Patents by Inventor Asaf Karelsbad
Asaf Karelsbad has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11886591Abstract: There is provided a system and a computerized method of remediating one or more operations linked to a given program running in an operating system, the method comprising: querying a stateful model to retrieve a group of entities related to the given program; terminating at least a sub set of the group of entities related to the given program; generating a remediation plan including one or more operations linked to the given program, the one or more operations being retrieved based on the group in the stateful model; and executing the remediation plan by undoing at least part of the one or more operations linked to the given program thereby restoring state of the operating system to a state prior to the given program being executed. There is further provided a computerized method of detecting malicious code related to a program in an operating system in a live environment.Type: GrantFiled: October 18, 2022Date of Patent: January 30, 2024Assignee: SENTINEL LABS ISRAEL LTD.Inventors: Almog Cohen, Tomer Weingarten, Shlomi Salem, Nir Izraeli, Asaf Karelsbad
-
Publication number: 20230185917Abstract: There is provided a system and a computerized method of remediating one or more operations linked to a given program running in an operating system, the method comprising: querying a stateful model to retrieve a group of entities related to the given program; terminating at least a sub set of the group of entities related to the given program; generating a remediation plan including one or more operations linked to the given program, the one or more operations being retrieved based on the group in the stateful model; and executing the remediation plan by undoing at least part of the one or more operations linked to the given program thereby restoring state of the operating system to a state prior to the given program being executed. There is further provided a computerized method of detecting malicious code related to a program in an operating system in a live environment.Type: ApplicationFiled: October 18, 2022Publication date: June 15, 2023Inventors: Almog Cohen, Tomer Weingarten, Shlomi Salem, Nir Izraeli, Asaf Karelsbad
-
Patent number: 11507663Abstract: There is provided a method for generating a representation for behavior similarity comparison by generating a program-level stateful model of one or more entities in a computer operating system operating on a computer system, the program-level stateful model having a data structure representing a state of a program; generating an updated representation of the program based on the program-level stateful model; searching for at least one other representation of another program-level stateful model similar to the updated representation of the program; and comparing the updated representation of the program to the at least one other representation of another program-level stateful model.Type: GrantFiled: March 1, 2021Date of Patent: November 22, 2022Assignee: Sentinel Labs Israel Ltd.Inventors: Almog Cohen, Tomer Weingarten, Shlomi Salem, Nir Izraeli, Asaf Karelsbad
-
Publication number: 20210397710Abstract: There is provided a system and a computerized method of remediating one or more operations linked to a given program running in an operating system, the method comprising: querying a stateful model to retrieve a group of entities related to the given program; terminating at least a sub set of the group of entities related to the given program; generating a remediation plan including one or more operations linked to the given program, the one or more operations being retrieved based on the group in the stateful model; and executing the remediation plan by undoing at least part of the one or more operations linked to the given program thereby restoring state of the operating system to a state prior to the given program being executed. There is further provided a computerized method of detecting malicious code related to a program in an operating system in a live environment.Type: ApplicationFiled: March 1, 2021Publication date: December 23, 2021Inventors: Almog Cohen, Tomer Weingarten, Shlomi Salem, Nir Izraeli, Asaf Karelsbad
-
Patent number: 10977370Abstract: There is provided a system comprising a processor operatively connected to a memory, the memory comprising: a program-level stateful model configured to model one or more entities in a computer operating system operating on the computer system, the program-level stateful model comprising: a data structure representing a state of a program, wherein the data structure comprises: a network of one or more interconnected objects representing the one or more entities constituting the program, wherein the one or more interconnected objects are derived from a sequence of operations performed in a live environment; one or more relationships among the one or more interconnected objects and the sequences of operations; and one or more object groups, wherein the one or more object groups are formed by dividing the one or more interconnected objects according to a predefined grouping rule set, and wherein each group of the one or more object groups comprises objects representing a corresponding group of entities related tType: GrantFiled: August 7, 2019Date of Patent: April 13, 2021Assignee: Sentinel Labs Israel Ltd.Inventors: Almog Cohen, Tomer Weingarten, Shlomi Salem, Nir Izraeli, Asaf Karelsbad
-
Publication number: 20200143054Abstract: There is provided a system and a computerized method of remediating one or more operations linked to a given program running in an operating system, the method comprising: querying a stateful model to retrieve a group of entities related to the given program; terminating at least a sub set of the group of entities related to the given program; generating a remediation plan including one or more operations linked to the given program, the one or more operations being retrieved based on the group in the stateful model; and executing the remediation plan by undoing at least part of the one or more operations linked to the given program thereby restoring state of the operating system to a state prior to the given program being executed. There is further provided a computerized method of detecting malicious code related to a program in an operating system in a live environment.Type: ApplicationFiled: August 7, 2019Publication date: May 7, 2020Inventors: Almog Cohen, Tomer Weingarten, Shlomi Salem, Nir Izraeli, Asaf Karelsbad
-
Patent number: 10417424Abstract: There is provided a system and a computerized method of remediating one or more operations linked to a given program running in an operating system, the method comprising: querying a stateful model to retrieve a group of entities related to the given program; terminating at least a sub set of the group of entities related to the given program; generating a remediation plan including one or more operations linked to the given program, the one or more operations being retrieved based on the group in the stateful model; and executing the remediation plan by undoing at least part of the one or more operations linked to the given program thereby restoring state of the operating system to a state prior to the given program being executed. There is further provided a computerized method of detecting malicious code related to a program in an operating system in a live environment.Type: GrantFiled: September 14, 2018Date of Patent: September 17, 2019Assignee: Sentinel Labs Israel Ltd.Inventors: Almog Cohen, Tomer Weingarten, Shlomi Salem, Nir Izraeli, Asaf Karelsbad
-
Publication number: 20190114426Abstract: There is provided a system and a computerized method of remediating one or more operations linked to a given program running in an operating system, the method comprising: querying a stateful model to retrieve a group of entities related to the given program; terminating at least a sub set of the group of entities related to the given program; generating a remediation plan including one or more operations linked to the given program, the one or more operations being retrieved based on the group in the stateful model; and executing the remediation plan by undoing at least part of the one or more operations linked to the given program thereby restoring state of the operating system to a state prior to the given program being executed. There is further provided a computerized method of detecting malicious code related to a program in an operating system in a live environment.Type: ApplicationFiled: September 14, 2018Publication date: April 18, 2019Inventors: Almog Cohen, Tomer Weingarten, Shlomi Salem, Nir Izraeli, Asaf Karelsbad
-
Patent number: 10102374Abstract: There is provided a system and a computerized method of remediating a given program running in an operating system, the method comprising: querying a stateful model to retrieve a group of entities related to the given program; terminating at least a sub set of the group of entities related to the given program; generating a remediation plan including one or more operations linked to the given program, the one or mare operations being retrieved based on the group in the stateful model; and executing the remediation plan by undoing at least part of the one or more operations linked to the given program thereby restoring state of the operating system to a state prior to the given program being executed. There is further provided a computerized method of detecting malicious code related to a program in an operating system in a live environment.Type: GrantFiled: October 13, 2016Date of Patent: October 16, 2018Assignee: Sentinel Labs Israel Ltd.Inventors: Almog Cohen, Tomer Weingarten, Shlomi Salem, Nir Izraeli, Asaf Karelsbad