-
1.发明授权公开(公告)号:US09332020B2
公开(公告)日:2016-05-03
申请号:US13442857
申请日:2012-04-10
申请人: Scott Thomas , David G Jones , Alisdair Faulkner
发明人: Scott Thomas , David G Jones , Alisdair Faulkner
IPC分类号: G06F15/173 , H04L29/06
CPC分类号: H04L63/1425 , H04L43/10 , H04L63/0281 , H04L63/1408 , H04L2463/121 , H04L2463/144
摘要: A method for tracking machines on a network of computers includes determining one or more assertions to be monitored by a first web site which is coupled to a network of computers. The method monitors traffic flowing to the web site through the network of computers and identifies the one or more assertions from the traffic coupled to the network of computers to determine a malicious host coupled to the network of computers. The method includes associating a first IP address and first hardware finger print to the assertions of the malicious host and storing information associated with the malicious host in one or more memories of a database. The method also includes identifying an unknown host from a second web site, determining a second IP address and second hardware finger print with the unknown host, and determining if the unknown host is the malicious host.
摘要翻译: 用于在计算机网络上跟踪机器的方法包括确定要由耦合到计算机网络的第一网站监视的一个或多个断言。 该方法监视通过计算机网络流向网站的流量,并从耦合到计算机网络的流量中识别一个或多个断言,以确定耦合到计算机网络的恶意主机。 该方法包括将第一IP地址和第一硬件指纹关联到恶意主机的断言,并将与恶意主机相关联的信息存储在数据库的一个或多个存储器中。 该方法还包括从第二网站识别未知主机,使用未知主机确定第二IP地址和第二硬件指纹,以及确定未知主机是否是恶意主机。
-
2.发明授权公开(公告)号:US08176178B2
公开(公告)日:2012-05-08
申请号:US12022022
申请日:2008-01-29
申请人: Scott Thomas , David G. Jones , Alisdair Faulkner
发明人: Scott Thomas , David G. Jones , Alisdair Faulkner
IPC分类号: G06F15/173
CPC分类号: H04L63/1425 , H04L43/10 , H04L63/0281 , H04L63/1408 , H04L2463/121 , H04L2463/144
摘要: A method for tracking machines on a network of computers. The method includes determining one or more assertions to be monitored by a first web site which is coupled to a network of computers. The method monitors traffic flowing to the web site through the network of computers and identifies the one or more assertions from the traffic coupled to the network of computers to determine a malicious host coupled to the network of computers. The method includes associating a first IP address and first hardware finger print to the assertions of the malicious host and storing information associated with the malicious host in one or more memories of a database. The method also includes identifying an unknown host from a second web site, determining a second IP address and second hardware finger print with the unknown host, and determining if the unknown host is the malicious host.
摘要翻译: 一种在计算机网络上跟踪机器的方法。 该方法包括确定要由耦合到计算机网络的第一网站监视的一个或多个断言。 该方法监视通过计算机网络流向网站的流量,并从耦合到计算机网络的流量中识别一个或多个断言,以确定耦合到计算机网络的恶意主机。 该方法包括将第一IP地址和第一硬件指纹关联到恶意主机的断言,并将与恶意主机相关联的信息存储在数据库的一个或多个存储器中。 该方法还包括从第二网站识别未知主机,使用未知主机确定第二IP地址和第二硬件指纹,以及确定未知主机是否是恶意主机。
-
3.发明申请公开(公告)号:US20080244744A1
公开(公告)日:2008-10-02
申请号:US12022022
申请日:2008-01-29
申请人: SCOTT THOMAS , David G. Jones , Alisdair Faulkner
发明人: SCOTT THOMAS , David G. Jones , Alisdair Faulkner
IPC分类号: G06F21/00
CPC分类号: H04L63/1425 , H04L43/10 , H04L63/0281 , H04L63/1408 , H04L2463/121 , H04L2463/144
摘要: A method for tracking machines on a network of computers. The method includes determining one or more assertions to be monitored by a first web site which is coupled to a network of computers. The method monitors traffic flowing to the web site through the network of computers and identifies the one or more assertions from the traffic coupled to the network of computers to determine a malicious host coupled to the network of computers. The method includes associating a first IP address and first hardware finger print to the assertions of the malicious host and storing information associated with the malicious host in one or more memories of a database. The method also includes identifying an unknown host from a second web site, determining a second IP address and second hardware finger print with the unknown host, and determining if the unknown host is the malicious host.
摘要翻译: 一种在计算机网络上跟踪机器的方法。 该方法包括确定要由耦合到计算机网络的第一网站监视的一个或多个断言。 该方法监视通过计算机网络流向网站的流量,并从耦合到计算机网络的流量中识别一个或多个断言,以确定耦合到计算机网络的恶意主机。 该方法包括将第一IP地址和第一硬件指纹关联到恶意主机的断言,并将与恶意主机相关联的信息存储在数据库的一个或多个存储器中。 该方法还包括从第二网站识别未知主机,使用未知主机确定第二IP地址和第二硬件指纹,以及确定未知主机是否是恶意主机。
-
4.发明授权Method and system for uniquely identifying a user computer in real time for security violations using a plurality of processing parameters and servers 有权用于使用多个处理参数和服务器实时地对用户计算机进行安全违规的方法和系统公开(公告)号:US09444839B1
公开(公告)日:2016-09-13
申请号:US12196256
申请日:2008-08-21
申请人: Alisdair Faulkner , Colin Goldie , David Jones
发明人: Alisdair Faulkner , Colin Goldie , David Jones
CPC分类号: H04L63/1425 , H04L43/08 , H04L63/0876 , H04L63/1466 , H04L63/168 , H04L67/02 , H04L67/146
摘要: A method is provided for identifying a compromised client device from a masquerading device. The method includes capturing a plurality of attributes from a network device connecting to a web service. In a specific embodiment, each of the attributes represents a parameter, and the plurality of parameters uniquely identifying the network device from a plurality of other networks devices. The method maintains the network device substantially free from any software programs associated with the capturing of the plurality of attributes. That is, in a specific embodiment, the method does not rely on installing executable code in the network device to capture the attributes. Based on information associated with the attributes, the method can determine if the network device is compromised.
摘要翻译: 提供了一种用于从伪装设备识别受损客户端设备的方法。 该方法包括从连接到web服务的网络设备捕获多个属性。 在具体实施例中,每个属性表示参数,并且多个参数从多个其他网络设备唯一地标识网络设备。 该方法维护网络设备基本上没有与捕获多个属性相关联的任何软件程序。 也就是说,在具体实施例中,该方法不依赖于在网络设备中安装可执行代码来捕获属性。 基于与属性相关联的信息,该方法可以确定网络设备是否受到损害。
-
公开(公告)号:US20050100000A1
公开(公告)日:2005-05-12
申请号:US10777788
申请日:2004-02-11
申请人: Alisdair Faulkner , Steve Woodberry , Alan Noble
发明人: Alisdair Faulkner , Steve Woodberry , Alan Noble
CPC分类号: H04L47/10 , H04L47/15 , H04L47/20 , H04L47/2408 , H04L47/2475 , H04L47/70 , H04L47/801 , H04L47/803
摘要: A method for shaping packet switched data traffic between a terminal device of a type including an operating system adapted to execute a plurality of applications and a network resource. The method includes selecting of an allocation policy to allocate access to the network resource between one or more primary applications and other applications and selecting characteristics associated with a primary application. The method examines interactions between one or more applications and the operating system to identify which of a plurality of applications is the primary application and classifies data packets according to their association with the primary application. A step of allocating access to the network resource in accordance with the policy is included.
摘要翻译: 一种用于在包括适于执行多个应用的操作系统的类型的终端设备和网络资源之间对分组交换数据业务进行整形的方法。 该方法包括选择分配策略以分配对一个或多个主应用和其他应用之间的网络资源的访问,并选择与主应用相关联的特征。 该方法检查一个或多个应用程序与操作系统之间的交互以识别多个应用程序中的哪一个是主应用程序,并根据其与主应用程序的关联对数据分组进行分类。 包括根据策略分配对网络资源的访问的步骤。
-
-
-
-
搜索结果
5 条记录 (耗时 0.018 秒)
