公开(公告)号：US20130125235A1

公开(公告)日：2013-05-16

申请号：US13295553

申请日：2011-11-14

申请人： Ravichander Vaidyanathan ,  Abhrajit Ghosh ,  Aditya Naidu ,  Akira Yamada ,  Ayumu Kubota ,  Yukiko Sawaya ,  Yutaka Miyake

发明人： Ravichander Vaidyanathan ,  Abhrajit Ghosh ,  Aditya Naidu ,  Akira Yamada ,  Ayumu Kubota ,  Yukiko Sawaya ,  Yutaka Miyake

IPC分类号： G06F21/20

CPC分类号： G06F21/00 ,  H04L63/1466

摘要： A method, an apparatus and a program for detecting spoofed Internet Protocol (IP) traffic directed to a network having a plurality of autonomous systems (AS) is provided. The method comprises receiving an incoming packet through an AS, the incoming packet containing a source IP address and a destination IP address, acquiring a corresponding source and destination IP address prefixes, converting the corresponding source and destination IP address prefixes into a source AS number and a destination AS number, determining if the incoming packet arrived from an unexpected source based upon the corresponding destination IP address prefix and the converted source and destination AS number using an unexpected pair tuple table generated from network routing information and generating an alert indicating that the incoming packet is not allowed to enter the network.

摘要翻译： 提供了一种用于检测针对具有多个自治系统（AS）的网络的欺骗性因特网协议（IP）流量的方法，装置和程序。 该方法包括：通过AS接收输入的分组，该分组包含源IP地址和目的IP地址，获取相应的源和目的IP地址前缀，将相应的源和目的IP地址前缀转换为源AS号， 目的AS号码，根据网络路由信息生成表示基于相应的目的地IP地址前缀和转换后的源和目的地AS号码，确定传入分组是否从意外的源到达，并产生一个警报， 数据包不允许进入网络。

公开(公告)号：US08938804B2

公开(公告)日：2015-01-20

申请号：US13547305

申请日：2012-07-12

申请人： Ravichander Vaidyanathan ,  Abhrajit Ghosh ,  Akira Yamada ,  Yukiko Sawaya ,  Ayumu Kubota

发明人： Ravichander Vaidyanathan ,  Abhrajit Ghosh ,  Akira Yamada ,  Yukiko Sawaya ,  Ayumu Kubota

IPC分类号： H04L29/06

CPC分类号： H04L63/1425 ,  H04L63/1483

摘要： An inventive system and method for creating source profiles to detect spoofed traffic comprises obtaining a routing path for data to traverse nodes using traffic profiles, each routing path comprising at least a target AS, initializing one or more AS sets with last hop ASes, enhancing the AS sets by connecting the AS sets to routers, for each enhanced AS set, filtering observed traffic flows, and using the filtered flows to associate enhanced AS sets with network monitoring points to create the source profiles. In one aspect, filtering flows comprise TCP session filtering and/or destination bogon filtering. In one aspect, the routers are border gateway protocol routers. In one aspect, the last hop ASes are one hop away from the target AS.

摘要翻译： 用于创建源简档以检测欺骗性业务的创新系统和方法包括获得用于使用业务简档遍历节点的数据的路由路径，每个路由路径至少包括目标AS，用最后一跳ASS初始化一个或多个AS集， AS集合通过将AS集合连接到路由器，针对每个增强型AS集，过滤观察到的业务流，以及使用过滤的流将增强型AS集与网络监控点相关联以创建源简档。 在一个方面，过滤流包括TCP会话过滤和/或目的地bogon过滤。 一方面，路由器是边界网关协议路由器。 一方面，最后一跳ASs距目标AS一跳。

公开(公告)号：US08925079B2

公开(公告)日：2014-12-30

申请号：US13295553

申请日：2011-11-14

申请人： Ravichander Vaidyanathan ,  Abhrajit Ghosh ,  Aditya Naidu ,  Akira Yamada ,  Ayumu Kubota ,  Yukiko Sawaya ,  Yutaka Miyake

发明人： Ravichander Vaidyanathan ,  Abhrajit Ghosh ,  Aditya Naidu ,  Akira Yamada ,  Ayumu Kubota ,  Yukiko Sawaya ,  Yutaka Miyake

IPC分类号： G06F11/00 ,  G06F12/14 ,  G06F12/16 ,  G08B23/00 ,  G06F15/173

CPC分类号： G06F21/00 ,  H04L63/1466

摘要： A method, an apparatus and a program for detecting spoofed Internet Protocol (IP) traffic directed to a network having a plurality of autonomous systems (AS) is provided. The method comprises receiving an incoming packet through an AS, the incoming packet containing a source IP address and a destination IP address, acquiring a corresponding source and destination IP address prefixes, converting the corresponding source and destination IP address prefixes into a source AS number and a destination AS number, determining if the incoming packet arrived from an unexpected source based upon the corresponding destination IP address prefix and the converted source and destination AS number using an unexpected pair tuple table generated from network routing information and generating an alert indicating that the incoming packet is not allowed to enter the network.

摘要翻译： 提供了一种用于检测针对具有多个自治系统（AS）的网络的欺骗性因特网协议（IP）流量的方法，装置和程序。 该方法包括：通过AS接收输入的分组，该分组包含源IP地址和目的IP地址，获取相应的源和目的IP地址前缀，将相应的源和目的IP地址前缀转换为源AS号， 目的AS号码，根据网络路由信息生成表示基于相应的目的地IP地址前缀和转换后的源和目的地AS号码，确定传入分组是否从意外的源到达，并产生一个警报， 数据包不允许进入网络。

公开(公告)号：US20140020099A1

公开(公告)日：2014-01-16

申请号：US13547305

申请日：2012-07-12

申请人： Ravichander Vaidyanathan ,  Abhrajit Ghosh ,  Akira Yamada ,  Yukiko Sawaya ,  Ayumu Kubota

发明人： Ravichander Vaidyanathan ,  Abhrajit Ghosh ,  Akira Yamada ,  Yukiko Sawaya ,  Ayumu Kubota

IPC分类号： H04L29/06

CPC分类号： H04L63/1425 ,  H04L63/1483

摘要： An inventive system and method for creating source profiles to detect spoofed traffic comprises obtaining a routing path for data to traverse nodes using traffic profiles, each routing path comprising at least a target AS, initializing one or more AS sets with last hop ASes, enhancing the AS sets by connecting the AS sets to routers, for each enhanced AS set, filtering observed traffic flows, and using the filtered flows to associate enhanced AS sets with network monitoring points to create the source profiles. In one aspect, filtering flows comprise TCP session filtering and/or destination bogon filtering. In one aspect, the routers are border gateway protocol routers. In one aspect, the last hop ASes are one hop away from the target AS.

摘要翻译： 用于创建源简档以检测欺骗性业务的创新系统和方法包括获得用于使用业务简档遍历节点的数据的路由路径，每个路由路径至少包括目标AS，用最后一跳ASS初始化一个或多个AS集， AS集合通过将AS集合连接到路由器，针对每个增强型AS集，过滤观察到的业务流，以及使用过滤的流将增强型AS集与网络监控点相关联以创建源简档。 在一个方面，过滤流包括TCP会话过滤和/或目的地bogon过滤。 一方面，路由器是边界网关协议路由器。 一方面，最后一跳ASs距目标AS一跳。

公开(公告)号：US20140020066A1

公开(公告)日：2014-01-16

申请号：US13547174

申请日：2012-07-12

申请人： Akshay Vashist ,  Yitzchak M. Gottlieb ,  Abhrajit Ghosh ,  Yukiko Sawaya ,  Ayumu Kubota

发明人： Akshay Vashist ,  Yitzchak M. Gottlieb ,  Abhrajit Ghosh ,  Yukiko Sawaya ,  Ayumu Kubota

IPC分类号： H04L29/06

CPC分类号： H04L63/101 ,  H04L51/12 ,  H04L63/1425

摘要： A system and method for spammer host detection from network flow data profiles comprises constructing one or more cluster profiles and detecting spammer hosts. Construction cluster profiles comprises observing network flow data from one or more hosts; for each host, representing the network flow data associated with the host as a multidimensional vector; clustering the vectors of the hosts into the plurality of cluster profiles; annotating each cluster profile using at least one of black lists and white lists; and calculating a confidence in each cluster profile annotation. Detecting spammer hosts comprises observing the network flow data from a new host; representing the network flow data associated with the new host as a multidimensional vector, and placing the new multidimensional vector of the new host into one cluster profile of the one or more cluster profiles.

摘要翻译： 用于从网络流数据简档发送垃圾邮件主机检测的系统和方法包括构建一个或多个集群简档并检测垃圾邮件发送者主机。 构建集群配置文件包括观察来自一个或多个主机的网络流数据; 对于每个主机，将与主机相关联的网络流数据表示为多维向量; 将主机的向量聚类成多个集群简档; 使用黑名单和白名单中的至少一个来标注每个群集简档; 并计算每个聚类配置文件注释的置信度。 检测垃圾邮件发送者主机包括观察来自新主机的网络流数据; 将与新主机相关联的网络流数据表示为多维向量，以及将新主机的新多维向量放置到一个或多个集群简档的一个集群简档中。

公开(公告)号：US08769677B2

公开(公告)日：2014-07-01

申请号：US13547174

申请日：2012-07-12

申请人： Akshay Vashist ,  Yitzchak M. Gottlieb ,  Abhrajit Ghosh ,  Yukiko Sawaya ,  Ayumu Kubota

发明人： Akshay Vashist ,  Yitzchak M. Gottlieb ,  Abhrajit Ghosh ,  Yukiko Sawaya ,  Ayumu Kubota

IPC分类号： G06F11/00

CPC分类号： H04L63/101 ,  H04L51/12 ,  H04L63/1425

摘要： A system and method for spammer host detection from network flow data profiles comprises constructing one or more cluster profiles and detecting spammer hosts. Construction cluster profiles comprises observing network flow data from one or more hosts; for each host, representing the network flow data associated with the host as a multidimensional vector; clustering the vectors of the hosts into the plurality of cluster profiles; annotating each cluster profile using at least one of black lists and white lists; and calculating a confidence in each cluster profile annotation. Detecting spammer hosts comprises observing the network flow data from a new host; representing the network flow data associated with the new host as a multidimensional vector, and placing the new multidimensional vector of the new host into one cluster profile of the one or more cluster profiles.

摘要翻译： 用于从网络流数据简档发送垃圾邮件主机检测的系统和方法包括构建一个或多个集群简档并检测垃圾邮件发送者主机。 构建集群配置文件包括观察来自一个或多个主机的网络流数据; 对于每个主机，将与主机相关联的网络流数据表示为多维向量; 将主机的向量聚类成多个集群简档; 使用黑名单和白名单中的至少一个来标注每个群集简档; 并计算每个聚类配置文件注释的置信度。 检测垃圾邮件发送者主机包括观察来自新主机的网络流数据; 将与新主机相关联的网络流数据表示为多维向量，以及将新主机的新多维向量放置到一个或多个集群简档的一个集群简档中。

公开(公告)号：US20140077620A1

公开(公告)日：2014-03-20

申请号：US14116936

申请日：2012-02-29

申请人： Hisashi Nobusawa ,  Ayumu Kubota ,  Hiromasa Akaho

发明人： Hisashi Nobusawa ,  Ayumu Kubota ,  Hiromasa Akaho

IPC分类号： H02J7/00

CPC分类号： H02J7/0063 ,  B60R16/03 ,  B60R16/033 ,  Y10T307/74

摘要： A dark current cutoff device (1) includes: a battery (10) configure to perform electrical power supply to a load (20); a cutoff switch (32), which is provided between the battery (10) and the load (20), cuts off the electrical power supply to the load (20) at a time of being opened, and supplies electrical power to the load (20) at a time of being closed; a failure recording unit (21) that determines and records a case where the load (20) does not operate as a failure of the load (20); and an open/close determining unit (41) that determines that the cutoff switch (32) is opened; and a recording prohibiting unit (22) configure to prohibit, in a case where the cutoff switch (32) is determined to be opened by the open/close determining unit (41), the failure recording unit (21) from determining and recording the failure.

摘要翻译： 暗电流切断装置（1）包括：电池（10），被配置为向负载（20）供电; 设置在电池（10）和负载（20）之间的切断开关（32）在打开时切断对负载（20）的电力供给，并向负载（ 20）在关闭时; 故障记录单元（21），其确定和记录所述负载（20）作为所述负载（20）的故障不工作的情况; 以及确定断开开关（32）打开的打开/关闭确定单元（41） 以及记录禁止单元（22），其被配置为在所述断开确定单元（41）确定所述断开开关（32）被打开的情况下禁止所述故障记录单元（21）确定并记录 失败。

公开(公告)号：US09484761B2

公开(公告)日：2016-11-01

申请号：US14116936

申请日：2012-02-29

申请人： Hisashi Nobusawa ,  Ayumu Kubota ,  Hiromasa Akaho

发明人： Hisashi Nobusawa ,  Ayumu Kubota ,  Hiromasa Akaho

IPC分类号： H02J7/00 ,  B60R16/03 ,  B60R16/033

CPC分类号： H02J7/0063 ,  B60R16/03 ,  B60R16/033 ,  Y10T307/74

摘要： A dark current cutoff device (1) includes: a battery (10) configure to perform electrical power supply to a load (20); a cutoff switch (32), which is provided between the battery (10) and the load (20), cuts off the electrical power supply to the load (20) at a time of being opened, and supplies electrical power to the load (20) at a time of being closed; a failure recording unit (21) that determines and records a case where the load (20) does not operate as a failure of the load (20); and an open/close determining unit (41) that determines that the cutoff switch (32) is opened; and a recording prohibiting unit (22) configure to prohibit, in a case where the cutoff switch (32) is determined to be opened by the open/close determining unit (41), the failure recording unit (21) from determining and recording the failure.

摘要翻译： 暗电流切断装置（1）包括：电池（10），被配置为向负载（20）供电; 设置在电池（10）和负载（20）之间的切断开关（32）在打开时切断对负载（20）的电力供给，并向负载（ 20）在关闭时; 故障记录单元（21），其确定和记录所述负载（20）作为所述负载（20）的故障不工作的情况; 以及确定断开开关（32）打开的打开/关闭确定单元（41） 以及记录禁止单元（22），其被配置为在所述断开确定单元（41）确定断开开关（32）被打开的情况下禁止所述故障记录单元（21）确定并记录 失败。

公开(公告)号：US06958897B2

公开(公告)日：2005-10-25

申请号：US10379663

申请日：2003-03-06

申请人： Ayumu Kubota ,  Hironori Saito

发明人： Ayumu Kubota ,  Hironori Saito

IPC分类号： B60Q1/04 ,  H05B37/03 ,  H05B39/04 ,  H02H3/00

CPC分类号： H05B39/04 ,  H05B37/03

摘要： An electrical load drive control apparatus includes: a plurality of drive units, each of which drives one of a plurality of electrical loads; an instruction unit that issues a drive switch instruction to switch drive among the plurality of electrical loads; a detection unit that detects a non-operating state of the plurality of electrical loads; and a control unit that controls the plurality of drive units based upon the drive switch instruction issued by the instruction unit and results of a detection by the detection unit. And the control unit controls the plurality of drive units so as to set all of the plurality of electrical loads in a non-operating state if an instruction to switch drive among the plurality of electrical loads is issued by the instruction unit, and controls the plurality of drive units so as to switch drive to an electrical load selected through the drive switch instruction after verifying that the plurality of electrical loads are all set in a non-operating state based upon the results of the detection by the detection unit.

摘要翻译： 电负载驱动控制装置包括：多个驱动单元，每个驱动单元驱动多个电负载中的一个; 指令单元，其发出用于在多个电负载之间切换驱动的驱动开关指令; 检测单元，其检测所述多个电负载的非工作状态; 以及控制单元，其基于由指示单元发出的驱动开关指令和检测单元的检测结果来控制多个驱动单元。 所述控制单元控制所述多个驱动单元，以便如果由所述指令单元发出所述多个电力负载中的切换驱动指令，则将所述多个电力负载设定为非运行状态，并且控制所述多个 的驱动单元，以便根据检测单元的检测结果，验证多个电负载全部设置在不工作状态之后，将驱动切换到通过驱动开关指令选择的电负载。

公开(公告)号：US06614194B2

公开(公告)日：2003-09-02

申请号：US10036481

申请日：2002-01-07

申请人： Toshimi Kobayashi ,  Akihiro Koike ,  Hironori Saito ,  Ayumu Kubota

发明人： Toshimi Kobayashi ,  Akihiro Koike ,  Hironori Saito ,  Ayumu Kubota

IPC分类号： H02P768

CPC分类号： H02P5/68

摘要： Two motor fans are driven by two 4-pole direct current motors, respectively. Rotational speed of the two motors is controlled in three stages, namely low speed, intermediate speed and high speed. Specifically, at the time of low speed operation the two motors are connected in series with four poles, at the time of intermediate speed operation the two motors are connected in parallel with three poles, and at the time of high speed operation the two motors are connected in parallel with four poles.