专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20070245417A1 Malicious Attack Detection System and An Associated Method of Use 审中-公开
标题翻译：恶意攻击检测系统及相关使用方法
公开(公告)号：US20070245417A1
公开(公告)日：2007-10-18
申请号：US11279979
申请日：2006-04-17
申请人： Hojae Lee , Indra Harijono , Prudhvi Nooney , Uooyeol Yoon
发明人： Hojae Lee , Indra Harijono , Prudhvi Nooney , Uooyeol Yoon
IPC分类号： G06F12/14
CPC分类号： H04L63/1458
摘要： A malicious attack detection system and associated method of use is disclosed. This includes receiving and parsing a header frame of a data packet into header information and internet protocol (“IP” or “TCP/IP”) addresses, checking the header information for a potential malicious attack condition and if present then a constraint filter result is generated, comparing the internet protocol (“IP”) addresses to determine if an internet protocol (“IP”) address had been previously received, determining if an internet protocol (“IP”) address had been previously received, determining the number of constraint filter results to determine if an incremented count is above a predetermined threshold during a predetermined threshold time period, and dropping at least one data packet based on a determination. Preferably, but not necessarily, the process is carried out at wire-speed meaning when a new data packet arrives, all processing above is complete with regard to the previous data packet.
摘要翻译：公开了一种恶意攻击检测系统及其相关使用方法。这包括将数据分组的报头帧接收和解析为报头信息和因特网协议（“IP”或“TCP / IP”）地址，检查报头信息是否存在潜在的恶意攻击条件，如果存在，则约束过滤结果为生成，比较互联网协议（“IP”）地址以确定是否先前已经接收到因特网协议（“IP”）地址，确定是否先前已经接收到因特网协议（“IP”）地址，确定约束的数量滤波器结果以在预定阈值时间段内确定递增计数是否高于预定阈值，并且基于确定丢弃至少一个数据分组。优选但不是必须的，当新的数据分组到达时，该进程以线速表示进行，上述所有处理关于先前的数据分组是完整的。

2. 发明申请

US20070047457A1 Method and system for reassembling packets prior to searching 失效
标题翻译：搜索前重新组装数据包的方法和系统
公开(公告)号：US20070047457A1
公开(公告)日：2007-03-01
申请号：US11214384
申请日：2005-08-29
申请人： Indra Harijono , Ho Lee , Uooyeol Yoon
发明人： Indra Harijono , Ho Lee , Uooyeol Yoon
IPC分类号： H04L12/56 , H04J1/16
CPC分类号： H04L63/1416 , H04L49/90 , H04L49/9094 , H04L69/22 , Y10S370/902
摘要： A method and system for inspecting a data packet stream in a computer network for patterns that fall across data packet boundaries is disclosed. This includes determining if two or more data packets are consecutive in the data packet stream, combining data payloads from the consecutive data packets, and analyzing the combined data payloads from the consecutive data packets for a plurality of patterns of character combinations, wherein the maximum length of the combined data payloads is one less than the maximum number of characters for a pattern having a longest length of the plurality of patterns of character combinations. This can include a content searching engine and/or a regular expression engine. There are optional aspects to return data packets to an outgoing data stream based on predetermined criteria and if the data packets are in the system for over a predetermined time period.
摘要翻译：公开了一种用于在计算机网络中检查数据分组流中用于落入数据分组边界的模式的方法和系统。这包括确定两个或多个数据分组是否在数据分组流中是连续的，组合来自连续数据分组的数据有效载荷，以及分析来自连续数据分组的组合数据有效载荷用于多个字符组合模式，其中最大长度组合数据有效载荷的数量小于多个字符组合模式中具有最长长度的模式的最大字符数。这可以包括内容搜索引擎和/或正则表达式引擎。根据预定的准则，可以选择将数据分组返回到输出数据流，并且数据分组在系统中超过预定时间段。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式