Patents by Inventor Guy Ruvio
Guy Ruvio has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11748474Abstract: The present invention provides a security system, and methods useful for vehicle CAN bus communication mapping and attack originator identification, comprising: a CAN Bus Monitor, (CBM), configured to monitor the CAN bus communication comprising one or more frames, to and/or from at least one Electronic Control Unit, (ECU); a characterization module in communication with the CBM, configured to generate at least one characteristic for the monitored communication from each the ECU and at least one characteristic for each communication frame; (c) a comparator unit in communication with the characterization module, configured to compare one or more the characteristics of at least one frame against characteristics of each the ECU communication in order to detect at least one anomaly; and, (d) one or more Identification module in communication with the comparator, configured to identify at least one ECU originating an attack on the CAN bus.Type: GrantFiled: October 16, 2020Date of Patent: September 5, 2023Assignee: Red Bend Ltd.Inventors: Guy Ruvio, Yuval Weisglass, Saar Yaacov Dickman
-
Patent number: 11418519Abstract: There is provided a method for identifying malicious activity that changes the integrity of data sent out from a vehicle, comprising: intercepting, by an output data monitoring agent that monitors data sent out from the vehicle to an external receiving computing unit using a communication interface in communication with a network; intercepting, by at least one sensor data monitoring agent that monitors sensor data outputted by at least one sensor associated with the vehicle; monitoring the integrity of the data sent out by the vehicle by analyzing the data collected by the output data monitoring agent with the sensor data collected by the at least one sensor data monitoring agent to identify a mismatch; and identifying an indication of malicious activity that changed the data sent out from the vehicle relative to the data sensed by the at least one sensor.Type: GrantFiled: July 21, 2020Date of Patent: August 16, 2022Assignee: Red Bend LTD.Inventors: Guy Ruvio, Saar Yaacov Dickman, Yuval Weisglass, Anuja Sonalker
-
Patent number: 10992495Abstract: Methods, systems, and devices manipulate operation of at least one electronic control unit (ECU) connected to a controller area network (CAN) bus. The at least one ECU includes at least one error counter, by counting errors associated with at least one ECU. The manipulating is based on generating and broadcasting via the CAN at least one bit stream destined to at least one ECU, thereby manipulating at least one ECU status, determined by the ECU error counter and querying for its status state.Type: GrantFiled: November 27, 2019Date of Patent: April 27, 2021Assignee: Red Bend Ltd.Inventors: Guy Ruvio, Saar Yaacov Dickman, Yuval Weisglass, Zachi Avatichi
-
Patent number: 10944765Abstract: Apparatus, system and method useful for machine to machine (M2M) communication cyber-attack detection and prevention, are provided. An embedded security bridge (ESB), operatively connected to at least one proximal machine and at least one M2M module. The M2M module is in communication with at least one remote machine, and configured to enable communication between at least one remote machine and at least one proximal machine through the ESB. The ESB includes: one or more inspection units, configured for communication analysis for identifying communication and/or content suspicious as malicious, and, one or more decision units operatively connected to the inspection unit. The decision unit is configured to perform at least one action based on analysis of at least one inspection unit. The ESB is configured to detect by means of the inspection unit and prevent by means of the decision unit cyber-attacks on the proximal machine, the remote machine, or both.Type: GrantFiled: February 8, 2015Date of Patent: March 9, 2021Assignee: Red Bend Ltd.Inventors: Guy Ruvio, Yuval Weisglass, Saar Dickman
-
Publication number: 20210034745Abstract: The present invention provides a security system, and methods useful for vehicle CAN bus communication mapping and attack originator identification, comprising: a CAN Bus Monitor, (CBM), configured to monitor the CAN bus communication comprising one or more frames, to and/or from at least one Electronic Control Unit, (ECU); a characterization module in communication with the CBM, configured to generate at least one characteristic for the monitored communication from each the ECU and at least one characteristic for each communication frame; (c) a comparator unit in communication with the characterization module, configured to compare one or more the characteristics of at least one frame against characteristics of each the ECU communication in order to detect at least one anomaly; and, (d) one or more Identification module in communication with the comparator, configured to identify at least one ECU originating an attack on the CAN bus.Type: ApplicationFiled: October 16, 2020Publication date: February 4, 2021Inventors: Guy Ruvio, Yuval Weisglass, Saar Yaacov Dickman
-
Publication number: 20200351281Abstract: There is provided a method for identifying malicious activity that changes the integrity of data sent out from a vehicle, comprising: intercepting, by an output data monitoring agent that monitors data sent out from the vehicle to an external receiving computing unit using a communication interface in communication with a network; intercepting, by at least one sensor data monitoring agent that monitors sensor data outputted by at least one sensor associated with the vehicle; monitoring the integrity of the data sent out by the vehicle by analyzing the data collected by the output data monitoring agent with the sensor data collected by the at least one sensor data monitoring agent to identify a mismatch; and identifying an indication of malicious activity that changed the data sent out from the vehicle relative to the data sensed by the at least one sensor.Type: ApplicationFiled: July 21, 2020Publication date: November 5, 2020Inventors: Guy RUVIO, Saar Yaacov DICKMAN, Yuval WEISGLASS, Anuja SONALKER
-
Patent number: 10824720Abstract: The present invention provides a security system, and methods useful for vehicle CAN bus communication mapping and attack originator identification, comprising: a CAN Bus Monitor, (CBM), configured to monitor the CAN bus communication comprising one or more frames, to and/or from at least one Electronic Control Unit, (ECU); a characterization module in communication with the CBM, configured to generate at least one characteristic for the monitored communication from each the ECU and at least one characteristic for each communication frame; (c) a comparator unit in communication with the characterization module, configured to compare one or more the characteristics of at least one frame against characteristics of each the ECU communication in order to detect at least one anomaly; and, (d) one or more Identification module in communication with the comparator, configured to identify at least one ECU originating an attack on the CAN bus.Type: GrantFiled: March 26, 2015Date of Patent: November 3, 2020Assignee: TOWER-SEC LTD.Inventors: Guy Ruvio, Yuval Weisglass, Saar Dickman
-
Patent number: 10757114Abstract: There is provided a method for identifying malicious activity that changes the integrity of data sent out from a vehicle, comprising: intercepting, by an output data monitoring agent that monitors data sent out from the vehicle to an external receiving computing unit using a communication interface in communication with a network; intercepting, by at least one sensor data monitoring agent that monitors sensor data outputted by at least one sensor associated with the vehicle; monitoring the integrity of the data sent out by the vehicle by analyzing the data collected by the output data monitoring agent with the sensor data collected by the at least one sensor data monitoring agent to identify a mismatch; and identifying an indication of malicious activity that changed the data sent out from the vehicle relative to the data sensed by the at least one sensor.Type: GrantFiled: September 18, 2016Date of Patent: August 25, 2020Assignee: HARMAN INTERNATIONAL INDUSTRIES, INCORPORATEDInventors: Guy Ruvio, Saar Yaacov Dickman, Yuval Weisglass, Anuja Sonalker
-
Publication number: 20200106638Abstract: The present invention extends to methods, systems, devices, for manipulating operation of at least one electronic control unit (ECU) connected to a controller area network (CAN) bus, at least one said ECU comprising at least one error counter, by counting errors associated with at least one said ECU; and generating and broadcasting via said CAN at least one bit stream destined to at least one said ECU, thereby manipulating at least one said ECU status, determined by said ECU error counter and querying for its status state.Type: ApplicationFiled: November 27, 2019Publication date: April 2, 2020Applicant: Tower-Sec Ltd.Inventors: Guy RUVIO, Saar Yaacov DICKMAN, Yuval WEISGLASS, Zachi AVATICHI
-
Patent number: 10530605Abstract: The present invention extends to methods, systems, devices, for manipulating operation of at least one electronic control unit (ECU) connected to a controller area network (CAN) bus, at least one said ECU comprising at least one error counter, by counting errors associated with at least one said ECU; and generating and broadcasting via said CAN at least one bit stream destined to at least one said ECU, thereby manipulating at least one said ECU status, determined by said ECU error counter and querying for its status state.Type: GrantFiled: August 4, 2016Date of Patent: January 7, 2020Assignee: Tower-Sec Ltd.Inventors: Guy Ruvio, Saar Yaacov Dickman, Yuval Weisglass, Zachi Avatichi
-
Patent number: 10516681Abstract: A system and method for detection of at least one cyber-attack on one or more vehicles including steps of transmitting and/or receiving by a first on-board agent module installed within one or more vehicles and/or a second on-board agent module installed within road infrastructure and in a range of communication with said first on-board agent module metadata to and/or from an on-site and/or remote cloud-based detection server including a correlation engine; detecting cyberattacks based on correlation calculation between the metadata received from one or more first agent module installed within vehicles and/or from one or more second agent modules installed within road infrastructure; indicating a probability of a cyber-attack against one or more vehicle based on correlation calculation; initiating blocking of vehicle-to-vehicle communication to present and/or stop a spread of an identified threat.Type: GrantFiled: September 21, 2015Date of Patent: December 24, 2019Assignee: Tower-Sec Ltd.Inventors: Guy Ruvio, Saar Dickman, Yuval Weisglass, Yoav Etgar
-
Patent number: 10356122Abstract: A new device for detection and prevention of an attack on a vehicle via its communication channels, having: an input-unit configured to collect real-time and/or offline data from various sources such as sensors, network based services, navigation applications, the vehicles electronic control units, the vehicle's bus-networks, the vehicle's subsystems, and on board diagnostics; a database, for storing the data; a detection-unit in communication with the input-unit; and an action-unit, in communication with the detection unit, configured for sending an alert via the communication channels and/or prevent the attack, by breaking or changing the attacked communication channels. The detection-unit is configured to simultaneously monitor the content, the meta-data and the physical-data of the data and detect the attack.Type: GrantFiled: January 10, 2017Date of Patent: July 16, 2019Assignee: Tower-Sec Ltd.Inventors: Guy Ruvio, Saar Dickman, Yuval Weisglass
-
Publication number: 20190036946Abstract: There is provided a method for identifying malicious activity that changes the integrity of data sent out from a vehicle, comprising: intercepting, by an output data monitoring agent that monitors data sent out from the vehicle to an external receiving computing unit using a communication interface in communication with a network; intercepting, by at least one sensor data monitoring agent that monitors sensor data outputted by at least one sensor associated with the vehicle; monitoring the integrity of the data sent out by the vehicle by analyzing the data collected by the output data monitoring agent with the sensor data collected by the at least one sensor data monitoring agent to identify a mismatch; and identifying an indication of malicious activity that changed the data sent out from the vehicle relative to the data sensed by the at least one sensor.Type: ApplicationFiled: September 18, 2016Publication date: January 31, 2019Applicant: TOWER-SEC LTDInventors: Guy RUVIO, Yuval WEISGLASS, Saar Yaacov DICKMAN, Anuja SONALKER
-
Publication number: 20180241584Abstract: The present invention extends to methods, systems, devices, for manipulating operation of at least one electronic control unit (ECU) connected to a controller area network (CAN) bus, at least one said ECU comprising at least one error counter, by counting errors associated with at least one said ECU; and generating and broadcasting via said CAN at least one bit stream destined to at least one said ECU, thereby manipulating at least one said ECU status, determined by said ECU error counter and querying for its status state.Type: ApplicationFiled: August 4, 2016Publication date: August 23, 2018Applicant: Tower-Sec Ltd.Inventors: Guy RUVIO, Yuval WEISGLASS, Saar Yaacov DICKMAN, Zachi AVATICHI
-
Publication number: 20180196941Abstract: The present invention provides a security system, and methods useful for vehicle CAN bus communication mapping and attack originator identification, comprising: a CAN Bus Monitor, (CBM), configured to monitor the CAN bus communication comprising one or more frames, to and/or from at least one Electronic Control Unit, (ECU); a characterization module in communication with the CBM, configured to generate at least one characteristic for the monitored communication from each the ECU and at least one characteristic for each communication frame; (c) a comparator unit in communication with the characterization module, configured to compare one or more the characteristics of at least one frame against characteristics of each the ECU communication in order to detect at least one anomaly; and, (d) one or more Identification module in communication with the comparator, configured to identify at least one ECU originating an attack on the CAN bus.Type: ApplicationFiled: March 26, 2015Publication date: July 12, 2018Applicant: Tower-Sec Ltd.Inventors: Guy RUVIO, Yuval WEISGLASS, Saar DICKMAN
-
Publication number: 20180026999Abstract: Apparatus, system and method useful for machine to machine (M2M) communication cyber-attack detection and prevention, are provided. An embedded security bridge (ESB), operatively connected to at least one proximal machine and at least one M2M module. The M2M module is in communication with at least one remote machine, and configured to enable communication between at least one remote machine and at least one proximal machine through the ESB. The ESB includes: one or more inspection units, configured for communication analysis for identifying communication and/or content suspicious as malicious, and, one or more decision units operatively connected to the inspection unit. The decision unit is configured to perform at least one action based on analysis of at least one inspection unit. The ESB is configured to detect by means of the inspection unit and prevent by means of the decision unit cyber-attacks on the proximal machine, the remote machine, or both.Type: ApplicationFiled: February 8, 2015Publication date: January 25, 2018Applicant: Tower-Sec Ltd.Inventors: Guy RUVIO, Yuval WEISGLASS, Saar DICKMAN
-
Publication number: 20170230385Abstract: A system and method for detection of at least one cyber-attack on one or more vehicles including steps of transmitting and/or receiving by a first on-board agent module installed within one or more vehicles and/or a second on-board agent module installed within road infrastructure and in a range of communication with said first on-board agent module metadata to and/or from an on-site and/or remote cloud-based detection server including a correlation engine; detecting cyberattacks based on correlation calculation between the metadata received from one or more first agent module installed within vehicles and/or from one or more second agent modules installed within road infrastructure; indicating a probability of a cyber-attack against one or more vehicle based on correlation calculation; initiating blocking of vehicle-to-vehicle communication to present and/or stop a spread of an identified threat.Type: ApplicationFiled: September 21, 2015Publication date: August 10, 2017Applicant: Tower-Sec Ltd.Inventors: Guy RUVIO, Saar DICKMAN, Yuval WEISGLASS, Yoav ETGAR
-
Publication number: 20170149820Abstract: A new device for detection and prevention of an attack on a vehicle via its communication channels, having: an input-unit configured to collect real-time and/or offline data from various sources such as sensors, network based services, navigation applications, the vehicles electronic control units, the vehicle's bus-networks, the vehicle's subsystems, and on board diagnostics; a database, for storing the data; a detection-unit in communication with the input-unit; and an action-unit, in communication with the detection unit, configured for sending an alert via the communication channels and/or prevent the attack, by breaking or changing the attacked communication channels. The detection-unit is configured to simultaneously monitor the content, the meta-data and the physical-data of the data and detect the attack.Type: ApplicationFiled: January 10, 2017Publication date: May 25, 2017Inventors: Guy Ruvio, Saar Dickman, Yuval Weisglass
-
Patent number: 9560071Abstract: A new device for detection and prevention of an attack on a vehicle via its communication channels, having: an input-unit configured to collect real-time and/or offline data from various sources such as sensors, network based services, navigation applications, the vehicles electronic control units, the vehicle's bus-networks, the vehicle's subsystems, and on board diagnostics; a database, for storing the data; a detection-unit in communication with the input-unit; and an action-unit, in communication with the detection unit, configured for sending an alert via the communication channels and/or prevent the attack, by breaking or changing the attacked communication channels. The detection-unit is configured to simultaneously monitor the content, the meta-data and the physical-data of the data and detect the attack.Type: GrantFiled: October 17, 2013Date of Patent: January 31, 2017Assignee: Tower-Sec Ltd.Inventors: Guy Ruvio, Saar Dickman, Yuval Weisglass
-
Publication number: 20150271201Abstract: A new device for detection and prevention of an attack on a vehicle via its communication channels, having: an input-unit configured to collect real-time and/or offline data from various sources such as sensors, network based services, navigation applications, the vehicles electronic control units, the vehicle's bus-networks, the vehicle's subsystems, and on board diagnostics; a database, for storing the data; a detection-unit in communication with the input-unit; and an action-unit, in communication with the detection unit, configured for sending an alert via the communication channels and/or prevent the attack, by breaking or changing the attacked communication channels. The detection-unit is configured to simultaneously monitor the content, the meta-data and the physical-data of the data and detect the attack.Type: ApplicationFiled: October 17, 2013Publication date: September 24, 2015Inventors: Guy Ruvio, Saar Dickman