公开(公告)号：US10284476B1

公开(公告)日：2019-05-07

申请号：US16050863

申请日：2018-07-31

申请人： Hojae Lee ,  Paul Seungkyu Min

发明人： Hojae Lee ,  Paul Seungkyu Min

IPC分类号： H04L12/851 ,  H04L9/06 ,  G06K9/62

摘要： A network device includes a substring indicator memory and a signature search module for detecting a signature pattern within a stream of network traffic. The signature search module is configured to receive the stream of network traffic, identify a first subject substring from the stream of network traffic, generate a first substring indicator for the first subject substring using a first bitmask on the first subject substring, the first bitmask identifying a plurality of masked bits of the first subject substring, identify a first counter using the first substring indicator as an address into the substring indicator memory, and generate an indication that the signature pattern may be present in the stream of network traffic based on a value of the first counter.

公开(公告)号：US07106738B2

公开(公告)日：2006-09-12

申请号：US09828703

申请日：2001-04-06

申请人： Hossein Saidi ,  Chunhua Hu ,  Peter Yifey Yan ,  Paul Seungkyu Min

发明人： Hossein Saidi ,  Chunhua Hu ,  Peter Yifey Yan ,  Paul Seungkyu Min

IPC分类号： H04L12/28 ,  H04L12/56

CPC分类号： H04L49/153 ,  H04L49/1523 ,  H04L49/25 ,  H04L49/258 ,  H04L49/30 ,  H04L49/3081 ,  H04L2012/5679

摘要： Disclosed herein is a system architecture capable of processing fixed length and/or variable length data packets. Under the method of the invention, incoming data packets are queued together according to their corresponding switch processing parameters (SPPs), and then the commonly-queued data packets are processed through a switch fabric as a single unit. In one aspect of the invention, the commonly-queued data packets are processed by the switch fabric as a single train packet. In another aspect of the invention, the commonly-queued data packets are sliced into a set of subtrain packets. A switch fabric then processes the set of subtrain packets in parallel using a plurality of switch planes. Both aspects of the invention can be implemented with a plurality of packet formatters and deformatters linked to a switch fabric in various configurations, including multi-path and hierarchical switching systems. a multichannel switching system.

公开(公告)号：US06859455B1

公开(公告)日：2005-02-22

申请号：US09710193

申请日：2000-11-10

申请人： Nasser Yazdani ,  Paul Seungkyu Min

发明人： Nasser Yazdani ,  Paul Seungkyu Min

IPC分类号： G06F17/30 ,  H04L12/56 ,  H04L12/28

CPC分类号： H04L45/00 ,  G06F17/30985 ,  H04L45/54 ,  H04L45/7457

摘要： A method and apparatus are provided for building a searchable multi-dimensional index tree that indexes a plurality of data objects. In one aspect of the invention, the index tree divides dataspace into three subspaces and indexes the data objects using a single dimension. If too many data objects map to the same point in that dimension, the dimension is switched to a new dimension of the data object and the data object is indexed using the new dimension. A split node having a split value is used to keep track of the indexing. In another aspect of the invention, the index tree divides dataspace into two subspaces, and equal bits are used in the split nodes to track the content of the data objects in the subspaces. If too many data objects sharing the same key within the same dimension map to a single point, then the dimension is switched to a new dimension and the data objects are indexed using the new dimension. Also disclosed is the multi-dimensional index tree itself as well as a router that uses the multi-dimensional index tree of the present invention to provide packet classification functions.

摘要翻译： 提供了一种构建可索引多个数据对象的可搜索多维索引树的方法和装置。 在本发明的一个方面，索引树将数据空间划分为三个子空间，并使用单个维度对数据对象进行索引。 如果太多的数据对象映射到该维度中的同一点，则维度将切换到数据对象的新维度，并使用新维度对数据对象进行索引。 具有分割值的分割节点用于跟踪索引。 在本发明的另一方面，索引树将数据空间划分为两个子空间，并且在分割节点中使用相等的比特来跟踪子空间中的数据对象的内容。 如果在同一维度中共享同一个密钥的太多数据对象映射到单个点，则将维度切换到新维度，并使用新维度对数据对象进行索引。 还公开了多维索引树本身以及使用本发明的多维索引树的路由器来提供分组分类功能。

公开(公告)号：US06614789B1

公开(公告)日：2003-09-02

申请号：US09474452

申请日：1999-12-29

申请人： Nasser Yazdani ,  Paul Seungkyu Min

发明人： Nasser Yazdani ,  Paul Seungkyu Min

IPC分类号： H04L1228

CPC分类号： H04L45/00 ,  G06F17/30985 ,  H04L45/54 ,  H04L45/7457

摘要： A method and apparatus is provided for comparing and sorting data strings of different lengths, in a given character set, and modifying the data such that queries can be run using different search trees. Three different search trees are provided, including: a binary prefix tree and two m_way tree structures, a static m_way prefix tree and a dynamic m_way prefix tree. The data strings may be prefixes of addresses in TCP/IP protocols and searching may be performed using a host address of a computer network. The method further provides for transmitting packet information associated with the network address. Additionally, switching packets in layer 3 and 4 of the TCP/IP protocol and sending the packets to designated ports of a device is provided. The method may also provide differentiated service or data protection, such as a firewall, based on packet classification information.

摘要翻译： 提供了一种方法和装置，用于比较和排序给定字符集中不同长度的数据串，并修改数据，使得可以使用不同的搜索树来运行查询。 提供三种不同的搜索树，包括：二进制前缀树和两个m_way树结构，静态m_way前缀树和动态m_way前缀树。 数据串可以是TCP / IP协议中的地址的前缀，并且可以使用计算机网络的主机地址来执行搜索。 该方法还提供发送与网络地址相关联的分组信息。 另外，提供TCP / IP协议的第3层和第4层的数据包，并将数据包发送到设备的指定端口。 该方法还可以基于分组分类信息来提供差分服务或数据保护，例如防火墙。

公开(公告)号：US07110411B2

公开(公告)日：2006-09-19

申请号：US10105515

申请日：2002-03-25

申请人： Hossein Saidi ,  Chunhua Hu ,  Peter Yifey Yan ,  Paul Seungkyu Min

发明人： Hossein Saidi ,  Chunhua Hu ,  Peter Yifey Yan ,  Paul Seungkyu Min

IPC分类号： H04L12/56

CPC分类号： H04L47/525 ,  H04L47/50 ,  H04L47/522 ,  H04L47/621 ,  H04L47/623 ,  H04L47/6285 ,  H04L2012/5679 ,  H04L2012/5681 ,  H04Q11/0478

摘要： A method and apparatus is provided for scheduling access to a common resource for a plurality of objects queued in a plurality of connection queues. Tokens associated with the connection queues are stored in scheduling queues. Each scheduling queue has a scheduling weight assigned thereto. Each connection queue has a connection weight value assigned thereto. A serving value is used to determine which scheduling queue to select. When a scheduling queue is selected, an object stored in a connection queue having an associated token stored in the selected scheduling queue is provided to the common resource. Tokens are moved among the scheduling queues as a function of the connection weight values, scheduling weights, and serving value. The objects queued in the connection queues may be fixed length cells or variable length packets. When the objects are variable length packets, a residual weight value is also maintained for each connection queue, the residual weight values being useful to prevent the connection queues from receiving an undue amount of service relative to their connection weights during each serving cycle.

公开(公告)号：US5787161A

公开(公告)日：1998-07-28

申请号：US555955

申请日：1995-11-13

申请人： Ammar Rayes ,  Paul Seungkyu Min

发明人： Ammar Rayes ,  Paul Seungkyu Min

IPC分类号： H04M3/36 ,  H04Q3/00

CPC分类号： H04M3/36 ,  H04Q3/002 ,  H04Q3/0083 ,  H04Q2213/13514 ,  H04Q2213/13543 ,  H04Q2213/13561

摘要： In communication network, the network blocking probability can be efficiently calculated by applying a Gaussian approximation to a fixed point algorithm. Gaussian curves are approximated to represent state probability distributions of the network links. By efficiently calculating the network blocking probability, the network can be optimally designed by lowering the network blocking probability below a threshold at the least cost.

摘要翻译： 在通信网络中，可以通过对固定点算法应用高斯近似来有效地计算网络阻塞概率。 近似高斯曲线表示网络链路的状态概率分布。 通过有效地计算网络阻塞概率，可以以最小的成本将网络阻塞概率降低到阈值以下来优化网络。