Patents by Inventor Or Peles
Or Peles has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 12450338Abstract: A system, a method, and a computer program product for identification of command injection attacks. The system comprises processors, devices connected to a network, a memory, and an execution platform connected to the devices via the network and capable of executing executable products of execution commands provided thereto by the devices. At least one of the processors is configured to analyze execution commands provided to the execution platform to identify input provisioning or execution events, and determine whether they correlate to the suspicious record event, to perform a remedial action prior to attempting to execute them. When determining that the input includes a command separator and an executable product, the processor records a suspicious event. In response to identifying a potential execution event, determine that an execution command configured to be executed thereby correlates to the suspicious event, and flag the execution command as a command injection attack.Type: GrantFiled: June 19, 2024Date of Patent: October 21, 2025Assignee: JFROG LTD.Inventors: Asaf Karas, Or Peles, Meir Tsvi, Anton Nayshtut
-
Publication number: 20250077648Abstract: A system, a method, and a computer program product for identification of command injection attacks. The system comprises processors, devices connected to a network, a memory, and an execution platform connected to the devices via the network and capable of executing executable products of execution commands provided thereto by the devices. At least one of the processors is configured to analyze execution commands provided to the execution platform to identify input provisioning or execution events, and determine whether they correlate to the suspicious record event, to perform a remedial action prior to attempting to execute them. When determining that the input includes a command separator and an executable product, the processor records a suspicious event. In response to identifying a potential execution event, determine that an execution command configured to be executed thereby correlates to the suspicious event, and flag the execution command as a command injection attack.Type: ApplicationFiled: June 19, 2024Publication date: March 6, 2025Inventors: Asaf KARAS, Or PELES, Meir TSVI, Anton NAYSHTUT
-
Patent number: 12039037Abstract: A method, a computer program product and an apparatus for online detection of command injection attacks in a computerized system. The method comprises determining that an input of a potential input provisioning event received from a network includes a command separator and an executable product and recording a suspicious record event. The method further comprises determining that an execution command configured to be executed a potential execution event correlates to the suspicious record event and in response to said determining flagging the execution command as a command injection attack. The method further comprises performing a remedial action with respect to the flagged command injection attack prior to attempting to execute the execution command.Type: GrantFiled: July 25, 2023Date of Patent: July 16, 2024Assignee: JFROG LTDInventors: Asaf Karas, Or Peles, Meir Tsvi, Anton Nayshtut
-
Patent number: 11956279Abstract: A method and a computer program product and an apparatus for securing communication in heterogeneous networks that include devices with different protection levels. The method comprises monitoring, by a security agent installed on a device, communication between the device and external devices. The method comprises determining a level of in-device protection for each device based on available protection thereof. The method further comprises employing, by the security agent, an associated security policy for communications originating from the device, based on the level of in-device protection; such as resources utilized for employing security policies for communications originating from devices are correlated with the protection levels thereof. The method may further comprise enabling sharing security workload between device having trusted security agents to improve performance efficiency thereof.Type: GrantFiled: June 11, 2020Date of Patent: April 9, 2024Assignee: JFROG LTDInventors: Omer Schory, Or Peles, Shmuel Ur
-
Publication number: 20230376587Abstract: A method, a computer program product and an apparatus for online detection of command injection attacks in a computerized system. The method comprises determining that an input of a potential input provisioning event received from a network includes a command separator and an executable product and recording a suspicious record event. The method further comprises determining that an execution command configured to be executed a potential execution event correlates to the suspicious record event and in response to said determining flagging the execution command as a command injection attack. The method further comprises performing a remedial action with respect to the flagged command injection attack prior to attempting to execute the execution command.Type: ApplicationFiled: July 25, 2023Publication date: November 23, 2023Inventors: Asaf Karas, Or Peles, Meir Tsvi, Anton Nayshtut
-
Publication number: 20230362205Abstract: A method and a computer program product and an apparatus for securing communication in heterogeneous networks that include devices with different protection levels. The method comprises monitoring, by a security agent installed on a device, communication between the device and external devices. The method comprises determining a level of in-device protection for each device based on available protection thereof. The method further comprises employing, by the security agent, an associated security policy for communications originating from the device, based on the level of in-device protection; such as resources utilized for employing security policies for communications originating from devices are correlated with the protection levels thereof. The method may further comprise enabling sharing security workload between device having trusted security agents to improve performance efficiency thereof.Type: ApplicationFiled: July 17, 2023Publication date: November 9, 2023Inventors: Omer Schory, Or Peles, Shmuel Ur
-
Publication number: 20230362206Abstract: A method and a computer program product and an apparatus for securing communication in heterogeneous networks that include devices with different protection levels. The method comprises monitoring, by a security agent installed on a device, communication between the device and external devices. The method comprises determining a level of in-device protection for each device based on available protection thereof. The method further comprises employing, by the security agent, an associated security policy for communications originating from the device, based on the level of in-device protection; such as resources utilized for employing security policies for communications originating from devices are correlated with the protection levels thereof. The method may further comprise enabling sharing security workload between device having trusted security agents to improve performance efficiency thereof.Type: ApplicationFiled: July 17, 2023Publication date: November 9, 2023Inventors: Omer Schory, Or Peles, Shmuel Ur
-
Patent number: 11714899Abstract: A method, system and product for command injection identification. An input hook function is configured to be executed in response to a potential input provisioning event. The input hook function is configured to perform: analyzing a potential input of the potential input provisioning event to identify whether the potential input comprises a command separator and an executable product; and in response to identifying the command separator and the executable product, recording a suspicious input event indicating the command separator and the executable product. An execution hook function is configured to be executed in response to a potential execution event. The execution hook function is configured to perform: in response to a determination that an execution command of the potential execution event comprises the command separator and the executable product of the suspicious input event, flagging the execution command as a command injection attack.Type: GrantFiled: June 27, 2022Date of Patent: August 1, 2023Assignee: JFROG LTDInventors: Asaf Karas, Or Peles, Meir Tsvi, Anton Nayshtut
-
Publication number: 20220335122Abstract: A method, system and product for command injection identification. An input hook function is configured to be executed in response to a potential input provisioning event. The input hook function is configured to perform: analyzing a potential input of the potential input provisioning event to identify whether the potential input comprises a command separator and an executable product; and in response to identifying the command separator and the executable product, recording a suspicious input event indicating the command separator and the executable product. An execution hook function is configured to be executed in response to a potential execution event. The execution hook function is configured to perform: in response to a determination that an execution command of the potential execution event comprises the command separator and the executable product of the suspicious input event, flagging the execution command as a command injection attack.Type: ApplicationFiled: June 27, 2022Publication date: October 20, 2022Inventors: Asaf Karas, Or Peles, Meir Tsvi, Anton Nayshtut
-
Patent number: 11403391Abstract: A method, system and product for command injection identification. An input hook function is configured to be executed in response to a potential input provisioning event. The input hook function is configured to perform: analyzing a potential input of the potential input provisioning event to identify whether the potential input comprises a command separator and an executable product; and in response to identifying the command separator and the executable product, recording a suspicious input event indicating the command separator and the executable product. An execution hook function is configured to be executed in response to a potential execution event. The execution hook function is configured to perform: in response to a determination that an execution command of the potential execution event comprises the command separator and the executable product of the suspicious input event, flagging the execution command as a command injection attack.Type: GrantFiled: November 18, 2019Date of Patent: August 2, 2022Assignee: JF ROG LTDInventors: Asaf Karas, Or Peles, Meir Tsvi, Anton Nayshtut
-
Patent number: 11188470Abstract: A method, system and product, configured to perform: during an execution of a program, obtaining boundaries of a stack frame of a function that is currently present in a stack, wherein said obtaining the boundaries comprises: obtaining a return address of the function in the stack; determining a length of the function using a mapping of return addresses of one or more functions in the program and corresponding lengths of the one or more functions; and determining the boundaries of the stack frame of the function based on a value of a stack pointer of the stack and based on the length of the function; based on the boundaries of the stack frame of the function, determining that the stack frame is overflown; and in response to said determining that the stack frame is overflown, performing a responsive action.Type: GrantFiled: May 20, 2020Date of Patent: November 30, 2021Assignee: VDOO CONNECTED TRUST LTD.Inventors: Or Peles, Asaf Karas, Ori Hollander, Shachar Menashe
-
Publication number: 20210150022Abstract: A method, system and product for command injection identification. An input hook function is configured to be executed in response to a potential input provisioning event. The input hook function is configured to perform: analyzing a potential input of the potential input provisioning event to identify whether the potential input comprises a command separator and an executable product; and in response to identifying the command separator and the executable product, recording a suspicious input event indicating the command separator and the executable product. An execution hook function is configured to be executed in response to a potential execution event. The execution hook function is configured to perform: in response to a determination that an execution command of the potential execution event comprises the command separator and the executable product of the suspicious input event, flagging the execution command as a command injection attack.Type: ApplicationFiled: November 18, 2019Publication date: May 20, 2021Inventors: Asaf Karas, Or Peles, Meir Tsvi, Anton Nayshtut
-
Publication number: 20200396259Abstract: A method and a computer program product and an apparatus for securing communication in heterogeneous networks that include devices with different protection levels. The method comprises monitoring, by a security agent installed on a device, communication between the device and external devices. The method comprises determining a level of in-device protection for each device based on available protection thereof. The method further comprises employing, by the security agent, an associated security policy for communications originating from the device, based on the level of in-device protection; such as resources utilized for employing security policies for communications originating from devices are correlated with the protection levels thereof. The method may further comprise enabling sharing security workload between device having trusted security agents to improve performance efficiency thereof.Type: ApplicationFiled: June 11, 2020Publication date: December 17, 2020Inventors: Omer Schory, Or Peles, Shmuel Ur
-
Publication number: 20200371945Abstract: A method, system and product, configured to perform: during an execution of a program, obtaining boundaries of a stack frame of a function that is currently present in a stack, wherein said obtaining the boundaries comprises: obtaining a return address of the function in the stack; determining a length of the function using a mapping of return addresses of one or more functions in the program and corresponding lengths of the one or more functions; and determining the boundaries of the stack frame of the function based on a value of a stack pointer of the stack and based on the length of the function; based on the boundaries of the stack frame of the function, determining that the stack frame is overflown; and in response to said determining that the stack frame is overflown, performing a responsive action.Type: ApplicationFiled: May 20, 2020Publication date: November 26, 2020Inventors: Or Peles, Asaf Karas, Ori Hollander, Shachar Menashe
-
Patent number: 9930024Abstract: Techniques for detecting security flaws are described herein. An example system includes a processor to perform a login attempt into a website to be tested using a first social login account and a first verification to determine whether the first social login account is logged in. The processor can monitor a database associated with the website for queries. The processor can perform a second login attempt into the website using a second social login account and a second verification to determine whether the second social login account is logged in. The processor can perform a third login attempt using a third social login account. The processor can detect a second set of features based on the queries during the third login attempt. The processor can detect a social login security flaw based on the first and second verification, and the first and second set of detected features.Type: GrantFiled: November 2, 2015Date of Patent: March 27, 2018Assignee: International Business Machines CorporationInventors: Roee Hay, Or Peles
-
Publication number: 20170126650Abstract: Techniques for detecting security flaws are described herein. An example system includes a processor to perform a login attempt into a website to be tested using a first social login account and a first verification to determine whether the first social login account is logged in. The processor can monitor a database associated with the website for queries. The processor can perform a second login attempt into the website using a second social login account and a second verification to determine whether the second social login account is logged in. The processor can perform a third login attempt using a third social login account. The processor can detect a second set of features based on the queries during the third login attempt. The processor can detect a social login security flaw based on the first and second verification, and the first and second set of detected features.Type: ApplicationFiled: November 2, 2015Publication date: May 4, 2017Inventors: Roee Hay, Or Peles
-
Publication number: 20140067656Abstract: A system and method for estimating or calculating a fraud risk by receiving information related to a transaction, using (e.g., after retrieving, from or via a network) social media information related to a party participating in the transaction and calculating a risk score, associated with the transaction, based on the correlation or comparison between the social media information and the information related to the transaction.Type: ApplicationFiled: September 6, 2012Publication date: March 6, 2014Inventors: Shlomo COHEN GANOR, Or Peles