Patents by Inventor Amnon Lotem
Amnon Lotem has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240098111Abstract: A method and system for mitigating of randomized denial-of-service (DDoS) attacks directed against a protected entity during an attack time period are provided. The method includes receiving a packet during the attack time period; selecting a cluster defining legitimacy characteristics from at least one cluster of packets that best fits the received packet, wherein legitimacy characteristics of a cluster are learned during a peacetime period; determining a legitimacy score for the received packet based on the legitimacy characteristics of the selected cluster; determining based on the legitimacy score if the received packet is not legitimate; and applying a mitigation action on the received packet upon determination that the packet is not legitimate.Type: ApplicationFiled: September 19, 2022Publication date: March 21, 2024Applicant: Radware Ltd.Inventors: Ehud DORON, Amnon LOTEM, Gal YEHOSHUA, David AVIV
-
Publication number: 20230396588Abstract: A device and method for configuring a web application firewall (WAF) based on characterization of web attacks are provided. The method includes receiving a plurality of hypertext transfer protocol transactions (HTTP) entities; tokenizing the received plurality of HTTP entities based on at least one delimiter; analyzing statistical distribution of each of the at least one delimiter in the tokenized HTTP entities; training a model based on an analysis of the tokenized HTTP entities, when a sufficient number of HTTP entities have been analyzed; and configuring, based on the trained model, the WAF with at least one detection rule to detect at least malicious HTTP transactions.Type: ApplicationFiled: June 3, 2022Publication date: December 7, 2023Applicant: RADWARE LTD.Inventors: Doron SHAVIT, Amnon LOTEM, Orly Stan BENCHETRIT
-
Patent number: 11785035Abstract: A method for operating at least one log-analytics detection platform for detecting security threats associated with a client network, comprising: obtaining, via a communication network, log files from a client network, each log file comprising a log record associated with a channel and including an outbound communications log; extracting a channel feature set for said channels from said log files, said channel feature set comprises data pertaining to an associated entity, at least one channel feature being behavior of communication over a channel; aggregating said channel associated features for each of the channels into a data repository; generating a risk factor characterized by an entity score for said least one entity associated with entities of said channels; and blocking of communication for said entity when said risk factory is indicative of said entity being a security threat.Type: GrantFiled: April 29, 2022Date of Patent: October 10, 2023Assignee: RADWARE LTD.Inventors: Amnon Lotem, Doron Peri, Aviv Raff
-
Publication number: 20230262096Abstract: Arrangement for hardening cloud security policies of a cloud computing platform includes analyzing a plurality of permission usage maps, one for each cloud entity of a plurality of cloud entities included in the computing platform to discover at least one hardening gap, wherein each hardening gap is at least a difference between permissions granted and permissions used by one of the cloud entities, wherein each of the permission usage maps represents the permissions granted to a respective one of the cloud entities and the permissions used by that respective at least one of the cloud entities; for each discovered hardening gap, computing a risk score designating a potential risk reduction achieved by addressing the hardening gap; generating at least one hardening recommendation for the at least one hardening gap and its respective computed risk score; and applying the at least one hardening recommendation, thereby hardening the cloud computing platform.Type: ApplicationFiled: April 19, 2023Publication date: August 17, 2023Applicant: Radware Ltd.Inventors: Adi RAFF, Amnon LOTEM, Yaniv AMRAM, Leo REZNIK, Tal HALPERN, Nissim PARIENTE
-
Patent number: 11637864Abstract: A method and system for hardening cloud security policies of a cloud computing platform are presented.Type: GrantFiled: June 3, 2019Date of Patent: April 25, 2023Assignee: RADWARE LTD.Inventors: Adi Raff, Amnon Lotem, Yaniv Amram, Leo Reznik, Tal Halpern, Nissim Pariente
-
Publication number: 20220337610Abstract: A method for operating at least one log-analytics detection platform for detecting security threats associated with a client network, comprising: obtaining, via a communication network, log files from a client network, each log file comprising a log record associated with a channel and including an outbound communications log; extracting a channel feature set for said channels from said log files, said channel feature set comprises data pertaining to an associated entity, at least one channel feature being behavior of communication over a channel; aggregating said channel associated features for each of the channels into a data repository; generating a risk factor characterized by an entity score for said least one entity associated with entities of said channels; and blocking of communication for said entity when said risk factory is indicative of said entity being a security threat.Type: ApplicationFiled: April 29, 2022Publication date: October 20, 2022Applicant: RADWARE LTD.Inventors: Amnon LOTEM, Doron PERI, Aviv RAFF
-
Patent number: 11343265Abstract: Log based analysis systems and methods for protecting computers and networks from malicious communications and malware attacks by analyzing log data obtained from client networks having network entities representing business units or customers. The system may further comprise a plurality of client asset machines, each operable to execute a security product associated with a security product vendor and log associated information of the network entities into at least one log file. The log files may be uploaded onto a log-analytics detection platform for analysis using learning algorithms operable to generate a risk factor attribute for at least one entity.Type: GrantFiled: February 7, 2016Date of Patent: May 24, 2022Assignee: Seculert Ltd.Inventors: Amnon Lotem, Doron Peri, Aviv Raff
-
Patent number: 11146581Abstract: A method and system for protecting a cloud computing platform against cyber-attacks are provided. The method includes gathering cloud logs from a cloud computing platform; analyzing, by a plurality of detectors, the cloud logs to detect at least one suspicious behavior, wherein each of the at least one suspicious behavior is identified by a suspect indicator; sequencing suspect indicators into attack sequences; scoring each of the attack sequences with an attack score, wherein each attack is scored using a scoring model; and alerting on each attack sequence having a score higher than a predefined threshold.Type: GrantFiled: December 31, 2018Date of Patent: October 12, 2021Assignee: Radware Ltd.Inventors: Amnon Lotem, Nissim Pariente
-
Patent number: 11089035Abstract: A method and system for predicting subsequent cyber-attacks in attack campaigns are provided. The method includes receiving events data related to cyber-attacks occurring in a network during a predefined time window; extracting at least one sequence from the received events data at least one attack vector; generating a sequence signature for each of the at least one extracted sequence; comparing each sequence signature to a representation of historic sequence signatures to determine at least partially matching sequence signature; and based on the matching sequence, determining at least one subsequent cyber-attack in a respective sequence.Type: GrantFiled: December 11, 2018Date of Patent: August 10, 2021Assignee: Radware Ltd.Inventors: Ehud Doron, Amnon Lotem, Yotam Ben-Ezra, Ami Navon, Nadav Grossaug, Nissim Pariente
-
Patent number: 10984652Abstract: A method and system for modeling and processing vehicular traffic data and information, comprising: (a) transforming a spatial representation of a road network into a network of spatially interdependent and interrelated oriented road sections, for forming an oriented road section network; (b) acquiring a variety of the vehicular traffic data and information associated with the oriented road section network, from a variety of sources; (c) prioritizing, filtering, and controlling, the vehicular traffic data and information acquired from each of the variety of sources; (d) calculating a mean normalized travel time (NTT) value for each oriented road section of said oriented road section network using the prioritized, filtered, and controlled, vehicular traffic data and information associated with each source, for forming a partial current vehicular traffic situation picture associated with each source; (e) fusing the partial current traffic situation picture associated with each source, for generating a single coType: GrantFiled: November 6, 2018Date of Patent: April 20, 2021Assignee: INRIX, Inc.Inventors: Israel Feldman, Arie Trinker, Yochai Meltzer, Allon Eshpar, Amnon Lotem
-
Publication number: 20200259865Abstract: A method and system for hardening cloud security policies of a cloud computing platform are presented.Type: ApplicationFiled: June 3, 2019Publication date: August 13, 2020Applicant: RADWARE, LTD.Inventors: Adi RAFF, Amnon LOTEM, Yaniv AMRAM, Leo REZNIK, Tal HALPERN, Nissim PARIENTE
-
Publication number: 20200213338Abstract: A method and system for protecting a cloud computing platform against cyber-attacks are provided. The method includes gathering cloud logs from a cloud computing platform; analyzing, by a plurality of detectors, the cloud logs to detect at least one suspicious behavior, wherein each of the at least one suspicious behavior is identified by a suspect indicator; sequencing suspect indicators into attack sequences; scoring each of the attack sequences with an attack score, wherein each attack is scored using a scoring model; and alerting on each attack sequence having a score higher than a predefined threshold.Type: ApplicationFiled: December 31, 2018Publication date: July 2, 2020Applicant: RADWARE, LTD.Inventors: Amnon LOTEM, Nissim PARIENTE
-
Patent number: 10409993Abstract: A method for automatically translating a banner information, the method may include receiving by a computer the banner information, wherein the banner information is included in at least one banner and describes an identity of a software product; and translating by the computer the banner information into a unique software product identifier using a content of knowledgebase that comprises an attributes schema and translation rules; wherein each software product is associated with a single unique software product identifier; wherein the unique software product identifier comprises a structured set of attributes; wherein at least one translation rule is a pattern based translation rule; wherein the attributes schema specifies a set of allowable attributes and of allowable values of the attributes.Type: GrantFiled: January 13, 2017Date of Patent: September 10, 2019Assignee: SKYBOX SECURITY LtdInventors: Amnon Lotem, Gideon Cohen, Stav Kaufman
-
Patent number: 10397246Abstract: A crowdsourcing log analysis system and methods for protecting computers and networks from malware attacks by analyzing data log information obtained from a plurality of client network. The client networks are associated with a set of network entities representing a plurality of business units or customers. The system may further comprise a plurality of server machines, each operable to execute a security product associated with a security product vendor and log associated information of at the network entities into at least one log file. The log files may be uploaded onto a breach detection platform for analysis based upon crowdsourcing principles and is operable to generate a risk factor attribute for at least one suspect entity.Type: GrantFiled: June 15, 2015Date of Patent: August 27, 2019Assignee: Radware, Ltd.Inventors: Aviv Raff, Doron Peri, Amnon Lotem
-
Publication number: 20190182274Abstract: A method and system for predicting subsequent cyber-attacks in attack campaigns are provided. The method includes receiving events data related to cyber-attacks occurring in a network during a predefined time window; extracting at least one sequence from the received events data at least one attack vector; generating a sequence signature for each of the at least one extracted sequence; comparing each sequence signature to a representation of historic sequence signatures to determine at least partially matching sequence signature; and based on the matching sequence, determining at least one subsequent cyber-attack in a respective sequence.Type: ApplicationFiled: December 11, 2018Publication date: June 13, 2019Applicant: RADWARE, LTD.Inventors: Ehud DORON, Amnon LOTEM, Yotam BEN-EZRA, Ami NAVON, Nadav GROSSAUG, Nissim PARIENTE
-
Publication number: 20190156661Abstract: A method and system for modeling and processing vehicular traffic data and information, comprising: (a) transforming a spatial representation of a road network into a network of spatially interdependent and interrelated oriented road sections, for forming an oriented road section network; (b) acquiring a variety of the vehicular traffic data and information associated with the oriented road section network, from a variety of sources; (c) prioritizing, filtering, and controlling, the vehicular traffic data and information acquired from each of the variety of sources; (d) calculating a mean normalized travel time (NTT) value for each oriented road section of said oriented road section network using the prioritized, filtered, and controlled, vehicular traffic data and information associated with each source, for forming a partial current vehicular traffic situation picture associated with each source; (e) fusing the partial current traffic situation picture associated with each source, for generating a single coType: ApplicationFiled: November 6, 2018Publication date: May 23, 2019Inventors: Israel FELDMAN, Arie TRINKER, Yochai Meltzer, Allon Eshpar, Amnon Lotem
-
Patent number: 10121366Abstract: A method and system for modeling and processing vehicular traffic data and information, comprising: (a) transforming a spatial representation of a road network into a network of spatially interdependent and interrelated oriented road sections, for forming an oriented road section network; (b) acquiring a variety of the vehicular traffic data and information associated with the oriented road section network, from a variety of sources; (c) prioritizing, filtering, and controlling, the vehicular traffic data and information acquired from each of the variety of sources; (d) calculating a mean normalized travel time (NTT) value for each oriented road section of said oriented road section network using the prioritized, filtered, and controlled, vehicular traffic data and information associated with each source, for forming a partial current vehicular traffic situation picture associated with each source; (e) fusing the partial current traffic situation picture associated with each source, for generating a single coType: GrantFiled: September 21, 2016Date of Patent: November 6, 2018Assignee: INRIX, INC.Inventors: Israel Feldman, Arie Trinker, Yochai Meltzer, Allon Eshpar, Amnon Lotem
-
Patent number: 9569201Abstract: A method for automatically translating a banner information, the method may include receiving by a computer the banner information, wherein the banner information is included in at least one banner and describes an identity of a software product; and translating by the computer the banner information into a unique software product identifier using a content of knowledgebase that comprises an attributes schema and translation rules; wherein each software product is associated with a single unique software product identifier; wherein the unique software product identifier comprises a structured set of attributes; wherein at least one translation rule is a pattern based translation rule; wherein the attributes schema specifies a set of allowable attributes and of allowable values of the attributes.Type: GrantFiled: July 1, 2013Date of Patent: February 14, 2017Assignee: SKYBOX SECURITY INC.Inventors: Amnon Lotem, Gideon Cohen, Stav Kaufman
-
Patent number: 9552725Abstract: A method and system for modeling and processing vehicular traffic data and information, comprising: (a) transforming a spatial representation of a road network into a network of spatially interdependent and interrelated oriented road sections, for forming an oriented road section network; (b) acquiring a variety of the vehicular traffic data and information associated with the oriented road section network, from a variety of sources; (c) prioritizing, filtering, and controlling, the vehicular traffic data and information acquired from each of the variety of sources; (d) calculating a mean normalized travel time (NTT) value for each oriented road section of said oriented road section network using the prioritized, filtered, and controlled, vehicular traffic data and information associated with each source, for forming a partial current vehicular traffic situation picture associated with each source; (e) fusing the partial current traffic situation picture associated with each source, for generating a single coType: GrantFiled: December 1, 2004Date of Patent: January 24, 2017Assignee: INRIX GLOBAL SERVICES LIMITEDInventors: Israel Feldman, Arie Trinker, Yochai Meltzer, Allon Eshpar, Amnon Lotem
-
Publication number: 20170011626Abstract: A method and system for modeling and processing vehicular traffic data and information, comprising: (a) transforming a spatial representation of a road network into a network of spatially interdependent and interrelated oriented road sections, for forming an oriented road section network; (b) acquiring a variety of the vehicular traffic data and information associated with the oriented road section network, from a variety of sources; (c) prioritizing, filtering, and controlling, the vehicular traffic data and information acquired from each of the variety of sources; (d) calculating a mean normalized travel time (NTT) value for each oriented road section of said oriented road section network using the prioritized, filtered, and controlled, vehicular traffic data and information associated with each source, for forming a partial current vehicular traffic situation picture associated with each source; (e) fusing the partial current traffic situation picture associated with each source, for generating a single coType: ApplicationFiled: September 21, 2016Publication date: January 12, 2017Inventors: Israel Feldman, Arie Trinker, Yochai Meltzer, Allon Eshpar, Amnon Lotem