Patents by Inventor Aviv Ron
Aviv Ron has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240205238Abstract: Techniques are provided for generating security response recommendations. In one embodiment, the techniques involve receiving scoring functions, a logical operator selection, a security graph, and external threat intelligence, generating a search pattern based on the scoring functions and the logical operator selection, evaluating the search pattern against a selected node of the security graph to identify a potential security threat represented by the security graph at the selected node, and generating a recommendation based on the evaluation and the external threat intelligence.Type: ApplicationFiled: December 20, 2022Publication date: June 20, 2024Inventors: Aviv RON, Yuval LAPIDOT, Alon FREUND, Bar HAIM, Ilgen Banu YUCEER, Amit HAIM
-
Publication number: 20240152606Abstract: Described are techniques for automated labeling of cybersecurity incidents. The techniques include generating a set of labels for a received cybersecurity incident based on features of the received cybersecurity incident. The techniques further include prioritizing the set of labels to generate a subset of labels, and associating the subset of labels to the received cybersecurity incident.Type: ApplicationFiled: November 3, 2022Publication date: May 9, 2024Inventors: AVIV RON, Eitan Menahem, Anton Puzanov, BAR HAIM, Eitan Chertok, Romy Varga
-
Patent number: 11956257Abstract: A method for classifying domains to malware families includes identifying a corpus of malicious domains, identifying one or more suspicious domains, extracting a timeframe corresponding to the one or more suspicious domains, calculating a rank coefficient between the one or more suspicious domains and a current seed domain of the corpus of malicious domains, determining whether the rank correlation coefficient exceeds a rank threshold for the one or more suspicious domains, comparing a number of suspicious domains whose correlation coefficients exceed the rank threshold to a relation threshold, and responsive to determining the number of suspicious domains whose correlation coefficients exceed the rank threshold exceeds the relation threshold, applying a tag to the suspicious domains indicating that the one or more suspicious domains correspond to a same malware family as the current seed domain.Type: GrantFiled: October 13, 2021Date of Patent: April 9, 2024Assignee: International Business Machines CorporationInventors: Aviv Ron, Alon Freund, Avishay Bartik, David Lazar, Yakov Shay-El Cohen
-
Publication number: 20240038070Abstract: Apparatus, systems, and/or methods may involve reporting a road hazard. Road hazard data may be collected for an object on a road, which may include automatically generated data from a device associated with the object causing a hazard. The road hazard data may be provided to a service, an application, a device, a client, and so on. For example, the road hazard data may be merged with a map and provided to a map services client, a navigation client, and so on. An alert may be generated based on the road hazard data to warn of the hazard caused by the object. The alert may include a visual and/or audio representation of the hazard data. The alert may be used to automatically and/or manually avoid the hazard.Type: ApplicationFiled: October 9, 2023Publication date: February 1, 2024Inventors: Tomer Rider, Aviv Ron, Yair Giwnewer
-
Patent number: 11854393Abstract: Apparatus, systems, and/or methods may involve reporting a road hazard. Road hazard data may be collected for an object on a road, which may include automatically generated data from a device associated with the object causing a hazard. The road hazard data may be provided to a service, an application, a device, a client, and so on. For example, the road hazard data may be merged with a map and provided to a map services client, a navigation client, and so on. An alert may be generated based on the road hazard data to warn of the hazard caused by the object. The alert may include a visual and/or audio representation of the hazard data. The alert may be used to automatically and/or manually avoid the hazard.Type: GrantFiled: March 23, 2021Date of Patent: December 26, 2023Assignee: Intel CorporationInventors: Tomer Rider, Aviv Ron, Yair Giwnewer
-
Publication number: 20230114721Abstract: A method for classifying domains to malware families includes identifying a corpus of malicious domains, identifying one or more suspicious domains, extracting a timeframe corresponding to the one or more suspicious domains, calculating a rank coefficient between the one or more suspicious domains and a current seed domain of the corpus of malicious domains, determining whether the rank correlation coefficient exceeds a rank threshold for the one or more suspicious domains, comparing a number of suspicious domains whose correlation coefficients exceed the rank threshold to a relation threshold, and responsive to determining the number of suspicious domains whose correlation coefficients exceed the rank threshold exceeds the relation threshold, applying a tag to the suspicious domains indicating that the one or more suspicious domains correspond to a same malware family as the current seed domain.Type: ApplicationFiled: October 13, 2021Publication date: April 13, 2023Inventors: AVIV RON, ALON FREUND, AVISHAY BARTIK, David Lazar, Yakov Shay-El Cohen
-
Publication number: 20210280060Abstract: Apparatus, systems, and/or methods may involve reporting a road hazard. Road hazard data may be collected for an object on a road, which may include automatically generated data from a device associated with the object causing a hazard. The road hazard data may be provided to a service, an application, a device, a client, and so on. For example, the road hazard data may be merged with a map and provided to a map services client, a navigation client, and so on. An alert may be generated based on the road hazard data to warn of the hazard caused by the object. The alert may include a visual and/or audio representation of the hazard data. The alert may be used to automatically and/or manually avoid the hazard.Type: ApplicationFiled: March 23, 2021Publication date: September 9, 2021Inventors: Tomer Rider, Aviv Ron, Yair Giwnewer
-
Patent number: 10957194Abstract: Apparatus, systems, and/or methods may involve reporting a road hazard. Road hazard data may be collected for an object on a road, which may include automatically generated data from a device associated with the object causing a hazard. The road hazard data may be provided to a service, an application, a device, a client, and so on. For example, the road hazard data may be merged with a map and provided to a map services client, a navigation client, and so on. An alert may be generated based on the road hazard data to warn of the hazard caused by the object. The alert may include a visual and/or audio representation of the hazard data. The alert may be used to automatically and/or manually avoid the hazard.Type: GrantFiled: October 17, 2017Date of Patent: March 23, 2021Assignee: Intel CorporationInventors: Tomer Rider, Aviv Ron, Yair Giwnewer
-
Patent number: 10826935Abstract: An example operation may include one or more of identifying a page of a website for phishing testing, attempting each of a Hypertext Transfer Protocol (HTTP) GET request and a HTTP Secure (HTTPS) GET request via the identified page of the website, attempting each of a HTTP POST request and a HTTPS POST request via the identified page of the website, determining if the website is a phishing website based on server responses to the attempted HTTP and HTTPS GET requests and the attempted HTTP and HTTPS POST requests received from the website, and in response to determining the website is a phishing website, outputting an indication of the determination for display on a display device.Type: GrantFiled: April 24, 2018Date of Patent: November 3, 2020Assignee: International Business Machines CorporationInventors: Iosif Onut, Aviv Ron, Avishay Bartik, Russell Couturier, Gregor von Bochmann, Guy-Vincent Jourdan, Qian Cui
-
Patent number: 10812352Abstract: A method for producing a list of network domains comprising: producing a graph comprising a plurality of nodes, each associated with one of a plurality of domain names extracted from data captured from a digital communication network, and a plurality of edges, each associated with one or more syntactic correlations, identified in the data, between two of the plurality of domain names, where the one or more syntactic correlations indicate a possible network structure relationship between the two of the plurality of domain names; producing a list of associated domain names according to a plurality of statistical values each assigned to one of the plurality of edges or one of the plurality of nodes according to an amount of respective one or more syntactic correlations; and providing the list of associated domain names to at least one software object to perform a domain-oriented task.Type: GrantFiled: February 17, 2019Date of Patent: October 20, 2020Assignee: International Business Machines CorporationInventors: Avishay Bartik, Alon Freund, Aviv Ron
-
Publication number: 20200267065Abstract: A method for producing a list of network domains comprising: producing a graph comprising a plurality of nodes, each associated with one of a plurality of domain names extracted from data captured from a digital communication network, and a plurality of edges, each associated with one or more syntactic correlations, identified in the data, between two of the plurality of domain names, where the one or more syntactic correlations indicate a possible network structure relationship between the two of the plurality of domain names; producing a list of associated domain names according to a plurality of statistical values each assigned to one of the plurality of edges or one of the plurality of nodes according to an amount of respective one or more syntactic correlations; and providing the list of associated domain names to at least one software object to perform a domain-oriented task.Type: ApplicationFiled: February 17, 2019Publication date: August 20, 2020Inventors: Avishay Bartik, Alon Freund, Aviv Ron
-
Patent number: 10728250Abstract: Aspects of the present invention disclose a method, computer program product, and system for updating a whitelist. The method includes one or more processors identifying candidates for a whitelist based on correlations between candidates and web domains in the whitelist. The method further includes one or more processors extracting textual information and image information from the whitelist candidates. The method further includes one or more processors classifying the candidates for the whitelist into groups of candidates based on a comparison of the extracted information from the whitelist candidates and information associated with the web domains existing in the whitelist. The method further includes one or more processors determining candidates to add to the whitelist based upon a similarity measure ranking between the web domains existing in the whitelist and the candidates for a whitelist. The method further includes one or more processors updating the whitelist to include the determined candidates.Type: GrantFiled: July 31, 2017Date of Patent: July 28, 2020Assignee: International Business Machines CorporationInventors: Avishay Bartik, Alon Freund, Aviv Ron, Shahaf Stein
-
Patent number: 10601866Abstract: A method, computer system, and a computer program product for identifying a phishing attack is provided. The present invention may include receiving an alert of a suspicious URL. The present invention may include making an HTTP request to the suspicious URL. The present invention may include downloading and rendering the suspicious URL content. The present invention may include producing a screenshot of the rendered suspicious URL content. The present invention may include making an HTTP request to a domain landing page. The present invention may include downloading and rendering the domain landing page URL content. The present invention may include producing a screenshot of the rendered domain landing page URL content. The present invention may include generating a score based on comparing the produced first screenshot and the produced second screenshot.Type: GrantFiled: August 23, 2017Date of Patent: March 24, 2020Assignee: International Business Machines CorporationInventors: Avishay Bartik, Alon Freund, Aviv Ron, Shahaf Stein
-
Publication number: 20190327267Abstract: An example operation may include one or more of identifying a page of a website for phishing testing, attempting each of a Hypertext Transfer Protocol (HTTP) GET request and a HTTP Secure (HTTPS) GET request via the identified page of the website, attempting each of a HTTP POST request and a HTTPS POST request via the identified page of the website, determining if the website is a phishing website based on server responses to the attempted HTTP and HTTPS GET requests and the attempted HTTP and HTTPS POST requests received from the website, and in response to determining the website is a phishing website, outputting an indication of the determination for display on a display device.Type: ApplicationFiled: April 24, 2018Publication date: October 24, 2019Inventors: Iosif Onut, Aviv Ron, Avishay Bartik, Russell Couturier, Gregor von Bochmann, Guy-Vincent Jourdan, Qian Cui
-
Patent number: 10419419Abstract: Technologies for sensor action verification include a local computing device to receive a request for the local computing device to perform a sensor action from a remote computing device. The local computing device verifies the received request to confirm that the remote computing device is authorized to request the local computing device to perform the sensor action and performs, by a sensor controller of the local computing device, the requested sensor action in response to verification of the received request. The sensor controller manages operation of one or more sensors of the local computing device. The local computing device transmits a response message to the remote computing device indicating whether the requested sensor action has been performed by the sensor controller of the local computing device.Type: GrantFiled: September 24, 2014Date of Patent: September 17, 2019Assignee: Intel CorporationInventors: David Kaplan, Shahar Taite, Aviv Ron, Tomer Rider
-
Patent number: 10310265Abstract: A head mounted display for displaying computer-generated information in conjunction with a physical display of a computer system is provided. The head mounted display includes a generation logic, a see through display, and a presentation unit. The generation logic is used to generate at least one virtual display. The presentation unit is used to present the at least one virtual display on the see-through display. The see-through display is configured to enable a user of the head mounted display to view the at least one virtual display and the physical display in a real-world scene. The at least one virtual display is presented on the see-through display as an additional object in the real-world scene, and the at least one virtual display is used in conjunction with the physical display to present the computer-generated information in an extended desktop from a visual perspective of the user.Type: GrantFiled: December 27, 2013Date of Patent: June 4, 2019Assignee: INTEL CORPORATIONInventors: Yair Giwnewer, Tomer Rider, Aviv Ron, Yevgeniy Kiveisha, Minghao Jiang
-
Publication number: 20190068638Abstract: A method, computer system, and a computer program product for identifying a phishing attack is provided. The present invention may include receiving an alert of a suspicious URL. The present invention may include making an HTTP request to the suspicious URL. The present invention may include downloading and rendering the suspicious URL content. The present invention may include producing a screenshot of the rendered suspicious URL content. The present invention may include making an HTTP request to a domain landing page. The present invention may include downloading and rendering the domain landing page URL content. The present invention may include producing a screenshot of the rendered domain landing page URL content. The present invention may include generating a score based on comparing the produced first screenshot and the produced second screenshot.Type: ApplicationFiled: August 23, 2017Publication date: February 28, 2019Inventors: Avishay Bartik, Alon Freund, Aviv Ron, Shahaf Stein
-
Publication number: 20190036930Abstract: Aspects of the present invention disclose a method, computer program product, and system for updating a whitelist. The method includes one or more processors identifying candidates for a whitelist based on correlations between candidates and web domains in the whitelist. The method further includes one or more processors extracting textual information and image information from the whitelist candidates. The method further includes one or more processors classifying the candidates for the whitelist into groups of candidates based on a comparison of the extracted information from the whitelist candidates and information associated with the web domains existing in the whitelist. The method further includes one or more processors determining candidates to add to the whitelist based upon a similarity measure ranking between the web domains existing in the whitelist and the candidates for a whitelist. The method further includes one or more processors updating the whitelist to include the determined candidates.Type: ApplicationFiled: July 31, 2017Publication date: January 31, 2019Inventors: Avishay Bartik, Alon Freund, Aviv Ron, Shahaf Stein
-
Publication number: 20180286234Abstract: Apparatus, systems, and/or methods may involve reporting a road hazard. Road hazard data may be collected for an object on a road, which may include automatically generated data from a device associated with the object causing a hazard. The road hazard data may be provided to a service, an application, a device, a client, and so on. For example, the road hazard data may be merged with a map and provided to a map services client, a navigation client, and so on. An alert may be generated based on the road hazard data to warn of the hazard caused by the object. The alert may include a visual and/or audio representation of the hazard data. The alert may be used to automatically and/or manually avoid the hazard.Type: ApplicationFiled: October 17, 2017Publication date: October 4, 2018Applicant: INTEL CORPORATIONInventors: TOMER RIDER, AVIV RON, YAIR GIWNEWER
-
Publication number: 20180227321Abstract: A method and system for calculating and ascribing reputation scores to Domain Name System (DNS) domain names, the method including capturing domain names appearing in a network during a predefined time frame and extracting features of each of the captured domain names, and calculating a reputation score for each of the captured domain names by assessing an expected life duration of each of the captured domain names based on the domain name features.Type: ApplicationFiled: February 5, 2017Publication date: August 9, 2018Inventors: ALON FREUND, YOSSI GILAD, ODED MARGALIT, AVIV RON