公开(公告)号：US20150286839A1

公开(公告)日：2015-10-08

申请号：US14359604

申请日：2013-12-02

申请人： Omer Ben-Shalom ,  Avishai Goldberg ,  Alex Nayshtut

发明人： Omer Ben-Shalom ,  Avishai Goldberg ,  Alex Nayshtut

IPC分类号： G06F21/62

CPC分类号： G06F21/6245 ,  G06F21/6218 ,  G06F21/6227 ,  G06F2221/2105 ,  G06F2221/2149

摘要： Example methods, systems, apparatus and articles of manufacture to protect content based on persona are disclosed. An example system includes a content encryption manager to encrypt a first content with an unencrypted first content key in response to identifying a first persona mode of a computing device, a persona encryption manager to encrypt the unencrypted first content key with a first public key to generate an encrypted first content key, and a metadata integrator to embed the encrypted first content key into the encrypted first content.

摘要翻译： 公开了用于保护基于人物的内容的示例性方法，系统，装置和制品。 一个示例系统包括：内容加密管理器，用于响应于识别计算设备的第一人称模式来加密具有未加密的第一内容密钥的第一内容;角色层加密管理器，用第一公钥加密未加密的第一内容密钥以产生 加密的第一内容密钥和元数据集成器，以将加密的第一内容密钥嵌入加密的第一内容。

公开(公告)号：US20150007316A1

公开(公告)日：2015-01-01

申请号：US13931705

申请日：2013-06-28

申请人： Omer Ben-Shalom ,  Alex Nayshtut ,  Igor Muttik

发明人： Omer Ben-Shalom ,  Alex Nayshtut ,  Igor Muttik

IPC分类号： H04L29/06

CPC分类号： H04L63/1416 ,  G06F21/50 ,  G06F21/55 ,  G06F21/552 ,  G06F21/554 ,  G06F21/556 ,  H04L63/0227 ,  H04L63/12 ,  H04L63/14 ,  H04L63/1408 ,  H04L63/1425 ,  H04L63/145 ,  H04L63/16

摘要： A technique allows detection of covert malware that attempts to hide network traffic. By monitoring network traffic both in a secure trusted environment and in an operating system environment, then comparing the monitor data, attempts to hide network traffic can be detected, allowing the possibility of performing rehabilitative actions on the computer system to locate and remove the malware hiding the network traffic.

摘要翻译： 一种技术允许检测隐藏恶意软件，试图隐藏网络流量。 通过监视安全受信任环境和操作系统环境中的网络流量，可以对监视数据进行比较，可以检测到隐藏网络流量的尝试，从而允许在计算机系统上执行恢复操作，以定位和删除恶意软件隐藏 网络流量。

公开(公告)号：US20140096179A1

公开(公告)日：2014-04-03

申请号：US13631080

申请日：2012-09-28

申请人： OMER BEN-SHALOM ,  Alex Nayshtut ,  Edward V. Jimison, JR. ,  Avigdor Eldar ,  Adi Shaliv

发明人： OMER BEN-SHALOM ,  Alex Nayshtut ,  Edward V. Jimison, JR. ,  Avigdor Eldar ,  Adi Shaliv

IPC分类号： G06F21/00 ,  G06F15/16

CPC分类号： H04L63/061 ,  G06F21/445 ,  G06F21/6218 ,  H04L63/0869 ,  H04W12/06

摘要： A system establishes secure communications between first and second electronic devices. The first device stores secured content to be accessed by second device based on identification information of the first device. The identification information of the first device may be manually input into the second device, and the second device may perform an initial pairing operation with the first device based on this manually entered information. The identification information stored from initial pairing may allow secure automatic pairing.

摘要翻译： 系统建立第一和第二电子设备之间的安全通信。 第一设备基于第一设备的识别信息存储要被第二设备访问的安全内容。 可以将第一设备的识别信息手动输入到第二设备中，并且第二设备可以基于该手动输入的信息与第一设备进行初始配对操作。 从初始配对中存储的识别信息可以允许安全的自动配对。

公开(公告)号：US20190156183A1

公开(公告)日：2019-05-23

申请号：US16233700

申请日：2018-12-27

申请人： David M. Durham ,  Michael Kounavis ,  Oleg Pogorelik ,  Alex Nayshtut ,  Omer Ben-Shalom ,  Antonios Papadimitriou

发明人： David M. Durham ,  Michael Kounavis ,  Oleg Pogorelik ,  Alex Nayshtut ,  Omer Ben-Shalom ,  Antonios Papadimitriou

IPC分类号： G06N3/04 ,  G06N3/063 ,  G06N3/08 ,  G06F17/18 ,  G06F7/58

摘要： The present disclosure is directed to systems and methods for the selective introduction of low-level pseudo-random noise into at least a portion of the weights used in a neural network model to increase the robustness of the neural network and provide a stochastic transformation defense against perturbation type attacks. Random number generation circuitry provides a plurality of pseudo-random values. Combiner circuitry combines the pseudo-random values with a defined number of least significant bits/digits in at least some of the weights used to provide a neural network model implemented by neural network circuitry. In some instances, selection circuitry selects pseudo-random values for combination with the network weights based on a defined pseudo-random value probability distribution.

公开(公告)号：US20150365427A1

公开(公告)日：2015-12-17

申请号：US14369587

申请日：2013-12-18

申请人： Omer Ben-Shalom ,  Igor Muttik ,  Alex Nayshtut ,  Yaniv Avidan

发明人： Omer Ben-Shalom ,  Igor Muttik ,  Alex Nayshtut ,  Yaniv Avidan

IPC分类号： H04L29/06 ,  G06F21/56

CPC分类号： H04L63/145 ,  G06F21/55 ,  G06F21/56 ,  G06F21/567 ,  H04L63/107 ,  H04L63/1416 ,  H04L63/1441

摘要： Various embodiments are generally directed to techniques to detect and eradicate malware attacks by employing information indicative of malware activity received from both endpoint devices and network devices proving network services to endpoint devices. An apparatus to detect malware includes a processor component, an analysis component for execution by the processor component to employ a trust level assigned to a device in a network as a factor in an analysis of an indication received from the device of a malware attack, and an eradication component for execution by the processor component to determine an action to take through the network to eradicate the malware attack based on the analysis. Other embodiments are described and claimed.

摘要翻译： 各种实施例通常涉及通过采用指示从端点设备和网络设备接收的恶意软件活动的信息来检测和消除恶意软件攻击的技术，以证明网络服务到端点设备。 用于检测恶意软件的装置包括处理器组件，用于由处理器组件执行的分析组件，以采用分配给网络中的设备的信任级别作为对从恶意软件攻击的设备接收的指示的分析的因素;以及 用于由处理器组件执行以根据分析来确定通过网络以消除恶意软件攻击的动作的根除组件。 描述和要求保护其他实施例。

公开(公告)号：US20130339740A1

公开(公告)日：2013-12-19

申请号：US13994884

申请日：2012-03-08

申请人： Omer Ben-Shalom ,  Alex Nayshtut

发明人： Omer Ben-Shalom ,  Alex Nayshtut

IPC分类号： H04L29/06

CPC分类号： H04L63/0823 ,  H04L9/3268 ,  H04L63/0876 ,  H04L63/205

摘要： Disclosed herein is a certificate authority server configured to provide multi-factor digital certificates. A processor readable medium may include a plurality of instructions configured to enable a certificate authority server of a certificate authority, in response to execution of the instructions by a processor, to receive a request to provide a multi-factor digital security certificate by digitally signing a certificate request having a plurality of factors and a cryptographic key, wherein a first of the plurality of factors is an identifier of a device and a second of the plurality of factors is an identifier of a user of the device. The instructions are also configured to enable the certificate authority server to associate the cryptographic key with the plurality of factors and issue the digital security certificate based on the certificate request. Also disclosed is a method of using a multi-factor digital certificate as part of the authorization process to implicitly bind the plurality of factors. Other embodiments may be described and claimed.

摘要翻译： 这里公开了配置为提供多因素数字证书的证书授权服务器。 处理器可读介质可以包括多个指令，其被配置为使得证书颁发机构的证书颁发机构服务器响应于处理器的指令的执行而接收通过数字签名来提供多因素数字安全证书的请求 具有多个因素的证书请求和密码密钥，其中所述多个因素中的第一个因素是设备的标识符，并且所述多个因素中的第二个因素是设备的用户的标识符。 指令还被配置为使得证书颁发机构服务器能够将加密密钥与多个因素相关联，并且基于证书请求发布数字安全证书。 还公开了一种使用多因素数字证书作为授权过程的一部分来隐式地绑定多个因素的方法。 可以描述和要求保护其他实施例。

公开(公告)号：US20130339736A1

公开(公告)日：2013-12-19

申请号：US13527371

申请日：2012-06-19

申请人： Alex Nayshtut ,  Omer Ben-Shalom

发明人： Alex Nayshtut ,  Omer Ben-Shalom

IPC分类号： H04L9/32 ,  H04L9/00

CPC分类号： H04L63/08 ,  H04L9/3247 ,  H04L63/0807 ,  H04L63/108 ,  H04L67/145

摘要： Systems, apparatus and methods for periodically validating the identity of two or more machines that have established a secure communication connection over a network. A client may initiate a secure communication session with a server by providing an identification certificate. Upon establishing a secure connection with the server, the client may periodically reaffirm its identity by sending a secure heartbeat message that includes a timestamp offset and a client identifier in order to keep the connection open. The server can require periodic receipt of the secure heartbeat message in order to maintain the secure communication session. The client identifier may include a code or value based on a unique physical attribute of the client. The timestamp offset may be calculated by the client based on a timestamp provided by the server.

摘要翻译： 用于周期性地验证已经通过网络建立安全通信连接的两台或多台机器的身份的系统，装置和方法。 客户端可以通过提供识别证书来发起与服务器的安全通信会话。 在建立与服务器的安全连接时，客户端可以通过发送包括时间戳偏移和客户端标识符的安全心跳消息来周期性地重新确认其身份，以便保持连接的打开。 服务器可能需要定期接收安全的心跳消息，以便维护安全通信会话。 客户端标识符可以包括基于客户端的唯一物理属性的代码或值。 时间戳偏移可以由客户端基于服务器提供的时间戳计算。

公开(公告)号：US09116849B2

公开(公告)日：2015-08-25

申请号：US13799318

申请日：2013-03-13

申请人： Alex Nayshtut ,  Omer Ben-Shalom ,  Terry H. Yoshii

发明人： Alex Nayshtut ,  Omer Ben-Shalom ,  Terry H. Yoshii

IPC分类号： G06F21/60 ,  G06F11/14 ,  H04L9/08 ,  G06F21/62

CPC分类号： G06F21/60 ,  G06F11/1453 ,  G06F21/6227 ,  H04L9/083 ,  H04L9/0894 ,  H04L9/14 ,  H04L9/3242 ,  H04L63/0435 ,  H04L63/061 ,  H04L63/062 ,  H04L63/0876 ,  H04L2209/60

摘要： Technologies for de-duplicating encrypted content include fragmenting a file into blocks on a computing device, encrypting each block, and storing each encrypted block on a content data server with associated keyed hashes and member identifications. The computing device additionally transmits each encrypted block with an associated member encryption key and member identification to a key server. As part of the de-duplication process, the content data server stores only one copy of the encrypted data for a particular associated keyed hash, and the key server similarly associates a single member encryption key with the keyed hash. To retrieve the file, the computing device receives the encrypted blocks with their associated keyed hashes and member identifications from the content data server and receives the corresponding member decryption key from the key server. The computing device decrypts each block using the member decryption keys and combines to blocks to generate the file.

摘要翻译： 用于解密加密内容的技术包括将文件分解成计算设备上的块，加密每个块，以及将每个加密的块存储在具有相关联的密钥哈希和成员标识的内容数据服务器上。 计算设备另外向密钥服务器发送具有相关联的成员加密密钥和成员标识的每个加密块。 作为重复数据删除过程的一部分，内容数据服务器仅存储用于特定关联密钥哈希的加密数据的一个副本，并且密钥服务器类似地将单个成员加密密钥与密钥哈希相关联。 为了检索文件，计算设备从内容数据服务器接收具有相关联的密钥哈希和成员标识的加密块，并从密钥服务器接收相应的成员解密密钥。 计算设备使用成员解密密钥对每个块进行解密，并组合到块以生成该文件。

公开(公告)号：US20140281486A1

公开(公告)日：2014-09-18

申请号：US13799318

申请日：2013-03-13

申请人： Alex Nayshtut ,  Omer Ben-Shalom ,  Terry H. Yoshii

发明人： Alex Nayshtut ,  Omer Ben-Shalom ,  Terry H. Yoshii

IPC分类号： H04L29/06

CPC分类号： G06F21/60 ,  G06F11/1453 ,  G06F21/6227 ,  H04L9/083 ,  H04L9/0894 ,  H04L9/14 ,  H04L9/3242 ,  H04L63/0435 ,  H04L63/061 ,  H04L63/062 ,  H04L63/0876 ,  H04L2209/60

摘要： Technologies for de-duplicating encrypted content include fragmenting a file into blocks on a computing device, encrypting each block, and storing each encrypted block on a content data server with associated keyed hashes and member identifications. The computing device additionally transmits each encrypted block with an associated member encryption key and member identification to a key server. As part of the de-duplication process, the content data server stores only one copy of the encrypted data for a particular associated keyed hash, and the key server similarly associates a single member encryption key with the keyed hash. To retrieve the file, the computing device receives the encrypted blocks with their associated keyed hashes and member identifications from the content data server and receives the corresponding member decryption key from the key server. The computing device decrypts each block using the member decryption keys and combines to blocks to generate the file.

摘要翻译： 用于解密加密内容的技术包括将文件分解成计算设备上的块，加密每个块，以及将每个加密的块存储在具有相关联的密钥哈希和成员标识的内容数据服务器上。 计算设备另外向密钥服务器发送具有相关联的成员加密密钥和成员标识的每个加密块。 作为重复数据删除过程的一部分，内容数据服务器仅存储用于特定关联密钥哈希的加密数据的一个副本，并且密钥服务器类似地将单个成员加密密钥与密钥哈希相关联。 为了检索文件，计算设备从内容数据服务器接收具有相关联的密钥哈希和成员标识的加密块，并从密钥服务器接收相应的成员解密密钥。 计算设备使用成员解密密钥对每个块进行解密，并组合到块以生成该文件。

公开(公告)号：US20140094121A1

公开(公告)日：2014-04-03

申请号：US13629965

申请日：2012-09-28

申请人： Omer Ben-Shalom ,  Alex Nayshtut ,  Moshe Maor

发明人： Omer Ben-Shalom ,  Alex Nayshtut ,  Moshe Maor

IPC分类号： H04W12/00 ,  H04B7/24

CPC分类号： H04L63/164 ,  H04L63/18 ,  H04L69/32

摘要： Systems and methods may provide for establishing an out-of-band (OOB) channel between a local wireless interface and a remote backend receiver, and receiving information from a peripheral device via the local wireless interface. Additionally, the information may be sent to the backend receiver via the OOB channel, wherein the OOB channel bypasses a local operating system. In one example, a secure Bluetooth stack is used to receive the information from the peripheral device.

摘要翻译： 系统和方法可以提供在本地无线接口和远程后端接收机之间建立带外（OOB）信道，以及经由本地无线接口从外围设备接收信息。 此外，可以经由OOB信道将信息发送到后端接收器，其中OOB信道绕过本地操作系统。 在一个示例中，使用安全的蓝牙堆栈来从外围设备接收信息。