Patents by Inventor David Aviv
David Aviv has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240396932Abstract: A method and device for generating application-layer signatures characterizing advanced application-layer attacks are provided. The method includes computing, based on applicative peacetime baseline distributions and attack distributions of applicative attributes included in application-layer transactions directed to a protected entity, an attacker probability of an attacker executing an ongoing application-layer attack; comparing the attacker probability computed for each of the applicative attributes to a dynamic attacker probability threshold; and including in an application-layer signature eligible applicative attributes having an attacker probability higher than the dynamic attacker threshold, wherein the application-layer signature includes an inclusive section and an exclusive section, and wherein the application-layer signature is indicative of an ongoing attack based on one of the exclusive section and the inclusive section.Type: ApplicationFiled: August 5, 2024Publication date: November 28, 2024Applicant: Radware Ltd.Inventors: Ehud DORON, Alon TAMIR, David AVIV
-
Publication number: 20240396933Abstract: A method and device for finetuning application-layer signatures are provided. The method includes operating a false negative (FN) feedback process to finetune the application-layer signature; and operating a false positive (FP) feedback process on the application-layer signature finetuned by the FN feedback process to generate a finetuned application-layer signature to reduce a false negative rate, wherein the finetune feedback process is performed while reducing estimated egress traffic below a predefined threshold and an imposed FP rate below a pre-defined FP rate threshold.Type: ApplicationFiled: August 5, 2024Publication date: November 28, 2024Applicant: Radware Ltd.Inventors: Ehud DORON, Alon TAMIR, David AVIV
-
Publication number: 20240297899Abstract: A system and method for learning attack-safe baselines are provided. The method includes receiving application-layer transactions directed to a protected entity; measuring values of a rate-based attribute and a rate-invariant attribute from the received application-layer transactions; determining, based on the measured rate-based attribute, if the received application-layer transactions represent a normal behavior; computing at least one baseline using application-layer transactions determined to represent the normal behavior; validating the at least one computed baseline using the measured rate-invariant attribute and rate-based attribute; and building a set of baselines based on the at least one validated baseline, wherein the set of baselines are utilized for characterization of DDoS attacks.Type: ApplicationFiled: December 28, 2023Publication date: September 5, 2024Applicant: Radware Ltd.Inventors: Ehud DORON, Alon TAMIR, David AVIV
-
Publication number: 20240244079Abstract: A method of characterization of requests using dynamic applicative signatures. The method comprises determining a plurality of different attributes of requests received during an on-going DDOS attack; clustering at least one attribute of the plurality of different attributes, wherein the clustering is based on values of the plurality of different attributes; obtaining at least one dynamic applicative signature characterizing operation of an application layer flood attack tool; matching the cluster of the at least one attribute to each of the at least one obtained dynamic applicative signature; and causing a mitigation action when there is a match to the at least one obtained dynamic applicative signature.Type: ApplicationFiled: February 15, 2024Publication date: July 18, 2024Applicant: Radware Ltd.Inventors: Ehud DORON, Koral HAHAM, David AVIV
-
Publication number: 20240239374Abstract: Embodiments of the present disclosure relate to behavior planning for autonomous vehicles. The technology described herein selects a preferred trajectory for an autonomous vehicle based on an evaluation of multiple hypothetical trajectories by different components within a planning system. The various components provide an optimization score for each trajectory according to the priorities of the component and scores from multiple components may form a final optimization score. This scoring system allows the competing priorities (e.g., comfort, minimal travel time, fuel economy) of different components to be considered together. In examples, the trajectory with the best combined score may be selected for implementation. As such, an iterative approach that evaluates various factors may be used to identify an optimal or preferred trajectory for an autonomous vehicle when navigating an environment.Type: ApplicationFiled: March 28, 2024Publication date: July 18, 2024Inventors: David Nister, Yizhou Wang, Julia Ng, Rotem Aviv, Seungho Lee, Joshua John Bialkowski, Hon Leung Lee, Hermes Lanker, Raul Correal Tezanos, Zhenyi Zhang, Nikolai Smolyanskiy, Alexey Kamenev, Ollin Boer Bohan, Anton Vorontsov, Miguel Sainz Serra, Birgit Henke
-
Publication number: 20240223599Abstract: The various disclosed embodiments include a method and system for generating application-layer signatures characterizing advanced application-layer attacks are provided. The method includes determining applicative baseline distributions of attributes included in transactions directed to a protected entity during peacetime; determining attack distributions of applicative attributes included in transactions directed to a protected entity during an on-going application-layer attack; determining, based on the applicative baseline distributions and the attack distributions of applicative attributes, a probability of an attacker executing the on-going application-layer attack to generate an attack using at least one attribute; and generating an application-layer signature designating applicative attributes determined to be eligible based on their respective probabilities, wherein the application-layer signature characterizes behavior of the attacker executing the on-going application-layer attack.Type: ApplicationFiled: March 1, 2023Publication date: July 4, 2024Applicant: Radware Ltd.Inventors: Ehud DORON, Alon TAMIR, David AVIV
-
Patent number: 12003531Abstract: A system and method for detecting cyber-attacks using quantile regression analysis are disclosed. The method includes: identifying at least one hit quantile out of a plurality of quantiles, wherein the at least one identified hit quantile falls within quantile edges of a sample of traffic directed at a protected entity, wherein each of the plurality of quantiles is characterized by a probability distribution of at least one feature of a data stream, each of the plurality of quantiles having a respective probability estimate; updating the probability estimates of the plurality of quantiles when the at least one hit quantile has been identified; and when the probability estimate of the at least one hit quantile is above a threshold, taking an action to mitigate existence of a cyber-attack.Type: GrantFiled: April 5, 2023Date of Patent: June 4, 2024Assignee: Radware Ltd.Inventors: Lev Medvedovsky, David Aviv
-
Patent number: 11997206Abstract: A system and method for identity-based access admission are provided. The method includes generating in a browser of a client device a unique identity key for the browser, wherein the identity key is generated in an internal frame (iFrame) thread, is executed in a main thread of the browser, and wherein the identity key includes a fingerprint characterizing in part the browser and the client device, an internet protocol address of the client device, and a public-encryption key; and registering the identity key with an admission controller, wherein access to a protected entity by the client device is enforced using the identity key.Type: GrantFiled: September 22, 2021Date of Patent: May 28, 2024Assignee: RADWARE, LTD.Inventors: Alon Tamir, Amir Marmor, David Aviv
-
Publication number: 20240169061Abstract: A system and method for learning attack-safe baseline are provided. The method includes receiving application-layer transactions directed to a protected entity; measuring values of a rate-based attribute and a rate-invariant attribute from the received application-layer transactions; determining, based on the measured rate-based attribute, if the received application-layer transactions represent a normal behavior; computing at least one baseline using application-layer transactions determined to represent the normal behavior; and validating the at least one computed baseline using the measured rate-invariant attribute and rate-based attribute.Type: ApplicationFiled: December 28, 2023Publication date: May 23, 2024Applicant: Radware Ltd.Inventors: Ehud DORON, Alon TAMIR, David AVIV
-
Publication number: 20240171607Abstract: A method and system for detecting application layer flood denial-of-service (DDoS) attacks carried by attackers utilizing advanced application layer flood attack tools are provided.Type: ApplicationFiled: November 23, 2022Publication date: May 23, 2024Applicant: Radware Ltd.Inventors: Ehud DORON, Alon TAMIR, David AVIV
-
Patent number: 11991205Abstract: A method and system for protecting cloud-hosted applications against application-layer slow DDoS attacks are provided. The system include a processing circuitry; and a memory connected to the processor, the memory contains instructions that when executed by the processing circuitry, configure the system to: collect telemetries from a plurality of sources deployed in a plurality of public cloud computing platforms, wherein each of the plurality of public cloud computing platforms hosts an instance of a protected cloud-hosted application; provide a set of rate-based and rate-invariant features based on the collected telemetries; evaluate each feature in the set of rate-based and rate-invariant features to determine whether a behavior of each feature and a behavior of the set of rate-based and rate-invariant features indicate a potential application-layer slow DDoS attack; and cause execution of a mitigation action, when an indication of a potential application-layer slow DDoS attack is determined.Type: GrantFiled: December 23, 2020Date of Patent: May 21, 2024Assignee: RADWARE, LTD.Inventors: Ehud Doron, Nir Ilani, David Aviv, Yotam Ben Ezra, Amit Bismut, Yuriy Arbitman
-
Publication number: 20240163309Abstract: A system and method for detecting HTTPS flood cyber-attacks. A method includes deriving traffic features from incoming traffic directed to a protected entity; determining if the derived traffic features represent at least one traffic anomaly, wherein the traffic anomaly is a deviation from at least one baseline, wherein the baseline is a normal distribution of traffic features of legitimate incoming traffic; upon determining that the derived traffic features represent at least one anomaly, determining if the anomaly characterizes an on-going HTTPS flood cyber-attack; upon determining that there is the on-going HTTPS flood cyber-attack, populating a list of suspect source internet protocol (IP) addresses of devices triggered detection of the anomaly; challenging each device in the list of suspect source IP addresses to determine if a challenged device is an attack tool; and causing execution of a mitigation action on each client device determined to be an attack tool.Type: ApplicationFiled: July 12, 2023Publication date: May 16, 2024Applicant: Radware Ltd.Inventors: David AVIV, Ehud DORON, Gabi NAKIBLY
-
Patent number: 11985116Abstract: A system and method for controlling authorization to a protected entity are provided. The method includes: receiving an access request for access to the protected entity, wherein the access request is received from a client device; in response to the access request, causing the client device to perform an admission process that includes performing at least one game; monitoring a distributed database to identify at least one admission transaction designating admission criteria; determining if the admission criteria satisfy a set of conditions for accessing the protected entity; identifying, on the distributed database, completion results of the at least one game, wherein whether the admission criteria satisfies the set of conditions for accessing the protected entity is determined based on the results of the at least one game; and granting access to the protected entity by the client device when the admission criteria satisfies the set of conditions.Type: GrantFiled: August 20, 2021Date of Patent: May 14, 2024Assignee: RADWARE, LTD.Inventors: Alon Lelcuk, David Aviv
-
Patent number: 11979407Abstract: A method for protecting entities against bots is provided. The method includes identifying a request from a client to access a protected entity; selecting an access policy in response to the access request, wherein the access policy includes at least one challenge to be performed by the client; identifying results of the at least one challenge, wherein the results are provided by the client upon completion of the challenge; determining a bias of the client based on the completion results, wherein the determined bias is utilized for a cyber-security assessment of the client; and granting access to the protected entity by the client based on the determined bias.Type: GrantFiled: May 10, 2023Date of Patent: May 7, 2024Assignee: RADWARE, LTD.Inventors: Alon Lelcuk, David Aviv
-
Publication number: 20240137386Abstract: A method for characterizing application layer denial-of-service (DDoS) attacks comprises generating a plurality of dynamic applicative signatures by analyzing at the application layer application layer requests received during an on-going DDoS attack, a dynamic applicative signature characterizing each received request based on frequent application layer attributes appearing in the received requests, wherein the requests are represented as a set of paraphrases, each paraphrase representing a specific aspect of a request's structure, the frequent application layer attributes being determined based on frequency of paraphrases in the set; characterizing each of the received requests based on one of the dynamic applicative signatures, the characterization providing an indication for each request whether a request is generated by an attack tool executing the on-going DDoS attack; and causing a mitigation action on the received request generated by the attack tool based on the generated dynamic applicative signaturType: ApplicationFiled: December 26, 2023Publication date: April 25, 2024Applicant: Radware Ltd.Inventors: Ehud DORON, Koral HAHAM, David AVIV
-
Patent number: 11943224Abstract: Arrangements for controlling access to a protected entity include receiving a redirected client request to access the protected entity that includes a public key of the client; granting, in response to the received redirected request, access tokens of a first type to a client using the public key of the client; identifying a conversion transaction identifying a request to convert the first type of access tokens with access tokens of a second type, the transaction designating the protected entity; determining a conversion value for converting the first-type access tokens into second-type access tokens based on at least one access parameter; converting, using the conversion value, a first sum of the first-type access tokens into a second sum of second-type access tokens; and granting the client access to the protected entity when the sum of second-type of access tokens is received as a payment from the protected entity.Type: GrantFiled: July 29, 2022Date of Patent: March 26, 2024Assignee: RADWARE, LTD.Inventors: Alon Lelcuk, David Aviv
-
Publication number: 20240098111Abstract: A method and system for mitigating of randomized denial-of-service (DDoS) attacks directed against a protected entity during an attack time period are provided. The method includes receiving a packet during the attack time period; selecting a cluster defining legitimacy characteristics from at least one cluster of packets that best fits the received packet, wherein legitimacy characteristics of a cluster are learned during a peacetime period; determining a legitimacy score for the received packet based on the legitimacy characteristics of the selected cluster; determining based on the legitimacy score if the received packet is not legitimate; and applying a mitigation action on the received packet upon determination that the packet is not legitimate.Type: ApplicationFiled: September 19, 2022Publication date: March 21, 2024Applicant: Radware Ltd.Inventors: Ehud DORON, Amnon LOTEM, Gal YEHOSHUA, David AVIV
-
Patent number: 11916956Abstract: A method and system for generating dynamic applicative signatures of by application layer flood attack tools are provided. The method includes determining a plurality of different attributes of requests received during an on-going DDoS attack; clustering at least one attribute of the plurality of different attributes, wherein the clustering is based on values of the plurality of different attributes; determining clusters of attributes representing most frequent structures of the requests received during the on-going DDoS attack; and generating, based on the determined clusters of attributes, signature of an application layer flood attack tool executing the on-going DDoS attack.Type: GrantFiled: December 19, 2022Date of Patent: February 27, 2024Assignee: RADWARE LTD.Inventors: Ehud Doron, Koral Haham, David Aviv
-
Publication number: 20240064146Abstract: Arrangements for controlling access to a protected entity include receiving a redirected request of the client to access the protected entity that was denied by the protected entity; granting, in response to the received redirected request, access tokens of a first type to the client; identifying a conversion transaction identifying a request to convert the first type of access tokens with access tokens of a second type, wherein the transaction designates at least the protected entity; converting, based on a determined conversion value, a first sum of the first type of access tokens into a second sum of the second type of access tokens wherein the conversion value is determined based on at least one access parameter; and granting the client access to the protected entity when the sum of the second type of access tokens is received as a payment from the protected entity.Type: ApplicationFiled: October 25, 2023Publication date: February 22, 2024Applicant: Radware Ltd.Inventors: Alon LELCUK, David AVIV
-
Patent number: 11888893Abstract: A method and system for characterizing application layer denial-of-service (DDoS) attacks are provided. The method includes generating a dynamic applicative signature by analyzing requests received during an on-going DDoS attack, wherein the dynamic applicative signature characterizes based on frequent applicative attributes appeared from the received; characterizing each incoming request based on the generated dynamic applicative signature, wherein the characterization provides an indication for each incoming request whether an incoming request is generated by an attack tool executing the on-going DDoS attributes; and causing a mitigation action on the incoming request generated by the attack tool based on the generated dynamic applicative signature.Type: GrantFiled: January 31, 2023Date of Patent: January 30, 2024Assignee: RADWARE LTDInventors: Ehud Doron, Koral Haham, David Aviv