公开(公告)号：US09497167B2

公开(公告)日：2016-11-15

申请号：US13953141

申请日：2013-07-29

Applicant: Verint Systems Ltd.

Inventor： Dana Weintraub ,  Naomi Frid

IPC: G06F9/00 ,  G06F15/16 ,  G06F17/00 ,  H04L29/06

CPC classification number: H04L63/0263 ,  H04L63/0236 ,  H04L63/0245

Abstract: Methods and systems for filtering communication packets using a multi-stage filtering system that receives a large volume of communication packets from a communication network that filters the packets in two or more successive stages. The system comprises at least one front-end filtering unit and multiple back-end filtering units. Typically although not necessarily, the front-end filtering unit filters the packets based on layer-2 to layer-4 attributes of the packets. The back-end filtering units, on the other hand, filter the packets based on content extracted from the packet payloads. The back-end filtering units may perform filtering, for example, based on keyword spotting, application classification, malware detection and other content-related criteria. The front-end filtering unit typically performs filtering at the individual packet level and/or at the level of request-response transactions. The back-end filtering units, on the other hand, typically perform filtering at the level of entire reconstructed packet flows.

Abstract translation: 使用多级过滤系统过滤通信分组的方法和系统，该多级过滤系统从在两个或多个连续阶段中过滤分组的通信网络接收大量通信分组。 该系统包括至少一个前端滤波单元和多个后端滤波单元。 通常，虽然不一定，前端过滤单元根据数据包的第2层到第4层属性来过滤数据包。 另一方面，后端过滤单元基于从分组有效载荷提取的内容来过滤分组。 后端过滤单元可以例如基于关键字识别，应用分类，恶意软件检测和其他内容相关标准来执行过滤。 前端过滤单元通常在各个分组级别和/或在请求 - 响应事务级别执行过滤。 另一方面，后端过滤单元通常在整个重建的分组流的级别执行滤波。