专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08656488B2 Method and apparatus for securing a computer network by multi-layer protocol scanning 有权
标题翻译：通过多层协议扫描来保护计算机网络的方法和装置
公开(公告)号：US08656488B2
公开(公告)日：2014-02-18
申请号：US11366305
申请日：2006-03-01
申请人： Yung-Chang Liang , Said Kaki , Yi-Fen Chen
发明人： Yung-Chang Liang , Said Kaki , Yi-Fen Chen
IPC分类号： G06F11/00
CPC分类号： H04L63/1416 , H04L63/145 , H04L63/1483 , H04L63/16
摘要： In one embodiment, a network security appliance includes a logic circuit, a network processing unit, and a general purpose processor to protect a computer network from malicious codes, unauthorized data packets, and other network security threats. The logic circuit may include one or more programmable logic devices configured to scan incoming data packets at different layers of a multi-layer protocol, such as the OSI-seven layer model. The network processing unit may work in conjunction with the logic circuit to perform protocol parsing, to form higher layer data units from the data packets, and other network communications-related tasks. The general purpose processor may execute software for performing functions not available from the logic circuit or the network processing unit. For example, the general purpose processor may remove malicious code from infected data or perform malicious code scanning on data when the logic circuit is not configured to do so.
摘要翻译：在一个实施例中，网络安全设备包括逻辑电路，网络处理单元和通用处理器，用于保护计算机网络免受恶意代码，未经授权的数据分组和其他网络安全威胁。逻辑电路可以包括被配置为扫描多层协议的不同层（例如OSI-7层模型）的输入数据分组的一个或多个可编程逻辑设备。网络处理单元可以与逻辑电路一起工作以执行协议解析，从数据分组形成更高层数据单元，以及其他与网络通信有关的任务。通用处理器可以执行用于执行逻辑电路或网络处理单元不可用的功能的软件。例如，当逻辑电路未配置为这样做时，通用处理器可以从感染的数据中去除恶意代码或对数据执行恶意代码扫描。

2. 发明申请

US20050238005A1 Method and apparatus for controlling traffic in a computer network 有权
标题翻译：用于控制计算机网络中的业务的方法和装置
公开(公告)号：US20050238005A1
公开(公告)日：2005-10-27
申请号：US10829466
申请日：2004-04-21
申请人： Yi-Fen Chen , Yung-Chang Liang , En-Yi Liao
发明人： Yi-Fen Chen , Yung-Chang Liang , En-Yi Liao
IPC分类号： G01R31/08 , G06F11/00 , G08C15/00 , H04J1/16 , H04J3/14 , H04J3/16 , H04J3/22 , H04L1/00 , H04L12/26 , H04L12/28 , H04L12/56 , H04L29/06
CPC分类号： H04L63/145
摘要： In one embodiment, a technique for controlling traffic in a computer network includes modifying a packet generated by a first computer. The packet may be intended for a second computer, but is modified to be redirected to a third computer. The packet may be processed in the third computer prior to being forwarded from the third computer to the second computer. The packet may be scanned for viruses at the third computer, for example. Among other advantages, the technique allows for scanning of early generated packets, redirection of selected packets, and routing of packets from a computer in general.
摘要翻译：在一个实施例中，一种用于控制计算机网络中的业务的技术包括修改由第一计算机产生的分组。分组可以用于第二计算机，但是被修改为被重定向到第三计算机。在从第三计算机转发到第二计算机之前，该分组可以在第三计算机中被处理。例如，可以在第三台计算机上扫描数据包的病毒。除了其他优点之外，该技术允许早期生成的分组的扫描，所选分组的重定向以及一般来说来自计算机的分组的路由。

3. 发明授权

US5889943A Apparatus and method for electronic mail virus detection and elimination 失效
标题翻译：电子邮件病毒检测和消除的装置和方法
公开(公告)号：US5889943A
公开(公告)日：1999-03-30
申请号：US625800
申请日：1996-03-29
申请人： Shuang Ji , Eva Chen , Yung-Chang Liang , Warren Tsai
发明人： Shuang Ji , Eva Chen , Yung-Chang Liang , Warren Tsai
IPC分类号： G06F21/22 , G06F1/00 , G06F13/00 , G06F21/00 , H04L12/58 , H04L29/06 , G07D7/00 , H04L9/00
CPC分类号： H04L29/06 , G06F21/564 , H04L12/585 , H04L51/12 , H04L63/145 , H04L12/583 , H04L51/063
摘要： The detection and elimination of viruses on a computer network is disclosed. An apparatus for detecting and eliminating viruses which may be introduced by messages sent through a postal node of a network electronic mail system includes polling and retrieval modules in communication with the postal node to determine the presence of unscanned messages and to download data associated with them to a node for treatment by a virus analysis and treatment module. A method for detecting and eliminating viruses introduced by an electronic mail system includes polling the postal node for unscanned messages, downloading the messages into a memory of a node, and performing virus detection and analysis at the node.
摘要翻译：公开了在计算机网络上检测和消除病毒。一种用于检测和消除可能由通过网络电子邮件系统的邮政节点发送的消息引入的病毒的装置，包括与邮政节点通信的轮询和检索模块，以确定是否存在未扫描的消息，并将与之相关联的数据下载到一个通过病毒分析和治疗模块进行治疗的节点。一种用于检测和消除由电子邮件系统引入的病毒的方法包括轮询邮件节点用于未扫描的消息，将消息下载到节点的存储器中，并在节点处执行病毒检测和分析。

4. 发明授权

US08291498B1 Computer virus detection and response in a wide area network 有权
标题翻译：计算机病毒在广域网中的检测和响应
公开(公告)号：US08291498B1
公开(公告)日：2012-10-16
申请号：US12485435
申请日：2009-06-16
申请人： Yung Chang Liang , Yi Fen Chen
发明人： Yung Chang Liang , Yi Fen Chen
IPC分类号： H04L29/06
CPC分类号： H04L63/145 , G06F21/56 , G06F21/566 , H04L29/06 , H04L63/0218 , H04L63/0227 , H04L63/108 , H04L63/1408 , H04L63/20 , H04L67/34 , H04L69/329
摘要： A network level virus monitoring system capable of monitoring a flow of network traffic in any of a number of inspection modes depending upon the particular needs of a system administrator. The system includes a network virus sensor self registration module coupled to a network virus/worm sensor arranged to automatically self register the associated network virus/worm sensor. The monitoring provides an early warning of a virus attack thereby facilitating quarantine procedures directed at containing a virus outbreak. By providing such an early warning, the network virus monitor reduces the number of computers ultimately affected by the virus attack resulting in a concomitant reduction in both the cost of repair to the system and the amount of downtime. In this way, the inventive network virus monitor provides a great improvement in system uptime and reduction in system losses.
摘要翻译：一种网络级病毒监视系统，其能够根据系统管理员的特定需要监视任何多种检查模式中的网络流量流。该系统包括网络病毒传感器自注册模块，其耦合到网络病毒/蠕虫传感器，其被布置为自动自动注册相关联的网络病毒/蠕虫传感器。该监测提供病毒攻击的早期警告，从而促进针对包含病毒爆发的检疫程序。通过提供这样的早期警告，网络病毒监视器减少最终受病毒攻击影响的计算机数量，从而同时降低系统的维修成本和停机时间。以这种方式，本发明的网络病毒监视器提供了系统正常运行时间的极大改进和系统损失的减少。

5. 发明授权

US07308493B2 Task-based automatic network management system with distributed control and management information base 有权
标题翻译：基于任务的自动网络管理系统，具有分布式控制和管理信息库
公开(公告)号：US07308493B2
公开(公告)日：2007-12-11
申请号：US10161749
申请日：2002-06-05
申请人： Yung Chang Liang
发明人： Yung Chang Liang
IPC分类号： G06F13/00
CPC分类号： H04L41/069 , H04L41/0213 , H04L41/046
摘要： The invention provides a network automatic management method and a corresponding system for executing the method. The system according to the invention comprises a management server connected to a plurality of devices nodes, a management information database (MIB) connected to the management server system; an plurality of event tables stored in the MIB, each corresponding to an event that occurred in the network system and having a task leader selection base for selecting task leaders from at least one of the device nodes for performing a task. Work to be executed in a network is realized by a task which is a work package for indicating devices in the lower layers of the network system to execute work assigned by the management server. At least one task leader is assigned in the system for executing work performed by the management server in optimally reducing the burden thereof.
摘要翻译：本发明提供一种网络自动管理方法及其执行方法的对应系统。根据本发明的系统包括连接到多个设备节点的管理服务器，连接到管理服务器系统的管理信息数据库（MIB）; 存储在MIB中的多个事件表，每个对应于在网络系统中发生的事件，并且具有用于从用于执行任务的至少一个设备节点选择任务领导者的任务引导者选择库。在网络中执行的工作通过作为用于指示网络系统的较低层中的设备来执行由管理服务器分配的工作的工作包的任务来实现。在系统中分配至少一个任务主管以执行由管理服务器执行的工作，以最佳地减轻其负担。

6. 发明授权

US07062553B2 Virus epidemic damage control system and method for network environment 有权
公开(公告)号：US07062553B2
公开(公告)日：2006-06-13
申请号：US10199078
申请日：2002-07-22
申请人： Yung Chang Liang
发明人： Yung Chang Liang
IPC分类号： G06F15/173 , G06F11/30 , G06F12/14
CPC分类号： H04L63/1416 , H04L63/145
摘要： A system and method for providing damage control caused by a virus epidemic in a network environment are advantageously provided according to the intention. The system according to a preferred embedment of the invention effectively and rapidly distributes antivirus protection and cure measures within the network so as to reduce the level of damage during the virus epidemic. The method according to the invention contains the spread of a computer virus in a network system by detecting the traffic flow and analyzing the identical sections in files modified in a short time period. The network system accordingly includes a management server, a management information database (MIB) having a plurality of tasks for performing work in the network system, and a plurality of device node. Each network task corresponds to an event occurring in the system. Damage control caused by a virus epidemic in a network environment is controlled and level of damage is accordingly reduced.

7. 发明授权

US5960170A Event triggered iterative virus detection 失效
标题翻译：事件触发迭代病毒检测
公开(公告)号：US5960170A
公开(公告)日：1999-09-28
申请号：US820649
申请日：1997-03-18
申请人： Eva Chen , Steven Yuen-Lam Lau , Yung-Chang Liang
发明人： Eva Chen , Steven Yuen-Lam Lau , Yung-Chang Liang
IPC分类号： G06F21/22 , G06F1/00 , G06F9/44 , G06F21/00 , G06N5/04 , H04L29/06 , G06F11/00
CPC分类号： H04L67/42 , G06F21/564 , H04L63/145
摘要： The iterative detection and treatment of viruses using virus detection objects and virus treatment objects is disclosed. Pursuant to a request for a virus scan, a virus detection object is produced by a server and is transmitted to a client for execution. The client receives and executes the virus detection object, and the results are transmitted to the server. The server uses the results to produce an additional virus detection object which is also transmitted to the client and executed so that the results can be transmitted to the server. The iterative production and execution of virus detection objects is continued until a determination is made as to whether the targeted file or data includes a virus. Upon a determination that a targeted file or data includes a virus, a vaccine specifically tailored to the conditions presented at the client and the type of virus detected is produced, preferably in the form of a virus treatment object. The request for a virus scan can be directly made or indirectly by a triggering event. One virus detection server embodiment includes a virus information expert system that applies conditional data to predetermined knowledge about virus scanning to make determinations such as when to scan for viruses. A network diagnosis and treatment application includes a diagnostic data module, an expert system, and a maintenance requesting module. The expert system applies the diagnostic data to predetermined knowledge about the diagnosis and maintenance of a network to make determinations upon which maintenance requests are made. Preferably, the expert system includes a virus information expert system.
摘要翻译：公开了使用病毒检测对象和病毒处理对象的病毒的迭代检测和处理。根据病毒扫描请求，病毒检测对象由服务器产生，并发送给客户端进行执行。客户端接收并执行病毒检测对象，并将结果发送到服务器。服务器使用结果产生另外的病毒检测对象，该对象也被发送到客户端并被执行，使得结果可以被传送到服务器。持续进行病毒检测对象的迭代生产和执行，直至确定目标文件或数据是否包含病毒。在确定目标文件或数据包括病毒的情况下，产生专门针对在客户端呈现的条件和检测到的病毒类型的疫苗，优选以病毒处理对象的形式。病毒扫描的请求可以直接由触发事件或间接产生。一个病毒检测服务器实施例包括病毒信息专家系统，其将条件数据应用于关于病毒扫描的预定知识以进行诸如何时扫描病毒的确定。网络诊断和治疗应用包括诊断数据模块，专家系统和维护请求模块。专家系统将诊断数据应用于关于网络的诊断和维护的预定知识，以确定进行哪些维护请求。优选地，专家系统包括病毒信息专家系统。

8. 发明授权

US08661434B1 Migration of computer security modules in a virtual machine environment 有权
标题翻译：在虚拟机环境中迁移计算机安全模块
公开(公告)号：US08661434B1
公开(公告)日：2014-02-25
申请号：US12536222
申请日：2009-08-05
申请人： Yung-Chang Liang , Yi-Fen Chen
发明人： Yung-Chang Liang , Yi-Fen Chen
IPC分类号： G06F9/455
CPC分类号： G06F9/45558
摘要： A machine in the form of a computer is configured to run virtual machines. A virtual machine migrated from another computer is run in the computer. A security profile of the migrated virtual machine in the computer indicates a configuration setting of another network component in another computer network. A network profile in the computer indicates a configuration setting of a network component in the current computer network. The security profile of the migrated virtual machine is automatically updated to reflect the configuration setting of the network component in the current computer network to provide computer security function in the current computer network.
摘要翻译：计算机形式的机器配置为运行虚拟机。从另一台计算机迁移的虚拟机在计算机中运行。计算机中迁移的虚拟机的安全配置文件指示另一个计算机网络中另一个网络组件的配置设置。计算机中的网络配置文件指示当前计算机网络中的网络组件的配置设置。迁移的虚拟机的安全配置文件将自动更新，以反映当前计算机网络中网络组件的配置设置，以便在当前计算机网络中提供计算机安全功能。

9. 发明授权

US07970879B1 Task-based automatic network management system with distributed control and management information base 有权
标题翻译：基于任务的自动网络管理系统，具有分布式控制和管理信息库
公开(公告)号：US07970879B1
公开(公告)日：2011-06-28
申请号：US11924018
申请日：2007-10-25
申请人： Yung Chang Liang
发明人： Yung Chang Liang
IPC分类号： G06F13/00
CPC分类号： H04L41/069 , H04L41/0213 , H04L41/046
摘要： The invention provides a network automatic management method and a corresponding system for executing the method. The system according to the invention comprises a management server connected to a plurality of devices nodes, a management information database (MIB) connected to the management server system; an plurality of event tables stored in the MIB, each corresponding to an event that occurred in the network system and having a task leader selection base for selecting task leaders from at least one of the device nodes for performing a task. Work to be executed in a network is realized by a task which is a work package for indicating devices in the lower layers of the network system to execute work assigned by the management server. At least one task leader is assigned in the system for executing work performed by the management server in optimally reducing the burden thereof.
摘要翻译：本发明提供一种网络自动管理方法及其执行方法的对应系统。根据本发明的系统包括连接到多个设备节点的管理服务器，连接到管理服务器系统的管理信息数据库（MIB）; 存储在MIB中的多个事件表，每个对应于在网络系统中发生的事件，并且具有用于从用于执行任务的至少一个设备节点选择任务领导者的任务引导者选择库。在网络中执行的工作通过作为用于指示网络系统的较低层中的设备来执行由管理服务器分配的工作的工作包的任务来实现。在系统中分配至少一个任务主管以执行由管理服务器执行的工作，以最佳地减轻其负担。

10. 发明授权

US07533415B2 Method and apparatus for controlling traffic in a computer network 有权
标题翻译：用于控制计算机网络中的业务的方法和装置
公开(公告)号：US07533415B2
公开(公告)日：2009-05-12
申请号：US10829466
申请日：2004-04-21
申请人： Yi-Fen Chen , Yung-Chang Liang , En-Yi Liao
发明人： Yi-Fen Chen , Yung-Chang Liang , En-Yi Liao
IPC分类号： G06F11/00
CPC分类号： H04L63/145
摘要： In one embodiment, a technique for controlling traffic in a computer network includes modifying a packet generated by a first computer. The packet may be intended for a second computer, but is modified to be redirected to a third computer. The packet may be processed in the third computer prior to being forwarded from the third computer to the second computer. The packet may be scanned for viruses at the third computer, for example. Among other advantages, the technique allows for scanning of early generated packets, redirection of selected packets, and routing of packets from a computer in general.
摘要翻译：在一个实施例中，一种用于控制计算机网络中的业务的技术包括修改由第一计算机产生的分组。分组可以用于第二计算机，但是被修改为被重定向到第三计算机。在从第三计算机转发到第二计算机之前，该分组可以在第三计算机中被处理。例如，可以在第三台计算机上扫描数据包的病毒。除了其他优点之外，该技术允许早期生成的分组的扫描，所选分组的重定向以及一般来说来自计算机的分组的路由。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式