专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

11. 发明申请

US20170048274A1 DYNAMIC SERVICE HANDLING USING A HONEYPOT 审中-公开
标题翻译：使用蜂蜜的动态服务处理
公开(公告)号：US20170048274A1
公开(公告)日：2017-02-16
申请号：US15338173
申请日：2016-10-28
申请人： Juniper Networks, Inc.
发明人： Daniel J. Quinlan , Oskar Ibatullin , Bryan Burns , Oliver Tavakoli , Robert W. Cameron
IPC分类号： H04L29/06 , H04L29/08 , H04W12/12
CPC分类号： H04L63/1491 , H04L67/28 , H04L67/42 , H04W12/12
摘要： A network device comprises one or more processors coupled to a memory, and a dynamic services module configured for execution by the one or more processors to receive, from a client device, a service request specifying a service. The dynamic service module is further configured for execution by the one or more processors to, in response to obtaining a negative indication for the service, send a representation of the service request to a honeypot to cause the honeypot to offer the service to the client device.
摘要翻译：网络设备包括耦合到存储器的一个或多个处理器和被配置为由一个或多个处理器执行以从客户端设备接收指定服务的服务请求的动态服务模块。动态服务模块还被配置为用于由一个或多个处理器执行以响应于获得针对服务的否定指示，向蜜罐发送服务请求的表示以使蜜罐向客户端设备提供服务。

12. 发明授权

US09106693B2 Attack detection and prevention using global device fingerprinting 有权
标题翻译：使用全局设备指纹识别攻击检测和预防
公开(公告)号：US09106693B2
公开(公告)日：2015-08-11
申请号：US13910019
申请日：2013-06-04
申请人： Juniper Networks, Inc.
发明人： Daniel J. Quinlan , Kyle Adams , Oskar Ibatullin , Yuly Tenorio Morales , Robert W. Cameron , Bryan Burns
IPC分类号： H04L29/06 , H04L29/08
CPC分类号： H04L63/1441 , H04L63/1408 , H04L67/02
摘要： This disclosure describes a global attacker database that utilizes device fingerprinting to uniquely identify devices. For example, a device includes one or more processors and network interface cards to receive network traffic directed to one or more computing devices protected by the device, send, to the remote device, a request for data points of the remote device, wherein the data points include characteristics associated with the remote device, and receive at least a portion of the requested data points. The device also includes a fingerprint module to compare the received portion of the data points to sets of data points associated with known attacker devices, and determine, based on the comparison, whether a first set of data points of a first known attacker device satisfies a similarity threshold. The device also includes an security module to selectively manage, based on the determination, additional network traffic directed to the computing devices.
摘要翻译：本公开描述了使用设备指纹识别设备的全局攻击者数据库。例如，设备包括一个或多个处理器和网络接口卡，以接收指向由设备保护的一个或多个计算设备的网络流量，向远程设备发送对远程设备的数据点的请求，其中数据点包括与远程设备相关联的特征，并且接收所请求的数据点的至少一部分。所述设备还包括指纹模块，用于将接收到的数据点部分与已知攻击者设备相关联的数据点集合进行比较，并且基于比较确定第一已知攻击者设备的第一组数据点是否满足相似性阈值。该设备还包括安全模块，用于基于确定选择性地管理针对计算设备的附加网络流量。

13. 发明申请

US20150106935A1 DETECTING MALICIOUS NETWORK SOFTWARE AGENTS 审中-公开
标题翻译：检测恶意网络软件代理
公开(公告)号：US20150106935A1
公开(公告)日：2015-04-16
申请号：US14571133
申请日：2014-12-15
申请人： Juniper Networks, Inc.
发明人： Bryan Burns , Krishna Narayanaswamy
IPC分类号： H04L29/06
CPC分类号： H04L63/1441 , H04L63/14 , H04L63/1416 , H04L2463/144
摘要： This disclosure describes techniques for determining whether a network session originates from an automated software agent. In one example, a network device, such as a router, includes a network interface to receive packets of a network session, a bot detection module to calculate a plurality of scores for network session data based on a plurality of metrics, wherein each of the metrics corresponds to a characteristic of a network session originated by an automated software agent, to produce an aggregate score from an aggregate of the plurality of scores, and to determine that the network session is originated by an automated software agent when the aggregate score exceeds a threshold, and an attack detection module to perform a programmed response when the network session is determined to be originated by an automated software agent. Each score represents a likelihood that the network session is originated by an automated software agent.
摘要翻译：本公开描述了用于确定网络会话是否源于自动化软件代理的技术。在一个示例中，诸如路由器的网络设备包括用于接收网络会话的分组的网络接口，基于多个度量来计算网络会话数据的多个分数的机器人检测模块，其中，度量对应于由自动化软件代理发起的网络会话的特征，以从多个分数的聚合中产生聚合分数，并且当聚合分数超过一个分数时，确定网络会话由自动软件代理发起阈值，以及当网络会话被确定为由自动化软件代理发起时执行编程响应的攻击检测模块。每个分数表示网络会话由自动化软件代理发起的可能性。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式