Patents by Inventor Gil Raanan
Gil Raanan has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 8244853Abstract: The present invention facilitates mapping dependencies between software applications, components, and business processes on a computer network. Packets communicated between software applications are sampled to identify characteristics of the packet. The characteristics are used to identify communicating applications and to generate dependency maps of software applications on a computer network.Type: GrantFiled: March 3, 2004Date of Patent: August 14, 2012Assignee: VMware, Inc.Inventor: Gil Raanan
-
Patent number: 7774835Abstract: A method and computer program for automatically and continually extracting application protocols (i.e., defining a set of allowable or authorized actions) for any application. The method involves receiving a message from a server before it is sent or in parallel with sending to a client. The message may be in response to a specific request for it from the client. The program then extracts the application protocol data from the server message. Working with a copy of the message, the program strips off the communications protocol(s) from the message and parses the remaining message to identify user-selectable options contained in the message such as commands, fields, etc. These items represent the set of allowable or authorized user actions for the particular “stage” of the current version of the application as set forth in the message. The set of allowable user actions is then stored by the extraction program in a protocol database accessible to a gateway or filter module.Type: GrantFiled: August 2, 2004Date of Patent: August 10, 2010Assignee: F5 Networks, Inc.Inventors: Gil Raanan, Tal Moran, Yaron Galant, Yuval El-Hanani, Eran Reshef
-
Patent number: 7590715Abstract: The present invention facilitates identifying applications based on communicated packets between applications. Characteristics of communicated packets are used to identify the packet as being part of a communication between applications. Identification can be accomplished through the use of packet fingerprints or through a K nearest neighbor algorithm.Type: GrantFiled: March 3, 2004Date of Patent: September 15, 2009Assignee: EMC CorporationInventor: Gil Raanan
-
Publication number: 20080066173Abstract: A system and method are presented for authorizing execution of requested actions transmitted between clients and servers of a data processing system. The method includes receiving a message including a set of actions and simulating execution of the set of actions. A list representing allowable actions and user-definable inputs to the simulated actions is defined. The list of allowable actions and user-definable inputs to the allowable action is then compared to user-requested actions and inputs. When elements within the user-requested actions and inputs are included in the allowable actions and input list, the user-requested actions and inputs are authorized for execution.Type: ApplicationFiled: October 17, 2007Publication date: March 13, 2008Applicant: WATCHFIRE CORPORATIONInventors: Tal MORAN, Yuval EL-HANANI, Gil RAANAN, Eran RESHEF
-
Patent number: 7293281Abstract: A system and method are presented for authorizing execution of requested actions transmitted between clients and servers of a data processing system. The method includes receiving a message including a set of actions and simulating execution of the set of actions. A list representing allowable actions and user-definable inputs to the simulated actions is defined. The list of allowable actions and user-definable inputs to the allowable action is then compared to user-requested actions and inputs. When elements within the user-requested actions and inputs are included in the allowable actions and input list, the user-requested actions and inputs are authorized for execution.Type: GrantFiled: October 25, 2000Date of Patent: November 6, 2007Assignee: Watchfire CorporationInventors: Tal Moran, Yuval El-Hanani, Gil Raanan, Eran Reshef
-
Patent number: 7237265Abstract: A method for detecting security vulnerabilities in a web application includes analyzing the client requests and server responses resulting therefrom in order to discover pre-defined elements of the application's interface with external clients and the attributes of these elements. The client requests are then mutated based on a pre-defined set of mutation rules to thereby generate exploits unique to the application. The web application is attacked using the exploits and the results of the attack are evaluated for anomalous application activity.Type: GrantFiled: March 20, 2003Date of Patent: June 26, 2007Assignee: Watchfire CorporationInventors: Eran Reshef, Yuval El-Hanany, Gil Raanan, Tom Tsarfati
-
Publication number: 20050114705Abstract: A method and system are disclosed for discriminating automatic computerized action from a human performed action. The invention is based on applying human advantage in applying sensory and cognitive skills to solving simple problems that prove to be extremely hard for computer software. Such skills include, but are not limited to processing of sensory information such as identification of objects and letters within a noisy graphical environment, signals and speech within an auditory signal, patterns and objects within a video or animation sequence. Human skills also include higher level cognitive processing such as understanding natural language and logical assignments. The method for discriminating between humans and computerized actions can be used during authentication, to limit access by automated agents, and for confirmation of actions.Type: ApplicationFiled: March 1, 2004Publication date: May 26, 2005Inventors: Eran Reshef, Gil Raanan, Eilon Solan
-
Publication number: 20050044420Abstract: A method and computer program for automatically and continually extracting application protocols (i.e., defining a set of allowable or authorized actions) for any application. The method involves receiving a message from a server before it is sent or in parallel with sending to a client. The message may be in response to a specific request for it from the client. The program then extracts the application protocol data from the server message. Working with a copy of the message, the program strips off the communications protocol(s) from the message and parses the remaining message to identify user-selectable options contained in the message such as commands, fields, etc. These items represent the set of allowable or authorized user actions for the particular “stage” of the current version of the application as set forth in the message. The set of allowable user actions is then stored by the extraction program in a protocol database accessible to a gateway or filter module.Type: ApplicationFiled: August 2, 2004Publication date: February 24, 2005Inventors: Gil Raanan, Tal Moran, Yaron Galant, Yuval El-Hanani, Eran Reshef
-
Publication number: 20030233581Abstract: A method for detecting security vulnerabilities in a web application includes analyzing the client requests and server responses resulting therefrom in order to discover pre-defined elements of the application's interface with external clients and the attributes of these elements. The client requests are then mutated based on a pre-defined set of mutation rules to thereby generate exploits unique to the application. The web application is attacked using the exploits and the results of the attack are evaluated for anomalous application activity.Type: ApplicationFiled: March 20, 2003Publication date: December 18, 2003Inventors: Eran Reshef, Yuval El-Hanany, Gil Raanan, Tom Tsarfati
-
Publication number: 20030226038Abstract: A computerized method is described for dynamically refining a security policy rule set. The security policy rule set is used to define legal and illegal actions to be taken on an application running a server from clients. The method involves aggregating a plurality of log entries from one or more log files to create a single set of log entries, grouping the log entries in the single set according to common characteristics and analyzing the groups of log entries to amend the security policy rule set. The method helps reduce the instances in which legal actions are rejected by the security policy rule set.Type: ApplicationFiled: December 31, 2002Publication date: December 4, 2003Inventors: Gil Raanan, Chaim Linhart
-
Patent number: 6584569Abstract: A method for detecting security vulnerabilities in a web application includes analyzing the client requests and server responses resulting therefrom in order to discover pre-defined elements of the application's interface with external clients and the attributes of these elements. The client requests are then mutated based on a pre-defined set of mutation rules to thereby generate exploits unique to the application. The web application is attacked using the exploits and the results of the attack are evaluated for anomalous application activity.Type: GrantFiled: March 5, 2001Date of Patent: June 24, 2003Assignee: Sanctum Ltd.Inventors: Eran Reshef, Yuval El-Hanany, Gil Raanan, Tom Tsarfati
-
Publication number: 20020116643Abstract: A method and computer program for automatically and continually extracting application protocols (i.e., defining a set of allowable or authorized actions) for any application. The method involves receiving a message from a server before it is sent or in parallel with sending to a client. The message may be in response to a specific request for it from the client. The program then extracts the application protocol data from the server message. Working with a copy of the message, the program strips off the communications protocol(s) from the message and parses the remaining message to identify user-selectable options contained in the message such as commands, fields, etc. These items represent the set of allowable or authorized user actions for the particular “stage” of the current version of the application as set forth in the message. The set of allowable user actions is then stored by the extraction program in a protocol database accessible to a gateway or filter module.Type: ApplicationFiled: September 14, 2001Publication date: August 22, 2002Inventors: Gil Raanan, Tal Moran, Yaroa Galant, Yuval El-Hanani, Eran Reshef
-
Publication number: 20020010855Abstract: A method for detecting security vulnerabilities in a web application includes analyzing the client requests and server responses resulting therefrom in order to discover pre-defined elements of the application's interface with external clients and the attributes of these elements. The client requests are then mutated based on a pre-defined set of mutation rules to thereby generate exploits unique to the application. The web application is attacked using the exploits and the results of the attack are evaluated for anomalous application activity.Type: ApplicationFiled: March 5, 2001Publication date: January 24, 2002Inventors: Eran Reshef, Yuval El-Hanany, Gil Raanan, Tom Tsarfati
-
Patent number: 6321337Abstract: The present invention is a security gateway system positioned between an external, untrusted computing environment and an internal, trusted computing environment that converts messages received from the external environment into simplified messages and converts the simplified messages into messages suitable for use on the internal environment. The conversion involves the removal of external environment transfer protocols and the reduction of the content of the messages left after removing the protocols into a simplified representation of the content to create a simplified message. The simplified representation is then converted to an internal message by converting the simplified representation to a representation appropriate to the internal environment, including to applications operating on the internal environment, and adding internal environment protocols, including transfer protocols, to the converted message.Type: GrantFiled: September 9, 1998Date of Patent: November 20, 2001Assignee: Sanctum Ltd.Inventors: Eran Reshef, Gil Raanan, Eilon Solan
-
Patent number: 6311278Abstract: A method and computer program for automatically and continually extracting application protocols (i.e., defining a set of allowable or authorized actions) for any application. The method involves receiving a message from a server before it is sent or in parallel with sending to a client. The message may be in response to a specific request for it from the client. The program then extracts the application protocol data from the server message. Working with a copy of the message, the program strips off the communications protocol(s) from the message and parses the remaining message to identify user-selectable options contained in the message such as commands, fields, etc. These items represent the set of allowable or authorized user actions for the particular “stage” of the current version of the application as set forth in the message. The set of allowable user actions is then stored by the extraction program in a protocol database accessible to a gateway or filter module.Type: GrantFiled: July 1, 1999Date of Patent: October 30, 2001Assignee: Sanctum Ltd.Inventors: Gil Raanan, Tal Moran, Yoron Galant, Yuval El-Hanani, Eran Reshef
-
Patent number: 6199181Abstract: A method for protecting an operating environment on a processor from a rogue program operating on the processor comprising isolating simultaneously executing programs or operating systems is disclosed. Memory space for use only by the first program while the first program is executing is allocated. Communication between the first program and the computer's operating environment is accomplished through a single link employing one of several methods including using shared memory space, a dedicated interrupt or a dedicated I/O port. The monitor manages a restricted operating environment for the first program on the processor, the restricted operating environment preventing the first program from accessing resources on the processor except for the allocated memory space the single communication link.Type: GrantFiled: September 9, 1998Date of Patent: March 6, 2001Assignee: Perfecto Technologies Ltd.Inventors: Eran Rechef, Gil Raanan, Eilon Solan