-
公开(公告)号:US20180248851A1
公开(公告)日:2018-08-30
申请号:US15445930
申请日:2017-02-28
发明人: Erez KAPLAN HAELION
CPC分类号: H04L63/0428 , H04L9/0625 , H04L9/0631 , H04L9/3268 , H04L43/062 , H04L61/2015 , H04L63/0823 , H04L63/1441 , H04L67/02
摘要: A device, method and product for port-scrambling-based networks. The method comprising in response to a device intending to transmit an outgoing communication to a target device in a computer network, via a first port, scrambling the first port of the outgoing communication to obtain a second port by applying a transformation function which utilizes a certificate that is shared among a portion of the devices in the computer network; and transmitting the outgoing communication to via the second target port. The method comprises receiving, via a second source port, an incoming communication from a source device in the computer network, descrambling the second source port of the incoming communication to obtain a first source port by applying a reverse function of the transformation function; and directing the incoming communication at the first source port instead of the second source port.
-
公开(公告)号:US10397196B2
公开(公告)日:2019-08-27
申请号:US15445930
申请日:2017-02-28
发明人: Erez Kaplan Haelion
摘要: A device, method and product for port-scrambling-based networks. The method comprising in response to a device intending to transmit an outgoing communication to a target device in a computer network, via a first port, scrambling the first port of the outgoing communication to obtain a second port by applying a transformation function which utilizes a certificate that is shared among a portion of the devices in the computer network; and transmitting the outgoing communication to via the second target port. The method comprises receiving, via a second source port, an incoming communication from a source device in the computer network, descrambling the second source port of the incoming communication to obtain a first source port by applying a reverse function of the transformation function; and directing the incoming communication at the first source port instead of the second source port.
-
公开(公告)号:US09838368B2
公开(公告)日:2017-12-05
申请号:US15304052
申请日:2016-08-25
发明人: Erez Kaplan Haelion
CPC分类号: H04L63/061 , H04L63/062 , H04L63/068 , H04L63/145
摘要: A method, system and computer program product providing port scrambling for securing communications in internal computer networks are disclosed. A transformation function is applied on an identifier of a first port at which an outgoing communication is designated to be received, whereby an identifier of a second port the outgoing communication is directed to be received at is obtained. The transformation function depends on at least one parameter shared among a plurality of devices in a computer network, whereby a device receiving the communication at the second port is enabled to apply an inverse transformation function on the identifier of the second port to obtain the identifier of the first port and redirect the communication thereto. The transformation function is applied in condition that transmittal of the outgoing communication was requested by an application program listed in a list of authorized application programs for the plurality of devices.
-
公开(公告)号:US09794277B2
公开(公告)日:2017-10-17
申请号:US15390755
申请日:2016-12-27
申请人: Cyber 2.0 (2015) LTD
发明人: Erez Kaplan Haelion
CPC分类号: H04L63/1416 , G06F21/44 , H04L63/0236 , H04L63/101 , H04L63/1408 , H04L63/1441 , H04L67/146 , H04L67/24
摘要: A computer-implemented method, computerized apparatus and computer program product for monitoring traffic in a computer network. The computer network comprises a plurality of devices configured to apply a transformation function on a target port identifier of a requested transmission by an application program executing thereon and direct the transmission to a different target port per the scrambled identifier thereby obtained. The transformation function depends on at least one parameter shared among the plurality of devices and applying thereof is conditioned on the application program requesting transmission being listed in a list of authorized application programs. Attempts to access invalid ports as defined by the transformation function are identified and an action for mitigating a security threat ascribed thereto is provided.
-
公开(公告)号:US20190306130A1
公开(公告)日:2019-10-03
申请号:US15937380
申请日:2018-03-27
发明人: Erez Kaplan Haelion
摘要: System, product and method for connectivity-based scrambling is disclosed. Port scrambling mode is selected based on connectivity to a network. In one mode, ports of authorized outgoing communications are scrambled, while ports of unauthorized outgoing communications remain unscrambled. In another mode, ports of unauthorized outgoing communications are scrambled, while ports of authorized outgoing communications remain unscrambled. In some cases, under the first mode, ports of all incoming communications are descrambled, wile in the second mode, ports of all incoming communications remain unscrambled.
-
公开(公告)号:US20180278617A1
公开(公告)日:2018-09-27
申请号:US15464403
申请日:2017-03-21
发明人: Erez Kaplan Haelion
CPC分类号: H04L63/101 , G06F9/54 , H04L41/20 , H04L43/045 , H04L63/0227
摘要: A system, product and method for preventing unauthorized outgoing communications. The method comprises, in response to an attempt to transmit an outgoing communication by a transmitting software entity, obtaining a list of software entities which have performed Inter-Process Communication (IPC), directly or indirectly, with the transmitting software entity. The method further comprises for each software entity in the list of software entities, checking whether the software entity is an unauthorized software entity. In response to detecting an unauthorized software entity in the list of software entities, the outgoing communication may be blocked. As a result, the outgoing communication is prevented from being transmitted.
-
公开(公告)号:US20180270257A1
公开(公告)日:2018-09-20
申请号:US15980719
申请日:2018-05-15
申请人: Cyber 2.0 (2015) LTD
发明人: Erez Kaplan Haelion
CPC分类号: H04L63/1416 , G06F21/14 , G06F21/44 , H04L63/0236 , H04L63/101 , H04L63/1408 , H04L63/1441 , H04L63/162 , H04L67/146 , H04L67/24
摘要: Method, system and product for detection of invalid port accesses in port-scrambling-based networks. The network may comprise a plurality of computers, each of which is configured to selectively scramble port of outgoing communications transmitted over the network and to descramble ports of incoming communications received from the network. The selective scrambling of ports may be based on a whitelist of programs. Invalid port accesses are monitored for. Invalid port accesses may be a communication transmitted over the network directing at a port, wherein an unscrambled port obtained after descrambling the port, is an invalid port. Invalid port accesses may be logged and actions may be taken to mitigate potential security risk represented thereby.
-
公开(公告)号:US20190268317A1
公开(公告)日:2019-08-29
申请号:US16396714
申请日:2019-04-28
发明人: Erez Kaplan Haelion
IPC分类号: H04L29/06
摘要: System, product and method for connectivity-based scrambling is disclosed. Port scrambling mode is selected based on connectivity to a network. In one mode, ports of authorized outgoing communications are scrambled, while ports of unauthorized outgoing communications remain unscrambled. In another mode, ports of unauthorized outgoing communications are scrambled, while ports of authorized outgoing communications remain unscrambled. In some cases, under the first mode, ports of all incoming communications are descrambled, while in the second mode, ports of all incoming communications remain unscrambled.
-
公开(公告)号:US10313318B2
公开(公告)日:2019-06-04
申请号:US15800965
申请日:2017-11-01
发明人: Erez Kaplan Haelion
摘要: A method, system and computer program product providing port scrambling for securing communications in internal computer networks are disclosed. A transformation function is applied on an identifier of a first port at which an outgoing communication is designated to be received, whereby an identifier of a second port the outgoing communication is directed to be received at is obtained. The transformation function depends on at least one parameter shared among a plurality of devices in a computer network, whereby a device receiving the communication at the second port is enabled to apply an inverse transformation function on the identifier of the second port to obtain the identifier of the first port and redirect the communication thereto. The transformation function is applied in condition that transmittal of the outgoing communication was requested by an application program listed in a list of authorized application programs for the plurality of devices.
-
公开(公告)号:US20170244686A1
公开(公告)日:2017-08-24
申请号:US15304052
申请日:2016-08-25
发明人: Erez Kaplan HAELION
IPC分类号: H04L29/06
CPC分类号: H04L63/061 , H04L63/062 , H04L63/068 , H04L63/145
摘要: A method, system and computer program product providing port scrambling for securing communications in internal computer networks are disclosed. A transformation function is applied on an identifier of a first port at which an outgoing communication is designated to be received, whereby an identifier of a second port the outgoing communication is directed to be received at is obtained. The transformation function depends on at least one parameter shared among a plurality of devices in a computer network, whereby a device receiving the communication at the second port is enabled to apply an inverse transformation function on the identifier of the second port to obtain the identifier of the first port and redirect the communication thereto. The transformation function is applied in condition that transmittal of the outgoing communication was requested by an application program listed in a list of authorized application programs for the plurality of devices.
-
-
-
-
-
-
-
-
-
搜索结果
18 条记录 (耗时 0.014 秒)
