公开(公告)号：US20130197984A1

公开(公告)日：2013-08-01

申请号：US13360931

申请日：2012-01-30

Applicant: Rushi P. Bhatt ,  Sachin Garg ,  Shrutivandana Sharma

Inventor： Rushi P. Bhatt ,  Sachin Garg ,  Shrutivandana Sharma

IPC: G06Q30/02

CPC classification number: G06Q30/0207 ,  G06Q30/0251 ,  G06Q30/0273 ,  G06Q50/01

Abstract: Promoting on-line advertisements in a social network context includes steps of: selecting a parameter on whose value to base a discount to an on-line user; selecting a discount level to use; incentivizing advertisement sharing behavior of the on-line user by offering the discount level to the user along with the on-line advertisement association with the discount; computing a value of the discount; and providing the discount value to the on-line user.

Abstract translation: 在社交网络环境中促进在线广告包括以下步骤：选择其价值的参数以基于在线用户的折扣; 选择折扣级别使用; 通过向在线广告联盟提供折扣等级向用户提供在线用户的广告分享行为; 计算折扣价值; 并向在线用户提供折扣值。

公开(公告)号：US08144583B2

公开(公告)日：2012-03-27

申请号：US11610487

申请日：2006-12-13

Applicant: Akshay Adhikari ,  Sachin Garg ,  Anjur Sundaresan Krishnakumar ,  Navjot Singh

Inventor： Akshay Adhikari ,  Sachin Garg ,  Anjur Sundaresan Krishnakumar ,  Navjot Singh

IPC: H04L12/26

CPC classification number: H04L47/10 ,  H04L47/22 ,  H04L49/3054

Abstract: A method is disclosed that enables the avoidance of a processor overload of a telecommunications endpoint device that is susceptible to traffic floods. An enhanced network switch sets the speed on one of its data ports as a specific function of the speeds of the devices that are connected to one or more of its other data ports. This behavior is different from that of network switches in the prior art, in which the data rate of a port in the prior art is auto-negotiated to the highest speed that can be supported by the network elements at either end of the port's connection, regardless of the other devices present. By considering the specific devices that are connected, the enhanced network switch is able to limit the amount of traffic that is directed by an upstream device, such as a router, towards a device with limited processor capability, such as a packet-based phone.

Abstract translation: 公开了一种能够避免容易遭受交通洪泛的电信端点设备的处理器过载的方法。 增强型网络交换机将其数据端口之一的速度设置为连接到其一个或多个其他数据端口的设备的速度的特定功能。 这种现象不同于现有技术中的网络交换机，其中现有技术中的端口的数据速率被自动协商为端口连接的任一端可由网络元件支持的最高速度， 不管其他设备存在。 通过考虑连接的特定设备，增强型网络交换机能够将诸如路由器之类的上游设备指向的业务量限制为具有有限处理器能力的设备，例如基于分组的电话。

公开(公告)号：US08055903B2

公开(公告)日：2011-11-08

申请号：US11675352

申请日：2007-02-15

Applicant: Akshay Adhikari ,  Sachin Garg ,  Anjur Sundaresan Krishnakumar ,  Navjot Singh

Inventor： Akshay Adhikari ,  Sachin Garg ,  Anjur Sundaresan Krishnakumar ,  Navjot Singh

IPC: H04N7/167

CPC classification number: G06T1/0021 ,  G10L19/018 ,  H04H20/28 ,  H04H20/31 ,  H04H60/23 ,  H04H2201/50 ,  H04L9/065 ,  H04L2209/30 ,  H04L2209/608

Abstract: A method is disclosed that enables the transmission of a digital message along with a corresponding information signal, such as audio or video. The supplemental information contained in digital messages can be used for a variety of purposes, such as enabling or enhancing packet authentication. In particular, a telecommunications device that is processing an information signal from its user, such as a speech signal, encrypts the information signal by performing a bitwise exclusive-or of an encryption key stream with the information signal stream. The device, such as a telecommunications endpoint, then intersperses the bits of the digital message throughout the encrypted signal in place of those bits overwritten, in a process referred to as “watermarking.” The endpoint then transmits the interspersed digital message bits as part of a composite signal that also comprises the encrypted information bits. No additional bits are appended to the packet to be transmitted, thereby addressing compatibility issues.

Abstract translation: 公开了一种能够传送数字消息以及对应的信息信号（诸如音频或视频）的方法。 数字消息中包含的补充信息可用于各种目的，例如启用或增强数据包认证。 特别地，正在处理来自其用户的信息信号（例如语音信号）的电信设备通过执行与信息信号流的按位异或加密密钥流来加密信息信号。 在被称为“水印”的过程中，诸如电信端点的设备然后在整个加密信号中分散数字消息的位，而不是被覆盖的位。然后，端点将散布的数字消息位作为 还包括加密信息比特的复合信号。 没有额外的位附加到要发送的数据包，从而解决兼容性问题。

公开(公告)号：US08050199B2

公开(公告)日：2011-11-01

申请号：US10940464

申请日：2004-09-14

Applicant: Sachin Garg ,  Chandra M. R. Kintala ,  Edward Vincent Naybor ,  David Thomas Stott

Inventor： Sachin Garg ,  Chandra M. R. Kintala ,  Edward Vincent Naybor ,  David Thomas Stott

IPC: H04L12/16

CPC classification number: H04L67/1034 ,  H04L65/1073 ,  H04L67/1002 ,  H04L67/1019 ,  H04L69/40 ,  H04M3/12 ,  H04M3/5234 ,  H04M3/5237

Abstract: A call processing system, which may include multiple distributed call center sites, utilizes a local back-off approach to endpoint registration. The call processing system comprises a plurality of endpoints and at least a first server, wherein the endpoints register with the first server in order to send and receive calls in the call processing system. Responsive to an end-to-end connectivity failure or other designated event, a registration process is initiated in the call processing system for a given one of the endpoints. The issuance of at least one message of the sequence for the given endpoint is controlled so as to provide a local random back-off or other local back-off of the controlled message at that endpoint. For example, a second server implemented as an aggregation server may be operative to control the issuance of messages by the endpoints so as to provide a local random back-off for each of the plurality of endpoints by staggering the delivery of failure notifications to the endpoints.

Abstract translation: 呼叫处理系统可以包括多个分布式呼叫中心站点，利用本地退避方法进行端点注册。 呼叫处理系统包括多个端点和至少第一服务器，其中终端向第一服务器注册，以便在呼叫处理系统中发送和接收呼叫。 响应于端到端连接故障或其他指定事件，在给定的一个端点的呼叫处理系统中启动注册过程。 对给定端点的序列的至少一个消息的发布进行控制，以便在该端点处提供受控消息的本地随机退避或其他本地备用。 例如，实现为聚合服务器的第二服务器可以操作以控制端点的消息的发布，以便通过交错到端点的故障通知的传递来为多个端点中的每一个提供本地随机退避 。

公开(公告)号：US20080198045A1

公开(公告)日：2008-08-21

申请号：US11675345

申请日：2007-02-15

Applicant: Akshay Adhikari ,  Sachin Garg ,  Anjur Sundaresan Krishnakumar ,  Navjot Singh

Inventor： Akshay Adhikari ,  Sachin Garg ,  Anjur Sundaresan Krishnakumar ,  Navjot Singh

IPC: H03M5/00

CPC classification number: H04L63/08 ,  G10L19/018 ,  H04L63/168

Abstract: A method is disclosed that enables the transmission of a digital message along with a corresponding media information signal, such as audio or video. A telecommunications device that is processing the information signal from its user, such as a speech signal, encodes the information signal by using a model-based compression coder. One such device is a telecommunications endpoint. Then, based on an evaluation of the perceptual significance of each encoded bit, or on some other meaningful characteristic of the signal, the endpoint's processor: (i) determines which encoded bits can be overwritten; and (ii) intersperses the digital message bits throughout the encoded signal in place of the overwritten bits. The endpoint then transmits those digital message bits as part of the encoded information signal. In this way, no additional bits are appended to the packet to be transmitted, thereby addressing the issue of compatibility with existing protocols and firewalls.

Abstract translation: 公开了一种能够传送数字消息以及对应的媒体信息信号（诸如音频或视频）的方法。 正在处理其用户的信息信号（例如语音信号）的电信设备通过使用基于模型的压缩编码器对信息信号进行编码。 一个这样的设备是电信端点。 然后，基于对每个编码比特的感知意义的评估，或在信号的一些其它有意义的特征上，终点的处理器：（i）确定可以覆盖哪些编码比特; 并且（ii）将整数编码信号中的数字信息位散置在代替覆盖位。 端点然后将这些数字消息比特作为编码信息信号的一部分进行发送。 以这种方式，没有额外的比特附加到要发送的分组，从而解决与现有协议和防火墙的兼容性的问题。

公开(公告)号：US20080144613A1

公开(公告)日：2008-06-19

申请号：US11610489

申请日：2006-12-13

Applicant: Akshay Adhikari ,  Sachin Garg ,  Anjur Sundaresan Krishnakumar ,  Navjot Singh

Inventor： Akshay Adhikari ,  Sachin Garg ,  Anjur Sundaresan Krishnakumar ,  Navjot Singh

IPC: H04L12/56

CPC classification number: H04L63/1408 ,  H04L63/1458

Abstract: A method is disclosed that enables mitigating at least some of the problems caused by a packet attack. When a first Internet Protocol (IP)-capable device is subjected to a packet attack, it indicates periodically to a second IP-capable device that certain communications with the first device are to be suspended. The periodic transmitting of the indication is performed at a slower rate than the keep-alive mechanism that is normally used to detect loss of connectivity. When the second device receives the transmitted indication, it refrains from transmitting keep-alive messages to the first device for a predetermined interval. Meanwhile, the first device also refrains from transmitting keep-alive messages to the second device for a similar interval. In transmitting the suspend indication, the illustrative embodiment seeks to prevent pairs of communicating devices that are experiencing packet attacks from continuing their operation under the erroneous assumption that each device is unavailable.

Abstract translation: 公开了一种能够减轻由分组攻击引起的至少一些问题的方法。 当第一个基于互联网协议（IP）的设备遭受分组攻击时，它周期性地向第二个具有IP能力的设备指示与第一设备的某些通信将被暂停。 指示的周期性发送以比通常用于检测连通性损失的保持活动机制更慢的速率执行。 当第二设备接收到发送的指示时，它不阻止向预定间隔向第一设备发送保持活动消息。 同时，第一设备也禁止以类似间隔向第二设备发送保持活动消息。 在发送挂起指示时，说明性实施例旨在防止正在经历分组攻击的通信设备的对在每个设备不可用的错误假设下继续其操作。

公开(公告)号：US07286474B2

公开(公告)日：2007-10-23

申请号：US10261243

申请日：2002-09-30

Applicant: Sachin Garg ,  Martin Kappes

Inventor： Sachin Garg ,  Martin Kappes

IPC: H04L12/26

CPC classification number: H04L47/824 ,  H04L47/15 ,  H04L47/70 ,  H04L47/745 ,  H04L47/765 ,  H04L47/801 ,  H04L47/822

Abstract: A method and apparatus are disclosed for assessing the available resources in a network and using the assessment for admission control. A VoIP call can be established with a device only if the network has sufficient resources to accommodate the call or it is possible to make such resources available by curtailing ongoing data connections. A network utilization characteristic (NUC) provides a measure of network capacity. The network utilization characteristic of a flow is the fraction of time the network is busy transmitting data for that flow. The sum of the network utilization characteristics of all flows yields the fraction of time the network is busy transmitting data. The difference between one and the sum of all flows indicates the time that the network is idle in the measured time interval. A new flow can be accommodated if the NUC of the new flow is smaller than this difference value.

Abstract translation: 公开了一种用于评估网络中的可用资源并使用用于准入控制的评估的方法和装置。 只有当网络具有足够的资源来适应呼叫时，才可以使用设备建立VoIP呼叫，或者可以通过限制正在进行的数据连接来使这些资源可用。 网络利用特性（NUC）提供网络容量的度量。 流的网络利用特性是网络忙于传输该流的数据的时间的一小部分。 所有流的网络利用特性的总和产生了网络忙于传输数据的时间的一小部分。 一个和所有流量的和之间的差异表示网络在测量的时间间隔内空闲的时间。 如果新流量的NUC小于该差值，则可以适应新的流程。

公开(公告)号：US20070237144A1

公开(公告)日：2007-10-11

申请号：US11393212

申请日：2006-03-30

Applicant: Akshay Adhikari ,  Sachin Garg ,  Anjur Kishnakumar ,  Navjot Singh

Inventor： Akshay Adhikari ,  Sachin Garg ,  Anjur Kishnakumar ,  Navjot Singh

IPC: H04L12/56

CPC classification number: H04L9/12 ,  H04L9/3236 ,  H04L9/3297 ,  H04L63/12 ,  H04L63/1458 ,  H04L2209/20 ,  H04L2209/608

Abstract: A method of transporting authentication information in a media stream packet includes embedding the authentication information in one of a heading and a payload of the media stream packet.

Abstract translation: 在媒体流分组中传送认证信息的方法包括将认证信息嵌入到媒体流分组的标题和有效载荷之一中。

公开(公告)号：US20060075497A1

公开(公告)日：2006-04-06

申请号：US10955594

申请日：2004-09-30

Applicant: Sachin Garg ,  Navjot Singh ,  Timothy Tsai ,  Yu-Sung Wu ,  Saurabh Bagchi

Inventor： Sachin Garg ,  Navjot Singh ,  Timothy Tsai ,  Yu-Sung Wu ,  Saurabh Bagchi

IPC: G06F12/14

CPC classification number: H04L63/1433

Abstract: A method for detecting intrusions that employ messages of two or more protocols is disclosed. Such intrusions might occur in Voice over Internet Protocol (VoIP) systems, as well as in systems in which two or more protocols support some service other than VoIP. In the illustrative embodiment of the present invention, a stateful intrusion-detection system is capable of employing rules that have cross-protocol pre-conditions. The illustrative embodiment can use such rules to recognize a variety of VoIP-based intrusion attempts, such as call hijacking, BYE attacks, etc. In addition, the illustrative embodiment is capable of using such rules to recognize other kinds of intrusion attempts in which two or more protocols support a service other than VoIP. The illustrative embodiment also comprises a stateful firewall that is capable of employing rules with cross-protocol pre-conditions.

Abstract translation: 公开了一种用于检测采用两种或多种协议的消息的入侵的方法。 这种入侵可能发生在语音互联网协议（VoIP）系统中，以及在两个或多个协议支持VoIP之外的一些服务的系统中。 在本发明的说明性实施例中，状态入侵检测系统能够采用具有交叉协议前提条件的规则。 说明性实施例可以使用这样的规则来识别各种基于VoIP的入侵尝试，例如呼叫劫持，BYE攻击等。此外，说明性实施例能够使用这样的规则来识别其他种类的入侵尝试，其中两个 或更多的协议支持VoIP以外的服务。 说明性实施例还包括能够使用具有交叉协议前提条件的规则的有状态防火墙。

公开(公告)号：US08302179B2

公开(公告)日：2012-10-30

申请号：US11610485

申请日：2006-12-13

Applicant: Akshay Adhikari ,  Sachin Garg ,  Anjur Sundaresan Krishnakumar ,  Navjot Singh

Inventor： Akshay Adhikari ,  Sachin Garg ,  Anjur Sundaresan Krishnakumar ,  Navjot Singh

IPC: G06F21/00

CPC classification number: H04L63/0209 ,  H04L63/0263

Abstract: A method is disclosed that enables the implementation of an embedded firewall at a telecommunications endpoint. In particular, the illustrative embodiment of the present invention addresses the relationship between the application, firewall engine, and packet-classification rules database that are all resident at the endpoint. In the variations of the illustrative embodiment that are described herein, the application: (i) directly communicates with the co-resident firewall engine such as through local message passing, (ii) shares memory with the firewall engine, and (iii) makes socket calls to the operating system that are intercepted by a middleware layer that subsequently modifies the rules database, depending on the socket call. The common thread to these techniques is that the application, firewall engine, and rules database are co-resident at the endpoint, which is advantageous in the implementation of the embedded firewall.

Abstract translation: 公开了一种能够在电信端点实现嵌入式防火墙的方法。 特别地，本发明的说明性实施例解决了所有驻留在端点的应用，防火墙引擎和分组分类规则数据库之间的关系。 在本文描述的说明性实施例的变型中，应用：（i）直接与共驻防火墙引擎通信，例如通过本地消息传递，（ii）与防火墙引擎共享存储器，以及（iii）使套接字 调用由中间件层拦截的操作系统，随后根据套接字调用修改规则数据库。 这些技术的共同点是应用程序，防火墙引擎和规则数据库共同驻留在端点，这在嵌入式防火墙的实现方面是有利的。