configuring a behavioral network intelligence system using a network monitoring programming language are provided. The method includes defining at least one target of a traffic segment to be monitored using at least one application path attribute of an application, wherein the application is accessed via at least one user device connected to a network, wherein the at least one application path attribute is defined respective of an application path keyword and an application path assessment keyword; and defining at least one condition representing the behavior of the at least one application path attribute of the application, the at least one target and the at least one condition can be interpreted by a monitoring system to allow for determining a behavioral impact of the application on the network.

Abstract: A method and system for determining the behavioral impact of applications and their respective users on a network carrier are provided. The method includes receiving data collected by at least one deep packet inspection (DPI) engine; classifying the received data at least per an application path respective of each of the applications; generating an application path profile data structure using the collected data; and generating, responsive to at least one behavioral rule, at least one degree of fulfillment (DoF) for the application path based on contents of the application path profile data structure, wherein the at least DoF defines an association of the application path with at least one behavior group, wherein the behavior group determines the behavioral impact of an application represented by the application path.

Abstract: A system and method for reducing a time to mitigate distributed denial of service (DDoS) attacks are provided. The method includes receiving a plurality of attack feeds on at least one protected object in a secured environment; analyzing the plurality of attack feeds to determine characteristics of a DDoS attack against the secure environment; determining a set of optimal mitigation resources assigned to the secured environment; selecting, based on the set of optimal mitigation resources and the attack characteristics, at least one optimal workflow scheme; and initiating a proactive mitigation action by setting each mitigation resource in the set of optimal mitigation resources according to the selected optimal workflow scheme.

Abstract: A system and method for generating insights on distributed denial of service (DDoS) attacks are provided. The method includes receiving a plurality of data feeds from a plurality of data sources; processing the plurality of received data feeds to generate enriched data sets; and analyzing the enriched data sets to generate insights information about a DDoS attack that have been participated in at least one DDoS attack.

Abstract: A system and method for out-of-path detection of cyber-attacks are provided. The method includes receiving, by a detector, a plurality of data feeds from a plurality of data sources, wherein the detector is communicatively connected to the plurality of data sources; processing, by the detector, the plurality of received data feeds to generate enriched Flow data sets; analyzing the enriched Flow data sets to detect a potential cyber-attack; and upon detection of a potential cyber-attack, providing indication to each network entity of the network entities that is under attack.

Abstract: A system for direct imaging and diagnosing of abnormal cells in a target tissue includes a disposable optical speculum and an image acquisition system having the speculum assembled on and mechanically secured thereto. The image acquisition system is arranged to capture at least one of a single image or multiple images or video of cells within the target tissue using at least one of bright field or dark field ring illumination divided into independently operated segments to obtain a plurality of data sets. An image analysis and control unit in communication with the image acquisition system analyzes the data sets and applies algorithms to the data sets for diagnosing abnormal cells.

Abstract: A clasp for a jewelry system has two arms and a sleeve that can slide to a position covering at least portions of both arms. In this position, the sleeve urges the clasp from an un-locked state towards a locked state.

Abstract: A method and system for controlling multi-tiered mitigation of cyber-attacks.

Abstract: A system and method for detecting abnormal traffic behavior. The method comprises: applying a task to an input data set to create an un-normalized cluster of traffic features, wherein the task defines a plurality of traffic features; computing a center point of the cluster of traffic features; computing a distance between the computed center point and a new sample, wherein the new sample includes traffic features defined in the task; and determining, based on the computed distance, whether the received new sample demonstrates abnormal behavior.

Abstract: A system for direct imaging and diagnosing of abnormal cells in a target tissue includes a disposable optical speculum and an image acquisition system having the speculum assembled on and mechanically secured thereto. The image acquisition system is arranged to capture at least one of a single image or multiple images or video of cells within the target tissue using at least one of bright field or dark field ring illumination divided into independently operated segments to obtain a plurality of data sets. An image analysis and control unit in communication with the image acquisition system analyzes the data sets and applies algorithms to the data sets for diagnosing abnormal cells.

Abstract: A method, host machine, and a virtual network for distributing application delivery controller services in a virtual network are presented. The method includes activating a first application delivery controller (ADC) agent on at least a first host machine of a plurality of host machines included in the virtual network, wherein the first host machine is configured to host at least one client; intercepting, by the first ADC agent, a request from the at least one client, wherein the request is for a service provided by one server of a plurality of servers hosted by the plurality of host machines; selecting, by the first ADC agent, a server of the plurality of servers to serve the request; forwarding, by the first ADC agent, the intercepted request to the selected server; and relaying a response to the intercepted request received from the selected server to the at least one client.