专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

31. 发明授权

US08931074B2 Adaptive system behavior change on malware trigger 有权
标题翻译：自适应系统行为改变恶意软件触发
公开(公告)号：US08931074B2
公开(公告)日：2015-01-06
申请号：US13648583
申请日：2012-10-10
申请人： Dell Products L.P.
发明人： Rocco Ancona , Roy Stedman
IPC分类号： G06F21/20
CPC分类号： G06F21/575 , G06F21/566 , G06F2221/2101 , G06F2221/2105 , H04L63/1466 , H04L63/1491 , H04L2463/141
摘要： A hardware secured flag mechanism which is activated by trusted Anti-Malware (AM) software. Upon being activated, the information handling system takes action to reduce user exposure even if the AM software is subsequently subverted. In certain embodiments, the flag mechanism is only reset by user intervention at a BIOS or other off-line mechanism. In certain embodiments, the flag mechanism may only be reset via a signed unlock key stored on an external memory device such as a universal serial bus (USB) key.
摘要翻译：由可信防恶意软件（AM）软件激活的硬件安全标志机制。激活后，即使AM软件随后被颠覆，信息处理系统也采取行动来减少用户曝光。在某些实施例中，标志机制仅通过用户介入在BIOS或其它离线机制来重置。在某些实施例中，标志机构可以仅通过存储在诸如通用串行总线（USB）密钥的外部存储器设备上的签名解锁密钥来重置。

32. 发明授权

US08819821B2 Proactive test-based differentiation method and system to mitigate low rate DoS attacks 有权
标题翻译：主动的基于测试的分化方法和系统，以减轻低速率的DoS攻击
公开(公告)号：US08819821B2
公开(公告)日：2014-08-26
申请号：US13729435
申请日：2012-12-28
申请人： New Jersey Institute of Technology
发明人： Nirwan Ansari , Amey Bhaskar Shevtekar
IPC分类号： G06F11/00
CPC分类号： H04L63/1458 , H04L63/1416 , H04L2463/141
摘要： A low rate DoS attack detection algorithm is used, which relies on a characteristic of the low rate DoS attack in introducing high rate traffic for short periods, and then uses a proactive test based differentiation technique to filter the attack packets. The proactive test defends against DDoS attacks and low rate DoS attacks which tend to ignore the normal operation of network protocols, but it also differentiates legitimate traffic from low rate DoS attack traffic instigated by botnets. It leverages on the conformity of legitimate flows, which obey the network protocols. It also differentiates legitimate connections by checking their responses to the proactive tests which include puzzles for distinguishing botnets from human users.
摘要翻译：采用低速率的DoS攻击检测算法，在短时间内引入高速率流量，依靠低速率DoS攻击的特点，采用主动检测技术对攻击报文进行过滤。主动测试防御DDoS攻击和低速DoS攻击，这些攻击倾向于忽略网络协议的正常运行，但也会将合法流量与僵尸网络引发的低速率DoS攻击流量区分开来。它利用遵守网络协议的合法流的一致性。它还通过检查他们对主动测试的反应来区分合法连接，其中包括将僵尸网络与人类用户区分开来的难题。

33. 发明申请

US20140101748A1 Adaptive System Behavior Change on Malware Trigger 有权
标题翻译：恶意软件触发器上的自适应系统行为更改
公开(公告)号：US20140101748A1
公开(公告)日：2014-04-10
申请号：US13648583
申请日：2012-10-10
申请人： DELL PRODUCTS L.P.
发明人： Rocco Ancona , Roy Stedman
IPC分类号： G06F21/20 , G06F21/00
CPC分类号： G06F21/575 , G06F21/566 , G06F2221/2101 , G06F2221/2105 , H04L63/1466 , H04L63/1491 , H04L2463/141
摘要： A hardware secured flag mechanism which is activated by trusted Anti-Malware (AM) software. Upon being activated, the information handling system takes action to reduce user exposure even if the AM software is subsequently subverted. In certain embodiments, the flag mechanism is only reset by user intervention at a BIOS or other off-line mechanism. In certain embodiments, the flag mechanism may only be reset via a signed unlock key stored on an external memory device such as a universal serial bus (USB) key.
摘要翻译：由可信防恶意软件（AM）软件激活的硬件安全标志机制。激活后，即使AM软件随后被颠覆，信息处理系统也采取行动来减少用户曝光。在某些实施例中，标志机制仅通过用户介入在BIOS或其它离线机制来重置。在某些实施例中，标志机构可以仅通过存储在诸如通用串行总线（USB）密钥的外部存储器设备上的签名解锁密钥来重置。

34. 发明授权

US08582567B2 System and method for providing network level and nodal level vulnerability protection in VoIP networks 有权
标题翻译：在VoIP网络中提供网络级和节点级漏洞保护的系统和方法
公开(公告)号：US08582567B2
公开(公告)日：2013-11-12
申请号：US11502244
申请日：2006-08-09
申请人： Srikrishna Kurapati , Sachin Purushottam Joglekar , Venkatesan Iyengar Prasanna , Satyam Tyagi , Guru Thodime , Pravin Khandelwal , Chandrasekhar Manchenella , Mukesh Kumar Singh , Raghavendra Venkata Thodime
发明人： Srikrishna Kurapati , Sachin Purushottam Joglekar , Venkatesan Iyengar Prasanna , Satyam Tyagi , Guru Thodime , Pravin Khandelwal , Chandrasekhar Manchenella , Mukesh Kumar Singh , Raghavendra Venkata Thodime
IPC分类号： H04L12/66
CPC分类号： H04L63/0823 , H04L29/06027 , H04L63/10 , H04L63/1458 , H04L63/166 , H04L65/1079 , H04L2463/141 , H04M3/436 , H04M7/0078
摘要： The present invention provides a system, method and apparatus for providing network level and nodal level vulnerability protection in VoIP networks by receiving a communication, filtering the received communication using three or more stages selected from the group comprising a media protection and filtering plane, a policy based filtering plane, a signature based filtering plane, a protocol anomaly detection and filtering plane and a behavioral learning based filtering plane, and either allowing or denying the received communication based the filtering step. The stages are applicable to one or more protocols including SIP, IMS, UMA, H.248, H.323, RTP, CSTA/XML or a combination thereof. In addition, the stages can be implemented within a single device or are distributed across a network (e.g., SIP network, a UMA network, an IMS network or a combination thereof).
摘要翻译：本发明提供一种用于通过接收通信来在VoIP网络中提供网络级和节点级漏洞保护的系统，方法和装置，使用从包括媒体保护和过滤平面的组中选择的三个或多个阶段来过滤所接收的通信，策略基于签名的过滤平面，协议异常检测和过滤平面以及基于行为学习的过滤平面，以及基于过滤步骤允许或拒绝所接收的通信。这些阶段适用于一种或多种协议，包括SIP，IMS，UMA，H.248，H.323，RTP，CSTA / XML或其组合。此外，这些级可以在单个设备内实现，或者跨网络分布（例如，SIP网络，UMA网络，IMS网络或其组合）。

35. 发明授权

US08474044B2 Attack-resistant verification of auto-generated anti-malware signatures 有权
标题翻译：自动生成的反恶意软件签名的防攻击验证
公开(公告)号：US08474044B2
公开(公告)日：2013-06-25
申请号：US12348702
申请日：2009-01-05
申请人： Andrew Zawadowskiy , Boris Ruchansky , Mikhail Cherepov
发明人： Andrew Zawadowskiy , Boris Ruchansky , Mikhail Cherepov
IPC分类号： G06F11/00 , G06F12/14 , G06F12/16 , G08B23/00
CPC分类号： H04L63/1408 , G06F21/564 , H04L2463/141
摘要： Techniques are disclosed for verifying whether payload signatures correspond to a vulnerability or exploit. Generally a security system may be configured to detect an attack on a server while the server is processing a payload. The security system generates (or obtains) a provisional signature corresponding to the vulnerability. For example, a provisional signature may be generated for a vulnerability from a group of payloads determined to correspond to that vulnerability. The effects of subsequent payloads which match the provisional signature may be monitored. If the effects of a payload duplicate the attack symptoms, a confidence metric for provisional signature may be increased. Once the confidence metric exceeds a predetermined threshold, then the provisional signature may be made active and used to block traffic from reaching an intended destination.
摘要翻译：公开了用于验证有效载荷签名是否对应于漏洞或漏洞的技术。通常，安全系统可以被配置为在服务器处理有效载荷时检测对服务器的攻击。安全系统生成（或获取）与该漏洞相对应的临时签名。例如，可以针对确定为对应于该漏洞的一组有效负载中的漏洞生成临时签名。可以监视与临时签名相匹配的后续有效载荷的影响。如果有效载荷的影响与攻击症状重复，则临时签名的置信度量可能会增加。一旦置信量度超过预定阈值，则临时签名可以被激活，并用于阻止流量到达预定目的地。

36. 发明授权

US08407342B2 System and method for detecting and preventing denial of service attacks in a communications system 有权
标题翻译：用于在通信系统中检测和防止拒绝服务攻击的系统和方法
公开(公告)号：US08407342B2
公开(公告)日：2013-03-26
申请号：US13052959
申请日：2011-03-21
申请人： Krishna Kurapati , Sachin Purushottam Joglekar
发明人： Krishna Kurapati , Sachin Purushottam Joglekar
IPC分类号： G06F15/173
CPC分类号： H04L63/1458 , H04L2463/141
摘要： A method and system are provided for use in detecting and preventing attacks in a communications network. In one example, the method includes calculating first and second traffic volumes based on messages received at a first time and a second time, respectively. An average acceleration is calculated based on the first and second traffic volumes, and the method identifies whether the average acceleration has crossed a threshold. The messages are serviced only if the average acceleration has not crossed the threshold.
摘要翻译：提供了一种用于检测和防止通信网络中的攻击的方法和系统。在一个示例中，该方法包括基于分别在第一时间和第二时间接收到的消息来计算第一和第二业务量。基于第一和第二业务量计算平均加速度，并且该方法识别平均加速度是否已经超过阈值。仅当平均加速度没有超过阈值时，消息才被服务。

37. 发明授权

US08402540B2 Systems and methods for processing data flows 有权
标题翻译：用于处理数据流的系统和方法
公开(公告)号：US08402540B2
公开(公告)日：2013-03-19
申请号：US11877819
申请日：2007-10-24
申请人： Harsh Kapoor , Moisey Akerman , Stephen D. Justus , JC Ferguson , Yevgeny Korsunsky , Paul S. Gallo , Charles Ching Lee , Timothy M. Martin , Chunsheng Fu , Weidong Xu
发明人： Harsh Kapoor , Moisey Akerman , Stephen D. Justus , JC Ferguson , Yevgeny Korsunsky , Paul S. Gallo , Charles Ching Lee , Timothy M. Martin , Chunsheng Fu , Weidong Xu
IPC分类号： H04L29/06
CPC分类号： G06N3/0472 , G06F9/505 , G06F21/55 , G06F21/577 , H04L29/06 , H04L63/0227 , H04L63/1408 , H04L63/1416 , H04L63/1425 , H04L63/1441 , H04L63/145 , H04L63/1483 , H04L63/164 , H04L63/166 , H04L67/10 , H04L67/306 , H04L67/325 , H04L67/327 , H04L67/34 , H04L69/329 , H04L2463/141
摘要： A flow processing facility, which uses a set of artificial neurons for pattern recognition, such as a self-organizing map, in order to provide security and protection to a computer or computer system supports unified threat management based at least in part on patterns relevant to a variety of types of threats that relate to computer systems, including computer networks. Flow processing for switching, security, and other network applications, including a facility that processes a data flow to address patterns relevant to a variety of conditions are directed at internal network security, virtualization, and web connection security. A flow processing facility for inspecting payloads of network traffic packets detects security threats and intrusions across accessible layers of the IP-stack by applying content matching and behavioral anomaly detection techniques based on regular expression matching and self-organizing maps. Exposing threats and intrusions within packet payload at or near real-time rates enhances network security from both external and internal sources while ensuring security policy is rigorously applied to data and system resources. Intrusion Detection and Protection (IDP) is provided by a flow processing facility that processes a data flow to address patterns relevant to a variety of types of network and data integrity threats that relate to computer systems, including computer networks.
摘要翻译：使用一组用于模式识别的人造神经元（例如自组织图）以便向计算机或计算机系统提供安全性和保护的流程处理设备至少部分地基于与与计算机系统（包括计算机网络）相关的各种类型的威胁。用于交换，安全和其他网络应用的流处理，包括处理数据流以处理与各种条件相关的模式的设施，针对内部网络安全性，虚拟化和Web连接安全性。用于检查网络流量包的有效载荷的流处理设备通过应用基于正则表达式匹配和自组织映射的内容匹配和行为异常检测技术来检测IP堆栈的可访问层的安全威胁和入侵。在实时速率或接近实时速率的情况下，在数据包有效载荷中暴露威胁和入侵，从而确保安全策略严格应用于数据和系统资源，从而提高了外部和内部来源的网络安全性。入侵检测和保护（IDP）由处理数据流的流处理设备提供，以处理与包括计算机网络在内的计算机系统相关的各种类型的网络和数据完整性威胁相关的模式。

38. 发明授权

US08346960B2 Systems, methods, and devices for defending a network 有权
公开(公告)号：US08346960B2
公开(公告)日：2013-01-01
申请号：US11234433
申请日：2005-09-23
申请人： Oliver Spatscheck , Jacobus E. Van der Merwe
发明人： Oliver Spatscheck , Jacobus E. Van der Merwe
IPC分类号： G06F15/16 , G06F15/173 , G06F12/14 , H04L29/06
CPC分类号： H04L63/1416 , H04L63/1441 , H04L63/1458 , H04L2463/141
摘要： Certain exemplary embodiments comprise a method comprising: within a backbone network: for backbone network traffic addressed to a particular target and comprising attack traffic and non-attack traffic, the attack traffic simultaneously carried by the backbone network with the non-attack traffic: redirecting at least a portion of the attack traffic to a scrubbing complex; and allowing at least a portion of the non-attack traffic to continue to the particular target without redirection to the scrubbing complex.

39. 发明申请

US20120222090A1 METHOD OF COMMUNICATIONS AND COMMUNICATION NETWORK INTRUSION PROTECTION METHODS AND INTRUSION ATTEMPT DETECTION SYSTEM 审中-公开
标题翻译：通信和通信网络侵入保护方法和侵入攻击检测系统
公开(公告)号：US20120222090A1
公开(公告)日：2012-08-30
申请号：US13465901
申请日：2012-05-07
申请人： Victor I. Sheymov
发明人： Victor I. Sheymov
IPC分类号： H04L9/32
CPC分类号： H04L63/1441 , G06Q20/10 , G06Q30/0601 , H04L29/12783 , H04L61/35 , H04L63/08 , H04L63/0876 , H04L63/1408 , H04L63/1416 , H04L63/1458 , H04L2463/141
摘要： A method, system and computer readable medium for protecting a communications device connected to a communications system against an unauthorized intrusion, including providing a variable identifier to the communications device and entities authorized access thereto. The variable identifier is provided to a user address book and assigned with a permanent identifier and the permanent identifier, but not the variable identifier, is available to a user. The presence or absence of the correct variable identifier is sensed during an attempt to access the communications device for granting or denying access to the communications device. A new variable identifier is periodically provided to the communications device and to the authorized entities and to the user address book and assigned with the permanent identifier, wherein the permanent identifier, but not the new variable identifier, is available to the user.
摘要翻译：一种用于保护连接到通信系统的通信设备以防止未经授权的入侵的方法，系统和计算机可读介质，包括向所述通信设备提供可变标识符和实体授权的访问。变量标识符被提供给用户地址簿并被分配有永久标识符，并且永久标识符而不是可变标识符对用户是可用的。在尝试访问通信设备以授予或拒绝对通信设备的访问期间感测到存在或不存在正确的变量标识符。周期性地向通信设备和授权实体以及用户地址簿提供新的变量标识符并且分配有永久标识符，其中永久标识符而不是新变量标识符对于用户是可用的。

40. 发明授权

US08250631B2 Protecting against denial of service attacks using trust, quality of service, personalization, and hide port messages 失效
标题翻译：使用信任，服务质量，个性化和隐藏端口消息来防止拒绝服务攻击
公开(公告)号：US08250631B2
公开(公告)日：2012-08-21
申请号：US12757836
申请日：2010-04-09
申请人： Arun K Iyengar , Mudhakar Srivatsa , Jian Yin
发明人： Arun K Iyengar , Mudhakar Srivatsa , Jian Yin
IPC分类号： H04L29/06
CPC分类号： H04L9/3213 , H04L9/3271 , H04L63/0236 , H04L63/126 , H04L63/1458 , H04L2463/102 , H04L2463/141
摘要： According to an embodiment of the invention, a system for processing a plurality of service requests in a client-server system includes a challenge server for: presenting a cryptographic challenge to the client; initializing a trust cookie that encodes a client's initial priority level after the client correctly solves the cryptographic challenge; computing a trust level score for the client based on a service request wherein said trust level score is associated with an amount of resources expended by the server in handling the service request such that a higher trust level score is computed for service requests consuming less system resources; assigning the trust level score to the client based on the computation; and embedding the assigned trust level score in the trust cookie included in all responses sent from the server to the client. The system further includes an application server coupled with a firewall.
摘要翻译：根据本发明的实施例，用于在客户机 - 服务器系统中处理多个服务请求的系统包括：挑战服务器，用于：向客户端呈现密码挑战; 在客户端正确解决密码挑战之后，初始化编码客户端初始优先级的信任cookie; 基于服务请求计算客户端的信任级别得分，其中所述信任级别得分与服务器处理服务请求所消耗的资源量相关联，以便为消耗较少系统资源的服务请求计算更高的信任级别得分 ; 基于计算将信任级别分数分配给客户端; 并将分配的信任级别分数嵌入到从服务器发送到客户端的所有响应中包含的信任cookie中。该系统还包括与防火墙耦合的应用服务器。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式