公开(公告)号：US12224978B2

公开(公告)日：2025-02-11

申请号：US18315365

申请日：2023-05-10

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Yanping Xu ,  Liang Xia ,  Xiaohui Tong

IPC: H04L61/5007 ,  H04L9/40 ,  H04L101/659

Abstract: A packet processing method and apparatus are provided. The method includes: on a forwarding path of an IPv6 packet, a key node (for example, a firewall) signs a packet, and a downstream apparatus of the key node verifies the signature, to determine whether the packet passes through the key node in a forwarding process. According to this application, the key node performs checking, to effectively prevent a packet which packet header is modified by attackers from bypassing the key node.

公开(公告)号：US12212476B2

公开(公告)日：2025-01-28

申请号：US17819888

申请日：2022-08-15

Applicant: Cisco Technology, Inc.

Inventor： Sunil Kumar Gupta ,  Navindra Yadav ,  Michael Standish Watts ,  Ali Parandehgheibi ,  Shashidhar Gandham ,  Ashutosh Kulshreshtha ,  Khawar Deen

IPC: H04L9/40 ,  G06F3/0482 ,  G06F3/04842 ,  G06F3/04847 ,  G06F9/455 ,  G06F16/11 ,  G06F16/13 ,  G06F16/16 ,  G06F16/17 ,  G06F16/174 ,  G06F16/23 ,  G06F16/2457 ,  G06F16/248 ,  G06F16/28 ,  G06F16/29 ,  G06F16/9535 ,  G06F21/53 ,  G06F21/55 ,  G06F21/56 ,  G06N20/00 ,  G06N99/00 ,  G06T11/20 ,  H04J3/06 ,  H04J3/14 ,  H04L1/24 ,  H04L7/10 ,  H04L9/08 ,  H04L9/32 ,  H04L41/046 ,  H04L41/0668 ,  H04L41/0803 ,  H04L41/0806 ,  H04L41/0816 ,  H04L41/0893 ,  H04L41/12 ,  H04L41/16 ,  H04L41/22 ,  H04L43/02 ,  H04L43/026 ,  H04L43/04 ,  H04L43/045 ,  H04L43/062 ,  H04L43/08 ,  H04L43/0805 ,  H04L43/0811 ,  H04L43/0829 ,  H04L43/0852 ,  H04L43/0864 ,  H04L43/0876 ,  H04L43/0882 ,  H04L43/0888 ,  H04L43/10 ,  H04L43/106 ,  H04L43/12 ,  H04L43/16 ,  H04L45/00 ,  H04L45/302 ,  H04L45/50 ,  H04L45/74 ,  H04L47/11 ,  H04L47/20 ,  H04L47/2441 ,  H04L47/2483 ,  H04L47/28 ,  H04L47/31 ,  H04L47/32 ,  H04L61/5007 ,  H04L67/01 ,  H04L67/10 ,  H04L67/1001 ,  H04L67/12 ,  H04L67/51 ,  H04L67/75 ,  H04L69/16 ,  H04L69/22 ,  H04W72/54 ,  H04W84/18 ,  H04L67/50

Abstract: This disclosure generally relate to a method and system for network policy simulation in a distributed computing system. The present technology relates techniques that enable simulation of a new network policy with regard to its effects on the network data flow. By enabling a simulation data flow that is parallel and independent from the regular data flow, the present technology can provide optimized network security management with improved efficiency.

公开(公告)号：US20250030715A1

公开(公告)日：2025-01-23

申请号：US18587702

申请日：2024-02-26

Applicant: FORESCOUT TECHNOLOGIES, INC.

Inventor： Oded Comay ,  Oren Nechushtan

IPC: H04L9/40 ,  H04L61/4511 ,  H04L61/5007 ,  H04L61/58 ,  H04L61/59

Abstract: Systems, methods, and related technologies for analyzing traffic are described. In certain aspects, network traffic is analyzed and a domain name system (DNS) message is extracted from the network traffic. Subsequent network traffic is monitored and analyzed based on the DNS message and in view of one or more criteria. In response to the one or more criteria being satisfied, an indication of compromise (IoC) for a device is determined.

公开(公告)号：US12206740B2

公开(公告)日：2025-01-21

申请号：US17936134

申请日：2022-09-28

Applicant: CenturyLink Intellectual Property LLC

Inventor： John R. B. Woodworth ,  Dean Ballew

IPC: H04L67/148 ,  H04L9/40 ,  H04L61/5007 ,  H04L67/141

Abstract: In a system with a plurality of servers serving one or more clients, situations may arise in which a client has a connection to a first server which is providing a service to the client, and in which it would be advantageous to transfer the connection to a second server, in a manner that does not require the re-establishing of the connection or the making of a renewed request, by the client, for the service. As such, a system and method for transferring a client connection from one server to another server are provided.

公开(公告)号：US12200012B2

公开(公告)日：2025-01-14

申请号：US18145381

申请日：2022-12-22

Applicant: Activision Publishing, Inc.

Inventor： Philippe Louis Yves Paquet

IPC: H04L29/06 ,  G06F16/957 ,  H04L9/40 ,  H04L61/5007 ,  H04L101/663

Abstract: A method of tracking phishing activity is disclosed. A request to download a webpage hosted as part of a legitimate website on a server is initiated. The request includes identification data pertaining to at least one user computing device. The identification data is extracted from the request. A unique identifier corresponding to the extracted identification data is generated.
Fingerprint data is generated using at least a subset of the extracted identification data. The unique identifier, the extracted identification data and the fingerprint data is stored. The fingerprint data is encoded into a program and/or data associated with the webpage to generate a modified webpage. The modified webpage is transmitted from the server to the user computing device in response to the request.

公开(公告)号：US20250016134A1

公开(公告)日：2025-01-09

申请号：US18887752

申请日：2024-09-17

Applicant: VIANT TECHNOLOGY LLC

Inventor： Brian C. DeFrancesco ,  Timothy C. Vanderhook ,  Christopher J. Vanderhook

IPC: H04L61/5046 ,  H04L12/28 ,  H04L43/04 ,  H04L43/08 ,  H04L43/0876 ,  H04L43/16 ,  H04L61/00 ,  H04L61/2514 ,  H04L61/4511 ,  H04L61/5007 ,  H04L67/02

Abstract: A method, apparatus, system, and computer readable storage medium provide the ability to identify an internet connected household (ICH). An Internet Protocol (IP) address is received at an Internet entity. Determinations are made regarding whether device activity from the IP address does not exceed a defined activity threshold, whether the IP address is associated with an ISP that provides residential internet service, and whether an IP assignment age for the IP address is greater than a defined threshold age. Based on the determinations, the IP address can be identified as belonging to an ICH or not.

公开(公告)号：US12192078B2

公开(公告)日：2025-01-07

申请号：US18593403

申请日：2024-03-01

Applicant: Cisco Technology, Inc.

Inventor： Sunil Kumar Gupta ,  Navindra Yadav ,  Michael Standish Watts ,  Ali Parandehgheibi ,  Shashidhar Gandham ,  Ashutosh Kulshreshtha ,  Khawar Deen

IPC: G06F21/00 ,  G06F3/0482 ,  G06F3/04842 ,  G06F3/04847 ,  G06F9/455 ,  G06F16/11 ,  G06F16/13 ,  G06F16/16 ,  G06F16/17 ,  G06F16/174 ,  G06F16/23 ,  G06F16/2457 ,  G06F16/248 ,  G06F16/28 ,  G06F16/29 ,  G06F16/9535 ,  G06F21/53 ,  G06F21/55 ,  G06F21/56 ,  G06N20/00 ,  G06N99/00 ,  G06T11/20 ,  H04J3/06 ,  H04J3/14 ,  H04L1/24 ,  H04L7/10 ,  H04L9/08 ,  H04L9/32 ,  H04L9/40 ,  H04L41/046 ,  H04L41/0668 ,  H04L41/0803 ,  H04L41/0806 ,  H04L41/0816 ,  H04L41/0893 ,  H04L41/12 ,  H04L41/16 ,  H04L41/22 ,  H04L43/02 ,  H04L43/026 ,  H04L43/04 ,  H04L43/045 ,  H04L43/062 ,  H04L43/08 ,  H04L43/0805 ,  H04L43/0811 ,  H04L43/0829 ,  H04L43/0852 ,  H04L43/0864 ,  H04L43/0876 ,  H04L43/0882 ,  H04L43/0888 ,  H04L43/10 ,  H04L43/106 ,  H04L43/12 ,  H04L43/16 ,  H04L45/00 ,  H04L45/302 ,  H04L45/50 ,  H04L45/74 ,  H04L47/11 ,  H04L47/20 ,  H04L47/2441 ,  H04L47/2483 ,  H04L47/28 ,  H04L47/31 ,  H04L47/32 ,  H04L61/5007 ,  H04L67/01 ,  H04L67/10 ,  H04L67/1001 ,  H04L67/12 ,  H04L67/51 ,  H04L67/75 ,  H04L69/16 ,  H04L69/22 ,  H04W72/54 ,  H04W84/18 ,  H04L67/50

Abstract: A method provides for receiving network traffic from a host having a host IP address and operating in a data center, and analyzing a malware tracker for IP addresses of hosts having been infected by a malware to yield an analysis. When the analysis indicates that the host IP address has been used to communicate with an external host infected by the malware to yield an indication, the method includes assigning a reputation score, based on the indication, to the host. The method can further include applying a conditional policy associated with using the host based on the reputation score. The reputation score can include a reduced reputation score from a previous reputation score for the host.

公开(公告)号：US12184607B2

公开(公告)日：2024-12-31

申请号：US18041709

申请日：2022-12-23

Applicant: RAKUTEN MOBILE, INC. ,  RAKUTEN MOBILE USA LLC

Inventor： Nitish Kumar ,  Pawan Shriwas ,  Pratik Mahajan ,  Niyank Bam

IPC: H04L61/5007 ,  H04L61/5061

Abstract: Embodiments herein provide a method for generating multiple IP addresses in a wireless network by a system (100). The method includes receiving user request to generate multiple IP addresses of at least one network element. Further, the method includes retrieving the IP address template corresponding to the at least one network element from a database (120) based on the user request, wherein the IP address template comprises a plurality of network parameters corresponding to positionally encoded bits of an IP schema. Further, the method includes generating the multiple IP addresses of the at least one network element based on the set of user defined labels, the count of the multiple of IP addresses of the at least one network element, the IP address template and the IP schema. Further, the method includes displaying the generated multiple IP addresses of the at least one network element.

公开(公告)号：US12184437B2

公开(公告)日：2024-12-31

申请号：US18392043

申请日：2023-12-21

Applicant: BRIGHT DATA LTD.

Inventor： Derry Shribman ,  Ofer Vilenski

IPC: G06F7/58 ,  G06F8/71 ,  G06F9/455 ,  G06F9/48 ,  G06F16/955 ,  H04L9/40 ,  H04L12/28 ,  H04L12/46 ,  H04L47/283 ,  H04L61/256 ,  H04L61/2575 ,  H04L61/2585 ,  H04L61/2589 ,  H04L61/2592 ,  H04L61/4511 ,  H04L61/5007 ,  H04L67/01 ,  H04L67/02 ,  H04L67/025 ,  H04L67/133 ,  H04L67/141 ,  H04L67/142 ,  H04L67/288 ,  H04L67/2885 ,  H04L67/56 ,  H04L67/563 ,  H04L67/568 ,  H04L67/5681 ,  H04L67/63 ,  H04L69/16 ,  H04L69/167 ,  H04L69/168 ,  H04W4/80 ,  H04W48/18 ,  H04W84/10 ,  H04W84/18 ,  H04L101/69

Abstract: A method for fetching a content from a web server to a client device is disclosed, using tunnel devices serving as intermediate devices. The tunnel device is selected based on an attribute, such as IP Geolocation. A tunnel bank server stores a list of available tunnels that may be used, associated with values of various attribute types. The tunnel devices initiate communication with the tunnel bank server, and stays connected to it, for allowing a communication session initiated by the tunnel bank server. Upon receiving a request from a client to a content and for specific attribute types and values, a tunnel is selected by the tunnel bank server, and is used as a tunnel for retrieving the required content from the web server, using standard protocol such as SOCKS, WebSocket or HTTP Proxy. The client only communicates with a super proxy server that manages the content fetching scheme.

公开(公告)号：US12177097B2

公开(公告)日：2024-12-24

申请号：US18471125

申请日：2023-09-20

Applicant: Cisco Technology, Inc.

Inventor： Sunil Kumar Gupta ,  Navindra Yadav ,  Michael Standish Watts ,  Ali Parandehgheibi ,  Shashidhar Gandham ,  Ashutosh Kulshreshtha ,  Khawar Deen

IPC: H04L43/045 ,  G06F3/0482 ,  G06F3/04842 ,  G06F3/04847 ,  G06F9/455 ,  G06F16/11 ,  G06F16/13 ,  G06F16/16 ,  G06F16/17 ,  G06F16/174 ,  G06F16/23 ,  G06F16/2457 ,  G06F16/248 ,  G06F16/28 ,  G06F16/29 ,  G06F16/9535 ,  G06F21/53 ,  G06F21/55 ,  G06F21/56 ,  G06N20/00 ,  G06N99/00 ,  G06T11/20 ,  H04J3/06 ,  H04J3/14 ,  H04L1/24 ,  H04L7/10 ,  H04L9/08 ,  H04L9/32 ,  H04L9/40 ,  H04L41/046 ,  H04L41/0668 ,  H04L41/0803 ,  H04L41/0806 ,  H04L41/0816 ,  H04L41/0893 ,  H04L41/12 ,  H04L41/16 ,  H04L41/22 ,  H04L43/02 ,  H04L43/026 ,  H04L43/04 ,  H04L43/062 ,  H04L43/08 ,  H04L43/0805 ,  H04L43/0811 ,  H04L43/0829 ,  H04L43/0852 ,  H04L43/0864 ,  H04L43/0876 ,  H04L43/0882 ,  H04L43/0888 ,  H04L43/10 ,  H04L43/106 ,  H04L43/12 ,  H04L43/16 ,  H04L45/00 ,  H04L45/302 ,  H04L45/50 ,  H04L45/74 ,  H04L47/11 ,  H04L47/20 ,  H04L47/2441 ,  H04L47/2483 ,  H04L47/28 ,  H04L47/31 ,  H04L47/32 ,  H04L61/5007 ,  H04L67/01 ,  H04L67/10 ,  H04L67/1001 ,  H04L67/12 ,  H04L67/51 ,  H04L67/75 ,  H04L69/16 ,  H04L69/22 ,  H04W72/54 ,  H04W84/18 ,  H04L67/50

Abstract: An example method according to some embodiments includes receiving flow data for a packet traversing a network. The method continues by determining a source endpoint group and a destination endpoint group for the packet. The method continues by determining that a policy was utilized, the policy being applicable to the endpoint group. Finally, the method includes updating utilization data for the policy based on the flow data.