会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 2. 发明授权
    • Detection of signatures in disordered message segments
    • 检测无序消息段中的签名
    • US07957390B2
    • 2011-06-07
    • US11133039
    • 2005-05-18
    • Peter FurlongDaniel Martin O'KeeffeEoghan StackKevin Loughran
    • Peter FurlongDaniel Martin O'KeeffeEoghan StackKevin Loughran
    • H04L12/28G06F11/00
    • H04L63/1408H04L63/166
    • A method of detecting signatures in message segments comprises employing a state machine for the detection of character strings in the message segments. The state machine executes for each input character a transition determined by a current state of the machine and a current input character. The message segments conform to TCP or other ordering transport protocol. The order of arrival of the message segments is monitored. In the event that an intermediate message segment is missing between a processed segment and an immediately subsequent message segment, the current state of said state machine at the end of the said processed segment is stored. The machine is restarted from its null or datum state for the examination of the immediately subsequent message segment, which is then temporarily stored. When the missing segment eventually arrives, it and the stored segment are successively examined for signatures by means of the state machine, beginning at the stored state. The invention allows for examination of overlapping signatures without requiring re-assembly of the segments or substantial buffering.
    • 检测消息段中的签名的方法包括采用状态机来检测消息段中的字符串。 状态机对于每个输入字符执行由机器的当前状态和当前输入字符确定的转变。 消息段符合TCP或其他排序传输协议。 监视消息段的到达顺序。 在经处理​​段和紧随其后的消息段之间缺少中间消息段的情况下,存储所述处理段的末尾处的所述状态机的当前状态。 机器从其零或基准状态重新开始,以便检查紧随其后的消息段,然后临时存储。 当丢失段最终到达时,从存储状态开始,通过状态机连续检查存储的段和签名。 本发明允许检查重叠签名,而不需要重新组装段或基本缓冲。
    • 3. 发明授权
    • Deciphering of fragmented enciphered data packets
    • 对加密数据包进行分段解密
    • US07818564B2
    • 2010-10-19
    • US11121231
    • 2005-05-03
    • Kevin LoughranEoghan StackPeter FurlongDavid John Law
    • Kevin LoughranEoghan StackPeter FurlongDavid John Law
    • H04L29/06
    • H04L63/0485H04L63/164
    • The deciphering of fragmented enciphered IP packets is performed without requiring reassembly of the fragments. fragmented packets. When a first frame is deciphered a characteristic poly-tuple is saved against the state of the cipher, particularly an output vector. When the next frame comes in, the cipher would continue on from that previously saved state after a look-up of the poly-tuple. Each frame would then be sent on, deciphered, but still representing a fragment of the original packet. The poly-tuple employed for the look-up includes the identity and protocol fields from the IP header and at least one of the source IP address and the destination IP address. The deciphering process may commence with the combination of input data with an initializing vector and proceed by combining input data with a vector fed back from the output of the deciphering engine. The saved cipher state is employed as the initializing vector for the next frame.
    • 在不需要重新组装片段的情况下执行分段加密的IP分组的解密。 碎片包 当第一帧被解密时,针对密码的状态,特别是输出向量,保存特征多元组。 当下一帧进入时,在多元组的查找之后,密码将从先前保存的状态继续。 然后,每个帧将被发送,解密,但仍然表示原始分组的片段。 用于查找的多元组包括来自IP头部的标识和协议字段以及源IP地址和目的地IP地址中的至少一个。 解密过程可以以输入数据与初始化矢量的组合开始,并且通过将输入数据与从解密引擎的输出反馈的向量组合来进行。 采用保存的密码状态作为下一帧的初始化向量。
    • 4. 发明授权
    • Pattern matching using deterministic finite automata and organization of such automata
    • 使用确定性有限自动机的模式匹配和这种自动机的组织
    • US07672941B2
    • 2010-03-02
    • US11064257
    • 2005-02-22
    • Peter FurlongEoghan StackDavid John LawHana Hailichova
    • Peter FurlongEoghan StackDavid John LawHana Hailichova
    • G06F17/30
    • G06Q10/06
    • A deterministic finite state machine is operated to detect any one of a plurality of digital signatures each corresponding to a succession of characters and each defined by a sequence of states in the state machine. The machine is organized such that for each state after the first in any sequence there are not more than two allowed exit transitions of which one is to a default state. Input characters are examined to determine a transition from a current state of the machine to a next state. When the machine responds to an input character to perform a transition to the default state, the input character is re-examined to determine the next state of the state machine. The reduction in transitions saves considerable space in memory.
    • 操作确定性有限状态机来检测多个数字签名中的每一个对应于一系列字符的数字签名,并且每个都由状态机中的状态序列定义。 机器被组织使得对于在任何顺序中的第一个之后的每个状态,不超过两个允许的退出转换,其中一个到默认状态。 检查输入字符以确定从机器的当前状态到下一状态的转换。 当机器响应输入字符以执行到默认状态的转换时,重新检查输入字符以确定状态机的下一状态。 转换的减少节省了大量的内存空间。
    • 6. 发明申请
    • Detection of signatures in disordered message segments
    • 检测无序消息段中的签名
    • US20060227787A1
    • 2006-10-12
    • US11133039
    • 2005-05-18
    • Peter FurlongDaniel O'KeeffeEoghan StackKevin Loughran
    • Peter FurlongDaniel O'KeeffeEoghan StackKevin Loughran
    • H04L1/00
    • H04L63/1408H04L63/166
    • A method of detecting signatures in message segments comprises employing a state machine for the detection of character strings in the message segments. The state machine executes for each input character a transition determined by a current state of the machine and a current input character. The message segments conform to TCP or other ordering transport protocol. The order of arrival of the message segments is monitored. In the event that an intermediate message segment is missing between a processed segment and an immediately subsequent message segment, the current state of said state machine at the end of the said processed segment is stored. The machine is restarted from its null or datum state for the examination of the immediately subsequent message segment, which is then temporarily stored. When the missing segment eventually arrives, it and the stored segment are successively examined for signatures by means of the state machine, beginning at the stored state. The invention allows for examination of overlapping signatures without requiring re-assembly of the segments or substantial buffering.
    • 检测消息段中的签名的方法包括采用状态机来检测消息段中的字符串。 状态机对于每个输入字符执行由机器的当前状态和当前输入字符确定的转变。 消息段符合TCP或其他排序传输协议。 监视消息段的到达顺序。 在经处理​​段和紧随其后的消息段之间缺少中间消息段的情况下,存储所述处理段的末尾处的所述状态机的当前状态。 机器从其零或基准状态重新开始,以便检查紧随其后的消息段,然后临时存储。 当丢失段最终到达时,从存储状态开始,通过状态机连续检查存储的段和签名。 本发明允许检查重叠签名,而不需要重新组装段或基本缓冲。
    • 7. 发明申请
    • Deciphering of fragmented enciphered data packets
    • 对加密数据包进行分段解密
    • US20060218390A1
    • 2006-09-28
    • US11121231
    • 2005-05-03
    • Kevin LoughranEoghan StackPeter FurlongDavid Law
    • Kevin LoughranEoghan StackPeter FurlongDavid Law
    • H04L9/00
    • H04L63/0485H04L63/164
    • The deciphering of fragmented enciphered IP packets is perfomed without requiring reassembly of the fragments fragmented packets. When a first frame is deciphered a characteristic poly-tuple is saved against the state of the cipher, particularly an output vector. When the next frame comes in, the cipher would continue on from that previously saved state after a look-up of the poly-tuple. Each frame would then be sent on, deciphered, but still representing a fragment of the original packet. The poly-tuple employed for the look-up includes the identity and protocol fields from the IP header and at least one of the source IP address and the destination IP address. The deciphering process may commence with the combination of input data with an initialising vector and proceed by combining input data with a vector fed back from the output of the deciphering engine. The saved cipher state is employed as the initialising vector for the next frame.
    • 分片加密的IP分组的解密被完成,而不需要重新组合碎片分段的分组。 当第一帧被解密时,针对密码的状态,特别是输出向量,保存特征多元组。 当下一帧进入时,在多元组的查找之后,密码将从先前保存的状态继续。 然后,每个帧将被发送,解密,但仍然表示原始分组的片段。 用于查找的多元组包括来自IP头部的标识和协议字段以及源IP地址和目的地IP地址中的至少一个。 解密过程可以从输入数据与初始化向量的组合开始,并且通过将输入数据与从解密引擎的输出反馈的向量组合来进行。 采用保存的密码状态作为下一帧的初始化向量。
    • 8. 发明申请
    • Data storage and matching employing words wider than width of content addressable memory
    • 使用比内容可寻址存储器宽度宽的数据的数据存储和匹配
    • US20060085590A1
    • 2006-04-20
    • US11014100
    • 2004-12-15
    • Andrew DavyKeith RobinsonJerome NolanEoghan Stack
    • Andrew DavyKeith RobinsonJerome NolanEoghan Stack
    • G06F12/00
    • G11C15/00
    • A selected word is stored in a content addressable memory (CAM) by partitioning the word into at least two segments, the segments being individually lesser in width than the CAM but in aggregate greater than the width of the CAM. A first entry in the CAM comprises a predetermined prefix and a first of the segments and a second entry in the CAM comprises a second prefix, corresponding to the address of the first segment, and the second segment. A search key is similarly partitioned. In a first search cycle a first segment of the search key prefixed by the predetermined prefix is applied to the CAM and in the event of a matching entry a second segment of the search key, prefixed by a second prefix comprising an output address word identifying the matching entry, is applied to the CAM in a second search cycle.
    • 所选择的单词通过将单词划分成至少两个段来存储在内容可寻址存储器(CAM)中,该区段的宽度单独地小于CAM,但是总体上大于CAM的宽度。 CAM中的第一条目包括预定的前缀和第一段,并且CAM中的第二条目包括对应于第一段的地址和第二段的第二前缀。 搜索键被类似地分割。 在第一搜索周期中,以预定前缀为前缀的搜索关键字的第一片段被应用于CAM,并且在匹配条目的情况下,搜索关键字的第二片段以第二前缀为前缀,包括标识 匹配条目在第二搜索周期中应用于CAM。