公开(公告)号：US07464404B2

公开(公告)日：2008-12-09

申请号：US11283380

申请日：2005-11-17

申请人： Brian Edward Carpenter ,  Kevin David Himberger ,  Clark Debs Jeffries ,  Mohammad Peyravian

发明人： Brian Edward Carpenter ,  Kevin David Himberger ,  Clark Debs Jeffries ,  Mohammad Peyravian

IPC分类号： G06F9/00 ,  G06F11/00 ,  G06F15/173 ,  G06F15/16

CPC分类号： H04L63/1458 ,  G06F21/00 ,  G06F21/552 ,  H04L69/22

摘要： A method of progressive response for invoking and suspending blocking measures that defend against network anomalies such as malicious network traffic so that false positives and false negatives are minimized. When a truncated secure session attack is detected, the detector notifies protective equipment such as a firewall or a router to invoke a blocking measure. The blocking measure is maintained for an initial duration, after which it is suspended while another test for the anomaly is made. If the attack is no longer evident, the method returns to the state of readiness. Otherwise, a loop is executed to re-applying the blocking measure for a specified duration, then suspend the blocking measure and test again for the attack. If the attack is detected, the blocking measure is re-applied, and its duration is adapted. If the attack is no longer detected, the method returns to the state of readiness.

摘要翻译： 一种逐步响应的方法，用于调用和中止阻止网络异常（如恶意网络流量）的阻塞措施，从而最大限度地减少误报和假阴性。 当检测到截断的安全会话攻击时，检测器通知防火墙或路由器等防护设备调用阻塞措施。 阻塞措施保持初始持续时间，之后暂停，并进行另一次异常测试。 如果攻击不再明显，则该方法返回到准备状态。 否则，执行一个循环以在指定的持续时间内重新应用阻塞度量，然后暂停阻止措施并再次测试攻击。 如果检测到攻击，则重新应用阻塞措施，并适应其持续时间。 如果不再检测到攻击，该方法返回到准备状态。

公开(公告)号：US07489246B2

公开(公告)日：2009-02-10

申请号：US11766883

申请日：2007-06-22

申请人： Kevin David Himberger ,  Clark Debs Jeffries ,  Mohammad Peyravian

发明人： Kevin David Himberger ,  Clark Debs Jeffries ,  Mohammad Peyravian

IPC分类号： G08B13/14

CPC分类号： G06K19/0723 ,  G06K19/0717

摘要： System and method for recording temperature on an RFID tag. A first RFID tag is attached to a container. The first RFID tag includes a temperature sensor. The container contains a multiplicity of packages. A multiplicity of second RFID tags are attached to the multiplicity of packages, respectively. The first RFID tag transmits temperature information to the multiplicity of second RFID tags. In response, the multiplicity of second RFID tags record the temperature information. Consequently, there is no need for expensive temperature sensors on the multiplicity of RFID tags on the packages. According to features of the present invention, the first RFID tag is an active RFID tag, and the multiplicity of second RFID tags are passive RFID tags. The first RFID tag also transmits other information to the multiplicity of second RFID tags to enable the second RFID tags to authenticate the temperature information. Other types of environmental sensors such as a humidity sensor or vibration sensor can substitute for the temperature sensor.

摘要翻译： 记录RFID标签温度的系统和方法。 第一个RFID标签连接到容器。 第一RFID标签包括温度传感器。 容器包含多个包。 多个第二RFID标签分别附接到多个包装。 第一RFID标签将温度信息传送到多个第二RFID标签。 作为响应，第二RFID标签的多个记录温度信息。 因此，不需要在包装上的RFID标签上的昂贵的温度传感器。 根据本发明的特征，第一RFID标签是有源RFID标签，多个第二RFID标签是无源RFID标签。 第一RFID标签还向多个第二RFID标签传送其他信息，以使第二RFID标签能够认证温度信息。 其他类型的环境传感器，如湿度传感器或振动传感器可以代替温度传感器。

公开(公告)号：US07327260B2

公开(公告)日：2008-02-05

申请号：US11132535

申请日：2005-05-19

申请人： Kevin David Himberger ,  Clark Debs Jeffries ,  Mohammad Peyravian

发明人： Kevin David Himberger ,  Clark Debs Jeffries ,  Mohammad Peyravian

IPC分类号： G08B13/14 ,  G06K7/00

CPC分类号： G06K19/0723 ,  G06K19/0717

摘要： System and method for recording temperature on an RFID tag. A first RFID tag is attached to a container. The first RFID tag includes a temperature sensor. The container contains a multiplicity of packages. A multiplicity of second RFID tags are attached to the multiplicity of packages, respectively. The first RFID tag transmits temperature information to the multiplicity of second RFID tags. In response, the multiplicity of second RFID tags record the temperature information. Consequently, there is no need for expensive temperature sensors on the multiplicity of RFID tags on the packages. According to features of the present invention, the first RFID tag is an active RFID tag, and the multiplicity of second RFID tags are passive RFID tags. The first RFID tag also transmits other information to the multiplicity of second RFID tags to enable the second RFID tags to authenticate the temperature information. Other types of environmental sensors such as a humidity sensor or vibration sensor can substitute for the temperature sensor.

摘要翻译： 记录RFID标签温度的系统和方法。 第一个RFID标签连接到容器。 第一RFID标签包括温度传感器。 容器包含多个包。 多个第二RFID标签分别附接到多个包装。 第一RFID标签将温度信息传送到多个第二RFID标签。 作为响应，第二RFID标签的多个记录温度信息。 因此，不需要在包装上的RFID标签上的昂贵的温度传感器。 根据本发明的特征，第一RFID标签是有源RFID标签，多个第二RFID标签是无源RFID标签。 第一RFID标签还向多个第二RFID标签传送其他信息，以使第二RFID标签能够认证温度信息。 其他类型的环境传感器，如湿度传感器或振动传感器可以代替温度传感器。

公开(公告)号：US08468208B2

公开(公告)日：2013-06-18

申请号：US13532061

申请日：2012-06-25

申请人： John Fred Davis ,  Kevin David Himberger ,  Clark Debs Jeffries ,  Garreth Joseph Jeremiah

发明人： John Fred Davis ,  Kevin David Himberger ,  Clark Debs Jeffries ,  Garreth Joseph Jeremiah

IPC分类号： G06F15/16

CPC分类号： H04L63/0236 ,  H04L51/12 ,  H04L63/0263

摘要： A system, method and program product for blocking unwanted e-mails. An e-mail is identified as unwanted. A source IP address of the unwanted e-mail is determined. Other source IP addresses owned or registered by an owner or registrant of the source IP address of the unwanted e-mail are determined. Subsequent e-mails from the source IP address and the other IP addresses are blocked. This will thwart a spammer who shifts to a new source IP address when its spam is blocked from one source IP address.

摘要翻译： 用于阻止不必要的电子邮件的系统，方法和程序产品。 电子邮件被标识为不需要的。 确定不需要的电子邮件的源IP地址。 确定不想要的电子邮件的源IP地址的所有者或注册人拥有或注册的其他源IP地址。 源IP地址和其他IP地址的后续电子邮件被阻止。 这将阻止垃圾邮件发送者转移到新的源IP地址，当其垃圾邮件被一个源IP地址阻止时。

公开(公告)号：US08423645B2

公开(公告)日：2013-04-16

申请号：US10940558

申请日：2004-09-14

申请人： Clark Debs Jeffries ,  Robert William Danford ,  Terry Dwain Escamilla ,  Kevin David Himberger

发明人： Clark Debs Jeffries ,  Robert William Danford ,  Terry Dwain Escamilla ,  Kevin David Himberger

IPC分类号： G06F15/173 ,  G06F15/16 ,  G06F11/00 ,  G06F12/16 ,  H04L29/06

CPC分类号： G06F21/55 ,  G06F11/349 ,  G06F11/3495 ,  G06F2201/81 ,  H04L63/1416 ,  H04L63/1458 ,  H04L2463/141 ,  H04L2463/144 ,  Y02D10/34

摘要： A method of, system for, and product for managing a denial of service attack in a multiprocessor environment comprising. The first step is establishing normal traffic usage baselines in the multiprocessor environment. Once the baseline is established the next step is monitoring outgoing traffic to detect a high proportion of packets being sent to a specific destination address, and a high number of outbound packets compared to said baseline. Next is monitoring ports and protocols to detect a high proportion of packets sent to a specific port, and a consistent use of a protocol for all packets for that port. If there is such consistent use of a protocol for all packets for that port as to evidence a denial of service attack, blocking measures are started to mitigate the apparent denial of service attack.

摘要翻译： 一种用于在多处理器环境中管理拒绝服务攻击的方法，系统和产品，包括： 第一步是在多处理器环境中建立正常的流量使用基线。 一旦基线建立，下一步就是监测输出流量，以检测发送到特定目的地地址的大部分数据包，以及与所述基线相比较的大量出站分组。 接下来是监控端口和协议，以检测发送到特定端口的大部分数据包，并且一致地使用该端口的所有数据包的协议。 如果对该端口的所有数据包使用协议一致，以证明拒绝服务攻击，就会开始阻止措施来减轻明显的拒绝服务攻击。

公开(公告)号：US20120265834A1

公开(公告)日：2012-10-18

申请号：US13532061

申请日：2012-06-25

申请人： John Fred Davis ,  Kevin David Himberger ,  Clark Debs Jeffries ,  Garreth Joseph Jeremiah

发明人： John Fred Davis ,  Kevin David Himberger ,  Clark Debs Jeffries ,  Garreth Joseph Jeremiah

IPC分类号： G06F15/16

CPC分类号： H04L63/0236 ,  H04L51/12 ,  H04L63/0263

摘要： A system, method and program product for blocking unwanted e-mails. An e-mail is identified as unwanted. A source IP address of the unwanted e-mail is determined. Other source IP addresses owned or registered by an owner or registrant of the source IP address of the unwanted e-mail are determined. Subsequent e-mails from the source IP address and the other IP addresses are blocked. This will thwart a spammer who shifts to a new source IP address when its spam is blocked from one source IP address.

摘要翻译： 用于阻止不必要的电子邮件的系统，方法和程序产品。 电子邮件被标识为不需要的。 确定不需要的电子邮件的源IP地址。 确定不想要的电子邮件的源IP地址的所有者或注册人拥有或注册的其他源IP地址。 源IP地址和其他IP地址的后续电子邮件被阻止。 这将阻止一个垃圾邮件发送者转移到新的源IP地址，当其垃圾邮件从一个源IP地址被阻止时。

公开(公告)号：US07957372B2

公开(公告)日：2011-06-07

申请号：US10896733

申请日：2004-07-22

申请人： Alan David Boulanger ,  Robert William Danford ,  Kevin David Himberger ,  Clark Debs Jeffries

发明人： Alan David Boulanger ,  Robert William Danford ,  Kevin David Himberger ,  Clark Debs Jeffries

IPC分类号： H04L12/28 ,  G06F9/00 ,  G06F11/00

CPC分类号： H04L63/1416 ,  H04L63/1466

摘要： A detection and response system including a set of algorithms for detecting within a stream of normal computer traffic a subset of (should focus on network traffic eliciting a response) TCP or UDP packets with one IP Source Address (SA) value, one or a few Destination Address (DA) values, and a number exceeding a threshold of distinct Destination Port (DP) values. A lookup mechanism such as a Direct Table and Patricia search tree record and trace sets of packets with one SA and one DA as well as the set of DP values observed for the given SA, DA combination. The detection and response system reports the existence of such a subset and the header values including SA, DA, and multiple DPs of the subset. The detection and response system also includes various administrative responses to reports.

摘要翻译： 一种检测和响应系统，包括一组用于在正常计算机业务流内检测的一组算法（应该侧重于引发响应的网络业务）具有一个IP源地址（SA）值的TCP或UDP分组，一个或几个 目标地址（DA）值和超过不同目标端口（DP）值阈值的数字。 一个查找机制，如直接表和帕特里夏搜索树记录，跟踪一组SA和一个DA的数据包以及给定SA，DA组合观察到的一组DP值。 检测和响应系统报告这样的子集的存在以及包括SA，DA和子集的多个DP的标题值。 检测和响应系统还包括对报告的各种管理响应。

公开(公告)号：US07669240B2

公开(公告)日：2010-02-23

申请号：US10896680

申请日：2004-07-22

申请人： Alan David Boulanger ,  Robert William Danford ,  Kevin David Himberger ,  Clark Debs Jeffries

发明人： Alan David Boulanger ,  Robert William Danford ,  Kevin David Himberger ,  Clark Debs Jeffries

IPC分类号： H04L29/02 ,  H04L29/08

CPC分类号： H04L63/145 ,  H04L43/00 ,  H04L63/0236 ,  H04L63/1416

摘要： A detection and response system including a set of algorithms for detection within a stream of normal computer traffic a subset of TCP packets with one IP Source Address (SA), one Destination Port (DP), and a number exceeding a threshold of distinct Destination Addresses (DA). There is efficient use of a lookup mechanism such as a Direct Table and Patricia search tree to record sets of packets with one SA and one DP as well as the set of DA values observed for the given SA, DP combination. The existence of such a subset and the header values including SA, DP, and multiple DAs of the subset are reported to a network administrator. In addition, various administrative responses to reports are provided.

摘要翻译： 一种检测和响应系统，包括用于在正常计算机业务流内检测的一组算法，具有一个IP源地址（SA）的TCP分组的子集，一个目的地端口（DP）以及超过不同目的地址的阈值的数量 （DA）。 有效利用诸如直接表和帕特里夏搜索树之类的查找机制来记录具有一个SA和一个DP的分组集合以及针对给定的SA，DP组合观察到的一组DA值。 这样的子集的存在和包括该子集的SA，DP和多个DA的标题值被报告给网络管理员。 此外，还提供了各种对报告的行政回应。

公开(公告)号：US07657942B2

公开(公告)日：2010-02-02

申请号：US11033436

申请日：2005-01-11

申请人： Kevin David Himberger ,  Clark Debs Jeffries ,  Charles Steven Lingafelt ,  Allen Leonid Roginsky ,  Phillip Singleton

发明人： Kevin David Himberger ,  Clark Debs Jeffries ,  Charles Steven Lingafelt ,  Allen Leonid Roginsky ,  Phillip Singleton

IPC分类号： H04L29/14 ,  G08B23/00

CPC分类号： G06F21/552 ,  G06F21/577 ,  G06Q40/08 ,  G08B21/22

摘要： A method, apparatus, and computer instructions for providing a current and complete security compliance view of an enterprise system. The present invention provides the ability to gain a real-time security posture and security compliance view of an enterprise and to assess the risk impact of known threats and attacks to continued business operations at various levels is provided. Responsive to a change to an enterprise environment, a request, or an external threat, an administrator loads or updates at least one of a Critical Application Operations database, a Historical database, an Access Control database, a Connectivity database, and a Threat database. Based on a comparison of information in the databases against similar security data elements from company or external policies, the administrator may generate a Security Compliance view of the enterprise. A Security Posture view may also be generated by comparing the Security Compliance view against data in the Threat database.

摘要翻译： 一种用于提供企业系统的当前和完整的安全合规性视图的方法，装置和计算机指令。 本发明提供获得企业的实时安全状态和安全合规性视图的能力，并且评估已知威胁和攻击对于各个级别的持续业务操作的风险影响。 响应企业环境，请求或外部威胁的更改，管理员加载或更新关键应用程序操作数据库，历史数据库，访问控制数据库，连接数据库和威胁数据库中的至少一个。 基于数据库中的信息与公司或外部策略中类似的安全数据元素的比较，管理员可以生成企业的安全合规性视图。 通过将安全合规性视图与威胁数据库中的数据进行比较，也可以生成安全性状态视图。

公开(公告)号：US08176126B2

公开(公告)日：2012-05-08

申请号：US10926641

申请日：2004-08-26

申请人： John Fred Davis ,  Kevin David Himberger ,  Clark Debs Jeffries ,  Garreth Joseph Jeremiah

发明人： John Fred Davis ,  Kevin David Himberger ,  Clark Debs Jeffries ,  Garreth Joseph Jeremiah

IPC分类号： G06F15/16 ,  G06F15/173

CPC分类号： H04L51/12 ,  G06Q10/107

摘要： A system, method and program product for managing e-mails from a source suspected of sending spam. The e-mails are received at a firewall or router en route to a mail server. A determination is made whether a source has sent an e-mail which exhibits characteristics of spam. In response, subsequent e-mails from the source destined for the mail server are rate-limiting at the firewall or router such that the firewall or router limits a rate at which the subsequent e-mails are forwarded from the firewall or router to the mail server. The rate is predetermined and less than a maximum rate at which the firewall or router can physically forward e-mails to the mail server absent the rate limit. A determination is made whether another source has sent another e-mail which exhibits more characteristics of spam than the first said e-mail. In response, subsequent e-mails from this other source are blocked at the firewall or router. The rate limit can be a limit on a number of e-mails per unit of time from the source that will be forwarded from the firewall or router to the mail server.

摘要翻译： 用于管理来自怀疑发送垃圾邮件的来源的电子邮件的系统，方法和程序产品。 电子邮件在路由到邮件服务器的防火墙或路由器上收到。 确定来源是否发送了展示垃圾邮件特征的电子邮件。 作为回应，来自目的地为邮件服务器的源的后续电子邮件在防火墙或路由器上是速率限制的，使得防火墙或路由器限制后续电子邮件从防火墙或路由器转发到邮件的速率 服务器。 速率是预定的，并且小于防火墙或路由器可以在没有速率限制的情况下将电子邮件物理转发到邮件服务器的最大速率。 确定另一个来源是否发送了另一个具有比第一个所述电子邮件更多的垃圾邮件特征的电子邮件。 作为回应，来自其他来源的后续电子邮件在防火墙或路由器上被阻止。 速率限制可以限制从将从防火墙或路由器转发到邮件服务器的源的每单位时间的电子邮件数量。