专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20060191008A1 Apparatus and method for accelerating intrusion detection and prevention systems using pre-filtering 审中-公开
标题翻译：使用预过滤加速入侵检测和预防系统的装置和方法
公开(公告)号：US20060191008A1
公开(公告)日：2006-08-24
申请号：US11291530
申请日：2005-11-30
申请人： Amila Fernando , Anthony Place , Simon Ratner , Teewoon Tan , Darren Williams , Robert Barrie , Stephen Gould
发明人： Amila Fernando , Anthony Place , Simon Ratner , Teewoon Tan , Darren Williams , Robert Barrie , Stephen Gould
IPC分类号： G06F12/14
CPC分类号： G06F21/554 , G06F21/56 , G06F21/562 , G06F21/564 , G06Q10/107 , H04L51/12 , H04L63/1416 , H04L63/1441 , H04L63/145
摘要： An accelerated network intrusion detection and prevention system includes, in part, first, second and third processing stages. The first processing stage receives incoming packets and generates, in response, first and second processed data streams using a first set of rules. The first processing stage optionally detects whether the received packets are suspected of attacking the network and places the received data packets in the first processed data stream. The second processing stage receives the first processed data stream and generates, in response, a third processed data stream using a second set of rules. The second processing stage optionally classifies the first processed data stream, that is suspected of launching a network attack, as either attacks or benign network traffic. A third processing stage receives and processes the second and third processed data streams.
摘要翻译：加速网络入侵检测和预防系统部分包括第一，第二和第三处理阶段。第一处理阶段接收传入的分组，并且响应地使用第一组规则生成第一和第二处理数据流。第一处理阶段可选地检测所接收的分组是否被怀疑攻击网络，并将接收到的数据分组放置在第一处理数据流中。第二处理阶段接收第一处理数据流，并且响应地使用第二组规则生成第三处理数据流。第二处理阶段可选地将被怀疑发起网络攻击的第一处理数据流分类为攻击或良性网络流量。第三处理阶段接收并处理第二和第三处理数据流。

2. 发明申请

US20070162972A1 Apparatus and method for processing of security capabilities through in-field upgrades 审中-公开
标题翻译：通过现场升级处理安全能力的装置和方法
公开(公告)号：US20070162972A1
公开(公告)日：2007-07-12
申请号：US11330973
申请日：2006-01-11
申请人： Teewoon Tan , Simon Ratner , Darren Williams , Stephen Gould , Robert Barrie
发明人： Teewoon Tan , Simon Ratner , Darren Williams , Stephen Gould , Robert Barrie
IPC分类号： G06F12/14
CPC分类号： G06F21/76 , G06F2221/2111
摘要： A method for upgrading one or more security applications, e.g., anti-spam, anti-virus, intrusion detection/prevention. The method includes deriving a second hardware logic from a security knowledge base. The method includes operating a computing system including a security device. The computer system is coupled to the one or more computer networks, e.g., local area networks, wide area networks, Internet. The security device has one or more security logic processors, which include one or more respective first hardware logic. The method transfers an FPGA image representative of at least the second hardware logic through the computer network to one or more first memory devices. The method includes temporarily halting one or more of the security logic processors at a predetermined portion of the stream of information according to a specific embodiment. The method includes loading the second hardware logic onto the one or more security logic processors while the one or more security logic processors have been paused. The method resumes the operation of the one or more security logic processors.
摘要翻译：一种用于升级一个或多个安全应用的方法，例如反垃圾邮件，防病毒，入侵检测/预防。该方法包括从安全知识库导出第二硬件逻辑。该方法包括操作包括安全设备的计算系统。计算机系统耦合到一个或多个计算机网络，例如局域网，广域网，因特网。安全设备具有一个或多个安全逻辑处理器，其包括一个或多个相应的第一硬件逻辑。该方法将表示至少第二硬件逻辑的FPGA图像通过计算机网络传送到一个或多个第一存储器件。该方法包括根据具体实施例暂时停止信息流的预定部分处的一个或多个安全逻辑处理器。该方法包括在一个或多个安全逻辑处理器已经暂停时将第二硬件逻辑加载到一个或多个安全逻辑处理器上。该方法恢复一个或多个安全逻辑处理器的操作。

3. 发明申请

US20070039051A1 Apparatus And Method For Acceleration of Security Applications Through Pre-Filtering 审中-公开
标题翻译：通过预过滤加速安全应用的装置和方法
公开(公告)号：US20070039051A1
公开(公告)日：2007-02-15
申请号：US11465634
申请日：2006-08-18
申请人： Peter Duthie , Peter Bisroev , Teewoon Tan , Darren Williams , Robert Barrie , Stephen Gould
发明人： Peter Duthie , Peter Bisroev , Teewoon Tan , Darren Williams , Robert Barrie , Stephen Gould
IPC分类号： G06F12/14 , G06F11/00 , H04L9/32 , G06F11/30 , G06F12/16 , G06F15/18 , G08B23/00
CPC分类号： G06F21/56
摘要： A first security processing stage performs a first multitude of tasks and a second security processing stage performs a second multitude of tasks. The first and second multitude of tasks may include common tasks. The first security processing stage is a prefilter to the second security processing stage. The input data received as a data stream is first processed by the first security processing stage, which in response, generates one or more first processed data streams. The first processed data streams may be further processed by the second security processing stage or may bypass the second security processing stage. The first security processing stage operates at a speed greater than the speed of the second security processing stage.
摘要翻译：第一安全处理阶段执行第一多个任务，第二安全处理阶段执行第二大量任务。第一和第二个任务可能包括常见任务。第一安全处理阶段是到第二安全处理阶段的预过滤器。作为数据流接收的输入数据首先由第一安全处理阶段进行处理，第一安全处理阶段响应地生成一个或多个第一处理数据流。第一处理数据流可以由第二安全处理级进一步处理，或可以绕过第二安全处理级。第一安全处理级以大于第二安全处理级的速度的速度操作。

4. 发明申请

US20060184556A1 Compression algorithm for generating compressed databases 审中-公开
标题翻译：用于生成压缩数据库的压缩算法
公开(公告)号：US20060184556A1
公开(公告)日：2006-08-17
申请号：US11326123
申请日：2006-01-04
申请人： Teewoon Tan , Stephen Gould , Darren Williams , Ernest Peltzer , Robert Barrie
发明人： Teewoon Tan , Stephen Gould , Darren Williams , Ernest Peltzer , Robert Barrie
IPC分类号： G06F17/00
CPC分类号： H03M7/30 , G06F16/9014
摘要： A data compressor performing the compression algorithm compresses an original uncompressed pattern database to form an associated compressed pattern database configured for fast retrieval and verification. For each data pattern, the data compressor stores a data in an address of a first memory table and that is defined by a first segment of a group of bits associated with the data pattern. The data compressor stores a second data in an address of a second memory table and that is defined by a second segment of the group of bits associated with the data pattern and further defined by the first data stored in the first memory.
摘要翻译：执行压缩算法的数据压缩器压缩原始未压缩模式数据库以形成配置用于快速检索和验证的相关联的压缩模式数据库。对于每个数据模式，数据压缩器将数据存储在第一存储器表的地址中，并且由与数据模式相关联的一组位的第一段定义。数据压缩器将第二数据存储在第二存储器表的地址中，并且由与数据模式相关联的位组的第二段定义，并由存储在第一存储器中的第一数据进一步限定。

5. 发明申请

US20060174345A1 Apparatus and method for acceleration of malware security applications through pre-filtering 审中-公开
标题翻译：通过预过滤加速恶意软件安全应用程序的装置和方法
公开(公告)号：US20060174345A1
公开(公告)日：2006-08-03
申请号：US11291511
申请日：2005-11-30
申请人： Michael Flanagan , Peter Duthie , Peter Bisroev , Teewoon Tan , Darren Williams , Robert Barrie , Stephen Gould
发明人： Michael Flanagan , Peter Duthie , Peter Bisroev , Teewoon Tan , Darren Williams , Robert Barrie , Stephen Gould
IPC分类号： G06F12/14
CPC分类号： G06F21/554 , G06F21/56 , G06F21/562 , G06F21/564 , G06Q10/107 , H04L51/12 , H04L63/1416 , H04L63/1441 , H04L63/145
摘要： A data classification system identifies and processes malicious data that may be present in a received data stream. The system includes at least two stages, and a data flow module. The data flow module derives, from an input data stream, a first processed data stream that is transmitted to the first processing stage. The first processing stage derives, from the first processed data stream, a second processed data stream that is transmitted to the second processing stage. The first and second processing stages optionally derive meta data from the data they receive.
摘要翻译：数据分类系统识别并处理可能存在于接收的数据流中的恶意数据。该系统至少包括两个阶段，以及数据流模块。数据流模块从输入数据流中导出发送到第一处理级的第一处理数据流。第一处理阶段从第一处理数据流导出发送到第二处理阶段的第二处理数据流。第一和第二处理阶段可选地从它们接收的数据中导出元数据。

6. 发明申请

US20060168329A1 Apparatus and method for acceleration of electronic message processing through pre-filtering 审中-公开
标题翻译：通过预过滤加速电子信息处理的装置和方法
公开(公告)号：US20060168329A1
公开(公告)日：2006-07-27
申请号：US11291512
申请日：2005-11-30
申请人： Teewoon Tan , Darren Williams , Robert Barrie , Stephen Gould , Craig Cameron
发明人： Teewoon Tan , Darren Williams , Robert Barrie , Stephen Gould , Craig Cameron
IPC分类号： G06F15/173
CPC分类号： G06F21/554 , G06F21/56 , G06F21/562 , G06F21/564 , G06Q10/107 , H04L51/12 , H04L63/1416 , H04L63/1441 , H04L63/145
摘要： A classifier of electronic messages includes one or more pre-filters and a filter. Messages classified as spam or legitimate by one or more of the pre-filters bypass the filter. Messages classified as suspicious are further classified by the filter as either spam or legitimate. Messages classified as spam are routed to a spam quarantine storage area. Messages classified as legitimate are routed to a spam delivery area.
摘要翻译：电子消息的分类器包括一个或多个预滤波器和滤波器。由一个或多个预过滤器分类为垃圾邮件或合法的邮件绕过过滤器。分类为可疑的邮件会被过滤器进一步分类为垃圾邮件或合法邮件。分类为垃圾邮件的邮件将路由到垃圾邮件隔离区存储区域。分类为合法的邮件将路由到垃圾邮件传送区域。

7. 发明申请

US20060193159A1 Fast pattern matching using large compressed databases 审中-公开
标题翻译：使用大型压缩数据库的快速模式匹配
公开(公告)号：US20060193159A1
公开(公告)日：2006-08-31
申请号：US11326131
申请日：2006-01-04
申请人： Teewoon Tan , Stephen Gould , Darren Williams , Ernest Peltzer , Robert Barrie
发明人： Teewoon Tan , Stephen Gould , Darren Williams , Ernest Peltzer , Robert Barrie
IPC分类号： G11C15/00
CPC分类号： G06F16/9014
摘要： A pattern matching system includes, in part, a multitude of databases each configured to store and supply compressed data for matching to the received data. The system divides each data stream into a multitude of segments and optionally computes a data pattern from the data stream prior to the division into a multitude of segments. Segments of the data pattern are used to define an address for one or more memory tables. The memory tables are read such that the outputs of one or more memory tables are used to define the address of another memory table. If during any matching cycle, the data retrieved from any of the successively accessed memory tables include an identifier related to any or all previously accessed memory tables, a matched state is detected. A matched state contains information related to the memory location at which the match occurs as well as information related to the matched pattern, such as the match location in the input data stream.
摘要翻译：模式匹配系统部分地包括多个数据库，每个数据库被配置为存储和提供压缩数据以匹配所接收的数据。该系统将每个数据流划分成多个段，并且可选地在分割成多个段之前从数据流计算数据模式。数据模式的段用于定义一个或多个存储表的地址。读取存储器表，使得一个或多个存储器表的输出用于定义另一个存储器表的地址。如果在任何匹配周期期间，从任何连续访问的存储器表中检索的数据包括与任何或所有先前访问的存储器表相关的标识符，则检测到匹配状态。匹配状态包含与匹配发生的存储器位置有关的信息以及与匹配模式相关的信息，例如输入数据流中的匹配位置。

8. 发明申请

US20060174343A1 Apparatus and method for acceleration of security applications through pre-filtering 审中-公开
标题翻译：通过预过滤加速安全应用的装置和方法
公开(公告)号：US20060174343A1
公开(公告)日：2006-08-03
申请号：US11291524
申请日：2005-11-30
申请人： Peter Duthie , Peter Bisroev , Teewoon Tan , Darren Williams , Robert Barrie , Stephen Gould
发明人： Peter Duthie , Peter Bisroev , Teewoon Tan , Darren Williams , Robert Barrie , Stephen Gould
IPC分类号： G06F12/14
CPC分类号： G06F21/554 , G06F21/56 , G06F21/562 , G06F21/564 , G06Q10/107 , H04L51/12 , H04L63/1416 , H04L63/1441 , H04L63/145
摘要： A first security processing stage performs a first multitude of tasks and a second security processing stage performs a second multitude of tasks. The first and second multitude of tasks may include common tasks. The first security processing stage is a prefilter to the second security processing stage. The input data received as a data stream is first processed by the first security processing stage, which in response, generates one or more first processed data streams. The first processed data streams may be further processed by the second security processing stage or may bypass the second security processing stage. The first security processing stage operates at a speed greater than the speed of the second security processing stage.
摘要翻译：第一安全处理阶段执行第一多个任务，第二安全处理阶段执行第二大量任务。第一和第二个任务可能包括常见任务。第一安全处理阶段是到第二安全处理阶段的预过滤器。作为数据流接收的输入数据首先由第一安全处理阶段进行处理，第一安全处理阶段响应地生成一个或多个第一处理数据流。第一处理数据流可以由第二安全处理级进一步处理，或可以绕过第二安全处理级。第一安全处理级以大于第二安全处理级的速度的速度操作。

9. 发明申请

US20060085389A1 Method for transformation of regular expressions 审中-公开
标题翻译：正则表达式转换的方法
公开(公告)号：US20060085389A1
公开(公告)日：2006-04-20
申请号：US11213622
申请日：2005-08-26
申请人： Michael Flanagan , Darren Williams , Stephen Gould , Robert Barrie , Teewoon Tan
发明人： Michael Flanagan , Darren Williams , Stephen Gould , Robert Barrie , Teewoon Tan
IPC分类号： G06F17/30 , G06F7/00
CPC分类号： G06F16/90344 , H04L63/1416 , H04L63/145
摘要： A method and apparatus for transforming regular expressions into a less resource intensive representation is disclosed. The method and apparatus converts a collection of regular expressions into a multi-level representation in which the memory requirements of the lowest level representation is reduced when compared with a conventional finite state automaton representation. The method and apparatus converts a collection of regular expressions into a collection of segments and a higher level representation in a way that retains the semantics of the original set of regular expressions. This transformation is performed through the use of an intermediate form. The resulting representation and collection admit an implementation which avoids the potentially costly memory requirements of a traditional implementation of the original expressions.
摘要翻译：公开了一种用于将正则表达式转换为较少资源密集型表示的方法和装置。该方法和装置将正则表达式的集合转换为与常规有限状态自动机表示相比最低级表示的存储器要求减小的多级表示。该方法和装置以保持原始正则表达式集的语义的方式将正则表达式的集合转换为段的集合和较高级表示。这种转换是通过使用中间形式进行的。所得到的表示和集合承认了一种实现，其避免了原始表达式的传统实现的潜在昂贵的存储器需求。

10. 发明申请

US20080077793A1 APPARATUS AND METHOD FOR HIGH THROUGHPUT NETWORK SECURITY SYSTEMS 审中-公开
标题翻译：高速网络安全系统的设备和方法
公开(公告)号：US20080077793A1
公开(公告)日：2008-03-27
申请号：US11859530
申请日：2007-09-21
申请人： Teewoon Tan , Anthony Place , Darren Williams , Robert Barrie
发明人： Teewoon Tan , Anthony Place , Darren Williams , Robert Barrie
IPC分类号： H04L9/06
CPC分类号： H04L9/00 , G06F21/56 , G06F21/71 , G06F21/85 , H04L63/14 , H04L2209/125 , H04L2209/30
摘要： An accelerated network security system includes, in part, a network security engine and a processing module configured to perform network security functions. The network security engine includes an input module configured to receive input data and generate an intermediate data in response, a core engine configured to perform security function operations on the first intermediate data to generate a first output data, and an output module configured to receive the first output data and generate a processed output data in response. The processing module includes a multitude of processing cores configured to operate concurrently, a memory configured to store processing core instructions and processing core data associated with the multitude of processing cores, and a processing controller configured to periodically allocate to each processing core one or more discrete blocks of processing time. The number of processing core data is greater than the number of processing cores.
摘要翻译：加速网络安全系统部分地包括被配置为执行网络安全功能的网络安全引擎和处理模块。所述网络安全引擎包括被配置为接收输入数据并响应于生成中间数据的输入模块，核心引擎被配置为对所述第一中间数据执行安全功能操作以产生第一输出数据，以及输出模块，第一输出数据并且响应地产生经处理的输出数据。处理模块包括被配置为同时操作的多个处理核心，被配置为存储处理核心指令并处理与多个处理核心相关联的核心数据的处理核心;以及处理控制器，被配置为周期性地向每个处理核心分配一个或多个离散的处理时间块。处理核心数据的数量大于处理核心数量。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式