专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20070055870A1 Process for secure communication over a wireless network, related network and computer program product 审中-公开
标题翻译：通过无线网络，相关网络和计算机程序产品进行安全通信的过程
公开(公告)号：US20070055870A1
公开(公告)日：2007-03-08
申请号：US10555891
申请日：2003-05-13
申请人： Alessandro Bruti , Gerardo Lamastra , Alessandro Bruti , Gerardo Lamastra
发明人： Alessandro Bruti , Gerardo Lamastra , Alessandro Bruti , Gerardo Lamastra
IPC分类号： H04L9/00
CPC分类号： H04L63/065 , H04L9/0841 , H04L63/0823 , H04L2209/80 , H04W12/003 , H04W12/06 , H04W84/12
摘要： In order to ensure secure communication over a wireless network, such as a network according to the 802.11 standard, the terminals in the network exchange information ciphered by means of at least one key. The key is generated independently at each terminal by means of the group key agreement type.
摘要翻译：为了确保通过诸如根据802.11标准的网络的无线网络的安全通信，网络中的终端通过至少一个密钥加密的信息交换信息。密钥通过组密钥协议类型在每个终端独立生成。

2. 发明申请

US20070300301A1 Instrusion Detection Method and System, Related Network and Computer Program Product Therefor 有权
标题翻译：入侵检测方法与系统，相关网络及其计算机程序产品
公开(公告)号：US20070300301A1
公开(公告)日：2007-12-27
申请号：US11791609
申请日：2004-11-26
申请人： Gianluca Cangini , Francesco Coda Zabetta , Gerardo Lamastra
发明人： Gianluca Cangini , Francesco Coda Zabetta , Gerardo Lamastra
IPC分类号： G06F1/00
CPC分类号： H04L63/1408 , G06F21/552 , G06F21/554 , G06F2221/2135 , G06F2221/2151
摘要： Intrusions in a system under surveillance are detected by matching the events occurring during operation of the system against a knowledge base including information on events which occurred during a learning phase. The detection technique includes the steps of: recording, during the learning phase, temporal data related to the events during the learning phase; identifying, as a function of the temporal data recorded, a dynamic part of the knowledge base; discovering patterns that cover the dynamic part of the knowledge base; and using, during the analysis phase, a regular expression match at least with respect to the dynamic part of the knowledge base.
摘要翻译：通过将系统运行期间发生的事件与包括在学习阶段发生的事件的信息相关的知识库相匹配来检测被监视的系统中的入侵。检测技术包括以下步骤：在学习阶段记录与学习阶段期间的事件有关的时间数据; 根据记录的时间数据识别知识库的动态部分; 发现涵盖知识库动态部分的模式; 并且在分析阶段期间使用至少相对于知识库的动态部分的正则表达式匹配。

3. 发明申请

US20070107052A1 Method and apparatus for monitoring operation of processing systems, related network and computer program product therefor 审中-公开
标题翻译：用于监控处理系统，相关网络和计算机程序产品的操作的方法和装置
公开(公告)号：US20070107052A1
公开(公告)日：2007-05-10
申请号：US10582848
申请日：2003-12-17
申请人： Gianluca Cangini , Gerardo Lamastra , Francesco Coda Zabetta , Paolo Abeni , Madalina Baltatu , Rosalia D'Alessandro , Stefano Brusotti , Sebastiano Di Paola , Manuel Leone , Federico Frosali
发明人： Gianluca Cangini , Gerardo Lamastra , Francesco Coda Zabetta , Paolo Abeni , Madalina Baltatu , Rosalia D'Alessandro , Stefano Brusotti , Sebastiano Di Paola , Manuel Leone , Federico Frosali
IPC分类号： G06F12/14
CPC分类号： G06F21/554 , G06F21/55
摘要： Apparatus for monitoring operation of a processing system includes a set of modules for monitoring operation of a set of system primitives that allocate or release the system resources and are used by different processes running on the system. Preferably, the modules include at least one application knowledge module tracking the processes running on the system and monitoring the resources used thereby, a network knowledge module monitoring connections by the processes running on the system, a file-system analysis module monitoring the file-related operations performed within the system, and a device monitoring module monitoring operation of commonly used modules with the system. A preferred field of application is in host-based intrusion detection systems.
摘要翻译：用于监视处理系统的操作的装置包括一组模块，用于监视分配或释放系统资源并被系统上运行的不同进程使用的一组系统原语的操作。优选地，所述模块包括至少一个应用知识模块，其跟踪在系统上运行的进程并监视由此使用的资源，网络知识模块通过系统上运行的进程来监视连接，文件系统分析模块监视文件相关在系统内执行的操作，以及设备监控模块，监视系统中常用模块的操作。优选的应用领域是基于主机的入侵检测系统。

4. 发明授权

US08443446B2 Method and system for identifying malicious messages in mobile communication networks, related network and computer program product therefor 有权
标题翻译：用于识别移动通信网络中的恶意消息的方法和系统，相关网络和计算机程序产品
公开(公告)号：US08443446B2
公开(公告)日：2013-05-14
申请号：US12225684
申请日：2006-03-27
申请人： Gerardo Lamastra , Gianluca Cangini , Francesco Coda Zabetta , Luigi Sperti
发明人： Gerardo Lamastra , Gianluca Cangini , Francesco Coda Zabetta , Luigi Sperti
IPC分类号： H04L29/06
CPC分类号： H04L51/12 , H04L51/38 , H04L63/0227 , H04L63/1491 , H04W12/12
摘要： A system for identifying malicious messages transmitted over a mobile communication network includes: sentinel modules associated with respective mobile terminals in the network for monitoring messages passing therethrough, wherein the sentinel modules identify as a candidate malicious message, any message passing through the mobile terminals and failing to comply with a first set of patterns and issue a corresponding sentinel identification message; a set of probe modules for monitoring messages transmitted over the network, wherein the probe modules identify as a candidate malicious message any message transmitted over the network and failing to comply with a second set of patterns and issue a corresponding probe identification message; and preferably at least one client honeypot module for receiving and processing any messages sent thereto to produce corresponding processing results, wherein the client honeypot module identifies as a candidate malicious message any message producing a processing result failing to comply with a third set of patterns and issues a corresponding client honeypot identification message.
摘要翻译：用于识别通过移动通信网络发送的恶意消息的系统包括：与网络中的相应移动终端相关联的哨兵模块，用于监视通过其中的消息，其中，所述哨兵模块标识为候选恶意消息，通过所述移动终端的任何消息失败遵守第一组模式并发出相应的哨兵识别信息; 一组用于监视通过网络发送的消息的探测模块，其中探测模块将通过网络发送的任何消息标识为候选恶意消息，并且不符合第二组模式并发出相应的探测器识别消息; 并且优选地是至少一个客户端蜜罐模块，用于接收和处理发送到其上的任何消息以产生相应的处理结果，其中客户端蜜罐模块将任何消息产生为不符合第三组模式和问题的处理结果的任何消息相应的客户端蜜罐识别消息。

5. 发明授权

US08443439B2 Method and system for mobile network security, related network and computer program product 有权
标题翻译：移动网络安全，相关网络和计算机程序产品的方法和系统
公开(公告)号：US08443439B2
公开(公告)日：2013-05-14
申请号：US12225686
申请日：2006-10-31
申请人： Gerardo Lamastra , Paolo Abeni , Gianluca Cangini , Francesco Coda Zabetta
发明人： Gerardo Lamastra , Paolo Abeni , Gianluca Cangini , Francesco Coda Zabetta
IPC分类号： G06F12/14
CPC分类号： H04L51/12 , H04L51/38 , H04L63/0227 , H04L63/1491 , H04W12/12
摘要： A honeypot system for protecting a mobile communication network against malware includes one or more user-less mobile devices including a monitoring module for monitoring the events conveying software applications in the associated mobile device as well as a controller client module that emulates human-like interaction with the user-less devices as a function of the events monitored. The system controllably performs, for the applications conveyed by the events monitored, one or more of the following steps: i) installing the application on the device; ii) executing the application installed on the device; and iii) de-installing the application from the device. After any of these steps, the state of the device is checked in order to detect if any anomalous variation has occurred in the state of the device indicative of the device being exposed to the risk of malware. If any anomalous variation is detected, the system issues a malware alert message.
摘要翻译：用于保护移动通信网络免受恶意软件的蜜罐系统包括一个或多个无用户移动设备，包括用于监视传送相关联的移动设备中的软件应用程序的事件的监视模块以及模拟与人类的交互的控制器客户端模块作为监视事件的函数的无用户设备。该系统可控制地执行由所监视的事件传送的应用程序中的一个或多个以下步骤：i）将应用程序安装在设备上; ii）执行安装在设备上的应用程序; 以及iii）从所述设备中去除所述应用。在这些步骤中的任一步骤之后，检查设备的状态，以便检测在设备的状态下是否发生任何异常变化，指示设备被暴露于恶意软件的风险。如果检测到任何异常变化，系统将发出恶意软件警报消息。

6. 发明申请

US20120151585A1 Method and System for Identifying Malicious Messages in Mobile Communication Networks, Related Network and Computer Program Product Therefor 有权
标题翻译：用于识别移动通信网络中的恶意消息的方法和系统，相关网络和计算机程序产品
公开(公告)号：US20120151585A1
公开(公告)日：2012-06-14
申请号：US12225684
申请日：2006-03-27
申请人： Gerardo Lamastra , Gianluca Cangini , Francesco Coda Zabetta , Luigi Sperti
发明人： Gerardo Lamastra , Gianluca Cangini , Francesco Coda Zabetta , Luigi Sperti
IPC分类号： G06F21/00
CPC分类号： H04L51/12 , H04L51/38 , H04L63/0227 , H04L63/1491 , H04W12/12
摘要： A system for identifying malicious messages transmitted over a mobile communication network includes: sentinel modules associated with respective mobile terminals in the network for monitoring messages passing therethrough, wherein the sentinel modules identify as a candidate malicious message, any message passing through the mobile terminals and failing to comply with a first set of patterns and issue a corresponding sentinel identification message; a set of probe modules for monitoring messages transmitted over the network, wherein the probe modules identify as a candidate malicious message any message transmitted over the network and failing to comply with a second set of patterns and issue a corresponding probe identification message; and preferably at least one client honeypot module for receiving and processing any messages sent thereto to produce corresponding processing results, wherein the client honeypot module identifies as a candidate malicious message any message producing a processing result failing to comply with a third set of patterns and issues a corresponding client honeypot identification message.
摘要翻译：用于识别通过移动通信网络发送的恶意消息的系统包括：与网络中的相应移动终端相关联的哨兵模块，用于监视通过其中的消息，其中，所述哨兵模块标识为候选恶意消息，通过所述移动终端的任何消息失败遵守第一组模式并发出相应的哨兵识别信息; 一组用于监视通过网络发送的消息的探测模块，其中探测模块将通过网络发送的任何消息标识为候选恶意消息，并且不符合第二组模式并发出相应的探测器识别消息; 并且优选地是至少一个客户端蜜罐模块，用于接收和处理发送到其上的任何消息以产生相应的处理结果，其中客户端蜜罐模块将任何消息产生为不符合第三组模式和问题的处理结果的任何消息相应的客户端蜜罐识别消息。

7. 发明授权

US08185955B2 Intrusion detection method and system, related network and computer program product therefor 有权
标题翻译：入侵检测方法及系统，相关网络及计算机程序产品
公开(公告)号：US08185955B2
公开(公告)日：2012-05-22
申请号：US11791609
申请日：2004-11-26
申请人： Gianluca Cangini , Francesco Coda Zabetta , Gerardo Lamastra
发明人： Gianluca Cangini , Francesco Coda Zabetta , Gerardo Lamastra
IPC分类号： G06F11/00 , G06F12/14 , G06F12/16 , G08B23/00 , G06E1/00 , G06E3/00 , G06F15/18 , G06F17/00 , G06G7/00 , G06N3/08 , G06N7/00 , G06N7/08
CPC分类号： H04L63/1408 , G06F21/552 , G06F21/554 , G06F2221/2135 , G06F2221/2151
摘要： Intrusions in a system under surveillance are detected by matching the events occurring during operation of the system against a knowledge base including information on events which occurred during a learning phase. The detection technique includes the steps of: recording, during the learning phase, temporal data related to the events during the learning phase; identifying, as a function of the temporal data recorded, a dynamic part of the knowledge base; discovering patterns that cover the dynamic part of the knowledge base; and using, during the analysis phase, a regular expression match at least with respect to the dynamic part of the knowledge base.
摘要翻译：通过将系统运行期间发生的事件与包括在学习阶段发生的事件的信息相关的知识库相匹配来检测被监视的系统中的入侵。检测技术包括以下步骤：在学习阶段记录与学习阶段期间的事件有关的时间数据; 根据记录的时间数据识别知识库的动态部分; 发现涵盖知识库动态部分的模式; 并且在分析阶段期间使用至少相对于知识库的动态部分的正则表达式匹配。

8. 发明申请

US20090217369A1 Method and system for processing packet flows, and computer program product therefor 审中-公开
标题翻译：处理数据包流的方法和系统及其计算机程序产品
公开(公告)号：US20090217369A1
公开(公告)日：2009-08-27
申请号：US11919906
申请日：2005-05-04
申请人： Paolo Abeni , Paolo Milani Comparetti , Sebastiano Di Paola , Gerardo Lamastra
发明人： Paolo Abeni , Paolo Milani Comparetti , Sebastiano Di Paola , Gerardo Lamastra
IPC分类号： G06F21/00 , H04L12/26
CPC分类号： H04L47/10 , G06F9/526 , G06F2209/522 , H04L49/90 , H04L63/1408
摘要： Packet flows are processed, e.g. to perform an intrusion detection function in a communication network, by means of a multiprocessor system including a plurality of processing units. The packets are distributed for processing among the processing units via a distribution function. Such a distribution function is selectively allotted to one of the processing units of the plurality. A preferred embodiment of the arrangement involves using a single Symmetric Multi-Processor machine with a single network port to Gigabit/sec link. The corresponding system architecture does not require any intermediate device, or any external load balancing mechanism. All the processing work is performed on a single system, which is able to dynamically balance the traffic load among the several independent CPUs. By resorting to a specific scheduling arrangement, such a system is able to effectively distribute the computations required to perform both the loadbalancing and the detection operations.
摘要翻译：处理数据包流，例如通过包括多个处理单元的多处理器系统在通信网络中执行入侵检测功能。这些分组被分配用于经由分发功能在处理单元之间进行处理。这种分配功能被选择性地分配给多个处理单元之一。该布置的优选实施例涉及使用具有单个网络端口到千兆/秒链路的单个对称多处理器机器。相应的系统架构不需要任何中间设备或任何外部负载平衡机制。所有的处理工作都在单个系统上执行，能够动态平衡多个独立CPU之间的流量负载。通过采用特定的调度安排，这样的系统能够有效地分配执行负载平衡和检测操作所需的计算。

9. 发明申请

US20090144823A1 Method and System for Mobile Network Security, Related Network and Computer Program Product 有权
标题翻译：移动网络安全方法与系统，相关网络和计算机程序产品
公开(公告)号：US20090144823A1
公开(公告)日：2009-06-04
申请号：US12225686
申请日：2006-10-31
申请人： Gerardo Lamastra , Paolo Abeni , Gianluca Cangini , Francesco Coda Zabetta
发明人： Gerardo Lamastra , Paolo Abeni , Gianluca Cangini , Francesco Coda Zabetta
IPC分类号： H04L9/00
CPC分类号： H04L51/12 , H04L51/38 , H04L63/0227 , H04L63/1491 , H04W12/12
摘要： A honeypot system for protecting a mobile communication network against malware includes one or more user-less mobile devices including a monitoring module for monitoring the events conveying software applications in the associated mobile device as well as a controller client module that emulates human-like interaction with the user-less devices as a function of the events monitored. The system controllably performs, for the applications conveyed by the events monitored, one or more of the following steps: i) installing the application on the device; ii) executing the application installed on the device; and iii) de-installing the application from the- device. After any of these steps, the state of the device is checked in order to detect if any anomalous variation has occurred in the state of the device indicative of the device being exposed to the risk of malware. If any anomalous variation is detected, the system issues a malware alert message.
摘要翻译：用于保护移动通信网络免受恶意软件的蜜罐系统包括一个或多个无用户移动设备，包括用于监视传送相关联的移动设备中的软件应用程序的事件的监视模块以及模拟与人类的交互的控制器客户端模块作为监视事件的函数的无用户设备。该系统可控制地执行由所监视的事件传送的应用程序中的一个或多个以下步骤：i）将应用程序安装在设备上; ii）执行安装在设备上的应用程序; 以及iii）从设备中去除应用程序。在这些步骤中的任一步骤之后，检查设备的状态，以便检测在设备的状态下是否发生任何异常变化，指示设备被暴露于恶意软件的风险。如果检测到任何异常变化，系统将发出恶意软件警报消息。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式