公开(公告)号：US08578287B2

公开(公告)日：2013-11-05

申请号：US12341238

申请日：2008-12-22

申请人： Gustavo De Los Reyes ,  Sanjay MacWan ,  Gang Xu ,  Howard Shirokmann ,  Rachel Rosencrantz ,  Thusitha Jayawardena

发明人： Gustavo De Los Reyes ,  Sanjay MacWan ,  Gang Xu ,  Howard Shirokmann ,  Rachel Rosencrantz ,  Thusitha Jayawardena

IPC分类号： G06F3/048

CPC分类号： G05B15/02 ,  G06F3/023 ,  G06F3/038 ,  G06F3/0489 ,  H04N21/2265 ,  H04N21/43615 ,  H04N21/4622 ,  H04N21/482 ,  H04N21/6377

摘要： A computer readable storage medium storing a set of instructions that are executable by a processor, the set of instructions being operable to store a virtual representation of a plurality of physical components, display the virtual representation, receive user interaction with at least one of the virtual representations and send a command to the physical component corresponding to the user interaction.

摘要翻译： 存储可由处理器执行的一组指令的计算机可读存储介质，所述指令集可操作以存储多个物理组件的虚拟表示，显示所述虚拟表示，接收与所述虚拟表示中的至少一个的用户交互 表示并发送命令到对应于用户交互的物理组件。

公开(公告)号：US08566465B2

公开(公告)日：2013-10-22

申请号：US12884976

申请日：2010-09-17

申请人： Gang Xu ,  Gustavo de los Reyes ,  Thusitha Jayawardena ,  Xiao Pan

发明人： Gang Xu ,  Gustavo de los Reyes ,  Thusitha Jayawardena ,  Xiao Pan

IPC分类号： G06F15/173

CPC分类号： H04L63/0281 ,  H04L63/1458 ,  H04L63/1466 ,  H04L67/141 ,  H04L67/2814

摘要： A method includes sending a first redirect instruction to a first client in response to a first session request received at a service address, and establishing a first session with the first client in response to a second session request received at the first redirect address indicated by the first redirect instruction. Additionally, the method includes determining a first service interval has passed, and sending a second redirect instruction to a second client in response to a third session request received at the service address after the first service interval has passed. The method still further includes establishing a second session with the second client in response to the fourth session request received at the second redirect address indicated by the second redirect instruction after the first service interval has passed, and rejecting the fifth session request received from a third client at the first redirect address after the first service interval has passed.

摘要翻译： 一种方法包括响应于在服务地址处接收到的第一会话请求向第一客户端发送第一重定向指令，以及响应于在由所述第一重定向地址指示的第一重定向地址接收到的第二会话请求，建立与第一客户端的第一会话 第一个重定向指令。 此外，该方法包括确定已经过去的第一服务间隔，并且响应于在经过第一服务间隔之后在服务地址处接收的第三会话请求，向第二客户端发送第二重定向指令。 该方法还包括响应于在第一服务间隔已经过去之后由第二重定向指令指示的第二重定向地址处接收到的第四会话请求，建立与第二客户端的第二会话，并且拒绝从第三客户端接收到的第五会话请求 客户端在第一个服务间隔之后的第一个重定向地址。

公开(公告)号：US20100162378A1

公开(公告)日：2010-06-24

申请号：US12338614

申请日：2008-12-18

申请人： Thusitha Jayawardena ,  Gustavo De Los Reyes ,  Gang Xu

发明人： Thusitha Jayawardena ,  Gustavo De Los Reyes ,  Gang Xu

IPC分类号： G06F17/00 ,  G06F15/16

CPC分类号： H04L67/2814 ,  H04L63/0227

摘要： Example methods and apparatus to enhance security in residential networks and residential gateways are disclosed. A disclosed example apparatus includes a transceiver to receive an Internet protocol (IP) packet, a first packet processing module associated with a protected IP address, the first packet processing module to be communicatively coupled to a first network device, a second packet processing module associated with a public IP address, the second packet processing module to be communicatively coupled to a second network device, and a packet diverter to route the received IP packet to the first packet processing module when the IP packet contains the protected IP address and to route the IP packet to the second packet processing module when the IP packet does not contain the protected IP address.

摘要翻译： 公开了增强住宅网络和住宅网关安全性的示例方法和装置。 所公开的示例性设备包括：收发器，用于接收因特网协议（IP）分组;与受保护的IP地址相关联的第一分组处理模块;第一分组处理模块，用于通信地耦合到第一网络设备;第二分组处理模块， 具有公共IP地址，所述第二分组处理模块通信地耦合到第二网络设备，以及分组转发器，以在IP分组包含受保护的IP地址时将接收的IP分组路由到第一分组处理模块，并且路由 当IP包不包含受保护的IP地址时，IP包到第二包处理模块。

公开(公告)号：US08844018B2

公开(公告)日：2014-09-23

申请号：US12338614

申请日：2008-12-18

申请人： Thusitha Jayawardena ,  Gustavo De Los Reyes ,  Gang Xu

发明人： Thusitha Jayawardena ,  Gustavo De Los Reyes ,  Gang Xu

IPC分类号： G06F17/00 ,  H04L29/08

CPC分类号： H04L67/2814 ,  H04L63/0227

摘要： Example methods and apparatus to enhance security in residential networks and residential gateways are disclosed. A disclosed example apparatus includes a transceiver to receive an Internet protocol (IP) packet, a first packet processing module associated with a protected IP address, the first packet processing module to be communicatively coupled to a first network device, a second packet processing module associated with a public IP address, the second packet processing module to be communicatively coupled to a second network device, and a packet diverter to route the received IP packet to the first packet processing module when the IP packet contains the protected IP address and to route the IP packet to the second packet processing module when the IP packet does not contain the protected IP address.

摘要翻译： 公开了增强住宅网络和住宅网关安全性的示例方法和装置。 所公开的示例性设备包括：收发器，用于接收因特网协议（IP）分组;与受保护的IP地址相关联的第一分组处理模块;第一分组处理模块，用于通信地耦合到第一网络设备;第二分组处理模块， 具有公共IP地址，所述第二分组处理模块通信地耦合到第二网络设备，以及分组转发器，以在IP分组包含受保护的IP地址时将接收的IP分组路由到第一分组处理模块，并且路由 当IP包不包含受保护的IP地址时，IP包到第二包处理模块。

公开(公告)号：US20120072605A1

公开(公告)日：2012-03-22

申请号：US12884976

申请日：2010-09-17

申请人： Gang Xu ,  Gustavo de los Reyes ,  Thusitha Jayawardena ,  Xiao Pan

发明人： Gang Xu ,  Gustavo de los Reyes ,  Thusitha Jayawardena ,  Xiao Pan

IPC分类号： G06F21/20

CPC分类号： H04L63/0281 ,  H04L63/1458 ,  H04L63/1466 ,  H04L67/141 ,  H04L67/2814

摘要： A method includes sending a first redirect instruction to a first client in response to a first session request received at a service address, and establishing a first session with the first client in response to a second session request received at the first redirect address indicated by the first redirect instruction. Additionally, the method includes determining a first service interval has passed, and sending a second redirect instruction to a second client in response to a third session request received at the service address after the first service interval has passed. The method still further includes establishing a second session with the second client in response to the fourth session request received at the second redirect address indicated by the second redirect instruction after the first service interval has passed, and rejecting the fifth session request received from a third client at the first redirect address after the first service interval has passed.

摘要翻译： 一种方法包括响应于在服务地址处接收到的第一会话请求向第一客户端发送第一重定向指令，以及响应于在由所述第一重定向地址指示的第一重定向地址接收到的第二会话请求，建立与第一客户端的第一会话 第一个重定向指令。 此外，该方法包括确定已经过去的第一服务间隔，并且响应于在经过第一服务间隔之后在服务地址处接收的第三会话请求，向第二客户端发送第二重定向指令。 该方法还包括响应于在第一服务间隔已经过去之后由第二重定向指令指示的第二重定向地址处接收到的第四会话请求，建立与第二客户端的第二会话，并且拒绝从第三客户端接收到的第五会话请求 客户端在第一个服务间隔之后的第一个重定向地址。

公开(公告)号：US20100070902A1

公开(公告)日：2010-03-18

申请号：US12341238

申请日：2008-12-22

申请人： Gustavo DE LOS REYES ,  Sanjay MacWan ,  Gang Xu ,  Howard Shirokmann ,  Rachel Rosencrantz ,  Thusitha Jayawardena

发明人： Gustavo DE LOS REYES ,  Sanjay MacWan ,  Gang Xu ,  Howard Shirokmann ,  Rachel Rosencrantz ,  Thusitha Jayawardena

IPC分类号： G06F3/048

CPC分类号： G05B15/02 ,  G06F3/023 ,  G06F3/038 ,  G06F3/0489 ,  H04N21/2265 ,  H04N21/43615 ,  H04N21/4622 ,  H04N21/482 ,  H04N21/6377

摘要： A computer readable storage medium storing a set of instructions that are executable by a processor, the set of instructions being operable to store a virtual representation of a plurality of physical components, display the virtual representation, receive user interaction with at least one of the virtual representations and send a command to the physical component corresponding to the user interaction.

摘要翻译： 存储可由处理器执行的一组指令的计算机可读存储介质，所述指令集可操作以存储多个物理组件的虚拟表示，显示所述虚拟表示，接收与所述虚拟表示中的至少一个的用户交互 表示并发送命令到对应于用户交互的物理组件。

公开(公告)号：US09148376B2

公开(公告)日：2015-09-29

申请号：US12963227

申请日：2010-12-08

申请人： Thusitha Jayawardena ,  Gustavo de los Reyes ,  Xiao Pan ,  Gang Xu

发明人： Thusitha Jayawardena ,  Gustavo de los Reyes ,  Xiao Pan ,  Gang Xu

IPC分类号： H04L12/28 ,  H04L12/803 ,  H04L12/24 ,  H04L12/26 ,  H04L12/801 ,  H04L12/851 ,  H04L29/06

CPC分类号： H04L47/122 ,  H04L41/5022 ,  H04L43/0882 ,  H04L43/16 ,  H04L47/10 ,  H04L47/24 ,  H04L63/08 ,  H04L63/1458 ,  H04L65/00 ,  H04L65/80

摘要： A method provides for the dynamic traffic prioritization in a communication network. The method electronically monitors traffic in a communication network and determines when traffic exceeds configured thresholds on the links of the communication network. Thus, the method determines a link which is potentially about to be congested in the communication network. The method categorizes the traffic on this link by an end system attached to one end of the potentially congested link into a plurality of priority categories using application layer parameters. Using a re-direct capability of the end system, the method re-directs at least one of the pluralities of priority categories of traffic to an alternate Internet Protocol address. The method uses preconfigured Quality of Service mechanisms on the provider edge router attached to the other end of the potentially congested link to guarantee a predetermined amount of bandwidth capacity of the link to traffic destined to the alternate Internet Protocol address.

摘要翻译： 一种方法提供通信网络中的动态流量优先级。 该方法电子监控通信网络中的流量，并确定流量何时超过通信网络链路上的配置阈值。 因此，该方法确定通信网络中潜在地将拥塞的链路。 该方法通过使用应用层参数将附接到潜在拥塞链路的一端的终端系统在该链路上分类为多个优先级类别。 使用终端系统的直接能力，该方法将多个优先级别的业务中的至少一个重定向到备用因特网协议地址。 该方法在连接到可能拥塞链路的另一端的提供商边缘路由器上使用预配置的服务质量机制，以保证到达备用因特网协议地址的流量的链路的预定量的带宽容量。

公开(公告)号：US08302189B2

公开(公告)日：2012-10-30

申请号：US12627733

申请日：2009-11-30

申请人： Gustavo de los Reyes ,  Thusitha Jayawardena ,  Gang Xu

发明人： Gustavo de los Reyes ,  Thusitha Jayawardena ,  Gang Xu

IPC分类号： G06F21/00

CPC分类号： H04L63/0209 ,  H04L63/1416

摘要： An edge monitoring approach can be utilized to detect an attack which includes a plurality of relatively low bandwidth attacks, which are aggregated at a victim sub-network. The aggregated low bandwidth attacks can generate a relatively high bandwidth attack including un-solicited data traffic directed to the victim' so that the aggregated attack becomes more detectable at an edge monitor circuit located proximate to the victim. Related systems, devices, and computer program products are also disclosed.

摘要翻译： 可以利用边缘监控方法来检测包括多个相对低带宽的攻击的攻击，这些攻击在受害子网络处被聚合。 聚合的低带宽攻击可以产生相对较高的带宽攻击，包括针对受害者的非请求数据流量，使得聚合攻击在位于受害者附近的边缘监视器电路更可检测。 还公开了相关系统，设备和计算机程序产品。

公开(公告)号：US20110131650A1

公开(公告)日：2011-06-02

申请号：US12627733

申请日：2009-11-30

申请人： Gustavo de los Reyes ,  Thusitha Jayawardena ,  Gang Xu

发明人： Gustavo de los Reyes ,  Thusitha Jayawardena ,  Gang Xu

IPC分类号： G06F21/00

CPC分类号： H04L63/0209 ,  H04L63/1416

摘要： An edge monitoring approach can be utilized to detect an attack which includes a plurality of relatively low bandwidth attacks, which are aggregated at a victim sub-network. The aggregated low bandwidth attacks can generate a relatively high bandwidth attack including un-solicited data traffic directed to the victim' so that the aggregated attack becomes more detectable at an edge monitor circuit located proximate to the victim. Related systems, devices, and computer program products are also disclosed.

摘要翻译： 可以利用边缘监控方法来检测包括多个相对低带宽的攻击的攻击，这些攻击在受害子网络处被聚合。 聚合的低带宽攻击可以产生相对较高的带宽攻击，包括针对受害者的非请求数据流量，使得聚合攻击在位于受害者附近的边缘监视器电路更可检测。 还公开了相关系统，设备和计算机程序产品。

公开(公告)号：US08644159B2

公开(公告)日：2014-02-04

申请号：US13557909

申请日：2012-07-25

申请人： Thusitha Jayawardena ,  Gustavo de los Reyes

发明人： Thusitha Jayawardena ,  Gustavo de los Reyes

IPC分类号： G06F11/00 ,  G06F15/173 ,  H04L12/66

CPC分类号： H04L43/028 ,  H04L63/0227 ,  H04L63/1416 ,  H04L63/1458

摘要： A priority server for a provider network includes a traffic volume detection module, a traffic analyzer module, and a rules module. The traffic volume detection module receives operational information from the provider network and determines that a host is experiencing a flash event based upon the operational information. The traffic analyzer module determines that the flash event is not a distributed denial of service attack on the host. When it is determined that the flash event is not a distributed denial of service attack, the rules module provides a priority rule to an access router that is coupled to the host.

摘要翻译： 提供商网络的优先服务器包括流量检测模块，流量分析器模块和规则模块。 流量检测模块从提供商网络接收操作信息，并且基于操作信息确定主机正在经历闪存事件。 流量分析器模块确定闪存事件不是主机上的分布式拒绝服务攻击。 当确定闪存事件不是分布式拒绝服务攻击时，规则模块向耦合到主机的接入路由器提供优先级规则。