-
公开(公告)号:US09392009B2
公开(公告)日:2016-07-12
申请号:US12281357
申请日:2007-03-01
申请人: Patrick Droz , Robert Haas , Andreas Kind
发明人: Patrick Droz , Robert Haas , Andreas Kind
CPC分类号: H04L63/1425 , H04L43/04 , H04W76/27
摘要: Network flow records from various administrative domains are provided to a network monitoring entity. The network monitoring entity analyzes the network flow records in a way to locate a source of malicious network flow.
摘要翻译: 来自各个管理域的网络流记录被提供给网络监控实体。 网络监控实体以定位恶意网络流源的方式分析网络流记录。
-
公开(公告)号:US07843827B2
公开(公告)日:2010-11-30
申请号:US11641431
申请日:2006-12-19
申请人: Paul T. Hurley , Andreas Kind
发明人: Paul T. Hurley , Andreas Kind
IPC分类号: H04L12/26
CPC分类号: H04L43/00 , H04L41/0213 , H04L43/022
摘要: A method for configuring network device adapted to process network traffic comprising a plurality of network flows and to export network flow information. For configuring the network device, a copy of the network traffic that is processed by the network device is created. A simulation of a process of collecting the network flow information using the copy of the network traffic is performed. Based on the results of the simulation, a preferred information collection scheme is determined. The network device is then configured to collect the network flow information to be exported according to the preferred information collection scheme.
摘要翻译: 一种用于配置适于处理包括多个网络流的网络流量并且输出网络流信息的网络设备的方法。 为了配置网络设备,创建了由网络设备处理的网络流量的副本。 执行使用网络业务的副本收集网络流信息的过程的模拟。 基于模拟结果,确定优选的信息收集方案。 然后,网络设备被配置为根据优选信息收集方案收集要导出的网络流信息。
-
公开(公告)号:US20100214947A1
公开(公告)日:2010-08-26
申请号:US12391556
申请日:2009-02-24
CPC分类号: H04L41/12
摘要: A method for determination of a network topology includes generating a list of device sets for a destination; removing any duplicate device sets from the list; creating a tree for the destination by introducing a root node into the tree; sorting the list of device sets for the destination by length; removing the shortest device set from the list; introducing a new node representing the shortest device set into the tree; determining whether a node in the tree represents a maximum length subset of the shortest device set, and in the event that a node is determined, connecting the new node to the determined node, or else connecting the new node to the root node; setting the identifier of the introduced node to a list of members of the shortest device set that are not included in the maximum length subset of the determined node.
摘要翻译: 一种用于确定网络拓扑的方法包括生成目的地的设备集列表; 从列表中删除任何重复的设备集合; 通过将根节点引入到树中为目的地创建树; 按长度对目的地的设备集列表进行排序; 从列表中删除最短的设备集; 将表示最短设备集的新节点引入到树中; 确定树中的节点是否表示最短设备集合的最大长度子集,并且在确定节点的情况下,将新节点连接到确定的节点,或者将新节点连接到根节点; 将引入的节点的标识符设置为不包括在所确定的节点的最大长度子集中的最短设备集的成员的列表。
-
4.发明申请METHODS, SYSTEMS AND COMPUTER PROGRAM PRODUCTS FOR DETECTING FLOW-LEVEL NETWORK TRAFFIC ANOMALIES VIA ABSTRACTION LEVELS 失效用于检测流量网络交通异常的方法,系统和计算机程序产品通过抽取级别公开(公告)号:US20090245109A1
公开(公告)日:2009-10-01
申请号:US12056583
申请日:2008-03-27
申请人: Paul T. Hurley , Andreas Kind , Marc Ph. Stoecklin
发明人: Paul T. Hurley , Andreas Kind , Marc Ph. Stoecklin
IPC分类号: H04L12/26
CPC分类号: H04L43/026 , H04L41/142
摘要: Methods, systems and computer program products for detecting flow-level network traffic anomalies via abstraction levels. An exemplary embodiment includes a method for detecting flow-level network traffic anomalies in a computer network, the method including obtaining current distributions of flow level traffic features within the computer network, computing distances of the current distributions' components from a distributions model, comparing the distances of the current distributions to distance baselines from the distributions model, determining if the distances are above a pre-determined thresholds and in response to one or more of the distances being above the pre-determined thresholds in one or more distributions, identifying the current condition to be abnormal and providing indications to its nature.
摘要翻译: 用于通过抽象级别检测流量级网络流量异常的方法,系统和计算机程序产品。 示例性实施例包括一种用于检测计算机网络中的流量级网络流量异常的方法,所述方法包括获得计算机网络内的流量级别业务特征的当前分布,从分布模型计算当前分布组件的距离, 当前分布与分布模型的距离基线的距离,确定距离是否高于预定阈值,并且响应于一个或多个距离在一个或多个分布中高于预定阈值,识别当前 情况异常,并提供适应症。
-
公开(公告)号:US07142552B2
公开(公告)日:2006-11-28
申请号:US10117814
申请日:2002-04-08
申请人: Clark Debs Jeffries , Andreas Kind
发明人: Clark Debs Jeffries , Andreas Kind
CPC分类号: H04L47/32 , H04L47/10 , H04L47/11 , H04L47/2441 , H04L47/263 , H04L47/30 , H04L47/762 , H04L47/805 , Y02D50/10
摘要: A method and system for controlling a plurality of pipes in a computer network, including at least one processor for a switch, the at least one processor having a queue, the plurality of pipes utilizing the queue for transmitting traffic through the switch, wherein each pipe is assigned a priority ranking class, each class has a unique priority rank with respect to each of the other classes, the ranks ranging from a highest priority rank to a lowest priority rank. A transmission probability is calculated for each pipe responsive to its priority rank. If excess bandwidth exists for the queue, the transmission probability of each pipe is linearly increased. Alternatively, if excess bandwidth does not exist, the transmission probability for each pipe is exponentially decreased. Packets are transferred from a pipe to the queue responsive to the pipe transmission probability and priority rank.
-
公开(公告)号:US09512895B2
公开(公告)日:2016-12-06
申请号:US14009401
申请日:2012-04-03
申请人: Christof Behmenburg , Jens Uwe Gleu , Andreas Kind , Dirk Kröger , Andreas Nessel , Reiner Waschk
发明人: Christof Behmenburg , Jens Uwe Gleu , Andreas Kind , Dirk Kröger , Andreas Nessel , Reiner Waschk
CPC分类号: F16F9/0409 , F16F9/0418 , F16F9/0445
摘要: An air spring assembly for a motor vehicle, including an air spring, a rolling piston, a tubular rolling air spring bellows arranged concentrically about a central longitudinal axis of the air spring, and an air spring cover. A first partial air spring bellows has a first embedded textile reinforcement and a second partial air spring bellows has a second embedded textile reinforcement The first textile reinforcement has first reinforcing threads, the preferred axis of which extends parallel or nearly parallel to the axis of the central longitudinal axis of the air spring The second textile reinforcement has second reinforcing threads, the first preferred axis of which extends obliquely to the longitudinal axis of the air spring and the second preferred axis of which extends obliquely to the longitudinal axis of the air spring, wherein the first and the second preferred axis are at an angle to each other.
摘要翻译: 一种用于机动车辆的空气弹簧组件,包括空气弹簧,滚动活塞,围绕空气弹簧的中心纵向轴线同心布置的管状滚动空气弹簧波纹管和空气弹簧盖。 第一部分空气弹簧波纹管具有第一嵌入式纺织物加强件,第二部分空气弹簧波纹管具有第二嵌入式织物加强件。第一织物加强件具有第一加强螺纹,优选的轴线平行于或几乎平行于中心轴线 空气弹簧的纵向轴线第二织物加强件具有第二加强螺纹,其第一优选轴线相对于空气弹簧的纵向轴线倾斜延伸,并且其第二优选轴线倾斜于空气弹簧的纵向轴线延伸,其中 第一和第二优选轴彼此成角度。
-
公开(公告)号:US08989198B2
公开(公告)日:2015-03-24
申请号:US13609813
申请日:2012-09-11
申请人: Bernhard Jansen , Andreas Kind , Marc P. Stoecklin
发明人: Bernhard Jansen , Andreas Kind , Marc P. Stoecklin
CPC分类号: H04L61/6068 , H04L29/1232 , H04L29/12933 , H04L61/2092 , H04L67/34
摘要: Mechanisms are provided for automatic address range detection for an IP network. Flow data is obtained comprising the source or destination IP addresses for the flow and one of: the other of the source or destination IP addresses; or direction data identifying the flow direction across the network boundary. A tree is generated representing IP addresses in the flow data. IP addresses with initial portions in common are represented in the tree with a node in common. Weights are assigned to nodes in the tree based on occurrences of the represented IP addresses in the flow data. The IP address range of the network is detected by identifying, based on the assigned weights, the node associated with the last initial address portion common to all IP addresses in the network. A device is automatically configured with the IP address range to differentiate IP addresses inside and outside the network.
摘要翻译: 为IP网络的自动地址范围检测提供了机制。 获得流数据,其包括用于流的源或目的地IP地址和以下之一:源或目的地IP地址中的另一个; 或方向数据标识跨越网络边界的流向。 生成表示流数据中的IP地址的树。 具有共同的初始部分的IP地址在树中被表示为具有共同的节点。 基于流数据中所表示的IP地址的出现,权重被分配给树中的节点。 通过基于分配的权重,识别与网络中所有IP地址共同的最后初始地址部分相关联的节点来检测网络的IP地址范围。 设备自动配置IP地址范围,以区分网络内外的IP地址。
-
公开(公告)号:US08688655B2
公开(公告)日:2014-04-01
申请号:US13218530
申请日:2011-08-26
CPC分类号: G06F17/30324
摘要: A method for providing a compressed index for a stream of binary data records comprises steps of indexing a field from each record in a bitmap index, compressing stored bits in each column of the bitmap index by replacing a group of successive bits with a code and outputting the code. There is provided at least one of a first code for replacing a sequence of a first filling, a literal and a second filling, and a second code for replacing a sequence of a first literal, a filling and a second literal. In this context, a filling is a sequence of bits with the same value and a literal is a sequence of bits with different values.
摘要翻译: 一种用于为二进制数据记录流提供压缩索引的方法包括以下步骤:从位图索引中的每个记录中对字段进行索引,通过用代码替换一组连续位来压缩位图索引的每列中的存储位,并输出 代码。 提供了用于替换第一填充,文字和第二填充的序列的第一代码和用于替换第一文字,填充和第二文字的序列的第二代码中的至少一个。 在这种情况下,填充是具有相同值的位序列,文字是具有不同值的位序列。
-
公开(公告)号:US20120163196A1
公开(公告)日:2012-06-28
申请号:US13390037
申请日:2010-08-03
申请人: Bernhard Jansen , Andreas Kind , Marc P. Stoecklin
发明人: Bernhard Jansen , Andreas Kind , Marc P. Stoecklin
CPC分类号: H04L61/6068 , H04L29/1232 , H04L29/12933 , H04L61/2092 , H04L67/34
摘要: Mechanisms are provided for automatic address range detection for an IP network. Flow data is obtained comprising one of the source and destination IP addresses for the flow and one of (a) the other of the source and destination IP addresses and (b) direction data indicative of the flow direction across the network boundary. A tree data structure is generated representing the IP addresses in the flow data. IP addresses with initial portions in common are represented in the tree with at least one node in common. Weights are assigned to nodes in the tree in dependence on occurrences of the represented IP addresses in at least a subset of the flow data. The IP address range of the network is then detected by identifying, in dependence on the assigned weights, the node associated with the last initial address portion common to all IP addresses in the network. A device is automatically configured with the IP address range to permit distinction between IP addresses inside and outside the network in operation of the device, e.g. for filtering or traffic classification.
摘要翻译: 为IP网络的自动地址范围检测提供了机制。 获得流数据,其包括用于流的源和目的地IP地址之一,(a)源和目的地IP地址中的另一个以及(b)指示跨越网络边界的流向的方向数据。 生成表示流数据中的IP地址的树数据结构。 具有公共初始部分的IP地址在树中被表示为具有至少一个共同的节点。 根据在流数据的至少一个子集中所表示的IP地址的出现,权重被分配给树中的节点。 然后,通过根据所分配的权重,通过与网络中所有IP地址共同的最后一个初始地址部分相关联的节点来识别网络的IP地址范围。 自动配置设备的IP地址范围,以允许在设备操作中区分网络内部和外部的IP地址。 用于过滤或流量分类。
-
公开(公告)号:US07937388B2
公开(公告)日:2011-05-03
申请号:US12194784
申请日:2008-08-20
IPC分类号: G06F7/00
CPC分类号: H04L41/142 , H04L43/00 , H04L43/026 , H04L43/16
摘要: A method for probabilistic lossy counting includes: for each element in a current window, determining whether an entry corresponding to a current element is present in a table; in the event an entry corresponding to the current element is present in the table, incrementing a frequency counter associated with the current element; otherwise, inserting an entry into a table, wherein inserting an entry comprises: calculating a probabilistic error bound Δ based on an index i of the current window; and inserting the probabilistic error bound Δ and a frequency counter into an entry corresponding to the current element in the table; and at the end of the current window, removing all elements from the table wherein the sum of the frequency counter and probabilistic error bound Δ associated with the element is less than or equal to the index of the current window.
摘要翻译: 概率有损计数的方法包括:对于当前窗口中的每个元素,确定对应于当前元素的入口是否存在于表中; 在表中存在对应于当前元素的条目的情况下,增加与当前元素相关联的频率计数器; 否则,将条目插入到表中,其中插入条目包括:计算概率误差界限&Dgr; 基于当前窗口的索引i; 并插入概率误差界限&Dgr; 以及与表中的当前元素相对应的条目的频率计数器; 并且在当前窗口的末尾,从表中移除所有元素,其中频率计数器和概率误差的总和&Dgr; 与元素关联的小于或等于当前窗口的索引。
-
-
-
-
-
-
-
-
-
搜索结果
54 条记录 (耗时 0.022 秒)
