利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

79 条记录 (耗时 0.056 秒)

    Systems and methods for updating content detection devices and systems
    5.
    发明授权
    Systems and methods for updating content detection devices and systems 有权

    公开(公告)号:US09450977B2

    公开(公告)日:2016-09-20

    申请号:US13546915

    申请日:2012-07-11

    申请人: Yu Fang Michael Xie

    发明人: Yu Fang Michael Xie

    IPC分类号: H04L29/06 G06F21/56

    CPC分类号: H04L63/145 G06F21/56 G06F21/567 H04L63/02 H04L63/0227 H04L63/1408 H04L63/1416 H04L63/1425 H04L63/1441

    摘要: A method of updating a content detection module includes obtaining content detection data, and transmitting the content detection data to a content detection module, wherein the transmitting is performed not in response to a request from the content detection module. A method of sending content detection data includes obtaining content detection data, selecting an update station from a plurality of update stations, and sending the, content detection data to the selected update station. A method of building a content detection system includes establishing a first communication link between a central station and an update station, the central station configured to transmit content detection data to the update station, and establishing a second communication link between the update station and a content detection module.

    Integrated security switch
    6.
    发明授权
    Integrated security switch 有权

    公开(公告)号:US08588226B2

    公开(公告)日:2013-11-19

    申请号:US12539801

    申请日:2009-08-12

    申请人: Michael Xie Jing Shang Anthony James Shaohong Wei

    发明人: Michael Xie Jing Shang Anthony James Shaohong Wei

    IPC分类号: H04L12/26 H04J1/16 G08C15/00 G06F11/00 G01R31/08

    CPC分类号: H04L63/0281 H04L47/20 H04L63/02 H04L63/0209

    摘要: An integrated security switch and related method for managing connectivity and security among networks. The integrated security switch includes a security function connectable with a first network and at least one switching function connectable with a second network. A common management interface driven by both command line interface and graphic user interface protocols manages the switching function via a management path dedicated between the security function and the switching function. The common management interface enables secure switching of traffic to flow via a traffic path dedicated between the switching function and the security function. Typically, the traffic is a flow of data between the Internet and a group of networked users such as a wide area network.

    Operation of a dual instruction pipe virus co-processor
    7.
    发明授权
    Operation of a dual instruction pipe virus co-processor 有权
    双重指挥管病毒协处理器的操作

    公开(公告)号:US08443450B1

    公开(公告)日:2013-05-14

    申请号:US12641309

    申请日:2009-12-17

    申请人: Xu Zhou Lin Huang Michael Xie

    发明人: Xu Zhou Lin Huang Michael Xie

    IPC分类号: G06F12/14 G08B23/00

    CPC分类号: G06F21/561 G06F9/3867 G06F9/3885 G06F21/55 G06F21/56 G06F21/564 G06F21/568 G06F21/755 G06F2221/031 H04L63/1408 H04L63/1416 H04L63/1425 H04L63/1433

    摘要: Circuits and methods are provided for detecting, identifying and/or removing undesired content. According to one embodiment, a method for virus processing content objects is provided. A type associated with a content object is determined. Based on the type, a subset of instructions is read from a virus signature memory containing intermixed op-codes of a first instruction type associated with primitive instructions and of a second instruction type associated with Content Pattern Recognition (CPR) instructions. Then, instructions of the first instruction type are assigned for execution to a primitive instruction pipe of a virus co-processor and instructions of the second instruction type are assigned for execution to a CPR instruction pipe of the virus co-processor. An instruction is executed by the CPR instruction pipe, including accessing a portion of the content object from a system memory and comparing the portion of the content object against a string associated with the instruction.

    摘要翻译: 电路和方法被提供用于检测,识别和/或去除不需要的内容。 根据一个实施例,提供了一种病毒处理内容对象的方法。 确定与内容对象相关联的类型。 基于该类型,从包含与原语指令相关联的第一指令类型和与内容模式识别(CPR)指令相关联的第二指令类型的混合操作码的病毒签名存储器读取指令子集。 然后,分配第一指令类型的指令用于执行病毒协处理器的原语指令管道,并且将第二指令类型的指令分配给执行到病毒协处理器的CPR指令管道。 由CPR指令管道执行指令,包括从系统存储器访问内容对象的一部分,并将内容对象的部分与与该指令相关联的字符串进行比较。

    Managing network traffic flow
    8.
    发明授权
    Managing network traffic flow 有权
    管理网络流量

    公开(公告)号:US08239949B2

    公开(公告)日:2012-08-07

    申请号:US12403839

    申请日:2009-03-13

    申请人: Michael Xie

    发明人: Michael Xie

    IPC分类号: G06F11/00

    CPC分类号: H04L63/1416 H04L43/04 H04L43/10 H04L63/0236 H04L63/0245 H04L63/1425 H04L63/1441 H04L63/145

    摘要: A method for managing network traffic flow is provided. The method includes receiving network traffic content, storing at least a portion of the network traffic content to a memory, sending a copy of the network traffic content to a processor, which determines whether the network traffic content contains content desired to be detected. Another method for managing network traffic flow includes receiving network traffic content, flagging the network traffic content, sending the flagged network traffic content to a module, which is configured to pass unflagged data to a user and prevent flagged data from being sent to the user, and sending a copy of the network traffic content to a processor, which determines whether the network traffic content contains content desired to be detected.

    摘要翻译: 提供了一种管理网络流量的方法。 该方法包括接收网络业务内容,将至少一部分网络业务内容存储到存储器,向处理器发送网络业务内容的副本,该处理器确定网络业务内容是否包含期望被检测的内容。 用于管理网络流量流的另一种方法包括接收网络流量内容,标记网络流量内容,将标记的网络业务内容发送到模块,该模块被配置为将未标记的数据传递给用户,并防止标记的数据被发送给用户, 以及将网络业务内容的副本发送到处理器,处理器确定网络业务内容是否包含期望被检测的内容。

    Content pattern recognition language processor and methods of using the same
    9.
    发明授权
    Content pattern recognition language processor and methods of using the same 有权

    公开(公告)号:US08140660B1

    公开(公告)日:2012-03-20

    申请号:US10624452

    申请日:2003-07-21

    申请人: Joseph Wells Michael Xie

    发明人: Joseph Wells Michael Xie

    IPC分类号: G06F15/173

    CPC分类号: H04L63/1416 H04L43/04 H04L43/10 H04L63/0236 H04L63/0245 H04L63/1425 H04L63/1441 H04L63/145

    摘要: A device for detecting network traffic content is provided. The device includes a processor configured to receive a signature associated with content desired to be detected, and execute one or more functions based on the signature to determine whether network traffic content matches the content desired to be detected. The signature is defined by one or more predicates. A computer readable medium for use to detect network traffic content is also provided. The computer readable medium includes a memory storing one or more signatures, each of the one or more signatures associated with content desired to be detected. Each of the one or more signatures is defined by one or more predicates, and each of the one or more predicates can be compiled into a byte code stream that controls a logic of a network traffic screening device.

    Firewall interface configuration to enable bi-directional VoIP traversal communications
    10.
    发明授权
    Firewall interface configuration to enable bi-directional VoIP traversal communications 有权
    防火墙接口配置,实现双向VoIP穿越通信

    公开(公告)号:US08020202B2

    公开(公告)日:2011-09-13

    申请号:US12776415

    申请日:2010-05-09

    申请人: Michael Xie

    发明人: Michael Xie

    IPC分类号: G06F7/04 H04L29/06

    CPC分类号: H04L63/0281 H04L29/06027 H04L29/12094 H04L61/1529 H04L61/2521 H04L63/0236 H04L63/0245 H04L63/029 H04L65/1006 H04L65/1009 H04L65/1043 H04L65/1066 H04L69/22

    摘要: Methods and systems for an intelligent network protection gateway (NPG) and network architecture are provided. According to one embodiment, a firewall provides network-layer protection to internal hosts against unauthorized access by hosts of an external network by performing network address translation (NAT) processing of Internet Protocol (IP) addresses. The firewall changes data in headers of VoIP packets and corresponding data contents of the VoIP packets, to enable bi-directional VoIP communications. An external VoIP interface of the firewall receives incoming VoIP packets having a user alias (e.g., an email address) and an indication regarding a VoIP port of external interface. The packets are directed to an appropriate internal host by the firewall performing port address forwarding based on the port indication to a Session Initiation Protocol (SIP) server within the internal network that maintains a mapping of user aliases to private addresses of the internal hosts.

    摘要翻译: 提供了智能网络保护网关(NPG)和网络架构的方法和系统。 根据一个实施例,防火墙通过执行因特网协议(IP)地址的网络地址转换(NAT)处理,为内部主机提供网络层保护,防止外部网络的主机的未经授权的访问。 防火墙改变VoIP报文头部的数据和VoIP数据包的相应数据内容,实现双向VoIP通信。 防火墙的外部VoIP接口接收具有用户别名(例如,电子邮件地址)的传入VoIP分组以及关于外部接口的VoIP端口的指示。 防火墙通过防火墙根据端口指示将数据包引导到适当的内部主机,该端口地址转发将内部网络中的会话发起协议(SIP)服务器维护到用户别名映射到内部主机的私有地址。