Patents by Inventor Lior Gavish
Lior Gavish has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11159565Abstract: A new approach is proposed that contemplates systems and methods to support email account takeover detection and remediation by utilizing an artificial intelligence (AI) engine/classifier that detects and remediates such attacks in real time. The AI engine is configured to continuously monitor and identify communication patterns of a user on an electronic messaging system of an entity via application programming interface (API) calls. The AI engine is then configured to collect and utilize a variety of features and/or signals from an email sent from an internal email account of the entity. The AI engine combines these signals to automatically detect whether the email account has been compromised by an external attacker and alert the individual user of the account and/or a system administrator accordingly in real time. The AI engine further enables the parties to remediate the effects of the compromised email account by performing one or more remediating actions.Type: GrantFiled: July 16, 2020Date of Patent: October 26, 2021Assignee: Barracuda Networks, Inc.Inventors: Marco Schweighauser, Lior Gavish, Itay Bleier, Asaf Cidon
-
Publication number: 20200351301Abstract: A new approach is proposed that contemplates systems and methods to support email account takeover detection and remediation by utilizing an artificial intelligence (AI) engine/classifier that detects and remediates such attacks in real time. The AI engine is configured to continuously monitor and identify communication patterns of a user on an electronic messaging system of an entity via application programming interface (API) calls. The AI engine is then configured to collect and utilize a variety of features and/or signals from an email sent from an internal email account of the entity. The AI engine combines these signals to automatically detect whether the email account has been compromised by an external attacker and alert the individual user of the account and/or a system administrator accordingly in real time. The AI engine further enables the parties to remediate the effects of the compromised email account by performing one or more remediating actions.Type: ApplicationFiled: July 16, 2020Publication date: November 5, 2020Inventors: Marco SCHWEIGHAUSER, Lior GAVISH, Itay BLEIER, Asaf CIDON
-
Patent number: 10778717Abstract: A new approach is proposed that contemplates systems and methods to support email account takeover detection and remediation by utilizing an artificial intelligence (AI) engine/classifier that detects and remediates such attacks in real time. The AI engine is configured to continuously monitor and identify communication patterns of a user on an electronic messaging system of an entity via application programming interface (API) calls. The AI engine is then configured to collect and utilize a variety of features and/or signals from an email sent from an internal email account of the entity. The AI engine combines these signals to automatically detect whether the email account has been compromised by an external attacker and alert the individual user of the account and/or a system administrator accordingly in real time. The AI engine further enables the parties to remediate the effects of the compromised email account by performing one or more remediating actions.Type: GrantFiled: March 25, 2019Date of Patent: September 15, 2020Assignee: Barracuda Networks, Inc.Inventors: Marco Schweighauser, Lior Gavish, Itay Bleier, Asaf Cidon
-
Publication number: 20190222606Abstract: A new approach is proposed that contemplates systems and methods to support email account takeover detection and remediation by utilizing an artificial intelligence (AI) engine/classifier that detects and remediates such attacks in real time. The AI engine is configured to continuously monitor and identify communication patterns of a user on an electronic messaging system of an entity via application programming interface (API) calls. The AI engine is then configured to collect and utilize a variety of features and/or signals from an email sent from an internal email account of the entity. The AI engine combines these signals to automatically detect whether the email account has been compromised by an external attacker and alert the individual user of the account and/or a system administrator accordingly in real time. The AI engine further enables the parties to remediate the effects of the compromised email account by performing one or more remediating actions.Type: ApplicationFiled: March 25, 2019Publication date: July 18, 2019Inventors: Marco SCHWEIGHAUSER, Lior GAVISH, Itay BLEIER, Asaf CIDON
-
Publication number: 20190026461Abstract: A new approach is proposed to support electronic messaging threat scanning and detection to identify security threats missed by an existing security software of an electronic messaging system. An AI engine first retrieves an entire inventory of historical electronic messages by the users on the electronic messaging system over a certain time. The AI engine scans the retrieved inventory of historical electronic messages to identify various types of security threats to the electronic messaging system in the past. The AI engine compares the identified security threats to those that have been identified by the existing security software to identify a set of security threats that had eluded or missed by the existing security software in the past. The AI engine then removes, modifies, or quarantines electronic messages that contain the missed security threats so that none of them will trigger an attack to the electronic messaging system in the future.Type: ApplicationFiled: August 31, 2017Publication date: January 24, 2019Inventors: Asaf Cidon, Lior Gavish, Michael Perone
-
Publication number: 20190028509Abstract: A new approach is proposed to support communication fraud detection and prevention by utilizing an artificial intelligence (AI) engine that detects and blocks impersonation attacks in real time. The AI engine automatically collects all historical electronic messages of each individual user in the entity on an electronic messaging system via an application programming interface (API) call to the electronic messaging system. The AI engine then analyzes the collected electronic messages for a plurality of features to identify unique communication patterns of users in the entity via AI-based classification. When one or more related incoming messages are retrieved in real time, the identified communication patterns are utilized to detect anomalous signals in metadata and/or content of the incoming messages. The AI engine then identifies with a high degree of accuracy whether the incoming messages are part of an impersonation attack based on the detected anomalous signals.Type: ApplicationFiled: August 31, 2017Publication date: January 24, 2019Inventors: Asaf Cidon, Lior Gavish, Michael Perone
-
Publication number: 20190028499Abstract: A new approach is proposed to support anti-fraud user training and protection by identifying and training individuals within an entity who are at high risk of being targeted in an impersonating attack. An AI engine automatically collects historical electronic messages of each individual in the entity on an electronic messaging system via an application programming interface (API) call. The AI engine then analyzes contents the collected historical electronic messages and calculates a security score for each individual via AI-based classification. The AI engine identifies high-risk individuals within the entity based on their security scores and launches simulated impersonating attacks against these individuals to test their security awareness.Type: ApplicationFiled: August 31, 2017Publication date: January 24, 2019Inventors: Asaf Cidon, Lior Gavish, Michael Perone
-
Patent number: 10083307Abstract: An approach is proposed that contemplates systems, methods, and computer-readable storage mediums to support receiving, from a computerized system, a first encrypted file entity key and signed access metadata, wherein the first encrypted file entity key is created by encrypting a file entity key using a first encryption key, the signed access metadata is signed by the file entity key and the encrypted file entity is created by encrypting a file entity using the file entity key. The approach then determines whether to facilitate the decryption of the encrypted file entity by the computerized system and sends a second encrypted file entity key to the computerized system if it is determined to facilitate the decryption. The approach prevents the computerized system to decrypt the encrypted file entity if it is determined not to facilitate the decryption of the encrypted file entity by the computerized system.Type: GrantFiled: May 5, 2016Date of Patent: September 25, 2018Assignee: Barracuda Networks, Inc.Inventors: Asaf Cidon, Israel Cidon, Lior Gavish, Prabandham Madan Gopal, Chandrashekhar Shetty
-
Patent number: 10050795Abstract: Non-transitory computer readable medium that may store instructions that once executed by a computer may cause a computer to receive or generate multiple security questions, receive multiple security answers that were provided by an entity in response to the multiple security questions, receive or generate redundant information and calculate the passphrase by applying an error correction process on the redundant information and the multiple security answers; wherein the error correction process is configured to correct up to a predefined number of erroneous security answers.Type: GrantFiled: March 23, 2016Date of Patent: August 14, 2018Assignee: Barracuda Networks, Inc.Inventors: Israel Cidon, Asaf Cidon, Lior Gavish
-
Publication number: 20170033936Abstract: Non-transitory computer readable medium that may store instructions that once executed by a computer may cause a computer to receive or generate multiple security questions, receive multiple security answers that were provided by an entity in response to the multiple security questions, receive or generate redundant information and calculate the passphrase by applying an error correction process on the redundant information and the multiple security answers; wherein the error correction process is configured to correct up to a predefined number of erroneous security answers.Type: ApplicationFiled: March 23, 2016Publication date: February 2, 2017Inventors: Israel Cidon, Asaf Cidon, Lior Gavish
-
Publication number: 20160246972Abstract: An approach is proposed that contemplates systems, methods, and computer-readable storage mediums to support receiving, from a computerized system, a first encrypted file entity key and signed access metadata, wherein the first encrypted file entity key is created by encrypting a file entity key using a first encryption key, the signed access metadata is signed by the file entity key and the encrypted file entity is created by encrypting a file entity using the file entity key. The approach then determines whether to facilitate the decryption of the encrypted file entity by the computerized system and sends a second encrypted file entity key to the computerized system if it is determined to facilitate the decryption. The approach prevents the computerized system to decrypt the encrypted file entity if it is determined not to facilitate the decryption of the encrypted file entity by the computerized system.Type: ApplicationFiled: May 5, 2016Publication date: August 25, 2016Inventors: Asaf Cidon, Israel Cidon, Lior Gavish, Prabandham Madan Gopal, Chandrashekhar Shetty
-
Patent number: 9373001Abstract: System, computer readable medium and method for decryption. The method may include receiving, by a third computerized system and from a fourth computerized system, a first encrypted file entity key and signed access metadata. The first encrypted file entity key is created by encrypting a file entity key by a first computerized system using an encryption key of a second computerized system. The signed access metadata is signed by the file entity key. The encrypted file entity is created by encrypting a file entity by the first computerized system using the file entity key. Sending, by the third computerized system, the signed access metadata and the first encrypted file entity key to the second computerized system. Receiving a response from the second computerized system. Determining, based on the response from the second computerized system, whether to facilitate a decryption of the encrypted file entity by the fourth computerized entity.Type: GrantFiled: March 11, 2014Date of Patent: June 21, 2016Assignee: BARRACUDA NETWORKS, INC.Inventors: Asaf Cidon, Israel Cidon, Lior Gavish, Prabandham Madan Gopal, Chandrashekhar Shetty
-
Patent number: 9262643Abstract: A system, computer readable medium and a method for encrypting a file, the method may include retrieving the file from a storage service; segmenting the file into multiple file segments; calculating a file segment signature for each of the multiple file segments to provide multiple file segment signatures; encrypting each of the multiple file segments to provide multiple encrypted file segments by using encryption keys that are in response to the multiple file segment signatures; wherein the multiple encrypted file segments form an encrypted file; and sending the multiple encrypted file segments to the storage service.Type: GrantFiled: December 26, 2012Date of Patent: February 16, 2016Assignee: SOOKASA INC.Inventors: Asaf Cidon, Gopal Madan Prabandham, Israel Cidon, Shetty Chandrashekhar, Lior Gavish, Barak Srour
-
Patent number: 8977661Abstract: A method for file management, the method may include: calculating, by a management server that is located within a cloud computing environment, signatures of multiple files that are stored at multiple storage entities; and finding, by the management server, groups of similar files out of the multiple files, wherein the finding is in response to similarities between signatures of the multiple files; wherein the multiple storage entities comprise at least a first storage entity that is managed by a first management entity and a second storage entity that is managed by a second management entity that differs from the first management entity.Type: GrantFiled: December 26, 2012Date of Patent: March 10, 2015Assignee: Sookasa Inc.Inventors: Asaf Cidon, Gopal Madan Prabandham, Israel Cidon, Shetty Chandrashekhar, Lior Gavish, Barak Srour
-
Publication number: 20140258719Abstract: System, computer readable medium and method for decryption. The method may include receiving, by a third computerized system and from a fourth computerized system, a first encrypted file entity key and signed access metadata. The first encrypted file entity key is created by encrypting a file entity key by a first computerized system using an encryption key of a second computerized system. The signed access metadata is signed by the file entity key. The encrypted file entity is created by encrypting a file entity by the first computerized system using the file entity key. Sending, by the third computerized system, the signed access metadata and the first encrypted file entity key to the second computerized system. Receiving a response from the second computerized system. Determining, based on the response from the second computerized system, whether to facilitate a decryption of the encrypted file entity by the fourth computerized entity.Type: ApplicationFiled: March 11, 2014Publication date: September 11, 2014Applicant: Sookasa Inc.Inventors: Asaf Cidon, Israel Cidon, Lior Gavish, Prabandham Madan Gopal, Chandrashekhar Shetty
-
Publication number: 20140019497Abstract: A system, computer readable medium and a method for modifying a file, the method may include: determining, by a management server within a cloud computing environment, to modify the file; retrieving the file from a storage entity that is managed by a first storage service within the cloud computing environment; modifying the file, by the management server, to provide a modified file, wherein the modifying comprises flagging the modified file as to be handled by an agent that is hosted by a device of a user, wherein the agent is arranged to cooperate with a management server; and providing the modified file to at least one storage service.Type: ApplicationFiled: December 26, 2012Publication date: January 16, 2014Inventors: Asaf Cidon, Gopal Madan Prabandham, Israel Cidon, Shetty Chandrashekhar, Lior Gavish, Barak Srour
-
Publication number: 20140019498Abstract: A method for file management, the method may include: calculating, by a management server that is located within a cloud computing environment, signatures of multiple files that are stored at multiple storage entities; and finding, by the management server, groups of similar files out of the multiple files, wherein the finding is in response to similarities between signatures of the multiple files; wherein the multiple storage entities comprise at least a first storage entity that is managed by a first management entity and a second storage entity that is managed by a second management entity that differs from the first management entity.Type: ApplicationFiled: December 26, 2012Publication date: January 16, 2014Inventors: Asaf Cidon, Gopal Madan Prabandham, Israel Cidon, Shetty Chandrashekhar, Lior Gavish, Barak Srour
-
Publication number: 20140013112Abstract: A system, computer readable medium and a method for encrypting a file, the method may include retrieving the file from a storage service; segmenting the file into multiple file segments; calculating a file segment signature for each of the multiple file segments to provide multiple file segment signatures; encrypting each of the multiple file segments to provide multiple encrypted file segments by using encryption keys that are in response to the multiple file segment signatures; wherein the multiple encrypted file segments form an encrypted file; and sending the multiple encrypted file segments to the storage service.Type: ApplicationFiled: December 26, 2012Publication date: January 9, 2014Inventors: Asaf Cidon, Gopal Madan Prabandham, Israel Cidon, Shetty Chandrashekhar, Lior Gavish, Barak Srour