-
公开(公告)号:US07466687B2
公开(公告)日:2008-12-16
申请号:US10425097
申请日:2003-04-28
IPC分类号: H04L12/28
CPC分类号: H04L45/00 , H04L12/4625 , H04L45/54 , H04L45/7453 , H04L63/0263
摘要: A method and system for encoding a set of range labels for each parameter field in a packet classification key in such a way as to require preferably only a single entry per rule in a final processing stage of a packet classifier. Multiple rules are sorted accorded to their respective significance. A range, based on a parameter in the packet header, is previously determined. Multiple rules are evaluated according to an overlapping of rules according to different ranges. Upon a determination that two or more rules overlap, each overlapping rule is expanded into multiple unique segments that identify unique range intersections. Each cluster of overlapping ranges is then offset so that at least one bit in a range for the rule remains unchanged. The range segments are then converted from binary to Gray code, which results in the ability to determine a CAM entry to use for each range.
摘要翻译: 一种方法和系统,用于以分组分类密钥中的每个参数字段的一组范围标签进行编码,以便在分组分类器的最后处理阶段中优选地仅需要每个规则仅一个条目。 根据各自的意义对多个规则进行排序。 预先确定基于分组报头中的参数的范围。 根据不同范围的规则重叠来评估多个规则。 在确定两个或更多个规则重叠时,每个重叠规则被扩展为识别唯一范围交点的多个唯一段。 然后,每个重叠范围的簇被偏移,使得该规则的范围中的至少一个位保持不变。 范围段然后从二进制转换为格雷码,这导致确定每个范围使用的CAM条目的能力。
-
公开(公告)号:US07403527B2
公开(公告)日:2008-07-22
申请号:US11867963
申请日:2007-10-05
申请人: Gordon Taylor Davis , Andreas Guenther Herkersdorf , Clark Debs Jeffries , Mark Anthony Rinaldi
发明人: Gordon Taylor Davis , Andreas Guenther Herkersdorf , Clark Debs Jeffries , Mark Anthony Rinaldi
CPC分类号: H04L49/3009 , H04L45/745 , H04L45/7453 , H04L49/351
摘要: A structure and technique for preventing collisions using a hash table in conjunction with a CAM to identify and prevent collision of binary keys. A portion of the hash value of a binary key, which does not collide with a portion of the hash value of any other reference binary key, is used as an entry in the hash table. If two or more binary keys have identical values of the portions of the hash values, each of these binary keys are stored in their entirety, in the CAM. The key in the CAM provides a pointer to a data structure where the action associated with that binary key is stored. If the binary key is not found in the CAM, the binary key is hashed, and a specific entry in the hash table is selected using a portion of this hash value.
摘要翻译: 一种用于使用散列表与CAM结合来防止冲突的结构和技术,以识别和防止二进制密钥的冲突。 不与任何其他参考二进制密钥的散列值的一部分相冲突的二进制密钥的散列值的一部分被用作散列表中的条目。 如果两个或更多个二进制密钥具有相同的哈希值部分的值,则这些二进制密钥中的每一个都将全部存储在CAM中。 CAM中的关键字提供了指向数据结构的指针,其中存储与该二进制密钥相关联的动作。 如果在CAM中没有找到二进制密钥,则二进制密钥被散列,并且使用该哈希值的一部分来选择散列表中的特定条目。
-
公开(公告)号:US07349397B2
公开(公告)日:2008-03-25
申请号:US11462071
申请日:2006-08-03
申请人: Gordon Taylor Davis , Andreas Guenther Herkersdorf , Clark Debs Jeffries , Mark Anthony Rinaldi
发明人: Gordon Taylor Davis , Andreas Guenther Herkersdorf , Clark Debs Jeffries , Mark Anthony Rinaldi
CPC分类号: H04L49/3009 , H04L45/745 , H04L45/7453 , H04L49/351
摘要: A structure and technique for preventing collisions using a hash table in conjunction with a CAM to identify and prevent collisions of binary keys. A portion of the hash value of a binary key, which does not collide with a portion of the hash value of any other reference binary key, is used as an entry in the hash table. If two or more binary keys have identical values of the portions of the hash values, each of these binary keys are stored in their entirety, in the CAM. The key in the CAM provides a pointer to a data structure where the action associated with that binary key is stored. If the binary key is not found in the CAM, the binary key is hashed, and a specific entry in the hash table is selected using a portion of this hash value.
摘要翻译: 一种用于使用散列表与CAM结合来防止冲突的结构和技术,以识别和防止二进制键的冲突。 不与任何其他参考二进制密钥的散列值的一部分相冲突的二进制密钥的散列值的一部分被用作散列表中的条目。 如果两个或更多个二进制密钥具有相同的哈希值部分的值,则这些二进制密钥中的每一个都将全部存储在CAM中。 CAM中的关键字提供了指向数据结构的指针,其中存储与该二进制密钥相关联的动作。 如果在CAM中没有找到二进制密钥,则二进制密钥被散列,并且使用该哈希值的一部分来选择散列表中的特定条目。
-
公开(公告)号:US07327260B2
公开(公告)日:2008-02-05
申请号:US11132535
申请日:2005-05-19
CPC分类号: G06K19/0723 , G06K19/0717
摘要: System and method for recording temperature on an RFID tag. A first RFID tag is attached to a container. The first RFID tag includes a temperature sensor. The container contains a multiplicity of packages. A multiplicity of second RFID tags are attached to the multiplicity of packages, respectively. The first RFID tag transmits temperature information to the multiplicity of second RFID tags. In response, the multiplicity of second RFID tags record the temperature information. Consequently, there is no need for expensive temperature sensors on the multiplicity of RFID tags on the packages. According to features of the present invention, the first RFID tag is an active RFID tag, and the multiplicity of second RFID tags are passive RFID tags. The first RFID tag also transmits other information to the multiplicity of second RFID tags to enable the second RFID tags to authenticate the temperature information. Other types of environmental sensors such as a humidity sensor or vibration sensor can substitute for the temperature sensor.
摘要翻译: 记录RFID标签温度的系统和方法。 第一个RFID标签连接到容器。 第一RFID标签包括温度传感器。 容器包含多个包。 多个第二RFID标签分别附接到多个包装。 第一RFID标签将温度信息传送到多个第二RFID标签。 作为响应,第二RFID标签的多个记录温度信息。 因此,不需要在包装上的RFID标签上的昂贵的温度传感器。 根据本发明的特征,第一RFID标签是有源RFID标签,多个第二RFID标签是无源RFID标签。 第一RFID标签还向多个第二RFID标签传送其他信息,以使第二RFID标签能够认证温度信息。 其他类型的环境传感器,如湿度传感器或振动传感器可以代替温度传感器。
-
45.发明授权Credit-based receiver using selected transmit rates and storage thresholds for preventing under flow and over flow-methods, apparatus and program products 失效基于信用的接收机,使用选定的传输速率和存储阈值来防止流量过流和过流方法,设备和程序产品公开(公告)号:US07072299B2
公开(公告)日:2006-07-04
申请号:US09933526
申请日:2001-08-20
IPC分类号: H04J1/16
摘要: A receiver may be adapted to prevent overflow or underflow of its data storage by generating a transmit rate value as a feedback to the sender. Speed adjustments are performed periodically with a fixed time period denoted by Dt. Transmission rates are explicitly 0, Max/2, and Max. The receiver queue is itself drained at a rate R that at any time satisfies 0
摘要翻译: 接收机可以适于通过生成发送速率值作为对发送者的反馈来防止其数据存储器的溢出或下溢。 以Dt表示的固定时间段周期性地执行速度调节。 传输速率明确为0,Max / 2和Max。 接收器队列本身以在任何时间满足0 <= R <= Max的速率R排出。 接收机存储队列的占用等级由Q表示。接收队列的最大容量被指定为Qmax,所以在任何时候,0≤Q≤Qmax。 确定接收器队列值Q的电平的两个阈值T 1和T 2(具有0
-
46.发明授权Scoping of real time signals of remote communication systems over a computer network: systems, methods and program products 失效通过计算机网络实现远程通信系统的实时信号范围:系统,方法和程序产品公开(公告)号:US06889346B2
公开(公告)日:2005-05-03
申请号:US09906371
申请日:2001-07-16
申请人: Youssef Abdelilah , Gordon Taylor Davis , Jeffrey Haskell Derby , Dongming Hwang , Clark Debs Jeffries , Malcolm Scott Ware , Hua Ye
发明人: Youssef Abdelilah , Gordon Taylor Davis , Jeffrey Haskell Derby , Dongming Hwang , Clark Debs Jeffries , Malcolm Scott Ware , Hua Ye
CPC分类号: H04L47/76 , H04L41/0896 , H04L43/50 , H04L63/083
摘要: A remote controller is coupled to a target system via a computer network A real time probe is installed in software executing on a target system, typically a Digital Signal Processor (DSP). The remote controller includes a “debugger user interface” which accepts and interprets scoping commands issued by a developer. A controller network driver constructs appropriate network packets to be sent over the network to the target system. The target system has a control processor which runs a target network driver for receiving the network packets containing the scoping commands. The scoping commands are sent to an “embedded debugger” which performs the requested probing/scoping. When the DSP code runs across an address where the probe is installed, the embedded debugger will collect the signal values. The collected scope data will be interleaved and sent to the target network driver which, will encapsulate the information into suitable packets to send back to the controller via the network.
摘要翻译: 遥控器经由计算机网络耦合到目标系统。实时探测器安装在目标系统(通常为数字信号处理器(DSP))上执行的软件中。 遥控器包括一个“调试器用户界面”,它接受并解释开发人员发出的作用域命令。 控制器网络驱动程序构建要通过网络发送到目标系统的适当网络数据包。 目标系统具有控制处理器,该控制处理器运行目标网络驱动器以接收包含范围命令的网络分组。 范围指令被发送到执行所请求的探测/范围的“嵌入式调试器”。 当DSP代码在安装探头的地址上运行时,嵌入式调试器将收集信号值。 收集的范围数据将被交织并发送到目标网络驱动程序,目标网络驱动程序将将信息封装到适当的数据包中,以通过网络发送回控制器。
-
公开(公告)号:US06724776B1
公开(公告)日:2004-04-20
申请号:US09448190
申请日:1999-11-23
申请人: Clark Debs Jeffries
发明人: Clark Debs Jeffries
IPC分类号: H04J322
摘要: A method and system for controlling a flow of a plurality of packets in a computer network is disclosed. The network includes a queue having a maximum queue level that is possible. The method and system include determining a queue level for the queue and determining an offered rate of the plurality of packets to the queue. The method and system also include determining a virtual maximum queue level based on the queue level and the maximum queue level and controlling a transmission fraction of the plurality of packets to the queue, based on the queue level, the offered rate and the virtual maximum queue level.
摘要翻译: 公开了一种用于控制计算机网络中的多个分组的流的方法和系统。 网络包括具有可能的最大队列级别的队列。 该方法和系统包括确定队列的队列级别并确定多个分组到队列的提供速率。 该方法和系统还包括基于队列级别和最大队列级别来确定虚拟最大队列级别,并且基于队列级别,提供的速率和虚拟最大队列来控制多个分组到队列的传输分数 水平。
-
公开(公告)号:US08423645B2
公开(公告)日:2013-04-16
申请号:US10940558
申请日:2004-09-14
IPC分类号: G06F15/173 , G06F15/16 , G06F11/00 , G06F12/16 , H04L29/06
CPC分类号: G06F21/55 , G06F11/349 , G06F11/3495 , G06F2201/81 , H04L63/1416 , H04L63/1458 , H04L2463/141 , H04L2463/144 , Y02D10/34
摘要: A method of, system for, and product for managing a denial of service attack in a multiprocessor environment comprising. The first step is establishing normal traffic usage baselines in the multiprocessor environment. Once the baseline is established the next step is monitoring outgoing traffic to detect a high proportion of packets being sent to a specific destination address, and a high number of outbound packets compared to said baseline. Next is monitoring ports and protocols to detect a high proportion of packets sent to a specific port, and a consistent use of a protocol for all packets for that port. If there is such consistent use of a protocol for all packets for that port as to evidence a denial of service attack, blocking measures are started to mitigate the apparent denial of service attack.
摘要翻译: 一种用于在多处理器环境中管理拒绝服务攻击的方法,系统和产品,包括: 第一步是在多处理器环境中建立正常的流量使用基线。 一旦基线建立,下一步就是监测输出流量,以检测发送到特定目的地地址的大部分数据包,以及与所述基线相比较的大量出站分组。 接下来是监控端口和协议,以检测发送到特定端口的大部分数据包,并且一致地使用该端口的所有数据包的协议。 如果对该端口的所有数据包使用协议一致,以证明拒绝服务攻击,就会开始阻止措施来减轻明显的拒绝服务攻击。
-
公开(公告)号:US20120265834A1
公开(公告)日:2012-10-18
申请号:US13532061
申请日:2012-06-25
IPC分类号: G06F15/16
CPC分类号: H04L63/0236 , H04L51/12 , H04L63/0263
摘要: A system, method and program product for blocking unwanted e-mails. An e-mail is identified as unwanted. A source IP address of the unwanted e-mail is determined. Other source IP addresses owned or registered by an owner or registrant of the source IP address of the unwanted e-mail are determined. Subsequent e-mails from the source IP address and the other IP addresses are blocked. This will thwart a spammer who shifts to a new source IP address when its spam is blocked from one source IP address.
摘要翻译: 用于阻止不必要的电子邮件的系统,方法和程序产品。 电子邮件被标识为不需要的。 确定不需要的电子邮件的源IP地址。 确定不想要的电子邮件的源IP地址的所有者或注册人拥有或注册的其他源IP地址。 源IP地址和其他IP地址的后续电子邮件被阻止。 这将阻止一个垃圾邮件发送者转移到新的源IP地址,当其垃圾邮件从一个源IP地址被阻止时。
-
公开(公告)号:US20120260335A1
公开(公告)日:2012-10-11
申请号:US13495210
申请日:2012-06-13
IPC分类号: G06F21/00
CPC分类号: H04L63/1458
摘要: The present invention provides for protecting against denial of service attacks. A request is sent by a client, the request comprises client indicia. The request is received at a server. A request count is incremented by the server. A sequence number is assigned as a function of the client indicia. A problem is selected by the server. The problem is sent by the server to the client. A solution to the problem is sent to the server. It is determined if the solution by client is correct. If the solution is correct, a session is performed. If the solution is not correct, the request is discarded. This can substantially decrease the amount of attacks performed by a rogue client, as the session set-up time can be substantial.
摘要翻译: 本发明提供了防止拒绝服务攻击的保护。 请求由客户端发送,请求包括客户端标记。 服务器收到请求。 请求计数由服务器递增。 作为客户端标记的函数分配序列号。 服务器选择了一个问题。 该问题由服务器发送给客户端。 将问题的解决方案发送到服务器。 确定客户端的解决方案是否正确。 如果解决方案是正确的,则执行会话。 如果解决方案不正确,请求将被丢弃。 这可以显着减少流氓客户端执行的攻击的数量,因为会话建立时间可能很大。
-
-
-
-
-
-
-
-
-
搜索结果
89 条记录 (耗时 0.021 秒)
