Patents by Inventor Guy Pazi
Guy Pazi has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 7979694Abstract: A method for authenticating communication traffic includes intercepting a request directed over a network from a source address to open a connection to a target computer in accordance with a handshake procedure specified by a predetermined communication protocol. A reply to the request that deviates from the specified handshake procedure is sent to the source address. A response from the source address to the reply is analyzed in order to make an assessment of legitimacy of the source address. Upon determining, based on the assessment, that the source address is legitimate, the target computer is permitted to complete the handshake procedure so as to open the connection with the source address.Type: GrantFiled: March 2, 2004Date of Patent: July 12, 2011Assignee: Cisco Technology, Inc.Inventors: Dan Touitou, Guy Pazi, Yehiel Shtein, Rephael Tzadikario
-
Patent number: 7653938Abstract: A method for processing communication traffic includes receiving a data packet sent over a network from a source address and reading a value of an attribute from the data packet. The value is hashed to determine a key, which is used as an index in extracting a tag from a table of random values. A decision is made using the tag regarding forwarding of the communication traffic from the source address.Type: GrantFiled: February 3, 2005Date of Patent: January 26, 2010Assignee: Cisco Technology, Inc.Inventors: Dan Touitou, Guy Pazi, Yehiel Shtein
-
Patent number: 7620733Abstract: A method for authenticating communication traffic includes receiving a first Domain Name System (DNS) request, sent using a connectionless protocol over a network from a source address, to provide network information regarding a domain name. Responsively to the first DNS request, a client at the source address is solicited to send a second DNS request using the connectionless protocol. An authenticity of the first DNS request is assessed based on the second DNS request.Type: GrantFiled: March 30, 2005Date of Patent: November 17, 2009Assignee: Cisco Technology, Inc.Inventors: Rephael Tzakikario, Dan Touitou, Guy Pazi
-
Patent number: 7313815Abstract: A method for authenticating communication traffic includes receiving a first request, such as a DNS request, sent over a network from a source address, to provide network information regarding a given domain name. A response is sent to the source address in reply to the first request. When a second request is from the source address in reply to the response, the authenticity of the first request is assessed based on the second request.Type: GrantFiled: September 17, 2004Date of Patent: December 25, 2007Assignee: Cisco Technology, Inc.Inventors: Guy Pazi, Dan Touitou, Alon Golan, Yehuda Afek
-
Patent number: 7171683Abstract: A method for authenticating packet communication traffic includes receiving a data packet sent over a network from a source address to a destination address and reading from the packet a value of a field that is indicative of a number of hops traversed by the packet since having been sent from the source address. The authenticity of the source address is assessed responsive to the value.Type: GrantFiled: August 29, 2002Date of Patent: January 30, 2007Assignee: Riverhead Networks Inc.Inventors: Guy Pazi, Anat Bremler-Bar, Rami Rivlin, Dan Touitou
-
Patent number: 6907525Abstract: A method for authenticating communication traffic includes receiving a first request, such as a DNS request, sent over a network from a source address, to provide network information regarding a given domain name. A response is sent to the source address in reply to the first request. When a second request is from the source address in reply to the response, the authenticity of the first request is assessed based on the second request.Type: GrantFiled: September 20, 2002Date of Patent: June 14, 2005Assignee: Riverhead Networks Inc.Inventors: Guy Pazi, Dan Touitou, Alon Golan, Yehuda Afek
-
Publication number: 20050044352Abstract: A method for authenticating communication traffic includes receiving a first request, such as a DNS request, sent over a network from a source address, to provide network information regarding a given domain name. A response is sent to the source address in reply to the first request. When a second request is from the source address in reply to the response, the authenticity of the first request is assessed based on the second request.Type: ApplicationFiled: September 17, 2004Publication date: February 24, 2005Applicant: Riverhead Networks, Inc.Inventors: Guy Pazi, Dan Touitou, Alon Golan, Yehuda Afek
-
Publication number: 20050021999Abstract: A method for authenticating communication traffic includes intercepting a request directed over a network from a source address to open a connection to a target computer in accordance with a handshake procedure specified by a predetermined communication protocol. A reply to the request that deviates from the specified handshake procedure is sent to the source address. A response from the source address to the reply is analyzed in order to make an assessment of legitimacy of the source address. Upon determining, based on the assessment, that the source address is legitimate, the target computer is permitted to complete the handshake procedure so as to open the connection with the source address.Type: ApplicationFiled: March 2, 2004Publication date: January 27, 2005Applicant: RIVERHEAD NETWORKS INC.Inventors: Dan Touitou, Guy Pazi, Yehiel Shtein, Rephael Tzadikario
-
Publication number: 20030110274Abstract: A method for authenticating packet communication traffic includes receiving a data packet sent over a network from a source address to a destination address and reading from the packet a value of a field that is indicative of a number of hops traversed by the packet since having been sent from the source address. The authenticity of the source address is assessed responsive to the value.Type: ApplicationFiled: August 29, 2002Publication date: June 12, 2003Applicant: RIVERHEAD NETWORKS INC.Inventors: Guy Pazi, Anat Bremler-Bar, Rami Rivlin, Dan Touitou
-
Publication number: 20030070096Abstract: A method for authenticating communication traffic includes receiving a first request, such as a DNS request, sent over a network from a source address, to provide network information regarding a given domain name. A response is sent to the source address in reply to the first request. When a second request is from the source address in reply to the response, the authenticity of the first request is assessed based on the second request.Type: ApplicationFiled: September 20, 2002Publication date: April 10, 2003Applicant: Riverhead Networks Inc.Inventors: Guy Pazi, Dan Touitou, Alon Golan, Yehuda Afek