公开(公告)号：US07904942B2

公开(公告)日：2011-03-08

申请号：US12036163

申请日：2008-02-22

申请人： Meng Sun ,  Tom Chen ,  Win-Harn Liu

发明人： Meng Sun ,  Tom Chen ,  Win-Harn Liu

IPC分类号： G06F17/00 ,  G06F11/00 ,  G06F12/14 ,  G06F12/16 ,  G08B23/00 ,  H04L29/06

CPC分类号： H04L63/0263 ,  H04L63/1416

摘要： A method of updating intrusion detection rules through a link data packet is used to dynamically update rules storages of Snort system hosts. Firstly, an update sponsor in the network transmits a link data packet with an intrusion detection rule to the Snort system host. The Snort system host acquires the intrusion detection rule from the received link data packet, and parses an operation type of the intrusion detection rule. Then, the Snort system host verifies the validity of the intrusion detection rule. Subsequently, the rules storage is updated according to the type of the valid intrusion detection rule and a rules tree.

摘要翻译： 通过链接数据包更新入侵检测规则的方法用于动态更新Snort系统主机的规则存储。 首先，网络中的更新发起者向Snort系统主机发送具有入侵检测规则的链路数据分组。 Snort系统主机从接收到的链路数据包中获取入侵检测规则，并解析入侵检测规则的操作类型。 然后，Snort系统主机验证入侵检测规则的有效性。 随后，根据有效入侵检测规则的类型和规则树更新规则存储。

公开(公告)号：US07676707B2

公开(公告)日：2010-03-09

申请号：US11928591

申请日：2007-10-30

申请人： Lei He ,  Quan-Jie Zheng ,  Jhih-Ren Jin ,  Jeff Song ,  Tom Chen ,  Win-Harn Liu

发明人： Lei He ,  Quan-Jie Zheng ,  Jhih-Ren Jin ,  Jeff Song ,  Tom Chen ,  Win-Harn Liu

IPC分类号： G01R31/28

CPC分类号： G06F11/221

摘要： A device and a method for testing SAS channels which are applied to a plurality of pairs of SAS interfaces. The testing device includes a control terminal, a PCI-E microprocessor, a PCI-E-to-SAS adaptor, and a signal feedback module. The control terminal is used for selecting SAS channels and sending a control command; the PCI-E microprocessor is used for receiving the control command and sending a test signal to a PCI-E channel according to the control command; the PCI-E-to-SAS adaptor is used for converting a transmission signal between the PCI-E channel and the SAS channels; and the signal feedback module is used for connecting a first SAS interface to a second SAS interface in the SAS back plate. The PCI-E microprocessor compares whether the test signal sent to the first SAS channel is consistent with the test signal received from the second SAS interface.

摘要翻译： 用于测试应用于多对SAS接口的SAS信道的设备和方法。 测试设备包括控制终端，PCI-E微处理器，PCI-E至SAS适配器和信号反馈模块。 控制终端用于选择SAS通道并发送控制命令; PCI-E微处理器用于接收控制命令，并根据控制命令向PCI-E通道发送测试信号; PCI-E至SAS适配器用于转换PCI-E通道和SAS通道之间的传输信号; 并且信号反馈模块用于将第一SAS接口连接到SAS背板中的第二SAS接口。 PCI-E微处理器比较发送到第一SAS通道的测试信号是否与从第二个SAS接口接收的测试信号一致。

公开(公告)号：US07631232B2

公开(公告)日：2009-12-08

申请号：US11905291

申请日：2007-09-28

申请人： Wei-Xin Zeng ,  Xiao Jiang ,  Jeff Song ,  Jhih-Ren Jin ,  Tom Chen ,  Win-Harn Liu

发明人： Wei-Xin Zeng ,  Xiao Jiang ,  Jeff Song ,  Jhih-Ren Jin ,  Tom Chen ,  Win-Harn Liu

IPC分类号： G11C29/00

CPC分类号： G01R31/2868

摘要： A parallel burning system and method is for burning chips of various different bus types in parallel. A computer compiles configuration information according to corresponding connection relations between the chips and the micro controller units, and transmits the configuration information, burning command and burning data to a master micro controller unit of the micro controller units. The master micro controller unit distributes the burning data to slave micro controller units of the micro controller units based on the analyzed configuration information, and controls each slave micro controller unit to activate its burning operation. Then, the slave micro controller units burn the burning data onto the chips connected thereto, and transmit the burning results back to the master micro controller unit after completion of the burning operations. Finally, the master micro controller unit transmits the burning results back to the computer after completion of all the burning operations.

摘要翻译： 并行燃烧系统和方法是并行烧录各种不同总线类型的芯片。 计算机根据芯片和微控制器单元之间的对应连接关系编译配置信息，并将配置信息，刻录命令和刻录数据发送到微控制器单元的主微控制器单元。 主微控制器单元基于分析的配置信息将燃烧数据分配到微控制器单元的从属微控制器单元，并控制每个从微控制器单元激活其燃烧操作。 然后，从属微控制器单元将燃烧数据刻录到与其连接的芯片上，并且在完成燃烧操作之后将燃烧结果传送回主微控制器单元。 最后，在完成所有燃烧操作之后，主微控制器单元将燃烧结果传送回计算机。

公开(公告)号：US20090292882A1

公开(公告)日：2009-11-26

申请号：US12126591

申请日：2008-05-23

申请人： Sheng Li ,  Tom Chen ,  Win-Harn Liu

发明人： Sheng Li ,  Tom Chen ,  Win-Harn Liu

IPC分类号： G06F12/08

CPC分类号： G06F12/0866

摘要： A storage area network (SAN) server with a parallel processing cache and an access method thereof are described, which are supplied for a plurality of request to access data in a server through an SAN. The server includes physical storage devices, for storing data sent by the request and data transmitted to the request; copy managers, for managing the physical storage devices connected to the server, and each copy manager includes a cache memory unit, for temporarily storing the data accessed by the physical storage devices, and a data manager, for recording an index of the data in the cache memory unit, providing a cache copy stored in the cache memory unit to a corresponding request end, and confirming an access time for each virtual device manager to access the cache copy.

摘要翻译： 描述了具有并行处理高速缓存及其访问方法的存储区域网络（SAN）服务器，其被提供用于通过SAN访问服务器中的数据的多个请求。 服务器包括物理存储设备，用于存储由请求发送的数据和发送到请求的数据; 复制管理器，用于管理连接到服务器的物理存储设备，并且每个副本管理器包括用于临时存储由物理存储设备访问的数据的高速缓冲存储器单元和数据管理器，用于将数据的索引记录在 高速缓冲存储器单元，将存储在高速缓冲存储器单元中的高速缓存副本提供给相应的请求端，并且确认每个虚拟设备管理器访问高速缓存副本的访问时间。

公开(公告)号：US20090217341A1

公开(公告)日：2009-08-27

申请号：US12036163

申请日：2008-02-22

申请人： Meng Sun ,  Tom Chen ,  Win-Harn Liu

发明人： Meng Sun ,  Tom Chen ,  Win-Harn Liu

IPC分类号： G06F21/00

CPC分类号： H04L63/0263 ,  H04L63/1416

摘要： A method of updating intrusion detection rules through a link data packet is used to dynamically update rules storages of Snort system hosts. Firstly, an update sponsor in the network transmits a link data packet with an intrusion detection rule to the Snort system host. The Snort system host acquires the intrusion detection rule from the received link data packet, and parses an operation type of the intrusion detection rule. Then, the Snort system host verifies the validity of the intrusion detection rule. Subsequently, the rules storage is updated according to the type of the valid intrusion detection rule and a rules tree.

摘要翻译： 通过链接数据包更新入侵检测规则的方法用于动态更新Snort系统主机的规则存储。 首先，网络中的更新发起者向Snort系统主机发送具有入侵检测规则的链路数据分组。 Snort系统主机从接收到的链路数据包中获取入侵检测规则，并解析入侵检测规则的操作类型。 然后，Snort系统主机验证入侵检测规则的有效性。 随后，根据有效入侵检测规则的类型和规则树更新规则存储。

公开(公告)号：US20090198988A1

公开(公告)日：2009-08-06

申请号：US12023570

申请日：2008-01-31

申请人： Yuan Bai ,  Tom Chen ,  Win-Harn Liu

发明人： Yuan Bai ,  Tom Chen ,  Win-Harn Liu

IPC分类号： G06F9/00

CPC分类号： G06F9/455 ,  G06F11/004 ,  G06F11/1433

摘要： A method for verifying refreshed BIOS content includes the following steps. A virtual machine (VM) is established in a computer waiting for a system BIOS update by the use of a paravirtualization technique. The VM is booted. A new BIOS file content is copied to an address space in a designated range of a memory of a computer host. The computer host is booted with the content of the new BIOS file, and the paravirtual operating system runs on the same hardware platform of the computer host. And, whether the virtual operating system adopting the new BIOS file content runs normally or not is verified to confirm the correctness and safety of the content of the new BIOS file.

摘要翻译： 用于验证刷新的BIOS内容的方法包括以下步骤。 通过使用半虚拟化技术在等待系统BIOS更新的计算机中建立虚拟机（VM）。 虚拟机启动。 新的BIOS文件内容被复制到计算机主机的存储器的指定范围内的地址空间中。 计算机主机使用新的BIOS文件的内容启动，并且虚拟操作系统在计算机主机的相同硬件平台上运行。 并且，是否验证采用新的BIOS文件内容的虚拟操作系统是否正常运行，以确认新BIOS文件的内容的正确性和安全性。

公开(公告)号：US20090198768A1

公开(公告)日：2009-08-06

申请号：US12023543

申请日：2008-01-31

申请人： Wei Gao ,  Tom Chen ,  Win-Harn Liu

发明人： Wei Gao ,  Tom Chen ,  Win-Harn Liu

IPC分类号： G06F15/16

CPC分类号： G06F9/54 ,  G06F2209/541

摘要： An asynchronous request-response communication method is applied in data transmission for applications running in a server. The asynchronous request-response method includes the following steps. Establish a socket and a connection port corresponding to a request in a request side; set an object pool in each request side respectively, for recording connection statuses of the sockets corresponding to different requests; wait till the server has finished the request; once the server has finished the received request, the server transmits a callback message to the corresponding socket of the request side; and search a corresponding process event in the object pool according to the callback message. The request side adopts the socket and the connection port to perform the asynchronous request-response operations, thereby reducing the connection load between the server and the request side.

摘要翻译： 在服务器中运行的应用程序的数据传输中应用异步请求 - 响应通信方法。 异步请求 - 响应方法包括以下步骤。 在请求方建立与请求对应的套接字和连接端口; 在每个请求侧分别设置一个对象池，用于记录与不同请求对应的套接字的连接状态; 等到服务器完成请求; 一旦服务器完成接收到的请求，服务器将回叫消息发送到请求方的对应套接字; 并根据回调消息搜索对象池中的相应进程事件。 请求方采用套接字和连接端口执行异步请求 - 响应操作，从而减少服务器与请求方之间的连接负载。

公开(公告)号：US20090178140A1

公开(公告)日：2009-07-09

申请号：US11971370

申请日：2008-01-09

申请人： Cang-Mou Cao ,  Chuen-Mei Ma ,  Cong Meng ,  Tom Chen ,  Win-Harn Liu

发明人： Cang-Mou Cao ,  Chuen-Mei Ma ,  Cong Meng ,  Tom Chen ,  Win-Harn Liu

IPC分类号： G06F21/20

CPC分类号： H04L63/1416

摘要： A network intrusion detection system (IDS) is built at an important network node and used to detect and monitor network packets. The network intrusion detection system includes a network card and a system core processor. When receiving a network packet, a micro-processor of the network card performs a packet decode procedure and a packet preprocess procedure, thereby verifying a type and a source address of the packet in advance and converting the packet into an IDS format packet. Afterwards, the system core processor determines whether the packet is an intrusion packet. Since the computation of the packet decode procedure and the packet pre-process procedure is handled by the network card, the network intrusion detection system will not lose packets due to too heavy computation burden, thereby greatly improving the accuracy of the network intrusion detection system.

摘要翻译： 网络入侵检测系统（IDS）在重要网络节点建立，用于检测和监控网络数据包。 网络入侵检测系统包括网卡和系统核心处理器。 当接收网络分组时，网卡的微处理器执行分组解码过程和分组预处理过程，从而预先验证分组的类型和源地址并将分组转换为IDS格式分组。 之后，系统核心处理器确定该分组是否是入侵分组。 由于分组解码过程的计算和分组预处理过程由网卡处理，网络入侵检测系统由于计算负担过重而不会丢失分组，从而大大提高了网络入侵检测系统的准确性。

公开(公告)号：US20090113249A1

公开(公告)日：2009-04-30

申请号：US11976370

申请日：2007-10-24

申请人： Tao Liu ,  Qiu-Yue Duan ,  Tom Chen ,  Win-Harn Liu

发明人： Tao Liu ,  Qiu-Yue Duan ,  Tom Chen ,  Win-Harn Liu

IPC分类号： G06F11/14

CPC分类号： G11B20/182

摘要： A stress testing method of a file system includes traversing local or network storage devices with a drive letter; detecting a network mapping path of the network storage devices; calculating an absolute path of all the storage devices through a mounted point and a system volume; collecting the above information to update the path information of the file system; and then calling a corresponding test algorithm and stressing strategy according to different types of storage devices, so as to perform the stress test. The stress testing method can make the file system display storage devices without a drive letter, and call appropriate testing methods and stressing strategies for different types of storage devices, so the depth and scope of the stress testing for file system are expanded, the accuracy of the test is enhanced, and the problem of occupying too many system resources is avoided.

摘要翻译： 文件系统的压力测试方法包括遍历具有驱动器号的本地或网络存储设备; 检测网络存储设备的网络映射路径; 通过安装点和系统卷计算所有存储设备的绝对路径; 收集上述信息以更新文件系统的路径信息; 然后根据不同类型的存储设备调用相应的测试算法和应力策略，进行压力测试。 压力测试方法可以使文件系统不用驱动器号显示存储设备，并对不同类型的存储设备调用适当的测试方法和强调策略，扩大文件系统的压力测试的深度和范围， 测试得到加强，避免了占用太多系统资源的问题。

公开(公告)号：US20090106401A1

公开(公告)日：2009-04-23

申请号：US11976135

申请日：2007-10-22

申请人： Xiang-Bin Meng ,  Yan-Peng Yang ,  Tom Chen ,  Win-Harn Liu

发明人： Xiang-Bin Meng ,  Yan-Peng Yang ,  Tom Chen ,  Win-Harn Liu

IPC分类号： G06F15/177

CPC分类号： H04L29/12424 ,  H04L29/12433 ,  H04L61/2535 ,  H04L61/2539 ,  H04L69/16 ,  H04L69/163

摘要： An intranet IP address modification system and method for a dual controller, and is used to modify the intranet IP addresses dynamically under the condition of keeping an intranet based TCP connection of a dual controller from disruption and disconnection. Before modifying the intranet IP address, blocking all data transmission of an intranet connection simultaneously at both ends of the intranet connection of a dual controller; next, re-determining the network card IP's at both ends of the intranet connection based on a conflicting internet IP address; then, revising the intranet IP's and routing table according to the re-determined IP address, modifying correspondingly the remote terminal IP's in an ARP buffer storage and a corresponding MAC address, and modifying correspondingly portal IP address of the intranet connection; and finally, upon the completion of intranet IP address modification, resuming data transmission of the intranet connection simultaneously at both ends of the connection.

摘要翻译： 一种双控制器的内部网IP地址修改系统和方法，用于在保持双控制器的基于Intranet的TCP连接不受中断和断开的情况下动态修改内部网IP地址。 在修改Intranet IP地址之前，在双控制器的Intranet连接的两端同时阻断Intranet连接的所有数据传输; 接下来，基于冲突的因特网IP地址重新确定内部网连接两端的网卡IP; 然后根据重新确定的IP地址对内网IP和路由表进行修改，相应修改ARP缓冲存储器中的远程终端IP和对应的MAC地址，修改内部网连接的相应门户IP地址; 最后，在内网IP地址修改完成后，在连接两端同时恢复内网连接的数据传输。