专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20100071062A1 MECHANISM FOR IDENTIFYING MALICIOUS CONTENT, DoS ATTACKS, AND ILLEGAL IPTV SERVICES 有权
标题翻译：识别恶意内容的机制，DoS攻击和非法IPTV服务
公开(公告)号：US20100071062A1
公开(公告)日：2010-03-18
申请号：US12233561
申请日：2008-09-18
申请人： VINOD K. CHOYI , PIERRICK GUINGO , FAUD A. KHAN
发明人： VINOD K. CHOYI , PIERRICK GUINGO , FAUD A. KHAN
IPC分类号： G06F21/00
CPC分类号： H04L63/1408 , H04L41/0213 , H04L63/1441 , H04L65/4076 , H04L2463/141 , H04N21/6405 , H04N21/64322 , H04N21/64723
摘要： Mechanism for identifying malicious content, DoS attacks, and illegal IPTV services. By monitoring the characteristics of various control messages being transmitted within a network that services Internet protocol television (IPTV) content to identify suspicious behavior (e.g., such as that associated with malicious content, denial of service (DoS) attacks, IPTV service stealing, etc.). In addition to monitoring control messages within such a network, deep packet inspection (DPI) may be performed for individual packets within an IPTV stream to identify malicious content therein (e.g., worms, viruses, etc. actually within the IPTV stream itself). By monitoring control messages and/or actual IPTV content within a network (e.g., vs. at the perimeter of a network only), protection against both outside and inside attacks can be effectuated. This network level basis of operation effectively guards against promulgation of malicious content to other devices within the network.
摘要翻译：识别恶意内容，DoS攻击和非法IPTV服务的机制。通过监视在网络内正在传输的各种控制消息的特征，服务于互联网协议电视（IPTV）内容以识别可疑行为（例如与恶意内容，拒绝服务（DoS）攻击，IPTV服务窃取等）相关联的行为。）。除了监视这样的网络内的控制消息之外，可以对IPTV流内的各个分组执行深度分组检查（DPI），以识别其中的实际在IPTV流本身内的恶意内容（例如，蠕虫，病毒等）。通过监视网络内的控制消息和/或实际IPTV内容（例如，仅在网络的周边），可以实现对外部和内部攻击的保护。这种网络级操作基础有效防止恶意内容向网络内的其他设备发布。

2. 发明授权

US08769682B2 Mechanism for identifying malicious content, DoS attacks, and illegal IPTV services 有权
标题翻译：识别恶意内容，DoS攻击和非法IPTV服务的机制
公开(公告)号：US08769682B2
公开(公告)日：2014-07-01
申请号：US12233561
申请日：2008-09-18
申请人： Vinod K. Choyi , Pierrick Guingo , Faud A. Khan
发明人： Vinod K. Choyi , Pierrick Guingo , Faud A. Khan
IPC分类号： H04L29/06 , H04L12/24
CPC分类号： H04L63/1408 , H04L41/0213 , H04L63/1441 , H04L65/4076 , H04L2463/141 , H04N21/6405 , H04N21/64322 , H04N21/64723
摘要： Mechanism for identifying malicious content, DoS attacks, and illegal IPTV services. By monitoring the characteristics of various control messages being transmitted within a network that services Internet protocol television (IPTV) content to identify suspicious behavior (e.g., such as that associated with malicious content, denial of service (DoS) attacks, IPTV service stealing, etc.). In addition to monitoring control messages within such a network, deep packet inspection (DPI) may be performed for individual packets within an IPTV stream to identify malicious content therein (e.g., worms, viruses, etc. actually within the IPTV stream itself). By monitoring control messages and/or actual IPTV content within a network (e.g., vs. at the perimeter of a network only), protection against both outside and inside attacks can be effectuated. This network level basis of operation effectively guards against promulgation of malicious content to other devices within the network.
摘要翻译：识别恶意内容，DoS攻击和非法IPTV服务的机制。通过监视在网络内正在传输的各种控制消息的特征，服务于互联网协议电视（IPTV）内容以识别可疑行为（例如与恶意内容，拒绝服务（DoS）攻击，IPTV服务窃取等）相关联的行为。）。除了监视这样的网络内的控制消息之外，可以对IPTV流内的各个分组执行深度分组检查（DPI），以识别其中的实际在IPTV流本身内的恶意内容（例如，蠕虫，病毒等）。通过监视网络内的控制消息和/或实际IPTV内容（例如，仅在网络的周边），可以实现对外部和内部攻击的保护。这种网络级操作基础有效防止恶意内容向网络内的其他设备发布。

3. 发明申请

US20050132044A1 Distributed architecture for real-time flow measurement at the network domain level 有权
标题翻译：分布式架构，用于网络域级实时流量测量
公开(公告)号：US20050132044A1
公开(公告)日：2005-06-16
申请号：US10733393
申请日：2003-12-12
申请人： Pierrick Guingo , Vincent Mouilleron , Arnold Jansen , Gerard Damm
发明人： Pierrick Guingo , Vincent Mouilleron , Arnold Jansen , Gerard Damm
IPC分类号： H04L12/24 , H04L12/26 , G06F15/173
CPC分类号： H04L43/106 , H04L41/5003 , H04L41/5009 , H04L41/5029 , H04L43/026 , H04L43/0829 , H04L43/0864 , H04L43/087 , H04L43/10 , H04L43/16 , Y02D50/30
摘要： A virtual router network (VRN) for performing real-time flow measurements (RTFM) is provided. The VRN effectively reduces the number of traffic metering points required thereby simplifying the aggregation and exportation of flow records to a collector. The collector may be service manager in a network management system. The metering points, in a preferred embodiment, are at virtual interfaces (VI) which are edge nodes in VRN. One of the virtual interfaces is selected as a master virtual interface and act as a collector and distributor of flow related information. In one aspect of the invention the VRN is used to provide, non-invasively, per-flow delay monitoring in a communication system.
摘要翻译：提供了用于执行实时流量测量（RTFM）的虚拟路由器网络（VRN）。 VRN有效地减少了所需的流量计量点数，从而简化了流量记录到收集器的汇总和导出。收集器可以是网络管理系统中的服务管理器。在优选实施例中，计量点位于作为VRN中的边缘节点的虚拟接口（VI）。其中一个虚拟接口被选为主虚拟接口，并充当流相关信息的收集器和分发器。在本发明的一个方面，VRN用于在通信系统中提供非侵入式的每流延迟监控。

4. 发明授权

US08095640B2 Distributed architecture for real-time flow measurement at the network domain level 有权
标题翻译：分布式架构，用于网络域级实时流量测量
公开(公告)号：US08095640B2
公开(公告)日：2012-01-10
申请号：US10733393
申请日：2003-12-12
申请人： Pierrick Guingo , Vincent Mouilleron , Arnold Jansen , Gerard Damm
发明人： Pierrick Guingo , Vincent Mouilleron , Arnold Jansen , Gerard Damm
IPC分类号： G06F15/173
CPC分类号： H04L43/106 , H04L41/5003 , H04L41/5009 , H04L41/5029 , H04L43/026 , H04L43/0829 , H04L43/0864 , H04L43/087 , H04L43/10 , H04L43/16 , Y02D50/30
摘要： A virtual router network (VRN) for performing real-time flow measurements (RTFM) is provided. The VRN effectively reduces the number of traffic metering points required thereby simplifying the aggregation and exportation of flow records to a collector. The collector may be service manager in a network management system. The metering points, in a preferred embodiment, are at virtual interfaces (VI) which are edge nodes in VRN. One of the virtual interfaces is selected as a master virtual interface and act as a collector and distributor of flow related information. In one aspect of the invention the VRN is used to provide, non-invasively, per-flow delay monitoring in a communication system.
摘要翻译：提供了用于执行实时流量测量（RTFM）的虚拟路由器网络（VRN）。 VRN有效地减少了所需的流量计量点数，从而简化了流量记录到收集器的汇总和导出。收集器可以是网络管理系统中的服务管理器。在优选实施例中，计量点位于作为VRN中的边缘节点的虚拟接口（VI）。其中一个虚拟接口被选为主虚拟接口，并充当流相关信息的收集器和分发器。在本发明的一个方面，VRN用于在通信系统中提供非侵入式的每流延迟监控。

5. 发明申请

US20070047464A1 Routing configuration validation apparatus and methods 有权
标题翻译：路由配置验证设备和方法
公开(公告)号：US20070047464A1
公开(公告)日：2007-03-01
申请号：US11213010
申请日：2005-08-26
申请人： Pierrick Guingo , Fernando Cuervo
发明人： Pierrick Guingo , Fernando Cuervo
IPC分类号： H04L12/28
CPC分类号： H04L41/00 , H04L45/00
摘要： Apparatus, methods, and related data structures for validating a routing configuration in a communication system are disclosed. Routing information in a communication system is passively collected, illustratively from routing protocol advertisement messages. A routing configuration of the communication system is validated based on the collected routing information. Validation may involve comparing information associated with electronic addresses in an address space of the communication system with the collected routing information, and also or instead comparing an intended routing configuration with an explicit routing configuration, for example. A data structure may include information indicating an electronic address and information indicating a result of validating a routing configuration associated with the electronic address.
摘要翻译：公开了用于验证通信系统中的路由配置的装置，方法和相关数据结构。说明性地从路由协议广告消息收集通信系统中的路由信息。基于所收集的路由信息，对通信系统的路由配置进行验证。验证可以包括将与通信系统的地址空间中的电子地址相关联的信息与收集的路由信息进行比较，并且还可以或者替代地将预期路由配置与显式路由配置进行比较。数据结构可以包括指示电子地址的信息和指示验证与电子地址相关联的路由配置的结果的信息。

6. 发明授权

US07313141B2 Packet sequence number network monitoring system 有权
标题翻译：分组序列号网络监控系统
公开(公告)号：US07313141B2
公开(公告)日：2007-12-25
申请号：US10267813
申请日：2002-10-09
申请人： Chao Kan , Pierrick Guingo , Emanuele Jones , Hubert Ogier , Thierry Labbe
发明人： Chao Kan , Pierrick Guingo , Emanuele Jones , Hubert Ogier , Thierry Labbe
IPC分类号： H04L12/28 , H04L12/56
CPC分类号： H04L69/16 , H04L41/0213 , H04L41/5009 , H04L43/00 , H04L43/026 , H04L43/028 , H04L43/0817 , H04L43/0829 , H04L43/0858 , H04L43/087 , H04L43/0888 , H04L43/12 , H04L43/16 , H04L43/18
摘要： A network monitoring system (60). The system comprises storage circuitry (32) for storing network packet information, wherein the network packet information includes a predicted identifier. The network monitoring system also comprises at least one monitoring circuit (36) coupled to a network (70) along which network traffic flows in a form of packets. The at least one monitoring circuit programmed to perform the steps (44) of receiving a packet communicated along the network and determining whether the received packet is communicated between a source and destination in a first set of network nodes. Each packet in a sequence of communications between the source and the destination comprises a packet identifier that uniquely identifies the packet from all other communications in a flow between the source and the destination. The at least one monitoring circuit programmed to perform the step of, responsive to determining the received packet is communicated between a source and destination in the first set of network nodes, comparing the packet identifier of the received packet to the predicted identifier to determine an identifier deviation between the packet identifier and the predicted identifier for identifying an irregularity in the network traffic.
摘要翻译：网络监控系统（60）。该系统包括用于存储网络分组信息的存储电路（32），其中网络分组信息包括预测的标识符。网络监视系统还包括耦合到网络（70）的至少一个监控电路（36），网络业务以这种形式以分组形式流过网络。所述至少一个监视电路被编程为执行步骤（44），以接收沿着所述网络传送的分组，并且确定所接收的分组是否在第一组网络节点中的源和目的地之间通信。源和目的地之间的一系列通信中的每个分组包括从源和目的地之间的流中的所有其他通信唯一地标识分组的分组标识符。所述至少一个监视电路被编程为响应于确定所接收的分组在所述第一组网络节点中的源和目的地之间进行通信，将所接收分组的分组标识符与所述预测标识符进行比较，以确定标识符分组标识符与用于识别网络业务中的不规则性的预测标识符之间的偏差。

7. 发明申请

US20050262232A1 Architecture for configuration and management of cross-domain network services 有权
标题翻译：跨域网络服务的配置和管理体系结构
公开(公告)号：US20050262232A1
公开(公告)日：2005-11-24
申请号：US10903445
申请日：2004-07-30
申请人： J. Cuervo , Pierrick Guingo , Arnoldus Jansen , Michel Sim
发明人： J. Cuervo , Pierrick Guingo , Arnoldus Jansen , Michel Sim
IPC分类号： G06F15/173 , H04L12/24 , H04L12/28
CPC分类号： H04L41/044
摘要： Apparatus and method are provided for enabling establishment of cross-domain services, including exchange of reachability information between domains, routing of services across domains, and differential labeling. The network element control and management planes are supplemented by additional components that enable the control and management planes of each domain to inter-communicate in a peer-to-peer manner. Adjacencies are established between domains, and service reachability information is exchanged between domains. Network Service Applications within the management planes can then establish services across the domains by inter-communicating.
摘要翻译：提供了设备和方法，用于实现跨域服务，包括域之间的可达性信息交换，跨域服务的路由和差分标签。网元控制和管理平面由附加组件补充，使每个域的控制和管理平面能够以对等方式进行通信。域之间建立邻接关系，域之间交换服务可达性信息。网络服务管理平面内的应用程序可以通过互通建立跨域的服务。

8. 发明申请

US20050259674A1 Provisioning of cross domain telecommunication services through dynamic label differentiation 审中-公开
标题翻译：通过动态标签差异提供跨域电信服务
公开(公告)号：US20050259674A1
公开(公告)日：2005-11-24
申请号：US10909194
申请日：2004-07-30
申请人： J. Cuervo , Pierrick Guingo
发明人： J. Cuervo , Pierrick Guingo
IPC分类号： H04L12/24 , H04L12/56 , H04L29/06
CPC分类号： H04L45/04 , H04L45/50
摘要： Apparatus and method are provided for distributing labels between domains of different technologies or administrations, thereby facilitating establishment of cross-domain services. Each label includes a Service label having end-to-end consistency, and a Local label used by each domain in accordance with the domain's underlying technology.
摘要翻译：提供了用于在不同技术或管理的域之间分发标签的装置和方法，从而有助于建立跨域服务。每个标签包括具有端到端一致性的服务标签，以及根据域的基础技术由每个域使用的本地标签。

9. 发明申请

US20050259655A1 Open service discovery and routing mechanism for configuring cross-domain telecommunication services 有权
标题翻译：开放的业务发现和路由机制，用于配置跨域电信业务
公开(公告)号：US20050259655A1
公开(公告)日：2005-11-24
申请号：US10903436
申请日：2004-07-30
申请人： J. Cuervo , Pierrick Guingo , Arnoldus Jansen , Michel Sim
发明人： J. Cuervo , Pierrick Guingo , Arnoldus Jansen , Michel Sim
IPC分类号： H04L12/24 , H04L12/28 , H04L12/56
CPC分类号： H04L41/00 , H04L45/02 , H04L45/025 , H04L45/04 , H04L45/42
摘要： Apparatus and method are provided for distributing service domain reachability information across domain boundaries, thereby allowing domain management systems to determine routing for cross-domain services even when the domains have different technologies or administrators. A Service Domain Manager within each domain advertises to neighbouring domains which services it supports. A domain which receives such advertisements forwards the advertisement on to other domains. Each SDM builds a routing information table which specifies the service, the domain, the next hop, and optionally user defined metrics. The routing information table does not include end-point addresses, in order to keep the size of the table manageable. In this way, the NMS of each domain obtains an end-to-end view of service routes.
摘要翻译：提供了设备和方法，用于跨域边界分发服务域可达性信息，从而允许域管理系统确定跨域服务的路由，即使域具有不同的技术或管理员。每个域内的服务域管理器将其支持的服务通告给相邻域。接收这种广告的域将广告转发到其他域。每个SDM构建路由信息表，其中指定服务，域，下一跳和可选的用户定义的度量。路由信息表不包括端点地址，以便保持表的大小可管理。这样，每个域的NMS获取业务路由的端到端视图。

10. 发明授权

US07483379B2 Passive network monitoring system 有权
标题翻译：被动网络监控系统
公开(公告)号：US07483379B2
公开(公告)日：2009-01-27
申请号：US10147830
申请日：2002-05-17
申请人： Chao Kan , Pierrick Guingo
发明人： Chao Kan , Pierrick Guingo
IPC分类号： G06F11/00 , H04L12/26
CPC分类号： H04L43/0829 , H04L43/08 , H04L43/16
摘要： A network monitoring system (10). The system comprises a database (32) and at least one monitoring circuit (36) coupled to a network (20). Network traffic flows along the network in a form of packets. The at least one monitoring circuit is programmed to perform the steps of receiving a packet communicated along the network and determining whether data in the packet satisfies a rule set. Further, the at least one monitoring circuit is responsive to determining that data in the packet satisfies a rule set by copying information relating to the packet to be stored into the database. The system also comprises circuitry for querying the information communicated by the at least one monitoring circuit to the database to identify an irregularity in the network traffic.
摘要翻译：网络监控系统（10）。该系统包括数据库（32）和耦合到网络（20）的至少一个监控电路（36）。网络流量沿着网络以数据包的形式流动。至少一个监控电路被编程为执行接收沿着网络传送的分组并确定分组中的数据是否满足规则集的步骤。此外，至少一个监视电路响应于通过复制与要存储到数据库中的数据包相关的信息来确定分组中的数据满足规则集。该系统还包括用于向数据库查询由至少一个监控电路传送的信息以识别网络业务中的不规则性的电路。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式