公开(公告)号：US20090217341A1

公开(公告)日：2009-08-27

申请号：US12036163

申请日：2008-02-22

申请人： Meng Sun ,  Tom Chen ,  Win-Harn Liu

发明人： Meng Sun ,  Tom Chen ,  Win-Harn Liu

IPC分类号： G06F21/00

CPC分类号： H04L63/0263 ,  H04L63/1416

摘要： A method of updating intrusion detection rules through a link data packet is used to dynamically update rules storages of Snort system hosts. Firstly, an update sponsor in the network transmits a link data packet with an intrusion detection rule to the Snort system host. The Snort system host acquires the intrusion detection rule from the received link data packet, and parses an operation type of the intrusion detection rule. Then, the Snort system host verifies the validity of the intrusion detection rule. Subsequently, the rules storage is updated according to the type of the valid intrusion detection rule and a rules tree.

摘要翻译： 通过链接数据包更新入侵检测规则的方法用于动态更新Snort系统主机的规则存储。 首先，网络中的更新发起者向Snort系统主机发送具有入侵检测规则的链路数据分组。 Snort系统主机从接收到的链路数据包中获取入侵检测规则，并解析入侵检测规则的操作类型。 然后，Snort系统主机验证入侵检测规则的有效性。 随后，根据有效入侵检测规则的类型和规则树更新规则存储。

公开(公告)号：US20090204773A1

公开(公告)日：2009-08-13

申请号：US12027861

申请日：2008-02-07

申请人： Xu-Ming ZHANG ,  Tom CHEN ,  Win-Harn LIU

发明人： Xu-Ming ZHANG ,  Tom CHEN ,  Win-Harn LIU

IPC分类号： G06F13/00 ,  G06F12/00

CPC分类号： G06F13/387

摘要： A method of writing device data in a dual controller network storage environment is described. According to the method, functions of a virtual data router (VD router) and a mirror technology are integrated, so as to efficiently transmit internal network data and write data into disk devices on different controllers in a dual controller network storage environment. Thereby, the internal network data transmission efficiency and actual internal network utilization can be improved.

摘要翻译： 描述在双控制器网络存储环境中写入设备数据的方法。 根据该方法，集成了虚拟数据路由器（VD路由器）和镜像技术的功能，从而有效地传输内部网络数据，并将数据写入双控制器网络存储环境中不同控制器上的磁盘设备。 从而可以提高内部网络数据传输效率和实际内部网络利用率。

公开(公告)号：US20090199039A1

公开(公告)日：2009-08-06

申请号：US12026734

申请日：2008-02-06

申请人： Yue ZHANG ,  Tom CHEN ,  Win-Harn LIU

发明人： Yue ZHANG ,  Tom CHEN ,  Win-Harn LIU

IPC分类号： G06F11/00

CPC分类号： G06F11/0751 ,  G06F11/0706

摘要： A file data restoring system and method of a computer operating system and software thereof are applied in the installation of an operating system into a client computer. Divide the file data corresponding to the operating system into data blocks according to an appointed data size. Generate a check code for each of the data blocks to form a sequence list of original check codes and a sequence list of target check codes. Compare the sequence list of original check codes with the sequence list of target check codes, after installing the operating system into the computer. If the comparison result is inconsistent, a restoring call information is sent out. The position of the inconsistent check code is acquired through the restoring call information and the comparison result. The original file data corresponding to the position of the check code is read and restored to a corresponding target file.

摘要翻译： 在将操作系统安装到客户端计算机中时，应用计算机操作系统及其软件的文件数据恢复系统和方法。 根据指定的数据大小将对应于操作系统的文件数据划分为数据块。 生成每个数据块的校验码，以形成原始校验码的序列表和目标校验码的序列表。 在将操作系统安装到计算机后，将原始检查代码的顺序列表与目标检查代码的顺序列表进行比较。 如果比较结果不一致，则发送恢复呼叫信息。 通过恢复呼叫信息和比较结果获取不一致检查码的位置。 对应于检查码的位置的原始文件数据被读取并恢复到相应的目标文件。

公开(公告)号：US20090198988A1

公开(公告)日：2009-08-06

申请号：US12023570

申请日：2008-01-31

申请人： Yuan Bai ,  Tom Chen ,  Win-Harn Liu

发明人： Yuan Bai ,  Tom Chen ,  Win-Harn Liu

IPC分类号： G06F9/00

CPC分类号： G06F9/455 ,  G06F11/004 ,  G06F11/1433

摘要： A method for verifying refreshed BIOS content includes the following steps. A virtual machine (VM) is established in a computer waiting for a system BIOS update by the use of a paravirtualization technique. The VM is booted. A new BIOS file content is copied to an address space in a designated range of a memory of a computer host. The computer host is booted with the content of the new BIOS file, and the paravirtual operating system runs on the same hardware platform of the computer host. And, whether the virtual operating system adopting the new BIOS file content runs normally or not is verified to confirm the correctness and safety of the content of the new BIOS file.

摘要翻译： 用于验证刷新的BIOS内容的方法包括以下步骤。 通过使用半虚拟化技术在等待系统BIOS更新的计算机中建立虚拟机（VM）。 虚拟机启动。 新的BIOS文件内容被复制到计算机主机的存储器的指定范围内的地址空间中。 计算机主机使用新的BIOS文件的内容启动，并且虚拟操作系统在计算机主机的相同硬件平台上运行。 并且，是否验证采用新的BIOS文件内容的虚拟操作系统是否正常运行，以确认新BIOS文件的内容的正确性和安全性。

公开(公告)号：US20090198768A1

公开(公告)日：2009-08-06

申请号：US12023543

申请日：2008-01-31

申请人： Wei Gao ,  Tom Chen ,  Win-Harn Liu

发明人： Wei Gao ,  Tom Chen ,  Win-Harn Liu

IPC分类号： G06F15/16

CPC分类号： G06F9/54 ,  G06F2209/541

摘要： An asynchronous request-response communication method is applied in data transmission for applications running in a server. The asynchronous request-response method includes the following steps. Establish a socket and a connection port corresponding to a request in a request side; set an object pool in each request side respectively, for recording connection statuses of the sockets corresponding to different requests; wait till the server has finished the request; once the server has finished the received request, the server transmits a callback message to the corresponding socket of the request side; and search a corresponding process event in the object pool according to the callback message. The request side adopts the socket and the connection port to perform the asynchronous request-response operations, thereby reducing the connection load between the server and the request side.

摘要翻译： 在服务器中运行的应用程序的数据传输中应用异步请求 - 响应通信方法。 异步请求 - 响应方法包括以下步骤。 在请求方建立与请求对应的套接字和连接端口; 在每个请求侧分别设置一个对象池，用于记录与不同请求对应的套接字的连接状态; 等到服务器完成请求; 一旦服务器完成接收到的请求，服务器将回叫消息发送到请求方的对应套接字; 并根据回调消息搜索对象池中的相应进程事件。 请求方采用套接字和连接端口执行异步请求 - 响应操作，从而减少服务器与请求方之间的连接负载。

公开(公告)号：US20090187684A1

公开(公告)日：2009-07-23

申请号：US12016163

申请日：2008-01-17

申请人： Xue-Shan HAN ,  Juen LIOU ,  Tom CHEN ,  Win-Harn LIU

发明人： Xue-Shan HAN ,  Juen LIOU ,  Tom CHEN ,  Win-Harn LIU

IPC分类号： G06F13/12

CPC分类号： G06F11/2221

摘要： An automatic inspection system and method for a notebook computer keyboard interface are described. The method includes the following steps including scanning a notebook computer keyboard array to obtain a keyboard position corresponding table; running a testing software in the notebook computer to obtain a position value of a key under test from the keyboard position corresponding table; receiving a testing command from the testing software by an USB interface; constituting a virtual keyboard matrix with at least one matrix switching chip, for controlling the close action of a corresponding key position in the virtual keyboard matrix according to the testing command; transferring the actual key position value corresponding to the output close action to the notebook computer according to the configuration of the notebook computer keyboard interface; and receiving and comparing the actual key position value with the position value of the key under test.

摘要翻译： 描述了用于笔记本计算机键盘接口的自动检查系统和方法。 该方法包括以下步骤：扫描笔记本电脑键盘阵列以获得键盘位置对应表; 在笔记本电脑上运行测试软件，从键盘位置对应表中获取被测键的位置值; 通过USB接口从测试软件接收测试命令; 构成具有至少一个矩阵切换芯片的虚拟键盘矩阵，用于根据测试命令控制虚拟键盘矩阵中对应的键位置的紧密动作; 根据笔记本电脑键盘接口的配置，将与输出关闭动作对应的实际键位置值传送到笔记本电脑; 并且将实际的键位置值与被测试键的位置值进行接收和比较。

公开(公告)号：US20090178140A1

公开(公告)日：2009-07-09

申请号：US11971370

申请日：2008-01-09

申请人： Cang-Mou Cao ,  Chuen-Mei Ma ,  Cong Meng ,  Tom Chen ,  Win-Harn Liu

发明人： Cang-Mou Cao ,  Chuen-Mei Ma ,  Cong Meng ,  Tom Chen ,  Win-Harn Liu

IPC分类号： G06F21/20

CPC分类号： H04L63/1416

摘要： A network intrusion detection system (IDS) is built at an important network node and used to detect and monitor network packets. The network intrusion detection system includes a network card and a system core processor. When receiving a network packet, a micro-processor of the network card performs a packet decode procedure and a packet preprocess procedure, thereby verifying a type and a source address of the packet in advance and converting the packet into an IDS format packet. Afterwards, the system core processor determines whether the packet is an intrusion packet. Since the computation of the packet decode procedure and the packet pre-process procedure is handled by the network card, the network intrusion detection system will not lose packets due to too heavy computation burden, thereby greatly improving the accuracy of the network intrusion detection system.

摘要翻译： 网络入侵检测系统（IDS）在重要网络节点建立，用于检测和监控网络数据包。 网络入侵检测系统包括网卡和系统核心处理器。 当接收网络分组时，网卡的微处理器执行分组解码过程和分组预处理过程，从而预先验证分组的类型和源地址并将分组转换为IDS格式分组。 之后，系统核心处理器确定该分组是否是入侵分组。 由于分组解码过程的计算和分组预处理过程由网卡处理，网络入侵检测系统由于计算负担过重而不会丢失分组，从而大大提高了网络入侵检测系统的准确性。

公开(公告)号：US20090158284A1

公开(公告)日：2009-06-18

申请号：US11959138

申请日：2007-12-18

申请人： Ming-Hao BI ,  Tom CHEN ,  Win-Harn LIU

发明人： Ming-Hao BI ,  Tom CHEN ,  Win-Harn LIU

IPC分类号： G06F9/305

CPC分类号： G06F9/5027 ,  G06F2209/5011 ,  G06F2209/5018

摘要： A system and a method of processing sender requests for remote replication are applied in local system having a plurality of network block devices (NBD). A fixed number of sender threads are created in local system to form sender thread pool. All NBDs receiving write request for corresponding remote mirror volume are serially connected to be circular linked list. A pointer is set to sequentially record latest processed NBD in circular linked list, the sender threads in the sender thread pool are allocated to actively search NBD to be processed pointed by the pointer according to a sequence in circular linked list, and processing of NBD pointed by the pointer is locked by using the sender thread, hence processing the sender request of NBD. Each time when the sender request is finished, the pointer is sequentially moved to next NBD and the sender request of corresponding NBD is performed.

摘要翻译： 处理用于远程复制的发送者请求的系统和方法被应用于具有多个网络块设备（NBD）的本地系统中。 在本地系统中创建固定数量的发送者线程以形成发送者线程池。 接收到对应远程镜像卷的写入请求的所有NBD串行连接为圆形链表。 一个指针被设置为以循环链表顺序记录最新处理的NBD，发送方线程池中的发送者线程被分配为根据循环链表中的序列主动搜索由指针指向的处理的NBD，并且处理NBD指向 由指针通过使用发送者线程进行锁定，因此处理NBD的发送者请求。 每当发送者请求完成时，指针被顺序移动到下一个NBD，并且执行对应的NBD的发送者请求。

公开(公告)号：US20090113249A1

公开(公告)日：2009-04-30

申请号：US11976370

申请日：2007-10-24

申请人： Tao Liu ,  Qiu-Yue Duan ,  Tom Chen ,  Win-Harn Liu

发明人： Tao Liu ,  Qiu-Yue Duan ,  Tom Chen ,  Win-Harn Liu

IPC分类号： G06F11/14

CPC分类号： G11B20/182

摘要： A stress testing method of a file system includes traversing local or network storage devices with a drive letter; detecting a network mapping path of the network storage devices; calculating an absolute path of all the storage devices through a mounted point and a system volume; collecting the above information to update the path information of the file system; and then calling a corresponding test algorithm and stressing strategy according to different types of storage devices, so as to perform the stress test. The stress testing method can make the file system display storage devices without a drive letter, and call appropriate testing methods and stressing strategies for different types of storage devices, so the depth and scope of the stress testing for file system are expanded, the accuracy of the test is enhanced, and the problem of occupying too many system resources is avoided.

摘要翻译： 文件系统的压力测试方法包括遍历具有驱动器号的本地或网络存储设备; 检测网络存储设备的网络映射路径; 通过安装点和系统卷计算所有存储设备的绝对路径; 收集上述信息以更新文件系统的路径信息; 然后根据不同类型的存储设备调用相应的测试算法和应力策略，进行压力测试。 压力测试方法可以使文件系统不用驱动器号显示存储设备，并对不同类型的存储设备调用适当的测试方法和强调策略，扩大文件系统的压力测试的深度和范围， 测试得到加强，避免了占用太多系统资源的问题。

公开(公告)号：US20090113130A1

公开(公告)日：2009-04-30

申请号：US11923461

申请日：2007-10-24

申请人： Lei HE ,  Tom CHEN ,  Win-Harn LIU

发明人： Lei HE ,  Tom CHEN ,  Win-Harn LIU

IPC分类号： G06F12/00

CPC分类号： G06F12/0804 ,  G06F12/08

摘要： A system and method for updating dirty data of designated raw device is applied in Linux system. A format of a command parameter for updating the dirty data of the designated raw device is determined, to obtain the command parameter with the correct format and transmit it into the Kernel of the Linux system. Then, a data structure of the designated raw device is sought based on the command parameter, to obtain a fast search tree of the designated raw device. Finally, all dirty data pages of the designated raw device are found by the fast search tree, and then are updated into a magnetic disk in a synchronous or asynchronous manner. Therefore, the dirty data of an individual raw device can be updated and written into the magnetic disk without interrupting the normal operation of the system, hereby ensuring secure, convenient, and highly efficient update of the dirty data.

摘要翻译： 在Linux系统中应用了用于更新指定原始设备的脏数据的系统和方法。 确定用于更新指定的原始设备的脏数据的命令参数的格式，以获得具有正确格式的命令参数并将其传送到Linux系统的内核。 然后，根据命令参数寻找指定的原始设备的数据结构，以获得指定的原始设备的快速搜索树。 最后，由快速搜索树找到指定的原始设备的所有脏数据页，然后以同步或异步的方式更新为磁盘。 因此，可以将单个原始设备的脏数据更新并写入磁盘，而不会中断系统的正常操作，从而确保对脏数据的安全，方便和高效的更新。