专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US09100417B2 Multi-node and multi-call state machine profiling for detecting SPIT 有权
标题翻译：用于检测SPIT的多节点和多调用状态机分析
公开(公告)号：US09100417B2
公开(公告)日：2015-08-04
申请号：US12115199
申请日：2008-05-05
申请人： Sachin Garg , Navjot Singh , Akshay Adhikari , Yu-Sung Wu
发明人： Sachin Garg , Navjot Singh , Akshay Adhikari , Yu-Sung Wu
IPC分类号： H04L12/66 , G06F17/00 , H04L29/06 , H04M7/00 , G06F21/51 , G06F21/56
CPC分类号： H04L65/1079 , G06F21/51 , G06F21/56 , H04L63/1408 , H04L63/1416 , H04L63/1425 , H04L65/1006 , H04M7/006 , H04M7/0078
摘要： An apparatus and method for detecting potentially-improper call behavior (e.g., SPIT, etc.) are disclosed. The illustrative embodiment of the present invention is based on finite-state machines (FSMs) that represent the legal states and state transitions of communications protocols at nodes during Voice over Internet Protocol (VoIP) calls. In accordance with the illustrative embodiment, a library of FSM execution profiles associated with improper call behavior and a set of rules (or rule base) associated with improper FSM behavior over one or more calls are maintained. When the behavior of one or more finite-state machines during one or more calls matches either an execution profile in the library or a rule in the rule base, an alert is generated.
摘要翻译：公开了一种用于检测潜在不适当的呼叫行为（例如，SPIT等）的装置和方法。本发明的说明性实施例基于有限状态机（FSM），其表示在因特网协议语音（VoIP）呼叫期间节点处的通信协议的合法状态和状态转换。根据说明性实施例，维护与不正当呼叫行为相关联的FSM执行简档库和与一个或多个调用上的不正确FSM行为相关联的一组规则（或规则库）。当一个或多个调用期间一个或多个有限状态机的行为与库中的执行概要文件或规则库中的规则匹配时，将生成警报。

2. 发明申请

US20090274144A1 Multi-Node and Multi-Call State Machine Profiling for Detecting SPIT 有权
标题翻译：用于检测SPIT的多节点和多呼叫状态机分析
公开(公告)号：US20090274144A1
公开(公告)日：2009-11-05
申请号：US12115199
申请日：2008-05-05
申请人： Sachin Garg , Navjot Singh , Akshay Adhikari , Yu-Sung Wu
发明人： Sachin Garg , Navjot Singh , Akshay Adhikari , Yu-Sung Wu
IPC分类号： H04L12/66
CPC分类号： H04L65/1079 , G06F21/51 , G06F21/56 , H04L63/1408 , H04L63/1416 , H04L63/1425 , H04L65/1006 , H04M7/006 , H04M7/0078
摘要： An apparatus and method for detecting potentially-improper call behavior (e.g., SPIT, etc.) are disclosed. The illustrative embodiment of the present invention is based on finite-state machines (FSMs) that represent the legal states and state transitions of communications protocols at nodes during Voice over Internet Protocol (VoIP) calls. In accordance with the illustrative embodiment, a library of FSM execution profiles associated with improper call behavior and a set of rules (or rule base) associated with improper FSM behavior over one or more calls are maintained. When the behavior of one or more finite-state machines during one or more calls matches either an execution profile in the library or a rule in the rule base, an alert is generated.
摘要翻译：公开了一种用于检测潜在不适当的呼叫行为（例如，SPIT等）的装置和方法。本发明的说明性实施例基于有限状态机（FSM），其表示在因特网协议语音（VoIP）呼叫期间节点处的通信协议的合法状态和状态转换。根据说明性实施例，维护与不正当呼叫行为相关联的FSM执行简档库和与一个或多个调用上的不正确FSM行为相关联的一组规则（或规则库）。当一个或多个调用期间一个或多个有限状态机的行为与库中的执行概要文件或规则库中的规则匹配时，将生成警报。

3. 发明授权

US09736172B2 Signature-free intrusion detection 有权
公开(公告)号：US09736172B2
公开(公告)日：2017-08-15
申请号：US11854437
申请日：2007-09-12
申请人： Sachin Garg , Navjot Singh , Akshay Adhikari , Yu-Sung Wu
发明人： Sachin Garg , Navjot Singh , Akshay Adhikari , Yu-Sung Wu
IPC分类号： H04L29/06
CPC分类号： H04L63/1416 , H04L63/0254
摘要： An apparatus and method are disclosed for detecting intrusions in Voice over Internet Protocol systems, without the use of an attack signature database. In particular, the illustrative embodiment is based on the observation that some VoIP-related protocols (e.g., the Session Initiation Protocol [SIP], etc.) are simple enough to be represented by a finite-state machine (FSM) of compact size. A finite-state machine is maintained for each session/node/protocol combination, and any illegal state or state transition—which might be the result of a malicious attack—is flagged as a potential intrusion.

4. 发明申请

US20090070875A1 Distributed Stateful Intrusion Detection for Voice Over IP 有权
标题翻译： IP语音分布式有状态入侵检测
公开(公告)号：US20090070875A1
公开(公告)日：2009-03-12
申请号：US11854439
申请日：2007-09-12
申请人： Sachin Garg , Navjot Singh , Akshay Adhikari , Yu-Sung Wu
发明人： Sachin Garg , Navjot Singh , Akshay Adhikari , Yu-Sung Wu
IPC分类号： G06F21/00
CPC分类号： H04L63/1416 , H04L65/1006
摘要： An apparatus and method are disclosed for detecting intrusions in Voice over Internet Protocol systems without an attack signature database. The illustrative embodiment is based on two observations: (1) various VoIP-related protocols are simple enough to be represented by a finite-state machine (FSM) of compact size, thereby avoiding the disadvantages inherent in signature-based intrusion-detection systems.; and (2) there exist intrusions that might not be detectable locally by the individual finite-state machines (FSMs) but that can be detected with a global (or distributed) view of all the FSMs. The illustrative embodiment maintains a FSM for each session/node/protocol combination representing the allowed (or “legal”) states and state transitions for the protocol at that node in that session, as well as a “global” FSM for the entire session that enforces constraints on the individual FSMs and is capable of detecting intrusions that elude the individual FSMs.
摘要翻译：公开了一种用于在没有攻击签名数据库的情况下检测在因特网协议语音系统中的入侵的装置和方法。说明性实施例基于两个观察：（1）各种VoIP相关协议足够简单以由紧凑尺寸的有限状态机（FSM）表示，从而避免了基于签名的入侵检测系统固有的缺点。 ; 和（2）存在可能由个体有限状态机（FSM）本地可检测到的入侵，但是可以用全局（或分布式）视图检测所有FSM的入侵。说明性实施例为表示该会话中该节点处的协议的允许（或“合法”）状态和状态转换的每个会话/节点/协议组合维护FSM，以及整个会话的“全局”FSM，强制对各个FSM的约束，并且能够检测排除各个FSM的入侵。

5. 发明申请

US20090070874A1 Signature-Free Intrusion Detection 有权
标题翻译：无签名入侵检测
公开(公告)号：US20090070874A1
公开(公告)日：2009-03-12
申请号：US11854437
申请日：2007-09-12
申请人： Sachin Garg , Navjot Singh , Akshay Adhikari , Yu-Sung Wu
发明人： Sachin Garg , Navjot Singh , Akshay Adhikari , Yu-Sung Wu
IPC分类号： G06F21/00
CPC分类号： H04L63/1416 , H04L63/0254
摘要： An apparatus and method are disclosed for detecting intrusions in Voice over Internet Protocol systems, without the use of an attack signature database. In particular, the illustrative embodiment is based on the observation that some VoIP-related protocols (e.g., the Session Initiation Protocol [SIP], etc.) are simple enough to be represented by a finite-state machine (FSM) of compact size. A finite-state machine is maintained for each session/node/protocol combination, and any illegal state or state transition—which might be the result of a malicious attack—is flagged as a potential intrusion.
摘要翻译：公开了一种用于在不使用攻击特征数据库的情况下检测基于因特网协议语音的系统中的入侵的装置和方法。特别地，说明性实施例基于一些VoIP相关协议（例如，会话发起协议[SIP]等）足够简单以由紧凑尺寸的有限状态机（FSM）表示的观察。对于每个会话/节点/协议组合，维护有限状态机，并且任何非法的状态或状态转换（可能是恶意攻击的结果）被标记为潜在的入侵。

6. 发明申请

US20090274143A1 State Machine Profiling for Voice Over IP Calls 有权
标题翻译： IP语音呼叫的状态机分析
公开(公告)号：US20090274143A1
公开(公告)日：2009-11-05
申请号：US12115196
申请日：2008-05-05
申请人： Sachin Garg , Navjot Singh , Akshay Adhikari , Yu-Sung Wu
发明人： Sachin Garg , Navjot Singh , Akshay Adhikari , Yu-Sung Wu
IPC分类号： H04L12/66
CPC分类号： H04L65/1079 , H04L51/12 , H04M3/436 , H04M2201/18
摘要： An apparatus and method for detecting potentially-improper call behavior (e.g., SPIT, etc.) are disclosed. The illustrative embodiment of the present invention is based on finite-state machines (FSMs) that represent the legal states and state transitions of a communications protocol at a node during a Voice over Internet Protocol (VoIP) call. In accordance with the illustrative embodiment, a library of FSM execution profiles associated with improper call behavior is maintained. When there is a match between the behavior of a finite-state machine during a call and an execution profile in the library, an alert is generated.
摘要翻译：公开了一种用于检测潜在不适当的呼叫行为（例如，SPIT等）的装置和方法。本发明的说明性实施例基于表示在因特网协议语音（VoIP）呼叫期间在节点处的通信协议的合法状态和状态转换的有限状态机（FSM）。根据说明性实施例，保持与不正当呼叫行为相关联的FSM执行简档库。当在调用期间有限状态机的行为与库中的执行配置文件之间存在匹配时，生成警报。

7. 发明申请

US20080148384A1 Embedded Firewall at a Telecommunications Endpoint 有权
标题翻译：嵌入式防火墙在电信端点
公开(公告)号：US20080148384A1
公开(公告)日：2008-06-19
申请号：US11610485
申请日：2006-12-13
申请人： Akshay Adhikari , Sachin Garg , Anjur Sundaresan Krishnakumar , Navjot Singh
发明人： Akshay Adhikari , Sachin Garg , Anjur Sundaresan Krishnakumar , Navjot Singh
IPC分类号： G06F17/00
CPC分类号： H04L63/0209 , H04L63/0263
摘要： A method is disclosed that enables the implementation of an embedded firewall at a telecommunications endpoint. In particular, the illustrative embodiment of the present invention addresses the relationship between the application, firewall engine, and packet-classification rules database that are all resident at the endpoint. In the variations of the illustrative embodiment that are described herein, the application: (i) directly communicates with the co-resident firewall engine such as through local message passing, (ii) shares memory with the firewall engine, and (iii) makes socket calls to the operating system that are intercepted by a middleware layer that subsequently modifies the rules database, depending on the socket call. The common thread to these techniques is that the application, firewall engine, and rules database are co-resident at the endpoint, which is advantageous in the implementation of the embedded firewall.
摘要翻译：公开了一种能够在电信端点实现嵌入式防火墙的方法。特别地，本发明的说明性实施例解决了所有驻留在端点的应用，防火墙引擎和分组分类规则数据库之间的关系。在本文描述的说明性实施例的变型中，应用：（i）直接与共驻防火墙引擎通信，例如通过本地消息传递，（ii）与防火墙引擎共享存储器，以及（iii）使套接字调用由中间件层拦截的操作系统，随后根据套接字调用修改规则数据库。这些技术的共同点是应用程序，防火墙引擎和规则数据库共同驻留在端点，这在嵌入式防火墙的实现方面是有利的。

8. 发明授权

US08144583B2 Network switch that is optimized for a telephony-capable endpoint 有权
标题翻译：针对具有电话功能的端点进行了优化的网络交换机
公开(公告)号：US08144583B2
公开(公告)日：2012-03-27
申请号：US11610487
申请日：2006-12-13
申请人： Akshay Adhikari , Sachin Garg , Anjur Sundaresan Krishnakumar , Navjot Singh
发明人： Akshay Adhikari , Sachin Garg , Anjur Sundaresan Krishnakumar , Navjot Singh
IPC分类号： H04L12/26
CPC分类号： H04L47/10 , H04L47/22 , H04L49/3054
摘要： A method is disclosed that enables the avoidance of a processor overload of a telecommunications endpoint device that is susceptible to traffic floods. An enhanced network switch sets the speed on one of its data ports as a specific function of the speeds of the devices that are connected to one or more of its other data ports. This behavior is different from that of network switches in the prior art, in which the data rate of a port in the prior art is auto-negotiated to the highest speed that can be supported by the network elements at either end of the port's connection, regardless of the other devices present. By considering the specific devices that are connected, the enhanced network switch is able to limit the amount of traffic that is directed by an upstream device, such as a router, towards a device with limited processor capability, such as a packet-based phone.
摘要翻译：公开了一种能够避免容易遭受交通洪泛的电信端点设备的处理器过载的方法。增强型网络交换机将其数据端口之一的速度设置为连接到其一个或多个其他数据端口的设备的速度的特定功能。这种现象不同于现有技术中的网络交换机，其中现有技术中的端口的数据速率被自动协商为端口连接的任一端可由网络元件支持的最高速度，不管其他设备存在。通过考虑连接的特定设备，增强型网络交换机能够将诸如路由器之类的上游设备指向的业务量限制为具有有限处理器能力的设备，例如基于分组的电话。

9. 发明授权

US08055903B2 Signal watermarking in the presence of encryption 有权
标题翻译：信号水印在加密存在的情况下
公开(公告)号：US08055903B2
公开(公告)日：2011-11-08
申请号：US11675352
申请日：2007-02-15
申请人： Akshay Adhikari , Sachin Garg , Anjur Sundaresan Krishnakumar , Navjot Singh
发明人： Akshay Adhikari , Sachin Garg , Anjur Sundaresan Krishnakumar , Navjot Singh
IPC分类号： H04N7/167
CPC分类号： G06T1/0021 , G10L19/018 , H04H20/28 , H04H20/31 , H04H60/23 , H04H2201/50 , H04L9/065 , H04L2209/30 , H04L2209/608
摘要： A method is disclosed that enables the transmission of a digital message along with a corresponding information signal, such as audio or video. The supplemental information contained in digital messages can be used for a variety of purposes, such as enabling or enhancing packet authentication. In particular, a telecommunications device that is processing an information signal from its user, such as a speech signal, encrypts the information signal by performing a bitwise exclusive-or of an encryption key stream with the information signal stream. The device, such as a telecommunications endpoint, then intersperses the bits of the digital message throughout the encrypted signal in place of those bits overwritten, in a process referred to as “watermarking.” The endpoint then transmits the interspersed digital message bits as part of a composite signal that also comprises the encrypted information bits. No additional bits are appended to the packet to be transmitted, thereby addressing compatibility issues.
摘要翻译：公开了一种能够传送数字消息以及对应的信息信号（诸如音频或视频）的方法。数字消息中包含的补充信息可用于各种目的，例如启用或增强数据包认证。特别地，正在处理来自其用户的信息信号（例如语音信号）的电信设备通过执行与信息信号流的按位异或加密密钥流来加密信息信号。在被称为“水印”的过程中，诸如电信端点的设备然后在整个加密信号中分散数字消息的位，而不是被覆盖的位。然后，端点将散布的数字消息位作为还包括加密信息比特的复合信号。没有额外的位附加到要发送的数据包，从而解决兼容性问题。

10. 发明申请

US20080198045A1 Transmission of a Digital Message Interspersed Throughout a Compressed Information Signal 有权
标题翻译：在整个压缩信息信号中散布的数字消息的传输
公开(公告)号：US20080198045A1
公开(公告)日：2008-08-21
申请号：US11675345
申请日：2007-02-15
申请人： Akshay Adhikari , Sachin Garg , Anjur Sundaresan Krishnakumar , Navjot Singh
发明人： Akshay Adhikari , Sachin Garg , Anjur Sundaresan Krishnakumar , Navjot Singh
IPC分类号： H03M5/00
CPC分类号： H04L63/08 , G10L19/018 , H04L63/168
摘要： A method is disclosed that enables the transmission of a digital message along with a corresponding media information signal, such as audio or video. A telecommunications device that is processing the information signal from its user, such as a speech signal, encodes the information signal by using a model-based compression coder. One such device is a telecommunications endpoint. Then, based on an evaluation of the perceptual significance of each encoded bit, or on some other meaningful characteristic of the signal, the endpoint's processor: (i) determines which encoded bits can be overwritten; and (ii) intersperses the digital message bits throughout the encoded signal in place of the overwritten bits. The endpoint then transmits those digital message bits as part of the encoded information signal. In this way, no additional bits are appended to the packet to be transmitted, thereby addressing the issue of compatibility with existing protocols and firewalls.
摘要翻译：公开了一种能够传送数字消息以及对应的媒体信息信号（诸如音频或视频）的方法。正在处理其用户的信息信号（例如语音信号）的电信设备通过使用基于模型的压缩编码器对信息信号进行编码。一个这样的设备是电信端点。然后，基于对每个编码比特的感知意义的评估，或在信号的一些其它有意义的特征上，终点的处理器：（i）确定可以覆盖哪些编码比特; 并且（ii）将整数编码信号中的数字信息位散置在代替覆盖位。端点然后将这些数字消息比特作为编码信息信号的一部分进行发送。以这种方式，没有额外的比特附加到要发送的分组，从而解决与现有协议和防火墙的兼容性的问题。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式