公开(公告)号：US09178898B2

公开(公告)日：2015-11-03

申请号：US11854439

申请日：2007-09-12

Applicant: Sachin Garg ,  Navjot Singh ,  Yu-Sung Wu

Inventor： Sachin Garg ,  Navjot Singh ,  Akshay Adhikari ,  Yu-Sung Wu

IPC: G06F21/00 ,  H04L29/06

CPC classification number: H04L63/1416 ,  H04L65/1006

Abstract: An apparatus and method for detecting intrusions in Voice over Internet Protocol systems with distributed stateful intrusion detection. When a Session Initiation Protocol (SIP) signal is received as an application-layer protocol signal, the received application-layer protocol signal is distributed to a first finite-state machine and to a second finite-state machine. A data processing system detects that the application-layer protocol enters a first application-layer protocol state S1 at a first node at a first time, determines whether the application-layer protocol fails to enter a second application-layer protocol state S2 at a second node within δ seconds, a positive real number, and generates a signal that indicates a potential intrusion in response to the determination.

Abstract translation: 一种用于通过分布式状态入侵检测来检测基于因特网协议的语音系统中的入侵的装置和方法。 当接收到会话发起协议（SIP）信号作为应用层协议信号时，接收的应用层协议信号被分配到第一有限状态机和第二有限状态机。 数据处理系统检测到第一应用层协议在第一节点处进入第一应用层协议状态S1，确定应用层协议是否在第二时刻不能进入第二应用层协议状态S2 δ秒内的节点，正实数，并产生指示响应于确定的潜在入侵的信号。

公开(公告)号：US08095699B2

公开(公告)日：2012-01-10

申请号：US11542092

申请日：2006-09-29

Applicant: Sachin Garg ,  Paul D. Krivacek

Inventor： Sachin Garg ,  Paul D. Krivacek

IPC: G06F3/00

CPC classification number: G06F13/126 ,  G06F9/3881 ,  G06F13/4273 ,  Y02D10/14 ,  Y02D10/151

Abstract: An interface to transfer data between a host processor and an external coprocessor is provided. The interface may operate in several write modes, in which in a first write mode the write operation is transferred across the interface in two clock cycles and in a second write mode the write operation is transferred across the interface in a single clock cycle. The interface can perform a first read operation initiated by the host processor and a second read operation initiated by the external coprocessor. The interface can include buffers to store read and write operations and clock gates to selectively gate off clock signals provided to the buffers to synchronize transfer of data into and out of the buffers. A selectable priority scheme can be modified to select between priorities that control a preference in transferring operations over the interface when both read and write operations are queued for transfer.

Abstract translation: 提供了在主处理器和外部协处理器之间传送数据的接口。 接口可以在几种写入模式下操作，其中在第一写入模式中，写入操作在两个时钟周期内在该接口上传送，并且在第二写入模式中，写入操作在单个时钟周期内通过该接口传送。 接口可以执行由主处理器发起的第一读取操作和由外部协处理器发起的第二读取操作。 接口可以包括用于存储读取和写入操作的缓冲器和时钟门，以选择性地关闭提供给缓冲器的时钟信号，以将数据传入和传出缓冲器。 可以修改可选择的优先级方案，以便在读取和写入操作都排队等待传输时，在优先级之间选择控制在接口上传送操作的优先级。

公开(公告)号：US08073806B2

公开(公告)日：2011-12-06

申请号：US11874161

申请日：2007-10-17

Applicant: Sachin Garg ,  Navjot Singh ,  Shalini Yajnik ,  Ranjith Vasireddy ,  Sridhar Vasireddy, legal representative

Inventor： Sachin Garg ,  Navjot Singh ,  Shalini Yajnik ,  Ranjith Vasireddy

IPC: G06F15/00 ,  G06F15/18

CPC classification number: H04L12/66

Abstract: A technique is disclosed that enables the run-time behavior of a data-processing system to be analyzed and, in many cases, to be predicted. In particular, the illustrative embodiment of the present invention comprises i) transforming the messages that constitute an unstructured log into a numerical series and ii) applying a time-series analysis on the resultant series for the purpose of pattern detection. Indeed, it is recognized in the illustrative embodiment that the problem really is to detect patterns that depict aspects of system behavior, regardless of the textual content of the individual log messages. In other words, by analyzing the totality of the messages in the log or logs—as opposed to looking for pre-defined patterns of the individual messages—system behavior can be mapped and understood. The mapping helps in characterizing the system for the purposes of predicting failure, determining the time required to reach stability during failure recovery, and so forth.

Abstract translation: 公开了一种能够分析数据处理系统的运行时行为并且在许多情况下被预测的技术。 特别地，本发明的说明性实施例包括：i）将构成非结构化日志的消息变换为数字序列，以及ii）为了模式检测的目的，对所得到的序列应用时间序列分析。 实际上，在说明性实施例中认识到，问题确实是检测描绘系统行为方面的模式，而不管各个日志消息的文本内容如何。 换句话说，通过分析日志或日志中的消息的总体，而不是寻找单个消息的预定义模式，可以映射和理解系统行为。 映射有助于表征系统的目的是为了预测故障，确定在故障恢复期间达到稳定所需的时间等等。

公开(公告)号：US08001262B2

公开(公告)日：2011-08-16

申请号：US10662724

申请日：2003-09-15

Applicant: Sachin Garg ,  Martin Kappes

Inventor： Sachin Garg ,  Martin Kappes

IPC: G06F15/16 ,  G01R31/08

Abstract: A technique for lessening the likelihood of congestion in a congestible node is disclosed. In accordance with the illustrative embodiments of the present invention, one node—a proxy node—drops protocol data units to lessen the likelihood of congestion in the congestible node. In some embodiments of the present invention, the proxy node receives a metric of a queue at a congestible node and, based on the metric, decides whether to drop protocol data units en route to the congestible node. In some other embodiments of the present invention, the proxy node estimates a metric of a queue at a congestible node and, based on the metric, decides whether to drop protocol data units en route to the congestible node.

公开(公告)号：US20110166927A1

公开(公告)日：2011-07-07

申请号：US12683658

申请日：2010-01-07

Applicant: Chaitanya Bandi ,  Dinesh Garg ,  Krishna Pal Singh Rathore ,  Sachin Garg ,  Krishna Prasad Chitrapura ,  Sourangshu Bhattacharya

Inventor： Chaitanya Bandi ,  Dinesh Garg ,  Krishna Pal Singh Rathore ,  Sachin Garg ,  Krishna Prasad Chitrapura ,  Sourangshu Bhattacharya

IPC: G06Q30/00

CPC classification number: G06Q30/0246 ,  G06Q30/02

Abstract: The present invention provides methods and systems for use in association with an online advertising auction. Advertiser bid information may be obtained, including a maximum amount per impression and a target click through rate (“CTR”). Following serving, if a delivered CTR is equal to or greater than the target CTR, then pricing per impression is at the maximum amount. If, however, the delivered CTR is less than the target CTR, then pricing per impression is at an amount equal to the maximum amount per impression multiplied by the ratio of the delivered CTR to the target CTR.

Abstract translation: 本发明提供了与在线广告拍卖相关联使用的方法和系统。 可以获得广告客户投标信息，包括每次展示的最大金额和目标点击率（“CTR”）。 投放后，如果投放点击率等于或大于目标点击率，则每次展示的定价是最大的。 但是，如果投放的点击率低于目标点击率，则每次展示的定价等于每次展示的最大金额乘以投放点击率与目标点击率的比率。

公开(公告)号：US20090313059A1

公开(公告)日：2009-12-17

申请号：US12138213

申请日：2008-06-12

Applicant: Prakash Trivedi ,  Sachin Garg

Inventor： Prakash Trivedi ,  Sachin Garg

IPC: G06Q10/00 ,  G06F15/16

CPC classification number: G06Q30/06 ,  G06Q10/06 ,  G06Q10/103

Abstract: Communication between a first issue tracking system and a second issue tracking system is provided. An integration platform is configured to translate an issue tracking ticket from a form recognizable by the first issue tracking system, which can be a component of a customer network, into a form recognizable by the second issue tracking system, which can be a component of a service provider network. A gateway server is provided to control communications between the integration platform and the issue tracking system of the service provider network.

Abstract translation: 提供第一问题跟踪系统和第二问题跟踪系统之间的通信。 集成平台被配置为将问题跟踪票据从第一问题跟踪系统可识别的形式（其可以是客户网络的组件）转换成可由第二问题跟踪系统识别的形式，其可以是 服务提供商网络。 提供网关服务器以控制集成平台与服务提供商网络的问题跟踪系统之间的通信。

公开(公告)号：US20090070874A1

公开(公告)日：2009-03-12

申请号：US11854437

申请日：2007-09-12

Applicant: Sachin Garg ,  Navjot Singh ,  Akshay Adhikari ,  Yu-Sung Wu

Inventor： Sachin Garg ,  Navjot Singh ,  Akshay Adhikari ,  Yu-Sung Wu

IPC: G06F21/00

CPC classification number: H04L63/1416 ,  H04L63/0254

Abstract: An apparatus and method are disclosed for detecting intrusions in Voice over Internet Protocol systems, without the use of an attack signature database. In particular, the illustrative embodiment is based on the observation that some VoIP-related protocols (e.g., the Session Initiation Protocol [SIP], etc.) are simple enough to be represented by a finite-state machine (FSM) of compact size. A finite-state machine is maintained for each session/node/protocol combination, and any illegal state or state transition—which might be the result of a malicious attack—is flagged as a potential intrusion.

Abstract translation: 公开了一种用于在不使用攻击特征数据库的情况下检测基于因特网协议语音的系统中的入侵的装置和方法。 特别地，说明性实施例基于一些VoIP相关协议（例如，会话发起协议[SIP]等）足够简单以由紧凑尺寸的有限状态机（FSM）表示的观察。 对于每个会话/节点/协议组合，维护有限状态机，并且任何非法的状态或状态转换（可能是恶意攻击的结果）被标记为潜在的入侵。

公开(公告)号：US07451486B2

公开(公告)日：2008-11-11

申请号：US10955594

申请日：2004-09-30

Applicant: Sachin Garg ,  Navjot Singh ,  Timothy Kohchih Tsai ,  Yu-Sung Wu ,  Saurabh Bagchi

Inventor： Sachin Garg ,  Navjot Singh ,  Timothy Kohchih Tsai ,  Yu-Sung Wu ,  Saurabh Bagchi

IPC: H04L9/00 ,  H04L12/22

CPC classification number: H04L63/1433

Abstract: A method for detecting intrusions that employ messages of two or more protocols is disclosed. Such intrusions might occur in Voice over Internet Protocol (VoIP) systems, as well as in systems in which two or more protocols support some service other than VoIP. In the illustrative embodiment of the present invention, a stateful intrusion-detection system is capable of employing rules that have cross-protocol pre-conditions. The illustrative embodiment can use such rules to recognize a variety of VoIP-based intrusion attempts, such as call hijacking, BYE attacks, etc. In addition, the illustrative embodiment is capable of using such rules to recognize other kinds of intrusion attempts in which two or more protocols support a service other than VoIP. The illustrative embodiment also comprises a stateful firewall that is capable of employing rules with cross-protocol pre-conditions.

Abstract translation: 公开了一种用于检测采用两种或多种协议的消息的入侵的方法。 这种入侵可能发生在语音互联网协议（VoIP）系统中，以及在两个或多个协议支持VoIP之外的一些服务的系统中。 在本发明的说明性实施例中，状态入侵检测系统能够采用具有交叉协议前提条件的规则。 说明性实施例可以使用这样的规则来识别各种基于VoIP的入侵尝试，例如呼叫劫持，BYE攻击等。此外，说明性实施例能够使用这样的规则来识别其他种类的入侵尝试，其中两个 或更多的协议支持VoIP以外的服务。 说明性实施例还包括能够使用具有交叉协议前提条件的规则的有状态防火墙。

公开(公告)号：US20080199009A1

公开(公告)日：2008-08-21

申请号：US11675352

申请日：2007-02-15

Applicant: Akshay Adhikari ,  Sachin Garg ,  Anjur Sundaresan Krishnakumar ,  Navjot Singh

Inventor： Akshay Adhikari ,  Sachin Garg ,  Anjur Sundaresan Krishnakumar ,  Navjot Singh

IPC: H04K1/02

CPC classification number: G06T1/0021 ,  G10L19/018 ,  H04H20/28 ,  H04H20/31 ,  H04H60/23 ,  H04H2201/50 ,  H04L9/065 ,  H04L2209/30 ,  H04L2209/608

Abstract: A method is disclosed that enables the transmission of a digital message along with a corresponding information signal, such as audio or video. The supplemental information contained in digital messages can be used for a variety of purposes, such as enabling or enhancing packet authentication. In particular, a telecommunications device that is processing an information signal from its user, such as a speech signal, encrypts the information signal by performing a bitwise exclusive-or of an encryption key stream with the information signal stream. The device, such as a telecommunications endpoint, then intersperses the bits of the digital message throughout the encrypted signal in place of those bits overwritten, in a process referred to as “watermarking.” The endpoint then transmits the interspersed digital message bits as part of a composite signal that also comprises the encrypted information bits. No additional bits are appended to the packet to be transmitted, thereby addressing compatibility issues.

Abstract translation: 公开了一种能够传送数字消息以及对应的信息信号（诸如音频或视频）的方法。 数字消息中包含的补充信息可用于各种目的，例如启用或增强数据包认证。 特别地，正在处理来自其用户的信息信号（例如语音信号）的电信设备通过执行与信息信号流的按位异或加密密钥流来加密信息信号。 在称为“水印”的过程中，诸如电信端点的设备然后在整个加密信号中分散数字消息的位，以代替被覆盖的位。 然后，端点将散布的数字消息比特作为还包括加密信息比特的复合信号的一部分进行发送。 没有额外的位附加到要发送的数据包，从而解决兼容性问题。

公开(公告)号：US20080155135A1

公开(公告)日：2008-06-26

申请号：US11542092

申请日：2006-09-29

Applicant: Sachin Garg ,  Paul D. Krivacek

Inventor： Sachin Garg ,  Paul D. Krivacek

IPC: G06F13/28

CPC classification number: G06F13/126 ,  G06F9/3881 ,  G06F13/4273 ,  Y02D10/14 ,  Y02D10/151

Abstract: In one aspect, an interface adapted to transfer data between a host processor and an external coprocessor is provided. The interface may be adapted to operate in a plurality of write modes, wherein in a first write mode the write operation is transferred across the interface in two clock cycles and in a second write mode the write operation is transferred across the interface in a single clock cycle. In another aspect, the interface is adapted to perform a first read operation initiated by the host processor and a second read operation initiated by the external coprocessor. In another aspect, the interface includes a plurality of buffers to store read and write operations and a plurality of clock gates to selectively gate of clock signals provided to the plurality of buffers to synchronize transfer of data into and out of the buffers. In another aspect, the interface includes a selectable priority scheme capable of being modified to select between a plurality of priorities that control a preference in transferring operations over the interface when both read and write operations are queued for transfer.

Abstract translation: 在一个方面，提供一种适于在主处理器和外部协处理器之间传送数据的接口。 该接口可以适于以多种写入模式操作，其中在第一写入模式中，写入操作在两个时钟周期内在该接口上传送，并且在第二写入模式中，写入操作以单个时钟在该接口上传送 周期。 在另一方面，接口适于执行由主机处理器发起的第一读取操作和由外部协处理器发起的第二读取操作。 在另一方面，接口包括多个用于存储读取和写入操作的缓冲器以及多个时钟门，用于选择性地提供给多个缓冲器的时钟信号的门，以同步数据传入和传出缓冲器。 在另一方面，接口包括可选择的优先级方案，其能够被修改为在读取和写入操作都排队等待传送时控制在接口上传送操作的优先级的多个优先级之间进行选择。