公开(公告)号：US20150085865A1

公开(公告)日：2015-03-26

申请号：US14508465

申请日：2014-10-07

申请人： Yoram Zahavi ,  Eyal Pessach ,  Assaf Benedic

发明人： Yoram Zahavi ,  Eyal Pessach ,  Assaf Benedic

IPC分类号： H04L12/751 ,  H04L12/24 ,  H04L29/06

CPC分类号： H04L45/02 ,  H04L41/12 ,  H04L65/1063 ,  H04L65/1079

摘要： Access services are dynamically allocated for processing received data traffic by creating routing information for data traffic associated with a particular subscriber, subscriber equipment and/or network address information. The routing information identifies services that the data traffic can be subjected to and the order in which the services are provided. When an attached request is received, appropriate services for the requesting subscriber are retrieved from a database based on particular identifying information which may include the identification of the subscriber, subscriber equipment, network address or other information. The services are organized in a routing path and the allocated network address and the routing path are transferred to a smart router. Data traffic, associated with the allocated network address is then routed through servers to provide the identified services.

摘要翻译： 通过为与特定用户，订户设备和/或网络地址信息相关联的数据业务创建路由信息来动态地分配接入服务来处理接收到的数据业务。 路由信息识别数据流量可以受到的服务以及提供服务的顺序。 当接收到附加请求时，基于特定识别信息从数据库检索针对请求用户的适当服务，该标识信息可以包括用户的标识，用户设备，网络地址或其他信息。 服务组织在路由路径中，分配的网络地址和路由路径被传送到智能路由器。 与分配的网络地址相关联的数据流量然后通过服务器路由以提供所识别的服务。

公开(公告)号：US08886805B2

公开(公告)日：2014-11-11

申请号：US12946363

申请日：2010-11-15

申请人： Yoram Zahavi ,  Eyal Pessach ,  Assaf Benedic

发明人： Yoram Zahavi ,  Eyal Pessach ,  Assaf Benedic

IPC分类号： G06F15/16 ,  H04L29/06

CPC分类号： H04L45/02 ,  H04L41/12 ,  H04L65/1063 ,  H04L65/1079

摘要： Access services are dynamically allocated for processing received data traffic by creating routing information for data traffic associated with a particular subscriber, subscriber equipment and/or network address information. The routing information identifies services that the data traffic can be subjected to and the order in which the services are provided. When an attached request is received, appropriate services for the requesting subscriber are retrieved from a database based on particular identifying information which may include the identification of the subscriber, subscriber equipment, network address or other information. The services are organized in a routing path and the allocated network address and the routing path are transferred to a smart router. Data traffic, associated with the allocated network address is then routed through servers to provide the identified services.

摘要翻译： 通过为与特定用户，订户设备和/或网络地址信息相关联的数据业务创建路由信息来动态地分配接入服务来处理接收到的数据业务。 路由信息识别数据流量可以受到的服务以及提供服务的顺序。 当接收到附加请求时，基于特定识别信息从数据库检索针对请求用户的适当服务，该标识信息可以包括用户的标识，用户设备，网络地址或其他信息。 服务组织在路由路径中，分配的网络地址和路由路径被传送到智能路由器。 与分配的网络地址相关联的数据流量然后通过服务器路由以提供所识别的服务。

公开(公告)号：US09602613B2

公开(公告)日：2017-03-21

申请号：US12239657

申请日：2008-09-26

申请人： Yoram Zahavi ,  Moran Cohen

发明人： Yoram Zahavi ,  Moran Cohen

IPC分类号： G06F15/16 ,  H04L29/08 ,  G06F17/30

CPC分类号： H04L67/2804 ,  G06F17/30905 ,  H04L67/34

摘要： A solution that improves a user's experience while surfing the Internet. An intermediate device resides logically between a browsing device and content available via the Internet. As responses to content requests from browsing devices are received from a content server, browser links are identified and modified, disabled or covered for example. The intermediate device also creates a browser link to a compound browser object(s) that is created and stored at the intermediate device. This created browser link invokes code at the intermediate device to upload the compound browser object(s). The intermediate device obtains these compound browser objects by obtaining content associated with the identified browser links either from a content server, a local cache or knowledge of its existence eat the browser device.

公开(公告)号：US07895652B2

公开(公告)日：2011-02-22

申请号：US11325234

申请日：2006-01-04

申请人： Doron Kolton ,  Adi Stav ,  Asaf Wexler ,  Ariel Ernesto Frydman ,  Yoram Zahavi

发明人： Doron Kolton ,  Adi Stav ,  Asaf Wexler ,  Ariel Ernesto Frydman ,  Yoram Zahavi

IPC分类号： G06F15/16

CPC分类号： H04L63/0428 ,  G06F21/552 ,  H04L63/1408 ,  H04L63/1416

摘要： A system and method for detecting network attacks within encrypted network traffic received by a protected network includes a decryption module and an adaptor module. This system and method can be inserted and used with multiple types of operating systems.

摘要翻译： 用于检测由受保护网络接收的加密网络流量内的网络攻击的系统和方法包括解密模块和适配器模块。 该系统和方法可以插入和使用多种类型的操作系统。

公开(公告)号：US09152615B2

公开(公告)日：2015-10-06

申请号：US13728864

申请日：2012-12-27

申请人： Yoram Zahavi ,  Yoav Weiss ,  Adi Belan ,  Evgeny Gorokhovsky

发明人： Yoram Zahavi ,  Yoav Weiss ,  Adi Belan ,  Evgeny Gorokhovsky

IPC分类号： G06F17/00 ,  G06F17/22 ,  H04L29/08 ,  G06F17/30

CPC分类号： G06F17/2247 ,  G06F17/3089 ,  H04L67/1065 ,  H04L67/14 ,  H04L67/20 ,  H04L67/2823

摘要： Disclosed is a system and method that adds additional data (a banner, footer or a header, for example) to a web page while the data is transferred toward a mobile device. An exemplary system can comprise an intermediate node between a surfer and the Internet. Such an intermediate node element can reside at a service provider premises (SPP), for example. The service provider can be a telecom operator, such as but not limited to, a cellular service provider, a satellite communication service provider, a Public Switched Telephone Network (PSTN) operator, an access network service provider, etc. Alternatively, other exemplary embodiments can comprise elements which reside at an Internet Service Provider (ISP) premises.

摘要翻译： 公开了一种在数据被传送到移动设备的同时向网页上添加附加数据（例如，横幅，页脚或头部）的系统和方法。 示例性系统可以包括在冲浪者和因特网之间的中间节点。 例如，这样的中间节点元素可以驻留在服务提供者驻地（SPP）处。 服务提供商可以是电信运营商，例如但不限于蜂窝服务提供商，卫星通信服务提供商，公共交换电话网络（PSTN）运营商，接入网络服务提供商等。或者，其他示例性实施例 可以包括驻留在因特网服务提供商（ISP）场所的元件。

公开(公告)号：US08595835B2

公开(公告)日：2013-11-26

申请号：US13006230

申请日：2011-01-13

申请人： Doron Kolton ,  Adi Stav ,  Asaf Wexler ,  Ariel Ernesto Frydman ,  Yoram Zahavi

发明人： Doron Kolton ,  Adi Stav ,  Asaf Wexler ,  Ariel Ernesto Frydman ,  Yoram Zahavi

IPC分类号： G06F21/00

CPC分类号： H04L63/0428 ,  G06F21/552 ,  H04L63/1408 ,  H04L63/1416

摘要： Systems and methods for identification of network attacks are disclosed. An example system includes an adaptor module to route a received encrypted packet to a decryption module, receive a decrypted packet corresponding to the encrypted packet from the decryption module, and transmit the decrypted packet and the encrypted packet to a sensor module. The decryption module is to receive an encrypted packet, decrypt the encrypted packet to form the decrypted packet, and transmit the decrypted packet to the adaptor module. The sensor module is to inspect the decrypted packet and the encrypted packet received from the adaptor module to determine when an attack is detected.

摘要翻译： 公开了用于识别网络攻击的系统和方法。 示例系统包括：将接收到的加密分组路由到解密模块的适配器模块，从解密模块接收对应于加密分组的解密分组，并将解密的分组和加密分组发送到传感器模块。 解密模块是接收加密的分组，解密加密的分组以形成解密的分组，并将解密的分组发送到适配器模块。 传感器模块将检查解密的数据包和从适配器模块接收到的加密数据包，以确定何时检测到攻击。

公开(公告)号：US20080034424A1

公开(公告)日：2008-02-07

申请号：US11532058

申请日：2006-09-14

申请人： Kevin Overcash ,  Kate Delikate ,  Rami Mizrahi ,  Galit Efron ,  Doron Kolton ,  Asaf Wexler ,  Netta Gavrieli ,  Yoram Zahavi

发明人： Kevin Overcash ,  Kate Delikate ,  Rami Mizrahi ,  Galit Efron ,  Doron Kolton ,  Asaf Wexler ,  Netta Gavrieli ,  Yoram Zahavi

IPC分类号： G06F12/14

CPC分类号： H04L63/1416 ,  G06F21/55 ,  H04L63/102

摘要： A system and method for protection of Web based applications are described. An agent is included in a web server such that traffic is routed through the agent. A security module is also in communication with the agent. The agent receives information about the application profile, and patterns of acceptable traffic behavior, from the security module. The agent acts as a gatekeeper, holding up suspicious traffic that does not match the pattern of acceptable traffic behavior until the suspicious traffic has been analyzed by the security module. Using the agent, malicious traffic can dropped before it can reach the application, or the user can be logged out, or both.

摘要翻译： 描述了一种用于保护基于Web的应用程序的系统和方法。 代理被包括在web服务器中，使得流量通过代理路由。 安全模块也与代理通信。 代理从安全模块接收有关应用程序配置文件的信息和可接受流量行为的模式。 该代理充当网守，阻止可疑流量与可接受的流量行为模式不匹配，直到安全模块分析了可疑流量。 使用代理程序，恶意流量可能会在到达应用程序之前丢弃，或者用户可以注销，或两者兼而有之。

公开(公告)号：US20130124976A1

公开(公告)日：2013-05-16

申请号：US13728864

申请日：2012-12-27

申请人： Yoram Zahavi ,  Yoav Weiss ,  Adi Belan ,  Evgeny Gorokhovsky

发明人： Yoram Zahavi ,  Yoav Weiss ,  Adi Belan ,  Evgeny Gorokhovsky

IPC分类号： G06F17/22

CPC分类号： G06F17/2247 ,  G06F17/3089 ,  H04L67/1065 ,  H04L67/14 ,  H04L67/20 ,  H04L67/2823

摘要： Disclosed is a system and method that adds additional data (a banner, footer or a header, for example) to a web page while the data is transferred toward a mobile device. An exemplary system can comprise an intermediate node between a surfer and the Internet. Such an intermediate node element can reside at a service provider premises (SPP), for example. The service provider can be a telecom operator, such as but not limited to, a cellular service provider, a satellite communication service provider, a Public Switched Telephone Network (PSTN) operator, an access network service provider, etc. Alternatively, other exemplary embodiments can comprise elements which reside at an Internet Service Provider (ISP) premises.

摘要翻译： 公开了一种在数据被传送到移动设备的同时向网页上添加附加数据（例如，横幅，页脚或头部）的系统和方法。 示例性系统可以包括在冲浪者和因特网之间的中间节点。 例如，这样的中间节点元素可以驻留在服务提供者驻地（SPP）处。 服务提供商可以是电信运营商，例如但不限于蜂窝服务提供商，卫星通信服务提供商，公共交换电话网络（PSTN）运营商，接入网络服务提供商等。或者，其他示例性实施例 可以包括驻留在因特网服务提供商（ISP）场所的元件。

公开(公告)号：US20110283101A1

公开(公告)日：2011-11-17

申请号：US13006230

申请日：2011-01-13

申请人： Doron Kolton ,  Adi Stav ,  Asaf Wexler ,  Ariel Ernesto Frydman ,  Yoram Zahavi

发明人： Doron Kolton ,  Adi Stav ,  Asaf Wexler ,  Ariel Ernesto Frydman ,  Yoram Zahavi

IPC分类号： H04L9/00

CPC分类号： H04L63/0428 ,  G06F21/552 ,  H04L63/1408 ,  H04L63/1416

摘要： A system and method for detecting network attacks within encrypted network traffic received by a protected network includes a decryption module and an adaptor module. This system and method can be inserted and used with multiple types of operating systems.

摘要翻译： 用于检测由受保护网络接收的加密网络流量内的网络攻击的系统和方法包括解密模块和适配器模块。 该系统和方法可以插入和使用多种类型的操作系统。

公开(公告)号：US20100169763A1

公开(公告)日：2010-07-01

申请号：US12640084

申请日：2009-12-17

申请人： Yoram Zahavi ,  Yoav Weiss ,  Adi Belan ,  Evgeny Gorokhovsky

发明人： Yoram Zahavi ,  Yoav Weiss ,  Adi Belan ,  Evgeny Gorokhovsky

IPC分类号： G06F17/00

CPC分类号： G06F17/2247 ,  G06F17/3089 ,  H04L67/1065 ,  H04L67/14 ,  H04L67/20 ,  H04L67/2823

摘要： Disclosed is a system and method that adds additional data (a banner, footer or a header, for example) to a web page while the data is transferred toward a mobile device. An exemplary system can comprise an intermediate node between a surfer and the Internet. Such an intermediate node element can reside at a service provider premises (SPP), for example. The service provider can be a telecom operator, such as but not limited to, a cellular service provider, a satellite communication service provider, a Public Switched Telephone Network (PSTN) operator, an access network service provider, etc. Alternatively, other exemplary embodiments can comprise elements which reside at an Internet Service Provider (ISP) premises.

摘要翻译： 公开了一种在数据被传送到移动设备的同时向网页上添加附加数据（例如，横幅，页脚或头部）的系统和方法。 示例性系统可以包括在冲浪者和因特网之间的中间节点。 例如，这样的中间节点元素可以驻留在服务提供者驻地（SPP）处。 服务提供商可以是电信运营商，例如但不限于蜂窝服务提供商，卫星通信服务提供商，公共交换电话网络（PSTN）运营商，接入网络服务提供商等。或者，其他示例性实施例 可以包括驻留在因特网服务提供商（ISP）场所的元件。