专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US07275117B2 Fast pattern processor including a function interface system 有权
标题翻译：快速图案处理器，包括功能界面系统
公开(公告)号：US07275117B2
公开(公告)日：2007-09-25
申请号：US11237274
申请日：2005-09-28
申请人： Victor A. Bennett , David A. Brown , Sean W. McGee , David P. Sonnier , Leslie Zsohar
发明人： Victor A. Bennett , David A. Brown , Sean W. McGee , David P. Sonnier , Leslie Zsohar
IPC分类号： G06F15/16 , G06F15/00
CPC分类号： G06F9/3851 , G06F9/30101 , H04L49/102 , H04L49/254 , H04L49/3018
摘要： A fast pattern processor having an internal function bus and an external function bus. In one embodiment, a fast pattern processor includes: (1) an internal function bus, (2) an external function bus, (3) a context memory having a block buffer and a argument signature register wherein the block buffer includes processing blocks associated with a protocol data unit (PDU), (4) a pattern processing engine, associated with the context memory, that performs pattern matching and (5) a function interface system having (5A) a controller arbitration subsystem and (5B) a dispatch subsystem.
摘要翻译：具有内部功能总线和外部功能总线的快速模式处理器。在一个实施例中，快速图案处理器包括：（1）内部功能总线，（2）外部功能总线，（3）具有块缓冲器和参数签名寄存器的上下文存储器，其中所述块缓冲器包括与协议数据单元（PDU），（4）与上下文存储器相关联的模式处理引擎，执行模式匹配;以及（5）具有（5A）控制器仲裁子系统和（5B）调度子系统的功能接口系统。

2. 发明授权

US07000034B2 Function interface system and method of processing issued functions between co-processors 失效
公开(公告)号：US07000034B2
公开(公告)日：2006-02-14
申请号：US09798454
申请日：2001-03-02
申请人： Victor A. Bennett , David A. Brown , Sean W. McGee , David P. Sonnier , Leslie Zsohar
发明人： Victor A. Bennett , David A. Brown , Sean W. McGee , David P. Sonnier , Leslie Zsohar
IPC分类号： G06F15/16 , G06F15/20 , G06F15/76
CPC分类号： G06F9/3851 , G06F9/30101 , H04L49/102 , H04L49/254 , H04L49/3018
摘要： A function interface system for use with a fast pattern processor having an internal function bus and an external function bus and a method of operating the same. In one embodiment, the function interface system includes a controller arbitration subsystem configured to process an issued function request received from at least one of the internal function bus and the external function bus and a dispatch subsystem configured to retrieve the issued function request and dispatch the issued function request to at least one associated co-processor via the controller arbitration subsystem.

3. 发明授权

US07149211B2 Virtual reassembly system and method of operation thereof 有权
标题翻译：虚拟重组系统及其操作方法
公开(公告)号：US07149211B2
公开(公告)日：2006-12-12
申请号：US10993627
申请日：2004-11-19
申请人： Victor A. Bennett , Leslie Zsohar , Shannon E. Lawson , Sean W. McGee , David P. Sonnier , David B. Kramer
发明人： Victor A. Bennett , Leslie Zsohar , Shannon E. Lawson , Sean W. McGee , David P. Sonnier , David B. Kramer
IPC分类号： H04L12/50
CPC分类号： H04Q11/0478 , H04L49/107 , H04L49/3081 , H04L2012/5647 , H04L2012/5658 , H04L2012/5667 , H04L2012/5679
摘要： A virtual reassembly system for use with a fast pattern processor and a method of operating the same. In one embodiment, the virtual reassembly system includes a first pass subsystem configured to convert a packet of a protocol data unit into at least one processing block, queue the at least one processing block based upon a header of the packet and determine if the packet is a last packet of the protocol data unit. The virtual reassembly system further includes a second pass subsystem configured to virtually reassemble the protocol data unit by retrieving the at least one processing block based upon the queue.
摘要翻译：用于快速图案处理器的虚拟重组系统及其操作方法。在一个实施例中，虚拟重组系统包括：第一传递子系统，被配置为将协议数据单元的分组转换成至少一个处理块，基于分组的报头对至少一个处理块进行队列，并确定分组是否协议数据单元的最后一个分组。虚拟重组系统还包括被配置为通过基于队列检索至少一个处理块来虚拟地重新组合协议数据单元的第二传递子系统。

4. 发明授权

US06850516B2 Virtual reassembly system and method of operation thereof 失效
公开(公告)号：US06850516B2
公开(公告)日：2005-02-01
申请号：US09798472
申请日：2001-03-02
申请人： Victor A. Bennett , Leslie Zsohar , Shannon E. Lawson , Sean W. McGee , David P. Sonnier , David B. Kramer
发明人： Victor A. Bennett , Leslie Zsohar , Shannon E. Lawson , Sean W. McGee , David P. Sonnier , David B. Kramer
IPC分类号： G06F9/30 , G06F9/38 , H04L12/56 , H04Q11/04 , H04L12/50
CPC分类号： H04Q11/0478 , H04L49/107 , H04L49/3081 , H04L2012/5647 , H04L2012/5658 , H04L2012/5667 , H04L2012/5679
摘要： A virtual reassembly system for use with a fast pattern processor and a method of operating the same. In one embodiment, the virtual reassembly system includes a first pass subsystem configured to convert a packet of a protocol data unit into at least one processing block, queue the at least one processing block based upon a header of the packet and determine if the packet is a last packet of the protocol data unit. The virtual reassembly system further includes a second pass subsystem configured to virtually reassemble the protocol data unit by retrieving the at least one processing block based upon the queue.

5. 发明授权

US07366884B2 Context switching system for a multi-thread execution pipeline loop and method of operation thereof 有权
标题翻译：多线程执行管道循环的上下文切换系统及其操作方法
公开(公告)号：US07366884B2
公开(公告)日：2008-04-29
申请号：US10082776
申请日：2002-02-25
申请人： Victor A. Bennett , Sean W. McGee
发明人： Victor A. Bennett , Sean W. McGee
IPC分类号： G06F9/44
CPC分类号： G06F9/3824 , G06F9/3851 , G06F9/461
摘要： A context switching system for a multi-thread execution pipeline loop having a pipeline latency and a method of operation thereof. In one embodiment, the context switching system includes a context switch requesting subsystem configured to: (1) detect a device request from a thread executing within the multi-thread execution pipeline loop for access to a device having a fulfillment latency exceeding the pipeline latency, and (2) generate a context switch request for the thread. The context switching system further includes a context controller subsystem configured to receive the context switch request and prevent the thread from executing until the device request is fulfilled.
摘要翻译：一种用于具有流水线延迟的多线程执行流水线环路的上下文切换系统及其操作方法。在一个实施例中，上下文切换系统包括上下文切换请求子系统，其被配置为：（1）从在多线程执行流水线环路内执行的线程检测设备请求，以访问具有超过流水线延迟的满足延迟的设备，和（2）为线程生成上下文切换请求。上下文切换系统还包括上下文控制器子系统，被配置为接收上下文切换请求并防止线程执行直到设备请求被满足为止。

6. 发明授权

US07058974B1 Method and apparatus for preventing denial of service attacks 失效
标题翻译：防止拒绝服务攻击的方法和装置
公开(公告)号：US07058974B1
公开(公告)日：2006-06-06
申请号：US09598631
申请日：2000-06-21
申请人： Robert Daniel Maher, III , Victor A. Bennett
发明人： Robert Daniel Maher, III , Victor A. Bennett
IPC分类号： G06F11/00 , G06F11/22 , G06F11/30 , G06F11/32
CPC分类号： H04L63/1416 , H04L47/15 , H04L47/22 , H04L47/24 , H04L47/32 , H04L63/1458
摘要： A method and apparatus for preventing denial of service type attacks on data networks is described. The method involves scanning the contents of the data packets flowing over the data network using a traffic flow scanning engine. The data packets are reordered and reassembled and then the payload contents are scanned to determine whether they conform to predetermined requirements. Data packets which do not reorder or reassemble correctly or which do not conform to the predetermined requirements may be dropped. Dropping packets which do not reorder or reassemble correctly or which do not conform to the predetermined requirements prevent denial of service attack which exploit bugs in the TCP/IP implementation or shortcomings in the TCP/IP specification The traffic flow scanning engine is further operable to determine whether the data packets are associated with validated traffic flows. Those data packets associated with validated traffic flows are assigned to a higher priority while those not associated with a validated traffic flow are assigned to a low priority, which may occupy no more that a predetermined maximum of the available bandwidth. Assigning data packets associated with a non-validated traffic flow to a low priority prevent brute force type denial of service attacks designed to clog networks.
摘要翻译：描述了一种用于防止对数据网络的拒绝服务型攻击的方法和装置。该方法包括使用流量扫描引擎扫描在数据网络上流动的数据分组的内容。数据包被重新排序并重新组装，然后扫描有效载荷内容以确定它们是否符合预定的要求。不会正确重新排列或重新组装或不符合预定要求的数据包可能被丢弃。丢弃不正确重新排列或重新组装或不符合预定要求的数据包可防止利用TCP / IP实现中的错误或TCP / IP规范中的缺点的拒绝服务攻击。流量扫描引擎还可用于确定数据包是否与验证的流量流相关联。与验证的业务流相关联的那些数据分组被分配给较高的优先级，而不与经验证的业务流相关联的那些数据分组被分配给低优先级，这可能不再占用可用带宽的预定最大值。将与非验证业务流相关联的数据分组分配到低优先级可防止设计为阻塞网络的暴力类型拒绝服务攻击。

7. 发明授权

US5813001A Method for performing optimized intelligent searches of knowledge bases using submaps associated with search objects 失效
标题翻译：使用与搜索对象相关联的子图进行知识库的优化智能搜索的方法
公开(公告)号：US5813001A
公开(公告)日：1998-09-22
申请号：US794418
申请日：1997-02-05
申请人： Victor A. Bennett
发明人： Victor A. Bennett
IPC分类号： G06F17/30
CPC分类号： G06F17/30979 , G06F17/30985 , Y10S370/911 , Y10S707/99932 , Y10S707/99933
摘要： A method and apparatus is provided for searching a knowledge base to determine whether a search object matches any of a plurality of knowledge base entries. Initially, at least one search object bit is selected and examined to determine whether the knowledge base includes a partially matched entry that represents the same bit pattern in its corresponding bits, and when it does not, the search is terminated indicating no match. When the knowledge base does include a partially matched entry, the group of partially matched entries is identified. Thereafter, at least one previously unselected search object bit is selected and examined to determine whether the group of partially matched entries includes a further matched entry that represents the same bit pattern in its bits that correspond to the previously unselected search object bit and when it does not, the search is terminated indicating no match. When the knowledge base does include a further matched entry, the group of partially matched entries is updated to identify only the further partially matched entries. A determination is then made as to whether each bit of the search object has been selected and when it has, an indication is made of a match for the group of partially matched entries and the search is terminated. When it is determined that each search object bit has not been selected, a new search object bit is selected and the search proceeds in the manner described above.
摘要翻译：提供了一种用于搜索知识库以确定搜索对象是否匹配多个知识库条目中的任何一个的方法和装置。最初，选择和检查至少一个搜索对象比特以确定知识库是否包括表示其相应比特中的相同比特模式的部分匹配的条目，并且如果不存在，则搜索终止，表示不匹配。当知识库确实包括部分匹配的条目时，识别部分匹配条目的组。此后，选择和检查至少一个先前未选择的搜索对象比特以确定部分匹配条目的组是否包括表示与其先前未选择的搜索对象比特对应的比特中的相同比特模式的进一步匹配的条目不是，搜索被终止，表示没有匹配。当知识库确实包括进一步匹配的条目时，更新部分匹配条目的组以仅识别进一步部分匹配的条目。然后，确定搜索对象的每个位是否已经被选择，并且当它具有时，指示对于该组的部分匹配的条目的匹配，并且搜索被终止。当确定每个搜索对象比特尚未被选择时，选择新的搜索对象比特，并且以上述方式进行搜索。

8. 发明授权

US06654373B1 Content aware network apparatus 有权
标题翻译：内容感知网络设备
公开(公告)号：US06654373B1
公开(公告)日：2003-11-25
申请号：US09591728
申请日：2000-06-12
申请人： Robert Daniel Maher, III , Victor A. Bennett , Aswinkumar Vishanji Rana , Milton Andre Lie , Kevin William Brandon , Mark Warden Hervin , Corey Alan Garrow
发明人： Robert Daniel Maher, III , Victor A. Bennett , Aswinkumar Vishanji Rana , Milton Andre Lie , Kevin William Brandon , Mark Warden Hervin , Corey Alan Garrow
IPC分类号： H04L1256
CPC分类号： H04L47/2441 , H04L47/2433 , H04L63/0245 , H04L69/18
摘要： A content aware network device is described that is able to scan the contents of entire data packets including header and payload information. The network device includes a physical interface for converting analog network signal into bit streams and vise versa. The bit stream from the physical interface is sent to a traffic flow scanning processor that may be, but is not necessarily, divided into a header processor and a payload analyzer. The header processor scans the header information from each data packet, which is used to determine routing information and session identification. The payload analyzer scans the data packet's payload and matches the payload against a database of known strings. The payload analyzer is able to scan across packet boundaries and to scan for strings of variable and arbitrary length. Once the payload has been scanned the network device can operate on the data packet based on the results of the payload analyzer. The scanned data packets and the associated conclusions are then passed to a quality of service processor which modifies the data packets if necessary and performs traffic management and traffic shaping on the flow of data packets based on contents of the data packets.
摘要翻译：描述了能够扫描包括报头和有效载荷信息的整个数据分组的内容的内容感知网络设备。网络设备包括用于将模拟网络信号转换为比特流的物理接口，反之亦然。来自物理接口的比特流被发送到业务流扫描处理器，该处理器可能但并不一定被划分为头处理器和有效载荷分析器。头处理器从每个数据分组扫描头信息，用于确定路由信息和会话标识。有效载荷分析器扫描数据包的有效载荷，并将该有效载荷与已知字符串的数据库进行匹配。有效载荷分析器能够跨数据包边界扫描并扫描可变和任意长度的字符串。一旦有效载荷被扫描，网络设备可以基于有效载荷分析器的结果对数据分组进行操作。然后将扫描的数据分组和相关联的结论传递给服务质量处理器，如果需要则修改数据分组，并根据数据分组的内容对数据分组流进行流量管理和流量整形。

9. 发明授权

US06185554B2 Methods for searching a knowledge base 有权
标题翻译：搜索知识库的方法
公开(公告)号：US06185554B2
公开(公告)日：2001-02-06
申请号：US09151573
申请日：1998-09-11
申请人： Victor A. Bennett
发明人： Victor A. Bennett
IPC分类号： G06F1730
CPC分类号： G06F17/30985 , Y10S370/911 , Y10S707/99932 , Y10S707/99933
摘要： A method and apparatus is provided for searching a knowledge base to determine whether a search object matches any of a plurality of knowledge base entries. Initially, at least one search object bit is selected and examined to determine whether the knowledge base includes a partially matched entry that represents the same bit pattern in its corresponding bits, and when it does not, the search is terminated indicating no match. When the knowledge base does include a partially matched entry, the group of partially matched entries is identified. Thereafter, at least one previously unselected search object bit is selected and examined to determine whether the group of partially matched entries includes a further matched entry that represents the same bit pattern in its bits that correspond to the previously unselected search object bit and when it does not, the search is terminated indicating no match. When the knowledge base does include a further matched entry, the group of partially matched entries is updated to identify only the further partially matched entries. A determination is then made as to whether each bit of the search object has been selected and when it has, an indication is made of a match for the group of partially matched entries and the search is terminated. When it is determined that each search object bit has not been selected, a new search object bit is selected and the search proceeds in the manner described above.
摘要翻译：提供了一种用于搜索知识库以确定搜索对象是否匹配多个知识库条目中的任何一个的方法和装置。最初，选择和检查至少一个搜索对象比特以确定知识库是否包括表示其相应比特中的相同比特模式的部分匹配的条目，并且如果不存在，则搜索终止，表示不匹配。当知识库确实包括部分匹配的条目时，识别部分匹配条目的组。此后，选择和检查至少一个先前未选择的搜索对象比特以确定部分匹配条目的组是否包括表示与其先前未选择的搜索对象比特对应的比特中的相同比特模式的进一步匹配的条目不是，搜索被终止，表示没有匹配。当知识库确实包括进一步匹配的条目时，更新部分匹配条目的组以仅识别进一步部分匹配的条目。然后，确定搜索对象的每个位是否已经被选择，并且当它具有时，指示对于该组的部分匹配的条目的匹配，并且搜索被终止。当确定每个搜索对象比特尚未被选择时，选择新的搜索对象比特，并且以上述方式进行搜索。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式