公开(公告)号：US20170207989A1

公开(公告)日：2017-07-20

申请号：US14996133

申请日：2016-01-14

申请人： Dell Software Inc.

发明人： Riji Cai ,  Zhong Chen ,  Hui Ling

IPC分类号： H04L12/26 ,  H04L5/00 ,  H04L29/12

CPC分类号： H04L5/0055 ,  H04L5/0048 ,  H04L43/10 ,  H04L61/1511 ,  H04L67/1008 ,  H04L67/101

摘要： A user device, in trying to communicate with an internet resource knowing an associated domain name, transmits a Domain Name System (DNS) request packet to a DNS server, which responds with a DNS response packet identifying multiple Internet Protocol (IP) addresses corresponding to multiple servers associated with the identified domain name. The user device then selects one of these servers and communicates with that selected server. The user device may select the server by probing properties of the servers and of the connections between the user device and each of the servers, and by then picking the server whose own properties and whose connection properties are better. The user device probes these properties by sending at least one set of probe packets to each server and receiving at least one set of probe return packets and calculating round trip time, hop distance, bandwidth, latency, packet loss rate, and other properties.

公开(公告)号：US20170142070A1

公开(公告)日：2017-05-18

申请号：US15358928

申请日：2016-11-22

申请人： DELL SOFTWARE INC.

发明人： Hui Ling ,  Zhong Chen

IPC分类号： H04L29/06 ,  H04L29/08 ,  H04L29/12

CPC分类号： H04L63/0254 ,  H04L43/028 ,  H04L45/38 ,  H04L45/42 ,  H04L61/2007 ,  H04L63/0245 ,  H04L63/1408 ,  H04L63/1441 ,  H04L67/10 ,  H04L69/22

摘要： The present invention relates to a method and system for performing deep packet inspection of messages transmitted through a network switch in a Software Defined Network (SDN). Embodiments of the invention include a network switch, a controller, and a firewall in a software defined networking environment. In the present invention, the network switch is a simple network switch that is physically separate from the controller and the firewall. The invention may include a plurality of physically distinct network switches communicating with one or more controllers and firewalls. In certain instances, communications between the network switch, the controller, and the firewall are performed using the Open Flow standard communication protocol.

公开(公告)号：US09503425B2

公开(公告)日：2016-11-22

申请号：US14964502

申请日：2015-12-09

申请人： Dell Software Inc.

发明人： Hui Ling ,  Zhong Chen

IPC分类号： G06F9/00 ,  H04L29/06 ,  H04L29/08

CPC分类号： H04L63/0254 ,  H04L43/028 ,  H04L45/38 ,  H04L45/42 ,  H04L61/2007 ,  H04L63/0245 ,  H04L63/1408 ,  H04L63/1441 ,  H04L67/10 ,  H04L69/22

摘要： The present invention relates to a method and system for performing deep packet inspection of messages transmitted through a network switch in a Software Defined Network (SDN). Embodiments of the invention include a network switch, a controller, and a firewall in a software defined networking environment. In the present invention, the network switch is a simple network switch that is physically separate from the controller and the firewall. The invention may include a plurality of physically distinct network switches communicating with one or more controllers and firewalls. In certain instances, communications between the network switch, the controller, and the firewall are performed using the Open Flow standard communication protocol.

公开(公告)号：US10397193B2

公开(公告)日：2019-08-27

申请号：US15206805

申请日：2016-07-11

申请人： Dell Software Inc.

发明人： Hui Ling ,  Zhong Chen

IPC分类号： H04L29/06 ,  G06F21/62

摘要： Systems and methods for blind data leak prevention are provided. A first computer can determine if encrypted data matches a rule even without the encryption key used to encrypt the data. The first computer may encrypt the rule with a second encryption key and send the encrypted rule to a second computer, which may then encrypt the rule with the first encryption key—that is inaccessible to the first computer—and send the doubly encrypted rule back to the first computer. The first computer can then partially decrypt the rule using the second encryption key. The second computer can then encrypt data with the first encryption key and send to the first computer. The first computer can then determine if the partially encrypted rule matches the encrypted data.

公开(公告)号：US20180013730A1

公开(公告)日：2018-01-11

申请号：US15206805

申请日：2016-07-11

申请人： Dell Software Inc.

发明人： Hui Ling ,  Zhong Chen

IPC分类号： H04L29/06 ,  G06F21/60

CPC分类号： H04L63/0428 ,  G06F21/6209 ,  H04L63/06 ,  H04L63/20

摘要： Systems and methods for blind data leak prevention are provided. A first computer can determine if encrypted data matches a rule even without the encryption key used to encrypt the data. The first computer may encrypt the rule with a second encryption key and send the encrypted rule to a second computer, which may then encrypt the rule with the first encryption key—that is inaccessible to the first computer—and send the doubly encrypted rule back to the first computer. The first computer can then partially decrypt the rule using the second encryption key. The second computer can then encrypt data with the first encryption key and send to the first computer. The first computer can then determine if the partially encrypted rule matches the encrypted data.

公开(公告)号：US20170041297A1

公开(公告)日：2017-02-09

申请号：US14819104

申请日：2015-08-05

申请人： Dell Software Inc.

发明人： Hui Ling ,  Zhong Chen ,  Cuiping Yu ,  Zun Ping Cheng

IPC分类号： H04L29/06

CPC分类号： H04L63/0428 ,  H04L63/061 ,  H04L63/102 ,  H04L63/126 ,  H04L63/20 ,  H04L69/16

摘要： Systems and methods are directed towards network data leakage prevention (DLP). More specifically, the systems and methods are directed towards using TCP (Transmission Control Protocol) data packets in conjunction with the DLP monitor. The network DLP utilizes TCP data packets to carry source user identity. With the source user identity, the DLP monitor can determine if sensitive data can be transmitted based on the provided user information and corresponding DLP policies for each user. Furthermore, the DLP monitor can determine if sensitive data can also be transmitted for particular users in situations where multiple users share the same IP address.

摘要翻译： 系统和方法针对网络数据泄漏预防（DLP）。 更具体地说，系统和方法涉及与DLP监视器结合使用TCP（传输控制协议）数据分组。 网络DLP利用TCP数据包来携带源用户身份。 使用源用户身份，DLP监视器可以根据提供的用户信息和每个用户的相应DLP策略来确定是否可以传输敏感数据。 此外，DLP监视器可以确定在多个用户共享相同IP地址的情况下，特定用户是否也可以传输敏感数据。

公开(公告)号：US20170171227A1

公开(公告)日：2017-06-15

申请号：US14965859

申请日：2015-12-10

申请人： Dell Software Inc.

发明人： Hui Ling ,  Zhong Chen

IPC分类号： H04L29/06 ,  H04L29/12 ,  H04L12/705 ,  H04L12/46

CPC分类号： H04L63/1416 ,  H04L12/4633 ,  H04L45/18 ,  H04L45/741

摘要： The present disclosure relates to systems, methods, and non-transitory computer readable storage medium for detecting a tunnel routing loop attack on a computer network. A method of the presently claimed invention receives a packet of data over an automatic tunnel. When the received packet includes an Internet protocol version 6 (IPv6) packet headers in the received packet may be extracted from the received packet. When an extracted header is a tunnel routing loop attack (TRLA) header, address information included in the TRLA header may be matched to a destination address that the IPv6 packet is about to be tunneled through. When the address information included in the TRLA header matches the destination address that the IPv6 packet is about to be tunneled through the IPv6 packet is dropped because the match indicates that that a loop is about to be formed.

公开(公告)号：US20170171222A1

公开(公告)日：2017-06-15

申请号：US14965866

申请日：2015-12-10

申请人： Dell Software Inc.

发明人： Hui Ling ,  Cuiping Yu ,  Zhong Chen

IPC分类号： H04L29/06

CPC分类号： H04L63/1408 ,  H04L63/0245 ,  H04L63/0254 ,  H04L63/1416 ,  H04L63/168 ,  H04L67/104

摘要： The present disclosure relates to a system, a method, and a non-transitory computer readable storage medium for deep packet inspection scanning at an application layer of a computer. A method of the presently claimed invention may scan pieces of data received out of order without reassembly at an application layer from a first input state generating one or more output states for each piece of data. The method may then identify that the first input state includes one or more characters that are associated with malicious content. The method may then identify that the data set may include malicious content when the first input state combined with one or more output states matches a known piece of malicious content.

公开(公告)号：US20160094518A1

公开(公告)日：2016-03-31

申请号：US14964502

申请日：2015-12-09

申请人： Dell Software Inc.

发明人： Hui Ling ,  Zhong Chen

IPC分类号： H04L29/06

CPC分类号： H04L63/0254 ,  H04L43/028 ,  H04L45/38 ,  H04L45/42 ,  H04L61/2007 ,  H04L63/0245 ,  H04L63/1408 ,  H04L63/1441 ,  H04L67/10 ,  H04L69/22

摘要： The present invention relates to a method and system for performing deep packet inspection of messages transmitted through a network switch in a Software Defined Network (SDN). Embodiments of the invention include a network switch, a controller, and a firewall in a software defined networking environment. In the present invention, the network switch is a simple network switch that is physically separate from the controller and the firewall. The invention may include a plurality of physically distinct network switches communicating with one or more controllers and firewalls. In certain instances, communications between the network switch, the controller, and the firewall are performed using the Open Flow standard communication protocol.

公开(公告)号：US09237129B2

公开(公告)日：2016-01-12

申请号：US14276984

申请日：2014-05-13

申请人： Dell Software Inc.

发明人： Hui Ling ,  Zhong Chen

IPC分类号： G06F9/00 ,  H04L29/06 ,  H04L29/08

CPC分类号： H04L63/0254 ,  H04L43/028 ,  H04L45/38 ,  H04L45/42 ,  H04L61/2007 ,  H04L63/0245 ,  H04L63/1408 ,  H04L63/1441 ,  H04L67/10 ,  H04L69/22

摘要： The present invention relates to a method and system for performing deep packet inspection of messages transmitted through a network switch in a Software Defined Network (SDN). Embodiments of the invention include a network switch, a controller, and a firewall in a software defined networking environment. In the present invention, the network switch is a simple network switch that is physically separate from the controller and the firewall. The invention may include a plurality of physically distinct network switches communicating with one or more controllers and firewalls. In certain instances, communications between the network switch, the controller, and the firewall are performed using the Open Flow standard communication protocol.

摘要翻译： 本发明涉及一种用于对通过软件定义网络（SDN）中的网络交换机传送的消息进行深度分组检查的方法和系统。 本发明的实施例包括在软件定义的联网环境中的网络交换机，控制器和防火墙。 在本发明中，网络交换机是与控制器和防火墙物理分离的简单网络交换机。 本发明可以包括与一个或多个控制器和防火墙通信的多个物理上不同的网络交换机。 在某些情况下，使用Open Flow标准通信协议执行网络交换机，控制器和防火墙之间的通信。