Method and apparatus for the early detection of machines infected by e-mail based computer viruses
    1.
    发明申请
    Method and apparatus for the early detection of machines infected by e-mail based computer viruses 审中-公开
    用于早期发现基于电子邮件的计算机病毒感染的机器的方法和装置

    公开(公告)号:US20060143712A1

    公开(公告)日:2006-06-29

    申请号:US11021061

    申请日:2004-12-23

    IPC分类号: G06F12/14

    摘要: A method and apparatus for the early detection of machines infected by e-mail based computer viruses advantageously employs a network behavioral analysis rather than a direct technical analysis of attached executable code. Specifically, an SMTP (Simple Mail Transfer Protocol) log associated with a mail gateway system interconnected to a plurality of machines is examined, and based on an analysis of information comprised in a plurality of log entries thereof, it may be determined that one of these machines has a possible infection by an e-mail based computer virus. Illustratively, information extracted from each entry in the SMTP log (i.e., for each incoming e-mail message) of the mail gateway includes (i) the unique identity of the sending machine; (ii) the “hello” name that the sending machine calls itself, (iii) the e-mail “From:” address; and (iv) whether the message contains a potentially virus-like (e.g., executable) attachment.

    摘要翻译: 用于早期检测受基于电子邮件的计算机病毒感染的机器的方法和装置有利地采用网络行为分析,而不是对附加的可执行代码的直接技术分析。 特别地,检查与互连到多个机器的邮件网关系统相关联的SMTP(简单邮件传输协议)日志,并且基于对包含在其多个日志条目中的信息的分析,可以确定这些 机器有可能由基于电子邮件的计算机病毒感染。 说明性地,从SMTP日志中的每个条目提取的信息(即,对于每个传入的电子邮件消息)提供的信息包括(i)发送机的唯一身份; (ii)发送机器称之为“hello”的名称,(iii)电子邮件“From:”地址; 和(iv)消息是否包含潜在的病毒样(例如可执行)附件。

    Network failure detection
    3.
    发明授权
    Network failure detection 有权
    网络故障检测

    公开(公告)号:US08745195B1

    公开(公告)日:2014-06-03

    申请号:US13493094

    申请日:2012-06-11

    IPC分类号: G06F15/173

    CPC分类号: H04L41/06 H04L43/16

    摘要: A number of requests for an alternative network location are identified, where the requests for the alternative network location are generated after failure of one or more previous requests to reach a first, previous network location as a result of a network brownout. It is determined if the number of requests for the alternative network location exceed a threshold value for a period of time, and if so, an alarm is generated.

    摘要翻译: 识别对替代网络位置的多个请求,其中在由于网络掉电导致到达第一先前网络位置的一个或多个先前请求失败之后生成替代网络位置的请求。 确定替代网络位置的请求数是否超过一段时间的阈值,如果是,则产生报警。

    Technique for regulating link traffic
    4.
    发明授权
    Technique for regulating link traffic 有权
    调节链路流量的技术

    公开(公告)号:US07882231B2

    公开(公告)日:2011-02-01

    申请号:US12114350

    申请日:2008-05-02

    IPC分类号: G06F13/00

    摘要: A system which regulates communication with a server is described. During operation, the system determines a retransmission rate of data packets during a first set of conversations between a group of users and the server via a peering link. Next, the system compares the retransmission rate and an historical retransmission rate of data packets during a second set of conversations between a second group of users and the server via the peering link. The system then adjusts a target acceptance rate of the server to requests to initiate conversations with additional users via the peering link based on the comparison of the retransmission rate and the historical retransmission rate. Additionally, the system accepts or rejects a request to initiate a conversation between another user and the server via the peering link based on an actual acceptance rate of the server to requests to initiate the conversations and the target acceptance rate.

    摘要翻译: 描述了一种调节与服务器通信的系统。 在操作期间,系统通过对等链路在一组用户和服务器之间的第一组会话期间确定数据分组的重传速率。 接下来,系统经由对等链路在第二组用户与服务器之间的第二组对话期间比较重传率和数据分组的历史重传率。 然后,系统根据重传速率与历史重发率的比较,将服务器的目标接受率调整为通过对等链路与其他用户进行对话的请求。 此外,系统基于服务器对启动对话的请求的实际接受率和目标接受率,接受或拒绝通过对等链路发起另一用户与服务器之间的会话的请求。

    Method and apparatus for providing data storage in peer-to peer networks
    5.
    发明申请
    Method and apparatus for providing data storage in peer-to peer networks 有权
    在对等网络中提供数据存储的方法和装置

    公开(公告)号:US20060075063A1

    公开(公告)日:2006-04-06

    申请号:US10948879

    申请日:2004-09-24

    IPC分类号: G06F15/16

    摘要: A method and apparatus for enhanced data storage in peer-to-peer (P2P) networks. Users subscribe to a P2P storage network that allows each user to store files on the storage network by swapping blocks of the user's files with blocks from storage of a peer, or peers, on the network. A user desiring to utilize the storage network for a certain data block must take back an equal, or substantially equal, storage block from another peer on the network thereby insuring no net change, or minimal net change, in total storage across the P2P storage network. In addition, the diffusion of data blocks throughout the storage network is employed whereby individual peers swap data blocks on a random basis thereby further enhancing the security of the swapped blocks from direct attacks.

    摘要翻译: 一种用于在对等(P2P)网络中增强数据存储的方法和装置。 用户订阅P2P存储网络,其允许每个用户通过在网络上的对等体或对等体的存储的块中交换用户文件的块来存储文件在存储网络上。 期望利用存储网络用于特定数据块的用户必须从网络上的另一个对等端收回相等或基本上相等的存储块,从而确保在P2P存储网络中的总存储中没有净变化或最小净变化 。 此外,使用数据块在整个存储网络中的扩散,由此各个对等体随机地交换数据块,从而进一步增强了交换块的直接攻击的安全性。

    Network failure detection
    7.
    发明授权
    Network failure detection 有权
    网络故障检测

    公开(公告)号:US08224942B1

    公开(公告)日:2012-07-17

    申请号:US11865969

    申请日:2007-10-02

    IPC分类号: G06F15/173

    CPC分类号: H04L41/06 H04L43/16

    摘要: A number of requests for an alternative network location are identified, where the requests for the alternative network location are generated after failure of one or more previous requests to reach a first, previous network location as a result of a network brownout. It is determined if the number of requests for the alternative network location exceed a threshold value for a period of time, and if so, an alarm is generated.

    摘要翻译: 识别对替代网络位置的多个请求,其中在由于网络掉电导致到达第一先前网络位置的一个或多个先前请求失败之后生成替代网络位置的请求。 确定替代网络位置的请求数是否超过一段时间的阈值,如果是,则产生报警。

    TECHNIQUE FOR REGULATING LINK TRAFFIC
    9.
    发明申请
    TECHNIQUE FOR REGULATING LINK TRAFFIC 有权
    调节链路业务的技术

    公开(公告)号:US20090276518A1

    公开(公告)日:2009-11-05

    申请号:US12114350

    申请日:2008-05-02

    IPC分类号: G06F15/16 G06F15/173

    摘要: A system which regulates communication with a server is described. During operation, the system determines a retransmission rate of data packets during a first set of conversations between a group of users and the server via a peering link. Next, the system compares the retransmission rate and an historical retransmission rate of data packets during a second set of conversations between a second group of users and the server via the peering link. The system then adjusts a target acceptance rate of the server to requests to initiate conversations with additional users via the peering link based on the comparison of the retransmission rate and the historical retransmission rate. Additionally, the system accepts or rejects a request to initiate a conversation between another user and the server via the peering link based on an actual acceptance rate of the server to requests to initiate the conversations and the target acceptance rate.

    摘要翻译: 描述了一种调节与服务器通信的系统。 在操作期间,系统通过对等链路在一组用户和服务器之间的第一组会话期间确定数据分组的重传速率。 接下来,系统经由对等链路在第二组用户与服务器之间的第二组对话期间比较重传率和数据分组的历史重传率。 然后,系统根据重传速率与历史重发率的比较,将服务器的目标接受率调整为通过对等链路与其他用户进行对话的请求。 此外,系统基于服务器对启动对话的请求的实际接受率和目标接受率,接受或拒绝通过对等链路发起另一用户与服务器之间的会话的请求。

    Load balancing and content preservation
    10.
    发明授权
    Load balancing and content preservation 有权
    负载平衡和内容保存

    公开(公告)号:US09154367B1

    公开(公告)日:2015-10-06

    申请号:US13338024

    申请日:2011-12-27

    摘要: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for receiving a plurality of requests from a plurality of client devices sent to a public internet protocol address; routing the requests to one or more internal Internet protocol addresses, where the one or more internal Internet protocol addresses correspond to one or more compute nodes, and where the one or more compute nodes process the routed requests; determining a particular compute node is offline, where the particular compute node is assigned one or more internal Internet protocol addresses; in response to the determination that the particular node is offline, reassigning the one or more internal Internet protocol addresses corresponding to the particular compute node to one or more different compute nodes, where requests communicated to the reassigned internal Internet protocol addresses are communicated to the one or more different compute nodes for processing.

    摘要翻译: 方法,系统和装置,包括在计算机存储介质上编码的计算机程序,用于从发送到公共因特网协议地址的多个客户机装置接收多个请求; 将所述请求路由到一个或多个内部因特网协议地址,其中所述一个或多个内部因特网协议地址对应于一个或多个计算节点,以及所述一个或多个计算节点处理所述路由请求的位置; 确定特定计算节点是脱机的,其中所述特定计算节点被分配一个或多个内部因特网协议地址; 响应于特定节点脱机的确定,将与特定计算节点相对应的一个或多个内部因特网协议地址重新分配给一个或多个不同的计算节点,其中传送到重新分配的内部因特网协议地址的请求被传送到一个 或更多不同的计算节点进行处理。