专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

81. 发明申请

WO2017146961A1 HYBRID HARDWARE-SOFTWARE DISTRIBUTED THREAT ANALYSIS 审中-公开
标题翻译：混合硬件 - 软件分布式威胁分析
公开(公告)号：WO2017146961A1
公开(公告)日：2017-08-31
申请号：PCT/US2017/018021
申请日：2017-02-16
申请人： MICROSOFT TECHNOLOGY LICENSING, LLC
发明人： JAIN, Navendu , CHEN, Ang
IPC分类号： G06F21/55 , G06F21/56 , G06F21/57 , H04L29/06 , H04L12/801
CPC分类号： H04L63/0254 , G06F21/55 , G06F21/552 , G06F21/56 , G06F21/577 , H04L63/0218 , H04L63/0227 , H04L63/08 , H04L63/1408 , H04L63/1416 , H04L63/1425 , H04L63/1441 , H04L63/145 , H04L63/1458 , H04L63/20
摘要： Embodiments relate to detecting and mitigating network intrusions. Packets are inspected at their source/destination hosts to identify packet trends local to the hosts. The local packet trends are combined to identify network-wide packet trends. The network-wide packet trends are used to detect anomalies or attacks, which in turn informs mitigation actions. The local inspection may be performed by reconfigurable/reprogrammable "smart" network interfaces (NICs) at each of the hosts. Local inspection involves identifying potentially suspect packet features based on statistical prevalence of recurring commonalities among the packets; pre-defined threat patterns are not required. For network-wide coherence, each host/NIC uses the same packet-identifying and occurrence-measuring algorithms. An overlay or control server collects and combines the local occurrence-measures to derive the network-wide occurrence-measures. The network-wide occurrences can be used to automatically detect and mitigate completely new types of attack packets.
摘要翻译：实施例涉及检测和减轻网络入侵。数据包在其源/目标主机上进行检查，以识别主机本地的数据包趋势。本地数据包趋势被结合起来以识别网络范围的数据包趋势。网络范围的数据包趋势用于检测异常或攻击，进而通知缓解措施。本地检查可以通过可重新配置/可重新编程的“智能” 每个主机的网络接口（NIC）。本地检查涉及根据数据包之间重复共性的统计普遍性来识别潜在的可疑数据包特征; 预定义的威胁模式不是必需的。对于整个网络的一致性，每个主机/ NIC使用相同的数据包识别和出现测量算法。覆盖或控制服务器收集并组合本地出现措施以导出全网络出现措施。网络范围内的事件可以用来自动检测和缓解全新类型的攻击数据包。

82. 发明申请

WO2017106491A1 PRIVACY ENHANCING NETWORKS 审中-公开
标题翻译：隐私增强网络
公开(公告)号：WO2017106491A1
公开(公告)日：2017-06-22
申请号：PCT/US2016/066917
申请日：2016-12-15
申请人： MINDTOP, INC.
发明人： BROWN, Michael , DUGGAL, Rajendar
IPC分类号： H04L12/56 , H04L12/927 , H04W28/08 , H04W88/16 , H04W92/06
CPC分类号： H04L63/0254 , H04L12/4641 , H04L43/10 , H04L63/0209 , H04L63/0281 , H04L63/0407 , H04L63/08 , H04L65/102 , H04L67/02 , H04L67/42
摘要： The presently disclosed privacy enhancing networks (PENs) comprises a network of gateways in communication with one or more controllers. By dynamically creating and tearing down unique data flow paths through a network of gateways for each individual data flow, the privacy enhancing network makes it more difficult for an adversary to glean information about communicating parties. Since each flow in a single data session may be routed through a different path, adversaries may find it more difficult to determine which data flows are associated with each data session. This in turn, makes it more difficult for adversaries to gather enough data traffic to break any encryption applied to the data flows. Furthermore, since each flow in a single data session can be directed along a different path, a privacy enhancing network may make it difficult for adversaries to even determine that the communicating parties are communicating at all.
摘要翻译：目前公开的隐私增强网络（PEN）包括与一个或多个控制器通信的网关网络。通过为每个单独的数据流动地创建和拆除通过网关网络的唯一数据流路径，隐私增强网络使对手更难收集关于通信方的信息。由于单个数据会话中的每个流可以通过不同的路径进行路由，攻击者可能会发现确定哪些数据流与每个数据会话相关联会更困难。这反过来又使攻击者难以收集足够的数据流量来破坏应用于数据流的加密。此外，由于单个数据会话中的每个流都可以沿着不同的路径定向，因此增强隐私网络可能使得攻击者难以甚至确定通信双方根本不通信。

83. 发明申请

WO2017106206A1 INTERCEPTING INTRA-NETWORK COMMUNICATION FOR SMART APPLIANCE BEHAVIOR ANALYSIS 审中-公开
标题翻译：通过内联网进行智能家电行为分析
公开(公告)号：WO2017106206A1
公开(公告)日：2017-06-22
申请号：PCT/US2016/066406
申请日：2016-12-13
申请人： CUJO LLC
发明人： DE ALVARENGA BASTOS, Pedro
IPC分类号： G06F15/173 , H04L12/46 , H04L29/06 , H04L29/08
CPC分类号： H04L63/0254 , H04L12/2823 , H04L45/22 , H04L61/2015 , H04L61/6095 , H04L63/1425 , H04L67/125
摘要： A system and method for intercepting intra-network traffic for smart appliance behavior analysis. A network traffic hub is configured to intercept network traffic between a switch and a router. A smart appliance sends a message to the router, such as a DHCP request when the smart appliance joins the network. The router sends a response to the smart appliance. The network traffic hub intercepts and modifies the response to instruct the smart appliance to send all future intra-network traffic through the network traffic hub and the router. In some embodiments, the network traffic hub alters a network mask in the response message to instruct the smart appliance to send traffic through the network traffic hub. The network traffic hub then extracts data from the network traffic and uses that data for behavior analysis of smart appliances.
摘要翻译：用于拦截智能设备行为分析的网络内流量的系统和方法。网络流量中心配置为拦截交换机和路由器之间的网络流量。智能设备向路由器发送消息，例如智能设备加入网络时的DHCP请求。路由器向智能设备发送响应。网络流量中心拦截并修改响应以指示智能设备通过网络流量中枢和路由器发送所有未来的网内流量。在一些实施例中，网络业务集线器改变响应消息中的网络掩码以指示智能设备通过网络业务集线器发送业务。网络流量中心然后从网络流量中提取数据并使用该数据进行智能设备的行为分析。

84. 发明申请

WO2017040148A1 MICROSEGMENTED NETWORKS THAT IMPLEMENT VULNERABILITY SCANNING 审中-公开
标题翻译：微软网络实施易损性扫描
公开(公告)号：WO2017040148A1
公开(公告)日：2017-03-09
申请号：PCT/US2016/048412
申请日：2016-08-24
申请人： VARMOUR NETWORKS, INC.
发明人： ROSS, Colin , SHIEH, Choung-Yaw , LIAN, Jia-Jyi , XU, Meng , SUN, Yi
IPC分类号： G06F9/455 , H04L29/06
CPC分类号： H04L63/20 , G06F9/45558 , G06F21/55 , G06F21/554 , G06F2009/45587 , G06F2009/45595 , H04L63/0254 , H04L63/107 , H04L63/1408
摘要： Systems for providing vulnerability scanning within distributed microservices are provided herein. In some embodiments, a system includes a plurality of microsegmented environments that each includes a hypervisor, an enforcement point that has an active probe device, and a plurality of virtual machines that each implements at least one microservice. The system also has a cloud data center server coupled with the plurality of microsegmented environments over a network. The cloud data center server has a security controller configured to provide a security policy to each of the plurality of microsegmented environments and an active probe controller configured to cause the active probe device of the plurality of microsegmented environments to execute a vulnerability scan.
摘要翻译：本文提供了在分布式微服务器内提供漏洞扫描的系统。在一些实施例中，系统包括多个微分段环境，每个微分段环境包括虚拟机管理程序，具有主动探测设备的执行点以及各自实现至少一个微服务的多个虚拟机。该系统还具有通过网络与多个微分段环境耦合的云数据中心服务器。云数据中心服务器具有安全控制器，其被配置为向多个微分段环境中的每一个提供安全策略，以及主动探测控制器，被配置为使多个微分段环境的主动探测设备执行漏洞扫描。

85. 发明申请

WO2016118517A1 SESSION SECURITY SPLITTING AND APPLICATION PROFILER 审中-公开
标题翻译：会议安全分析和应用程序配置文件
公开(公告)号：WO2016118517A1
公开(公告)日：2016-07-28
申请号：PCT/US2016/013942
申请日：2016-01-19
申请人： ENZOO, INC.
发明人： PIKE, Robert
IPC分类号： G06F21/00
CPC分类号： H04L63/10 , G06F21/57 , G06F21/6218 , H04L63/0254 , H04L63/0263 , H04L63/0846 , H04L63/102 , H04L63/108 , H04L63/1408 , H04L63/1416 , H04L63/1441 , H04L63/1466 , H04L63/20 , H04L67/148 , H04L67/42
摘要： Intelligent methods of providing online security against hackers, which prevents the hackers from obtaining unauthorized access to secure resources. A first application session established between a first client and a first application of a first host device is detected. The first application is associated with a first plurality of security time limits that divide security for the first application into security tiers. A duration of the first application session established between the first client and the first application is monitored. One or more first security actions are executed against the first application session responsive to the duration of the first application session reaching a security time limit of the first plurality of security time limits. One or more second security actions are executed against the first application session responsive to the duration of the first application session reaching another security time limit of the first plurality of security time limits.
摘要翻译：为黑客提供在线安全的智能方法，防止黑客获取未经授权的访问安全资源。检测在第一客户机和第一主机设备的第一应用之间建立的第一应用会话。第一应用与将第一应用的安全性分成安全层的第一多个安全时间限制相关联。监视在第一客户端和第一应用之间建立的第一应用会话的持续时间。响应于第一应用会话的持续时间达到第一多个安全时间限制的安全时间限制，针对第一应用会话执行一个或多个第一安全动作。响应于第一应用会话的持续时间到达第一多个安全时间限制的另一安全时间限制，针对第一应用会话执行一个或多个第二安全动作。

86. 发明申请

WO2015193062A1 PACKET FILTERING AT AN APPLICATION-PROCESSOR-TO-MODEM INTERFACE 审中-公开
标题翻译：应用处理器到调制解调器接口中的分组过滤
公开(公告)号：WO2015193062A1
公开(公告)日：2015-12-23
申请号：PCT/EP2015/061475
申请日：2015-05-22
申请人： TELEFONAKTIEBOLAGET L M ERICSSON (PUBL)
发明人： RUNESON, Stefan
IPC分类号： H04L29/06 , H04W12/00
CPC分类号： H04L63/0254 , H04L63/0236 , H04W12/00
摘要： An application processor circuit comprises an interface circuit configured to communicate with a separate modem device, a user application module configured to execute one or more user-installed applications, and a core application module configured to execute one or more core applications and to access one or more modem services on the modem device, using the interface circuit and an IP socket application protocol interface (API), wherein packets sent to the modem device for accessing the one or more modem services include a destination IP address corresponding to the modem device. The application processor circuit further comprises an IP filter module configured to identify and discard outbound packets that include a destination IP address corresponding to the modem device and that originate from any of one or more disallowed applications in the application processor, without sending the identified packets to the modem device.
摘要翻译：应用处理器电路包括被配置为与单独的调制解调器设备进行通信的接口电路，被配置为执行一个或多个用户安装的应用的用户应用模块以及配置成执行一个或多个核心应用并访问一个或多个核心应用的核心应用模块，调制解调器设备上的更多调制解调器服务，使用接口电路和IP套接字应用协议接口（API），其中发送到调制解调器设备用于访问一个或多个调制解调器服务的分组包括对应于调制解调器设备的目的地IP地址。应用处理器电路还包括IP过滤器模块，其被配置为识别和丢弃包括与调制解调器设备相对应的目的地IP地址并且来自应用处理器中的一个或多个不允许的应用中的任何一个的出站分组，而不将所识别的分组发送到调制解调器设备。

87. 发明申请

WO2015036860A3 LINE-RATE PACKET FILTERING TECHNIQUE FOR GENERAL PURPOSE OPERATING SYSTEMS 审中-公开
标题翻译：用于通用目的操作系统的线性速率分组过滤技术
公开(公告)号：WO2015036860A3
公开(公告)日：2015-06-11
申请号：PCT/IB2014002064
申请日：2014-09-10
申请人： HAPROXY S A R L
发明人： TARREAU WILLY
IPC分类号： H04L29/06
CPC分类号： H04L63/0227 , H04L63/0254 , H04L63/1416 , H04L63/1458
摘要： A method for mitigating denial of service attacks may include filtering out invalid packets from the received packets using a first filtering module, allowing the valid packets to pass through the first filtering module, and allowing some invalid packets to pass through the first filtering module. The method may also include passing the valid packets and the remaining invalid packets from the first filtering module to a second filtering module, filtering out more of the invalid packets using the second packet filtering module, allowing the valid packets to pass through the second filtering module, and allowing some invalid packets to pass through the second filtering module. The method may additionally include passing the valid packets and the remaining invalid packets to a protocol stack to filter the remaining invalid packets and pass the valid packets through to an application.
摘要翻译：一种缓解拒绝服务攻击的方法可以包括：使用第一过滤模块从接收的数据包中滤除无效数据包，允许有效数据包通过第一过滤模块，并允许一些无效数据包通过第一过滤模块。该方法还可以包括将有效分组和剩余的无效分组从第一过滤模块传递到第二过滤模块，使用第二分组过滤模块过滤出更多的无效分组，允许有效分组通过第二过滤模块，并允许一些无效的数据包通过第二个过滤模块。该方法可以另外包括将有效分组和剩余的无效分组传递给协议栈以过滤剩余的无效分组并将有效分组传递给应用。

88. 发明申请

WO2015023336A3 SELECTIVELY PERFORMING MAN IN THE MIDDLE DECRYPTION 审中-公开
标题翻译：选择在中间阶段执行人
公开(公告)号：WO2015023336A3
公开(公告)日：2015-04-16
申请号：PCT/US2014039231
申请日：2014-05-22
申请人： IBOSS INC
发明人： MARTINI PAUL MICHAEL
IPC分类号： H04L29/06 , H04L29/08
CPC分类号： H04L63/0209 , H04L63/0254 , H04L63/0281 , H04L63/0428 , H04L63/0464 , H04L63/168 , H04L63/20 , H04L67/02 , H04L67/42
摘要： Methods, systems, and apparatus, including computer programs encoded on computer storage media, for selectively performing man in the middle decryption. One of the methods includes receiving a first request to access a first resource hosted by a server outside the network, determining whether requests from the client device to access the first resource outside the network should be redirected to a second resource hosted by a proxy within the network, providing a redirect response to the client device, the redirect response including the second universal resource identifier, establishing a first encrypted connected between the client device and the proxy hosting the second resource, and a second encrypted connection between the proxy hosting the second domain and the server hosting the first resource, and decrypting and inspecting the encrypted communication traffic passing between the client device and the server hosting the first resource.
摘要翻译：方法，系统和装置，包括在计算机存储介质上编码的计算机程序，用于在中间解密中选择性地执行人员。其中一种方法包括接收访问由网络外的服务器托管的第一资源的第一请求，确定来自客户端设备访问网络外部的第一资源的请求是否应被重定向到由所述网络内的代理托管的第二资源网络，向客户端设备提供重定向响应，重定向响应包括第二通用资源标识符，建立连接在客户端设备和托管第二资源的代理之间的第一加密，以及托管第二域的代理之间的第二加密连接以及承载第一资源的服务器，以及解密和检查在客户端设备和托管第一资源的服务器之间传递的加密通信流量。

89. 发明申请

WO2014153366A1 MAINTAINING RULE COHERENCY FOR APPLICATIONS 审中-公开
标题翻译：维护应用程序的规则
公开(公告)号：WO2014153366A1
公开(公告)日：2014-09-25
申请号：PCT/US2014/031123
申请日：2014-03-18
申请人： GREENBAUM, Gary, S. , AGARWAL, Rahul
发明人： GREENBAUM, Gary, S. , AGARWAL, Rahul
IPC分类号： H04L9/32
CPC分类号： H04L63/20 , G06F21/6218 , G06F2221/2141 , H04L63/0254 , H04L63/0263 , H04L63/101 , H04L63/102 , H04W88/16
摘要： The disclose describes a system and method for maintaining network access rules for device applications using a state graph of the device application. A rules update agent generates a state graph by recursively exercising internal state transitions and recording network locations of a corresponding resource server associated with the state transition. The internal states of the application are reflected as nodes in the state graph. A rule list is generated from the state graph to identify which states have access to which resource servers. The rules update agent is also configured to dynamically generate a truncated state graph from which a transitory rule list is generated.
摘要翻译：该公开描述了使用设备应用的状态图来维护设备应用的网络访问规则的系统和方法。规则更新代理通过递归地执行与状态转换相关联的相应资源服务器的内部状态转换和记录网络位置来生成状态图。应用程序的内部状态反映为状态图中的节点。从状态图生成规则列表，以确定哪些状态可以访问哪些资源服务器。规则更新代理还被配置为动态生成截断的状态图，从其生成暂时规则列表。

90. 发明申请

WO2014057380A3 VIRTUAL FIREWALL MOBILITY 审中-公开
标题翻译：虚拟防火墙移动
公开(公告)号：WO2014057380A3
公开(公告)日：2014-06-05
申请号：PCT/IB2013058857
申请日：2013-09-25
申请人： ERICSSON TELEFON AB L M , ZHU ZHONGWEN , POURZANDI MAKAN
发明人： ZHU ZHONGWEN , POURZANDI MAKAN
IPC分类号： H04L29/06 , G06F9/455
CPC分类号： G06F9/455 , G06F9/45558 , G06F2009/4557 , H04L63/0227 , H04L63/0254 , H04L63/0272
摘要： A cloud management device determines that a virtual machine should be migrated from a first host to a second host, the virtual machine being associated with a virtual service, such as a virtual firewall, in the first host. The cloud management device verifies if fonctionality corresponding to the virtual service is available in the second host if the required ninctionality is not available, a new virtual service is instaicted to be instantiated in the second host State synchronization can be performed between the virtual services in the first and second hosts. The cloud management device instructs the virtual machine to be instantiated in the second host.
摘要翻译：云管理设备确定虚拟机应该从第一主机迁移到第二主机，虚拟机与第一主机中的虚拟服务（例如虚拟防火墙）相关联。如果所需的功能不可用，则云管理设备将验证与第二主机中的虚拟服务相对应的功能是否可用，在第二主机状态下，新的虚拟服务被启动将被实例化，可以在虚拟服务之间执行同步第一和第二主机。云管理设备指示虚拟机在第二主机中被实例化。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式