-
1.发明授权Hierarchy-based method and apparatus for detecting attacks on a computer system 有权用于检测对计算机系统的攻击的基于层次的方法和装置公开(公告)号:US07234168B2
公开(公告)日:2007-06-19
申请号:US10172764
申请日:2002-06-13
申请人: Ramesh M. Gupta , Parveen K. Jain , Keith E. Amidon , Fengmin Gong , Srikant Vissamsetti , Steve M. Haeffele , Ananth Raman
发明人: Ramesh M. Gupta , Parveen K. Jain , Keith E. Amidon , Fengmin Gong , Srikant Vissamsetti , Steve M. Haeffele , Ananth Raman
IPC分类号: G06F11/00
CPC分类号: H04L63/1408 , G06F21/55 , H04L63/1416 , H04L63/1441 , H04L63/1458
摘要: A method of provisioning a computer against computer attacks includes constructing a hierarchy characterizing different computer attacks and counter measures, and traversing this hierarchy to identify computer attacks and countermeasures relevant to a target platform. Detection and protection measures are collected in response to this traversing. These detection and protection measures are then downloaded to a security sensor associated with the target platform.
摘要翻译: 针对计算机攻击配置计算机的方法包括构建表征不同计算机攻击和对策的层次结构,并遍历该层次结构以识别与目标平台相关的计算机攻击和对策。 针对此遍历采集检测和保护措施。 然后将这些检测和保护措施下载到与目标平台相关联的安全传感器。
-
公开(公告)号:US07409714B2
公开(公告)日:2008-08-05
申请号:US10171805
申请日:2002-06-13
申请人: Ramesh M. Gupta , Parveen K. Jain , Keith E. Amidon , Fengmin Gong , Srikant Vissamsetti , Steve M. Haeffele , Ananth Raman
发明人: Ramesh M. Gupta , Parveen K. Jain , Keith E. Amidon , Fengmin Gong , Srikant Vissamsetti , Steve M. Haeffele , Ananth Raman
CPC分类号: H04L63/1408 , G06F21/55 , H04L63/1416 , H04L63/1441 , H04L63/1458
摘要: A method of forming a virtual intrusion detection system includes the step of positioning a set of sensors in a network environment, each sensor supporting multiple logical traffic paths. The method also includes the step of providing a set of sensor management systems corresponding to the set of sensors. This set of sensor management systems enforces a set of virtual intrusion detection systems, wherein each virtual intrusion detection system corresponds to a predetermined logical traffic path through the set of sensors, each virtual detection system providing sensor traffic information solely to authorized parties.
摘要翻译: 形成虚拟入侵检测系统的方法包括将一组传感器定位在网络环境中的步骤,每个传感器支持多个逻辑业务路径。 该方法还包括提供对应于该组传感器的一组传感器管理系统的步骤。 这组传感器管理系统实施一组虚拟入侵检测系统,其中每个虚拟入侵检测系统对应于通过该组传感器的预定逻辑业务路径,每个虚拟检测系统仅向授权方提供传感器交通信息。
-
公开(公告)号:US07624444B2
公开(公告)日:2009-11-24
申请号:US10172756
申请日:2002-06-13
申请人: Ramesh M. Gupta , Parveen K. Jain , Keith E. Amidon , Fengmin Gong , Srikant Vissamsetti , Steve M. Haeffele , Ananth Raman
发明人: Ramesh M. Gupta , Parveen K. Jain , Keith E. Amidon , Fengmin Gong , Srikant Vissamsetti , Steve M. Haeffele , Ananth Raman
IPC分类号: G06F11/00
CPC分类号: H04L63/1408 , G06F21/55 , H04L63/1416 , H04L63/1441 , H04L63/1458
摘要: A method of detecting intrusions on a computer includes the step of identifying an internet protocol field range describing fields within internet protocol packets received by a computer. A connectivity range is also established which describes a distribution of network traffic received by the computer. An internet protocol field threshold and a connectivity threshold are then determined from the internet protocol field range and connectivity range, respectively. During the operation of the computer, values are calculated for the internet protocol field range and connectivity range. These values are compared to the internet protocol metric threshold and connectivity metric threshold so as to identify an intrusion on the computer.
摘要翻译: 一种检测计算机上的入侵的方法包括识别由计算机接收的因特网协议分组内的字段的因特网协议字段范围的步骤。 还建立了一个连接范围,描述了计算机接收的网络流量分布。 然后分别从互联网协议字段范围和连接范围确定因特网协议字段阈值和连通性阈值。 在计算机运行期间,计算互联网协议字段范围和连接范围的值。 将这些值与互联网协议度量阈值和连接度量阈值进行比较,以便识别计算机上的入侵。
-
公开(公告)号:US07308715B2
公开(公告)日:2007-12-11
申请号:US10172803
申请日:2002-06-13
申请人: Ramesh M. Gupta , Parveen K. Jain , Keith E. Amidon , Fengmin Gong , Srikant Vissamsetti , Steve M. Haeffele , Ananth Raman
发明人: Ramesh M. Gupta , Parveen K. Jain , Keith E. Amidon , Fengmin Gong , Srikant Vissamsetti , Steve M. Haeffele , Ananth Raman
CPC分类号: H04L63/1408 , G06F21/55 , H04L63/1416 , H04L63/1441 , H04L63/1458
摘要: An intrusion signature describing an attack is stored on a computer. Once a plurality of internet protocol packets is received, the plurality of internet protocol packets collectively containing an information sequence within a series of states, it is rearranged so as to place the information sequence in order. Each state of the series of states is then successively examined so as to correlate the information sequence to the intrusion signature.
摘要翻译: 描述攻击的入侵签名存储在计算机上。 一旦接收到多个互联网协议分组,多个因特网协议分组集中地包含一系列状态中的信息序列,则重新排列以便依次放置信息序列。 然后连续检查系列状态的每个状态,以使信息序列与入侵签名相关联。
-
公开(公告)号:US07823204B2
公开(公告)日:2010-10-26
申请号:US11331730
申请日:2006-01-13
申请人: Ramesh M. Gupta , Parveen K. Jain , Keith E. Amidon , Fengmin Gong , Srikant Vissamsetti , Steve M. Haeffele , Ananth Raman
发明人: Ramesh M. Gupta , Parveen K. Jain , Keith E. Amidon , Fengmin Gong , Srikant Vissamsetti , Steve M. Haeffele , Ananth Raman
IPC分类号: G06F11/00
CPC分类号: H04L63/1408 , G06F21/55 , H04L63/1416 , H04L63/1441 , H04L63/1458
摘要: A method of detecting intrusions on a computer includes the step of identifying an internet protocol field range describing fields within internet protocol packets received by a computer. A connectivity range is also established which describes a distribution of network traffic received by the computer. An internet protocol field threshold and a connectivity threshold are then determined from the internet protocol field range and connectivity range, respectively. During the operation of the computer, values are calculated for the internet protocol field range and connectivity range. These values are compared to the internet protocol metric threshold and connectivity metric threshold so as to identify an intrusion on the computer.
摘要翻译: 一种检测计算机上的入侵的方法包括识别由计算机接收的因特网协议分组内的字段的因特网协议字段范围的步骤。 还建立了一个连接范围,描述了计算机接收的网络流量分布。 然后分别从互联网协议字段范围和连接范围确定因特网协议字段阈值和连通性阈值。 在计算机运行期间,计算互联网协议字段范围和连接范围的值。 将这些值与互联网协议度量阈值和连接度量阈值进行比较,以便识别计算机上的入侵。
-
公开(公告)号:US10021019B2
公开(公告)日:2018-07-10
申请号:US13543784
申请日:2012-07-06
申请人: Teemu Koponen , Keith E. Amidon , Paul S. Ingram , Martin Casado
发明人: Teemu Koponen , Keith E. Amidon , Paul S. Ingram , Martin Casado
IPC分类号: H04L12/707 , H04L12/741 , H04L29/08 , H04L29/06 , H04L12/701 , H04L12/24 , H04L12/70 , H04L12/947
CPC分类号: H04L45/22 , H04L29/06 , H04L29/08072 , H04L41/0896 , H04L45/00 , H04L45/74 , H04L47/00 , H04L49/25 , H04L69/329
摘要: Some embodiments provide a method that processes network data through a network. The method receives a packet destined for a network host associated with a logical datapath set implemented by a set of managed edge switching elements and a set of managed non-edge switching elements in the network. The method determines whether the packet is a known packet. When the packet is a known packet, the method forwards the packet to a managed switching element in the set of managed edge switching elements for forwarding to the network host. When the packet is not a known packet, the method forwards the packet to a managed switching element in the set of managed non-edge switching elements for further processing.
-
7.发明授权公开(公告)号:US09306875B2
公开(公告)日:2016-04-05
申请号:US13218477
申请日:2011-08-26
IPC分类号: H04L12/28 , H04L12/54 , G06F15/16 , G06F15/173 , H04L12/931 , H04L12/933 , H04L12/713 , H04L12/24 , H04L12/935 , H04L12/46 , H04L12/911 , G06F11/07
CPC分类号: H04L41/0893 , G06F11/07 , G06F15/17312 , H04L12/4633 , H04L41/0816 , H04L41/0853 , H04L41/0896 , H04L45/00 , H04L45/586 , H04L47/783 , H04L49/00 , H04L49/1546 , H04L49/3063 , H04L49/70 , H04L61/2007 , H04L61/6022
摘要: Some embodiments provide a system that includes a set of network controllers for receiving definitions of first and second logical switching elements. The system includes several managed switching elements. The set of network controllers configure the several managed switching elements to implement the defined first and second logical switching elements. The system includes several network hosts that are each (1) communicatively coupled to one of the several managed switching elements and (2) associated with one of the first and second logical switching elements. Network data communicated between network hosts associated with the first logical switching element are isolated from network data communicated between network hosts associated with the second logical switching element.
摘要翻译: 一些实施例提供一种系统,其包括用于接收第一和第二逻辑交换元件的定义的一组网络控制器。 该系统包括几个托管交换元件。 该组网络控制器配置多个受管交换元件以实现定义的第一和第二逻辑交换元件。 该系统包括几个网络主机,每个网络主机(1)通信地耦合到多个被管理的交换单元中的一个,以及(2)与第一和第二逻辑交换单元之一相关联。 与第一逻辑交换单元相关联的网络主机之间传送的网络数据与与第二逻辑交换单元相关联的网络主机之间传送的网络数据隔离。
-
公开(公告)号:US20130058252A1
公开(公告)日:2013-03-07
申请号:US13219533
申请日:2011-08-26
IPC分类号: H04L12/28
CPC分类号: H04L41/0893 , G06F11/07 , G06F15/17312 , H04L12/4633 , H04L41/0816 , H04L41/0853 , H04L41/0896 , H04L45/00 , H04L45/586 , H04L47/783 , H04L49/00 , H04L49/1546 , H04L49/3063 , H04L49/70 , H04L61/2007 , H04L61/6022
摘要: Some embodiments provide a network architecture that includes several lower level managed switching elements for forwarding network data to several of network hosts. The network architecture includes a set of higher level managed switching elements. The several lower level managed switching elements and the set of higher level managed switching elements implement several logical datapath sets. Communication channels are established among the several lower level managed switching elements and the set of higher level managed switching elements based on a mesh topology.
摘要翻译: 一些实施例提供了一种网络架构,其包括用于将网络数据转发到多个网络主机的多个下级管理交换单元。 网络架构包括一组更高级别的托管交换元件。 几个较低级别的管理交换元件和一组较高级别的受管交换元件实现了几个逻辑数据路径集。 在几个较低级别的管理交换元件和基于网格拓扑的一组较高级别的被管理交换元件之间建立通信信道。
-
公开(公告)号:US09692655B2
公开(公告)日:2017-06-27
申请号:US13225553
申请日:2011-09-06
申请人: Teemu Koponen , Keith E. Amidon , Paul S. Ingram , Martin Casado
发明人: Teemu Koponen , Keith E. Amidon , Paul S. Ingram , Martin Casado
IPC分类号: H04L12/28 , H04L12/46 , G06F15/16 , G06F15/173 , H04L12/24 , H04L12/933 , H04L12/713 , H04L12/54 , H04L12/935 , H04L12/911 , H04L12/931 , H04L29/12 , G06F11/07
CPC分类号: H04L41/0893 , G06F11/07 , G06F15/17312 , H04L12/4633 , H04L41/0816 , H04L41/0853 , H04L41/0896 , H04L45/00 , H04L45/586 , H04L47/783 , H04L49/00 , H04L49/1546 , H04L49/3063 , H04L49/70 , H04L61/2007 , H04L61/6022
摘要: Some embodiments provide a managed network for implementing a logical switching element. The managed network includes several managed edge switching elements that are each for (1) receiving packets for forwarding through the logical switching element and (2) forwarding packets that are known to the managed edge switching element to other managed edge switching elements in the several managed edge switching elements. The managed network includes a set of managed non-edge switching elements for (1) receiving packets from the several managed edge switching elements that are unknown to a particular managed edge switching element in the several managed edge switching elements and (2) forwarding packets to the several managed edge switching elements that are unknown to the several managed edge switching elements.
-
10.发明申请公开(公告)号:US20130058334A1
公开(公告)日:2013-03-07
申请号:US13225553
申请日:2011-09-06
申请人: Teemu Koponen , Keith E. Amidon , Paul S. Ingram , Martin Casado
发明人: Teemu Koponen , Keith E. Amidon , Paul S. Ingram , Martin Casado
IPC分类号: H04L12/56
CPC分类号: H04L41/0893 , G06F11/07 , G06F15/17312 , H04L12/4633 , H04L41/0816 , H04L41/0853 , H04L41/0896 , H04L45/00 , H04L45/586 , H04L47/783 , H04L49/00 , H04L49/1546 , H04L49/3063 , H04L49/70 , H04L61/2007 , H04L61/6022
摘要: Some embodiments provide a managed network for implementing a logical switching element. The managed network includes several managed edge switching elements that are each for (1) receiving packets for forwarding through the logical switching element and (2) forwarding packets that are known to the managed edge switching element to other managed edge switching elements in the several managed edge switching elements. The managed network includes a set of managed non-edge switching elements for (1) receiving packets from the several managed edge switching elements that are unknown to a particular managed edge switching element in the several managed edge switching elements and (2) forwarding packets to the several managed edge switching elements that are unknown to the several managed edge switching elements.
摘要翻译: 一些实施例提供用于实现逻辑交换元件的受管网络。 管理网络包括几个管理边缘交换元件,每个管理边缘交换元件分别用于(1)接收用于通过逻辑交换元件转发的分组;以及(2)将被管理边缘交换元件已知的分组转发到多个管理的其他管理边缘交换元件 边缘开关元件。 管理网络包括一组管理的非边缘交换元件,用于(1)从几个管理边缘交换元件中的特定管理边缘交换元件未知的几个管理边缘交换元件接收分组,以及(2)将分组转发到 几个管理边缘交换元件对于几个管理边缘交换元件是未知的。
-
-
-
-
-
-
-
-
-
搜索结果
23 条记录 (耗时 0.045 秒)
