-
公开(公告)号:US09854000B2
公开(公告)日:2017-12-26
申请号:US14534429
申请日:2014-11-06
CPC分类号: H04L63/166 , H04L63/1408 , H04L63/145
摘要: In one embodiment, a method includes identifying unusual behavior with respect to a handshake between a first endpoint and a second endpoint that are included in a network, and determining whether the unusual behavior with respect to the handshake indicates presence of malicious software. The method also includes identifying at least one of the first endpoint and the second endpoint as potentially being infected by the malicious software if it is determined that the unusual behavior with respect to the handshake indicates the presence of malicious software.
-
2.发明申请METHOD AND APPARATUS FOR DETECTING MALICIOUS SOFTWARE USING HANDSHAKE INFORMATION 有权使用汉斯信息检测恶意软件的方法和装置公开(公告)号:US20160134646A1
公开(公告)日:2016-05-12
申请号:US14534429
申请日:2014-11-06
IPC分类号: H04L29/06
CPC分类号: H04L63/166 , H04L63/1408 , H04L63/145
摘要: In one embodiment, a method includes identifying unusual behavior with respect to a handshake between a first endpoint and a second endpoint that are included in a network, and determining whether the unusual behavior with respect to the handshake indicates presence of malicious software. The method also includes identifying at least one of the first endpoint and the second endpoint as potentially being infected by the malicious software if it is determined that the unusual behavior with respect to the handshake indicates the presence of malicious software.
摘要翻译: 在一个实施例中,一种方法包括识别关于包括在网络中的第一端点和第二端点之间的握手的异常行为,以及确定相对于握手的异常行为是否指示存在恶意软件。 如果确定相对于握手的异常行为指示恶意软件的存在,则该方法还包括将第一端点和第二端点中的至少一个识别为可能被恶意软件感染。
-
公开(公告)号:US09049046B2
公开(公告)日:2015-06-02
申请号:US13179539
申请日:2011-07-10
申请人: Flemming S. Andreasen , Kent K. Leung , Michel Khouderchah , Jayaraman R. Iyer , Timothy P. Stammers
发明人: Flemming S. Andreasen , Kent K. Leung , Michel Khouderchah , Jayaraman R. Iyer , Timothy P. Stammers
IPC分类号: H04W4/00 , H04L12/46 , H04J3/16 , H04J3/22 , H04J1/16 , H04J3/14 , H04L1/00 , H04L12/26 , H04L29/12 , H04L12/707 , H04W40/24
CPC分类号: H04W28/0226 , H04L12/4633 , H04L29/12367 , H04L45/22 , H04L45/26 , H04L61/2514 , H04W40/24 , H04W48/16
摘要: A method is provided in one example embodiment and includes communicating an in-band message packet from a first network element; receiving a response to the in-band message from a second network element, the response contains tunnel identification binding data that identifies a tunnel on a backhaul link on which traffic from a user equipment can flow; and receiving instructions from the second network element to offload a received data packet from the backhaul link. In particular instances, the in-band message is set to loopback when the in-band message is sent from the first network element. In other embodiments, the tunnel identification binding data is provided in the payload of the in-band message when the in-band message is sent from the first network element. In other examples, the method can include receiving an assigned Internet protocol (IP) address of the user equipment in the response to the in-band message.
摘要翻译: 在一个示例实施例中提供了一种方法,并且包括从第一网络元件传送带内消息分组; 从第二网络单元接收对带内消息的响应,该响应包含隧道识别绑定数据,其标识来自用户设备可以流动的业务的回程链路上的隧道; 以及从所述第二网络单元接收指令以从所述回程链路卸载所接收的数据分组。 在特定情况下,当从第一网络元件发送带内消息时,带内消息被设置为环回。 在其他实施例中,当从第一网络元件发送带内消息时,在带内消息的有效载荷中提供隧道标识绑定数据。 在其他示例中,该方法可以包括在对带内消息的响应中接收用户设备的分配的因特网协议(IP)地址。
-
公开(公告)号:US09030991B2
公开(公告)日:2015-05-12
申请号:US13179540
申请日:2011-07-10
申请人: Flemming S. Andreasen , Kent K. Leung , Michel Khouderchah , Jayaraman R. Iyer , Timothy P. Stammers
发明人: Flemming S. Andreasen , Kent K. Leung , Michel Khouderchah , Jayaraman R. Iyer , Timothy P. Stammers
IPC分类号: H04W4/00 , H04L12/46 , H04L12/26 , H04L12/28 , H04L12/16 , H04B1/38 , H04L29/12 , H04L12/707 , H04W40/24
CPC分类号: H04W28/0226 , H04L12/4633 , H04L29/12367 , H04L45/22 , H04L45/26 , H04L61/2514 , H04W40/24 , H04W48/16
摘要: A method is provided in one example embodiment and includes receiving a downstream data packet transported on a backhaul link at a first network element, the downstream data packet is associated with a user equipment; identifying whether a downstream tunnel used to communicate the data packet to the user equipment has become dormant; and communicating an in-band message to a second network element that the downstream tunnel is dormant. In other examples, the method can include dropping the data packet when a network address port translation binding has expired or does not exist. In certain implementations, the method can include identifying the downstream tunnel as dormant when an activity timer has expired, or identifying the downstream tunnel as dormant based on a stale state setting.
摘要翻译: 在一个示例实施例中提供了一种方法,并且包括接收在第一网络元件的回程链路上传送的下游数据分组,所述下游数据分组与用户设备相关联; 识别用于将数据包传送给用户设备的下游隧道是否已经处于休眠状态; 以及将所述带内消息传送到所述下游隧道处于休眠状态的第二网络元件。 在其他示例中,该方法可以包括当网络地址端口转换绑定已经到期或不存在时丢弃数据分组。 在某些实现中,该方法可以包括当活动定时器已经到期时将下游隧道识别为休眠,或者基于陈旧状态设置将下游隧道识别为休眠。
-
公开(公告)号:US20120082132A1
公开(公告)日:2012-04-05
申请号:US13179538
申请日:2011-07-10
申请人: Flemming S. Andreasen , Kent K. Leung , Michel Khouderchah , Jayaraman R. Iyer , Timothy P. Stammers
发明人: Flemming S. Andreasen , Kent K. Leung , Michel Khouderchah , Jayaraman R. Iyer , Timothy P. Stammers
CPC分类号: H04W28/0226 , H04L12/4633 , H04L29/12367 , H04L45/22 , H04L45/26 , H04L61/2514 , H04W40/24 , H04W48/16
摘要: A method is provided in one example embodiment and includes receiving a data packet over a first link at a first network element; establishing an out-of-band channel over a second link between the first network element and a second network element; and receiving instructions at the first network element to offload the data packet from the first link. In more particular embodiments, the first network element is a mobile enabled router, and the second network element is a gateway general packet radio service support node or a packet data network gateway. The method can also include receiving a discovery message from the second network element, the discovery message triggering the establishment of the out-of-band channel. In certain cases, the data packet is offloaded based on a type of data in the data packet.
摘要翻译: 在一个示例实施例中提供了一种方法,并且包括在第一网络元件上的第一链路上接收数据分组; 在第一网络元件和第二网络元件之间的第二链路上建立带外频道; 以及在所述第一网络元件处接收指令以从所述第一链路卸载所述数据分组。 在更具体的实施例中,第一网络元件是支持移动的路由器,并且第二网络元件是网关通用分组无线电服务支持节点或分组数据网络网关。 该方法还可以包括从第二网络元件接收发现消息,该发现消息触发了带外信道的建立。 在某些情况下,根据数据包中的数据类型卸载数据包。
-
6.发明申请SYSTEM AND METHOD FOR PROVIDING A TRANSLATION MECHANISM IN A NETWORK ENVIRONMENT 有权在网络环境中提供翻译机制的系统和方法公开(公告)号:US20110090815A1
公开(公告)日:2011-04-21
申请号:US12848141
申请日:2010-07-31
IPC分类号: H04L12/26
CPC分类号: H04L45/741 , H04L12/4633 , H04L29/12367 , H04L29/12377 , H04L61/106 , H04L61/2514 , H04L61/2517 , H04L69/22
摘要: An example method is provided and includes receiving a packet associated with a flow, determining a tunnel identifier for the flow, and determining a flow identifier for the flow. The method includes associating the flow identifier and the tunnel identifier to an Internet protocol (IP) address to generate a binding to be used for a network address and port translation (NAPT). In other embodiments, a routing decision is executed based on the binding between the identifiers and the IP address. The flow identifier can be a context identifier (CID), and the tunnel identifier can be a softwire tunnel ID. In yet other embodiments, the packet can be tagged as part of an encapsulation operation, which includes providing information about a network location at which the network address and port translation is to be executed.
摘要翻译: 提供了示例性方法,并且包括接收与流相关联的分组,确定流的隧道标识符,以及确定流的流标识符。 该方法包括将流标识符和隧道标识符与因特网协议(IP)地址相关联,以生成用于网络地址和端口转换(NAPT)的绑定。 在其他实施例中,基于标识符和IP地址之间的绑定来执行路由决定。 流标识符可以是上下文标识符(CID),隧道标识符可以是软线隧道ID。 在其他实施例中,分组可以被标记为封装操作的一部分,其包括提供关于将要执行网络地址和端口转换的网络位置的信息。
-
公开(公告)号:US09014158B2
公开(公告)日:2015-04-21
申请号:US13179541
申请日:2011-07-10
申请人: Flemming S. Andreasen , Kent K. Leung , Michel Khouderchah , Jayaraman R. Iyer , Timothy P. Stammers
发明人: Flemming S. Andreasen , Kent K. Leung , Michel Khouderchah , Jayaraman R. Iyer , Timothy P. Stammers
IPC分类号: H04W4/00 , H04L12/46 , H04L29/12 , H04L12/707 , H04W40/24
CPC分类号: H04W28/0226 , H04L12/4633 , H04L29/12367 , H04L45/22 , H04L45/26 , H04L61/2514 , H04W40/24 , H04W48/16
摘要: A method is provided in one example embodiment and includes receiving a data packet transported on a backhaul link at a first network element; de-capsulating the data packet; identifying whether the data packet is an upstream data packet; identifying whether the data packet matches an internet protocol (IP) access control list (ACL) or a tunnel endpoint identifier; and offloading the data packet from the backhaul link. In more specific embodiment, the method can include identifying that the data packet does not match the IP ACL or the tunnel endpoint identifier; and communicating the data packet to a second network element. In other examples, the method can include identifying that the data packet is a downstream data packet; identifying a service to be performed for the data packet that cannot be performed at the first network element; and communicating the data packet to a second network element.
摘要翻译: 在一个示例性实施例中提供了一种方法,并且包括接收在第一网络元件处的回程链路上传送的数据分组; 解封装数据包; 识别数据分组是否是上行数据分组; 识别数据分组是否与互联网协议(IP)访问控制列表(ACL)或隧道端点标识符匹配; 并从回程链路卸载数据包。 在更具体的实施例中,该方法可以包括识别数据分组与IP ACL或隧道端点标识符不匹配; 以及将所述数据分组传送到第二网络单元。 在其他示例中,该方法可以包括识别数据分组是下游数据分组; 识别对于在第一网络元件不能执行的数据分组执行的服务; 以及将所述数据分组传送到第二网络单元。
-
公开(公告)号:US08897183B2
公开(公告)日:2014-11-25
申请号:US13179542
申请日:2011-07-10
申请人: Flemming S. Andreasen , Kent K. Leung , Michel Khouderchah , Jayaraman R. Iyer , Timothy P. Stammers
发明人: Flemming S. Andreasen , Kent K. Leung , Michel Khouderchah , Jayaraman R. Iyer , Timothy P. Stammers
CPC分类号: H04W28/0226 , H04L12/4633 , H04L29/12367 , H04L45/22 , H04L45/26 , H04L61/2514 , H04W40/24 , H04W48/16
摘要: A method is provided in one example embodiment and includes receiving a data packet transported on a backhaul link at a first network element; identifying whether the data packet is an upstream data packet; identifying whether the data packet matches an internet protocol (IP) access control list (ACL) or a tunnel endpoint identifier; performing a network address translation on the data packet; and offloading the data packet from the backhaul link. In certain implementations, the method can include identifying that the data packet does not match the IP ACL or the tunnel endpoint identifier; and communicating the data packet to a second network element. In other instances, the method can include identifying that the data packet is a downstream data packet; and restoring a tunnel header and tunnel identification based on an IP address of the data packet.
摘要翻译: 在一个示例性实施例中提供了一种方法,并且包括接收在第一网络元件处的回程链路上传送的数据分组; 识别数据分组是否是上行数据分组; 识别数据分组是否与互联网协议(IP)访问控制列表(ACL)或隧道端点标识符匹配; 对数据包执行网络地址转换; 并从回程链路卸载数据包。 在某些实现中,该方法可以包括识别数据分组与IP ACL或隧道端点标识符不匹配; 以及将所述数据分组传送到第二网络单元。 在其他情况下,该方法可以包括识别数据分组是下游数据分组; 并根据数据包的IP地址恢复隧道头和隧道标识。
-
公开(公告)号:US20120082073A1
公开(公告)日:2012-04-05
申请号:US13179542
申请日:2011-07-10
CPC分类号: H04W28/0226 , H04L12/4633 , H04L29/12367 , H04L45/22 , H04L45/26 , H04L61/2514 , H04W40/24 , H04W48/16
摘要: A method is provided in one example embodiment and includes receiving a data packet transported on a backhaul link at a first network element; identifying whether the data packet is an upstream data packet; identifying whether the data packet matches an internet protocol (IP) access control list (ACL) or a tunnel endpoint identifier; performing a network address translation on the data packet; and offloading the data packet from the backhaul link. In certain implementations, the method can include identifying that the data packet does not match the IP ACL or the tunnel endpoint identifier; and communicating the data packet to a second network element. In other instances, the method can include identifying that the data packet is a downstream data packet; and restoring a tunnel header and tunnel identification based on an IP address of the data packet.
摘要翻译: 在一个示例性实施例中提供了一种方法,并且包括接收在第一网络元件处的回程链路上传送的数据分组; 识别数据分组是否是上行数据分组; 识别数据分组是否与互联网协议(IP)访问控制列表(ACL)或隧道端点标识符匹配; 对数据包执行网络地址转换; 并从回程链路卸载数据包。 在某些实现中,该方法可以包括识别数据分组与IP ACL或隧道端点标识符不匹配; 以及将所述数据分组传送到第二网络单元。 在其他情况下,该方法可以包括识别数据分组是下游数据分组; 并根据数据包的IP地址恢复隧道头和隧道标识。
-
公开(公告)号:US20120082093A1
公开(公告)日:2012-04-05
申请号:US13179539
申请日:2011-07-10
申请人: Flemming S. Andreasen , Kent K. Leung , Michel Khouderchah , Jayaraman R. Iyer , Timothy P. Stammers
发明人: Flemming S. Andreasen , Kent K. Leung , Michel Khouderchah , Jayaraman R. Iyer , Timothy P. Stammers
IPC分类号: H04W40/24
CPC分类号: H04W28/0226 , H04L12/4633 , H04L29/12367 , H04L45/22 , H04L45/26 , H04L61/2514 , H04W40/24 , H04W48/16
摘要: A method is provided in one example embodiment and includes communicating an in-band message packet from a first network element; receiving a response to the in-band message from a second network element, the response contains tunnel identification binding data that identifies a tunnel on a backhaul link on which traffic from a user equipment can flow; and receiving instructions from the second network element to offload a received data packet from the backhaul link. In particular instances, the in-band message is set to loopback when the in-band message is sent from the first network element. In other embodiments, the tunnel identification binding data is provided in the payload of the in-band message when the in-band message is sent from the first network element. In other examples, the method can include receiving an assigned Internet protocol (IP) address of the user equipment in the response to the in-band message.
摘要翻译: 在一个示例实施例中提供了一种方法,并且包括从第一网络元件传送带内消息分组; 从第二网络单元接收对带内消息的响应,该响应包含隧道识别绑定数据,其标识来自用户设备可以流动的业务的回程链路上的隧道; 以及从所述第二网络单元接收指令以从所述回程链路卸载所接收的数据分组。 在特定情况下,当从第一网络元件发送带内消息时,带内消息被设置为环回。 在其他实施例中,当从第一网络元件发送带内消息时,在带内消息的有效载荷中提供隧道标识绑定数据。 在其他示例中,该方法可以包括在对带内消息的响应中接收用户设备的分配的因特网协议(IP)地址。
-
-
-
-
-
-
-
-
-
搜索结果
58 条记录 (耗时 0.029 秒)
