公开(公告)号：US20070268826A1

公开(公告)日：2007-11-22

申请号：US11766190

申请日：2007-06-21

申请人： Garesh Balakrishnan ,  John Chalmers ,  Clark Jeffries ,  Jitesh Nair ,  Larry Nicholson ,  Ravinder Sabhikhi ,  Raj Singh

发明人： Garesh Balakrishnan ,  John Chalmers ,  Clark Jeffries ,  Jitesh Nair ,  Larry Nicholson ,  Ravinder Sabhikhi ,  Raj Singh

IPC分类号： H04L12/56

CPC分类号： H04L47/32 ,  H04L47/10 ,  H04L47/29 ,  H04L47/30 ,  H04L49/90

摘要： A flow control method and system including an algorithm for deciding to transmit an arriving packet into a processing queue or to discard it, or, in the case of instructions or packets that must not be discarded, a similar method and system for deciding at a service event to transmit an instruction or packet into a processing queue or to skip the service event. The transmit probability is increased or decreased in consideration of minimum and maximum limits for each flow, aggregate limits for sets of flows, relative priority among flows, queue occupancy, and rate of change of queue occupancy. The effects include protection of flows below their minimum rates, correction of flows above their maximum rates, and, for flows between minimum and maximum rates, reduction of constituent flows of an aggregate that is above its aggregate maximum. Practice of the invention results in low queue occupancy during steady congestion.

摘要翻译： 一种流量控制方法和系统，包括用于决定将到达的分组发送到处理队列或丢弃它的算法，或者在不能被丢弃的指令或分组的情况下，用于在服务中决定的类似方法和系统 将指令或分组发送到处理队列或跳过服务事件的事件。 考虑到每个流量的最小和最大限制，流量集合的限制，流量之间的相对优先级，队列占用率和队列占用率的变化率，发送概率增加或减少。 这些影响包括保护流量低于其最低利率，纠正高于其最大利率的流量，以及最小和最大利率之间的流量减少总量超过其总最大值的组成流量。 本发明的实践导致在稳定拥塞期间的低队列占用。

公开(公告)号：US20050154916A1

公开(公告)日：2005-07-14

申请号：US10756904

申请日：2004-01-14

申请人： Marc Boulanger ,  Clark Jeffries ,  C. Kinard ,  Kerry Kravec ,  Ravinder Sabhikhi ,  Ali Saidi ,  Jan Slyfield ,  Pascal Tannhof

发明人： Marc Boulanger ,  Clark Jeffries ,  C. Kinard ,  Kerry Kravec ,  Ravinder Sabhikhi ,  Ali Saidi ,  Jan Slyfield ,  Pascal Tannhof

IPC分类号： H04L9/00 ,  H04L12/24 ,  H04L29/06

CPC分类号： H04L63/1416 ,  H04L63/1441

摘要： An intrusion detection system (IDS) comprises a network processor (NP) coupled to a memory unit for storing programs and data. The NP is also coupled to one or more parallel pattern detection engines (PPDE) which provide high speed parallel detection of patterns in an input data stream. Each PPDE comprises many processing units (PUs) each designed to store intrusion signatures as a sequence of data with selected operation codes. The PUs have configuration registers for selecting modes of pattern recognition. Each PU compares a byte at each clock cycle. If a sequence of bytes from the input pattern match a stored pattern, the identification of the PU detecting the pattern is outputted with any applicable comparison data. By storing intrusion signatures in many parallel PUs, the IDS can process network data at the NP processing speed. PUs may be cascaded to increase intrusion coverage or to detect long intrusion signatures.

摘要翻译： 入侵检测系统（IDS）包括耦合到用于存储程序和数据的存储器单元的网络处理器（NP）。 NP还耦合到一个或多个并行模式检测引擎（PPDE），其提供对输入数据流中的模式的高速并行检测。 每个PPDE包括许多处理单元（PU），每个处理单元被设计为将入侵签名存储为具有所选操作码的数据序列。 PU具有用于选择模式识别模式的配置寄存器。 每个PU在每个时钟周期比较一个字节。 如果来自输入模式的字节序列与存储的模式匹配，则用任何适用的比较数据输出检测模式的PU的识别。 通过在多个并行PU中存储入侵签名，IDS可以以NP处理速度处理网络数据。 PU可以级联以增加入侵覆盖或检测长入侵签名。

公开(公告)号：US20070076602A1

公开(公告)日：2007-04-05

申请号：US11560088

申请日：2006-11-15

申请人： Clark Jeffries ,  Jitesh Nair ,  Michael Siegel ,  Rama Yedavalli

发明人： Clark Jeffries ,  Jitesh Nair ,  Michael Siegel ,  Rama Yedavalli

IPC分类号： H04L12/26 ,  H04L12/56

CPC分类号： H04L47/30 ,  H04L47/10 ,  H04L47/29 ,  H04L47/32

摘要： The decision within a packet processing device to transmit a newly arriving packet into a queue to await processing or to discard the same packet is made by a flow control method and system. The flow control is updated with a constant period determined by storage and flow rate limits. The update includes comparing current queue occupancy to thresholds and also comparing present queue occupancy to previous queue occupancy. The outcome of the update is a new transmit probability value. The value is stored for the subsequent period of flow control and packets arriving during that period are subject to a transmit or discard decision that uses that value.

摘要翻译： 通过流控制方法和系统来进行分组处理装置中将新到达的分组发送到队列中等待处理或丢弃相同分组的决定。 流量控制以由存储和流量限制确定的恒定周期进行更新。 该更新包括将当前队列占用率与阈值进行比较，还将当前队列占用率与先前队列占用率进行比较。 更新的结果是新的传输概率值。 该值存储在随后的流量控制周期中，并且在该时间段期间到达的分组经受使用该值的发送或丢弃决定。

公开(公告)号：US20050027854A1

公开(公告)日：2005-02-03

申请号：US10629175

申请日：2003-07-29

申请人： Alan Boulanger ,  Robert Danford ,  Kevin Himberger ,  Clark Jeffries ,  Raj Singh

发明人： Alan Boulanger ,  Robert Danford ,  Kevin Himberger ,  Clark Jeffries ,  Raj Singh

IPC分类号： H04L12/26 ,  H04L29/06 ,  G06F15/173

CPC分类号： H04L63/1408 ,  H04L43/00 ,  H04L63/1458 ,  H04L63/166

摘要： A detection and response system that generates an Alert if unauthorized scanning is detected on a computer network that includes a look-up table to record state value corresponding to the sequence in which SYN, SYN/ACK and RST packets are observed. A set of algorithms executed on a processing engine adjusts the state value in response to observing the packets. When the state value reaches a predetermined value indicating that all three packets have been seen, the algorithm generates an Alert.

摘要翻译： 检测和响应系统，如果在包含查看表的计算机网络上检测到未经授权的扫描，以记录与遵守SYN，SYN / ACK和RST数据包的顺序相对应的状态值的警报。 在处理引擎上执行的一组算法根据观察数据包来调整状态值。 当状态值达到表示已经看到所有三个分组的预定值时，该算法生成警报。

公开(公告)号：US20080072326A1

公开(公告)日：2008-03-20

申请号：US11871188

申请日：2007-10-12

申请人： Robert Danford ,  Kenneth Farmer ,  Clark Jeffries ,  Robert Sisk ,  Michael Walter

发明人： Robert Danford ,  Kenneth Farmer ,  Clark Jeffries ,  Robert Sisk ,  Michael Walter

IPC分类号： G06F21/00

CPC分类号： H04L63/1458

摘要： A method of progressive response for invoking and suspending blocking measures that defend against network anomalies such as malicious network traffic so that false positives and false negatives are minimized. When an anomaly is detected, the detector notifies protective equipment such as a firewall or a router to invoke a blocking measure. The blocking measure is maintained for an initial duration, after which it is suspended while another test for the anomaly is made. If the anomaly is no longer evident, the method returns to the state of readiness. Otherwise, a loop is executed to re-applying the blocking measure for a specified duration, then suspend the blocking measure and test again for the anomaly. If the anomaly is detected, the blocking measure is re-applied, and its duration is adapted. If the anomaly is no longer detected, the method returns to the state of readiness.

摘要翻译： 一种逐步响应的方法，用于调用和中止阻止网络异常（如恶意网络流量）的阻塞措施，从而最大限度地减少误报和假阴性。 当检测到异常时，检测器通知防火墙或路由器等防护设备调用阻塞措施。 阻塞措施保持初始持续时间，之后暂停，并进行另一次异常测试。 如果异常不再明显，则返回到准备状态。 否则，执行一个循环以在特定持续时间内重新应用阻塞度量，然后暂停阻塞度量并再次测试异常。 如果检测到异常，则重新应用阻塞措施，并适应其持续时间。 如果不再检测到异常，则该方法返回到准备状态。

公开(公告)号：US20060261946A1

公开(公告)日：2006-11-23

申请号：US11132535

申请日：2005-05-19

申请人： Kevin David Himberger ,  Clark Jeffries ,  Mohammad Peyravian

发明人： Kevin David Himberger ,  Clark Jeffries ,  Mohammad Peyravian

IPC分类号： G08B13/14

CPC分类号： G06K19/0723 ,  G06K19/0717

摘要： System and method for recording temperature on an RFID tag. A first RFID tag is attached to a container. The first RFID tag includes a temperature sensor. The container contains a multiplicity of packages. A multiplicity of second RFID tags are attached to the multiplicity of packages, respectively. The first RFID tag transmits temperature information to the multiplicity of second RFID tags. In response, the multiplicity of second RFID tags record the temperature information. Consequently, there is no need for expensive temperature sensors on the multiplicity of RFID tags on the packages. According to features of the present invention, the first RFID tag is an active RFID tag, and the multiplicity of second RFID tags are passive RFID tags. The first RFID tag also transmits other information to the multiplicity of second RFID tags to enable the second RFID tags to authenticate the temperature information. Other types of environmental sensors such as a humidity sensor or vibration sensor can substitute for the temperature sensor.

公开(公告)号：US20060018262A1

公开(公告)日：2006-01-26

申请号：US10896733

申请日：2004-07-22

申请人： Alan Boulanger ,  Robert Danford ,  Kevin Himberger ,  Clark Jeffries

发明人： Alan Boulanger ,  Robert Danford ,  Kevin Himberger ,  Clark Jeffries

IPC分类号： H04L12/26

CPC分类号： H04L63/1416 ,  H04L63/1466

摘要： A detection and response system including a set of algorithms for detecting within a stream of normal computer traffic a subset of (should focus on network traffic eliciting a response) TCP or UDP packets with one IP Source Address (SA) value, one or a few Destination Address (DA) values, and a number exceeding a threshold of distinct Destination Port (DP) values. A lookup mechanism such as a Direct Table and Patricia search tree record and trace sets of packets with one SA and one DA as well as the set of DP values observed for the given SA, DA combination. The detection and response system reports the existence of such a subset and the header values including SA, DA, and multiple DPs of the subset. The detection and response system also includes various administrative responses to reports.

摘要翻译： 一种检测和响应系统，包括一组用于在正常计算机业务流内检测的一组算法（应该侧重于引发响应的网络业务）具有一个IP源地址（SA）值的TCP或UDP分组，一个或几个 目标地址（DA）值和超过不同目标端口（DP）值阈值的数字。 一个查找机制，如直接表和帕特里夏搜索树记录，跟踪一组SA和一个DA的数据包以及给定SA，DA组合观察到的一组DP值。 检测和响应系统报告这样的子集的存在以及包括SA，DA和子集的多个DP的标题值。 检测和响应系统还包括对报告的各种管理响应。

公开(公告)号：US20050204159A1

公开(公告)日：2005-09-15

申请号：US10796161

申请日：2004-03-09

申请人： John Davis ,  Kevin Himberger ,  Clark Jeffries ,  Garreth Jeremiah

发明人： John Davis ,  Kevin Himberger ,  Clark Jeffries ,  Garreth Jeremiah

IPC分类号： H04L9/00 ,  H04L12/58 ,  H04L29/06

CPC分类号： H04L63/0236 ,  H04L51/12 ,  H04L63/0263

摘要： A system, method and program product for blocking unwanted e-mails. An e-mail is identified as unwanted. A source IP address of the unwanted e-mail is determined. Other source IP addresses owned or registered by an owner or registrant of the source IP address of the unwanted e-mail are determined. Subsequent e-mails from the source IP address and the other IP addresses are blocked. This will thwart a spammer who shifts to a new source IP address when its spam is blocked from one source IP address.

摘要翻译： 用于阻止不必要的电子邮件的系统，方法和程序产品。 电子邮件被标识为不需要的。 确定不需要的电子邮件的源IP地址。 确定不想要的电子邮件的源IP地址的所有者或注册人拥有或注册的其他源IP地址。 源IP地址和其他IP地址的后续电子邮件被阻止。 这将阻止垃圾邮件发送者转移到新的源IP地址，当其垃圾邮件被一个源IP地址阻止时。

公开(公告)号：US20050177872A1

公开(公告)日：2005-08-11

申请号：US10774017

申请日：2004-02-05

申请人： Alan Boulanger ,  Kevin Himberger ,  Clark Jeffries ,  John Ziraldo

发明人： Alan Boulanger ,  Kevin Himberger ,  Clark Jeffries ,  John Ziraldo

IPC分类号： H04L29/06 ,  H04L9/32

CPC分类号： H04L63/0218 ,  H04L63/02 ,  H04L63/1416 ,  H04L63/1441

摘要： A communication network is operated by detecting an anomaly in the communication traffic at a plurality of nodes in a communication network. A first blocking measure A is independently applied at respective ones of the plurality of nodes to the anomalous traffic that stops the anomalous traffic. A second blocking measure B is independently determined at the respective ones of the plurality of nodes such that application of a logical combination of the first blocking measure A and the second blocking measure B to the anomalous traffic stops the anomalous traffic.

摘要翻译： 通信网络通过检测通信网络中的多个节点处的通信业务中的异常来操作。 第一阻塞测度A被独立地应用于多个节点中的相应的节点处于停止异常业务的异常业务。 在多个节点中的相应节点处独立地确定第二阻塞测量B，使得将第一阻塞测度A和第二阻塞测量B的逻辑组合应用于异常业务停止异常业务。

公开(公告)号：US20070241905A1

公开(公告)日：2007-10-18

申请号：US11766883

申请日：2007-06-22

申请人： Kevin Himberger ,  Clark Jeffries ,  Mohammad Peyravian

发明人： Kevin Himberger ,  Clark Jeffries ,  Mohammad Peyravian

IPC分类号： G08B13/14

CPC分类号： G06K19/0723 ,  G06K19/0717

摘要： System and method for recording temperature on an RFID tag. A first RFID tag is attached to a container. The first RFID tag includes a temperature sensor. The container contains a multiplicity of packages. A multiplicity of second RFID tags are attached to the multiplicity of packages, respectively. The first RFID tag transmits temperature information to the multiplicity of second RFID tags. In response, the multiplicity of second RFID tags record the temperature information. Consequently, there is no need for expensive temperature sensors on the multiplicity of RFID tags on the packages. According to features of the present invention, the first RFID tag is an active RFID tag, and the multiplicity of second RFID tags are passive RFID tags. The first RFID tag also transmits other information to the multiplicity of second RFID tags to enable the second RFID tags to authenticate the temperature information. Other types of environmental sensors such as a humidity sensor or vibration sensor can substitute for the temperature sensor.

摘要翻译： 记录RFID标签温度的系统和方法。 第一个RFID标签连接到容器。 第一RFID标签包括温度传感器。 容器包含多个包。 多个第二RFID标签分别附接到多个包装。 第一RFID标签将温度信息传送到多个第二RFID标签。 作为响应，第二RFID标签的多个记录温度信息。 因此，不需要在包装上的RFID标签上的昂贵的温度传感器。 根据本发明的特征，第一RFID标签是有源RFID标签，多个第二RFID标签是无源RFID标签。 第一RFID标签还向多个第二RFID标签传送其他信息，以使第二RFID标签能够认证温度信息。 其他类型的环境传感器，如湿度传感器或振动传感器可以代替温度传感器。