公开(公告)号：EP3264718A1

公开(公告)日：2018-01-03

申请号：EP17178664.3

申请日：2017-06-29

申请人： Argus Cyber Security Ltd.

发明人： Galula, Yaron ,  Ben-Noon, Ofer ,  Lavi, Oron

IPC分类号： H04L29/06 ,  H04L29/08 ,  H04L12/40

CPC分类号： H04L63/1425 ,  G06F21/85 ,  H04L12/40013 ,  H04L63/0254 ,  H04L63/10 ,  H04L63/123 ,  H04L63/1408 ,  H04L63/1433 ,  H04L63/1466 ,  H04L67/12 ,  H04L67/22 ,  H04L69/40 ,  H04L2012/40215 ,  H04W4/48

摘要： Systems and methods for detection of attacks on a communication authentication layer of an in-vehicle network, including determining, by at least one network node, at least one attack attempt on the communication authentication layer of the in-vehicle network, wherein the determination is carried out by identifying anomalies in at least one of messages, data and metadata directed to the communication authentication layer, and selecting, by the at least one network node, a response corresponding to the determined attack attempt from at least one of modification of parameter values corresponding to a security protocol, a failsafe response, and rejection of messages identified as anomalies.

摘要翻译： 用于检测车载网络的通信验证层上的攻击的系统和方法，包括通过至少一个网络节点确定车载网络的通信验证层上的至少一个攻击企图，其中所述确定是 通过识别针对通信验证层的消息，数据和元数据中的至少一个中的异常来执行，以及由至少一个网络节点从参数值的修改中的至少一个中选择与所确定的攻击尝试相对应的响应 对应于安全协议，故障安全响应以及拒绝被标识为异常的消息。

公开(公告)号：EP2892201A1

公开(公告)日：2015-07-08

申请号：EP15150195.4

申请日：2015-01-06

申请人： Argus Cyber Security Ltd.

发明人： Ben Noon, Ofer ,  Galula, Yaron ,  Lavi, Oron

IPC分类号： H04L29/06 ,  H04L12/24 ,  G06F21/60 ,  G06F11/30

CPC分类号： B60R16/023 ,  B60R25/00 ,  G06F11/30 ,  G06F21/55 ,  G06F21/554 ,  G06F21/606 ,  G06F21/6281 ,  H04L12/4625 ,  H04L63/0227 ,  H04L63/14 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/1425 ,  H04L63/1441 ,  H04L67/12 ,  H04L2012/40215 ,  H04L2012/40273

摘要： Apparatus for providing security to an in-vehicle communication network having a bus and at least one node connected to the bus and having software responsive to which the node performs operations, the apparatus comprising: a first module configured to be connected to the at least one node and generate and transmit a hash of at least a portion of the node software in response to receiving a challenge; and a second module configured to be connected to the in-vehicle network and transmit a challenge to the first module requesting that the first module generate and transmit a hash of the at least a portion of the node software to the second module; wherein the second module is configured to determine if the hash received from the first module is generated responsive to a correct version of the node software.

摘要翻译： 一种用于向车载通信网络提供安全性的设备，该车辆通信网络具有总线和连接到总线的至少一个节点，并具有响应于该节点执行操作的软件，该装置包括：第一模块，被配置为连接至该至少一个 并且响应于接收到挑战而生成并发送所述节点软件的至少一部分的散列; 以及第二模块，其被配置为连接到所述车载网络并向所述第一模块发送请求所述第一模块的挑战，并向所述第二模块发送所述节点软件的所述至少一部分的散列; 其中所述第二模块被配置为响应于所述节点软件的正确版本来确定从所述第一模块接收的所述散列是否生成。

公开(公告)号：EP2892202B1

公开(公告)日：2018-06-20

申请号：EP15150216.8

申请日：2015-01-06

申请人： Argus Cyber Security Ltd.

发明人： Ben Noon, Ofer ,  Galula, Yaron ,  Lavi, Oron

IPC分类号： H04L29/06 ,  H04L12/24 ,  G06F11/30

CPC分类号： B60R16/023 ,  B60R25/00 ,  G06F11/30 ,  G06F21/55 ,  G06F21/554 ,  G06F21/606 ,  G06F21/6281 ,  H04L12/4625 ,  H04L63/0227 ,  H04L63/123 ,  H04L63/14 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/1425 ,  H04L63/1441 ,  H04L67/12 ,  H04L2012/40215 ,  H04L2012/40273

摘要： An in-vehicle communication network comprising: a bus and at least one node connected to the bus; an in-vehicle network operating system (OS) that manages OS processes, a secondary memory in which process codes for the processes are stored, and a primary memory, into which the OS loads a copy of a process code of a process to enable a processor to run the process and execute the process code; and a module hosted in the OS and having a hook in at least one position of the OS that provides information to the module responsive to operation of the OS that the module processes in accordance with executable instructions that the module comprises to determine if the in-vehicle OS is operating properly.

公开(公告)号：EP2892201B1

公开(公告)日：2017-08-30

申请号：EP15150195.4

申请日：2015-01-06

申请人： Argus Cyber Security Ltd.

发明人： Ben Noon, Ofer ,  Galula, Yaron ,  Lavi, Oron

IPC分类号： H04L29/06 ,  H04L12/24 ,  G06F21/60 ,  G06F11/30 ,  B60R25/00 ,  B60R16/023 ,  G06F21/55 ,  G06F21/62 ,  H04L29/08

CPC分类号： B60R16/023 ,  B60R25/00 ,  G06F11/30 ,  G06F21/55 ,  G06F21/554 ,  G06F21/606 ,  G06F21/6281 ,  H04L12/4625 ,  H04L63/0227 ,  H04L63/14 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/1425 ,  H04L63/1441 ,  H04L67/12 ,  H04L2012/40215 ,  H04L2012/40273

摘要： An in-vehicle communication network comprising: a bus and at least one node connected to the bus; an in-vehicle network operating system (OS) that manages OS processes, a secondary memory in which process codes for the processes are stored, and a primary memory, into which the OS loads a copy of a process code of a process to enable a processor to run the process and execute the process code; and a module hosted in the OS and having a hook in at least one position of the OS that provides information to the module responsive to operation of the OS that the module processes in accordance with executable instructions that the module comprises to determine if the in-vehicle OS is operating properly.

摘要翻译： 一种车载通信网络，包括：总线和连接到总线的至少一个节点; 管理OS处理的车载网络操作系统（OS），其中存储用于处理的处理代码的第二存储器以及主存储器，OS在其中加载进程的进程代码的副本以启用 处理器运行进程并执行进程代码; 以及托管在所述OS中并且在所述OS的至少一个位置处具有钩子的模块，所述钩子响应于所述模块根据所述模块处理的所述OS的操作向所述模块提供信息，所述模块包括所述可执行指令以确定所述in- 车辆操作系统运行正常。

公开(公告)号：EP3373553A1

公开(公告)日：2018-09-12

申请号：EP18160802.7

申请日：2018-03-08

申请人： Argus Cyber Security Ltd.

发明人： Atad, Matan ,  Ezra, Shiran ,  Barzilay, Gilad ,  Galula, Yaron

IPC分类号： H04L29/06

CPC分类号： H04L63/0209 ,  H04L43/00 ,  H04L43/04 ,  H04L63/0245 ,  H04L63/0263 ,  H04L63/1416 ,  H04L63/1425 ,  H04L63/1441 ,  H04L67/12 ,  H04L69/22 ,  H04W36/0027 ,  H04W36/0055 ,  H04W36/0066 ,  H04W36/28 ,  H04W76/12 ,  H04W76/15 ,  H04W76/16 ,  H04W76/18 ,  H04W76/19

摘要： A system and method securing an in-vehicle network in a vehicle may include a switch connected to at least two segments of the in-vehicle network and an IDPS connected to the switch. The IDPS unit may be adapted to: receive network messages from the switch; determine at least some of the network messages are related to a cyber threat and configure the switch according to the cyber threat. The IDPS unit may be included in the switch.

公开(公告)号：EP2892200A1

公开(公告)日：2015-07-08

申请号：EP15150180.6

申请日：2015-01-06

申请人： Argus Cyber Security Ltd.

发明人： Ben Noon, Ofer ,  Galula, Yaron ,  Lavi, Oron

IPC分类号： H04L29/06 ,  H04L12/24 ,  G06F21/60 ,  G06F11/30

CPC分类号： B60R16/023 ,  B60R25/00 ,  G06F11/30 ,  G06F21/55 ,  G06F21/554 ,  G06F21/606 ,  G06F21/6281 ,  H04L12/4625 ,  H04L63/0227 ,  H04L63/14 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/1425 ,  H04L63/1441 ,  H04L67/12 ,  H04L2012/40215 ,  H04L2012/40273

摘要： A module for providing security to an in-vehicle communication network having a bus and at least one node connected to the bus, the module comprising: a memory having software comprising data characterizing messages that the at least one node transmits and receives via the bus during normal operation of the node; a communication port via which the module receives and transmits messages configured to be connected to a portion of the in-vehicle network; and a processor that processes messages received via the port from the portion of the in-vehicle network responsive to the software in the memory to: identify an anomalous message in the received messages indicative of exposure of the in-vehicle network to damage from a cyber attack; and cause the module to transmit at least one signal via the port to the portion of the in-vehicle network that alters the anomalous message so that the at least one node will discard it.

摘要翻译： 一种用于向具有总线和连接到总线的至少一个节点的车载通信网络提供安全性的模块，所述模块包括：具有软件的存储器，其包括表征所述至少一个节点经由所述总线在所述总线期间发送和接收的消息的数据 节点正常运行; 模块接收并发送被配置为连接到车载网络的一部分的消息的通信端口; 以及处理器，其响应于所述存储器中的软件，处理经由所述端口从所述端口接收的消息，以响应于所述接收到的消息中的异常消息，所述消息指示所述车载网络暴露于来自网络的损坏 攻击; 并且使得所述模块经由所述端口将至少一个信号发送到所述车载网络中改变所述异常消息的部分，使得所述至少一个节点将其丢弃。

公开(公告)号：EP2892199A1

公开(公告)日：2015-07-08

申请号：EP15150157.4

申请日：2015-01-06

申请人： Argus Cyber Security Ltd.

发明人： Ben Noon, Ofer ,  Galula, Yaron ,  Lavi, Oron

IPC分类号： H04L29/06 ,  H04L12/24 ,  G06F21/60 ,  G06F11/30

CPC分类号： B60R16/023 ,  B60R25/00 ,  G06F11/30 ,  G06F21/55 ,  G06F21/554 ,  G06F21/606 ,  G06F21/6281 ,  H04L12/4625 ,  H04L63/0227 ,  H04L63/14 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/1425 ,  H04L63/1441 ,  H04L67/12 ,  H04L2012/40215 ,  H04L2012/40273

摘要： A system for providing security to an in-vehicle communication network, the system comprising: a data monitoring and processing hub; and at least one module configured to monitor messages in communication traffic propagating in a vehicle's in-vehicle network, the network having a bus and at least one node connected to the bus, the module comprising: a communication interface configured to support communication with the hub; a memory having software comprising data characterizing messages that the at least one node transmits and receives during normal operation of the node; at least one communication port via which the module receives and transmits messages configured to be connected to a portion of the in-vehicle network; a processor that processes messages received via the port from the portion of the in-vehicle network responsive to the software in the memory to: identify an anomalous message in the received messages indicative of exposure of the in-vehicle network to damage from a cyber attack; determine an action to be taken by the module that affects the anomalous message; and transmit data responsive to the anomalous message to the hub for processing by the hub via the communication interface.

摘要翻译： 一种用于向车载通信网络提供安全性的系统，所述系统包括：数据监控和处理集线器; 以及至少一个模块，被配置为监视在车辆车载网络中传播的通信业务中的消息，所述网络具有总线和连接到所述总线的至少一个节点，所述模块包括：通信接口，被配置为支持与所述集线器的通信 ; 具有软件的存储器，所述软件包括表征所述至少一个节点在所述节点的正常操作期间发送和接收的消息的数据; 至少一个通信端口，所述模块经由所述通信端口接收并发送被配置为连接到所述车载网络的一部分的消息; 响应于存储器中的软件，处理经由端口从车载网络部分接收的消息的处理器，以识别接收到的消息中的异常消息，指示车载网络暴露于网络攻击造成的损坏 ; 确定模块将采取的影响异常消息的动作; 并且响应于异常消息将数据发送到集线器，以经由通信接口由集线器处理。

公开(公告)号：EP3565188A3

公开(公告)日：2020-02-19

申请号：EP19171850.1

申请日：2019-04-30

申请人： Argus Cyber Security Ltd

发明人： Barzilay, Gilad ,  Dagmi, Or ,  Ezra, Shiran ,  Galula, Yaron

IPC分类号： H04L12/40 ,  H04L29/06 ,  H04L29/08

摘要： A method of determining a fingerprint characterizing a node of a plurality of nodes in an in-vehicle communications network that transmitted a waveform propagating in the network, comprising receiving and analyzing an analog waveform, detrending the time sequence of features of the waveform and providing a fingerprint of the node that comprises a feature vector having components based on the amplitudes.

公开(公告)号：EP3565188A2

公开(公告)日：2019-11-06

申请号：EP19171850.1

申请日：2019-04-30

申请人： Argus Cyber Security Ltd

发明人： Barzilay, Gilad ,  Dagmi, Or ,  Ezra, Shiran ,  Galula, Yaron

IPC分类号： H04L12/40 ,  H04L29/06 ,  H04L29/08

摘要： A method of determining a fingerprint characterizing a node of a plurality of nodes in an in-vehicle communications network that transmitted a waveform propagating in the network, comprising receiving and analyzing an analog waveform, detrending the time sequence of features of the waveform and providing a fingerprint of the node that comprises a feature vector having components based on the amplitudes.

公开(公告)号：EP3528163A1

公开(公告)日：2019-08-21

申请号：EP19157991.1

申请日：2019-02-19

申请人： Argus Cyber Security Ltd

发明人： Galula, Yaron ,  Shalev, Amos

IPC分类号： G06F21/55 ,  H04L29/06 ,  H04W12/12 ,  H04L29/08

摘要： A method of providing an alert of an occurrence of a hacker intrusion, the method comprising: detecting a hacker intrusion; and transmitting a concealed or camouflaged report of the hacker intrusion to provide an alert of the occurrence of the intrusion.