Patents by Inventor Shlomo Touboul

Shlomo Touboul has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20190349334
    Abstract: A hardware device with embedded software, for detecting Wi-Fi network attacks, including random access memory storing operating software for the device, Flash or EEPROM memory storing Wi-Fi network attack rules and attack data, a Wi-Fi interface monitoring and intercepting Wi-Fi packets and Wi-Fi frames transmitted to and from a mobile station being protected by the device, embedded operating software analyzing sequences of Wi-Fi packets and frames intercepted by the Wi-Fi interface to detect an attempted Wi-Fi network attack, based on the attack rules and the attack data stored in the Flash or EEPROM memory, and sending a notification message to the mobile station when an attempted Wi-Fi network attack is detected, a processor running the embedded operating software, and a power supply supplying power to the processor, to the random access memory, to the Flash or EEPROM memory, and to the Wi-Fi interface.
    Type: Application
    Filed: May 6, 2019
    Publication date: November 14, 2019
    Inventor: Shlomo Touboul
  • Patent number: 10419459
    Abstract: A secure data exchange system comprising a security device including a first external device plug, and a security engine operative to enforce a security policy on data transfer requests received from the host; an external device including a second external device plug; and a host including a first external device port operative to communicatively couple with the first external device plug, a second external device port operative to communicatively couple with the second external device plug, and a driver, e.g., a redirect driver, operative to transfer a data transfer request to the security device before executing the data transfer request.
    Type: Grant
    Filed: June 28, 2017
    Date of Patent: September 17, 2019
    Assignee: CUPP Computing AS
    Inventor: Shlomo Touboul
  • Patent number: 10417421
    Abstract: A small piece of hardware connects to a mobile device and filters out attacks and malicious code. Using the piece of hardware, a mobile device can be protected by greater security and possibly by the same level of security offered by its associated corporation/enterprise. In one embodiment, a mobile security system includes a connection mechanism for connecting to a data port of a mobile device and for communicating with the mobile device; a network connection module for acting as a gateway to a network; a security policy for determining whether to forward content intended for the mobile device to the mobile device; and a security engine for executing the security policy.
    Type: Grant
    Filed: September 27, 2018
    Date of Patent: September 17, 2019
    Assignee: CUPP Computing AS
    Inventor: Shlomo Touboul
  • Patent number: 10417400
    Abstract: In various embodiments, a method comprises detecting a removable media device coupled to a digital device, authenticating a password to access the removable media device, injecting redirection code into the digital device, intercepting, with the redirection code, a request for data, determining to allow the request for data based on a security policy, and providing the data based on the determination. The method may further comprise selecting the security policy from a plurality of security policies based, at least in part, on the password and/or filtering the content of the requested data. Filtering the content may comprise scanning the data for malware. Filtering the content may also comprise scanning the data for confidential information.
    Type: Grant
    Filed: July 21, 2014
    Date of Patent: September 17, 2019
    Assignee: CUPP Computing AS
    Inventors: Shlomo Touboul, Sela Ferdman, Yonathan Yusim
  • Patent number: 10404660
    Abstract: Systems and methods for implementing content, streaming, and network security inside a chip or inside a computing device are disclosed. In exemplary embodiments, a system comprises a communication chip and a second processor. The communication chip comprises a router and security instructions. The router is configured to intercept untrusted data between a network, and a first router. The second processor is configured to receive the untrusted data from the router, process the untrusted data with the security instructions to produce trusted data, and provide the trusted data to the router.
    Type: Grant
    Filed: October 21, 2014
    Date of Patent: September 3, 2019
    Assignee: CUPP Computing AS
    Inventor: Shlomo Touboul
  • Patent number: 10404722
    Abstract: Systems and methods for providing security services during a power management mode are disclosed. In some embodiments, a method comprises detecting with a mobile security system a wake event on a mobile device, providing from the mobile security system a wake signal, the providing being in response to the wake event to wake a mobile device from a power management mode, and managing with the mobile security system security services of the mobile device. Managing security services may comprise scanning a hard drive of the mobile devices for viruses and/or other malware. Managing security services may also comprise updating security applications or scanning the mobile device for unauthorized data.
    Type: Grant
    Filed: June 28, 2018
    Date of Patent: September 3, 2019
    Assignee: CUPP Computing AS
    Inventors: Ami Oz, Shlomo Touboul
  • Patent number: 10397227
    Abstract: Outbound traffic of a host application may be received from a host device having a host processor. The secure resource may be configured to provide a secure transaction based on the outbound network traffic. Using a second processor different than the host processor, it may be determined whether the host application is authorized to provide the outbound network traffic to the secure resource. The outbound network traffic may be allowed to be forwarded to the secure resource if the host application is authorized. The outbound network traffic may be disallowed to be forwarded to the secure resource if the host application is not authorized.
    Type: Grant
    Filed: March 16, 2018
    Date of Patent: August 27, 2019
    Assignee: CUPP Computing AS
    Inventor: Shlomo Touboul
  • Publication number: 20190260767
    Abstract: Systems and methods for providing security services during a power management mode are disclosed. In some embodiments, a method comprises detecting with a mobile security system a wake event on a mobile device, providing from the mobile security system a wake signal, the providing being in response to the wake event to wake a mobile device from a power management mode, and managing with the mobile security system security services of the mobile device. Managing security services may comprise scanning a hard drive of the mobile devices for viruses and/or other malware. Managing security services may also comprise updating security applications or scanning the mobile device for unauthorized data.
    Type: Application
    Filed: May 6, 2019
    Publication date: August 22, 2019
    Applicant: CUPP Computing AS
    Inventors: Ami Oz, Shlomo Touboul
  • Publication number: 20190260806
    Abstract: A computer performs dynamic address isolation. The computer comprises an application associated with an application address, a network interface coupled to receive incoming data packets from and transmit outgoing data packets to an external network, a network address translation engine configured to translate between the application address and a public address, and a driver for automatically forwarding the outgoing data packets to the network address translation engine to translate the application address to the public address, and for automatically forwarding the incoming data packets to the network address translation engine to translate the public address to the application address. The computer may communicate with a firewall configured to handle both network-level security and application-level security.
    Type: Application
    Filed: May 6, 2019
    Publication date: August 22, 2019
    Applicant: CUPP Computing AS
    Inventor: Shlomo Touboul
  • Publication number: 20190245829
    Abstract: Systems and methods for implementing content, streaming, and network security inside a chip or inside a computing device are disclosed. In exemplary embodiments, a system comprises a communication chip and a second processor. The communication chip comprises a router and security instructions. The router is configured to intercept untrusted data between a network, and a first router. The second processor is configured to receive the untrusted data from the router, process the untrusted data with the security instructions to produce trusted data, and provide the trusted data to the router.
    Type: Application
    Filed: April 19, 2019
    Publication date: August 8, 2019
    Applicant: CUPP Computing AS
    Inventor: Shlomo Touboul
  • Patent number: 10341456
    Abstract: A sticker communication system with multi-level caching, including a plurality of stickers, each sticker having a unique ID, each sticker attachable to an item of goods having a unique ID, and each sticker including a processor, a cache caching sticker profiles for a plurality of stickers, wherein a sticker profile includes a sticker ID, an ID for an item of goods to which the sticker is attached, and one or more data entities in the form of [attribute name|attribute value|timestamp, and a wireless communicator, wirelessly transmitting and receiving sticker profiles, wherein the processor is configured to transmit sticker profiles stored in the cache via the wireless communicator to currently nearby stickers that are within range of the wireless communicator, to receive sticker profiles from the nearby stickers, and to store the received sticker profiles in the cache.
    Type: Grant
    Filed: August 26, 2018
    Date of Patent: July 2, 2019
    Inventors: Shlomo Touboul, Marc Berger
  • Patent number: 10313368
    Abstract: A secure data exchange system comprising a security device including a first external device plug, and a security engine operative to enforce a security policy on data transfer requests received from the host; an external device including a second external device plug; and a host including a first external device port operative to communicatively couple with the first external device plug, a second external device port operative to communicatively couple with the second external device plug, and a driver, e.g., a redirect driver, operative to transfer a data transfer request to the security device before executing the data transfer request.
    Type: Grant
    Filed: June 28, 2017
    Date of Patent: June 4, 2019
    Assignee: CUPP Computing AS
    Inventor: Shlomo Touboul
  • Publication number: 20190158618
    Abstract: A sticker communication system with multi-level caching, including a plurality of stickers, each sticker having a unique ID, each sticker attachable to an item of goods having a unique ID, and each sticker including a processor, a cache caching sticker profiles for a plurality of stickers, wherein a sticker profile includes a sticker ID, an ID for an item of goods to which the sticker is attached, and one or more data entities in the form of [attribute name|attribute value|timestamp, and a wireless communicator, wirelessly transmitting and receiving sticker profiles, wherein the processor is configured to transmit sticker profiles stored in the cache via the wireless communicator to currently nearby stickers that are within range of the wireless communicator, to receive sticker profiles from the nearby stickers, and to store the received sticker profiles in the cache.
    Type: Application
    Filed: August 26, 2018
    Publication date: May 23, 2019
    Inventors: Shlomo Touboul, Marc Berger
  • Patent number: 10291650
    Abstract: A cyber security system comprising circuitry of a decoy deployer planting one or more decoy lateral attack vectors in each of a first and a second group of resources within a common enterprise network of resources, the first and second groups of resources having different characteristics in terms of subnets, naming conventions, DNS aliases, listening ports, users and their privileges, and installed applications, wherein a lateral attack vector is an object of a first resource within the network that has a potential to be used by an attacker who discovered the first resource to further discover information regarding a second resource within the network, the second resource being previously undiscovered by the attacker, and wherein the decoy lateral attack vectors in the first group conform to the characteristics of the first group, and the decoy lateral attack vectors in the second group conform to the characteristics of the second group.
    Type: Grant
    Filed: July 5, 2017
    Date of Patent: May 14, 2019
    Assignee: ILLUSIVE NETWORKS LTD.
    Inventors: Shlomo Touboul, Hanan Levin, Stephane Roubach, Assaf Mischari, Itai Ben David, Itay Avraham, Adi Ozer, Chen Kazaz, Ofer Israeli, Olga Vingurt, Liad Gareh, Israel Grimberg, Cobby Cohen, Sharon Sultan, Matan Kubovsky
  • Patent number: 10284603
    Abstract: A computer performs dynamic address isolation. The computer comprises an application associated with an application address, a network interface coupled to receive incoming data packets from and transmit outgoing data packets to an external network, a network address translation engine configured to translate between the application address and a public address, and a driver for automatically forwarding the outgoing data packets to the network address translation engine to translate the application address to the public address, and for automatically forwarding the incoming data packets to the network address translation engine to translate the public address to the application address. The computer may communicate with a firewall configured to handle both network-level security and application-level security.
    Type: Grant
    Filed: June 12, 2018
    Date of Patent: May 7, 2019
    Assignee: CUPP Computing AS
    Inventor: Shlomo Touboul
  • Patent number: 10218742
    Abstract: A computer performs dynamic address isolation. The computer comprises an application associated with an application address, a network interface coupled to receive incoming data packets from and transmit outgoing data packets to an external network, a network address translation engine configured to translate between the application address and a public address, and a driver for automatically forwarding the outgoing data packets to the network address translation engine to translate the application address to the public address, and for automatically forwarding the incoming data packets to the network address translation engine to translate the public address to the application address. The computer may communicate with a firewall configured to handle both network-level security and application-level security.
    Type: Grant
    Filed: June 12, 2018
    Date of Patent: February 26, 2019
    Assignee: CUPP Computing AS
    Inventor: Shlomo Touboul
  • Publication number: 20190026463
    Abstract: A small piece of hardware connects to a mobile device and filters out attacks and malicious code. Using the piece of hardware, a mobile device can be protected by greater security and possibly by the same level of security offered by its associated corporation/enterprise. In one embodiment, a mobile security system includes a connection mechanism for connecting to a data port of a mobile device and for communicating with the mobile device; a network connection module for acting as a gateway to a network; a security policy for determining whether to forward content intended for the mobile device to the mobile device; and a security engine for executing the security policy.
    Type: Application
    Filed: September 27, 2018
    Publication date: January 24, 2019
    Applicant: CUPP Computing AS
    Inventor: Shlomo Touboul
  • Publication number: 20190007430
    Abstract: A secure data exchange system comprising a security device including a first external device plug, and a security engine operative to enforce a security policy on data transfer requests received from the host; an external device including a second external device plug; and a host including a first external device port operative to communicatively couple with the first external device plug, a second external device port operative to communicatively couple with the second external device plug, and a driver, e.g., a redirect driver, operative to transfer a data transfer request to the security device before executing the data transfer request.
    Type: Application
    Filed: August 10, 2018
    Publication date: January 3, 2019
    Applicant: CUPP Computing AS
    Inventor: Shlomo Touboul
  • Patent number: 10142367
    Abstract: A system for network surveillance to detect attackers, including a deception management server within a network of resources, including a deployment module managing and planting one or more decoy attack vectors in one or more of the resources in the network, wherein an attack vector is an object in memory or storage of a first resource that may be used to access a second resource, and one or more decoy servers accessible from resources in the network, each decoy server including an alert module that issues an alert when a specific resource in the network accesses the decoy server via one or more of the decoy attack vectors planted in the specific resource by the deployment module, and a delay module, delaying access to data on the decoy server while a resource accesses the decoy server.
    Type: Grant
    Filed: October 2, 2017
    Date of Patent: November 27, 2018
    Assignee: ILLUSIVE NETWORKS LTD.
    Inventors: Shlomo Touboul, Hanan Levin, Stephane Roubach, Assaf Mischari, Itai Ben David, Itay Avraham, Adi Ozer, Chen Kazaz, Ofer Israeli, Olga Vingurt, Liad Gareh, Israel Grimberg, Cobby Cohen, Sharon Sultan, Matan Kubovsky
  • Publication number: 20180324192
    Abstract: Systems and methods for providing security services during a power management mode are disclosed. In some embodiments, a method comprises detecting with a mobile security system a wake event on a mobile device, providing from the mobile security system a wake signal, the providing being in response to the wake event to wake a mobile device from a power management mode, and managing with the mobile security system security services of the mobile device. Managing security services may comprise scanning a hard drive of the mobile devices for viruses and/or other malware. Managing security services may also comprise updating security applications or scanning the mobile device for unauthorized data.
    Type: Application
    Filed: June 28, 2018
    Publication date: November 8, 2018
    Applicant: CUPP Computing AS
    Inventors: Ami Oz, Shlomo Touboul