利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

11 条记录 (耗时 0.017 秒)

    System and method of securing web applications across an enterprise
    2.
    发明授权
    System and method of securing web applications across an enterprise 有权
    跨企业保护Web应用程序的系统和方法

    公开(公告)号:US07934253B2

    公开(公告)日:2011-04-26

    申请号:US11532060

    申请日:2006-09-14

    申请人: Kevin Overcash Kate Delikat Rami Mizrahi Galit Efron Doron Kolton Asaf Wexler Netta Gavrieli Yoram Zahavi

    发明人: Kevin Overcash Kate Delikat Rami Mizrahi Galit Efron Doron Kolton Asaf Wexler Netta Gavrieli Yoram Zahavi

    IPC分类号: G06F11/00

    CPC分类号: H04L63/1425 G06F21/55 H04L63/20

    摘要: A system and method for protection of Web based applications are described. The techniques described provide an enterprise wide approach to preventing attacks of Web based applications. Individual computer networks within the enterprise monitor network traffic to identify anomalous traffic. The anomalous traffic can be identified by comparing the traffic to a profile of acceptable user traffic when interacting with the application. The anomalous traffic, or security events, identified at the individual computer networks are communicated to a central security manager. The central security manager correlates the security events at the individual computer networks to determine if there is an enterprise wide security threat. The central security manager can then communicate instructions to the individual computer networks so as to provide an enterprise wide solution to the threat.

    摘要翻译: 描述了一种用于保护基于Web的应用程序的系统和方法。 所描述的技术提供了一种企业级的方法来防止基于Web的应用程序的攻击。 企业内的个人计算机网络监控网络流量,以识别异常流量。 通过在与应用程序交互时将流量与可接受用户流量的配置文件进行比较,可以识别异常流量。 在个别计算机网络上识别的异常流量或安全事件被传送给中央安全管理员。 中央安全经理将各个计算机网络上的安全事件相关联,以确定是否存在企业级的安全威胁。 然后,中央安全经理可以向各个计算机网络传达指令,从而为威胁提供企业级的解决方案。

    Method and apparatus for detection of information transmission abnormalities
    4.
    发明授权
    Method and apparatus for detection of information transmission abnormalities 有权
    检测信息传输异常的方法和装置

    公开(公告)号:US08180886B2

    公开(公告)日:2012-05-15

    申请号:US12270635

    申请日:2008-11-13

    申请人: Kevin Overcash Doron Kolton Rami Mizrahi

    发明人: Kevin Overcash Doron Kolton Rami Mizrahi

    IPC分类号: G06F15/16

    CPC分类号: H04L63/1425 H04L41/142 H04L43/16

    摘要: In one embodiment, a method for securing a network application is described. The method for securing a network application includes receiving network information within a network application and assigning a probability value to an independent aspect of the network information. The probability value is based on a verification of the independent aspect of the information against a profile of acceptable behavior. The method for securing a network application also includes aggregating the probability values of the independent aspects of the network information to determine the probability of the entire network traffic. In addition, the method for securing a network application includes determining whether the probability value of the entire network information is above or below a threshold probability value. The entire network information is screened out based on the probability value of the entire message with respect to the threshold probability value.

    摘要翻译: 在一个实施例中,描述了用于保护网络应用的方法。 用于保护网络应用的方法包括在网络应用内接收网络信息,并将概率值分配给网络信息的独立方面。 概率值是基于信息的独立方面对可接受行为概况的验证。 用于保护网络应用的方法还包括聚合网络信息的独立方面的概率值以确定整个网络业务的概率。 此外,用于确保网络应用的方法包括确定整个网络信息的概率值是否高于或低于阈值概率值。 基于整个消息的概率值相对于阈值概率值来筛选整个网络信息。

    System to enable detecting attacks within encrypted traffic
    6.
    发明授权
    System to enable detecting attacks within encrypted traffic 有权
    系统能够检测加密流量内的攻击

    公开(公告)号:US08595835B2

    公开(公告)日:2013-11-26

    申请号:US13006230

    申请日:2011-01-13

    申请人: Doron Kolton Adi Stav Asaf Wexler Ariel Ernesto Frydman Yoram Zahavi

    发明人: Doron Kolton Adi Stav Asaf Wexler Ariel Ernesto Frydman Yoram Zahavi

    IPC分类号: G06F21/00

    CPC分类号: H04L63/0428 G06F21/552 H04L63/1408 H04L63/1416

    摘要: Systems and methods for identification of network attacks are disclosed. An example system includes an adaptor module to route a received encrypted packet to a decryption module, receive a decrypted packet corresponding to the encrypted packet from the decryption module, and transmit the decrypted packet and the encrypted packet to a sensor module. The decryption module is to receive an encrypted packet, decrypt the encrypted packet to form the decrypted packet, and transmit the decrypted packet to the adaptor module. The sensor module is to inspect the decrypted packet and the encrypted packet received from the adaptor module to determine when an attack is detected.

    摘要翻译: 公开了用于识别网络攻击的系统和方法。 示例系统包括:将接收到的加密分组路由到解密模块的适配器模块,从解密模块接收对应于加密分组的解密分组,并将解密的分组和加密分组发送到传感器模块。 解密模块是接收加密的分组,解密加密的分组以形成解密的分组,并将解密的分组发送到适配器模块。 传感器模块将检查解密的数据包和从适配器模块接收到的加密数据包,以确定何时检测到攻击。

    METHOD AND APPARATUS FOR DETECTION OF INFORMATION TRANSMISSION ABNORMALITIES
    7.
    发明申请
    METHOD AND APPARATUS FOR DETECTION OF INFORMATION TRANSMISSION ABNORMALITIES 有权
    用于检测信息传输异常的方法和装置

    公开(公告)号:US20090138592A1

    公开(公告)日:2009-05-28

    申请号:US12270635

    申请日:2008-11-13

    申请人: Kevin Overcash Doron Kolton Rami Mizrahi

    发明人: Kevin Overcash Doron Kolton Rami Mizrahi

    IPC分类号: G06F15/173

    CPC分类号: H04L63/1425 H04L41/142 H04L43/16

    摘要: In one embodiment, a method for securing a network application is described. The method for securing a network application includes receiving network information within a network application and assigning a probability value to an independent aspect of the network information. The probability value is based on a verification of the independent aspect of the information against a profile of acceptable behavior. The method for securing a network application also includes aggregating the probability values of the independent aspects of the network information to determine the probability of the entire network traffic. In addition, the method for securing a network application includes determining whether the probability value of the entire network information is above or below a threshold probability value. The entire network information is screened out based on the probability value of the entire message with respect to the threshold probability value.

    摘要翻译: 在一个实施例中,描述了用于保护网络应用的方法。 用于保护网络应用的方法包括在网络应用内接收网络信息,并将概率值分配给网络信息的独立方面。 概率值是基于信息的独立方面对可接受行为概况的验证。 用于保护网络应用的方法还包括聚合网络信息的独立方面的概率值以确定整个网络业务的概率。 此外,用于确保网络应用的方法包括确定整个网络信息的概率值是否高于或低于阈值概率值。 基于整个消息的概率值相对于阈值概率值来筛选整个网络信息。

    SYSTEM AND METHOD OF PREVENTING WEB APPLICATIONS THREATS
    8.
    发明申请
    SYSTEM AND METHOD OF PREVENTING WEB APPLICATIONS THREATS 审中-公开
    防止WEB应用程序威胁的系统和方法

    公开(公告)号:US20080034424A1

    公开(公告)日:2008-02-07

    申请号:US11532058

    申请日:2006-09-14

    申请人: Kevin Overcash Kate Delikate Rami Mizrahi Galit Efron Doron Kolton Asaf Wexler Netta Gavrieli Yoram Zahavi

    发明人: Kevin Overcash Kate Delikate Rami Mizrahi Galit Efron Doron Kolton Asaf Wexler Netta Gavrieli Yoram Zahavi

    IPC分类号: G06F12/14

    CPC分类号: H04L63/1416 G06F21/55 H04L63/102

    摘要: A system and method for protection of Web based applications are described. An agent is included in a web server such that traffic is routed through the agent. A security module is also in communication with the agent. The agent receives information about the application profile, and patterns of acceptable traffic behavior, from the security module. The agent acts as a gatekeeper, holding up suspicious traffic that does not match the pattern of acceptable traffic behavior until the suspicious traffic has been analyzed by the security module. Using the agent, malicious traffic can dropped before it can reach the application, or the user can be logged out, or both.

    摘要翻译: 描述了一种用于保护基于Web的应用程序的系统和方法。 代理被包括在web服务器中,使得流量通过代理路由。 安全模块也与代理通信。 代理从安全模块接收有关应用程序配置文件的信息和可接受流量行为的模式。 该代理充当网守,阻止可疑流量与可接受的流量行为模式不匹配,直到安全模块分析了可疑流量。 使用代理程序,恶意流量可能会在到达应用程序之前丢弃,或者用户可以注销,或两者兼而有之。