-
1.发明公开System and method for mitigating denial of service attacks on communication appliances 有权的系统和方法,以降低通信设备的拒绝服务攻击
公开(公告)号:EP1737189A3
公开(公告)日:2007-03-21
申请号:EP06253214.8
申请日:2006-06-21
申请人: AVAYA TECHNOLOGY LLC
发明人: Garg, Sachin , Sing, Navjot
IPC分类号: H04L29/06
CPC分类号: H04L63/0236 , H04L63/0254 , H04L63/0263 , H04L63/1458
摘要: A method for preventing or limiting the effects of Denial-of-Service attacks in a communication appliance having a packet-classification rule base which allows all legitimate packets to be forwarded to the communication appliance includes monitoring incoming packets to the communication appliance to determine whether conditions indicating a Denial-of-Service attack are present. If a Denial-of-Service attack is present, a rule base subset of the packet-classification rule base is selected from a plurality of rule base subsets based on a current one of a plurality of operating states of the communication appliance.
-
2.发明公开
公开(公告)号:EP1959432A1
公开(公告)日:2008-08-20
申请号:EP08002076.1
申请日:2008-02-05
申请人: AVAYA TECHNOLOGY LLC
IPC分类号: G10L19/00
CPC分类号: H04L63/08 , G10L19/018 , H04L63/168
摘要: A method is disclosed that enables the transmission of a digital message along with a corresponding media information signal, such as audio or video. A telecommunications device that is processing the information signal from its user, such as a speech signal, encodes the information signal by using a model-based compression coder. One such device is a telecommunications endpoint. Then, based on an evaluation of the perceptual significance of each encoded bit, or on some other meaningful characteristic of the signal, the endpoint's processor: (i) determines which encoded bits can be overwritten; and (ii) intersperses the digital message bits throughout the encoded signal in place of the overwritten bits. The endpoint then transmits those digital message bits as part of the encoded information signal. In this way, no additional bits are appended to the packet to be transmitted, thereby addressing the issue of compatibility with existing protocols and firewalls.
摘要翻译: 公开了一种使数字消息与诸如音频或视频之类的对应媒体信息信号一起发送的方法。 正在处理来自其用户的信息信号(例如语音信号)的电信设备通过使用基于模型的压缩编码器对信息信号进行编码。 一个这样的设备是电信端点。 然后,基于对每个编码比特的感知意义的评估,或在信号的一些其它有意义的特征上,端点的处理器:(i)确定可以覆盖哪些编码比特; 并且(ii)将整数编码信号中的数字消息位穿插到代替重写的位。 端点然后将这些数字消息比特作为编码信息信号的一部分进行发送。 以这种方式,不会将额外的比特附加到要发送的分组,从而解决与现有协议和防火墙的兼容性问题。
-
3.发明公开Network switch that is optimized for a telephony-capable endpoint 有权终端呼叫中心NetfelfähigenEndpunkt optimierter Netzwerkschalter
公开(公告)号:EP1933510A2
公开(公告)日:2008-06-18
申请号:EP07024214.4
申请日:2007-12-13
申请人: AVAYA TECHNOLOGY LLC
IPC分类号: H04L12/56
CPC分类号: H04L47/10 , H04L47/22 , H04L49/3054
摘要: A method is disclosed that enables the avoidance of a processor overload of a telecommunications endpoint device that is susceptible to traffic floods. An enhanced network switch sets the speed on one of its data ports as a specific function of the speeds of the devices that are donnected to one or more of its other data ports. This behavior is different from that of network switches in the prior art, in which the data rate of a port in the prior art is auto-negotiated to the highest speed that can be supported by the network elements at either end of the port's connection, regardless of the other devices present. By considering the specific devices that are connected, the enhanced network switch is able to limit the amount of traffic that is directed by an upstream device, such as a router, towards a device with limited processor capability, such as a packet-based phone.
摘要翻译: 公开了一种能够避免容易遭受交通洪泛的电信端点设备的处理器过载的方法。 增强型网络交换机将其数据端口之一的速度设置为连接到其一个或多个其他数据端口的设备的速度的特定功能。 这种现象与现有技术中的网络交换机的行为不同,其中现有技术中的端口的数据速率被自动协商为端口连接端的网元可以支持的最高速度, 不管其他设备存在。 通过考虑连接的特定设备,增强型网络交换机能够将诸如路由器之类的上游设备所指导的业务量限制为具有有限处理器能力的设备,例如基于分组的电话。
-
4.发明公开System and method for mitigating denial of service attacks on communication appliances 有权Vorrichtung und Verfahren zur Verringerung von Denial-of-service Angriffen inKommunikationsgeräten
公开(公告)号:EP1737189A2
公开(公告)日:2006-12-27
申请号:EP06253214.8
申请日:2006-06-21
申请人: AVAYA TECHNOLOGY LLC
发明人: Garg, Sachin , Sing, Navjot
IPC分类号: H04L29/06
CPC分类号: H04L63/0236 , H04L63/0254 , H04L63/0263 , H04L63/1458
摘要: A method for preventing or limiting the effects of Denial-of-Service attacks in a communication appliance having a packet-classification rule base which allows all legitimate packets to be forwarded to the communication appliance includes monitoring incoming packets to the communication appliance to determine whether conditions indicating a Denial-of-Service attack are present. If a Denial-of-Service attack is present, a rule base subset of the packet-classification rule base is selected from a plurality of rule base subsets based on a current one of a plurality of operating states of the communication appliance.
摘要翻译: 一种用于防止或限制拒绝服务攻击在具有允许所有合法分组被转发到通信设备的分组分类规则库的通信设备中的效果的方法包括:监控到通信设备的进入分组,以确定条件 表示存在拒绝服务攻击。 如果存在拒绝服务攻击,则基于通信设备的多个操作状态中的当前操作状态,从多个规则库子集中选择分组分类规则库的规则库子集。
-
5.发明公开Embedded firewall at a telecommunications endpoint 有权Eingebettete防火墙einem Telekommunikationsendpunkt
公开(公告)号:EP2141885A1
公开(公告)日:2010-01-06
申请号:EP09013268.9
申请日:2007-12-06
申请人: Avaya Technology LLC
CPC分类号: H04L63/0209 , H04L63/0263
摘要: A method is disclosed that enables the implementation of an embedded firewall at a telecommunications endpoint. In particular, the illustrative embodiment of the present invention addresses the relationship between the application, firewall engine, and packet-classification rules database that are all resident at the endpoint. In the variations of the illustrative embodiment that are described herein, the application: (i) directly communicates with the co-resident firewall engine such as through local message passing, (ii) shares memory with the firewall engine, and (iii) makes socket calls to the operating system that are intercepted by a middleware layer that subsequently modifies the rules database, depending on the socket call. The common thread to these techniques is that the application, firewall engine, and rules database are co-resident at the endpoint, which is advantageous in the implementation of the embedded firewall.
摘要翻译: 公开了一种能够在电信端点实现嵌入式防火墙的方法。 特别地,本发明的说明性实施例解决了所有驻留在端点的应用,防火墙引擎和分组分类规则数据库之间的关系。 在本文描述的说明性实施例的变型中,应用:(i)直接与共驻防火墙引擎通信,例如通过本地消息传递,(ii)与防火墙引擎共享存储器,以及(iii)使套接字 调用由中间件层拦截的操作系统,随后根据套接字调用修改规则数据库。 这些技术的共同点是应用程序,防火墙引擎和规则数据库共同驻留在端点,这在嵌入式防火墙的实现方面是有利的。
-
公开(公告)号:EP1933510A3
公开(公告)日:2009-04-29
申请号:EP07024214.4
申请日:2007-12-13
申请人: AVAYA TECHNOLOGY LLC
CPC分类号: H04L47/10 , H04L47/22 , H04L49/3054
摘要: A method is disclosed that enables the avoidance of a processor overload of a telecommunications endpoint device that is susceptible to traffic floods. An enhanced network switch sets the speed on one of its data ports as a specific function of the speeds of the devices that are donnected to one or more of its other data ports. This behavior is different from that of network switches in the prior art, in which the data rate of a port in the prior art is auto-negotiated to the highest speed that can be supported by the network elements at either end of the port's connection, regardless of the other devices present. By considering the specific devices that are connected, the enhanced network switch is able to limit the amount of traffic that is directed by an upstream device, such as a router, towards a device with limited processor capability, such as a packet-based phone.
-
7.发明公开Signal watermarking in the presence of encryption 审中-公开Signalwasserzeichenmarkierung beiVerschlüsselung
公开(公告)号:EP1959386A2
公开(公告)日:2008-08-20
申请号:EP08001414.5
申请日:2008-01-25
申请人: AVAYA TECHNOLOGY LLC
CPC分类号: G06T1/0021 , G10L19/018 , H04H20/28 , H04H20/31 , H04H60/23 , H04H2201/50 , H04L9/065 , H04L2209/30 , H04L2209/608
摘要: A method is disclosed that enables the transmission of a digital message along with a corresponding information signal, such as audio or video. The supplemental information contained in digital messages can be used for a variety of purposes, such as enabling or enhancing packet authentication. In particular, a telecommunications device that is processing an information signal from its user, such as a speech signal, encrypts the information signal by performing a bitwise exclusive-or of an encryption key stream with the information signal stream. The device, such as a telecommunications endpoint, then intersperses the bits of the digital message throughout the encrypted signal in place of those bits overwritten, in a process referred to as "watermarking." The endpoint then transmits the interspersed digital message bits as part of a composite signal that also comprises the encrypted information bits. No additional bits are appended to the packet to be transmitted, thereby addressing compatibility issues.
摘要翻译: 公开了一种能够传送数字消息以及对应的信息信号(诸如音频或视频)的方法。 数字消息中包含的补充信息可以用于各种目的,例如启用或增强数据包认证。 特别地,正在处理来自其用户的信息信号(例如语音信号)的电信设备通过执行与信息信号流的按位异或加密密钥流对信息信号进行加密。 在称为“水印”的过程中,诸如电信端点的设备然后在整个加密信号中分散数字消息的位以代替覆盖的位。 然后,端点将散布的数字消息比特作为还包括加密信息比特的复合信号的一部分发送。 没有额外的比特附加到要发送的数据包,从而解决兼容性问题。
-
公开(公告)号:EP1933526A1
公开(公告)日:2008-06-18
申请号:EP07023662.5
申请日:2007-12-06
申请人: AVAYA TECHNOLOGY LLC
CPC分类号: H04L63/0209 , H04L63/0263
摘要: A method is disclosed that enables the implementation of an embedded firewall at a telecommunications endpoint. In particular, the illustrative embodiment of the present invention addresses the relationship between the application, firewall engine, and packet-classification rules database that are all resident at the endpoint. In the variations of the illustrative embodiment that are described herein, the application: (i) directly communicates with the co-resident firewall engine such as through local message passing, (ii) shares memory with the firewall engine, and (iii) makes socket calls to the operating system that are intercepted by a middleware layer that subsequently modifies the rules database, depending on the socket call. The common thread to these techniques is that the application, firewall engine, and rules database are co-resident at the endpoint, which is advantageous in the implementation of the embedded firewall.
-
-
-
-
-
-
-
搜索结果
8 条记录 (耗时 0.01 秒)
