公开(公告)号：US20240380728A1

公开(公告)日：2024-11-14

申请号：US18779704

申请日：2024-07-22

Applicant: Samsung Electronics Co., Ltd.

Inventor： June HWANG

IPC: H04L61/5007 ,  H04L101/618 ,  H04W8/26 ,  H04W36/00 ,  H04W36/36

Abstract: The present disclosure relates to a communication method and system for converging a 5th-Generation (5G) communication system for supporting higher data rates beyond a 4th-Generation (4G) system with a technology for Internet of Things (IoT). The present disclosure may be applied to intelligent services based on the 5G communication technology and the IoT-related technology, such as smart home, smart building, smart city, smart car, connected car, health care, digital education, smart retail, security and safety services.

公开(公告)号：US12074845B2

公开(公告)日：2024-08-27

申请号：US18110172

申请日：2023-02-15

Applicant: Charter Communications Operating, LLC

Inventor： Timothy Bleidorn ,  Cheryl Warne ,  Shane Newberg ,  Christopher Teague

IPC: H04L61/5014 ,  H04L12/66 ,  H04L47/70 ,  H04L61/00 ,  H04L101/618

CPC classification number: H04L61/5014 ,  H04L12/66 ,  H04L47/70 ,  H04L61/35 ,  H04L2101/618

Abstract: Systems, methods, and devices for performing targeted filtering of network traffic generated by user equipment (UE) devices connected to a customer premise equipment (CPE) device in a communication system that includes a distributed residential gateway. A network server may determine that the communication system includes a UE device that is compromised, misconfigured, or operating outside normal communication parameters, identify the UE device, determine an Internet protocol (IP) address or a media access control (MAC) address of the identified UE device, generate a quarantine request message that includes the IP address or the MAC address of the identified UE device in response to determining that the preconfigured virtual local area network access control list (VACL) on the CPE lists source IP addresses from which the CPE will filter outbound traffic, and send the generated quarantine request message to a bridged residential gateway (BRG) associated with the CPE device.

公开(公告)号：US12052373B1

公开(公告)日：2024-07-30

申请号：US17325992

申请日：2021-05-20

Applicant: VERISIGN, INC.

Inventor： Burton S. Kaliski, Jr. ,  Andrew Kaizer ,  Swapneel Sheth

IPC: H04L9/32 ,  H04L61/4511 ,  H04L9/00 ,  H04L101/618

CPC classification number: H04L9/3247 ,  H04L61/4511 ,  H04L9/50 ,  H04L2101/618

Abstract: Systems, methods, and computer products for associating a network identifier with a network address enable operations that may include: receiving a network identifier associated with a first network; obtaining an identification of a proof provider; sending, to the proof provider, a network address associated with a second network, wherein the proof provider is configured to generate a signed association of the network identifier with the network address using a private key of the proof provider; obtaining the signed association; and providing, to the second network, at least the signed association. The second network may be configured to validate the signed association and store the signed association.

公开(公告)号：US11838262B1

公开(公告)日：2023-12-05

申请号：US18072280

申请日：2022-11-30

Applicant: Cujo LLC

Inventor： Santeri Kangas ,  Kimmo Kasslin ,  Leonardas Marozas ,  Filip Savin

IPC: H04L29/12 ,  H04L61/4511 ,  H04L61/09 ,  H04L9/40 ,  H04L67/02 ,  G06F15/16 ,  G06F16/901 ,  H04L101/618

CPC classification number: H04L61/4511 ,  H04L61/09 ,  H04L63/14 ,  H04L67/02 ,  H04L2101/618

Abstract: A first data communication of a first connected device related to a first target website is intercepted. The first data communication identifies the first target website by a first fully qualified domain name (FQDN), and the first FQDN is mapped to a first Internet protocol (IP) address. A pair of the first FQDN and the first IP address is determined. A second data communication of a second connected device related to a second target website is intercepted. The second data communication comprises a second encrypted FQDN and a second IP address of the second target website. The second IP address is determined to be equal to the first IP address. A cybersecurity reputation of the second target website is retrieved based on the first FQDN. In response to determining that the reputation matches a predetermined alarm condition, a cybersecurity operation is enforced for the second data communication.

公开(公告)号：US11716680B2

公开(公告)日：2023-08-01

申请号：US17153102

申请日：2021-01-20

Applicant: Huawei Technologies Co., Ltd.

Inventor： Xiaojuan Li ,  Haorui Yang ,  Hui Jin ,  Guowei Ouyang ,  Fenghui Dou

IPC: H04W48/18 ,  H04W76/11 ,  H04W8/08 ,  H04W40/02 ,  H04W48/16 ,  H04W80/10 ,  H04W80/12 ,  H04W24/02 ,  H04W76/12 ,  H04W76/10 ,  H04L69/167 ,  H04W80/04 ,  H04L101/654 ,  H04W8/24 ,  H04L101/686 ,  H04L101/618 ,  H04W60/04 ,  H04W8/20 ,  H04W8/26

CPC classification number: H04W48/18 ,  H04L69/167 ,  H04W8/08 ,  H04W24/02 ,  H04W40/02 ,  H04W48/16 ,  H04W76/10 ,  H04W76/11 ,  H04W76/12 ,  H04W80/04 ,  H04W80/045 ,  H04W80/10 ,  H04W80/12 ,  H04L2101/618 ,  H04L2101/654 ,  H04L2101/686 ,  H04W8/20 ,  H04W8/24 ,  H04W8/26 ,  H04W60/04

Abstract: A protocol data unit (PDU) type setting method, a user equipment (UE) policy setting method, and a related entity, where the PDU type setting method includes: setting, by UE, a requested PDU type of a PDU session in a process of establishing the PDU session, where the requested PDU type of the PDU session is set by the UE based on a first condition, the first condition includes an Internet Protocol (IP) version corresponding to an application, and the application is associated with the PDU session. In the embodiments of the present disclosure, the requested PDU type of the PDU session can be consistent with a PDU type requested by the application, such that the application can normally perform communication.

公开(公告)号：US20250048179A1

公开(公告)日：2025-02-06

申请号：US18919882

申请日：2024-10-18

Applicant: Ofinno, LLC

Inventor： Weihua Qiao ,  Esmael Hejazi Dinan ,  Kyungmin Park ,  Peyman Talebi Fard

IPC: H04W28/06 ,  H04L101/618 ,  H04L101/622 ,  H04W80/02 ,  H04W92/10

Abstract: A method can include receiving, by a wireless device from a base station, a radio resource control (RRC) message that includes at least one packet data convergence protocol (PDCP) configuration parameter for a data radio bearer. The method can also include sending, to the base station and based on the at least one PDCP configuration parameter, a message that includes a source medium access control (MAC) address and a destination MAC address and also includes a header compression index corresponding to the source MAC address and the destination MAC address. The method can further include sending, to the base station, a compressed Ethernet packet that includes a packet header being compressed based on the message and includes the corresponding header compression index.

公开(公告)号：US20240244119A1

公开(公告)日：2024-07-18

申请号：US18617565

申请日：2024-03-26

Applicant: OXYLABS, UAB

Inventor： Valdas PILKAUSKAS ,  Miroslav KOZLOVSKI

IPC: H04L67/56 ,  H04L61/4511 ,  H04L61/5007 ,  H04L101/618

CPC classification number: H04L67/56 ,  H04L61/4511 ,  H04L61/5007 ,  H04L2101/618

Abstract: Systems and methods for coordinating network connectivity and communication between proxy servers, exit-nodes and client modules are disclosed. In one aspect, proxy-nodes in a proxy infrastructure accept connections with exit-nodes based on geographical proximity or proxy-node metrics. Further, a proxy-node can communicate and instruct another proxy-node to service the client request via a suitable exit-node. Further still, a proxy-node can communicate and instruct proxy-node to redirect a suitable exit-node towards the first proxy-node in order to service the client request. In another aspect, the proxy-infrastructure enables client modules to connect to proxy-nodes based on geographical proximity, client parameters, and client's behavioral informatics. In yet another aspect, proxy infrastructure enables a proxy node to redirect exit-nodes to a different proxy-node in the event of a) system overload or resource exhaustion, b) graceful shutdown c) erroneous network connection between exit-nodes and the proxy-node.

公开(公告)号：US12003600B2

公开(公告)日：2024-06-04

申请号：US17845240

申请日：2022-06-21

Applicant: Oxylabs, UAB

Inventor： Valdas Pilkauskas ,  Miroslav Kozlovski

IPC: G06F15/16 ,  H04L61/4511 ,  H04L61/5007 ,  H04L67/56 ,  H04L101/618

CPC classification number: H04L67/56 ,  H04L61/4511 ,  H04L61/5007 ,  H04L2101/618

Abstract: Systems and methods for coordinating network connectivity and communication between proxy servers, exit-nodes and client modules are disclosed. In one aspect, the proxy infrastructure enables network connectivity between exit-nodes and proxy-nodes without the need of any proxy-gateways or middleware entities to delegate the connections. Proxy-nodes in the proxy infrastructure accept connections with exit-nodes based on geographical proximity, proxy-node metrics, such as server loads and clients' frequent preferences. Further, a single instance of proxy-node can communicate and instruct another instance of proxy-node, to service the client request via a suitable exit-node. Further still, a single instance of proxy-node can communicate and instruct another instance of proxy-node to redirect a suitable exit-node towards the first proxy-node in order to service the client request. In another instance, the proxy-infrastructure enables client modules to connect to proxy-nodes based on geographical proximity, client parameters, and client's behavioral informatics. In yet another aspect, proxy infrastructure enables a proxy node to redirect exit-nodes to a different proxy—node in the event of a) system overload or resource exhaustion, b) graceful shutdown c) erroneous network connection between exit-nodes and the proxy-node.

公开(公告)号：US11902243B2

公开(公告)日：2024-02-13

申请号：US17937937

申请日：2022-10-04

Applicant: SECURITY SERVICES, LLC

Inventor： Rodney Lance Joffe ,  David Link King

IPC: H04L61/4511 ,  H04L67/56 ,  H04L61/59 ,  H04L61/4552 ,  H04L101/618

CPC classification number: H04L61/4511 ,  H04L61/4552 ,  H04L61/59 ,  H04L67/56 ,  H04L2101/618

Abstract: Systems and methods are described herein for providing proxy mechanisms for DNS services, such as resolving DNS requests. In some embodiments, the systems and methods establish a Proxy DNS module at a DNS resolver of an internet service provider, and access, with the proxy DNS module, DNS queries destined for a public name server. The name server may be accessible by the DNS resolver via a publically-accessible network. Further, the systems and methods may route the accessed DNS queries to a private name server associated with the proxy DNS module and accessible via a private communications channel, and receive, from the private name server and via the private communications channel, IP addresses associated with the DNS queries.

公开(公告)号：US11757826B1

公开(公告)日：2023-09-12

申请号：US18060774

申请日：2022-12-01

Applicant: Palo Alto Networks, Inc.

Inventor： Jayant Jain ,  Brian Russell Kean ,  Aditya Srinivasa Ivaturi ,  Mohit Sahni ,  Mingfei Peng

IPC: H04L61/256 ,  H04L61/2592 ,  H04L61/4511 ,  H04L101/618

CPC classification number: H04L61/256 ,  H04L61/2592 ,  H04L61/4511 ,  H04L2101/618

Abstract: A controller can securely publish an application of a tenant by securely extending a network fabric into the networks of the tenant with virtual private networks and NAT. After a tenant deploys an application into one or more networks of the tenant, the tenant can indicate select applications to publish. The network controller assigns a network address from the routable address space of the network fabric to the application and a network address aggregate to each application connector that will front an instance of the application, which securely extends the network fabric into the tenant network. The network controller configures NAT rules in the network fabric and on the application connector to create a route for traffic of the application through the network fabric to the application instance using a fully qualified domain name assigned to the application without exposing a private network address of the application instance and preserving security of other resource on the tenant network.