-
公开(公告)号:US10268656B1
公开(公告)日:2019-04-23
申请号:US13111131
申请日:2011-05-19
申请人: Yonghui Cheng , Siu-Wang Leung , Wilson Xu , Liang Li
发明人: Yonghui Cheng , Siu-Wang Leung , Wilson Xu , Liang Li
IPC分类号: G06F17/30 , G06F16/957
摘要: Enforcing a policy based at least in part on URL information is disclosed. A uniform resource locator (URL) is received. A portion of the URL, or a transformation thereof, is matched against a bloom filter. Based on a result of the match, a first query is performed. A policy is enforced based at least in part on a category received as a result of a second query. In some cases, the first and second query are the same.
-
公开(公告)号:US07769851B1
公开(公告)日:2010-08-03
申请号:US11044619
申请日:2005-01-27
申请人: Kowsik Guruswamy , Siu-Wang Leung
发明人: Kowsik Guruswamy , Siu-Wang Leung
IPC分类号: G06F15/173
CPC分类号: G06F15/173 , G06F21/568 , H04L63/0245 , H04L63/14 , H04L63/1425
摘要: An intrusion detection and prevention (IDP) device includes a flow analysis module, an analysis engine, a plurality of protocol-specific decoders and a profiler. The flow analysis module processes packet flows in a network to identify network elements associated with the packet flows. The analysis engine forms application-layer communications from the packet flows. The plurality of protocol-specific decoders processes the application-layer communications to generate application-layer elements. The profiler correlates the application-layer elements of the application-layer communications with the network elements of the packet flows of the computer network.
摘要翻译: 入侵检测和预防(IDP)设备包括流分析模块,分析引擎,多个协议特定解码器和分析器。 流分析模块处理网络中的分组流以识别与分组流相关联的网络元素。 分析引擎从分组流中形成应用层通信。 多个协议特定解码器处理应用层通信以生成应用层元素。 分析器将应用层通信的应用层元素与计算机网络的分组流的网络元素相关联。
-
公开(公告)号:US08009566B2
公开(公告)日:2011-08-30
申请号:US11475393
申请日:2006-06-26
申请人: Nir Zuk , Song Wang , Siu-Wang Leung , Fengmin Gong
发明人: Nir Zuk , Song Wang , Siu-Wang Leung , Fengmin Gong
IPC分类号: G06F15/16
CPC分类号: H04L63/0227 , H04L63/1416
摘要: Methods and apparatuses are described for inspecting data packets in a computer network. One or more data packets through the network have associated header data and content. One method includes receiving a data packet, examining the data packet to classify the data packet including classifying the data packet using information included in the header and content, determining flow instructions for processing the packet based on both the header information and the content and processing of the packet using the flow instructions.
摘要翻译: 描述了用于检查计算机网络中的数据分组的方法和装置。 通过网络的一个或多个数据包具有相关联的头部数据和内容。 一种方法包括接收数据分组,检查数据分组以对数据分组进行分类,包括使用包括在报头和内容中的信息对数据分组进行分类,确定基于报头信息和内容的处理分组的流指令,以及处理 该包使用流程指令。
-
公开(公告)号:US08565093B2
公开(公告)日:2013-10-22
申请号:US13193239
申请日:2011-07-28
申请人: Nir Zuk , Song Wang , Siu-Wang Leung , Fengmin Gong
发明人: Nir Zuk , Song Wang , Siu-Wang Leung , Fengmin Gong
IPC分类号: G06F15/16
CPC分类号: H04L63/0227 , H04L63/1416
摘要: Methods and apparatuses are described for inspecting data packets in a computer network. One or more data packets through the network have associated header data and content. One method includes receiving a data packet, examining the data packet to classify the data packet including classifying the data packet using information included in the header and content, determining flow instructions for processing the packet based on both the header information and the content and processing of the packet using the flow instructions.
-
公开(公告)号:US20120026881A1
公开(公告)日:2012-02-02
申请号:US13193239
申请日:2011-07-28
申请人: Nir Zuk , Song Wang , Siu-Wang Leung , Fengmin Gong
发明人: Nir Zuk , Song Wang , Siu-Wang Leung , Fengmin Gong
IPC分类号: G06F15/16
CPC分类号: H04L63/0227 , H04L63/1416
摘要: Methods and apparatuses are described for inspecting data packets in a computer network. One or more data packets through the network have associated header data and content. One method includes receiving a data packet, examining the data packet to classify the data packet including classifying the data packet using information included in the header and content, determining flow instructions for processing the packet based on both the header information and the content and processing of the packet using the flow instructions.
摘要翻译: 描述了用于检查计算机网络中的数据分组的方法和装置。 通过网络的一个或多个数据包具有相关联的头部数据和内容。 一种方法包括接收数据分组,检查数据分组以对数据分组进行分类,包括使用包括在报头和内容中的信息对数据分组进行分类,确定基于报头信息和内容的处理分组的流指令,以及处理 该包使用流程指令。
-
公开(公告)号:US20070297333A1
公开(公告)日:2007-12-27
申请号:US11475393
申请日:2006-06-26
申请人: Nir Zuk , Song Wang , Siu-Wang Leung , Fengmin Gong
发明人: Nir Zuk , Song Wang , Siu-Wang Leung , Fengmin Gong
CPC分类号: H04L63/0227 , H04L63/1416
摘要: Methods and apparatuses are described for inspecting data packets in a computer network. One or more data packets through the network have associated header data and content. One method includes receiving a data packet, examining the data packet to classify the data packet including classifying the data packet using information included in the header and content, determining flow instructions for processing the packet based on both the header information and the content and processing of the packet using the flow instructions.
摘要翻译: 描述了用于检查计算机网络中的数据分组的方法和装置。 通过网络的一个或多个数据包具有相关联的头部数据和内容。 一种方法包括接收数据分组,检查数据分组以对数据分组进行分类,包括使用包括在报头和内容中的信息对数据分组进行分类,确定基于报头信息和内容的处理分组的流指令,以及处理 该包使用流程指令。
-
公开(公告)号:US08973088B1
公开(公告)日:2015-03-03
申请号:US13115022
申请日:2011-05-24
申请人: Siu-Wang Leung , Song Wang , Yueh-Zen Chen
发明人: Siu-Wang Leung , Song Wang , Yueh-Zen Chen
CPC分类号: H04L63/20 , H04L63/00 , H04L63/02 , H04L63/0272 , H04L63/102 , H04L63/1408 , H04L63/1433
摘要: Embodiments of the present application relate to a method for policy enforcement, a system for policy enforcement, and a computer program product for policy enforcement. A method for policy enforcement is provided. The method includes receiving a host information profile report from a client device, and enforcing a security policy for network access based on the host information profile report. The host information profile report includes device profile information associated with the client device.
摘要翻译: 本申请的实施例涉及用于策略实施的方法,用于策略实施的系统以及用于策略执行的计算机程序产品。 提供了一种执行策略的方法。 该方法包括从客户端设备接收主机信息配置文件报告,并且基于主机信息配置文件报告来执行用于网络接入的安全策略。 主机信息简档报告包括与客户端设备相关联的设备配置文件信息。
-
公开(公告)号:US08209756B1
公开(公告)日:2012-06-26
申请号:US11045572
申请日:2005-01-27
申请人: Kowsik Guruswamy , Siu-Wang Leung
发明人: Kowsik Guruswamy , Siu-Wang Leung
CPC分类号: H04L63/0254 , H04L63/0263 , H04L63/12 , H04L63/1416 , H04L63/1441 , H04L63/1466
摘要: An intrusion detection and prevention (IDP) device includes an attack detection module and a forwarding component. The attack detection module applies a compound attack definition to a packet flow of a computer network to determine whether the packet flow includes at least one pattern and at least one protocol anomaly. The forwarding component selectively discards the packet flow based on the determination. The IDP device may further include a reassembly module to form application-layer communications from the packet flows, and a plurality of protocol-specific decoders to process the application-layer communications to extract application-layer elements and detect protocol anomalies.
摘要翻译: 入侵检测和预防(IDP)设备包括攻击检测模块和转发组件。 攻击检测模块将复合攻击定义应用于计算机网络的分组流,以确定分组流是否包括至少一个模式和至少一个协议异常。 转发组件基于确定选择性地丢弃分组流。 IDP设备还可以包括重新组装模块以从分组流形成应用层通信,以及多个协议特定解码器来处理应用层通信以提取应用层元素并检测协议异常。
-
-
-
-
-
-
-
搜索结果
8 条记录 (耗时 0.021 秒)
