Patents by Inventor Moshe Kravchik
Moshe Kravchik has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11019086Abstract: A system includes a network gateway in communication with a plurality of servers, a household behavior model processor which models a household behavior model based at least on expected usage of each of a plurality of network appliances, wherein each one appliance of the plurality of network appliances is associated with one of the plurality of servers, and behavior of users associated with the network gateway, an anomaly detector which determines, on the basis of the household behavior model, if an anomalous control message which has been sent to one of the plurality of network appliances from one of the servers has been received at the network gateway, and a notification server which sends a notification to an application on an administrator's device upon receipt of the anomalous control message at the network gateway. Related systems, apparatus, and methods are also described.Type: GrantFiled: April 4, 2019Date of Patent: May 25, 2021Assignee: CISCO TECHNOLOGY, INC.Inventors: Steve Epstein, Avi Fruchter, Moshe Kravchik, Yaron Sella, Itay Harush
-
Patent number: 10609042Abstract: Various systems and methods for determining whether to allow or continue to allow access to a protected data asset are disclosed herein. For example, one method involves receiving a request to access a protected data asset, wherein the request is received from a first user device; determining whether to grant access to the protected data asset, wherein the determining comprises evaluating one or more criteria associated with the first user device, and the criteria comprises first information associated with a first policy constraint; and in response to a determination that access to the protected data asset is to be granted, granting access to the protected data asset.Type: GrantFiled: December 21, 2016Date of Patent: March 31, 2020Assignee: Cisco Technology, Inc.Inventors: Paul Quinn, Michael E. Lipman, Mike Milano, David D. Ward, James Guichard, Leonid Sandler, Moshe Kravchik, Alena Lifar, Darrin Miller
-
Patent number: 10540509Abstract: In one embodiment, a method for protecting a file is implemented on a computing device and includes: intercepting a file-access request from an application-process for the file; searching a whitelist for a whitelist entry associated with the application-process and a file-type for the file, where the whitelist entry indicates that the application-process is allowed to access files of the file-type, and upon determining according to the searching that the application-process is allowed to perform the file-access request, allowing the application-process to access the file according to the file-access request.Type: GrantFiled: June 8, 2017Date of Patent: January 21, 2020Assignee: Cisco Technology, Inc.Inventors: Oded Ashkenazi, Moshe Kravchik, Arie Haenel, Benyamin Hirschberg
-
Patent number: 10387648Abstract: In one embodiment, a system includes a central processing unit (CPU) to identify a ransomware process which encrypted a plurality of files yielding a plurality of encrypted files, in response to identifying the ransomware process, dump a memory space and a state of the CPU yielding a memory dump, and search the memory dump for a plurality of candidate encryption keys, and a decryption engine to attempt to decrypt at least one encrypted file of the plurality of encrypted files with different candidate encryption keys of the plurality of candidate encryption keys until the at least one encrypted file is successfully decrypted with one candidate encryption key of the different candidate encryption keys, and decrypt the plurality of encrypted files using the one candidate encryption key. Related apparatus and methods are also described.Type: GrantFiled: October 26, 2016Date of Patent: August 20, 2019Assignee: Cisco Technology, Inc.Inventors: Benyamin Hirschberg, Moshe Kravchik, Arie Haenel, Hillel Solow
-
Publication number: 20190238580Abstract: A system includes a network gateway in communication with a plurality of servers, a household behavior model processor which models a household behavior model based at least on expected usage of each of a plurality of network appliances, wherein each one appliance of the plurality of network appliances is associated with one of the plurality of servers, and behavior of users associated with the network gateway, an anomaly detector which determines, on the basis of the household behavior model, if an anomalous control message which has been sent to one of the plurality of network appliances from one of the servers has been received at the network gateway, and a notification server which sends a notification to an application on an administrator's device upon receipt of the anomalous control message at the network gateway. Related systems, apparatus, and methods are also described.Type: ApplicationFiled: April 4, 2019Publication date: August 1, 2019Inventors: Steve Epstein, Avi Fruchter, Moshe Kravchik, Yaron Sella, Itay Harush
-
Patent number: 10298604Abstract: In one embodiment, a system is described, the system including a network gateway in communication with a plurality of original equipment manufacturer (OEM) servers, a household behavior model processor which models a household behavior model based at least on expected usage of each of a plurality of OEM network appliances, wherein each one appliance of the plurality of OEM network appliances is associated with one of the plurality of OEM servers, and behavior of users associated with the network gateway, an anomaly detector which determines, on the basis of the household behavior model, if an anomalous control message which has been sent to one of the plurality of OEM network appliances from one of the OEM servers has been received at the network gateway, and a notification server which sends a notification to an application on an administrator's device upon receipt of the anomalous control message at the network gateway. Related systems, apparatus, and methods are also described.Type: GrantFiled: September 5, 2016Date of Patent: May 21, 2019Assignee: Cisco Technology, Inc.Inventors: Steve Epstein, Avi Fruchter, Moshe Kravchik, Yaron Sella, Itay Harush
-
Publication number: 20180357416Abstract: In one embodiment, a method for protecting a file is implemented on a computing device and includes: intercepting a file-access request from an application-process for the file; searching a whitelist for a whitelist entry associated with the application-process and a file-type for the file, where the whitelist entry indicates that the application-process is allowed to access files of the file-type, and upon determining according to the searching that the application-process is allowed to perform the file-access request, allowing the application-process to access the file according to the file-access request.Type: ApplicationFiled: June 8, 2017Publication date: December 13, 2018Inventors: Oded ASHKENAZI, Moshe Kravchik, Arie Haenel, Benyamin Hirschberg
-
Publication number: 20180114020Abstract: In one embodiment, a system includes a central processing unit (CPU) to identify a ransomware process which encrypted a plurality of files yielding a plurality of encrypted files, in response to identifying the ransomware process, dump a memory space and a state of the CPU yielding a memory dump, and search the memory dump for a plurality of candidate encryption keys, and a decryption engine to attempt to decrypt at least one encrypted file of the plurality of encrypted files with different candidate encryption keys of the plurality of candidate encryption keys until the at least one encrypted file is successfully decrypted with one candidate encryption key of the different candidate encryption keys, and decrypt the plurality of encrypted files using the one candidate encryption key. Related apparatus and methods are also described.Type: ApplicationFiled: October 26, 2016Publication date: April 26, 2018Inventors: Benyamin HIRSCHBERG, Moshe KRAVCHIK, Arie HAENEL, Hillel SOLOW
-
Publication number: 20180069879Abstract: In one embodiment, a system is described, the system including a network gateway in communication with a plurality of original equipment manufacturer (OEM) servers, a household behavior model processor which models a household behavior model based at least on expected usage of each of a plurality of OEM network appliances, wherein each one appliance of the plurality of OEM network appliances is associated with one of the plurality of OEM servers, and behavior of users associated with the network gateway, an anomaly detector which determines, on the basis of the household behavior model, if an anomalous control message which has been sent to one of the plurality of OEM network appliances from one of the OEM servers has been received at the network gateway, and a notification server which sends a notification to an application on an administrator's device upon receipt of the anomalous control message at the network gateway. Related systems, apparatus, and methods are also described.Type: ApplicationFiled: September 5, 2016Publication date: March 8, 2018Inventors: Steve EPSTEIN, Avi Fruchter, Moshe Kravchik, Yaron Sella, Itay Harush
-
Publication number: 20170237747Abstract: Various systems and methods for determining whether to allow or continue to allow access to a protected data asset are disclosed herein. For example, one method involves receiving a request to access a protected data asset, wherein the request is received from a first user device; determining whether to grant access to the protected data asset, wherein the determining comprises evaluating one or more criteria associated with the first user device, and the criteria comprises first information associated with a first policy constraint; and in response to a determination that access to the protected data asset is to be granted, granting access to the protected data asset.Type: ApplicationFiled: December 21, 2016Publication date: August 17, 2017Inventors: Paul Quinn, Michael E. Lipman, Mike Milano, David D. Ward, James Guichard, Leonid Sandler, Moshe Kravchik, Alena Lifar, Darrin Miller
-
Patent number: 9003378Abstract: Systems, methods, and computer readable media for collecting run-time error information for an executing script through the use of a double code-injection technique are described. A first native code injection into a user's client-side application (e.g., a browser application) is made. The second injection is thereafter made by the user's client-side application itself (when the first injected program code is executed) into the application's associated scripting engine and only when a script error has been detected. The second injected program code or scripts collect detailed run-time script error information within the context of the application's scripting engine. The second injected program code can then return the collected error information to the user application's context where it may be provided to a debug tool or recorded for later review (by the first injected program code).Type: GrantFiled: December 14, 2010Date of Patent: April 7, 2015Assignee: BMC Software, Inc.Inventors: Daniel Liberty, Moshe Kravchik
-
Publication number: 20120151274Abstract: Systems, methods, and computer readable media for collecting run-time error information for an executing script through the use of a double code-injection technique are described. A first native code injection into a user's client-side application (e.g., a browser application) is made. The second injection is thereafter made by the user's client-side application itself (when the first injected program code is executed) into the application's associated scripting engine and only when a script error has been detected. The second injected program code or scripts collect detailed run-time script error information within the context of the application's scripting engine. The second injected program code can then return the collected error information to the user application's context where it may be provided to a debug tool or recorded for later review (by the first injected program code).Type: ApplicationFiled: December 14, 2010Publication date: June 14, 2012Applicant: BMC SOFTWARE, INC.Inventors: Daniel Liberty, Moshe Kravchik
-
Patent number: 7827539Abstract: A tracing system that provides automated tuning of execution tracing by adjusting the collection of trace data is described. In one embodiment, the user sets an initial tracing profile for a tracing program. In addition, the user sets an upper limit for the tracing performance penalty. The auto-tuning system monitors the performance penalty induced by tracing and, when the performance impact is excessive, removes trace points that are causing the most impact on performance. Auto tuning is especially useful for performing software recording in mission-critical and/or time-critical applications, such as servers, real-time applications, etc. The system typically adjusts relatively quickly such that most users do not feel the influence of the tracer.Type: GrantFiled: June 23, 2005Date of Patent: November 2, 2010Assignee: Identify Software Ltd.Inventors: Shlomo Wygodny, David Elkind, Moshe Kravchik