Patents by Inventor Dov Murik
Dov Murik has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11841982Abstract: An example system includes a processor that can obtain a circuit describing operations of sequential secure computation code. The processor can modify the circuit based on a cost function. The processor can partition the circuit into a number of sub-circuits. The processor can assign the number of the sub-circuits to different processors for execution.Type: GrantFiled: October 20, 2021Date of Patent: December 12, 2023Assignee: International Business Machines CorporationInventors: Hayim Shaul, Ehud Aharoni, Dov Murik, Omri Soceanu, Gilad Ezov, Lev Greenberg, Evgeny Shindin
-
Patent number: 11704119Abstract: A method for automatically migrating infrastructure as code (IaC) from a first cloud infrastructure platform to a second cloud infrastructure platform is provided. The method may include receiving an original IaC comprising a first type of coding language. The method may further include using natural language processing to map a connection between the first type of coding language and a second type of coding language. The method may further include based on the mapped connection, using the NLP to automatically generate a partial translation of the first type of coding language to the second type of coding language. The method may further include using a machine learning algorithm to correct at least one inaccuracy in the partial translation. The method may further include generating a complete translation and implementing a second IaC on the second cloud infrastructure platform based on the complete translation.Type: GrantFiled: August 26, 2021Date of Patent: July 18, 2023Assignee: International Business Machines CorporationInventors: Fady Copty, Lev Greenberg, Dov Murik, Omer Yehuda Boehm, Omri Soceanu
-
Publication number: 20230208610Abstract: Executing the operations of an arithmetic circuit by using a hybrid strategy that employs both fully homomorphic encryption (FHE) methods and multi-party computation (MPC) methods. In order to utilize this hybrid strategy, an arithmetic circuit is split into multiple partitions (at least two), and each partition is assigned to be executed using FHE methods or MPC methods. Finally, this hybrid strategy is utilized in a manner that automatically takes into account CPU and network utilization costs.Type: ApplicationFiled: December 28, 2021Publication date: June 29, 2023Inventors: Hayim Shaul, OMRI SOCEANU, Ehud Aharoni, Dov Murik, GILAD EZOV
-
Publication number: 20230119283Abstract: An example system includes a processor that can obtain a circuit describing operations of sequential secure computation code. The processor can modify the circuit based on a cost function. The processor can partition the circuit into a number of sub-circuits. The processor can assign the number of the sub-circuits to different processors for execution.Type: ApplicationFiled: October 20, 2021Publication date: April 20, 2023Inventors: Hayim SHAUL, Ehud AHARONI, Dov MURIK, Omri SOCEANU, Gilad EZOV, Lev GREENBERG, Evgeny SHINDIN
-
Publication number: 20230075183Abstract: A method for automatically migrating infrastructure as code (IaC) from a first cloud infrastructure platform to a second cloud infrastructure platform is provided. The method may include receiving an original IaC comprising a first type of coding language. The method may further include using natural language processing to map a connection between the first type of coding language and a second type of coding language. The method may further include based on the mapped connection, using the NLP to automatically generate a partial translation of the first type of coding language to the second type of coding language. The method may further include using a machine learning algorithm to correct at least one inaccuracy in the partial translation. The method may further include generating a complete translation and implementing a second IaC on the second cloud infrastructure platform based on the complete translation.Type: ApplicationFiled: August 26, 2021Publication date: March 9, 2023Inventors: FADY COPTY, LEV GREENBERG, Dov Murik, Omer Yehuda Boehm, OMRI SOCEANU
-
Patent number: 11550567Abstract: The present invention relates to novel techniques for monitoring changes to source code of Infrastructure as Code systems to detect attempted anomalous changes and block such changes from the code. For example, a method may comprise learning a security architecture and history of an infrastructure as code system to be deployed in at least one cloud account, monitoring changes to source code of the infrastructure as code system that are made before deployment of the infrastructure as code system to detect an anomaly, determining whether the detected anomaly affects regulated resources of the infrastructure as code system, and blocking changes to the source code of the infrastructure as code system that produce the detected anomaly that affects regulated resources of the infrastructure as code system.Type: GrantFiled: April 4, 2021Date of Patent: January 10, 2023Assignee: International Business Machines CorporationInventors: Fady Copty, Omri Soceanu, Lev Greenberg, Dov Murik
-
Patent number: 11528134Abstract: An example system includes a processor to receive, at a setup or sign-up, a first cipher including a biometric template transformed using a first transformation and encrypted using a secret key, a second cipher including a security vector encrypted using the secret key, a third cipher including the biometric template transformed using a second transformation and encrypted, and a fourth cipher including an encrypted second security vector. The processor can receive, at a runtime or sign-in, a fifth cipher and a sixth cipher. The processor can verify that the fifth cipher includes a second biometric template transformed using the first transformation and encrypted using the secret key and that the sixth cipher includes the second biometric template transformed using the second transformation by testing a format attribute of the transformation functions using comparisons of inner products.Type: GrantFiled: March 24, 2020Date of Patent: December 13, 2022Assignee: International Business Machines CorporationInventors: Ehud Aharoni, Allon Adir, Dov Murik, Ariel Farkash, Omri Soceanu
-
Publication number: 20220318002Abstract: The present invention relates to novel techniques for monitoring changes to source code of Infrastructure as Code systems to detect attempted anomalous changes and block such changes from the code. For example, a method may comprise learning a security architecture and history of an infrastructure as code system to be deployed in at least one cloud account, monitoring changes to source code of the infrastructure as code system that are made before deployment of the infrastructure as code system to detect an anomaly, determining whether the detected anomaly affects regulated resources of the infrastructure as code system, and blocking changes to the source code of the infrastructure as code system that produce the detected anomaly that affects regulated resources of the infrastructure as code system.Type: ApplicationFiled: April 4, 2021Publication date: October 6, 2022Inventors: FADY COPTY, OMRI SOCEANU, LEV GREENBERG, Dov Murik
-
Patent number: 11308210Abstract: Deriving malware signatures by training a binary decision tree using known malware and benign software samples, each tree node representing a different software feature set and having one descending edge representing samples that are characterized by the node's software feature set and another descending edge representing samples that are not characterized thusly, selecting multiple continuous descending paths for multiple subsets of nodes, each path traversing a selected one of the edges descending from each of the nodes in its corresponding subset, deriving, based on the nodes and edges in any of the paths, a malware-associated software feature signature where the malware samples represented by leaves that directly or indirectly descend from an end of the continuous descending path meets a minimum percentage of the total number of samples represented by the leaves, and providing the malware signatures for use by a computer-based security tool configured to identify malware.Type: GrantFiled: January 22, 2019Date of Patent: April 19, 2022Assignee: International Business Machines CorporationInventors: Fady Copty, Matan Danos, Orit Edelstein, Dov Murik, Benjamin Zeltser
-
Publication number: 20210306147Abstract: An example system includes a processor to receive, at a setup or sign-up, a first cipher including a biometric template transformed using a first transformation and encrypted using a secret key, a second cipher including a security vector encrypted using the secret key, a third cipher including the biometric template transformed using a second transformation and encrypted, and a fourth cipher including an encrypted second security vector. The processor can receive, at a runtime or sign-in, a fifth cipher and a sixth cipher. The processor can verify that the fifth cipher includes a second biometric template transformed using the first transformation and encrypted using the secret key and that the sixth cipher includes the second biometric template transformed using the second transformation by testing a format attribute of the transformation functions using comparisons of inner products.Type: ApplicationFiled: March 24, 2020Publication date: September 30, 2021Inventors: Ehud Aharoni, Allon Adir, Dov Murik, Ariel Farkash, Omri Soceanu
-
Patent number: 11023362Abstract: An apparatus, a computer program product and a method for co-verification of systems comprising software and hardware components. The method comprises obtaining an over-approximation of the system that over-approximates the software or the hardware by using a non-deterministic version thereof; performing simulation of the over-approximation of the system; and utilizing an outcome of the simulation to guide a co-simulation of the system. The co-simulation comprises instrumenting the software to identify whether the coverage goals are reached during execution, generating a test input for the system, simulating execution of the test input by the instrumented software, wherein during said simulating, stimuli provided from the instrumented software to underlying hardware is provided to a hardware simulator that is configured to simulate the hardware-under-test; determining a coverage of the execution of the test input, and utilizing the coverage information in a successive iteration of the method.Type: GrantFiled: January 9, 2020Date of Patent: June 1, 2021Assignee: International Business Machines CorporationInventors: Fady Copty, Dov Murik, Sharon Keidar Barner
-
Patent number: 11003573Abstract: An apparatus, a computer program product and a method for co-verification of systems comprising software and hardware components. The method comprises obtaining an over-approximation of the system that over-approximates the software or the hardware by using a non-deterministic version thereof; performing simulation of the over-approximation of the system; and utilizing an outcome of the simulation to guide a co-simulation of the system. The co-simulation comprises instrumenting the software to identify whether the coverage goals are reached during execution, generating a test input for the system, simulating execution of the test input by the instrumented software, wherein during said simulating, stimuli provided from the instrumented software to underlying hardware is provided to a hardware simulator that is configured to simulate the hardware-under-test; determining a coverage of the execution of the test input, and utilizing the coverage information in a successive iteration of the method.Type: GrantFiled: January 9, 2020Date of Patent: May 11, 2021Assignee: International Business Machines CorporationInventors: Fady Copty, Dov Murik, Sharon Keidar Barner
-
Patent number: 10762199Abstract: A method, computer program product, and computer system are provided. A processor receives an executable file for execution by an operating system, where the executable file includes a plurality of sections in a first order. A processor determines a second order that indicates a loading order for the plurality of sections, where the second order is distinct from the first order. A processor loads the plurality of sections of the executable file into a plurality of locations in memory of a device based on the second order. A processor resolves one or more memory references for the plurality of sections based on the plurality of locations in memory. A processor executes the plurality of sections of the executable file in the plurality of locations in memory.Type: GrantFiled: May 9, 2018Date of Patent: September 1, 2020Assignee: International Business Machines CorporationInventors: Ayman Jarrous, Dov Murik, Omer-Yehuda Boehm, Nitzan Peleg
-
Publication number: 20200233960Abstract: Deriving malware signatures by training a binary decision tree using known malware and benign software samples, each tree node representing a different software feature set and having one descending edge representing samples that are characterized by the node's software feature set and another descending edge representing samples that are not characterized thusly, selecting multiple continuous descending paths for multiple subsets of nodes, each path traversing a selected one of the edges descending from each of the nodes in its corresponding subset, deriving, based on the nodes and edges in any of the paths, a malware-associated software feature signature where the malware samples represented by leaves that directly or indirectly descend from an end of the continuous descending path meets a minimum percentage of the total number of samples represented by the leaves, and providing the malware signatures for use by a computer-based security tool configured to identify malware.Type: ApplicationFiled: January 22, 2019Publication date: July 23, 2020Inventors: Fady COPTY, Matan DANOS, Orit EDELSTEIN, Dov MURIK, Benjamin ZELTSER
-
Patent number: 10657257Abstract: A method, apparatus and product performing feature vector aggregation for malware detection. Two sets of measurements produced by a two dynamic analyses of an examined program are obtained, wherein the two dynamic analyses are performed with respect to the examined program executing two different execution paths. An aggregated feature vector representing the examined program is generated. The aggregated feature vector comprises a set of aggregated features, wherein a value of each aggregated feature is based on an aggregation of corresponding measurements in the first set of measurements and in the second set of measurements. A predictive model is applied on the aggregated feature vector to classify the examined program as malicious or benign.Type: GrantFiled: December 6, 2017Date of Patent: May 19, 2020Assignee: International Business Machines CorporationInventors: Fady Copty, Cynthia Eisner, Dov Murik, Tamer Salman
-
Patent number: 10649887Abstract: An apparatus, a computer program product and a method for co-verification of systems comprising software and hardware components. The method comprises obtaining an over-approximation of the system that over-approximates the software or the hardware by using a non-deterministic version thereof; performing simulation of the over-approximation of the system; and utilizing an outcome of the simulation to guide a co-simulation of the system. The co-simulation comprises instrumenting the software to identify whether the coverage goals are reached during execution, generating a test input for the system, simulating execution of the test input by the instrumented software, wherein during said simulating, stimuli provided from the instrumented software to underlying hardware is provided to a hardware simulator that is configured to simulate the hardware-under-test; determining a coverage of the execution of the test input, and utilizing the coverage information in a successive iteration of the method.Type: GrantFiled: February 27, 2018Date of Patent: May 12, 2020Assignee: International Business Machines CorporationInventors: Fady Copty, Dov Murik, Sharon Keidar Barner
-
Publication number: 20200142815Abstract: An apparatus, a computer program product and a method for co-verification of systems comprising software and hardware components. The method comprises obtaining an over-approximation of the system that over-approximates the software or the hardware by using a non-deterministic version thereof; performing simulation of the over-approximation of the system; and utilizing an outcome of the simulation to guide a co-simulation of the system. The co-simulation comprises instrumenting the software to identify whether the coverage goals are reached during execution, generating a test input for the system, simulating execution of the test input by the instrumented software, wherein during said simulating, stimuli provided from the instrumented software to underlying hardware is provided to a hardware simulator that is configured to simulate the hardware-under-test; determining a coverage of the execution of the test input, and utilizing the coverage information in a successive iteration of the method.Type: ApplicationFiled: January 9, 2020Publication date: May 7, 2020Inventors: Fady Copty, Dov Murik, Sharon Keidar Barner
-
Publication number: 20200142814Abstract: An apparatus, a computer program product and a method for co-verification of systems comprising software and hardware components. The method comprises obtaining an over-approximation of the system that over-approximates the software or the hardware by using a non-deterministic version thereof; performing simulation of the over-approximation of the system; and utilizing an outcome of the simulation to guide a co-simulation of the system. The co-simulation comprises instrumenting the software to identify whether the coverage goals are reached during execution, generating a test input for the system, simulating execution of the test input by the instrumented software, wherein during said simulating, stimuli provided from the instrumented software to underlying hardware is provided to a hardware simulator that is configured to simulate the hardware-under-test; determining a coverage of the execution of the test input, and utilizing the coverage information in a successive iteration of the method.Type: ApplicationFiled: January 9, 2020Publication date: May 7, 2020Inventors: Fady Copty, Dov Murik, Sharon Keidar Barner
-
Publication number: 20200125943Abstract: A method for detecting security vulnerabilities, comprising: generating a corpus of input samples each labeled to indicate a threat level when executed by an input processing code; training a neural network (NN) using the plurality of input samples to classify inputs according to a plurality of labels of the plurality of input samples; for each input sample: iteratively altering the input sample to correspond to a process of gradient change of the NN, until the NN classifies the altered input sample to a different label than a respective label of the input sample; assigning the different label to the altered input sample; using the plurality of relabeled altered input samples to further train the NN and augment the corpus of input samples.Type: ApplicationFiled: October 18, 2018Publication date: April 23, 2020Inventors: FADY COPTY, DOV MURIK
-
Patent number: 10606732Abstract: An apparatus, a computer program product and a method for hybrid genetic concolic co-verification of hardware and software. The method comprises repeatedly obtaining a test input for a system comprising a software and a hardware; performing a symbolic co-simulation of the system executing the test input to generate a symbolic co-simulation constraint and utilizing the symbolic co-simulation constraint to generate a new test input. The symbolic co-simulation comprises iteratively performing concolic execution of the software and symbolic simulation of the hardware. The concolic execution is guided using the test input and monitors software symbols.Type: GrantFiled: February 27, 2018Date of Patent: March 31, 2020Assignee: International Business Machines CorporationInventors: Fady Copty, Dov Murik, Sharon Keidar Barner