Patents by Inventor Erez Kaplan Haelion
Erez Kaplan Haelion has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20200403983Abstract: System, product and method for connectivity-based scrambling is disclosed. Port scrambling mode is selected based on connectivity to a network. In one mode, ports of authorized outgoing communications are scrambled, while ports of unauthorized outgoing communications remain unscrambled. In another mode, ports of unauthorized outgoing communications are scrambled, while ports of authorized outgoing communications remain unscrambled. In some cases, under the first mode, ports of all incoming communications are descrambled, while in the second mode, ports of all incoming communications remain unscrambled.Type: ApplicationFiled: April 28, 2019Publication date: December 24, 2020Inventor: Erez Kaplan Haelion
-
Patent number: 10616231Abstract: A system, product and method for preventing unauthorized outgoing communications. The method comprises, in response to an attempt to transmit an outgoing communication by a transmitting software entity, obtaining a list of software entities which have performed Inter-Process Communication (IPC), directly or indirectly, with the transmitting software entity. The method further comprises for each software entity in the list of software entities, checking whether the software entity is an unauthorized software entity. In response to detecting an unauthorized software entity in the list of software entities, the outgoing communication may be blocked. As a result, the outgoing communication is prevented from being transmitted.Type: GrantFiled: March 21, 2017Date of Patent: April 7, 2020Assignee: CYBER 2.0 (2015) LTDInventor: Erez Kaplan Haelion
-
Publication number: 20200028856Abstract: A method, apparatus, and computer program product for port scrambling usage in heterogeneous networks. Responsive to receiving a communication directed towards a network, wherein port scrambling and port descrambling are employed by the network, a transformation function is applied on a port at which the communication is directed to be received, whereby obtaining a scrambled port, and the communication is redirected to be received at the scrambled port. Responsive to receiving a communication from the network directed outside thereof, an inverse of the transformation function is applied on a port at which the communication is directed to be received, whereby obtaining a descrambled port, and the communication is redirected to be received at the descrambled port. Each device belonging to the network is configured for performing selective port scrambling of outgoing communications and port descrambling of incoming communications by utilizing the transformation function and inverse thereof, respectively.Type: ApplicationFiled: July 23, 2018Publication date: January 23, 2020Applicant: CYBER 2.0 (2015) LTDInventor: EREZ KAPLAN HAELION
-
Publication number: 20190306130Abstract: System, product and method for connectivity-based scrambling is disclosed. Port scrambling mode is selected based on connectivity to a network. In one mode, ports of authorized outgoing communications are scrambled, while ports of unauthorized outgoing communications remain unscrambled. In another mode, ports of unauthorized outgoing communications are scrambled, while ports of authorized outgoing communications remain unscrambled. In some cases, under the first mode, ports of all incoming communications are descrambled, wile in the second mode, ports of all incoming communications remain unscrambled.Type: ApplicationFiled: March 27, 2018Publication date: October 3, 2019Applicant: Cyber 2.0 (2015) LTD.Inventor: Erez Kaplan Haelion
-
Publication number: 20190268317Abstract: System, product and method for connectivity-based scrambling is disclosed. Port scrambling mode is selected based on connectivity to a network. In one mode, ports of authorized outgoing communications are scrambled, while ports of unauthorized outgoing communications remain unscrambled. In another mode, ports of unauthorized outgoing communications are scrambled, while ports of authorized outgoing communications remain unscrambled. In some cases, under the first mode, ports of all incoming communications are descrambled, while in the second mode, ports of all incoming communications remain unscrambled.Type: ApplicationFiled: April 28, 2019Publication date: August 29, 2019Inventor: Erez Kaplan Haelion
-
Patent number: 10397196Abstract: A device, method and product for port-scrambling-based networks. The method comprising in response to a device intending to transmit an outgoing communication to a target device in a computer network, via a first port, scrambling the first port of the outgoing communication to obtain a second port by applying a transformation function which utilizes a certificate that is shared among a portion of the devices in the computer network; and transmitting the outgoing communication to via the second target port. The method comprises receiving, via a second source port, an incoming communication from a source device in the computer network, descrambling the second source port of the incoming communication to obtain a first source port by applying a reverse function of the transformation function; and directing the incoming communication at the first source port instead of the second source port.Type: GrantFiled: February 28, 2017Date of Patent: August 27, 2019Assignee: CYBER 2.0 (2015) LTD.Inventor: Erez Kaplan Haelion
-
Patent number: 10333956Abstract: Method, system and product for detection of invalid port accesses in port-scrambling-based networks. The network may comprise a plurality of computers, each of which is configured to selectively scramble port of outgoing communications transmitted over the network and to descramble ports of incoming communications received from the network. The selective scrambling of ports may be based on a whitelist of programs. Invalid port accesses are monitored for. Invalid port accesses may be a communication transmitted over the network directing at a port, wherein an unscrambled port obtained after descrambling the port, is an invalid port. Invalid port accesses may be logged and actions may be taken to mitigate potential security risk represented thereby.Type: GrantFiled: May 15, 2018Date of Patent: June 25, 2019Assignee: CYBER 2.0 (2015) LTD.Inventor: Erez Kaplan Haelion
-
Patent number: 10313318Abstract: A method, system and computer program product providing port scrambling for securing communications in internal computer networks are disclosed. A transformation function is applied on an identifier of a first port at which an outgoing communication is designated to be received, whereby an identifier of a second port the outgoing communication is directed to be received at is obtained. The transformation function depends on at least one parameter shared among a plurality of devices in a computer network, whereby a device receiving the communication at the second port is enabled to apply an inverse transformation function on the identifier of the second port to obtain the identifier of the first port and redirect the communication thereto. The transformation function is applied in condition that transmittal of the outgoing communication was requested by an application program listed in a list of authorized application programs for the plurality of devices.Type: GrantFiled: November 1, 2017Date of Patent: June 4, 2019Assignee: CYBER 2.0 (2015) LTD.Inventor: Erez Kaplan Haelion
-
Publication number: 20190089595Abstract: A method, a computerized apparatus and a computer program product for automatic generation of security configuration and deployment thereof. The method comprises monitoring programs executed by a device within an organizational network, to identify an attempt to transmit outgoing communications. In response to determining a program executed by the device is attempting to transmit an outgoing communication: checking whether the program is listed in a base list of authorized programs. In response to determining that the program is listed in the base list, adding the program to a list of authorized programs.Type: ApplicationFiled: September 18, 2017Publication date: March 21, 2019Applicant: Cyber 2.0 (2015) LtdInventor: EREZ KAPLAN HAELION
-
Publication number: 20180278617Abstract: A system, product and method for preventing unauthorized outgoing communications. The method comprises, in response to an attempt to transmit an outgoing communication by a transmitting software entity, obtaining a list of software entities which have performed Inter-Process Communication (IPC), directly or indirectly, with the transmitting software entity. The method further comprises for each software entity in the list of software entities, checking whether the software entity is an unauthorized software entity. In response to detecting an unauthorized software entity in the list of software entities, the outgoing communication may be blocked. As a result, the outgoing communication is prevented from being transmitted.Type: ApplicationFiled: March 21, 2017Publication date: September 27, 2018Inventor: Erez Kaplan Haelion
-
Publication number: 20180270257Abstract: Method, system and product for detection of invalid port accesses in port-scrambling-based networks. The network may comprise a plurality of computers, each of which is configured to selectively scramble port of outgoing communications transmitted over the network and to descramble ports of incoming communications received from the network. The selective scrambling of ports may be based on a whitelist of programs. Invalid port accesses are monitored for. Invalid port accesses may be a communication transmitted over the network directing at a port, wherein an unscrambled port obtained after descrambling the port, is an invalid port. Invalid port accesses may be logged and actions may be taken to mitigate potential security risk represented thereby.Type: ApplicationFiled: May 15, 2018Publication date: September 20, 2018Inventor: Erez Kaplan Haelion
-
Publication number: 20180248851Abstract: A device, method and product for port-scrambling-based networks. The method comprising in response to a device intending to transmit an outgoing communication to a target device in a computer network, via a first port, scrambling the first port of the outgoing communication to obtain a second port by applying a transformation function which utilizes a certificate that is shared among a portion of the devices in the computer network; and transmitting the outgoing communication to via the second target port. The method comprises receiving, via a second source port, an incoming communication from a source device in the computer network, descrambling the second source port of the incoming communication to obtain a first source port by applying a reverse function of the transformation function; and directing the incoming communication at the first source port instead of the second source port.Type: ApplicationFiled: February 28, 2017Publication date: August 30, 2018Applicant: CYBER 2.0 (2015) LTD.Inventor: Erez KAPLAN HAELION
-
Patent number: 9985981Abstract: A computer-implemented method, computerized apparatus and computer program product for monitoring traffic in a computer network. The computer network comprises a plurality of devices configured to apply a transformation function on a target port identifier of a requested transmission by an application program executing thereon and direct the transmission to a different target port per the scrambled identifier thereby obtained. The transformation function depends on at least one parameter shared among the plurality of devices and applying thereof is conditioned on the application program requesting transmission being listed in a list of authorized application programs. Attempts to access invalid ports as defined by the transformation function are identified and an action for mitigating a security threat ascribed thereto is provided.Type: GrantFiled: September 14, 2017Date of Patent: May 29, 2018Assignee: Cyber 2.0 (2015) LtdInventor: Erez Kaplan Haelion
-
Publication number: 20180069845Abstract: A method, system and computer program product providing port scrambling for securing communications in internal computer networks are disclosed. A transformation function is applied on an identifier of a first port at which an outgoing communication is designated to be received, whereby an identifier of a second port the outgoing communication is directed to be received at is obtained. The transformation function depends on at least one parameter shared among a plurality of devices in a computer network, whereby a device receiving the communication at the second port is enabled to apply an inverse transformation function on the identifier of the second port to obtain the identifier of the first port and redirect the communication thereto. The transformation function is applied in condition that transmittal of the outgoing communication was requested by an application program listed in a list of authorized application programs for the plurality of devices.Type: ApplicationFiled: November 1, 2017Publication date: March 8, 2018Inventor: Erez Kaplan HAELION
-
Publication number: 20180007072Abstract: A computer-implemented method, computerized apparatus and computer program product for monitoring traffic in a computer network. The computer network comprises a plurality of devices configured to apply a transformation function on a target port identifier of a requested transmission by an application program executing thereon and direct the transmission to a different target port per the scrambled identifier thereby obtained. The transformation function depends on at least one parameter shared among the plurality of devices and applying thereof is conditioned on the application program requesting transmission being listed in a list of authorized application programs. Attempts to access invalid ports as defined by the transformation function are identified and an action for mitigating a security threat ascribed thereto is provided.Type: ApplicationFiled: September 14, 2017Publication date: January 4, 2018Inventor: Erez Kaplan Haelion
-
Patent number: 9838368Abstract: A method, system and computer program product providing port scrambling for securing communications in internal computer networks are disclosed. A transformation function is applied on an identifier of a first port at which an outgoing communication is designated to be received, whereby an identifier of a second port the outgoing communication is directed to be received at is obtained. The transformation function depends on at least one parameter shared among a plurality of devices in a computer network, whereby a device receiving the communication at the second port is enabled to apply an inverse transformation function on the identifier of the second port to obtain the identifier of the first port and redirect the communication thereto. The transformation function is applied in condition that transmittal of the outgoing communication was requested by an application program listed in a list of authorized application programs for the plurality of devices.Type: GrantFiled: August 25, 2016Date of Patent: December 5, 2017Assignee: CYBER 2.0 (2015) LTD.Inventor: Erez Kaplan Haelion
-
Patent number: 9794277Abstract: A computer-implemented method, computerized apparatus and computer program product for monitoring traffic in a computer network. The computer network comprises a plurality of devices configured to apply a transformation function on a target port identifier of a requested transmission by an application program executing thereon and direct the transmission to a different target port per the scrambled identifier thereby obtained. The transformation function depends on at least one parameter shared among the plurality of devices and applying thereof is conditioned on the application program requesting transmission being listed in a list of authorized application programs. Attempts to access invalid ports as defined by the transformation function are identified and an action for mitigating a security threat ascribed thereto is provided.Type: GrantFiled: December 27, 2016Date of Patent: October 17, 2017Assignee: CYBER 2.0 (2015) LTDInventor: Erez Kaplan Haelion
-
Publication number: 20170244686Abstract: A method, system and computer program product providing port scrambling for securing communications in internal computer networks are disclosed. A transformation function is applied on an identifier of a first port at which an outgoing communication is designated to be received, whereby an identifier of a second port the outgoing communication is directed to be received at is obtained. The transformation function depends on at least one parameter shared among a plurality of devices in a computer network, whereby a device receiving the communication at the second port is enabled to apply an inverse transformation function on the identifier of the second port to obtain the identifier of the first port and redirect the communication thereto. The transformation function is applied in condition that transmittal of the outgoing communication was requested by an application program listed in a list of authorized application programs for the plurality of devices.Type: ApplicationFiled: August 25, 2016Publication date: August 24, 2017Inventor: Erez Kaplan HAELION
-
Publication number: 20170193205Abstract: A computer-implemented method, computerized apparatus and computer program product for enhanced resistance to reverse engineering of code using incremental polymorphism. Incremental modifications to a software resource of a computer program are received from a server and used for updating the resource from a current to an updated state in each of the computer program instances at a plurality of devices, whereby updating is performed in a synchronized manner and without the updated resource being transmitted via a communication channel.Type: ApplicationFiled: January 2, 2017Publication date: July 6, 2017Inventor: Erez KAPLAN HAELION
-
Publication number: 20170195348Abstract: A computer-implemented method, computerized apparatus and computer program product for monitoring traffic in a computer network. The computer network comprises a plurality of devices configured to apply a transformation function on a target port identifier of a requested transmission by an application program executing thereon and direct the transmission to a different target port per the scrambled identifier thereby obtained. The transformation function depends on at least one parameter shared among the plurality of devices and applying thereof is conditioned on the application program requesting transmission being listed in a list of authorized application programs. Attempts to access invalid ports as defined by the transformation function are identified and an action for mitigating a security threat ascribed thereto is provided.Type: ApplicationFiled: December 27, 2016Publication date: July 6, 2017Inventor: Erez Kaplan Haelion