专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

31. 发明授权

US08225400B2 Security overlay network 有权
标题翻译：安全覆盖网络
公开(公告)号：US08225400B2
公开(公告)日：2012-07-17
申请号：US12119891
申请日：2008-05-13
申请人： Dante J Pacella , Harold J Schiller , Norman R Solis
发明人： Dante J Pacella , Harold J Schiller , Norman R Solis
IPC分类号： H04L29/06 , G06F11/30
CPC分类号： H04L63/1441 , H04L2463/141
摘要： A device receives an indication of detected attack traffic associated with a network, identifies a victim of the attack traffic, and selects a security platform for processing the attack traffic. The device also advertises a tunnel and routing tag information in the network for the selected security platform, receives the attack traffic via the advertised tunnel, and forwards the attack traffic to the selected security platform for processing. The device further receives processed traffic from the selected security platform, and forwards, via the network, the processed traffic to the victim.
摘要翻译：设备接收与网络相关联的检测到的攻击流量的指示，识别攻击流量的受害者，并选择用于处理攻击流量的安全平台。该设备还在所选安全平台的网络中通告隧道和路由标签信息，通过发布的隧道接收攻击流量，并将攻击流量转发到所选择的安全平台进行处理。设备还从所选择的安全平台接收经处理的流量，并且经由网络将经处理的流量转发给受害者。

32. 发明申请

US20120137357A1 SYSTEM AND METHOD FOR TESTING NETWORK FIREWALL FOR DENIAL-OF-SERVICE (DOS) DETECTION AND PREVENTION IN SIGNALING CHANNEL 有权
标题翻译：用于测试网络防火墙的系统和方法（DOS）在信号通道中的检测和预防
公开(公告)号：US20120137357A1
公开(公告)日：2012-05-31
申请号：US13368858
申请日：2012-02-08
申请人： Gaston S. Ormazabal , Henning G. Schulzrinne , Sarvesh Nagpal , Eilon Yardeni
发明人： Gaston S. Ormazabal , Henning G. Schulzrinne , Sarvesh Nagpal , Eilon Yardeni
IPC分类号： G06F21/00
CPC分类号： H04L63/1458 , H04L63/08 , H04L65/1006 , H04L65/1079 , H04L2463/141
摘要： A device may measure a first performance, associated with legitimate traffic without attack traffic, of a Session Initiation Protocol (SIP)-based protection device implementing authentication; measure a second performance, associated with legitimate traffic and attack traffic, of the SIP-based protection device implementing authentication; and measure a third performance, associated with legitimate traffic and attack traffic, of the SIP-based protection device implementing authentication and return routability filtering. The device may also measure a first performance associated with legitimate traffic of a Session Initiation Protocol (SIP)-based protection device implementing rate-limiting filtering; measure a second performance associated with legitimate traffic and attack traffic of the SIP-based protection device implementing scheme filtering; and measure a third performance associated with legitimate traffic of the SIP-based protection device not implementing rate-limiting filtering without attack traffic.
摘要翻译：设备可以测量基于会话发起协议（SIP）的保护设备实现认证的与没有攻击流量的合法流量相关联的第一性能; 测量实施认证的基于SIP的保护设备的与合法流量和攻击流量相关联的第二性能; 并测量基于SIP的保护设备实现认证和返回可路由性过滤的与合法流量和攻击流量相关联的第三个性能。设备还可以测量与基于会话发起协议（SIP）的保护设备的合法流量相关联的第一性能，其实现速率限制过滤; 测量与实施方案过滤的基于SIP的保护设备的合法流量和攻击流量相关联的第二性能; 并且测量与基于SIP的保护设备的合法流量相关联的第三性能，而不进行没有攻击流量的速率限制过滤。

33. 发明授权

US08089871B2 Method and apparatus for traffic control of dynamic denial of service attacks within a communications network 有权
标题翻译：用于通信网络内动态拒绝服务攻击的流量控制的方法和装置
公开(公告)号：US08089871B2
公开(公告)日：2012-01-03
申请号：US11090634
申请日：2005-03-25
申请人： Ali M. Iloglu , Han Q. Nguyen , John T. Mulligan , Samir S. Saad
发明人： Ali M. Iloglu , Han Q. Nguyen , John T. Mulligan , Samir S. Saad
IPC分类号： G01R31/08 , G06F7/04 , G06F11/00 , G06F12/14 , H04L12/28 , H04L12/56
CPC分类号： H04L63/1408 , H04L63/1458 , H04L2463/141
摘要： A method and apparatus for providing traffic management for distributed denial of service (DDOS) traffic. Within a communications network, a DDOS detection system monitors network traffic to identify traffic that is designed to attack a particular server within the network and their entry points into the network. A traffic routing control unit is requested to deny service to the DDOS traffic. By selectively manipulating the routing information propagated to network edge routers, the traffic that is denied service is limited to mostly DDOS traffic and is routed to a cleaning center or a null address in the most effective fashion.
摘要翻译：一种用于为分散式拒绝服务（DDOS）流量提供流量管理的方法和装置。在通信网络中，DDOS检测系统监视网络流量以识别旨在攻击网络内的特定服务器及其进入网络的流量。请求流量路由控制单元拒绝对DDOS流量的服务。通过选择性地操纵传播到网络边缘路由器的路由信息，被拒绝服务的流量主要被限制在DDOS流量中，并以最有效的方式被路由到清洁中心或空地址。

34. 发明授权

US08065725B2 Systems and methods for enhanced network security 有权
标题翻译：增强网络安全性的系统和方法
公开(公告)号：US08065725B2
公开(公告)日：2011-11-22
申请号：US10543600
申请日：2003-05-30
申请人： Yuliang Zheng , Lawrence Chin Shiun Teo
发明人： Yuliang Zheng , Lawrence Chin Shiun Teo
IPC分类号： G06F12/14
CPC分类号： H04L63/1408 , H04L63/0823 , H04L63/105 , H04L63/123 , H04L63/1416 , H04L63/1491 , H04L2463/141
摘要： Systems and methods for an information system security infrastructure are described. One embodiment of the present invention comprises global Internet-scale defense infrastructure, referred to as the Intrusion Detection Force (IDF). The IDF comprises a virtual infrastructure implemented on top of an existing network, such as the Internet. The IDF enables secure information sharing and intelligent data analysis and response. The node (e.g. 102 of FIG. 1) is the most primitive entity in the IDF architecture, and may be a switch, router, server, or workstation. The IDF may be implemented in small networks of computers or may be utilized by millions of hosts throughout the Internet, spanning different organizations, countries, and continents.
摘要翻译：描述了信息系统安全基础设施的系统和方法。本发明的一个实施例包括被称为入侵检测力（IDF）的全球因特网规模防御基础设施。 IDF包括在现有网络（例如因特网）之上实现的虚拟基础设施。 IDF实现安全的信息共享和智能数据分析和响应。节点（例如，图1的102）是IDF架构中最原始的实体，并且可以是交换机，路由器，服务器或工作站。 IDF可以在小型计算机网络中实现，或者可以由跨越不同组织，国家和大陆的互联网上的数百万个主机使用。

35. 发明授权

US07940657B2 Identifying attackers on a network 有权
标题翻译：识别网络上的攻击者
公开(公告)号：US07940657B2
公开(公告)日：2011-05-10
申请号：US11565944
申请日：2006-12-01
申请人： John A. Perreault , Shaun Jaikarran Bharrat , Mark Duffy , Gary Robert McCarthy , Jian Yang , Shiping Li
发明人： John A. Perreault , Shaun Jaikarran Bharrat , Mark Duffy , Gary Robert McCarthy , Jian Yang , Shiping Li
IPC分类号： G06F15/16
CPC分类号： H04L63/0227 , H04L63/101 , H04L63/12 , H04L2463/141
摘要： Described are computer-based methods and apparatuses, including computer program products, for identifying attackers on a network. A data packet is filtered by a multi-tiered filtering and transmission system. Data packets matching the first tier filter are discarded. Data packets matching the second tier filter are transmitted to an output module based on a criterion. Data packets in the third tier filter are hashed into bins and data packets matching an entry in the bin are transmitted to the output module based on a criterion for the bin. Data packets in the fourth tier transmission system are transmitted to the output module based on a criterion. Data packets that do not meet the criterion for transmission to the output module are transmitted to an attack identification module which analyzes the data packets to identify attacks.
摘要翻译：描述了基于计算机的方法和设备，包括用于识别网络上的攻击者的计算机程序产品。数据包被多层过滤和传输系统过滤。与第一层过滤器匹配的数据包将被丢弃。基于标准将与第二层过滤器匹配的数据包发送到输出模块。第三层过滤器中的数据包被散列到箱中，并且与箱中的条目匹配的数据包根据箱的标准传输到输出模块。基于标准将第四层传输系统中的数据包发送到输出模块。不符合传输到输出模块的标准的数据包被传送到攻击识别模块，该模块分析数据包以识别攻击。

36. 发明授权

US07889735B2 Method and apparatus for defending against denial of service attacks in IP networks based on specified source/destination IP address pairs 有权
标题翻译：基于指定的源/目的IP地址对，在IP网络中防止拒绝服务攻击的方法和装置
公开(公告)号：US07889735B2
公开(公告)日：2011-02-15
申请号：US11197841
申请日：2005-08-05
申请人： Eric Henry Grosse
发明人： Eric Henry Grosse
IPC分类号： H04L12/28 , H04L12/56
CPC分类号： H04L63/1408 , H04L63/0236 , H04L63/0263 , H04L63/1458 , H04L2463/141 , H04L2463/146
摘要： A method and apparatus for defending against a Denial of Service attack wherein a target victim of an attack has recognized the existence of an attack and identified its source. The carrier network which provides service to the victim automatically receives one or more IP (Internet Protocol) source/destination IP address pairs from the victim, and then limits (e.g., blocks) the transmission of packets from the identified source address to the identified destination address. The carrier may implement this filtering capability as a stand-alone box included in the network, or as a line card incorporated into otherwise conventional network elements already present in the network. The source/destination address pairs to be blocked may be advantageously communicated from the victim with use of security signatures and with use of redundant connections from the victim to the carrier network to ensure receipt even under congested network conditions.
摘要翻译：用于防御拒绝服务攻击的方法和装置，其中攻击的目标受害者已经认识到攻击的存在并且识别其来源。向受害者提供服务的运营商网络自动从受害者接收一个或多个IP（因特网协议）源/目的地IP地址对，然后限制（例如，阻塞）从所识别的源地址到所识别的目的地的分组的传输地址。载波可以将该滤波功能实现为网络中包含的独立盒，或者作为与已经存在于网络中的常规网络元件并入的线卡。可以有利地使用安全签名从受害者传送要阻止的源/目的地址对，并且利用从受害者到运营商网络的冗余连接，以确保即使在拥塞的网络条件下也能接收。

37. 发明授权

US07856573B2 WPAR halted attack introspection stack execution detection 有权
标题翻译： WPAR停止攻击内省栈执行检测
公开(公告)号：US07856573B2
公开(公告)日：2010-12-21
申请号：US11848930
申请日：2007-08-31
申请人： Christopher Ray Ingram , Shawn Patrick Mullen
发明人： Christopher Ray Ingram , Shawn Patrick Mullen
IPC分类号： G06F11/00
CPC分类号： H04L63/14 , H04L63/1425 , H04L2463/141
摘要： Responding to an event at a server that supports workload partitions. An event is detected. The event is an activity that can degrade an ability of the server to function according to an intended purpose. The event is triggered by a communication from a client to the server. Responsive to detecting the event, a connection of the client to the server is temporarily suspended. A first workload partition is created. The connection is re-established between the client and the server. Responsive to re-establishing the connection, all data is routed from the client to the first workload partition. In an illustrative example, the event is allowed to continue on the first workload partition while forensic data is collected on the event.
摘要翻译：响应支持工作负载分区的服务器上的事件。检测到事件。该事件是一种可以降低服务器根据预期目的运行的能力的活动。事件由从客户端到服务器的通信触发。响应于检测事件，客户端与服务器的连接暂时停止。创建第一个工作负载分区。在客户端和服务器之间重新建立连接。响应重新建立连接，所有数据从客户端路由到第一个工作负载分区。在说明性示例中，事件被允许在第一工作负载分区上继续，而在事件上收集取证数据。

38. 发明授权

US07742478B2 Reply communication apparatus and ARP reply communication apparatus 失效
标题翻译：回复通信装置和ARP应答通信装置
公开(公告)号：US07742478B2
公开(公告)日：2010-06-22
申请号：US11543936
申请日：2006-10-06
申请人： Akihiro Sekiguchi , Koichiro Seto
发明人： Akihiro Sekiguchi , Koichiro Seto
IPC分类号： H04L12/56
CPC分类号： H04L29/12028 , H04L61/103 , H04L63/1458 , H04L69/12 , H04L2463/141
摘要： A reply communication apparatus conforms to a protocol to return a reply electronic document in reply to a request electronic document sent from a communication apparatus. The apparatus has a hardware to perform a reply process in the protocol, and is operable to rewrite contents of the request electronic document to replace the request electronic document into a reply electronic document and to output the reply electronic document.
摘要翻译：应答通信装置符合用于回复从通信装置发送的请求电子文档的回复电子文档的协议。该装置具有在协议中执行应答处理的硬件，并且可操作地重写请求电子文档的内容以将请求电子文档替换为回复电子文档并输出回复电子文档。

39. 发明申请

US20100122342A1 IDENTIFYING ABORMAL NETWORK TRAFFIC 有权
标题翻译：识别异常网络流量
公开(公告)号：US20100122342A1
公开(公告)日：2010-05-13
申请号：US12593370
申请日：2008-03-07
申请人： Fadi El-Moussa , Hui Min June Tay
发明人： Fadi El-Moussa , Hui Min June Tay
IPC分类号： G06F21/00 , G06F15/16 , G06F15/173
CPC分类号： H04L63/1425 , H04L63/1458 , H04L2463/141 , H04L2463/144
摘要： A method of identifying traffic within a network representative of an abnormal network condition, including: monitoring a communications link for a high traffic volume level; identifying a domain being the source of the high traffic volume level; identifying within the domain, a sending entity transmitting traffic from the domain; using a detector located at or proximate to the domain to invoke a response from the sending entity; wherein a failure by the sending entity to provide an expected response to the message in accordance with a network protocol indicates that the traffic transmitted by the sending entity is traffic representative of an abnormal network condition.
摘要翻译：一种识别代表异常网络状况的网络内的业务的方法，包括：监测高业务量级别的通信链路; 识别作为高流量水平来源的域; 在域内标识发送来自域的业务的发送实体; 使用位于或接近域的检测器来调用来自发送实体的响应; 其中，所述发送实体根据网络协议向所述消息提供预期响应的故障指示由所述发送实体发送的业务是表示异常网络状况的业务。

40. 发明申请

US20100100962A1 INTERNET SECURITY DYNAMICS ASSESSMENT SYSTEM, PROGRAM PRODUCT, AND RELATED METHODS 有权
标题翻译：互联网安全动态评估系统，程序产品和相关方法
公开(公告)号：US20100100962A1
公开(公告)日：2010-04-22
申请号：US12255391
申请日：2008-10-21
申请人： Dale W. Boren
发明人： Dale W. Boren
IPC分类号： G06F11/00 , G06F15/18
CPC分类号： H04L63/1433 , H04L63/1441 , H04L2463/141
摘要： Systems, program product, and methods related to dynamic Internet security and risk assessment and management, are provided. For example, a system, program product, and method of identifying and servicing actual customer requests to a defended or protected computer or server can include the steps/operations of receiving by the defended computer, a service request from each of a plurality of IP addresses associated with a separate one of a plurality of service requesting computers, sending an inspection code adapted to perform a virtual attack on each existing service requesting computers at each respective associated IP address, and restricting provision of services from the defended computer to a subset of the service requesting computers identified for restriction when a security feature of the respective service requesting computer is determined to have been defeated by the virtual attack.
摘要翻译：提供与动态互联网安全和风险评估与管理相关的系统，程序产品和方法。例如，识别和维护对防御或受保护的计算机或服务器的实际客户请求的系统，程序产品和方法可以包括由防御的计算机接收来自多个IP地址中的每一个的服务请求的步骤/操作与多个服务请求计算机中的单独的一个相关联，发送适于对每个相应的IP地址请求计算机的每个现有服务执行虚拟攻击的检查代码，以及限制从防御计算机向服务请求计算机的子集提供服务当确定相应的服务请求计算机的安全特征被虚拟攻击击败时，请求被识别用于限制的计算机的服务。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式