Patents by Inventor Amos Zamir
Amos Zamir has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11921881Abstract: Systems and methods for protecting data including user data. A recommendation service is disclosed that receives verifiable claims from a user. A verifiable output is generated from the verifiable claims. The verifiable output can be provided to service providers and allows the service providers to personalize their services to the user. The user's data is protected and exposure of the user's data is controlled by the user.Type: GrantFiled: August 1, 2019Date of Patent: March 5, 2024Assignee: EMC IP HOLDING COMPANY LLCInventors: Amos Zamir, Kfir Wolfson, Jehuda Shemer
-
Patent number: 11675913Abstract: One example method includes packaging a containerized application into at least two images. The first image may include the main application and the second image includes a decryptor. Sensitive information associated with the application is encrypted and included in the second image. The decryptor operates separately from the main application. After the decryptor successfully completes, the main application is run. The main application may include a copier layer to copy any data decrypted by the decryptor into the main application.Type: GrantFiled: September 18, 2020Date of Patent: June 13, 2023Assignee: EMC IP HOLDING COMPANY LLCInventors: Kfir Wolfson, Jehuda Shemer, Stav Sapir, Amos Zamir, Naor Radami
-
Patent number: 11663342Abstract: One example method includes inserting a signal layer in an image, the signal layer indicating that a sensitive layer in the image is a candidate for encryption, creating a single layer archive file that includes the sensitive layer, encrypting the single layer archive file to create an encrypted layer, constructing a new image that includes the encrypted layer, inserting, in the new image, a decryptor layer that is operable to decrypt the encrypted layer, and designating the decryptor layer as an entry point of the new image.Type: GrantFiled: June 30, 2022Date of Patent: May 30, 2023Assignee: EMC IP HOLDING COMPANY LLCInventors: Kfir Wolfson, Jehuda Shemer, Stav Sapir, Amos Zamir, Naor Radami
-
Publication number: 20220335138Abstract: One example method includes inserting a signal layer in an image, the signal layer indicating that a sensitive layer in the image is a candidate for encryption, creating a single layer archive file that includes the sensitive layer, encrypting the single layer archive file to create an encrypted layer, constructing a new image that includes the encrypted layer, inserting, in the new image, a decryptor layer that is operable to decrypt the encrypted layer, and designating the decryptor layer as an entry point of the new image.Type: ApplicationFiled: June 30, 2022Publication date: October 20, 2022Inventors: Kfir Wolfson, Jehuda Shemer, Stav Sapir, Amos Zamir, Naor Radami
-
Publication number: 20220318409Abstract: Masking a data rate of transmitted data is disclosed. As data is transmitted from a production site to a secondary site, the data rate is masked. Masking the data rate can include transmitting at a fixed rate, a random rate, or an adaptive rate. Each mode of data transmission masks or obscures the actual data rate and thus prevents others from gaining information about the data or the data owner from the data transfer rate.Type: ApplicationFiled: June 17, 2022Publication date: October 6, 2022Inventors: Amos Zamir, Jehuda Shemer, Kfir Wolfson
-
Patent number: 11455405Abstract: One example method includes inserting a signal layer in an image, the signal layer indicating that a sensitive layer in the image is a candidate for encryption, creating a single layer archive file that includes the sensitive layer, encrypting the single layer archive file to create an encrypted layer, constructing a new image that includes the encrypted layer, inserting, in the new image, a decryptor layer that is operable to decrypt the encrypted layer, and designating the decryptor layer as an entry point of the new image.Type: GrantFiled: August 7, 2020Date of Patent: September 27, 2022Assignee: EMC IP HOLDING COMPANY LLCInventors: Kfir Wolfson, Jehuda Shemer, Stav Sapir, Amos Zamir, Naor Radami
-
Patent number: 11379559Abstract: One example method includes bringing up a clone application in a validation environment, replaying recorded incoming network traffic to the clone application, obtaining a response of the clone application to the incoming network traffic, comparing the response of the clone application to recorded outgoing network traffic of the production application, and making a validation determination regarding the clone application, based on the comparison of the response of the clone application to recorded outgoing network traffic of the production application. When the clone application is not validated, the example method includes identifying and resolving a problem relating to the clone application.Type: GrantFiled: July 10, 2018Date of Patent: July 5, 2022Assignee: EMC IP HOLDING COMPANY LLCInventors: Oron Golan, Aviram Fireberger, Amos Zamir, Kfir Wolfson, Jehuda Shemer
-
Patent number: 11379595Abstract: Masking a data rate of transmitted data is disclosed. As data is transmitted from a production site to a secondary site, the data rate is masked. Masking the data rate can include transmitting at a fixed rate, a random rate, or an adaptive rate. Each mode of data transmission masks or obscures the actual data rate and thus prevents others from gaining information about the data or the data owner from the data transfer rate.Type: GrantFiled: January 16, 2020Date of Patent: July 5, 2022Assignee: EMC IP HOLDING COMPANY LLCInventors: Amos Zamir, Jehuda Shemer, Kfir Wolfson
-
Patent number: 11290492Abstract: Embodiments for detecting malicious modification of data in a network, by: setting, by a first layer of network resources, a number of markers associated with input/output (I/O) operations of the network; saving the markers, location, and associated metadata in a marker database; reading, by a second layer of the network resources, the markers corresponding to relevant I/O operations; and verifying each scanned I/O operation against a corresponding marker to determine whether or not data for a scanned specific I/O operation has been improperly modified for the first and second layers and any intermediate layer resulting in a fault condition, and if so, taking remedial action to flag or abort the specific I/O operation.Type: GrantFiled: April 26, 2019Date of Patent: March 29, 2022Assignee: EMC IP Holding Company LLCInventors: Kfir Wolfson, Udi Shemer, Amos Zamir
-
Publication number: 20220092192Abstract: One example method includes packaging a containerized application into at least two images. The first image may include the main application and the second image includes a decryptor. Sensitive information associated with the application is encrypted and included in the second image. The decryptor operates separately from the main application. After the decryptor successfully completes, the main application is run. The main application may include a copier layer to copy any data decrypted by the decryptor into the main application.Type: ApplicationFiled: September 18, 2020Publication date: March 24, 2022Inventors: Kfir Wolfson, Jehuda Shemer, Stav Sapir, Amos Zamir, Naor Radami
-
Publication number: 20220043916Abstract: One example method includes inserting a signal layer in an image, the signal layer indicating that a sensitive layer in the image is a candidate for encryption, creating a single layer archive file that includes the sensitive layer, encrypting the single layer archive file to create an encrypted layer, constructing a new image that includes the encrypted layer, inserting, in the new image, a decryptor layer that is operable to decrypt the encrypted layer, and designating the decryptor layer as an entry point of the new image.Type: ApplicationFiled: August 7, 2020Publication date: February 10, 2022Inventors: Kfir Wolfson, Jehuda Shemer, Stav Sapir, Amos Zamir, Naor Radami
-
Publication number: 20210223964Abstract: Masking a data rate of transmitted data is disclosed. As data is transmitted from a production site to a secondary site, the data rate is masked. Masking the data rate can include transmitting at a fixed rate, a random rate, or an adaptive rate. Each mode of data transmission masks or obscures the actual data rate and thus prevents others from gaining information about the data or the data owner from the data transfer rate.Type: ApplicationFiled: January 16, 2020Publication date: July 22, 2021Inventors: Amos Zamir, Jehuda Shemer, Kfir Wolfson
-
Patent number: 11005886Abstract: Network level Moving Target Defense techniques are provided with substantially continuous access to protected applications. An exemplary method comprises identifying a first application listening to a first port or a first network address; notifying the first application to listen to a second port or a second network address; notifying at least one additional application that the first application is listening to the second port or the second network address; and notifying the first application to unlisten to the first port or the first network address, wherein the first application operates in a substantially continuous manner during a change from listening to one or more of the first port and the first network address and listening to one or more of the second port and the second network address. The first application can be a stateful application having persistent storage.Type: GrantFiled: September 28, 2018Date of Patent: May 11, 2021Assignee: EMC IP Holding Company LLCInventors: Amos Zamir, Oron Golan, Jehuda Shemer, Kfir Wolfson
-
Patent number: 10951651Abstract: A plurality of containers related to one or more containerized applications are managed by monitoring an execution of the one or more containers; determining that a given one of the one or more containers exhibits anomalous behavior; and in response to the determining, adjusting a retention time of the given container, wherein the retention time of the given container determines when the given container is one or more of terminated and changes role to a honeypot container. The anomalous behavior comprises, for example, the given container exhibiting behavior that is different than a learned baseline model of the given container or including program code consistent with malicious activity. An alert notification of the anomalous behavior is optionally generated. The retention time of the given container can be adjusted for example, to an interval between deployment of the given container and the time the anomalous behavior is detected.Type: GrantFiled: October 30, 2017Date of Patent: March 16, 2021Assignee: EMC IP Holding Company LLCInventors: Oron Golan, Raul Shnier, Amos Zamir, Aviram Fireberger, Yevgeni Gehtman
-
Publication number: 20210034778Abstract: Systems and methods for protecting data including user data. A recommendation service is disclosed that receives verifiable claims from a user. A verifiable output is generated from the verifiable claims. The verifiable output can be provided to service providers and allows the service providers to personalize their services to the user. The user's data is protected and exposure of the user's data is controlled by the user.Type: ApplicationFiled: August 1, 2019Publication date: February 4, 2021Inventors: Amos Zamir, Kfir Wolfson, Jehuda Shemer
-
Patent number: 10855709Abstract: A tracing mechanism is provided for analyzing session-based attacks. An exemplary method comprises: detecting a potential attack associated with a session from a potential attacker based on predefined anomaly detection criteria; adding a tracing flag identifier to a response packet; sending a notification to a cloud provider of the potential attack, wherein the notification comprises the tracing flag identifier; and sending the response packet to the potential attacker, wherein, in response to receiving the response packet with the tracing flag identifier, the cloud provider: determines a source of the potential attack based on a destination of the response packet; forwards the response packet to the potential attacker based on the destination of the response packet; and monitors the determined source to evaluate the potential attack. The response packet is optionally delayed by a predefined time duration and/or until the cloud provider has acknowledged receipt of the notification.Type: GrantFiled: July 19, 2018Date of Patent: December 1, 2020Assignee: EMC IP Holding Company LLCInventors: Kfir Wolfson, Jehuda Shemer, Aviram Fireberger, Amos Zamir, Oron Golan
-
Publication number: 20200344264Abstract: Embodiments for detecting malicious modification of data in a network, by: setting, by a first layer of network resources, a number of markers associated with input/output (I/O) operations of the network; saving the markers, location, and associated metadata in a marker database; reading, by a second layer of the network resources, the markers corresponding to relevant I/O operations; and verifying each scanned I/O operation against a corresponding marker to determine whether or not data for a scanned specific I/O operation has been improperly modified for the first and second layers and any intermediate layer resulting in a fault condition, and if so, taking remedial action to flag or abort the specific I/O operation.Type: ApplicationFiled: April 26, 2019Publication date: October 29, 2020Inventors: Kfir Wolfson, Udi Shemer, Amos Zamir
-
Patent number: 10791144Abstract: The life cycle of one or more containers related to one or more containerized applications is managed by determining that a predefined retention time for a first container of the plurality of containers has elapsed; in response to the determining, performing the following honeypot container creation steps: suspending new session traffic to the first container; maintaining the first container as a honeypot container; and identifying communications sent to the honeypot container as an anomalous communication. Alert notifications are optionally generated for the anomalous communication.Type: GrantFiled: October 30, 2017Date of Patent: September 29, 2020Assignee: EMC IP Holding Company LLCInventors: Oron Golan, Raul Shnier, Aviram Fireberger, Amos Zamir, Yevgeni Gehtman
-
Patent number: 10715554Abstract: Existing policies enforced at or above an operating system (OS) layer of a device are obtained. Translation rules are stored that include data structure descriptions of conditions, corresponding actions performed when the conditions are satisfied, and attributes specified in the existing policies, and attributes of one or more layers below the OS layer that are relevant to policy enforcement in the one or more layers below the OS layer. The existing policies are parsed using the data structure descriptions to identify the conditions, corresponding actions, and attributes specified in the existing policies. New policies are generated that are consistent with the existing policies. The new policies include the identified attributes specified in the existing policies and the attributes relevant to policy enforcement in the one or more layers below the OS layer. The new policies are enforced in the one or more layers below the OS layer.Type: GrantFiled: September 26, 2018Date of Patent: July 14, 2020Assignee: EMC IP Holding Company LLCInventors: Oron Golan, Kfir Wolfson, Amos Zamir, Aviram Fireberger, Udi Shemer
-
Publication number: 20200106807Abstract: Network level Moving Target Defense techniques are provided with substantially continuous access to protected applications. An exemplary method comprises identifying a first application listening to a first port or a first network address; notifying the first application to listen to a second port or a second network address; notifying at least one additional application that the first application is listening to the second port or the second network address; and notifying the first application to unlisten to the first port or the first network address, wherein the first application operates in a substantially continuous manner during a change from listening to one or more of the first port and the first network address and listening to one or more of the second port and the second network address. The first application can be a stateful application having persistent storage.Type: ApplicationFiled: September 28, 2018Publication date: April 2, 2020Inventors: Amos Zamir, Oron Golan, Jehuda Shemer, Kfir Wolfson