-
公开(公告)号:US20240114053A1
公开(公告)日:2024-04-04
申请号:US17936878
申请日:2022-09-30
发明人: Natan Katz , Raphael Gozlan , Dor Livine
CPC分类号: H04L63/1483 , H04L41/16
摘要: A device, system, and method are provided for detecting an email phishing attack by training graph neural network to detect phishing emails based on hypertext markup language (HTML) tags and cascading style sheets (CSS) included in an email. Noise is added during the training of the graph neural network to make the trained graph neural networks more robust against small changes in the training data.
-
2.发明申请公开(公告)号:US20210006569A1
公开(公告)日:2021-01-07
申请号:US16503515
申请日:2019-07-04
发明人: Ilan URIEL
摘要: An instantiated application includes both a runtime instantiation of an application image, and an administrative service operable to install in the instantiated application at least one security module during runtime of the instantiated application in a container. Prior to runtime, a design time agent can access the application image in a repository, examine the application image, and based on the examining, adding at least one security module to the application image prior to instantiation. During runtime, a runtime agent can query parameters of the container, such as static and dynamic variables available on the machine on which the container is running. The runtime agent processes these parameters in conjunction with predefined rules to determine an action such as starting, stopping, adding, and/or changing the security module, such as the method of packet inspection.
-
公开(公告)号:US10728274B2
公开(公告)日:2020-07-28
申请号:US15272452
申请日:2016-09-22
发明人: Ilan Uriel , Aviad Mor
IPC分类号: H04L29/06
摘要: Computerized methods and systems inspect data packets received from a web server for the presence of a value from a list of prohibited values. If a prohibited value is absent, a gateway injects at least one JavaScript code segment for execution by a web browser. The at least one JavaScript code segment includes a plurality of JavaScript functions which include at least one security analysis JavaScript function and a plurality of modified JavaScript functions. Each of the modified JavaScript functions is created from a respective native JavaScript function to include at least one code segment that when executed inspects for at least one of: a dynamic modification of at least one JavaScript function from a prohibited list of JavaScript functions, a dynamic creation of at least one JavaScript function from the prohibited list of JavaScript functions, or a dynamic reference to a value from the list of prohibited values.
-
公开(公告)号:US09935903B2
公开(公告)日:2018-04-03
申请号:US14501085
申请日:2014-09-30
发明人: Yuval Raban , Leo Natan , Ori Feldman
CPC分类号: H04L51/046 , H04L51/14
摘要: Processing client requests for duplicate-free server operations is particularly useful for creating and sending items using Microsoft Exchange Web Services (EWS). The system facilitates avoiding creation and sending of duplicate items. In contrast to conventional implementations that send a single command to create and then perform subsequent processing of an item, a feature of the present embodiment is using two commands: a first command to create the item, and a second command to subsequently process the item. In a specific implementation, an EWS item's provided ChangeKey property is used to keep track of the EWS's reply from the server to the client, thereby avoiding duplicate item creation.
-
公开(公告)号:US09686294B2
公开(公告)日:2017-06-20
申请号:US14738935
申请日:2015-06-15
发明人: Alon Kantor , Tamir Zegman
IPC分类号: H04L29/06
CPC分类号: H04L63/1416 , H04L63/0281 , H04L63/1433 , H04L63/1441 , H04L63/164 , H04L63/168 , H04L63/20 , H04L2209/84 , H04W4/40 , H04W12/12
摘要: Methods and systems for protecting components of a linked vehicle from cyber-attack are disclosed. These methods and systems comprise elements of hardware and software for receiving a packet; tunneling the packet to a terrestrial-based security service, analyzing whether the packet is harmful to a component in the vehicle, and at least one action to protect at least one component.
-
公开(公告)号:US09647985B2
公开(公告)日:2017-05-09
申请号:US13900576
申请日:2013-05-23
发明人: Tamir Zegman , Ofer Barkai
CPC分类号: H04L63/0227 , H04L43/106 , H04L63/1458
摘要: A network component has a set of one or more rules, each of which has a match component and an action component. If an incoming packet maps to the match component of a rule, then the packet is handled according to the rule's action component. If the rule also includes a limit component, then if the packet maps to the rule's match component, a family history of the rule is updated, and the packet is handled according to the rule's action component only if the rule's family history satisfies the rule's limit component.
-
公开(公告)号:US08902900B2
公开(公告)日:2014-12-02
申请号:US13765702
申请日:2013-02-13
申请人: Amir Erman , Amnon Perlmutter , Ben Zion Weissman
发明人: Amir Erman , Amnon Perlmutter , Ben Zion Weissman
CPC分类号: G06F11/1464 , H04L7/00 , H04L45/46 , H04L63/0218 , H04L67/1095 , H04L67/142 , H04L69/22 , H04L69/40
摘要: A method and system is provided for a scalable clustered system. The method and system may handle asynchronous traffic as well as session backup. In the method and system, a home cluster member having ownership of a local session predicts designation of a an other cluster member to receive a packet associated with the local session and sends appropriate state information or forwarding instruction to the other network member.
摘要翻译: 为可扩展集群系统提供了一种方法和系统。 该方法和系统可以处理异步流量以及会话备份。 在方法和系统中,具有本地会话所有权的归属集群成员预测指定另一个集群成员以接收与本地会话相关联的分组,并向其他网络成员发送适当的状态信息或转发指令。
-
8.发明授权公开(公告)号:US08850576B2
公开(公告)日:2014-09-30
申请号:US13411567
申请日:2012-03-04
申请人: Guy Guzner , Ami Haviv , Danny Lieblich , Yahav Gal
发明人: Guy Guzner , Ami Haviv , Danny Lieblich , Yahav Gal
CPC分类号: H04L63/0823 , H04L9/3268 , H04L63/1408
摘要: Disclosed are methods and media for inspecting security certificates. Methods include the steps of: scanning, by a network security device, messages of a security protocol between a server and a client system; detecting the messages having a security certificate; detecting suspicious security certificates from the messages; and aborting particular sessions of the security protocol associated with the suspicious certificates. Preferably, the step of scanning is performed only on messages of server certificate records. Preferably, the method further includes the step of sending an invalid-certificate notice to the server and the client system. Preferably, the step of detecting the suspicious certificates includes detecting a use of an incorrectly-generated private key for the certificates. Preferably, the step of detecting the suspicious certificates includes detecting an unavailability of revocation information for the certificates. Preferably, the step of detecting the suspicious certificates includes detecting a use of an invalid cryptographic algorithm for the certificates.
摘要翻译: 披露了检查安全证书的方法和媒体。 方法包括以下步骤:由网络安全设备扫描服务器和客户端系统之间的安全协议的消息; 检测具有安全证书的消息; 从消息中检测可疑安全证书; 并中止与可疑证书相关联的安全协议的特定会话。 优选地,仅对服务器证书记录的消息执行扫描步骤。 优选地,该方法还包括向服务器和客户端系统发送无效证书通知的步骤。 优选地,检测可疑证书的步骤包括检测证书的使用不正确生成的私钥。 优选地,检测可疑证书的步骤包括检测证书的撤销信息的不可用性。 优选地,检测可疑证书的步骤包括检测对证书的无效加密算法的使用。
-
公开(公告)号:US08844019B2
公开(公告)日:2014-09-23
申请号:US13682754
申请日:2012-11-21
发明人: Ofer Barkai , Dorit Dor , Tamir Zegman
IPC分类号: H04L29/06
CPC分类号: H04L63/0281 , H04L63/0227 , H04L63/1425 , H04L63/1458
摘要: A security gateway of a computer network receives incoming packets at one or more network interfaces. One or more security functions are applied to the packets. Reports of security function violations are recorded. The reports include the source addresses of the packets, the times that the packets were received, and descriptions of the violations. The descriptions include weights, and if the sum of the weights, for packets of a common source address that are received within a first time interval, exceeds a threshold, subsequent packets from that source address are dropped. Alternatively, in a “monitor only” mode, the common source address is logged but packets are not dropped. Optionally, encrypted packets and/or packets received at some network interfaces but not at other network interfaces are not dropped.
摘要翻译: 计算机网络的安全网关在一个或多个网络接口处接收传入的分组。 一个或多个安全功能被应用于分组。 记录安全功能违规的报告。 这些报告包括报文的源地址,接收报文的时间以及违规的描述。 描述包括权重,并且如果在第一时间间隔内接收到的公共源地址的分组的权重之和超过阈值,则来自该源地址的后续分组被丢弃。 或者,在“仅监视”模式下,记录公共源地址,但不会丢弃数据包。 可选地,在一些网络接口而不是在其他网络接口处接收到的加密分组和/或分组不被丢弃。
-
公开(公告)号:US20140143850A1
公开(公告)日:2014-05-22
申请号:US13682754
申请日:2012-11-21
发明人: Ofer Barkai , Dorit Dor , Tamir Zegman
IPC分类号: H04L29/06
CPC分类号: H04L63/0281 , H04L63/0227 , H04L63/1425 , H04L63/1458
摘要: A security gateway of a computer network receives incoming packets at one or more network interfaces. One or more security functions are applied to the packets. Reports of security function violations are recorded. The reports include the source addresses of the packets, the times that the packets were received, and descriptions of the violations. The descriptions include weights, and if the sum of the weights, for packets of a common source address that are received within a first time interval, exceeds a threshold, subsequent packets from that source address are dropped. Alternatively, in a “monitor only” mode, the common source address is logged but packets are not dropped. Optionally, encrypted packets and/or packets received at some network interfaces but not at other network interfaces are not dropped.
摘要翻译: 计算机网络的安全网关在一个或多个网络接口处接收传入的分组。 一个或多个安全功能被应用于分组。 记录安全功能违规的报告。 这些报告包括报文的源地址,接收报文的时间以及违规的描述。 描述包括权重,并且如果在第一时间间隔内接收到的公共源地址的分组的权重之和超过阈值,则来自该源地址的后续分组被丢弃。 或者,在“仅监视”模式下,记录公共源地址,但不会丢弃数据包。 可选地,在一些网络接口而不是在其他网络接口处接收到的加密分组和/或分组不被丢弃。
-
-
-
-
-
-
-
-
-
搜索结果
118 条记录 (耗时 0.025 秒)
