专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

21. 发明申请

US20110066807A1 Protection Against Cache Poisoning 有权
标题翻译：防止缓存中毒
公开(公告)号：US20110066807A1
公开(公告)日：2011-03-17
申请号：US12559122
申请日：2009-09-14
申请人： Roee Hay , Adi Sharabani
发明人： Roee Hay , Adi Sharabani
IPC分类号： G06F12/08 , G06F12/00
CPC分类号： H04L63/1441 , H04L29/08729 , H04L2463/145
摘要： Protecting computers against cache poisoning, including a cache-entity table configured to maintain a plurality of associations between a plurality of data caches and a plurality of entities, where each of the caches is associated with a different one of the entities, and a cache manager configured to receive data that is associated with any of the entities and store the received data in any of the caches that the cache-entity table indicates is associated with the entity, and receive a data request that is associated with any of the entities and retrieve the requested data from any of the caches that the cache-entity table indicates is associated with the requesting entity, where any of the cache-entity table and cache manager are implemented in either of computer hardware and computer software embodied in a computer-readable medium.
摘要翻译：保护计算机免受高速缓存中毒，包括缓存实体表，其被配置为维持多个数据高速缓存与多个实体之间的多个关联，其中每个高速缓存与不同的一个实体相关联，以及高速缓存管理器被配置为接收与任何实体相关联的数据并将接收到的数据存储在高速缓存实体表指示与该实体相关联的任何高速缓存中，并且接收与任何实体相关联的数据请求并且检索来自缓存实体表指示的任何高速缓存的所请求的数据与请求实体相关联，其中缓存实体表和高速缓存管理器中的任一个被实现在体现在计算机可读介质中的计算机硬件和计算机软件。

22. 发明申请

US20060083254A1 Network with MAC table overflow protection 有权
标题翻译：网络MAC表溢出保护
公开(公告)号：US20060083254A1
公开(公告)日：2006-04-20
申请号：US11229114
申请日：2005-09-16
申请人： An Ge , Girish Chiruvolu , Maher Ali
发明人： An Ge , Girish Chiruvolu , Maher Ali
IPC分类号： H04L12/56
CPC分类号： H04L63/1458 , H04L12/462 , H04L49/50 , H04L63/1466 , H04L2463/145
摘要： A method of operating a bridge node (B0) in a network system. The bridge node comprises a plurality of ports (BP0.x). The method comprises a step of receiving a frame (240), from a device in the network system and other than the bridge node, at a port in the plurality of ports. The frame comprises a source network address. The method is also responsive to at least one condition (250, 260) associated with the port in that the method stores the source address in a forwarding table associated with the bridge if the at least one condition is satisfied. The at least one condition comprises whether the frame was received within a time window Tw of when a threshold number of previous frames were received at the port and their respective source network addresses were stored in the table.
摘要翻译：一种在网络系统中操作网桥节点（B 0> 0）的方法。桥接节点包括多个端口（BP <0.3>）。该方法包括从多个端口中的端口接收来自网络系统中的设备而不是网桥节点的帧（240）的步骤。帧包括源网络地址。该方法还响应于与端口相关联的至少一个条件（250,260），因为如果满足至少一个条件，则该方法将源地址存储在与桥相关联的转发表中。所述至少一个条件包括在所述端口处接收到先前帧的阈值数量并且它们各自的源网络地址被存储在所述表格中的时间窗口T W中的帧是否被接收。

23. 发明授权

US10015081B1 Poison-path routing policy 有权
公开(公告)号：US10015081B1
公开(公告)日：2018-07-03
申请号：US15279480
申请日：2016-09-29
申请人： Cisco Technology, Inc.
发明人： Jakob Heitz
IPC分类号： H04L12/28 , H04L12/707 , H04L12/741
CPC分类号： H04L45/748 , H04L45/04 , H04L63/1466 , H04L2463/145
摘要： In one embodiment a system, method, and related apparatus are described for a router which receives notice of a route including a hijacked prefix having a hijacked prefix netmask length, searches a set of routes with equal or shorter netmask lengths that cover the hijacked prefix in order to find at least one route which has no autonomous system (AS) in common with the particular route comprising the hijacked prefix, if a specific route is found with a netmask length equal to or shorter than the hijacked prefix netmask length, then the specific route which has been found is a determined alternative route, extracts the particular route comprising the hijacked prefix from the specific route if said specific route has a netmask length covering a larger address range than the hijacked prefix netmask length, inserts the determined alternative route in a routing table, and modifies attributes of the determined alternative route in the routing table according to the determined alternative route. Related systems, methods, and apparatus are also described.

24. 发明申请

US20150350240A1 APPLICATION AND NETWORK ABUSE DETECTION WITH ADAPTIVE MITIGATION UTILIZING MULTI-MODAL INTELLIGENCE DATA 审中-公开
标题翻译：应用和网络滥用利用多模式智能数据的自适应减轻检测
公开(公告)号：US20150350240A1
公开(公告)日：2015-12-03
申请号：US14502639
申请日：2014-09-30
申请人： Singularity Networks, LLC
发明人： David James MITCHELL
IPC分类号： H04L29/06 , G06F21/55
CPC分类号： H04L63/1441 , G06F21/55 , G06F21/552 , G06F21/554 , G06F2221/034 , H04L63/14 , H04L63/1425 , H04L63/1458 , H04L63/1466 , H04L63/30 , H04L2463/145
摘要： In an embodiment, a computer-implemented method detects a network or application abuse to a service provider environment. In the method, data is collected describing incoming requests from plurality of different external source addresses to the service provider environment. The collected data is used to compare the incoming requests against a heuristic. When the incoming requests are determined to match the heuristic, the requests, having the plurality of different external source addresses, are from a common abuse entity. Finally, the collected data is evaluated to determine that the common abuse entity is a potential network abuser of the service provider environment.
摘要翻译：在一个实施例中，计算机实现的方法检测对服务提供商环境的网络或应用程序滥用。在该方法中，收集从多个不同的外部源地址到服务提供商环境的传入请求的数据。收集的数据用于比较传入的请求与启发式。当确定输入请求与启发式匹配时，具有多个不同外部源地址的请求来自公共滥用实体。最后，对收集的数据进行评估，以确定常见的滥用实体是服务提供商环境的潜在网络滥用者。

25. 发明授权

US08369346B2 Method and system for restricting a node from communicating with other nodes in a broadcast domain of an IP (internet protocol) network 有权
标题翻译：用于限制节点与IP（因特网协议）网络的广播域中的其他节点通信的方法和系统
公开(公告)号：US08369346B2
公开(公告)日：2013-02-05
申请号：US12518807
申请日：2007-11-07
申请人： Ofir Arkin
发明人： Ofir Arkin
IPC分类号： H04L12/56
CPC分类号： H04L29/12028 , H04L61/103 , H04L63/10 , H04L2463/145
摘要： Method and system for restricting a first node in a broadcast domain of an IP (Internet Protocol) network from communicating with one or more other nodes. Each of the first node and the one or more other nodes has a respective translation table that maps an IP address to a respective physical address of all nodes with which the first node and the one or more other nodes have communicated. Embodiments of the invention describe obtaining communicated data including address resolution messages and accessing an address resolution table representative of address resolution activity in the network. Responsive to the communicated data indicating that the first node is communicating with other nodes, restricting the first node from communicating by generating and conveying a restricting address resolution message using information stored in the address resolution table, the restricting address resolution message including a substitute physical address.
摘要翻译：用于限制IP（因特网协议）网络的广播域中的第一节点与一个或多个其他节点通信的方法和系统。第一节点和一个或多个其他节点中的每一个具有相应的转换表，其将IP地址映射到第一节点和一个或多个其他节点与之通信的所有节点的相应物理地址。本发明的实施例描述了获得包括地址解析消息的通信数据，并访问表示网络中的地址解析活动的地址解析表。响应于指示第一节点正在与其他节点通信的通信数据，通过使用存储在地址解析表中的信息生成并传送限制地址解析消息来限制第一节点通信，该限制地址解析消息包括替代物理地址。

26. 发明授权

US08356106B2 Cache validating SCIT DNS server 有权
标题翻译：缓存验证SCIT DNS服务器
公开(公告)号：US08356106B2
公开(公告)日：2013-01-15
申请号：US12695686
申请日：2010-01-28
申请人： Arun Sood
发明人： Arun Sood
IPC分类号： G06F15/173
CPC分类号： H04L61/1511 , H04L29/12066 , H04L67/2852 , H04L2463/145
摘要： A cache validating SCIT-DNS Server including a server cluster, a cache copy, a controller and a validation module. Each of the servers in the server cluster uses a DNS mapping cache which maps DNS name(s) to record entry(ies). The cache copy maintains an image of DNS mapping cache(s). The controller manages the state of servers. States include a live spare state; an exposed state; a quiescent state; and a self-cleansing state. The validation module validates DNS entry(s) using a retriever module and a comparisons module. Retriever module retrieves an independent record entry associated with a selected DNS name from an external DNS resolver. The comparison module compares the independent record entry retrieved by the retriever module with the record entry associated with the selected DNS name residing in the cache copy. The validation module may cause server(s) to take an affirmative action in response to detected validation error(s).
摘要翻译：验证SCIT-DNS服务器的缓存，包括服务器集群，缓存副本，控制器和验证模块。服务器集群中的每个服务器都使用DNS映射缓存，它将DNS名称映射到记录条目。缓存副本维护DNS映射缓存的映像。控制器管理服务器的状态。国家包括现场备用状态; 曝光状态; 静止状态; 和自我清洁的状态。验证模块使用检索模块和比较模块验证DNS条目。检索模块从外部DNS解析器检索与所选DNS名称相关联的独立记录条目。比较模块将检索模块检索到的独立记录条目与驻留在缓存副本中的所选DNS名称相关联的记录条目进行比较。验证模块可能导致服务器响应于检测到的验证错误采取肯定行动。

27. 发明申请

US20100107250A1 METHOD AND APPARATUS FOR DEFENDING AGAINST ARP SPOOFING ATTACKS 有权
标题翻译：防止ARP欺骗攻击的方法和设备
公开(公告)号：US20100107250A1
公开(公告)日：2010-04-29
申请号：US12647336
申请日：2009-12-24
申请人： Zhenhai Li
发明人： Zhenhai Li
IPC分类号： G06F21/00
CPC分类号： H04L63/1466 , H04L29/12028 , H04L61/103 , H04L2463/145
摘要： A method and an apparatus for defending against Address Resolution Protocol (ARP) spoofing attacks are disclosed. The method includes: when an ARP entry is updatable, judging whether the MAC address of a received ARP message is the same as the MAC address in the ARP entry, where the ARP message has the same Internet Protocol (IP) address as the ARP entry; if the MAC addresses are different, determining the received ARP message as an ambiguous ARP message and starting an ARP verification process, or else starting no ARP verification. In this way, when no address spoofing attacks occur, no verification messages are generated, and thus reducing signaling interactions and saving network resources; besides, spooling attacks possibly happening at any time are avoided, which effectively prevents address spoofing attacks via random scanning and protects the normal application of the real host.
摘要翻译：公开了一种用于防御地址解析协议（ARP）欺骗攻击的方法和装置。该方法包括：当ARP表项更新时，判断接收到的ARP报文的MAC地址是否与ARP表项中的MAC地址相同，其中ARP报文与ARP表项具有相同的互联网协议（IP）地址 ; 如果MAC地址不同，则将收到的ARP消息确定为模糊的ARP消息，并启动ARP验证过程，否则不进行ARP验证。这样，当没有发生地址欺骗攻击时，不会生成验证消息，从而减少信令交互并节省网络资源; 此外，可以避免任何时候发生的假脱机攻击，通过随机扫描有效防止地址欺骗攻击，保护真实主机的正常应用。

28. 发明授权

US07656840B2 Method of reducing denial-of-service attacks and a system as well as an access router therefor 失效
标题翻译：减少拒绝服务攻击的方法以及系统以及接入路由器
公开(公告)号：US07656840B2
公开(公告)日：2010-02-02
申请号：US10785407
申请日：2004-02-25
申请人： Givindarajan Krishnamurthi , Robert Chalmers
发明人： Givindarajan Krishnamurthi , Robert Chalmers
IPC分类号： H04W4/00 , H04W36/00
CPC分类号： H04L63/1408 , H04L45/741 , H04L63/1458 , H04L2463/145 , H04W12/06 , H04W12/12 , H04W40/36 , H04W80/00 , H04W80/04 , H04W88/14
摘要： A method and system reduces denial-of-service attacks malicious mobile nodes in a mobile IP environment. The method and system includes maintaining, by each of a plurality of access routers within the mobile IP environment, a cache of neighboring access routers as candidates and their associated access points. The caches are populated in response to actions initiated by mobile nodes. Each cache entry is tagged with the identity of the action initiating mobile node. The identity is based on information that is verifiable by the access routers and which cannot be modified arbitrarily by the mobile node. The total number of entries that can be tagged and thus introduced into a cache by any given node is limited.
摘要翻译：一种方法和系统减少移动IP环境中的恶意移动节点的拒绝服务攻击。所述方法和系统包括将移动IP环境内的多个接入路由器中的每一个维护为相邻接入路由器的高速缓存作为候选及其相关联的接入点。响应于移动节点发起的动作来填充高速缓存。每个缓存条目都标有动作发起移动节点的标识。身份基于可由接入路由器验证并且不能由移动节点任意修改的信息。可以被任何给定节点标记并因此被引入缓存的条目的总数是有限的。

29. 发明授权

US07471684B2 Preventing asynchronous ARP cache poisoning of multiple hosts 有权
标题翻译：防止多台主机异步ARP缓存中毒
公开(公告)号：US07471684B2
公开(公告)日：2008-12-30
申请号：US10970301
申请日：2004-10-21
申请人： Paul Bernell Finley, Jr. , Tommy Lucas McLane , Eduardo Lazaro Reyes
发明人： Paul Bernell Finley, Jr. , Tommy Lucas McLane , Eduardo Lazaro Reyes
IPC分类号： H04L12/28
CPC分类号： H04L29/12009 , H04L29/12018 , H04L61/10 , H04L63/1466 , H04L2463/145
摘要： A method and system for preventing address resolution protocol (ARP) cache poisoning in a network system with multiple hosts. Multiple hosts representing and/or located in separate local area networks (LANS) are tapped (via a shared agreement) to utilize a trusted ARP cache for each LAN represented. Whenever a new ARP response is detected in one network, a request for validation is sent to a separate host in a different network. The separate host initiates a verification process for the ARP, which involves checking whether duplication of one of the IP address or MAC address of the ARP response exists within the address pairings in the ARP cache. If the ARP response is not validated, then the trusted ARP cache is not updated and the system administrator is notified of the failed attempt.
摘要翻译：一种用于在具有多个主机的网络系统中防止地址解析协议（ARP）缓存中毒的方法和系统。代表和/或位于单独的局域网（LANS）中的多个主机被分配（通过共享协议），以为每个代表的LAN使用可信ARP缓存。每当在一个网络中检测到新的ARP响应时，验证请求将发送到不同网络中的单独主机。单独的主机启动ARP的验证过程，其涉及检查ARP缓存中的地址对中是否存在ARP响应的IP地址或MAC地址中的一个的复制。如果ARP响应未被验证，则不会更新可信ARP缓存，并通知系统管理员失败的尝试。

30. 发明授权

US07234163B1 Method and apparatus for preventing spoofing of network addresses 有权
标题翻译：防止网络地址欺骗的方法和装置
公开(公告)号：US07234163B1
公开(公告)日：2007-06-19
申请号：US10244996
申请日：2002-09-16
申请人： Ammar Rayes , Michael Cheung
发明人： Ammar Rayes , Michael Cheung
IPC分类号： G08B23/00
CPC分类号： H04L63/1466 , H04L29/12009 , H04L29/12018 , H04L61/10 , H04L2463/145
摘要： A method is disclosed for preventing spoofing of network addresses. A binding is established between an Internet Protocol (IP) address, a Media Access Control (MAC) address, and a port. An Address Resolution Protocol (ARP) table is updated based on the binding.
摘要翻译：公开了一种防止网络地址欺骗的方法。在因特网协议（IP）地址，媒体访问控制（MAC）地址和端口之间建立绑定。基于绑定更新地址解析协议（ARP）表。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式