-
1.发明授权公开(公告)号:US07103750B2
公开(公告)日:2006-09-05
申请号:US10393139
申请日:2003-03-20
IPC分类号: G06F12/00
CPC分类号: H03M7/30 , H03M7/3084
摘要: A method and apparatus for compressing a reference pattern (RP) with repeated substrings by encoding produce compressed reference patterns (CRPs) with reduce storage requirements. Operation codes and a flag are stored with the CRPs. During comparison of reference elements of the CRP to input elements (IEs) of an input pattern (IP), the operation codes are read and the reference pattern is decoded allowing all reference elements including those of the repeated substrings to be compared to IEs in the IP to determine if the RP appears within the IP.
摘要翻译: 用于通过编码压缩具有重复子串的参考模式(RP)的方法和装置产生具有减少存储要求的压缩参考模式(CRP)。 操作代码和标志与CRP一起存储。 在将CRP的参考元件与输入模式(IP)的输入元件(IE)进行比较期间,读取操作代码并解码参考模式,从而允许将包括重复子串的所有参考元素的所有参考元素与 IP来确定RP是否出现在IP内。
-
2.发明授权Intrusion detection using a network processor and a parallel pattern detection engine 失效使用网络处理器和并行模式检测引擎的入侵检测公开(公告)号:US08239945B2
公开(公告)日:2012-08-07
申请号:US12334481
申请日:2008-12-14
申请人: Marc A. Boulanger , Clark D. Jeffries , C. Marcel Kinard , Kerry A. Kravec , Ravinder K. Sabhikhi , Ali G. Saidi , Jan M. Slyfield , Pascal R. Tannhof
发明人: Marc A. Boulanger , Clark D. Jeffries , C. Marcel Kinard , Kerry A. Kravec , Ravinder K. Sabhikhi , Ali G. Saidi , Jan M. Slyfield , Pascal R. Tannhof
CPC分类号: H04L63/1416 , H04L63/1441
摘要: An intrusion detection system (IDS) comprises a network processor (NP) coupled to a memory unit for storing programs and data. The NP is also coupled to one or more parallel pattern detection engines (PPDE) which provide high speed parallel detection of patterns in an input data stream. Each PPDE comprises many processing units (PUs) each designed to store intrusion signatures as a sequence of data with selected operation codes. The PUs have configuration registers for selecting modes of pattern recognition. Each PU compares a byte at each clock cycle. If a sequence of bytes from the input pattern match a stored pattern, the identification of the PU detecting the pattern is outputted with any applicable comparison data. By storing intrusion signatures in many parallel PUs, the IDS can process network data at the NP processing speed. PUs may be cascaded to increase intrusion coverage or to detect long intrusion signatures.
摘要翻译: 入侵检测系统(IDS)包括耦合到用于存储程序和数据的存储器单元的网络处理器(NP)。 NP还耦合到一个或多个并行模式检测引擎(PPDE),其提供对输入数据流中的模式的高速并行检测。 每个PPDE包括许多处理单元(PU),每个处理单元被设计为将入侵签名存储为具有所选操作码的数据序列。 PU具有用于选择模式识别模式的配置寄存器。 每个PU在每个时钟周期比较一个字节。 如果来自输入模式的字节序列与存储的模式匹配,则用任何适用的比较数据输出检测模式的PU的识别。 通过在多个并行PU中存储入侵签名,IDS可以以NP处理速度处理网络数据。 PU可以级联以增加入侵覆盖或检测长入侵签名。
-
公开(公告)号:US07243165B2
公开(公告)日:2007-07-10
申请号:US10757187
申请日:2004-01-14
CPC分类号: G06K9/6202 , G06K9/00986
摘要: A parallel pattern detection engine (PPDE) comprise multiple processing units (PUs) customized to do various modes of pattern recognition. The PUs are loaded with different patterns and the input data to be matched is provided to the PUs in parallel. Each pattern has an Opcode that defines what action to take when a particular data in the input data stream either matches or does not match the corresponding data being compared during a clock cycle. Each of the PUs communicate selected information so that PUs may be cascaded to enable longer patterns to be matched or to allow more patterns to be processed in parallel for a particular input data stream.
摘要翻译: 并行模式检测引擎(PPDE)包括定制的多个处理单元(PU),以执行各种模式识别模式。 PU装载有不同的图案,并且要匹配的输入数据并行提供给PU。 每个模式都有一个操作码,定义当输入数据流中的特定数据与时钟周期中正在比较的对应数据匹配或不匹配时要执行的操作。 每个PU通信所选择的信息,使得PU可以被级联以使得能够匹配更长的模式或允许针对特定的输入数据流并行地处理更多的模式。
-
4.发明申请INTRUSION DETECTION USING A NETWORK PROCESSOR AND A PARALLEL PATTERN DETECTION ENGINE 审中-公开使用网络处理器和并行模式检测引擎的入侵检测公开(公告)号:US20120210430A1
公开(公告)日:2012-08-16
申请号:US13455441
申请日:2012-04-25
申请人: Marc A. Boulanger , Clark D. Jeffries , C. Marcel Kinard , Kerry A. Kravec , Ravinder K. Sabhikhi , Ali G. Saidi , Jan M. Slyfield , Pascal R. Tannhof
发明人: Marc A. Boulanger , Clark D. Jeffries , C. Marcel Kinard , Kerry A. Kravec , Ravinder K. Sabhikhi , Ali G. Saidi , Jan M. Slyfield , Pascal R. Tannhof
IPC分类号: G06F21/00
CPC分类号: H04L63/1416 , H04L63/1441
摘要: An intrusion detection system (IDS) comprises a network processor (NP) coupled to a memory unit for storing programs and data. The NP is also coupled to one or more parallel pattern detection engines (PPDE) which provide high speed parallel detection of patterns in an input data stream. Each PPDE comprises many processing units (PUs) each designed to store intrusion signatures as a sequence of data with selected operation codes. The PUs have configuration registers for selecting modes of pattern recognition. Each PU compares a byte at each clock cycle. If a sequence of bytes from the input pattern match a stored pattern, the identification of the PU detecting the pattern is outputted with any applicable comparison data. By storing intrusion signatures in many parallel PUs, the IDS can process network data at the NP processing speed. PUs may be cascaded to increase intrusion coverage or to detect long intrusion signatures.
摘要翻译: 入侵检测系统(IDS)包括耦合到用于存储程序和数据的存储器单元的网络处理器(NP)。 NP还耦合到一个或多个并行模式检测引擎(PPDE),其提供对输入数据流中的模式的高速并行检测。 每个PPDE包括许多处理单元(PU),每个处理单元被设计为将入侵签名存储为具有所选操作码的数据序列。 PU具有用于选择模式识别模式的配置寄存器。 每个PU在每个时钟周期比较一个字节。 如果来自输入模式的字节序列与存储的模式匹配,则用任何适用的比较数据输出检测模式的PU的识别。 通过在多个并行PU中存储入侵签名,IDS可以以NP处理速度处理网络数据。 PU可以级联以增加入侵覆盖或检测长入侵签名。
-
公开(公告)号:US07724963B2
公开(公告)日:2010-05-25
申请号:US12035570
申请日:2008-02-22
IPC分类号: G06K9/62
CPC分类号: G06K9/00973
摘要: A method and apparatus for determining a closest match of N input patterns relative to R reference patterns using K processing units. Each of a set of input patterns are loaded into the K processing units. One of the Reference patterns is sequentially loaded into each of the processing units and a distance defining the similarity between the reference pattern and each of the input patterns is calculated. A present calculated distance replaces its corresponding stored present minimum distance if it is has a smaller value. After the R reference patterns have been processed the minimum distance and its corresponding identification for all N input patterns is determined without merging outputs. The minimum distances and the identifications may be read either in parallel or serially. The apparatus is easily scalable by adding processors. The number of reference patterns may be easily increased without altering system configuration.
摘要翻译: 一种用于使用K个处理单元来确定N个输入图案相对于R个参考图案的最接近匹配的方法和装置。 一组输入图案中的每一个被加载到K个处理单元中。 参考图案中的一个被顺序地加载到每个处理单元中,并且计算定义参考图案和每个输入图案之间的相似性的距离。 如果当前计算的距离具有较小的值,则当前计算的距离取代其对应的存储的当前最小距离。 在R参考图案被处理之后,确定所有N个输入图案的最小距离及其对应的识别,而不合并输出。 最小距离和标识可以并行或串行读取。 该设备可以通过添加处理器来轻松扩展。 参考图案的数量可以容易地增加而不改变系统配置。
-
6.发明授权Method and apparatus for performing fast closest match in pattern recognition 有权用于在模式识别中执行最快匹配的方法和装置公开(公告)号:US07366352B2
公开(公告)日:2008-04-29
申请号:US10393146
申请日:2003-03-20
IPC分类号: G06K9/62
CPC分类号: G06K9/00973
摘要: A method and apparatus for determining a closest match of N input patterns relative to R reference patterns using K processing units. Each of a set of input patterns are loaded into the K processing units. One of the Reference patterns is sequentially loaded into each of the processing units and a distance defining the similarity between the reference pattern and each of the input patterns is calculated. A present calculated distance replaces its corresponding stored present minimum distance if it is has a smaller value. After the R reference patterns have been processed the minimum distance and its corresponding identification for all N input patterns is determined without merging outputs. The minimum distances and the identifications may be read either in parallel or serially. The apparatus is easily scalable by adding processors. The number of reference patterns may be easily increased without altering system configuration.
摘要翻译: 一种用于使用K个处理单元来确定N个输入图案相对于R个参考图案的最接近匹配的方法和装置。 一组输入图案中的每一个被加载到K个处理单元中。 参考图案中的一个被顺序地加载到每个处理单元中,并且计算定义参考图案和每个输入图案之间的相似性的距离。 如果当前计算的距离具有较小的值,则当前计算的距离取代其对应的存储的当前最小距离。 在R参考图案被处理之后,确定所有N个输入图案的最小距离及其对应的识别,而不合并输出。 可以并行或串行地读取最小距离和标识。 该设备可以通过添加处理器来轻松扩展。 参考图案的数量可以容易地增加而不改变系统配置。
-
7.发明申请INTRUSION DETECTION USING A NETWORK PROCESSOR AND A PARALLEL PATTERN DETECTION ENGINE 失效使用网络处理器和并行模式检测引擎的入侵检测公开(公告)号:US20090254991A1
公开(公告)日:2009-10-08
申请号:US12334481
申请日:2008-12-14
申请人: Marc A. Boulanger , Clark D. Jeffries , C. Marcel Kinard , Kerry A. Kravec , Ravinder K. Sabhikhi , Ali G. Saidi , Jan M. Slyfield , Pascal R. Tannhof
发明人: Marc A. Boulanger , Clark D. Jeffries , C. Marcel Kinard , Kerry A. Kravec , Ravinder K. Sabhikhi , Ali G. Saidi , Jan M. Slyfield , Pascal R. Tannhof
IPC分类号: G06F21/00
CPC分类号: H04L63/1416 , H04L63/1441
摘要: An intrusion detection system (IDS) comprises a network processor (NP) coupled to a memory unit for storing programs and data. The NP is also coupled to one or more parallel pattern detection engines (PPDE) which provide high speed parallel detection of patterns in an input data stream. Each PPDE comprises many processing units (PUs) each designed to store intrusion signatures as a sequence of data with selected operation codes. The PUs have configuration registers for selecting modes of pattern recognition. Each PU compares a byte at each clock cycle. If a sequence of bytes from the input pattern match a stored pattern, the identification of the PU detecting the pattern is outputted with any applicable comparison data. By storing intrusion signatures in many parallel PUs, the IDS can process network data at the NP processing speed. PUs may be cascaded to increase intrusion coverage or to detect long intrusion signatures.
摘要翻译: 入侵检测系统(IDS)包括耦合到用于存储程序和数据的存储器单元的网络处理器(NP)。 NP还耦合到一个或多个并行模式检测引擎(PPDE),其提供对输入数据流中的模式的高速并行检测。 每个PPDE包括许多处理单元(PU),每个处理单元被设计为将入侵签名存储为具有所选操作码的数据序列。 PU具有用于选择模式识别模式的配置寄存器。 每个PU在每个时钟周期比较一个字节。 如果来自输入模式的字节序列与存储的模式匹配,则用任何适用的比较数据输出检测模式的PU的识别。 通过在多个并行PU中存储入侵签名,IDS可以以NP处理速度处理网络数据。 PU可以级联以增加入侵覆盖或检测长入侵签名。
-
公开(公告)号:US07502875B2
公开(公告)日:2009-03-10
申请号:US11682576
申请日:2007-03-06
CPC分类号: G06K9/6202 , G06K9/00986
摘要: A parallel pattern detection engine (PPDE) comprise multiple processing units (PUs) customized to do various modes of pattern recognition. The PUs are loaded with different patterns and the input data to be matched is provided to the PUs in parallel. Each pattern has an Opcode that defines what action to take when a particular data in the input data stream either matches or does not match the corresponding data being compared during a clock cycle. Each of the PUs communicate selected information so that PUs may be cascaded to enable longer patterns to be matched or to allow more patterns to be processed in parallel for a particular input data stream.
摘要翻译: 并行模式检测引擎(PPDE)包括定制的多个处理单元(PU),以执行各种模式识别模式。 PU装载有不同的图案,并且要匹配的输入数据并行提供给PU。 每个模式都有一个操作码,定义当输入数据流中的特定数据与时钟周期中正在比较的对应数据匹配或不匹配时要执行的操作。 每个PU通信所选择的信息,使得PU可以被级联以使得能够匹配更长的模式或允许针对特定的输入数据流并行地处理更多的模式。
-
9.发明授权Intrusion detection using a network processor and a parallel pattern detection engine 有权使用网络处理器和并行模式检测引擎的入侵检测公开(公告)号:US07487542B2
公开(公告)日:2009-02-03
申请号:US10756904
申请日:2004-01-14
申请人: Marc A. Boulanger , Clark D. Jeffries , C. Marcel Kinard , Kerry A. Kravec , Ravinder K. Sabhikhi , Ali G. Saidi , Jan M. Slyfield , Pascal R. Tannhof
发明人: Marc A. Boulanger , Clark D. Jeffries , C. Marcel Kinard , Kerry A. Kravec , Ravinder K. Sabhikhi , Ali G. Saidi , Jan M. Slyfield , Pascal R. Tannhof
CPC分类号: H04L63/1416 , H04L63/1441
摘要: An intrusion detection system (IDS) comprises a network processor (NP) coupled to a memory unit for storing programs and data. The NP is also coupled to one or more parallel pattern detection engines (PPDE) which provide high speed parallel detection of patterns in an input data stream. Each PPDE comprises many processing units (PUs) each designed to store intrusion signatures as a sequence of data with selected operation codes. The PUs have configuration registers for selecting modes of pattern recognition. Each PU compares a byte at each clock cycle. If a sequence of bytes from the input pattern match a stored pattern, the identification of the PU detecting the pattern is outputted with any applicable comparison data. By storing intrusion signatures in many parallel PUs, the IDS can process network data at the NP processing speed. PUs may be cascaded to increase intrusion coverage or to detect long intrusion signatures.
摘要翻译: 入侵检测系统(IDS)包括耦合到用于存储程序和数据的存储器单元的网络处理器(NP)。 NP还耦合到一个或多个并行模式检测引擎(PPDE),其提供对输入数据流中的模式的高速并行检测。 每个PPDE包括许多处理单元(PU),每个处理单元被设计为将入侵签名存储为具有所选操作码的数据序列。 PU具有用于选择模式识别模式的配置寄存器。 每个PU在每个时钟周期比较一个字节。 如果来自输入模式的字节序列与存储的模式匹配,则用任何适用的比较数据输出检测模式的PU的识别。 通过在多个并行PU中存储入侵签名,IDS可以以NP处理速度处理网络数据。 PU可以级联以增加入侵覆盖或检测长入侵签名。
-
公开(公告)号:US07444434B2
公开(公告)日:2008-10-28
申请号:US11682547
申请日:2007-03-06
CPC分类号: G06K9/6202 , G06K9/00986
摘要: A parallel pattern detection engine (PPDE) comprise multiple processing units (PUs) customized to do various modes of pattern recognition. The PUs are loaded with different patterns and the input data to be matched is provided to the PUs in parallel. Each pattern has an Opcode that defines what action to take when a particular data in the input data stream either matches or does not match the corresponding data being compared during a clock cycle. Each of the PUs communicate selected information so that PUs may be cascaded to enable longer patterns to be matched or to allow more patterns to be processed in parallel for a particular input data stream.
摘要翻译: 并行模式检测引擎(PPDE)包括定制的多个处理单元(PU),以执行各种模式识别模式。 PU装载有不同的图案,并且要匹配的输入数据并行提供给PU。 每个模式都有一个操作码,定义当输入数据流中的特定数据与时钟周期中正在比较的对应数据匹配或不匹配时要执行的操作。 每个PU通信所选择的信息,使得PU可以被级联以使得能够匹配更长的模式或允许针对特定的输入数据流并行地处理更多的模式。
-
-
-
-
-
-
-
-
-
搜索结果
12 条记录 (耗时 0.024 秒)
