Memory device, stack protection system, computer system, compiler, stack protection method, storage medium and program transmission apparatus
    1.
    发明授权
    Memory device, stack protection system, computer system, compiler, stack protection method, storage medium and program transmission apparatus 失效
    存储器件,堆栈保护系统,计算机系统,编译器,堆栈保护方法,存储介质和程序传输装置

    公开(公告)号:US06941473B2

    公开(公告)日:2005-09-06

    申请号:US09772373

    申请日:2001-01-30

    IPC分类号: G06F9/42 G06F21/22 G06F12/16

    CPC分类号: G06F21/52 G06F9/4486

    摘要: A memory device is provided that is used by a computer system and that has a memory pattern obtained after a function is called when the computer system executes a program, the memory pattern comprising: a return address storage area for storing a return address 230 for the source of a call for the execution of a currently active function; a previous frame pointer storage area for storing a previous frame pointer 220 to the calling source for the execution of a currently active function; and a local variable storage area to be located below the return address storage area 230 and the previous frame pointer storage area 22, wherein when a data array 211 is stored in the local variable area, a guard variable 212 is stored in a location preceding the data array 211, and wherein the guard variable is used as a target to confirm whether the return address has been destroyed.

    摘要翻译: 提供了一种由计算机系统使用并且在计算机系统执行程序时调用功能之后获得的存储器模式的存储器装置,该存储器模式包括:返回地址存储区域,用于存储用于 调用执行当前活动功能的来源; 前一帧指针存储区域,用于将前一帧指针220存储到调用源以执行当前活动的功能; 以及位于返回地址存储区域230和先前帧指针存储区域22之下的局部变量存储区域,其中当数据阵列211存储在局部可变区域中时,保护变量212存储在 数据阵列211,并且其中保护变量用作目标,以确认返回地址是否已被破坏。

    Communications monitoring, processing and intrusion detection
    2.
    发明授权
    Communications monitoring, processing and intrusion detection 有权
    通信监控,处理和入侵检测

    公开(公告)号:US07360246B2

    公开(公告)日:2008-04-15

    申请号:US10672342

    申请日:2003-09-26

    IPC分类号: G06F11/30 G06F15/173

    CPC分类号: H04L63/1408 H04L63/1441

    摘要: Systems, apparatus and methods to monitor communications conducted via a host computer placed under the management of security measures such as firewalls or routers' filtering capabilities. A communications monitoring system which includes a packet input means for connecting to predetermined points on a network via a network interface and receiving communications packets flowing at the points; and matching means for performing real-time matching between two packet streams composed of received communications packets each time a communications packet is received. If the two packet streams are highly similar, it is highly likely that an attack or intrusion is being made and an alert is issued.

    摘要翻译: 用于监控通过主机安装在通过诸如防火墙或路由器过滤能力等安全措施管理的通信进行通信的系统,装置和方法。 一种通信监视系统,包括:分组输入装置,用于经由网络接口​​连接到网络上的预定点,并接收在所述点流动的​​通信分组; 以及用于在每次接收到通信分组时,由接收的通信分组组成的两个分组流之间进行实时匹配的匹配装置。 如果两个数据包流非常相似,则很可能发生攻击或入侵,并发出警报。

    Access chain tracing system, network system, and storage medium
    3.
    发明授权
    Access chain tracing system, network system, and storage medium 失效
    接入链跟踪系统,网络系统和存储介质

    公开(公告)号:US07127510B2

    公开(公告)日:2006-10-24

    申请号:US09770531

    申请日:2001-01-26

    IPC分类号: G06F15/16 G06F15/173

    摘要: Log data for a packet that is exchanged across a network are recorded in a log box. At this time, the data size of the packet and the detection time are recorded. When an illegal access has occurred at a target computer, the tracing of an access chain is performed on the log information. The tracing of the access chain is performed as follows. A change in the size of the data in a packet in accordance with the time of the first connection, and a change in the size of the data in a packet in accordance with the time of the second connection are calculated using the log data, and then the shapes of the graphs formed by these packet series are compared. When the shapes of the graphs are similar, it is ascertained that the pertinent connections are included in the same chain.

    摘要翻译: 通过网络交换的数据包的日志数据记录在日志框中。 此时,记录数据包的数据大小和检测时间。 当目标计算机发生非法访问时,对日志信息执行访问链的跟踪。 访问链的跟踪执行如下。 使用日志数据来计算根据第一连接的时间的分组中的数据的大小的变化以及根据第二连接的时间的分组中的数据的大小的变化,以及 然后比较由这些分组序列形成的图形的形状。 当图形的形状相似时,确定相关连接被包括在同一个链中。

    Anomaly detection
    4.
    发明申请
    Anomaly detection 有权
    异常检测

    公开(公告)号:US20090031176A1

    公开(公告)日:2009-01-29

    申请号:US11933270

    申请日:2007-10-31

    IPC分类号: G06F11/34

    摘要: A system such as a Web-based system in which a plurality of computers interact with each other is monitored to detect online an anomaly. Transactions of a service provided by each of a plurality of computers to another computer are collected, a matrix of correlations between nodes in the system is calculated from the transactions, and a feature vector representing anode activity balance is obtained from the matrix. The feature vector is monitored using a probability model to detect a transition to an anomalous state.

    摘要翻译: 监视多个计算机彼此交互的诸如基于Web的系统的系统以在线检测异常。 收集由多台计算机中的每一台提供给另一台计算机的服务的交易,从事务中计算系统中的节点之间的相关矩阵,并从该矩阵中获得表示阳极活动平衡的特征向量。 使用概率模型监测特征向量以检测到异常状态的转变。

    Anomaly detection
    5.
    发明授权
    Anomaly detection 有权
    异常检测

    公开(公告)号:US07647524B2

    公开(公告)日:2010-01-12

    申请号:US11933270

    申请日:2007-10-31

    IPC分类号: G06F11/00

    摘要: A system such as a Web-based system in which a plurality of computers interact with each other is monitored to detect online an anomaly. Transactions of a service provided by each of a plurality of computers to another computer are collected, a matrix of correlations between nodes in the system is calculated from the transactions, and a feature vector representing anode activity balance is obtained from the matrix. The feature vector is monitored using a probability model to detect a transition to an anomalous state.

    摘要翻译: 监视多个计算机彼此交互的诸如基于Web的系统的系统以在线检测异常。 收集由多台计算机中的每一台提供给另一台计算机的服务的交易,从事务中计算系统中的节点之间的相关矩阵,并从该矩阵中获得表示阳极活动平衡的特征向量。 使用概率模型监测特征向量以检测到异常状态的转变。

    Anomaly detection
    6.
    发明授权
    Anomaly detection 失效
    异常检测

    公开(公告)号:US07346803B2

    公开(公告)日:2008-03-18

    申请号:US11045918

    申请日:2005-01-28

    IPC分类号: G06F11/00

    摘要: A system such as a Web-based system in which a plurality of computers interact with each other is monitored to detect online an anomaly. Transactions of a service provided by each of a plurality of computers to another computer are collected, a matrix of correlations between nodes in the system is calculated from the transactions, and a feature vector representing a node activity balance is obtained from the matrix. The feature vector is monitored using a probability model to detect a transition to an anomalous state.

    摘要翻译: 监视多个计算机彼此交互的诸如基于Web的系统的系统以在线检测异常。 收集由多台计算机中的每一台提供给另一计算机的服务的事务,从事务中计算系统中节点之间的相关矩阵,并从矩阵中获得表示节点活动余额的特征向量。 使用概率模型监测特征向量以检测到异常状态的转变。

    Anomaly detection
    7.
    发明申请
    Anomaly detection 失效
    异常检测

    公开(公告)号:US20050193281A1

    公开(公告)日:2005-09-01

    申请号:US11045918

    申请日:2005-01-28

    摘要: A system such as a Web-based system in which a plurality of computers interact with each other is monitored to detect online an anomaly. Transactions of a service provided by each of a plurality of computers to another computer are collected, a matrix of correlations between nodes in the system is calculated from the transactions, and a feature vector representing anode activity balance is obtained from the matrix. The feature vector is monitored using a probability model to detect a transition to an anomalous state.

    摘要翻译: 监视多个计算机彼此交互的诸如基于Web的系统的系统以在线检测异常。 收集由多台计算机中的每一台提供给另一台计算机的服务的交易,从事务中计算系统中的节点之间的相关矩阵,并从该矩阵中获得表示阳极活动平衡的特征向量。 使用概率模型监测特征向量以检测到异常状态的转变。

    Management of monitoring sessions between monitoring clients and monitoring target server
    8.
    发明申请
    Management of monitoring sessions between monitoring clients and monitoring target server 失效
    管理监控客户端和监控目标服务器之间的监控会话

    公开(公告)号:US20080147845A1

    公开(公告)日:2008-06-19

    申请号:US11612927

    申请日:2006-12-19

    IPC分类号: G06F15/173

    CPC分类号: H04L67/22 H04L43/0888

    摘要: A system includes a monitoring management server, a monitoring target server, and one or more monitoring clients. The management server determines monitoring parameters for each client. The monitoring parameters specify at least when a client is to begin a monitoring session with the target server and when the client is to end the session with the target server. The management server determines the monitoring parameters for each client such that a predetermined maximum number of monitoring sessions performed within each time period is never exceeded by the target server. Each client receives monitoring parameters from the management server in response to a request initiated by the client, initiates a monitoring session with the target server in accordance with the monitoring parameters, and reports results of the monitoring session to the management server upon the monitoring session ending.

    摘要翻译: 系统包括监视管理服务器,监视目标服务器和一个或多个监视客户机。 管理服务器确定每个客户端的监视参数。 监控参数至少指定客户端何时开始与目标服务器的监视会话,以及何时客户端要结束与目标服务器的会话。 管理服务器确定每个客户端的监控参数,使得目标服务器不会超过在每个时间段内执行的预定最大数量的监视会话。 每个客户端响应于由客户端发起的请求,从管理服务器接收监控参数,根据监控参数启动与目标服务器的监控会话,并在监控会话结束时将监控会话结果报告给管理服务器 。

    Apparatus, method and program for physical state controller
    9.
    发明授权
    Apparatus, method and program for physical state controller 失效
    物理状态控制器的装置,方法和程序

    公开(公告)号:US07096075B2

    公开(公告)日:2006-08-22

    申请号:US10827869

    申请日:2004-04-20

    IPC分类号: G05B13/02

    CPC分类号: G05B5/01 G05D23/1917

    摘要: For determination as to whether there is a possibility that temperature control satisfying conditions according to an upper limit LH_i and a lower limit LL_i of the annealing control temperatures of annealing object steel sections i will be realized under restrictions on limit values U and D of the control temperature increase and decrease rates, computation is performed without using dynamic programming requiring an enormous amount of data on a continuous annealing line of a steelwork. Annealing object steel sections in an annealing object steel band 12 to be computed are assigned numbers 1, 2, . . . , n in order from the first time division in the direction of movement. T_i is a time required to pass the annealing object steel section i through a predetermined point at which the steel section undergoes temperature control. LH_1=LL_1=b is given. X_i=[IL_i−D*T_i, IH_i+U*T_i] is computed. When X_L_i1f, Y_i=X_iL_i. When X_i L_i=f, Y_i=X_i. Y—i is computed from i=1 to i=n in ascending order.

    摘要翻译: 为了确定是否存在满足根据退火对象钢部i的退火控制温度的退火控制温度的上限LH_i和下限LL_i的条件的温度控制的可能性,在对控制的限制值U和D的限制下实现 温度升高和降低率,在不使用需要在钢结构的连续退火线上大量数据的动态规划的情况下进行计算。 对要计算的退火对象钢带12中的退火对象钢部分分配号码1,2。 。 。 ,n按顺序从第一次划分的方向移动。 T_i是将退火对象钢部i通过钢部进行温度控制的规定点所需的时间。 LH_1 = LL_1 = b给出。 计算X_i = [IL_i-D * T_i,IH_i + U * T_i]。 当X_ L_i <1> F,Y_i = X_i L_i。 当X_i L_i = f,Y_i = X_i。 从i = 1到i = n以升序计算Y i -i

    Method and apparatus for deriving association rules from data and for
segmenting rectilinear regions
    10.
    发明授权
    Method and apparatus for deriving association rules from data and for segmenting rectilinear regions 失效
    从数据和分割直线区域导出关联规则的方法和装置

    公开(公告)号:US5991752A

    公开(公告)日:1999-11-23

    申请号:US025536

    申请日:1998-02-18

    摘要: The present application discloses a method and apparatus for extracting association rules from data having two or more numeric attributes and a true-false attribute, and for presenting the rules in an easily understandable form. The method comprises the steps of: (i) storing numbers u(i,j) and v(i,j) of data in each pixel whose true-false attribute is true, so as to correspond to each pixel in a plane; (ii) inputting a condition .theta.; (iii) segmenting from the plane a rectilinear region S of the pixels to maximize the equation ##EQU1## ;and (iv) outputting data included in the segmented rectilinear region S. The invention also allows regions to be derived which satisfy a desired support maximization rule, confidence maximization rule, optimized entropy rule, and optimized interclass variance rule.

    摘要翻译: 本申请公开了一种用于从具有两个或多个数字属性和真假属性的数据提取关联规则并且以容易理解的形式呈现规则的方法和装置。 该方法包括以下步骤:(i)在真假属性为真的每个像素中存储数据u(i,j)和v(i,j),以便对应于平面中的每个像素; (ii)输入条件θ; (iii)从平面分割像素的直线区域S以最大化方程;以及(iv)输出包括在分割直线区域S中的数据。本发明还允许导出满足期望的支持最大化规则的区域,置信度 最大化规则,优化熵规则和优化的类间方差规则。