-
1.
公开(公告)号:US07707633B2
公开(公告)日:2010-04-27
申请号:US11871188
申请日:2007-10-12
申请人: Robert William Danford , Kenneth M. Farmer , Clark Debs Jeffries , Robert B. Sisk , Michael A. Walter
发明人: Robert William Danford , Kenneth M. Farmer , Clark Debs Jeffries , Robert B. Sisk , Michael A. Walter
CPC分类号: H04L63/1458
摘要: A method of progressive response for invoking and suspending blocking measures that defend against network anomalies such as malicious network traffic so that false positives and false negatives are minimized. When an anomaly is detected, the detector notifies protective equipment such as a firewall or a router to invoke a blocking measure. The blocking measure is maintained for an initial duration, after which it is suspended while another test for the anomaly is made. If the anomaly is no longer evident, the method returns to the state of readiness. Otherwise, a loop is executed to re-apply the blocking measure for a specified duration, then suspend the blocking measure and test again for the anomaly. If the anomaly is detected, the blocking measure is re-applied, and its duration is adapted. If the anomaly is no longer detected, the method returns to the state of readiness.
摘要翻译: 一种逐步响应的方法,用于调用和中止阻止网络异常(如恶意网络流量)的阻塞措施,从而最大限度地减少误报和假阴性。 当检测到异常时,检测器通知防火墙或路由器等防护设备调用阻塞措施。 阻塞措施保持初始持续时间,之后暂停,并进行另一次异常测试。 如果异常不再明显,则返回到准备状态。 否则,执行一个循环以在指定的持续时间内重新应用阻塞度量,然后暂停阻塞度量并再次测试异常。 如果检测到异常,则重新应用阻塞措施,并适应其持续时间。 如果不再检测到异常,则该方法返回到准备状态。
-
2.
公开(公告)号:US07308716B2
公开(公告)日:2007-12-11
申请号:US10442008
申请日:2003-05-20
申请人: Robert William Danford , Kenneth M. Farmer , Clark Debs Jeffries , Robert B. Sisk , Michael A. Walter
发明人: Robert William Danford , Kenneth M. Farmer , Clark Debs Jeffries , Robert B. Sisk , Michael A. Walter
CPC分类号: H04L63/1458
摘要: A method of progressive response for invoking and suspending blocking measures that defend against network anomalies such as malicious network traffic so that false positives and false negatives are minimized. When an anomaly is detected, the detector notifies protective equipment such as a firewall or a router to invoke a blocking measure. The blocking measure is maintained for an initial duration, after which it is suspended while another test for the anomaly is made. If the anomaly is no longer evident, the method returns to the state of readiness. Otherwise, a loop is executed to re-applying the blocking measure for a specified duration, then suspend the blocking measure and test again for the anomaly. If the anomaly is detected, the blocking measure is re-applied, and its duration is adapted. If the anomaly is no longer detected, the method returns to the state of readiness.
摘要翻译: 一种逐步响应的方法,用于调用和中止阻止网络异常(如恶意网络流量)的阻塞措施,从而最大限度地减少误报和假阴性。 当检测到异常时,检测器通知防火墙或路由器等防护设备调用阻塞措施。 阻塞措施保持初始持续时间,之后暂停,并进行另一次异常测试。 如果异常不再明显,则返回到准备状态。 否则,执行一个循环以在特定持续时间内重新应用阻塞度量,然后暂停阻塞度量并再次测试异常。 如果检测到异常,则重新应用阻塞措施,并适应其持续时间。 如果不再检测到异常,则该方法返回到准备状态。
-
公开(公告)号:US07523496B2
公开(公告)日:2009-04-21
申请号:US09919248
申请日:2001-07-31
摘要: A method for enabling the recipient of electronic mail (e-mail) to authenticate the originator of the e-mail without opening the e-mail, so that e-mail that carries a computer virus which activates upon opening the e-mail may be rejected. The originator and the recipient agree beforehand on a privately held authentication code, which is carried in an open field of the e-mail, i.e., carried in a field that is visible to an agent of the recipient without opening the e-mail.
摘要翻译: 一种使电子邮件(电子邮件)收件人能够不打开电子邮件来认证电子邮件的发起者的方法,使得携带打开电子邮件时激活的计算机病毒的电子邮件可以是 拒绝。 发起人和收件人事先约定私人持有的认证码,该认证码在电子邮件的公开字段中携带,即携带在对接收者的代理人可见的字段中,而不打开电子邮件。
-
-