-
41.发明授权公开(公告)号:US10582370B2
公开(公告)日:2020-03-03
申请号:US15714874
申请日:2017-09-25
Applicant: Verint Systems Ltd.
Inventor: Eithan Goldfarb , Doron Breiter , Constantin Tanasa , Victor Ciochina , Nguyen Hoang Nguyen , Tymofii Brezhniev
Abstract: Methods for obtain identifiers, such as International Mobile Subscriber Identities (IMSIs) and International Mobile Station Equipment Identities (IMEIs), of mobile communication terminals, and associate these identifiers with other items of identifying information provided by users of the terminals. A local interrogation device may be installed that imitates a legitimate base station belonging to a cellular network, at a control checkpoint. Local interrogation devices are connected to a global interrogation device in a hierarchical network, whereby the local interrogation devices are assigned a priority that is higher than that of the global interrogation device. The global interrogation device provides cellular coverage to a larger area that contains the control checkpoints, while the local interrogation devices provide more localized cellular coverage to the control checkpoints.
-
公开(公告)号:US20180295035A1
公开(公告)日:2018-10-11
申请号:US15935407
申请日:2018-03-26
Applicant: Verint Systems Ltd.
Inventor: Eithan Goldfarb , Yuval Altman , Naomi Frid , Gur Yaari
CPC classification number: H04L43/026 , H04L43/04 , H04L63/0227 , H04L63/1416 , H04L63/1441 , H04L63/30 , H04L63/306
Abstract: Methods and systems for analyzing flows of communication packets. A front-end processor associates input packets with flows and forwards each flow to the appropriate unit, typically by querying a flow table that holds a respective classification for each active flow. In general, flows that are not yet classified are forwarded to the classification unit, and the resulting classification is entered in the flow table. Flows that are classified as requested for further analysis are forwarded to an appropriate flow analysis unit. Flows that are classified as not requested for analysis are not subjected to further processing, e.g., discarded or allowed to pass.
-
43.发明申请公开(公告)号:US20180109940A1
公开(公告)日:2018-04-19
申请号:US15714874
申请日:2017-09-25
Applicant: Verint Systems Ltd.
Inventor: Eithan Goldfarb , Doron Breiter , Constantin Tanasa , Victor Ciochina , Nguyen Hoang Nguyen , Tymofii Brezhniev
Abstract: Methods for obtain identifiers, such as International Mobile Subscriber Identities (IMSIs) and International Mobile Station Equipment Identities (IMEIs), of mobile communication terminals, and associate these identifiers with other items of identifying information provided by users of the terminals. A local interrogation device may be installed that imitates a legitimate base station belonging to a cellular network, at a control checkpoint. Local interrogation devices are connected to a global interrogation device in a hierarchical network, whereby the local interrogation devices are assigned a priority that is higher than that of the global interrogation device. The global interrogation device provides cellular coverage to a larger area that contains the control checkpoints, while the local interrogation devices provide more localized cellular coverage to the control checkpoints.
-
公开(公告)号:US09929920B2
公开(公告)日:2018-03-27
申请号:US14989075
申请日:2016-01-06
Applicant: Verint Systems Ltd.
Inventor: Eithan Goldfarb , Yuval Altman , Naomi Frid , Gur Yaari
CPC classification number: H04L43/026 , H04L43/04 , H04L63/0227 , H04L63/1416 , H04L63/1441 , H04L63/30 , H04L63/306
Abstract: Methods and systems for analyzing flows of communication packets. A front-end processor associates input packets with flows and forwards each flow to the appropriate unit, typically by querying a flow table that holds a respective classification for each active flow. In general, flows that are not yet classified are forwarded to the classification unit, and the resulting classification is entered in the flow table. Flows that are classified as requested for further analysis are forwarded to an appropriate flow analysis unit. Flows that are classified as not requested for analysis are not subjected to further processing, e.g., discarded or allowed to pass.
-
公开(公告)号:US20180070228A1
公开(公告)日:2018-03-08
申请号:US15696729
申请日:2017-09-06
Applicant: Verint Systems Ltd.
Inventor: Eithan Goldfarb
CPC classification number: H04W12/02 , H04L63/1408 , H04W12/12
Abstract: Methods and systems for identifying one or more rogue devices within a wireless communication network over a particular geographic location. A rogue base station detection system receives air interface transmissions from base stations belonging to a wireless communication network, as well as from one or more rogue base stations that do not belong to the network and are used for monitoring (e.g., hacking or eavesdropping) communication terminals communicating in the network. The system typically searches for signaling channels and converts the RF signal into GSM/UMTS messages including overcoming the different encryption methods used. The system than analyzes the received transmissions so as to identify suspicious transmissions that may be transmitted by the rogue base stations.
-
Patent Agency Ranking
公开(公告)号:US09883345B2
公开(公告)日:2018-01-30
申请号:US15398182
申请日:2017-01-04
Applicant: Verint Systems Ltd.
Inventor: Eithan Goldfarb
CPC classification number: H04W4/026 , H04M1/72519 , H04W4/02 , H04W4/025 , H04W40/00 , H04W84/042 , H04W84/12 , H04W88/06
Abstract: Methods and systems for tracking mobile communication terminals based on their identifiers. The disclosed techniques identify cellular terminals and Wireless Local Area Network (WLAN) terminals that are likely to be carried by the same individual, or cellular and WLAN identifiers that belong to the same multi-mode terminal. A correlation system is connected to a cellular network and to a WLAN. The system receives location coordinates of cellular identifiers used by mobile terminals in the cellular network, and location coordinates of WLAN identifiers used by mobile terminals in the WLAN. Based on the location coordinates, the system is able to construct routes that are traversed by the terminals having the various cellular and WLAN identifiers. The system attempts to find correlations in time and space between the routes.
-
公开(公告)号:US09491069B2
公开(公告)日:2016-11-08
申请号:US13953090
申请日:2013-07-29
Applicant: Verint Systems Ltd.
Inventor: Eithan Goldfarb , Yishay Yitshak
CPC classification number: H04L43/028 , H04L45/742 , H04L45/745 , H04L63/0263
Abstract: A rule engine configured with at least one hash table which summarizes the rules managed by the engine. The rule engine receives rules and automatically adjusts the hash table in order to relate to added rules and/or in order to remove cancelled rules. The adjustment may be performed while the rule engine is filtering packets, without stopping. The rules may be grouped into a plurality of rule types and for each rule type the rule engine performs one or more accesses to at least one hash table to determine whether any of the rules of that type match the packet. In some embodiments, the rule engine may automatically select the rule types responsive to a set of rules provided to the rule engine and adapt its operation to the specific rules it is currently handling, while not spending resources on checking rule types not currently used.
Abstract translation: 配置有至少一个哈希表的规则引擎,其总结由引擎管理的规则。 规则引擎接收规则并自动调整哈希表,以便与添加的规则相关联和/或为了删除已取消的规则。 可以在规则引擎正在过滤数据包而不停止的情况下执行调整。 规则可以被分组为多个规则类型,并且对于每个规则类型,规则引擎执行对至少一个哈希表的一个或多个访问,以确定该类型的任何规则是否与分组匹配。 在一些实施例中,规则引擎可以响应于提供给规则引擎的一组规则来自动选择规则类型,并且将其操作适应其当前正在处理的特定规则,同时不花费资源来检查当前未使用的规则类型。
-
48.发明申请SYSTEM AND METHOD FOR COMBINED NETWORK-SIDE AND OFF-AIR MONITORING OF WIRELESS NETWORKS 审中-公开无线网络组合网侧和远程监控系统与方法公开(公告)号:US20160269900A1
公开(公告)日:2016-09-15
申请号:US15008375
申请日:2016-01-27
Applicant: Verint Systems Ltd.
Inventor: Eithan Goldfarb
Abstract: A monitoring system monitors authentication sessions both on the air interface between the terminals and the network, and on at least one wired network-side interface between network-side elements of the network. The monitoring system constructs a database of sets of network-side authentication parameters using network-side monitoring. Each set of network-side authentication parameters originates from a respective authentication session and is associated with the International Mobile Station Identity (IMSI) of the terminal involved in the session. In order to start decrypting the traffic of a given terminal, the system obtains the off-air authentication parameters of that terminal using off-air monitoring, and finds an entry in the database that matches the air-interface authentication parameters. From the combination of correlated network-side and off-air authentication parameters, the processor is able to extract the parameters needed for decryption.
Abstract translation: 监控系统监视终端和网络之间的空中接口以及网络的网络侧元件之间的至少一个有线网络侧接口的认证会话。 监控系统使用网络侧监控来构建一组网络侧认证参数的数据库。 每组网络侧认证参数来自相应的认证会话,并且与会话中涉及的终端的国际移动台标识(IMSI)相关联。 为了开始解密给定终端的流量,系统使用空中监控获取该终端的空中认证参数,并在数据库中找到与空中接口认证参数匹配的条目。 从相关的网络侧和非空中认证参数的组合,处理器能够提取解密所需的参数。
-
公开(公告)号:US20150134768A1
公开(公告)日:2015-05-14
申请号:US14527894
申请日:2014-10-30
Applicant: Verint Systems Ltd.
Inventor: Itshak Yishai , Eithan Goldfarb
CPC classification number: H04L67/2842 , G06F12/0813 , G06F2212/154 , G06F2212/60 , G06F2212/62 , H04L43/062 , H04L63/1408 , H04L63/1416 , H04L67/02 , H04L67/22
Abstract: Embodiments that are described herein provide improved methods and systems for analyzing network traffic. The disclosed embodiments enable an analytics system to perform complex processing to only new, first occurrences of received content, while refraining from processing duplicate instances of that content. In a typical embodiment, the analytics results regarding the first occurring content are reported and cached in association with the content. For any duplicate instance of the content, the analytics results are retrieved from the cache without re-processing of the duplicate content. When using the disclosed techniques, the system still processes all first occurring content but not duplicate instances of content that was previously received and processed. In the embodiments described herein, input data comprises communication packets exchanged in a communication network.
Abstract translation: 这里描述的实施例提供了用于分析网络业务的改进的方法和系统。 所公开的实施例使得分析系统能够仅对新的第一次接收到的内容进行复杂处理,同时避免处理该内容的重复实例。 在典型的实施例中,关于第一次出现的内容的分析结果与内容相关联地被报告和缓存。 对于任何重复的内容实例,从高速缓存中检索分析结果,而不重新处理重复的内容。 当使用所公开的技术时,系统仍然处理所有先前发生的内容,但不处理先前接收和处理的内容的重复实例。 在这里描述的实施例中,输入数据包括在通信网络中交换的通信分组。
-
公开(公告)号:US20140089498A1
公开(公告)日:2014-03-27
申请号:US13953090
申请日:2013-07-29
Applicant: Verint Systems Ltd.
Inventor: Eithan Goldfarb , Yishay Yitshak
IPC: H04L12/26
CPC classification number: H04L43/028 , H04L45/742 , H04L45/745 , H04L63/0263
Abstract: A rule engine configured with at least one hash table which summarizes the rules managed by the engine. The rule engine receives rules and automatically adjusts the hash table in order to relate to added rules and/or in order to remove cancelled rules. The adjustment may be performed while the rule engine is filtering packets, without stopping. The rules may be grouped into a plurality of rule types and for each rule type the rule engine performs one or more accesses to at least one hash table to determine whether any of the rules of that type match the packet. In some embodiments, the rule engine may automatically select the rule types responsive to a set of rules provided to the rule engine and adapt its operation to the specific rules it is currently handling, while not spending resources on checking rule types not currently used.
Abstract translation: 配置有至少一个哈希表的规则引擎,其总结由引擎管理的规则。 规则引擎接收规则并自动调整哈希表,以便与添加的规则相关联和/或为了删除已取消的规则。 可以在规则引擎正在过滤数据包而不停止的情况下执行调整。 规则可以被分组为多个规则类型,并且对于每个规则类型,规则引擎执行对至少一个哈希表的一个或多个访问,以确定该类型的任何规则是否与分组匹配。 在一些实施例中,规则引擎可以响应于提供给规则引擎的一组规则来自动选择规则类型,并且将其操作适应其当前正在处理的特定规则,同时不花费资源来检查当前未使用的规则类型。
-
-
-
-
-
-
-
-
-
Search Results
50
records
(took 0.023 seconds)
