公开(公告)号：US20190149517A1

公开(公告)日：2019-05-16

申请号：US16249116

申请日：2019-01-16

申请人： PANASONIC AVIONICS CORPORATION

发明人： JAMES A. HAAK ,  KWOK LIANG POO

IPC分类号： H04L29/06 ,  H04L29/08 ,  G06F21/30 ,  H04B7/185

CPC分类号： H04L63/0254 ,  G06F21/30 ,  H04B7/18506 ,  H04L63/029 ,  H04L63/04 ,  H04L63/08 ,  H04L63/107 ,  H04L63/18 ,  H04L67/24

摘要： A system for dynamically implementing exceptions in an onboard network firewall has a client application interface receptive to a data link request from a client device. An onboard connectivity manager includes a firewall interface connected to the onboard network firewall to request the exceptions in response to a connection authorization, and a client presence manager receptive to the data link request relayed by the client application interface from the client device. A presence state for the client devices is activated and maintained following the data link request. A remote connectivity manager is connected to a remote application service and is in communication with the onboard connectivity manager. The remote connectivity manager generates a connection authorization based upon an evaluation of the presence state for the client device against the conditions set by the remote application service.

公开(公告)号：US10079835B1

公开(公告)日：2018-09-18

申请号：US14868344

申请日：2015-09-28

申请人： Symantec Corporation

发明人： Dhananjay Dodke ,  Sumesh Jaiswal ,  Amit Dhotre ,  Vipul Goel

IPC分类号： H04L29/06 ,  G06F21/10

CPC分类号： H04L63/0254 ,  G06F21/10 ,  G06F21/6245 ,  H04L29/06578 ,  H04L63/0245 ,  H04L63/1416 ,  H04L63/20

摘要： A computer-implemented method for data loss prevention of unidentifiable and unsupported object types may include (1) monitoring, through at least one filter, data input to an application during execution, (2) scanning, through a data loss prevention scanner, the data input to the application to detect whether the data includes sensitive data that is protected by a data loss prevention policy, (3) flagging, based on the scanning, the application as having accessed the sensitive data that is protected by the data loss prevention policy, (4) detecting that the application is requesting to output a data object in a format that obscures underlying content, and (5) performing, by a data loss prevention program, a remedial action to prevent loss of the sensitive data based on both flagging the application and detecting that the application is requesting to output the data object in the format that obscures underlying content.

公开(公告)号：US10079805B2

公开(公告)日：2018-09-18

申请号：US15181123

申请日：2016-06-13

申请人： FUJITSU LIMITED

发明人： David D. Jameson ,  Russell DeMolay

IPC分类号： G06F9/00 ,  H04L29/06

CPC分类号： H04L63/0236 ,  H04L45/02 ,  H04L45/64 ,  H04L63/0254 ,  H04L2463/121

摘要： Methods and systems for managing authorized data flows using software defined networking include receiving flow criteria sent from a firewall and extracted from a first data packet, determining whether flow criteria of the first data packet matches an entry in a master data flow list, inserting the flow criteria from the first data packet into the master data flow list on a software defined networking controller, and sending the flow criteria of the first data packet to the router. The router may forward a second data packet associated with the data flow toward a destination based on the validation of the first data packet by the firewall. The flow criteria may not match an entry in a router data flow list on the router and may include at least two of: a source IP address, a destination IP address, a destination port, and a protocol of transmission.

公开(公告)号：US20180260570A1

公开(公告)日：2018-09-13

申请号：US15863414

申请日：2018-01-05

申请人： Intel Corporation

发明人： Kapil Sood ,  Jesse Walker

IPC分类号： G06F21/57 ,  G06F9/455 ,  H04L29/06 ,  G06F9/4401 ,  H04L9/14 ,  H04L9/30 ,  H04L9/32 ,  G06F21/53

CPC分类号： G06F21/575 ,  G06F9/4416 ,  G06F9/45533 ,  G06F9/45558 ,  G06F21/10 ,  G06F21/53 ,  G06F2009/45587 ,  G06F2009/45595 ,  G06F2221/034 ,  H04L9/14 ,  H04L9/30 ,  H04L9/3247 ,  H04L63/0209 ,  H04L63/0227 ,  H04L63/0254 ,  H04L63/06 ,  H04L63/08 ,  H04L63/101 ,  H04L63/1408 ,  H04L63/1441 ,  H04L63/20 ,  H04L63/205

摘要： Technologies for bootstrapping virtual network functions in a network functions virtualization (NFV) network architecture include a virtual network function (VNF) bootstrap service (VBS) in secure network communication with a VBS agent of a VNF instance. The VBS agent is configured to execute a secure VNF bootstrap capture protocol in the NFV network architecture. Accordingly, the VBS agent can be configured to register with the VBS via secure communications transmitted between the VBS and the VBS agent. The secure communications include transmitting a security quote from a TEE of a platform on which the VNF instance is instantiated and a security credential request to the VBS, as well as receiving a security credential in response to validating the security quote and the security credential request. Other embodiments are described and claimed.

公开(公告)号：US20180159870A1

公开(公告)日：2018-06-07

申请号：US15578760

申请日：2016-06-28

申请人： Panasonic Intellectual Property Management Co., Ltd.

发明人： MASATO TANABE ,  JUN ANZAI ,  YOSHIHIKO KITAMURA ,  SEIJI SAKAKI ,  YOSHIHIRO UJIIE ,  HIDEKI MATSUSHIMA

IPC分类号： H04L29/06 ,  H04L12/40

CPC分类号： H04L63/1416 ,  H04L12/40 ,  H04L12/40013 ,  H04L63/0254 ,  H04L63/0263 ,  H04L63/1441 ,  H04L2012/40215 ,  H04L2012/40273 ,  H04W4/48

摘要： A communication device includes: a communication section that transmits and receives a message in a network; an acquisition unit that acquires state information on a state of an object for which the network is provided; an estimation unit that estimates the state of the object based on the state information acquired in the acquisition unit; a setting unit that sets a filtering rule based on the state estimated in the estimation unit; and a filter unit that executes filtering processing for the message in accordance with the filtering rule set in the setting unit.

公开(公告)号：US09992165B2

公开(公告)日：2018-06-05

申请号：US15704304

申请日：2017-09-14

申请人： Fortinet, Inc.

发明人： Steven Michael Fossen ,  Alexander Douglas MacDonald

IPC分类号： G06F21/56 ,  H04L29/06 ,  H04L12/58

CPC分类号： H04L63/0254 ,  G06F21/562 ,  G06F2221/2115 ,  H04L51/046 ,  H04L51/08 ,  H04L51/22 ,  H04L63/02 ,  H04L63/0281 ,  H04L63/0823 ,  H04L63/105 ,  H04L63/1416 ,  H04L63/145

摘要： Methods and systems for detecting undesirable computer files based on scanning and analysis of information contained within an associated digital certificate chain are provided. According to one embodiment, a file having associated therewith a certificate chain is received. A type and structure of the file are identified. A location of the certificate chain is determined based on the identified type and structure. A signature of the file is formed by extracting a targeted subset of information from the certificate chain. The file is evaluated by comparing the signature with a set signatures having a known desirable or undesirable status. The file is classified based on a result of the evaluating into a category of multiple categories, including one indicative of an associated file being an undesired file or a file suspected of being undesired. The file is handled in accordance with a policy associated with the category.

公开(公告)号：US09973516B2

公开(公告)日：2018-05-15

申请号：US14621949

申请日：2015-02-13

申请人： International Business Machines Corporation

发明人： Matthias Seul ,  Artemiy A. Solyakov

IPC分类号： H04L29/06 ,  H04K1/02 ,  H04L9/00 ,  H04L12/733

CPC分类号： H04L63/1408 ,  G06F21/606 ,  G06F2221/2125 ,  H04K1/02 ,  H04L9/002 ,  H04L45/20 ,  H04L63/0254 ,  H04L63/0272 ,  H04L63/029 ,  H04L63/0414 ,  H04L63/0428 ,  H04L2209/08

摘要： According to one exemplary embodiment, a method for obfuscating a traffic pattern associated with a plurality of network traffic within a tunnel connection is provided. The method may include detecting the tunnel connection. The method may also include analyzing a connection environment associated with the detected tunnel connection. The method may then include determining a packet handling technique based on the analyzed connection environment, whereby the packet handling technique provides a way for creating a noise packet that will be discarded by a network stack at a target node or before the target node. The method may include determining a noise strategy based on the determined packet handling technique. The method may also include sending a plurality of noise packets into the tunnel connection based on the determined noise strategy to obfuscate the traffic pattern.

公开(公告)号：US20180124019A1

公开(公告)日：2018-05-03

申请号：US15851767

申请日：2017-12-22

申请人： NEC EUROPE LTD.

发明人： Maurizio Dusi ,  Saverio Niccolini ,  Giulio Picierro ,  Riccardo Paolillo ,  Michele Orru ,  Giuseppe Bianchi

IPC分类号： H04L29/06 ,  G06F17/30 ,  H04L12/26 ,  G06N7/00

CPC分类号： H04L63/0263 ,  G06F17/30699 ,  G06N7/005 ,  H04L43/028 ,  H04L63/0245 ,  H04L63/0254 ,  H04L63/145

摘要： A method for analyzing a data flow includes: (a) extracting packet information of a packet, (b) determining a status of the packet based on the extracted packet information by applying at least one probabilistic filter to the packet and storing the packet for later inspection based on the status of the packet indicating that the packet is out-of sequence, and (c) inspecting the stored packet based on inspection rules. Upon a partial match of an inspection rule with the extracted packet information, a result of the inspection is temporarily stored. Already stored packets are inspected based on the already stored packets being in-order with already inspected packets. Upon a total match of at least one of the inspection rules, a predetermined action is performed and the stored result is deleted. The at least one probabilistic filter includes a connection Bloom filter and a sequence Bloom filter.

公开(公告)号：US20180124018A1

公开(公告)日：2018-05-03

申请号：US15388934

申请日：2016-12-22

申请人： QUALCOMM Incorporated

发明人： Gheorghe Cascaval ,  Hui Chao ,  Mihai Christodorescu ,  Drew Dean ,  Dinakar Khurjati ,  Shuhua Ge ,  Hilmi Gunes Kayacik ,  Arun Raman ,  Ahmet Salih Buyukkayhan ,  Yuanwei Fang

IPC分类号： H04L29/06

CPC分类号： H04L63/0254 ,  G06F21/554 ,  H04L63/02 ,  H04L63/0263 ,  H04L63/1425

摘要： Aspects may relate to a server comprising: an interface to receive a service request; and a processor coupled to the interface to receive the service request, the processor configured to: implement a firewall appliance for the service request; operate a first micro-security application to generate an anomaly alert for the service request; and operate a second micro-security application to receive the anomaly alert from the first micro-security application or from another server's micro-security application and to determine whether the service request corresponds to a non-benign behavior.

公开(公告)号：US20180097778A1

公开(公告)日：2018-04-05

申请号：US15816708

申请日：2017-11-17

申请人： Nicira, Inc.

发明人： Jayant Jain ,  Anirban Sengupta ,  Mohan Parthasarathy ,  Xinhua Hong

IPC分类号： H04L29/06 ,  H04L29/08 ,  H04L12/26

CPC分类号： H04L63/0254 ,  H04L43/028 ,  H04L63/0263 ,  H04L69/22 ,  H04L69/326

摘要： A novel method for stateful packet classification that uses hardware resources for performing stateless lookups and software resources for performing stateful connection flow handshaking is provided. To classify an incoming packet from a network, some embodiments perform stateless look up operations for the incoming packet in hardware and forward the result of the stateless look up to the software. The software in turn uses the result of the stateless look up to perform the stateful connection flow handshaking and to determine the result of the stateful packet classification.