专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

91. 发明申请

US20100122346A1 METHOD AND APPARATUS FOR LIMITING DENIAL OF SERVICE ATTACK BY LIMITING TRAFFIC FOR HOSTS 有权
标题翻译：通过限制交通运输来限制服务质量的方法和装置
公开(公告)号：US20100122346A1
公开(公告)日：2010-05-13
申请号：US12611467
申请日：2009-11-03
申请人： Sunay Tripathi , Nicolas G. Droux , Yuzo Watanabe
发明人： Sunay Tripathi , Nicolas G. Droux , Yuzo Watanabe
IPC分类号： G06F11/00 , G06F11/30
CPC分类号： H04L63/1416 , H04L63/1458
摘要： A method for controlling a denial of service attack involves receiving a plurality of packets from a network, identifying an attacking host based on a severity level of the denial of service attack from the network, wherein the attacking host is identified by an identifying attack characteristic associated with one of the plurality of packets associated with the attacking host, analyzing each of the plurality of packets by a classifier to determine to which of a plurality of temporary data structures each of the plurality of packet is forwarded, forwarding each of the plurality of packets associated with the identifying attack characteristic to one of the plurality of temporary data structures matching the severity level of the denial of service attack as determined by the classifier, requesting a number of packets from the one of the plurality of temporary data structures matching the severity level by the virtual serialization queue, and forwarding the number of packets to the virtual serialization queue.
摘要翻译：用于控制拒绝服务攻击的方法包括从网络接收多个分组，基于来自网络的拒绝服务攻击的严重性级别识别攻击主机，其中攻击主机通过相关联的识别攻击特征来识别与所述攻击主机相关联的所述多个分组中的一个分组，通过分类器分析所述多个分组中的每一个，以确定所述多个分组中的每一个被转发到多个临时数据结构中的哪一个，转发所述多个分组中的每个分组与所述多个临时数据结构中的一个临时数据结构中的一个临时数据结构相关联，所述临时数据结构与由所述分类器确定的所述拒绝服务攻击的严重性级别匹配，请求从所述多个临时数据结构中的一个临时数据结构匹配严重性级别通过虚拟序列化队列，并将数据包的数量转发到virtua l序列化队列

92. 发明授权

US07715416B2 Generalized serialization queue framework for protocol processing 有权
标题翻译：广义序列化队列框架进行协议处理
公开(公告)号：US07715416B2
公开(公告)日：2010-05-11
申请号：US11479947
申请日：2006-06-30
申请人： Thirumalai Srinivasan , Sunay Tripathi , Nicolas G. Droux
发明人： Thirumalai Srinivasan , Sunay Tripathi , Nicolas G. Droux
IPC分类号： H04L12/56
CPC分类号： H04L49/90 , H04L45/00 , H04L63/1458
摘要： A method for processing packets. The method includes receiving a first packet, wherein the first packet is associated with a first protocol, classifying the first packet using a protocol associated with the first packet, sending the first packet to a first receive ring based on the classification, sending the first packet from the first receive ring to a first virtual network interface card (VNIC) based on an operating mode, sending the first packet from the first VNIC to a first protocol specific virtual network stack (VNS), wherein the first protocol specific VNS is configured to only process packets associated with the first protocol, and processing the first packet by the first protocol specific VNS to obtain a first processed packet.
摘要翻译：一种处理数据包的方法。该方法包括接收第一分组，其中第一分组与第一协议相关联，使用与第一分组相关联的协议对第一分组进行分类，基于分类将第一分组发送到第一接收环，发送第一分组从所述第一接收环到基于操作模式的第一虚拟网络接口卡（VNIC），将所述第一分组从所述第一VNIC发送到第一协议特定虚拟网络栈（VNS），其中所述第一协议特定VNS被配置为仅处理与第一协议相关联的分组，以及通过第一协议特定VNS处理第一分组以获得第一处理分组。

93. 发明申请

US20100040063A1 GENERALIZED SERIALIZATION QUEUE FRAMEWORK FOR PROTOCOL PROCESSING 有权
标题翻译：用于协议处理的通用串行化队列框架
公开(公告)号：US20100040063A1
公开(公告)日：2010-02-18
申请号：US12581595
申请日：2009-10-19
申请人： Thirumalai Srinivasan , Sunay Tripathi , Nicolas G. Droux
发明人： Thirumalai Srinivasan , Sunay Tripathi , Nicolas G. Droux
IPC分类号： H04L12/56
CPC分类号： H04L49/90 , H04L45/00 , H04L63/1458
摘要： A method for processing packets. The method includes receiving a first packet, wherein the first packet is associated with a first protocol, classifying the first packet using a protocol associated with the first packet, sending the first packet to a first receive ring based on the classification, sending the first packet from the first receive ring to a first virtual network interface card (VNIC) based on an operating mode, sending the first packet from the first VNIC to a first protocol specific virtual network stack (VNS), wherein the first protocol specific VNS is configured to only process packets associated with the first protocol, and processing the first packet by the first protocol specific VNS to obtain a first processed packet.
摘要翻译：一种处理数据包的方法。该方法包括接收第一分组，其中第一分组与第一协议相关联，使用与第一分组相关联的协议对第一分组进行分类，基于分类将第一分组发送到第一接收环，发送第一分组从所述第一接收环到基于操作模式的第一虚拟网络接口卡（VNIC），将所述第一分组从所述第一VNIC发送到第一协议特定虚拟网络栈（VNS），其中所述第一协议特定VNS被配置为仅处理与第一协议相关联的分组，以及通过第一协议特定VNS处理第一分组以获得第一处理分组。

94. 发明授权

US07640591B1 Method and apparatus for limiting denial of service attack by limiting traffic for hosts 有权
标题翻译：通过限制主机流量来限制拒绝服务攻击的方法和装置
公开(公告)号：US07640591B1
公开(公告)日：2009-12-29
申请号：US11112328
申请日：2005-04-22
申请人： Sunay Tripathi , Nicolas G. Droux , Yuzo Watanabe
发明人： Sunay Tripathi , Nicolas G. Droux , Yuzo Watanabe
IPC分类号： G06F11/00 , G06F11/30
CPC分类号： H04L63/1416 , H04L63/1458
摘要： A method for controlling a denial of service attack involves receiving a plurality of packets from a network, identifying an attacking host based on a severity level of the denial of service attack from the network, wherein the attacking host is identified by an identifying attack characteristic associated with one of the plurality of packets associated with the attacking host, analyzing each of the plurality of packets by a classifier to determine to which of a plurality of temporary data structures each of the plurality of packet is forwarded, forwarding each of the plurality of packets associated with the identifying attack characteristic to one of the plurality of temporary data structures matching the severity level of the denial of service attack as determined by the classifier, requesting a number of packets from the one of the plurality of temporary data structures matching the severity level by the virtual serialization queue, and forwarding the number of packets to the virtual serialization queue.
摘要翻译：用于控制拒绝服务攻击的方法包括从网络接收多个分组，基于来自网络的拒绝服务攻击的严重性级别识别攻击主机，其中攻击主机通过相关联的识别攻击特征来识别与所述攻击主机相关联的所述多个分组中的一个分组，通过分类器分析所述多个分组中的每一个，以确定所述多个分组中的每一个被转发到多个临时数据结构中的哪一个，转发所述多个分组中的每个分组与所述多个临时数据结构中的一个临时数据结构中的一个临时数据结构相关联，所述临时数据结构与由所述分类器确定的所述拒绝服务攻击的严重性级别匹配，请求从所述多个临时数据结构中的一个临时数据结构匹配严重性级别通过虚拟序列化队列，并将数据包的数量转发到virtua l序列化队列

95. 发明授权

US07631182B1 Secure protocol handshake offload using TNICs 有权
标题翻译：使用TNIC安全协议握手卸载
公开(公告)号：US07631182B1
公开(公告)日：2009-12-08
申请号：US11165990
申请日：2005-06-24
申请人： Nicolas G. Droux , Sunay Tripathi , Hsiao-Keng Jerry Chu
发明人： Nicolas G. Droux , Sunay Tripathi , Hsiao-Keng Jerry Chu
IPC分类号： H04L29/06
CPC分类号： H04L63/06 , H04L63/166
摘要： A method for offloading a secure protocol handshake. The method includes establishing a connection between a host system and a remote peer, and determining whether the secure protocol handshake is offloaded to a network interface card (NIC). When the secure protocol handshake is offloaded to the NIC, an offload request is sent to offload the secure protocol handshake, where the offload request includes a value of at least one cryptographic key. The method further includes performing cryptographic operations associated with the secure protocol handshake using the value of at least one cryptographic key to obtain at least one secret key, and returning a status of the secure protocol handshake to the host system.
摘要翻译：一种卸载安全协议握手的方法。该方法包括建立主机系统和远程对等体之间的连接，以及确定安全协议握手是否被卸载到网络接口卡（NIC）。当安全协议握手被卸载到NIC时，发送卸载请求以卸载安全协议握手，其中卸载请求包括至少一个加密密钥的值。该方法还包括使用至少一个加密密钥的值来执行与安全协议握手相关联的加密操作，以获得至少一个秘密密钥，以及将安全协议握手的状态返回给主机系统。

96. 发明申请

US20090238189A1 METHOD AND SYSTEM FOR CLASSIFYING NETWORK TRAFFIC 有权
标题翻译：分类网络流量的方法和系统
公开(公告)号：US20090238189A1
公开(公告)日：2009-09-24
申请号：US12053666
申请日：2008-03-24
申请人： Sunay Tripathi , Erik Nordmark , Nicolas G. Droux
发明人： Sunay Tripathi , Erik Nordmark , Nicolas G. Droux
IPC分类号： H04L12/56
CPC分类号： H04L45/00 , H04L45/741 , H04L45/742
摘要： A system includes a physical NIC associated with the computer and including receive rings for storing network traffic addressed to the VNIC, where the receive rings include a local receive ring for storing local traffic and a forwarding receive ring for storing forwarding traffic. The physical NIC further includes a hardware classifier configured to register a local Internet Protocol (IP) address associated with the VNIC in a lookup table, receive a packet including a destination IP address, classify the packet as local traffic or forwarding traffic using the lookup table, and store the packet in the local receive ring or the forwarding receive ring based on the type. The VNIC is configured to retrieve the packet from the receive ring, and process the packet in a type-specific manner based on the receive ring where the packet was stored, where the type-specific manner is different for local traffic and forwarding traffic.
摘要翻译：系统包括与计算机相关联的物理NIC，并且包括用于存储寻址到VNIC的网络流量的接收环，其中接收环包括用于存储本地业务的本地接收环和用于存储转发业务的转发接收环。物理NIC还包括硬件分类器，其被配置为在查找表中注册与VNIC相关联的本地互联网协议（IP）地址，接收包括目的地IP地址的分组，将分组分类为本地业务或使用查找表转发业务并根据类型将数据包存储在本地接收环或转发接收环中。 VNIC被配置为从接收环检索数据包，并根据存储数据包的接收环以类型特定的方式处理数据包，其中类型特定的方式对于本地流量和转发流量是不同的。

97. 发明授权

US07591011B1 Assigning higher priority to transactions based on subscription level 有权
标题翻译：根据订阅级别为交易分配更高的优先级
公开(公告)号：US07591011B1
公开(公告)日：2009-09-15
申请号：US11112947
申请日：2005-04-22
申请人： Nicolas G. Droux , Sunay Tripathi , Eric T. Cheng
发明人： Nicolas G. Droux , Sunay Tripathi , Eric T. Cheng
IPC分类号： G06F9/00 , G06F15/16 , G06F17/00
CPC分类号： H04L12/4641
摘要： A computing system is configured to receive incoming packets at a first priority designated for use when receiving packets that are not associated with specific subscription levels. Incoming packets are examined to determine whether they are associated with a particular subscription level. Responsive to a determination that a given packet received over a particular connection is associated with a particular subscription level, the computing system is reconfigured to process packets subsequently received over the same connection at a different priority associated with the particular subscription level.
摘要翻译：计算系统被配置为当接收到与特定订阅级别不相关联的分组时，以指定用于的第一优先级接收输入分组。检查进入的分组以确定它们是否与特定订阅级别相关联。响应于通过特定连接接收到的给定分组与特定订阅级别相关联的确定，计算系统被重新配置为处理随后在与特定订阅级别相关联的不同优先级在相同连接上接收的分组。

98. 发明申请

US20090222567A1 METHOD AND SYSTEM FOR MEDIA-BASED DATA TRANSFER 有权
标题翻译：基于媒体数据传输的方法和系统
公开(公告)号：US20090222567A1
公开(公告)日：2009-09-03
申请号：US12040105
申请日：2008-02-29
申请人： Sunay Tripathi , Nicolas G. Droux
发明人： Sunay Tripathi , Nicolas G. Droux
IPC分类号： G06F15/16
CPC分类号： H04L29/08846 , H04L45/00 , H04L69/18
摘要： A method for media-based data transfer involves obtaining data, by a first virtual network interface card (VNIC) selected from multiple VNICs, where the multiple VNICs are associated with multiple virtual machines, where each of the multiple virtual machines is located in one of multiple computers communicatively coupled with each other via a chassis interconnect, and where the multiple computers share a physical network interface. The method further involves determining a media type connecting the first VNIC with a second VNIC selected from the multiple VNICs, where the first VNIC and the second VNIC are nodes of a virtual network path, where the first VNIC is located in a first computer selected from the multiple computers, and where the second VNIC is located in a second computer selected from the multiple computers. The method further involves choosing a transfer protocol based on the media type, and transferring the data from the first VNIC to the second VNIC using the transfer protocol.
摘要翻译：用于基于媒体的数据传输的方法涉及通过从多个VNIC中选择的第一虚拟网络接口卡（VNIC）获取数据，其中多个VNIC与多个虚拟机相关联，其中多个虚拟机中的每一个位于多个计算机经由机箱互连彼此通信地耦合，并且其中多个计算机共享物理网络接口。该方法还包括确定连接第一VNIC与从多个VNIC中选择的第二VNIC的媒体类型，其中第一VNIC和第二VNIC是虚拟网络路径的节点，其中第一VNIC位于选自多个计算机，以及第二VNIC位于从多个计算机中选择的第二计算机中的位置。该方法还涉及基于媒体类型选择传输协议，并使用传输协议将数据从第一VNIC传输到第二VNIC。

99. 发明授权

US07457316B1 Method and system for handling received packets 有权
标题翻译：处理接收到的数据包的方法和系统
公开(公告)号：US07457316B1
公开(公告)日：2008-11-25
申请号：US10930299
申请日：2004-08-31
申请人： Paul Durrant , Yuzo Watanabe , Nicolas G. Droux
发明人： Paul Durrant , Yuzo Watanabe , Nicolas G. Droux
IPC分类号： H04J3/24
CPC分类号： H04L69/26 , H04L12/4641 , H04L69/22 , H04L69/324
摘要： A method for processing a chain of packets involving obtaining the chain of packets from a network, obtaining destination information from a first packet in the chain of packets, determining whether destination information of the first packet matches destination information of a second packet in the chain of packets, aggregating the first packet and the second packet to obtain an aggregated chain of packets, if destination information of the second packet matches the destination information of the first packet, hashing destination information to obtain a hash value, and forwarding the aggregated chain of packets to at least one client using the hash value.
摘要翻译：一种处理分组链的方法，包括从网络获取分组链，从分组链中的第一分组获取目的地信息，确定第一分组的目的地信息是否匹配链中的第二分组的目的地信息分组，聚合第一分组和第二分组，以获得聚集的分组链，如果第二分组的目的地信息与第一分组的目的地信息匹配，则将散列目的地信息进行哈希值获取，并转发聚合的分组链到使用哈希值的至少一个客户端。

100. 发明申请

US20080019377A1 Multiple virtual network stack instances 有权
标题翻译：多个虚拟网络堆栈实例
公开(公告)号：US20080019377A1
公开(公告)日：2008-01-24
申请号：US11489929
申请日：2006-07-20
申请人： Erik Nordmark , Nicolas G. Droux , Sunay Tripathi
发明人： Erik Nordmark , Nicolas G. Droux , Sunay Tripathi
IPC分类号： H04L12/56
CPC分类号： H04L45/00 , H04L45/10
摘要： A method for processing packets that includes receiving a first packet for a first target on a host, prior to sending the packet to a Network Layer in the host, determining the first target of the first packet, obtaining a first target ID associated with the first target, obtaining a first virtual network stack (VNS) instance ID using the first target ID, and obtaining a first VNS Instance parameter using the first VNS instance ID, sending the first packet to the Network Layer, and processing the first packet in the Network Layer using the first VNS Instance parameter to obtain a first network processed packet.
摘要翻译：一种处理分组的方法，包括在将分组发送到主机中的网络层之前接收主机上的第一目标的第一分组，确定第一分组的第一目标，获得与第一分组相关联的第一目标ID 使用所述第一目标ID获取第一虚拟网络栈（VNS）实例ID，以及使用所述第一VNS实例ID获取第一VNS实例参数，将所述第一分组发送到所述网络层，以及处理所述网络中的所述第一分组使用第一个VNS Instance参数来获取第一个网络处理的数据包。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式