Patents by Inventor Meir Tsvi
Meir Tsvi has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20230376587Abstract: A method, a computer program product and an apparatus for online detection of command injection attacks in a computerized system. The method comprises determining that an input of a potential input provisioning event received from a network includes a command separator and an executable product and recording a suspicious record event. The method further comprises determining that an execution command configured to be executed a potential execution event correlates to the suspicious record event and in response to said determining flagging the execution command as a command injection attack. The method further comprises performing a remedial action with respect to the flagged command injection attack prior to attempting to execute the execution command.Type: ApplicationFiled: July 25, 2023Publication date: November 23, 2023Inventors: Asaf Karas, Or Peles, Meir Tsvi, Anton Nayshtut
-
Patent number: 11714899Abstract: A method, system and product for command injection identification. An input hook function is configured to be executed in response to a potential input provisioning event. The input hook function is configured to perform: analyzing a potential input of the potential input provisioning event to identify whether the potential input comprises a command separator and an executable product; and in response to identifying the command separator and the executable product, recording a suspicious input event indicating the command separator and the executable product. An execution hook function is configured to be executed in response to a potential execution event. The execution hook function is configured to perform: in response to a determination that an execution command of the potential execution event comprises the command separator and the executable product of the suspicious input event, flagging the execution command as a command injection attack.Type: GrantFiled: June 27, 2022Date of Patent: August 1, 2023Assignee: JFROG LTDInventors: Asaf Karas, Or Peles, Meir Tsvi, Anton Nayshtut
-
Patent number: 11520901Abstract: A method, system and product for detecting firmware vulnerabilities, including, during a testing phase of a firmware of a device, continuously polling states and activities of the device, wherein said polling is at a testing agent that is functionality separate from the firmware; correlating between at least one event that is associated with the states or the activities of the device and test results of the testing phase; based on said correlating, determining for the firmware one or more normal events and one or more abnormal events; and after the testing phase, providing indications of the one or more normal events and one or more abnormal events from the testing agent to a runtime agent, whereby said providing enables the runtime agent to protect the firmware from vulnerabilities associated with the one or more abnormal events.Type: GrantFiled: December 25, 2019Date of Patent: December 6, 2022Assignee: JFROG LTDInventors: Asaf Karas, Meir Tsvi
-
Publication number: 20220335122Abstract: A method, system and product for command injection identification. An input hook function is configured to be executed in response to a potential input provisioning event. The input hook function is configured to perform: analyzing a potential input of the potential input provisioning event to identify whether the potential input comprises a command separator and an executable product; and in response to identifying the command separator and the executable product, recording a suspicious input event indicating the command separator and the executable product. An execution hook function is configured to be executed in response to a potential execution event. The execution hook function is configured to perform: in response to a determination that an execution command of the potential execution event comprises the command separator and the executable product of the suspicious input event, flagging the execution command as a command injection attack.Type: ApplicationFiled: June 27, 2022Publication date: October 20, 2022Inventors: Asaf Karas, Or Peles, Meir Tsvi, Anton Nayshtut
-
Patent number: 11403391Abstract: A method, system and product for command injection identification. An input hook function is configured to be executed in response to a potential input provisioning event. The input hook function is configured to perform: analyzing a potential input of the potential input provisioning event to identify whether the potential input comprises a command separator and an executable product; and in response to identifying the command separator and the executable product, recording a suspicious input event indicating the command separator and the executable product. An execution hook function is configured to be executed in response to a potential execution event. The execution hook function is configured to perform: in response to a determination that an execution command of the potential execution event comprises the command separator and the executable product of the suspicious input event, flagging the execution command as a command injection attack.Type: GrantFiled: November 18, 2019Date of Patent: August 2, 2022Assignee: JF ROG LTDInventors: Asaf Karas, Or Peles, Meir Tsvi, Anton Nayshtut
-
Publication number: 20210150022Abstract: A method, system and product for command injection identification. An input hook function is configured to be executed in response to a potential input provisioning event. The input hook function is configured to perform: analyzing a potential input of the potential input provisioning event to identify whether the potential input comprises a command separator and an executable product; and in response to identifying the command separator and the executable product, recording a suspicious input event indicating the command separator and the executable product. An execution hook function is configured to be executed in response to a potential execution event. The execution hook function is configured to perform: in response to a determination that an execution command of the potential execution event comprises the command separator and the executable product of the suspicious input event, flagging the execution command as a command injection attack.Type: ApplicationFiled: November 18, 2019Publication date: May 20, 2021Inventors: Asaf Karas, Or Peles, Meir Tsvi, Anton Nayshtut
-
Publication number: 20200210592Abstract: A method, system and product for detecting firmware vulnerabilities, including, during a testing phase of a firmware of a device, continuously polling states and activities of the device, wherein said polling is at a testing agent that is functionality separate from the firmware; correlating between at least one event that is associated with the states or the activities of the device and test results of the testing phase; based on said correlating, determining for the firmware one or more normal events and one or more abnormal events; and after the testing phase, providing indications of the one or more normal events and one or more abnormal events from the testing agent to a runtime agent, whereby said providing enables the runtime agent to protect the firmware from vulnerabilities associated with the one or more abnormal events.Type: ApplicationFiled: December 25, 2019Publication date: July 2, 2020Inventors: Asaf Karas, Meir Tsvi
-
Patent number: 10310870Abstract: It is often desired to add or change the functionality of an existing executable, also known as binary. Simply splicing in new machine code into the binary will not work due to host system-specific and platform-specific limitations. The present invention will enable adding any new code to an existing program while overcoming the aforementioned consistency limitations and maintaining the original functionality.Type: GrantFiled: August 8, 2016Date of Patent: June 4, 2019Assignee: APPDOME LTD.Inventors: Avner Yehuda, Omer Schory, Meir Tsvi, Daniel Zatuchne
-
Patent number: 9934017Abstract: The huge market of smartphones demands a vast number of applications with varying capabilities. For this, it is desirable that capabilities of two or more pieces of executables will be delivered together. However, several operation systems, such as Apple iOS, do not allow downloading an application with more than one binary executable file. The purpose of this invention is to allow merging of several, two or more, pieces of binary executables, without an access to any of which source code. The merging process will handle the addressing environment required for correct code operation—creating a single virtual memory space and adapting the binding addresses, offset addresses and base addresses. This will enable executing all desired functionality from a single piece of a binary executable which can be downloaded as a single application from the app store. Problems of existing mobile OSes for application downloading will be resolved.Type: GrantFiled: November 15, 2015Date of Patent: April 3, 2018Assignee: APPDOME LTD.Inventors: Avner Yehuda, Lior Halfon, Meir Tsvi
-
Publication number: 20170255795Abstract: In the new personal computing devices, smart phones and tablets, there is a huge variety of applications from multiple sources. The quality and security of these applications is unknown and it is not under the control of the user or the company the user is working for. Controlling what an application can do with data on such devices is impossible due to the number of applications s and the sources from which they are originating. The present invention will describe a method for providing a data protection under such conditions, especially for corporate data.Type: ApplicationFiled: December 22, 2014Publication date: September 7, 2017Applicant: APPDOME LTD.Inventors: Avner Yehuda, Meir Tsvi
-
Publication number: 20170139696Abstract: The huge market of smartphones demands a vast number of applications with varying capabilities. For this, it is desirable that capabilities of two or more pieces of executables will be delivered together. However, several operation systems, such as Apple iOS, do not allow downloading an application with more than one binary executable file. The purpose of this invention is to allow merging of several, two or more, pieces of binary executables, without an access to any of which source code. The merging process will handle the addressing environment required for correct code operation—creating a single virtual memory space and adapting the binding addresses, offset addresses and base addresses. This will enable executing all desired functionality from a single piece of a binary executable which can be downloaded as a single application from the app store. Problems of existing mobile OSes for application downloading will be resolved.Type: ApplicationFiled: November 15, 2015Publication date: May 18, 2017Applicant: APPDOME LTD.Inventors: Avner Yehuda, Lior Halphon, Meir Tsvi
-
Publication number: 20170060565Abstract: It is often desired to add or change the functionality of an existing executable, also known as binary. Simply splicing in new machine code into the binary will not work due to host system-specific and platform-specific limitations. The present invention will enable adding any new code to an existing program while overcoming the aforementioned consistency limitations and maintaining the original functionality.Type: ApplicationFiled: August 8, 2016Publication date: March 2, 2017Applicant: APPDOME LTD.Inventors: Avner Yehuda, Omer Schory, Meir Tsvi, Daniel Zatuchne