Patents by Inventor Eldan Ben-Haim
Eldan Ben-Haim has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240028317Abstract: A method for mapping source code to computation resource, the method including the steps of: determining computation resources of a cloud provider used by an application; identifying executable artifacts that are deployed on the computation resources; and matching executable artifacts to source-code and configuration content to provide artifact to code or configuration matches.Type: ApplicationFiled: July 20, 2023Publication date: January 25, 2024Inventors: Idan PLOTNIK, Eldan Ben-Haim, Ariel LEVY, Eli SHALOM
-
Patent number: 11777942Abstract: Disclosed herein are methods and systems for transferring trust between authentication devices associated with the same user. The user accessing secure online resource(s) uses a first (authentication) client device which is not yet associated (verified) with the user for accessing the secure online resource(s). In response to receiving an authentication request from the client device, an authentication message is transmitted to the first client device. The authentication message is transferred from the first client device to a second client device already associated (verified) with the user for accessing the secure online resource(s). The second authenticator transmits back the authentication message which may be verified against the authentication message transmitted to the first client device.Type: GrantFiled: December 8, 2020Date of Patent: October 3, 2023Assignee: Transmit Security Ltd.Inventors: Michael Boodaei, Eldan Ben-Haim, Dima Polsky
-
Patent number: 11546390Abstract: Disclosed herein are systems and methods for recovering online services user accounts of users based on verification of the users in video conferences, comprising receiving a request for recovering an account of a user of an online service, establishing one or more video conference sessions between a client device used by the user, client devices used by one or more trustees associated with the user and a bot agent initiated for the video conference session(s), operating the bot agent during the one or more video conference sessions to guide the one or more trustees to verify an identity of the user, and initiating an account recovery process for the account of the user in response to receiving a positive verification verdict from the one or more trustees.Type: GrantFiled: August 30, 2021Date of Patent: January 3, 2023Assignee: Transmit Security Ltd.Inventors: Michael Boodaei, Eldan Ben-Haim
-
Patent number: 11388167Abstract: Disclosed herein are methods, systems and device for estimating an identity confidence level for a user requesting access to a secure resource, comprising: initiating an authentication session to authenticate the user using a client device to access the secure resource, computing a cumulative identity confidence score in a plurality of iterations and successfully authenticating the user in case the cumulative identity confidence score exceeds a threshold predefined for the secure resource.Type: GrantFiled: December 2, 2019Date of Patent: July 12, 2022Assignee: Transmit Security Ltd.Inventors: Michael Boodaei, Eldan Ben-Haim, Dima Polsky
-
Publication number: 20220182388Abstract: Disclosed herein are methods and systems for transferring trust between authentication devices associated with the same user. The user accessing secure online resource(s) uses a first (authentication) client device which is not yet associated (verified) with the user for accessing the secure online resource(s). In response to receiving an authentication request from the client device, an authentication message is transmitted to the first client device. The authentication message is transferred from the first client device to a second client device already associated (verified) with the user for accessing the secure online resource(s). The second authenticator transmits back the authentication message which may be verified against the authentication message transmitted to the first client device.Type: ApplicationFiled: December 8, 2020Publication date: June 9, 2022Inventors: Michael BOODAEI, Eldan BEN-HAIM, Dima POLSKY
-
Publication number: 20210168148Abstract: Disclosed herein are methods, systems and device for estimating an identity confidence level for a user requesting access to a secure resource, comprising: initiating an authentication session to authenticate the user using a client device to access the secure resource, computing a cumulative identity confidence score in a plurality of iterations and successfully authenticating the user in case the cumulative identity confidence score exceeds a threshold predefined for the secure resource.Type: ApplicationFiled: December 2, 2019Publication date: June 3, 2021Inventors: Michael BOODAEI, Eldan BEN-HAIM, Dima POLSKY
-
Publication number: 20210073359Abstract: Presented herein are methods, systems and devices for authenticating a user according to a secure One Time Password (OTP), comprising generating a challenge encoding a first public key of a temporary key pair generated for use during a specific authentication process, storing a first private key of the temporary key pair, outputting the challenge to a code generation device associated with a user, receiving an OTP code derived by the code generation device from an outcome of a key agreement algorithm applied to the first public and a second private key of an authentication key pair uniquely associated with the code generation device, deriving a reference OTP code from an outcome of the key agreement algorithm applied to the first private key and a second public key of the authentication key pair, and authenticating the user according to a match between the OTP code and the reference OTP code.Type: ApplicationFiled: September 10, 2019Publication date: March 11, 2021Inventors: Michael Boodaei, Eldan Ben-Haim
-
Patent number: 9910979Abstract: Intercepting inter-process communications by determining a first computer memory location of an inter-process communications function of an instance of a virtual machine and causing an interception function at a second computer memory location to be called when a computer software application calls the inter-process communications function.Type: GrantFiled: June 24, 2014Date of Patent: March 6, 2018Assignee: International Business Machines CorporationInventor: Eldan Ben-Haim
-
Patent number: 9659173Abstract: System and method for determining, by a security application, whether an examined software code is a malware, according to which the system detects whenever the examined process code performs system calls and further detects a call site. Pieces of code in the surrounding area of the site and/or in branches related to the site are analyzed and the properties of the analyzed pieces of code are compared with a predefined software code patterns, for determining whether the examined process code corresponds to one of the predefined software code patterns. Then the examined process code is classified according to the comparison results.Type: GrantFiled: January 31, 2012Date of Patent: May 23, 2017Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Amit Klein, Eldan Ben-Haim, Gal Frishman
-
Patent number: 9589133Abstract: Preventing return-oriented programming exploits by identifying a set of contiguous computer software instructions extending from a first location within a computer memory to a second location within the computer memory, where the set of computer software instructions includes a return-oriented programming gadget, copying the set of computer software instructions to extend from a third location within the computer memory to a fourth location within the computer memory, placing a branching instruction at the first memory location, where the branching instruction branches to the third location, appending a return branching instruction to the copy of the set of computer software instructions, where the return branching instruction branches to a fifth location within the computer memory that immediately follows the second location, and overwriting at least a portion of the return-oriented programming gadget between the first location and the second location.Type: GrantFiled: August 8, 2014Date of Patent: March 7, 2017Assignee: International Business Machines CorporationInventor: Eldan Ben-Haim
-
Patent number: 9268557Abstract: Wrapping a computer software application by unpackaging the computer software application into constituent components including a data file that includes a listing of any of the components, modifying the data file to include a reference to a library, where the library is configured to cause communications between the computer software application and a computer operating system to be intercepted and processed by instructions within the library when the computer software application is executed by a computer, and repackaging the computer software application to include the library and any of the components listed in the modified data file.Type: GrantFiled: June 24, 2014Date of Patent: February 23, 2016Assignee: International Business Machines CorporationInventor: Eldan Ben-Haim
-
Publication number: 20160042177Abstract: Preventing return-oriented programming exploits by identifying a set of contiguous computer software instructions extending from a first location within a computer memory to a second location within the computer memory, where the set of computer software instructions includes a return-oriented programming gadget, copying the set of computer software instructions to extend from a third location within the computer memory to a fourth location within the computer memory, placing a branching instruction at the first memory location, where the branching instruction branches to the third location, appending a return branching instruction to the copy of the set of computer software instructions, where the return branching instruction branches to a fifth location within the computer memory that immediately follows the second location, and overwriting at least a portion of the return-oriented programming gadget between the first location and the second location.Type: ApplicationFiled: August 8, 2014Publication date: February 11, 2016Inventor: Eldan Ben-Haim
-
Publication number: 20150371035Abstract: Intercepting inter-process communications by determining a first computer memory location of an inter-process communications function of an instance of a virtual machine and causing an interception function at a second computer memory location to be called when a computer software application calls the inter-process communications function.Type: ApplicationFiled: June 24, 2014Publication date: December 24, 2015Inventor: Eldan Ben-Haim
-
Publication number: 20150370553Abstract: Wrapping a computer software application by unpackaging the computer software application into constituent components including a data file that includes a listing of any of the components, modifying the data file to include a reference to a library, where the library is configured to cause communications between the computer software application and a computer operating system to be intercepted and processed by instructions within the library when the computer software application is executed by a computer, and repackaging the computer software application to include the library and any of the components listed in the modified data file.Type: ApplicationFiled: June 24, 2014Publication date: December 24, 2015Inventor: Eldan Ben-Haim
-
Patent number: 9218487Abstract: A method for protecting a browser from malicious processes, comprises providing at least one process-proxy object and at least a browser-proxy object, interposed between the browser and a process, such that when the process invokes one of the DOM entry points, the process-proxy object isolates it from the real browser implementation and executes the process-proxy object's code instead.Type: GrantFiled: October 13, 2014Date of Patent: December 22, 2015Assignee: TRUSTEER, LTD.Inventors: Amit Klein, Eldan Ben-Haim, Oleg Izmerly, Shmuel Regev, Michael Boodaei
-
Patent number: 9081956Abstract: A method for protecting a browser from malicious processes, comprises providing at least one process-proxy object and at least a browser-proxy object, interposed between the browser and a process, such that when the process invokes one of the DOM entry points, the process-proxy object isolates it from the real browser implementation and executes the process-proxy object's code instead.Type: GrantFiled: May 22, 2009Date of Patent: July 14, 2015Assignee: Trusteer Ltd.Inventors: Amit Klein, Eldan Ben-Haim, Oleg Izmerly, Shmuel Regev, Michael Boodaei
-
Publication number: 20150128206Abstract: A method for providing early filtering of events using a kernel-based filter, comprising the steps of: a) providing a driver for the kernel level that acts as a kernel filtering process, wherein said driver is configured to match events that occur at the kernel level according to predefined rules; and b) upon finding a match, acting according to the definition of the matched rule in order to allow the event, disallow said event or forward the content of said event for further processing.Type: ApplicationFiled: November 4, 2013Publication date: May 7, 2015Applicant: TRUSTEER LTD.Inventors: Eldan Ben Haim, Ilan Fraiman, Arkady Dubovsky
-
Publication number: 20150128273Abstract: A method for protecting a browser from malicious processes, comprises providing at least one process-proxy object and at least a browser-proxy object, interposed between the browser and a process, such that when the process invokes one of the DOM entry points, the process-proxy object isolates it from the real browser implementation and executes the process-proxy object's code instead.Type: ApplicationFiled: October 13, 2014Publication date: May 7, 2015Inventors: Amit KLEIN, Eldan BEN-HAIM, Oleg IZMERLY, Shmuel REGEV, Michael BOODAEI
-
Publication number: 20150113644Abstract: An Agent for detecting and/or preventing an Exploit attack, comprises: a) means for monitoring the operation of one or more process elements in a computer system; b) means for determining whether said one or more process elements has initiated, or is about to initiate a “create process” operation; and c) means for performing preventive activities as a result of the determination.Type: ApplicationFiled: October 21, 2013Publication date: April 23, 2015Applicant: Trusteer, Ltd.Inventors: Amit KLEIN, Gal Frishman, Yaron Dycian, Avner Gideoni, Eldan Ben Haim, Ilan Fraiman
-
Patent number: 8863281Abstract: A method for protecting a browser from malicious processes, comprises providing at least one process-proxy object and at least a browser-proxy object, interposed between the browser and a process, such that when the process invokes one of the DOM entry points, the process-proxy object isolates it from the real browser implementation and executes the process-proxy object's code instead.Type: GrantFiled: May 22, 2009Date of Patent: October 14, 2014Assignee: Trusteer Ltd.Inventors: Amit Klein, Eldan Ben-Haim, Oleg Izmerly, Shmuel Regev, Michael Boodaei