-
公开(公告)号:US07600257B2
公开(公告)日:2009-10-06
申请号:US10964871
申请日:2004-10-13
IPC分类号: G08B23/00
CPC分类号: H04L63/1416 , G06F21/55 , G06F21/56 , G06F21/562 , G06F21/564 , H04L47/34 , H04L63/0245 , H04L63/0254 , H04L63/1408 , H04L63/1433 , H04L63/145 , H04L69/22
摘要: A method and an apparatus to perform multiple packet payload analysis have been disclosed. In one embodiment, the method includes receiving a plurality of data packets, each of the plurality of data packets containing a portion of a data pattern, determining whether each of the plurality of data packets is out of order, and making and storing a local copy of the corresponding data packet if the corresponding data packet is out of order. Other embodiments have been claimed and described.
摘要翻译: 已经公开了执行多个分组有效载荷分析的方法和装置。 在一个实施例中,所述方法包括接收多个数据分组,所述多个数据分组中的每一个包含数据模式的一部分,确定所述多个数据分组中的每一个是否失序,以及制作和存储本地副本 如果对应的数据分组出现故障,则对应的数据分组。 已经要求和描述了其它实施例。
-
公开(公告)号:US09769149B1
公开(公告)日:2017-09-19
申请号:US12497328
申请日:2009-07-02
CPC分类号: H04L63/0823 , H04L9/321 , H04L9/3263 , H04L63/0281 , H04L63/0884 , H04L63/1408 , H04L63/166
摘要: Some embodiments of proxy-less Secure Sockets Layer (SSL) data inspection have been presented. In one embodiment, a secured connection according to a secured network protocol between a client and a responder is setup via a gateway device, which is coupled between the client and the responder. The gateway device transparently intercepts data transmitted according to the secured network protocol between the client and the responder. Furthermore, the gateway device provides flow-control and retransmission of one or more data packets of the data without self-scheduling the packet retransmissions using timeouts and based on the packet retransmission logic of either the client-side or the responder side of the connection. The gateway device is further operable to perform security screening on the data.
-
公开(公告)号:US20130191914A1
公开(公告)日:2013-07-25
申请号:US13626777
申请日:2012-09-25
IPC分类号: H04L29/06
CPC分类号: H04L63/1416 , G06F17/30194 , H04L63/0245 , H04L63/0263 , H04L63/101 , H04L63/105 , H04L63/145 , H04L67/06
摘要: Some embodiments of cloud-based gateway security scanning have been presented. In one embodiment, some data packets are received sequentially at a gateway device. The data packets constitute at least a part of a file being addressed to a client machine coupled to the gateway device. The gateway device forwards an identification of the file to a remote datacenter in parallel with forwarding the data packets to the client machine. The datacenter performs signature matching on the identification and returns a result of the signature matching to the gateway device. The gateway device determining whether to block the file from the client machine based on the result of the signature matching from the datacenter.
摘要翻译: 已经提出了基于云的网关安全扫描的一些实施例。 在一个实施例中,在网关设备处顺序地接收一些数据分组。 数据分组构成正在寻址到耦合到网关设备的客户机的文件的至少一部分。 网关设备将数据分组转发到客户机并行地将文件的标识转发到远程数据中心。 数据中心对标识执行签名匹配,并将签名匹配的结果返回给网关设备。 网关设备基于来自数据中心的签名匹配的结果来确定是否从客户端机器阻止该文件。
-
公开(公告)号:US08813221B1
公开(公告)日:2014-08-19
申请号:US12238205
申请日:2008-09-25
申请人: Aleksandr Dubrovsky , John E. Gmuender , Huy Minh Nguyen , Ilya Minkin , Justin M. Brady , Boris Yanovsky
发明人: Aleksandr Dubrovsky , John E. Gmuender , Huy Minh Nguyen , Ilya Minkin , Justin M. Brady , Boris Yanovsky
IPC分类号: G06F11/00
CPC分类号: H04L63/1408
摘要: Some embodiments of reassembly-free deep packet inspection (DPI) on multi-core hardware have been presented. In one embodiment, a set of packets of one or more files is received at a networked device from one or more connections. Each packet is scanned using one of a set of processing cores in the networked device without buffering the one or more files in the networked device. Furthermore, the set of processing cores may scan the packets substantially concurrently.
摘要翻译: 已经提出了在多核硬件上重新组装的深度分组检测(DPI)的一些实施例。 在一个实施例中,一个或多个文件的一组分组在一个联网的设备上从一个或多个连接接收。 使用联网设备中的一组处理核心之一扫描每个数据包,而不会缓冲联网设备中的一个或多个文件。 此外,一组处理核心可以基本同时扫描分组。
-
15.发明授权Method and an apparatus to perform multi-connection traffic analysis and management 有权执行多连接流量分析和管理的方法和装置公开(公告)号:US09119109B1
公开(公告)日:2015-08-25
申请号:US13316134
申请日:2011-12-09
申请人: Aleksandr Dubrovsky , Boris Yanovsky , Shunhui Zhu
发明人: Aleksandr Dubrovsky , Boris Yanovsky , Shunhui Zhu
IPC分类号: G06F15/173 , H04W28/16
CPC分类号: H04L63/1416 , H04L43/062 , H04L47/20 , H04L47/2433 , H04L47/2483 , H04L47/34 , H04L47/41 , H04L63/145 , H04W28/16
摘要: A method and an apparatus to perform multi-connection traffic analysis and management are described. In one embodiment, the method includes analyzing data packets in the first data flow of a client application for a pattern of interest, where the client application communicates data using first and second data flows. In response to the method detecting a pattern of interest in the first data flow, the method identifies the second data flow and identifies a traffic policy for that second data flow. The method applies the identified traffic policy to the second data flow. Other embodiments have been claimed and described.
摘要翻译: 描述了执行多连接业务分析和管理的方法和装置。 在一个实施例中,该方法包括分析用于感兴趣的模式的客户端应用的第一数据流中的数据分组,其中客户端应用使用第一和第二数据流来传送数据。 响应于检测第一数据流中感兴趣的模式的方法,该方法识别第二数据流并识别该第二数据流的流量策略。 该方法将识别的流量策略应用于第二数据流。 已经要求和描述了其它实施例。
-
公开(公告)号:US08276202B1
公开(公告)日:2012-09-25
申请号:US12509955
申请日:2009-07-27
IPC分类号: G06F11/00 , G06F17/30 , G06F15/173 , G06F15/16 , H04L9/32 , H04L29/06 , H04K1/00 , G06F9/455 , G06F15/167
CPC分类号: H04L63/1416 , G06F17/30194 , H04L63/0245 , H04L63/0263 , H04L63/101 , H04L63/105 , H04L63/145 , H04L67/06
摘要: Some embodiments of cloud-based gateway security scanning have been presented. In one embodiment, some data packets are received sequentially at a gateway device. The data packets constitute at least a part of a file being addressed to a client machine coupled to the gateway device. The gateway device forwards an identification of the file to a remote datacenter in parallel with forwarding the data packets to the client machine. The datacenter performs signature matching on the identification and returns a result of the signature matching to the gateway device. The gateway device determining whether to block the file from the client machine based on the result of the signature matching from the datacenter.
摘要翻译: 已经提出了基于云的网关安全扫描的一些实施例。 在一个实施例中,在网关设备处顺序地接收一些数据分组。 数据分组构成正在寻址到耦合到网关设备的客户机的文件的至少一部分。 网关设备将数据分组转发到客户机并行地将文件的标识转发到远程数据中心。 数据中心对标识执行签名匹配,并将签名匹配的结果返回给网关设备。 网关设备基于来自数据中心的签名匹配的结果来确定是否从客户端机器阻止该文件。
-
公开(公告)号:US07739253B1
公开(公告)日:2010-06-15
申请号:US11112505
申请日:2005-04-21
CPC分类号: G06F17/30867
摘要: Methods and apparatuses for link-based content ratings for pages are described herein. According to one embodiment, statistics for each of multiple pages is determined with respect to one or more predetermined categories based on the content rating of each of the pages. For each of the categories, a set of primary pages having relationships (e.g., links) with one or more secondary pages is selected, where the selected pages probabilistically distinguish from relationships with other pages. Other methods and apparatuses are also described.
摘要翻译: 本文描述了用于页面的基于链接的内容分级的方法和装置。 根据一个实施例,基于每个页面的内容分级,针对一个或多个预定类别来确定多个页面中的每一个的统计信息。 对于每个类别,选择具有与一个或多个次要页面的关系(例如,链接)的一组主页面,其中所选择的页面概率地区别于与其他页面的关系。 还描述了其它方法和装置。
-
公开(公告)号:US08086441B1
公开(公告)日:2011-12-27
申请号:US11881556
申请日:2007-07-27
IPC分类号: G06F17/28
CPC分类号: G06F17/2863 , G06F17/2705 , G06F17/28 , G06F17/30985
摘要: Some embodiments of an efficient string search have been presented. In one embodiment, a string of bytes representing content written in a non-delimited language is received, wherein the content has been classified into a predetermined category. In a single pass through the string of bytes, a set of N-grams is searched for simultaneously. Statistical information on occurrences of the N-grams, if any, in the string of bytes is collected. In some embodiments, a model is generated based on the statistical information, where the model is usable by a content filter to classify content.
摘要翻译: 已经提出了有效的字符串搜索的一些实施例。 在一个实施例中,接收表示以非分隔语言编写的内容的字节串,其中内容已被分类为预定类别。 在通过字符串的单次传递中,同时搜索一组N-gram。 收集字节串中N-gram出现的统计信息(如果有的话)。 在一些实施例中,基于统计信息生成模型,其中模型可由内容过滤器用于对内容进行分类。
-
19.发明授权Method and an apparatus to request web pages and content rating information thereof 有权请求网页的方法和装置及其内容评级信息公开(公告)号:US08015169B1
公开(公告)日:2011-09-06
申请号:US10853557
申请日:2004-05-24
申请人: John E. Gmuender , Alex M. Dubrovsky , Nikolay V. Popov , Alexander Shor , Roman Yanovsky , Shunhui Zhu , Boris Yanovsky
发明人: John E. Gmuender , Alex M. Dubrovsky , Nikolay V. Popov , Alexander Shor , Roman Yanovsky , Shunhui Zhu , Boris Yanovsky
CPC分类号: H04L67/32 , G06F17/30861 , G06F17/30867 , H04L61/1511 , H04L63/0281 , H04L63/0428 , H04L67/02
摘要: A method and an apparatus request web pages and content rating information thereof have been disclosed. In one embodiment, the method includes receiving a request from a user for a web page, retrieving content rating of the web page in response to the request, and fetching the web page substantially simultaneously with the retrieving of the content rating in response to the request. Other embodiments have been claimed and described.
摘要翻译: 已经公开了一种方法和装置请求其网页和其内容评级信息。 在一个实施例中,该方法包括从网页接收针对网页的请求,响应于该请求检索网页的内容评级,以及响应于该请求,基本同时检索该内容评级,同时获取该网页 。 已经要求和描述了其它实施例。
-
20.发明授权公开(公告)号:US07792846B1
公开(公告)日:2010-09-07
申请号:US11881770
申请日:2007-07-27
CPC分类号: G06F17/30705
摘要: A training procedure for N-gram based statistical document classification has been disclosed. In one embodiment, a set of N-grams is selected out of a second set of N-grams, each of the N-grams having a sequence of N bytes, where N is an integer. Then a statistical content classification model is generated based on occurrences of the N-grams, if any, in a set of training documents and a set of validation documents. The statistical content classification model is provided to content filters to classify content.
摘要翻译: 已经公开了基于N-gram的统计文件分类的训练程序。 在一个实施例中,从第二组N-gram中选出一组N克,每个N克具有N个字节的序列,其中N是整数。 然后,根据一组训练文件和一组验证文件中的N-gram的出现(如果有的话)生成统计内容分类模型。 统计内容分类模型提供给内容过滤器以对内容进行分类。
-
-
-
-
-
-
-
-
-
搜索结果
41 条记录 (耗时 0.021 秒)
