公开(公告)号：US20130013421A1

公开(公告)日：2013-01-10

申请号：US13178266

申请日：2011-07-07

Applicant: Shrutivandana Sharma ,  Sachin Garg

Inventor： Shrutivandana Sharma ,  Sachin Garg

IPC: G06Q30/00

CPC classification number: G06Q30/0241 ,  G06Q30/0251 ,  G06Q30/0253 ,  G06Q30/0273

Abstract: Methods and systems are disclosed in which a guaranteed delivery advertisement may be appended with a non-guaranteed delivery advertisement. The guaranteed delivery advertisement may be, for example, a manufacturer or brand advertisement, and the non-guaranteed delivery advertisement may be, for example, a retailer advertisement. The guaranteed delivery advertisement may relate to a particular brand and/or product and the non-guaranteed delivery advertisement may relate to a purchasing opportunity for that particular brand and/or product. The guaranteed delivery advertisement may be selected based on targeting information and the non-guaranteed delivery advertisement may be selected based on factors such as, for example, the manufacturer name, the product name, the product type, a related product, price, availability of the product, discount, location of the retailer, etc.

Abstract translation: 公开了一种方法和系统，其中保证递送广告可以附加非保证递送广告。 保证发送广告可以是例如制造商或品牌广告，并且非保证递送广告可以是例如零售商广告。 保证的交货广告可以涉及特定品牌和/或产品，并且非保证交货广告可以涉及该特定品牌和/或产品的购买机会。 可以基于目标信息来选择保证的发送广告，并且可以基于诸如制造商名称，产品名称，产品类型，相关产品，价格，可用性等因素来选择非保证递送广告 产品，折扣，零售商的位置等

公开(公告)号：US08353030B2

公开(公告)日：2013-01-08

申请号：US11610489

申请日：2006-12-13

Applicant: Akshay Adhikari ,  Sachin Garg ,  Anjur Sundaresan Krishnakumar ,  Navjot Singh

Inventor： Akshay Adhikari ,  Sachin Garg ,  Anjur Sundaresan Krishnakumar ,  Navjot Singh

IPC: G06F21/00

CPC classification number: H04L63/1408 ,  H04L63/1458

Abstract: A method is disclosed that enables mitigating at least some of the problems caused by a packet attack. When a first Internet Protocol (IP)-capable device is subjected to a packet attack, it indicates periodically to a second IP-capable device that certain communications with the first device are to be suspended. The periodic transmitting of the indication is performed at a slower rate than the keep-alive mechanism that is normally used to detect loss of connectivity. When the second device receives the transmitted indication, it refrains from transmitting keep-alive messages to the first device for a predetermined interval. Meanwhile, the first device also refrains from transmitting keep-alive messages to the second device for a similar interval. In transmitting the suspend indication, the illustrative embodiment seeks to prevent pairs of communicating devices that are experiencing packet attacks from continuing their operation under the erroneous assumption that each device is unavailable.

Abstract translation: 公开了一种能够减轻由分组攻击引起的至少一些问题的方法。 当第一个基于互联网协议（IP）的设备遭受分组攻击时，它周期性地向第二个具有IP能力的设备指示与第一设备的某些通信将被暂停。 指示的周期性发送以比通常用于检测连通性损失的保持活动机制更慢的速率执行。 当第二设备接收到发送的指示时，它不阻止向预定间隔向第一设备发送保持活动消息。 同时，第一设备也禁止以类似间隔向第二设备发送保持活动消息。 在发送挂起指示时，说明性实施例旨在防止正在经历分组攻击的通信设备的对在每个设备不可用的错误假设下继续其操作。

公开(公告)号：US07814547B2

公开(公告)日：2010-10-12

申请号：US12200069

申请日：2008-08-28

Applicant: Sachin Garg ,  Navjot Singh ,  Timothy Kohchih Tsai ,  Yu-Sung Wu ,  Saurabh Bagchi

Inventor： Sachin Garg ,  Navjot Singh ,  Timothy Kohchih Tsai ,  Yu-Sung Wu ,  Saurabh Bagchi

IPC: H04L9/00

CPC classification number: H04L63/1433

Abstract: A method for detecting intrusions that employ messages of two or more protocols is disclosed. Such intrusions might occur in Voice over Internet Protocol (VoIP) systems, as well as in systems in which two or more protocols support some service other than VoIP. In the illustrative embodiment of the present invention, a stateful intrusion-detection system is capable of employing rules that have cross-protocol pre-conditions. The illustrative embodiment can use such rules to recognize a variety of VoIP-based intrusion attempts, such as call hijacking, BYE attacks, etc. In addition, the illustrative embodiment is capable of using such rules to recognize other kinds of intrusion attempts in which two or more protocols support a service other than VoIP. The illustrative embodiment also comprises a stateful firewall that is capable of employing rules with cross-protocol pre-conditions.

Abstract translation: 公开了一种用于检测采用两种或多种协议的消息的入侵的方法。 这种入侵可能发生在语音互联网协议（VoIP）系统中，以及在两个或多个协议支持VoIP之外的一些服务的系统中。 在本发明的说明性实施例中，状态入侵检测系统能够采用具有交叉协议前提条件的规则。 说明性实施例可以使用这样的规则来识别各种基于VoIP的入侵尝试，例如呼叫劫持，BYE攻击等。此外，说明性实施例能够使用这样的规则来识别其他种类的入侵尝试，其中两个 或更多的协议支持VoIP以外的服务。 说明性实施例还包括能够使用具有交叉协议前提条件的规则的有状态防火墙。

公开(公告)号：US20100250362A1

公开(公告)日：2010-09-30

申请号：US12415846

申请日：2009-03-31

Applicant: Eric Theodore Bax ,  Krishna Prasad Chitrapura ,  Sachin Garg ,  Darshan Kantak ,  Anand Kuratti ,  Joaquin Arturo Delgado Rodriguez

Inventor： Eric Theodore Bax ,  Krishna Prasad Chitrapura ,  Sachin Garg ,  Darshan Kantak ,  Anand Kuratti ,  Joaquin Arturo Delgado Rodriguez

IPC: G06Q30/00 ,  G06N5/02

CPC classification number: G06Q30/02 ,  G06Q30/0204 ,  G06Q30/0244 ,  G06Q30/0247 ,  G06Q30/0601

Abstract: A system and method to distribute computation for an exchange in which advertisers buy online advertising space from publishers. The exchange maintains submarkets, each containing a subset of the ad calls supplied by publishers and a subset of the offers and budgets representing demand from advertisers. Portfolio optimization techniques allocate the supply of ad calls from publishers over the submarkets, with the goal of maximizing profits for publishers while limiting the volatility of those profits. Portfolio optimization techniques allocate the demand from advertisers over the submarkets, with the goal of maximizing return on investment for advertisers. The exchange re-allocates supply and demand over submarkets periodically. Also, periodically, the most effective submarkets are replicated and the least effective submarkets are eliminated.

Abstract translation: 分发用于广告客户从发布商购买在线广告空间的交换计算的系统和方法。 交易所维护子市场，每个子市场包含发布商提供的广告呼叫的一部分，以及代表广告客户需求的提议和预算的一部分。 投资组合优化技术将发行商的广告电话分配给子市场，目的是最大化发布商的利润，同时限制这些利润的波动。 投资组合优化技术将广告客户的需求分配给子市场，目标是最大限度地提高广告客户的投资回报。 交易所定期重新分配子市场的供求。 此外，定期地，复制最有效的子市场，并且消除最不有效的子市场。

公开(公告)号：US20090070875A1

公开(公告)日：2009-03-12

申请号：US11854439

申请日：2007-09-12

Applicant: Sachin Garg ,  Navjot Singh ,  Akshay Adhikari ,  Yu-Sung Wu

Inventor： Sachin Garg ,  Navjot Singh ,  Akshay Adhikari ,  Yu-Sung Wu

IPC: G06F21/00

CPC classification number: H04L63/1416 ,  H04L65/1006

Abstract: An apparatus and method are disclosed for detecting intrusions in Voice over Internet Protocol systems without an attack signature database. The illustrative embodiment is based on two observations: (1) various VoIP-related protocols are simple enough to be represented by a finite-state machine (FSM) of compact size, thereby avoiding the disadvantages inherent in signature-based intrusion-detection systems.; and (2) there exist intrusions that might not be detectable locally by the individual finite-state machines (FSMs) but that can be detected with a global (or distributed) view of all the FSMs. The illustrative embodiment maintains a FSM for each session/node/protocol combination representing the allowed (or “legal”) states and state transitions for the protocol at that node in that session, as well as a “global” FSM for the entire session that enforces constraints on the individual FSMs and is capable of detecting intrusions that elude the individual FSMs.

Abstract translation: 公开了一种用于在没有攻击签名数据库的情况下检测在因特网协议语音系统中的入侵的装置和方法。 说明性实施例基于两个观察：（1）各种VoIP相关协议足够简单以由紧凑尺寸的有限状态机（FSM）表示，从而避免了基于签名的入侵检测系统固有的缺点。 ; 和（2）存在可能由个体有限状态机（FSM）本地可检测到的入侵，但是可以用全局（或分布式）视图检测所有FSM的入侵。 说明性实施例为表示该会话中该节点处的协议的允许（或“合法”）状态和状态转换的每个会话/节点/协议组合维护FSM，以及整个会话的“全局”FSM， 强制对各个FSM的约束，并且能够检测排除各个FSM的入侵。

公开(公告)号：US20080313737A1

公开(公告)日：2008-12-18

申请号：US12200069

申请日：2008-08-28

Applicant: Sachin Garg ,  Navjot Singh ,  Timothy Kohchih Tsai ,  Yu-Sung Wu ,  Saurabh Bagchi

Inventor： Sachin Garg ,  Navjot Singh ,  Timothy Kohchih Tsai ,  Yu-Sung Wu ,  Saurabh Bagchi

IPC: G06F21/00

CPC classification number: H04L63/1433

Abstract: A method for detecting intrusions that employ messages of two or more protocols is disclosed. Such intrusions might occur in Voice over Internet Protocol (VoIP) systems, as well as in systems in which two or more protocols support some service other than VoIP. In the illustrative embodiment of the present invention, a stateful intrusion-detection system is capable of employing rules that have cross-protocol pre-conditions. The illustrative embodiment can use such rules to recognize a variety of VoIP-based intrusion attempts, such as call hijacking, BYE attacks, etc. In addition, the illustrative embodiment is capable of using such rules to recognize other kinds of intrusion attempts in which two or more protocols support a service other than VoIP. The illustrative embodiment also comprises a stateful firewall that is capable of employing rules with cross-protocol pre-conditions.

Abstract translation: 公开了一种用于检测采用两种或多种协议的消息的入侵的方法。 这种入侵可能发生在语音互联网协议（VoIP）系统中，以及在两个或多个协议支持VoIP之外的一些服务的系统中。 在本发明的说明性实施例中，状态入侵检测系统能够采用具有交叉协议前提条件的规则。 说明性实施例可以使用这样的规则来识别各种基于VoIP的入侵尝试，例如呼叫劫持，BYE攻击等。此外，说明性实施例能够使用这样的规则来识别其他种类的入侵尝试，其中两个 或更多的协议支持VoIP以外的服务。 说明性实施例还包括能够使用具有交叉协议前提条件的规则的有状态防火墙。

公开(公告)号：US07372856B2

公开(公告)日：2008-05-13

申请号：US10854702

申请日：2004-05-27

Applicant: Sachin Garg ,  Navjot Singh ,  Timothy Kohchih Tsai

Inventor： Sachin Garg ,  Navjot Singh ,  Timothy Kohchih Tsai

IPC: H04L12/28 ,  H04L12/56

CPC classification number: H04L63/12 ,  H04L9/0662 ,  H04L9/3236 ,  H04L9/3297 ,  H04L29/06027 ,  H04L65/607 ,  H04L65/608 ,  H04L2209/38

Abstract: A method for Real-time Transport Protocol (RTP) packet authentication on a packet data network. In particular, the invention relates to a method for preventing toll fraud, privacy compromise, voice quality degradation, or denial of service (DoS) on Voice over IP networks. The Real-time Transport Protocol (RTP) is susceptible to several security attacks, including thirdparty snooping of private conversations, injection of forged content, and introduction or modification of packets to degrade voice quality. The Secure Real-time Transport Protocol (SRTP) provides confidentiality, message authentication, and replay protection for RTP traffic. However, SRTP incurs an additional overhead to verify the HMAC-SHA1 message authentication code for each packet. SRTP+ significantly decrease the verification overhead compared to SRTP and thereby increases the number of faked packets required to mount a successful denial of service attack. SRTP+ provides packet authentication but not integrity. SRTP+ is compatible with SRTP.

Abstract translation: 一种用于分组数据网络上的实时传输协议（RTP）分组认证的方法。 具体地说，本发明涉及一种用于防止IP语音上网的长途欺诈，隐私泄露，语音质量下降或拒绝服务（DoS）的方法。 实时传输协议（RTP）易受多种安全攻击，包括私有对话的第三方窥探，伪造内容的注入，以及引入或修改数据包以降低语音质量。 安全实时传输协议（SRTP）为RTP流量提供机密性，消息认证和重放保护。 然而，SRTP需要额外的开销来验证每个数据包的HMAC-SHA1消息认证码。 与SRTP相比，SRTP +显着降低了验证开销，从而增加了成功拒绝服务攻击所需的假包数量。 SRTP +提供数据包身份验证，但不提供完整性。 SRTP +与SRTP兼容。

公开(公告)号：US20070237145A1

公开(公告)日：2007-10-11

申请号：US11393605

申请日：2006-03-30

Applicant: Akshay Adhikari ,  Sachin Garg ,  Anjur Kishnakumar ,  Navjot Singh

Inventor： Akshay Adhikari ,  Sachin Garg ,  Anjur Kishnakumar ,  Navjot Singh

IPC: H04L12/56

CPC classification number: H04L9/12 ,  H04L9/3236 ,  H04L2209/20 ,  H04L2209/805

Abstract: A method of authenticating a communications between a sender and a receiver includes agreeing, by a sender and receiver, on a shared secret, computing a first sequence of numbers at the sender using the shared secret, and computing a second sequence of numbers at the receiver using the shared secret. Successive values of the first sequence are respectively embedded in successive messages by the sender. Upon receiving a message, the receiver compares the embedded value of the first sequence with a list of values including at least one corresponding value from the second sequence and the received message to considered to originate from an authentic sender if the value of the first sequence matches the value of the second sequence. The method value is removed from a list of values in the second sequence for comparing.

Abstract translation: 认证发送方和接收方之间的通信的方法包括由发送方和接收方在共享秘密上同意使用共享秘密计算发送方的第一数字序列，并在接收方计算第二数目序列 使用共享的秘密。 第一序列的连续值分别由发送者嵌入连续的消息中。 在接收到消息时，接收机将第一序列的嵌入值与包括来自第二序列的至少一个对应值的值列表以及所接收到的消息进行比较，如果第一序列的值匹配则被认为来自真实发送者 第二个序列的值。 方法值从第二个序列中的值列表中删除以进行比较。

公开(公告)号：US09100417B2

公开(公告)日：2015-08-04

申请号：US12115199

申请日：2008-05-05

Applicant: Sachin Garg ,  Navjot Singh ,  Akshay Adhikari ,  Yu-Sung Wu

Inventor： Sachin Garg ,  Navjot Singh ,  Akshay Adhikari ,  Yu-Sung Wu

IPC: H04L12/66 ,  G06F17/00 ,  H04L29/06 ,  H04M7/00 ,  G06F21/51 ,  G06F21/56

CPC classification number: H04L65/1079 ,  G06F21/51 ,  G06F21/56 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/1425 ,  H04L65/1006 ,  H04M7/006 ,  H04M7/0078

Abstract: An apparatus and method for detecting potentially-improper call behavior (e.g., SPIT, etc.) are disclosed. The illustrative embodiment of the present invention is based on finite-state machines (FSMs) that represent the legal states and state transitions of communications protocols at nodes during Voice over Internet Protocol (VoIP) calls. In accordance with the illustrative embodiment, a library of FSM execution profiles associated with improper call behavior and a set of rules (or rule base) associated with improper FSM behavior over one or more calls are maintained. When the behavior of one or more finite-state machines during one or more calls matches either an execution profile in the library or a rule in the rule base, an alert is generated.

Abstract translation: 公开了一种用于检测潜在不适当的呼叫行为（例如，SPIT等）的装置和方法。 本发明的说明性实施例基于有限状态机（FSM），其表示在因特网协议语音（VoIP）呼叫期间节点处的通信协议的合法状态和状态转换。 根据说明性实施例，维护与不正当呼叫行为相关联的FSM执行简档库和与一个或多个调用上的不正确FSM行为相关联的一组规则（或规则库）。 当一个或多个调用期间一个或多个有限状态机的行为与库中的执行概要文件或规则库中的规则匹配时，将生成警报。

公开(公告)号：US20100241486A1

公开(公告)日：2010-09-23

申请号：US12406469

申请日：2009-03-18

Applicant: Sachin Garg ,  Krishna Prasad Chitrapura

Inventor： Sachin Garg ,  Krishna Prasad Chitrapura

IPC: G06Q30/00 ,  G06Q10/00 ,  G06N5/02

CPC classification number: G06Q30/02 ,  G06Q30/0275 ,  G06Q30/0601 ,  G06Q40/025

Abstract: Methods, systems, and apparatuses are provided for selecting advertisements in an advertisement auction. A plurality of bids for an advertisement placement is received. An average expected payout for each bid of the plurality of bids is calculated to determine a plurality of average expected payouts. A plurality of possible allocations of the advertisements is determined. An expected revenue value for each of the possible allocations is calculated based on the calculated average expected payouts to generate a plurality of expected revenue values. A risk value is calculated for each of the possible allocations to generate a plurality of risk values. A bid of the plurality of bids is enabled to be selected based on the calculated expected revenue values and risk values.

Abstract translation: 提供了用于在广告拍卖中选择广告的方法，系统和装置。 接收用于广告布置的多个出价。 计算多个出价的每个出价的平均预期支付以确定多个平均预期支出。 确定广告的多个可能的分配。 基于计算的平均预期支出来计算每个可能分配的预期收入值，以生成多个预期收入值。 为每个可能的分配计算风险值以产生多个风险值。 可以基于计算出的预期收入值和风险值来选择多个出价的出价。