Patents Assigned to Radware Ltd.
  • Patent number: 11888893
    Abstract: A method and system for characterizing application layer denial-of-service (DDoS) attacks are provided. The method includes generating a dynamic applicative signature by analyzing requests received during an on-going DDoS attack, wherein the dynamic applicative signature characterizes based on frequent applicative attributes appeared from the received; characterizing each incoming request based on the generated dynamic applicative signature, wherein the characterization provides an indication for each incoming request whether an incoming request is generated by an attack tool executing the on-going DDoS attributes; and causing a mitigation action on the incoming request generated by the attack tool based on the generated dynamic applicative signature.
    Type: Grant
    Filed: January 31, 2023
    Date of Patent: January 30, 2024
    Assignee: RADWARE LTD
    Inventors: Ehud Doron, Koral Haham, David Aviv
  • Publication number: 20240012896
    Abstract: The method and system for performing a completely automated public Turing test to tell computers and humans apart (CAPTCHA). The method comprises receiving by a server a request from a service server to initiate a CAPTCHA of a user node; generating an image of a path; generating at least one target to be placed upon the path; generating an object to be placed at a start point of the path; sending the generated path, the at least one generated target, and the object as a CAPTCHA challenge to the user node for display thereon; receiving, by the server, data respective of motion of the object with respect to the path and the at least one generated target; and issuing, based on analysis of the data received data, a pass indication upon determination that the user node is operative by a human.
    Type: Application
    Filed: July 8, 2022
    Publication date: January 11, 2024
    Applicant: Radware Ltd.
    Inventors: Zaid IMAM, Rakesh THATHA, Pavan THATHA
  • Publication number: 20230396588
    Abstract: A device and method for configuring a web application firewall (WAF) based on characterization of web attacks are provided. The method includes receiving a plurality of hypertext transfer protocol transactions (HTTP) entities; tokenizing the received plurality of HTTP entities based on at least one delimiter; analyzing statistical distribution of each of the at least one delimiter in the tokenized HTTP entities; training a model based on an analysis of the tokenized HTTP entities, when a sufficient number of HTTP entities have been analyzed; and configuring, based on the trained model, the WAF with at least one detection rule to detect at least malicious HTTP transactions.
    Type: Application
    Filed: June 3, 2022
    Publication date: December 7, 2023
    Applicant: RADWARE LTD.
    Inventors: Doron SHAVIT, Amnon LOTEM, Orly Stan BENCHETRIT
  • Patent number: 11785035
    Abstract: A method for operating at least one log-analytics detection platform for detecting security threats associated with a client network, comprising: obtaining, via a communication network, log files from a client network, each log file comprising a log record associated with a channel and including an outbound communications log; extracting a channel feature set for said channels from said log files, said channel feature set comprises data pertaining to an associated entity, at least one channel feature being behavior of communication over a channel; aggregating said channel associated features for each of the channels into a data repository; generating a risk factor characterized by an entity score for said least one entity associated with entities of said channels; and blocking of communication for said entity when said risk factory is indicative of said entity being a security threat.
    Type: Grant
    Filed: April 29, 2022
    Date of Patent: October 10, 2023
    Assignee: RADWARE LTD.
    Inventors: Amnon Lotem, Doron Peri, Aviv Raff
  • Publication number: 20230283609
    Abstract: A method for protecting entities against bots is provided. The method includes identifying a request from a client to access a protected entity; selecting an access policy in response to the access request, wherein the access policy includes at least one challenge to be performed by the client; identifying results of the at least one challenge, wherein the results are provided by the client upon completion of the challenge; determining a bias of the client based on the completion results, wherein the determined bias is utilized for a cyber-security assessment of the client; and granting access to the protected entity by the client based on the determined bias.
    Type: Application
    Filed: May 10, 2023
    Publication date: September 7, 2023
    Applicant: Radware Ltd.
    Inventors: Alon LELCUK, David AVIV
  • Patent number: 11750632
    Abstract: A method for detecting DoS attacks using an encrypted communication protocol includes estimating traffic telemetries of packets of at least ingress traffic passing over an insecure network that is directed to a protected entity by analyzing TCP headers of the packets, the packets using an encrypted version of a non-encrypted communication protocol, the packets being intended for the protected entity; providing at least one rate-based feature and at least one rate-invariant feature based on the estimated traffic telemetries, wherein the rate-based feature and the rate-invariant feature demonstrate a normal behavior of the traffic; and executing a mitigation action when a potential flood DoS attack using the encrypted communication protocol is detected by an evaluation of each of the at least one rate-based feature and the at least one rate-invariant feature with respect to respective baselines to determine whether the behavior of the ingress traffic indicates a potential flood DoS attack.
    Type: Grant
    Filed: May 31, 2022
    Date of Patent: September 5, 2023
    Assignee: RADWARE, LTD.
    Inventors: Ehud Doron, Lev Medvedovsky, David Aviv, Eyal Rundstein, Ronit Lubitch Greenberg, Avishay Balderman
  • Publication number: 20230262096
    Abstract: Arrangement for hardening cloud security policies of a cloud computing platform includes analyzing a plurality of permission usage maps, one for each cloud entity of a plurality of cloud entities included in the computing platform to discover at least one hardening gap, wherein each hardening gap is at least a difference between permissions granted and permissions used by one of the cloud entities, wherein each of the permission usage maps represents the permissions granted to a respective one of the cloud entities and the permissions used by that respective at least one of the cloud entities; for each discovered hardening gap, computing a risk score designating a potential risk reduction achieved by addressing the hardening gap; generating at least one hardening recommendation for the at least one hardening gap and its respective computed risk score; and applying the at least one hardening recommendation, thereby hardening the cloud computing platform.
    Type: Application
    Filed: April 19, 2023
    Publication date: August 17, 2023
    Applicant: Radware Ltd.
    Inventors: Adi RAFF, Amnon LOTEM, Yaniv AMRAM, Leo REZNIK, Tal HALPERN, Nissim PARIENTE
  • Publication number: 20230254341
    Abstract: A system and method for detecting cyber-attacks using quantile regression analysis are disclosed. The method includes: identifying at least one hit quantile out of a plurality of quantiles, wherein the at least one identified hit quantile falls within quantile edges of a sample of traffic directed at a protected entity, wherein each of the plurality of quantiles is characterized by a probability distribution of at least one feature of a data stream, each of the plurality of quantiles having a respective probability estimate; updating the probability estimates of the plurality of quantiles when the at least one hit quantile has been identified; and when the probability estimate of the at least one hit quantile is above a threshold, taking an action to mitigate existence of a cyber-attack.
    Type: Application
    Filed: April 5, 2023
    Publication date: August 10, 2023
    Applicant: Radware Ltd.
    Inventors: Lev MEDVEDOVSKY, David AVIV
  • Publication number: 20230224321
    Abstract: A method and system for generating dynamic applicative signatures of by application layer flood attack tools are provided. The method includes determining a plurality of different attributes of requests received during an on-going DDoS attack; clustering at least one attribute of the plurality of different attributes, wherein the clustering is based on values of the plurality of different attributes; determining clusters of attributes representing most frequent structures of the requests received during the on-going DDoS attack; and generating, based on the determined clusters of attributes, signature of an application layer flood attack tool executing the on-going DDoS attack.
    Type: Application
    Filed: December 19, 2022
    Publication date: July 13, 2023
    Applicant: Radware Ltd.
    Inventors: Ehud DORON, Koral HAHAM, David AVIV
  • Publication number: 20230216885
    Abstract: A method and system for detecting client-side cross-site scripting exploitation attacks according to an embodiment are disclosed. The method includes downloading an access list from a remote server; capturing a request to access an external resource, wherein the request is initiated by a script executed over the web browser, wherein the external web resource is external to the web browser executed on a client device; determining, based on the access list, if the requested external web resource can be accessed; and applying a mitigation action on the request to access the external web resource when it is determined that the external web resource cannot be accessed.
    Type: Application
    Filed: December 29, 2022
    Publication date: July 6, 2023
    Applicant: Radware Ltd.
    Inventors: Alon TAMIR, Amir MARMOR, David AVIV
  • Publication number: 20230208857
    Abstract: A method and system for detecting and mitigation a cyber-attack scanner are provided. The method includes determining if a source network address designated in a received packet is suspicious as of a cyber-attack scanner, wherein the determination is based on a likelihood that the source address was previously frequently encountered; upon determining that the source network address is suspicious, determining diversity of destination network addresses sent by a source having the suspicious network address; and upon determining that the destination network addresses are diversified, generating an alarm indicating that a source network address is a cyber-attack scanner, wherein a cyber-attack scanner is a device to identify destination network addresses in a protected entity that be exploit for at least a cyber-attack scanner.
    Type: Application
    Filed: December 28, 2021
    Publication date: June 29, 2023
    Applicant: Radware, Ltd.
    Inventors: Lev MEDVEDOVSKY, David AVIV
  • Publication number: 20230188560
    Abstract: A method and system for characterizing application layer denial-of-service (DDoS) attacks are provided. The method includes generating a dynamic applicative signature by analyzing requests received during an on-going DDoS attack, wherein the dynamic applicative signature characterizes based on frequent applicative attributes appeared from the received; characterizing each incoming request based on the generated dynamic applicative signature, wherein the characterization provides an indication for each incoming request whether an incoming request is generated by an attack tool executing the on-going DDoS attributes; and causing a mitigation action on the incoming request generated by the attack tool based on the generated dynamic applicative signature.
    Type: Application
    Filed: January 31, 2023
    Publication date: June 15, 2023
    Applicant: Radware Ltd.
    Inventors: Ehud DORON, Koral HAHAM, David AVIV
  • Patent number: 11677753
    Abstract: A method for protecting entities against bots is provided. The method includes identifying a request from a client to access a protected entity; selecting an access policy in response to the access request, wherein the access policy includes at least one challenge to be performed by the client; identifying results of the at least one challenge, wherein the results are provided by the client upon completion of the challenge; determining a bias of the client based on the completion results, wherein the determined bias is utilized for a cyber-security assessment of the client; and granting access to the protected entity by the client based on the determined bias.
    Type: Grant
    Filed: August 3, 2020
    Date of Patent: June 13, 2023
    Assignee: RADWARE LTD.
    Inventors: Alon Lelcuk, David Aviv
  • Patent number: 11665138
    Abstract: A method and system for continuously configuring a web application firewall (WAF) are provided. The method includes receiving a request directed at a protected web application, wherein the request is received from a client device associated with a trusted user account, and wherein the protected web application is protected by the WAF; validating the received request based on at least a signature included in a header of the received request; when the received request is validated, generating an authorization rule based on the received request, wherein the authorization rule allows access to a resource of the protected web application designated in the received request, wherein the generated authorization rule is included in at least one whitelist the WAF is configured with; and configuring the WAF with the generated authorization rule to allow the received request and subsequent request to be directed to the resource of the protected web application.
    Type: Grant
    Filed: December 30, 2019
    Date of Patent: May 30, 2023
    Assignee: RADWARE LTD.
    Inventors: Vladimir Shalikashvili, Dekel Cohen, Ayelet Shomer
  • Patent number: 11652843
    Abstract: A system and method for detecting cyber-attacks using quantile regression analysis are disclosed. The method includes identifying at least one hit quantile out of a plurality of quantiles, wherein at least one sample of traffic directed at a protected entity falls within quantile edges of the at least one identified hit quantile, wherein each of the plurality of quantiles is characterized by a probability distribution of at least one feature of a data stream, each of the plurality of quantiles having a respective probability estimate of bytes to fall into it; updating the probability estimates of the plurality of quantiles when the hit quantile has been identified; determining if the probability estimate of the at least one hit quantile is above a threshold; and detecting a cyber-attack when the probability estimate of the at least one hit quantile is above the threshold.
    Type: Grant
    Filed: December 31, 2020
    Date of Patent: May 16, 2023
    Assignee: RADWARE LTD.
    Inventors: Lev Medvedovsky, David Aviv
  • Patent number: 11637864
    Abstract: A method and system for hardening cloud security policies of a cloud computing platform are presented.
    Type: Grant
    Filed: June 3, 2019
    Date of Patent: April 25, 2023
    Assignee: RADWARE LTD.
    Inventors: Adi Raff, Amnon Lotem, Yaniv Amram, Leo Reznik, Tal Halpern, Nissim Pariente
  • Patent number: 11632391
    Abstract: A system and method for out-of-path detection of cyber-attacks are provided. The method includes receiving, by a detector, a plurality of data feeds from a plurality of data sources, wherein the detector is communicatively connected to the plurality of data sources; processing, by the detector, the plurality of received data feeds to generate enriched Flow data sets; analyzing the enriched Flow data sets to detect a potential cyber-attack; and upon detection of a potential cyber-attack, providing indication to each network entity of the network entities that is under attack.
    Type: Grant
    Filed: December 6, 2018
    Date of Patent: April 18, 2023
    Assignee: RADWARE LTD.
    Inventors: Ehud Doron, Yotam Ben Ezra, David Aviv
  • Patent number: 11627156
    Abstract: A system of method of detecting bots are presented. The method includes receiving access patterns of a visitor accessing a protected web property, encoding each of the access patterns into a fixed length feature vector, determining an offline-trained model based on past data, generating an anomaly score based on the fixed length feature vector and an offline-trained model, and determining the visitor to be a bot, when the generated anomaly score associated with the visitor reaches a predetermined threshold.
    Type: Grant
    Filed: September 18, 2019
    Date of Patent: April 11, 2023
    Assignee: RADWARE LTD.
    Inventors: Harisankar Haridas, Mohit Rajput, Rakesh Thatha, Sonal Lalchand Oswal, Neeraj Kumar Gupta
  • Publication number: 20230091851
    Abstract: A system and method for identity-based access admission are provided. The method includes generating in a browser of a client device a unique identity key for the browser, wherein the identity key is generated in an internal frame (iFrame) thread, is executed in a main thread of the browser, and wherein the identity key includes a fingerprint characterizing in part the browser and the client device, an internet protocol address of the client device, and a public-encryption key; and registering the identity key with an admission controller, wherein access to a protected entity by the client device is enforced using the identity key.
    Type: Application
    Filed: September 22, 2021
    Publication date: March 23, 2023
    Applicant: RADWARE. LTD
    Inventors: Alon TAMIR, Amir MARMOR, David AVIV
  • Patent number: 11606387
    Abstract: A system and method for reducing a time to mitigate distributed denial of service (DDoS) attacks are provided. The method includes receiving a plurality of attack feeds on at least one protected object in a secured environment; analyzing the plurality of attack feeds to determine characteristics of a DDoS attack against the secure environment; determining a set of optimal mitigation resources assigned to the secured environment; selecting, based on the set of optimal mitigation resources and the attack characteristics, at least one optimal workflow scheme; and initiating a proactive mitigation action by setting each mitigation resource in the set of optimal mitigation resources according to the selected optimal workflow scheme.
    Type: Grant
    Filed: December 20, 2018
    Date of Patent: March 14, 2023
    Assignee: RADWARE LTD.
    Inventors: Ehud Doron, Yotam Ben Ezra, David Aviv