公开(公告)号：US09854000B2

公开(公告)日：2017-12-26

申请号：US14534429

申请日：2014-11-06

申请人： Daniel G. Wing ,  Flemming S. Andreasen ,  Kent K. Leung

发明人： Daniel G. Wing ,  Flemming S. Andreasen ,  Kent K. Leung

IPC分类号： G06F11/00 ,  H04L29/06

CPC分类号： H04L63/166 ,  H04L63/1408 ,  H04L63/145

摘要： In one embodiment, a method includes identifying unusual behavior with respect to a handshake between a first endpoint and a second endpoint that are included in a network, and determining whether the unusual behavior with respect to the handshake indicates presence of malicious software. The method also includes identifying at least one of the first endpoint and the second endpoint as potentially being infected by the malicious software if it is determined that the unusual behavior with respect to the handshake indicates the presence of malicious software.

公开(公告)号：US08953771B2

公开(公告)日：2015-02-10

申请号：US11270017

申请日：2005-11-07

申请人： Daniel G. Wing

发明人： Daniel G. Wing

IPC分类号： H04M7/00 ,  H04L29/06 ,  H04M3/42 ,  H04M1/253

CPC分类号： H04L63/08 ,  H04L29/06027 ,  H04L63/18 ,  H04L65/1006 ,  H04M1/2535 ,  H04M3/42042 ,  H04M3/42059 ,  H04M7/0024 ,  H04M2242/22

摘要： The present application provides an authentication scheme that allows a device to provide additional authentication of a Publicly Switched Telephone Network (PSTN) identity assertion made in a PSTN call by also sending an Internet Protocol (IP) communication. The device sends the IP communication generally in parallel with the PSTN call. The IP communication includes a network identity assertion, which optionally may be authenticated using a cryptographically secure technique. The network identity assertion, being more difficult to falsify, provides additional authentication of the PSTN identity assertion.

摘要翻译： 本申请提供了一种认证方案，其允许设备通过还发送因特网协议（IP）通信来提供在PSTN呼叫中进行的公共交换电话网络（PSTN）身份断言的额外认证。 该设备通常与PSTN呼叫并行发送IP通信。 IP通信包括网络身份断言，其可选地可以使用加密安全技术来认证。 更难以伪造的网络身份断言提供对PSTN身份断言的附加认证。

公开(公告)号：US08402507B2

公开(公告)日：2013-03-19

申请号：US11867656

申请日：2007-10-04

申请人： Feng Cao ,  Daniel G. Wing

发明人： Feng Cao ,  Daniel G. Wing

IPC分类号： G06F17/00 ,  H04L29/06

CPC分类号： H04L63/20

摘要： In one embodiment, a network device generates a protection policy responsive to identifying undesired voice data traffic. The network device then distributes the generated protection policy along a call path used for transferring the undesired voice data traffic. The proxy may distribute the protection policy by inserting the protection policy in a call response or other message that traces the call path back to a calling endpoint.

摘要翻译： 在一个实施例中，网络设备响应于识别不期望的语音数据业务而生成保护策略。 然后，网络设备沿着用于传送不期望的语音数据业务的呼叫路径分配生成的保护策略。 代理可以通过将保护策略插入呼叫响应或跟踪呼叫路径回到呼叫端点的其他消息来分发保护策略。

公开(公告)号：US20120219153A1

公开(公告)日：2012-08-30

申请号：US13466598

申请日：2012-05-08

申请人： Robert T. Bell ,  Subbiah Kandasamy ,  Daniel G. Wing

发明人： Robert T. Bell ,  Subbiah Kandasamy ,  Daniel G. Wing

IPC分类号： H04L9/08 ,  H04L29/06

CPC分类号： H04L9/0827 ,  H04L9/083 ,  H04L63/0442 ,  H04L63/061 ,  H04L63/102 ,  H04L63/30 ,  H04L2209/60

摘要： Intercepting a secure communication session includes distributing a key from a key distribution point to establish a secure communication session between a first endpoint and a second endpoint. A secure channel is established between the key distribution point and an intercepting point. The intercepting endpoint may be determined to be authorized to intercept the secure communication session. The key is provided to the intercepting endpoint only if the intercepting endpoint is authorized to intercept the secure communication session, where the key provides the intercepting endpoint with access to intercept the secure communication session.

摘要翻译： 拦截安全通信会话包括从密钥分发点分配密钥以在第一端点和第二端点之间建立安全通信会话。 在密钥分发点和拦截点之间建立安全通道。 可以确定拦截端点被授权拦截安全通信会话。 仅当拦截端点被授权拦截安全通信会话时，密钥才被提供给拦截端点，其中密钥向拦截端点提供拦截安全通信会话的访问。

公开(公告)号：US08248942B2

公开(公告)日：2012-08-21

申请号：US12360247

申请日：2009-01-27

申请人： Daniel G. Wing ,  Ali C. Begen

发明人： Daniel G. Wing ,  Ali C. Begen

IPC分类号： G01R31/08

CPC分类号： H04L43/065 ,  H04L43/087

摘要： Techniques are provided herein to enable monitoring of a real-time transport protocol (RTP) packet flow in devices along the path that the RTP packet flow traversed from a source to a destination. A device that is a source or destination of a RTP packet flow transmits a monitor request message that requests one or more other devices along a path of the RTP packet flow to monitor the RTP packet flow. The device that is the source or destination of the RTP packet flow receives one or more monitoring reports from the one or more other devices along the path of the RTP packet flow. This allows a device that requested monitoring of the RTP packet flow to analyze the monitor reports in order to determine a location of a cause of reduced performance in the RTP packet flow. e.g., missing packets, overly delayed packets, etc.

摘要翻译： 本文提供了技术来实现沿着RTP分组流从源到目的地的路径的设备中的实时传输协议（RTP）分组流的监控。 作为RTP分组流的源或目的地的设备发送监视请求消息，该请求消息沿着RTP分组流的路径请求一个或多个其他设备以监视RTP分组流。 作为RTP分组流的源或目的地的设备从沿着RTP分组流的路径的一个或多个其他设备接收一个或多个监视报告。 这允许请求监视RTP分组流的设备分析监视器报告，以便确定在RTP分组流中性能降低的原因的位置。 例如丢失数据包，过度延迟的数据包等

公开(公告)号：US08204047B2

公开(公告)日：2012-06-19

申请号：US11780941

申请日：2007-07-20

申请人： Jonathan Rosenberg ,  Cullen F. Jennings ,  Daniel G. Wing

发明人： Jonathan Rosenberg ,  Cullen F. Jennings ,  Daniel G. Wing

IPC分类号： H04L12/28

CPC分类号： H04L65/1053

摘要： A system for verifying caller ID information in received VoIP calls. In particular implementations, a method includes receiving a caller identification (ID) identifying a calling party telephone number in a call initiation message transmitted from a VoIP call agent; determining the identity of the VoIP call agent; verifying that a public switched telephone network (PSTN) call to the calling party telephone number would arrive at a VoIP call agent having the determined identity; and applying, responsive to the call initiation message, one or more rules based at least in part on the verifying step.

摘要翻译： 用于在接收的VoIP呼叫中验证呼叫者ID信息的系统。 在特定实施方式中，一种方法包括在从VoIP呼叫代理发送的呼叫发起消息中接收标识呼叫方电话号码的呼叫者标识（ID）; 确定VoIP呼叫代理的身份; 验证对主叫方电话号码的公共交换电话网（PSTN）呼叫将到达具有所确定身份的VoIP呼叫代理; 以及响应于所述呼叫发起消息，至少部分地基于所述验证​​步骤来应用一个或多个规则。

公开(公告)号：US08199746B2

公开(公告)日：2012-06-12

申请号：US11780928

申请日：2007-07-20

申请人： Jonathan Rosenberg ,  Cullen F. Jennings ,  Daniel G. Wing

发明人： Jonathan Rosenberg ,  Cullen F. Jennings ,  Daniel G. Wing

IPC分类号： H04L12/28

CPC分类号： H04L65/1069 ,  H04L65/1036 ,  H04M3/5125 ,  H04M3/5232 ,  H04M7/0057 ,  H04M7/006 ,  H04M7/0063 ,  H04M2203/551

摘要： A system for verifying VoIP call routing information. In particular implementations, a method includes verifying one or more Voice-over-Internet-Protocol (VoIP) call agents for respective destination telephone numbers based on demonstrated knowledge of previous public switched telephone network (PSTN) calls to the respective destination telephone numbers; receiving a call initiation message identifying a destination telephone number; and conditionally initiating a call over a VoIP network to a target VoIP call agent, or over a circuit switched network, based on whether the target VoIP call agent has been verified for the destination telephone number identified in the call initiation message.

摘要翻译： 一种用于验证VoIP呼叫路由信息的系统。 在特定实施方式中，一种方法包括基于对先前公共交换电话网（PSTN）对各个目的地电话号码的呼叫的证明知识来验证用于各个目的地电话号码的一个或多个因特网协议（VoIP）呼叫代理; 接收标识目的地电话号码的呼叫发起消息; 并且基于目标VoIP呼叫代理是否已经被验证为在呼叫发起消息中标识的目的地电话号码，有条件地通过VoIP网络向目标VoIP呼叫代理或电路交换网络发起呼叫。

公开(公告)号：US08175277B2

公开(公告)日：2012-05-08

申请号：US11116644

申请日：2005-04-28

申请人： Robert T. Bell ,  Subbiah Kandasamy ,  Daniel G. Wing

发明人： Robert T. Bell ,  Subbiah Kandasamy ,  Daniel G. Wing

IPC分类号： H04L9/08

CPC分类号： H04L9/0827 ,  H04L9/083 ,  H04L63/0442 ,  H04L63/061 ,  H04L63/102 ,  H04L63/30 ,  H04L2209/60

摘要： Intercepting a secure communication session includes distributing a key from a key distribution point to establish a secure communication session between a first endpoint and a second endpoint. A secure channel is established between the key distribution point and an intercepting point. The intercepting endpoint may be determined to be authorized to intercept the secure communication session. The key is provided to the intercepting endpoint only if the intercepting endpoint is authorized to intercept the secure communication session, where the key provides the intercepting endpoint with access to intercept the secure communication session.

摘要翻译： 拦截安全通信会话包括从密钥分发点分配密钥以在第一端点和第二端点之间建立安全通信会话。 在密钥分发点和拦截点之间建立安全通道。 可以确定拦截端点被授权拦截安全通信会话。 仅当拦截端点被授权拦截安全通信会话时，密钥才被提供给拦截端点，其中密钥向拦截端点提供拦截安全通信会话的访问。

公开(公告)号：US20120110152A1

公开(公告)日：2012-05-03

申请号：US12916716

申请日：2010-11-01

申请人： Daniel G. Wing ,  Michael A. Ramalho

发明人： Daniel G. Wing ,  Michael A. Ramalho

IPC分类号： G06F15/173 ,  H04L12/26

CPC分类号： H04L45/02 ,  H04L12/4633 ,  H04L45/20 ,  H04L45/26 ,  H04L65/608

摘要： In one embodiment a method and apparatus are provided that automatically establish an real time protocol (RTP) tunnel between an originator node or router and a terminator node or router, wherein the terminator node is close to a remote RTP peer. A method includes detecting a new flow of RTP packets wherein the RTP packets are encoded with a destination Internet Protocol (IP) address. Responsive to detecting the new flow, a probe is sent towards a same IP address as the destination IP address of the RTP packets. A response to the probe is received, the response including an identifier of a node that generated the response. Then, using the identifier, a tunnel is established with the node that generated the response, and thereafter compressed packets (compressed headers, compressed payloads, or both) are passed via the tunnel.

摘要翻译： 在一个实施例中，提供了一种方法和装置，其自动建立发起者节点或路由器与终端节点或路由器之间的实时协议（RTP）隧道，其中终止器节点靠近远程RTP对等体。 一种方法包括检测RTP分组的新流程，其中RTP分组用目的地因特网协议（IP）地址编码。 响应于检测新流，探测器被发送到与RTP分组的目的地IP地址相同的IP地址。 接收到对探测器的响应，响应包括产生响应的节点的标识符。 然后，使用标识符，建立与生成响应的节点的隧道，然后经由隧道传递压缩分组（压缩报头，压缩的有效载荷或两者）。

公开(公告)号：US07978703B2

公开(公告)日：2011-07-12

申请号：US12724271

申请日：2010-03-15

申请人： Vinay J. Pande ,  Kaushik Biswas ,  Jayesh Chokshi ,  Daniel G. Wing

发明人： Vinay J. Pande ,  Kaushik Biswas ,  Jayesh Chokshi ,  Daniel G. Wing

IPC分类号： H04L12/28 ,  H04L12/56 ,  H04J1/14 ,  H04J3/12 ,  H04W4/00 ,  H04B7/00

CPC分类号： H04L29/12556 ,  H04L29/125 ,  H04L61/2564 ,  H04L61/2585

摘要： In one embodiment, a signaling message is received from an endpoint. It is determined from the signaling message whether, prior to sending the signaling message, the endpoint performed network address translation on the body of the signaling message. If it is determined from the signaling message that, prior to sending the signaling message, the endpoint did not perform network address translation on the body of the signaling message, application layer gateway functionality is applied to the body of the signaling message such that a modified signaling message is generated.

摘要翻译： 在一个实施例中，从端点接收信令消息。 从信令消息确定在发送信令消息之前，终端是否在信令消息的主体上执行网络地址转换。 如果从信令消息确定，在发送信令消息之前，端点没有在信令消息的主体上执行网络地址转换，则应用层网关功能被应用于信令消息的主体，使得修改 生成信令消息。