Active network defense system and method
    4.
    发明申请
    Active network defense system and method 有权
    主动网络防御系统及方法

    公开(公告)号:US20050028013A1

    公开(公告)日:2005-02-03

    申请号:US10930922

    申请日:2004-08-31

    IPC分类号: H04L12/26 H04L29/06 G06F11/30

    摘要: An active network defense system is provided that is operable to monitor and block traffic in an automated fashion. This active network defense system is placed in-line with respect to the packet traffic data flow as a part of the network infrastructure. In this configuration, inspection and manipulation of every passing packet is possible. An algorithmic filtering operation applies statistical threshold filtering to the data flow in order to identify threats existing across multiple sessions. A trigger filtering operation applies header and content match filtering to the data flow in order to identify threats existing within individual sessions. Threatening packet traffic is blocked and threatening sessions are terminated. Suspicious traffic is extracted from the data flow for further examination with more comprehensive content matching as well as asset risk analysis. A flow control mechanism is provided to control passage rate for packets passing through the data flow.

    摘要翻译: 提供了一种主动的网络防御系统,其可操作以自动化方式监视和阻止业务。 作为网络基础设施的一部分,该活动的网络防御系统相对于分组业务数据流在线地放置。 在这种配置中,可以检查和操纵每个通过的包。 算法过滤操作将统计阈值过滤应用于数据流,以便识别跨多个会话存在的威胁。 触发器过滤操作将头部和内容匹配过滤应用于数据流,以便识别各个会话中存在的威胁。 威胁数据包流量被阻止,威胁性会话终止。 从数据流中提取可疑流量进行进一步检查,具有更全面的内容匹配和资产风险分析。 提供流控制机制来控制通过数据流的分组的通过速率。

    Active network defense system and method
    6.
    发明授权
    Active network defense system and method 有权
    主动网络防御系统及方法

    公开(公告)号:US07451489B2

    公开(公告)日:2008-11-11

    申请号:US10930392

    申请日:2004-08-31

    IPC分类号: H04L9/00 G06F11/30 G06F15/173

    摘要: An active network defense system is provided that is operable to monitor and block traffic in an automated fashion. This active network defense system is placed in-line with respect to the packet traffic data flow as a part of the network infrastructure. In this configuration, inspection and manipulation of every passing packet is possible. An algorithmic filtering operation applies statistical threshold filtering to the data flow in order to identify threats existing across multiple sessions. A trigger filtering operation applies header and content match filtering to the data flow in order to identify threats existing within individual sessions. Threatening packet traffic is blocked and threatening sessions are terminated. Suspicious traffic is extracted from the data flow for further examination with more comprehensive content matching as well as asset risk analysis. A flow control mechanism is provided to control passage rate for packets passing through the data flow.

    摘要翻译: 提供了一种主动的网络防御系统,其可操作以自动化方式监视和阻止业务。 作为网络基础设施的一部分,该活动的网络防御系统相对于分组业务数据流在线地放置。 在这种配置中,可以检查和操纵每个通过的包。 算法过滤操作将统计阈值过滤应用于数据流,以便识别跨多个会话存在的威胁。 触发器过滤操作将头部和内容匹配过滤应用于数据流,以便识别各个会话中存在的威胁。 威胁数据包流量被阻止,威胁性会话终止。 从数据流中提取可疑流量进行进一步检查,具有更全面的内容匹配和资产风险分析。 提供流控制机制来控制通过数据流的分组的通过速率。

    Multi-level packet screening with dynamically selected filtering criteria
    7.
    发明授权
    Multi-level packet screening with dynamically selected filtering criteria 有权
    具有动态选择过滤标准的多级分组筛选

    公开(公告)号:US06983323B2

    公开(公告)日:2006-01-03

    申请号:US10217862

    申请日:2002-08-12

    IPC分类号: G06F13/00

    摘要: A packet filtering operation implements a hierarchical technique. Received packet traffic is first filtered with a first filtering criteria. This first filtering action generates a first pass traffic portion and a fail traffic portion from the received packet traffic. The fail traffic portion is then second filtered with a second filtering criteria. This second filtering action generates a second pass traffic portion and a reject traffic portion. The first filtering criteria provide for higher throughput, lower accuracy processing while the second filtering criteria provide for lower throughput, higher accuracy processing. Dynamic adjustments may be made to the first and second filtering criteria to achieve better overall packet filtering performance. For example, load is measured and the filtering criteria adjusted to better balance load between the hierarchical filtering actions.

    摘要翻译: 包过滤操作实现分层技术。 接收到的数据包流量首先用第一个过滤条件进行过滤。 该第一过滤动作从接收到的分组流量生成第一通过业务部分和故障业务部分。 然后以第二过滤标准对故障业务部分进行第二次过滤。 该第二过滤动作产生第二通过业务部分和拒绝业务部分。 第一个过滤标准提供更高的吞吐量,更低的精度处理,而第二个过滤标准提供较低的吞吐量,更高的精度处理。 可以对第一和第二过滤标准进行动态调整,以实现更好的整体包过滤性能。 例如,测量负载并调整过滤标准以更好地平衡分层过滤动作之间的负载。

    System and method for summarizing and reporting impact of database statements
    8.
    发明授权
    System and method for summarizing and reporting impact of database statements 有权
    汇总和报告数据库语句影响的系统和方法

    公开(公告)号:US07831621B1

    公开(公告)日:2010-11-09

    申请号:US11904605

    申请日:2007-09-27

    IPC分类号: G06F7/00 G06F17/30

    CPC分类号: G06F21/6227 G06F17/30371

    摘要: Embodiments of the present invention provide a system and method for summarizing and reporting the impact of database statements at a database appliance. The database appliance, according to one embodiment, can receive a database request and determine a set of information related to the request. Embodiments disclosed herein take in as input the database statement text and output multiple impact vectors, each containing both the name of an affected entity and a 32-bit “impact bitmap” for that entity. This concise and unambiguous output format can be computed using fast AND, OR, XOR, and NOT operations, allowing for highly efficient evaluation of database statements against user defined policies and finer policy granularity.

    摘要翻译: 本发明的实施例提供了一种用于总结和报告数据库设备上的数据库语句的影响的系统和方法。 根据一个实施例,数据库设备可以接收数据库请求并确定与该请求相关的一组信息。 本文公开的实施例将数据库语句文本作为输入,输出多个影响向量,每个影响向量包含该实体的受影响实体的名称和32位“影响位图”。 可以使用快速AND,OR,XOR和NOT操作来计算这种简洁明确的输出格式,从而根据用户定义的策略和更精细的策略粒度高效地评估数据库语句。