公开(公告)号：US20250030715A1

公开(公告)日：2025-01-23

申请号：US18587702

申请日：2024-02-26

Applicant: FORESCOUT TECHNOLOGIES, INC.

Inventor： Oded Comay ,  Oren Nechushtan

IPC: H04L9/40 ,  H04L61/4511 ,  H04L61/5007 ,  H04L61/58 ,  H04L61/59

Abstract: Systems, methods, and related technologies for analyzing traffic are described. In certain aspects, network traffic is analyzed and a domain name system (DNS) message is extracted from the network traffic. Subsequent network traffic is monitored and analyzed based on the DNS message and in view of one or more criteria. In response to the one or more criteria being satisfied, an indication of compromise (IoC) for a device is determined.

公开(公告)号：US12001504B2

公开(公告)日：2024-06-04

申请号：US17234517

申请日：2021-04-19

Applicant: CloudFlare, Inc.

Inventor： Lee Hahn Holloway ,  Matthew Browning Prince ,  Matthieu Philippe François Tourne

IPC: G06F16/00 ,  G06F15/16 ,  G06F16/95 ,  G06F16/958 ,  G06F21/00 ,  G06F21/55 ,  G06F40/14 ,  G06F40/143 ,  G06Q10/107 ,  G06Q30/0241 ,  G06Q30/0251 ,  H04L9/40 ,  H04L47/74 ,  H04L51/42 ,  H04L61/4511 ,  H04L61/5007 ,  H04L67/02 ,  H04L67/146 ,  H04L67/56 ,  H04L67/561 ,  H04L67/568 ,  H04L69/40 ,  H04L61/59

CPC classification number: G06F16/958 ,  G06F15/16 ,  G06F16/95 ,  G06F21/00 ,  G06F21/552 ,  G06F40/14 ,  G06F40/143 ,  G06Q10/107 ,  G06Q30/0241 ,  G06Q30/0251 ,  G06Q30/0277 ,  H04L47/745 ,  H04L51/42 ,  H04L61/4511 ,  H04L61/5007 ,  H04L63/0236 ,  H04L63/0245 ,  H04L63/0254 ,  H04L63/0281 ,  H04L63/083 ,  H04L63/0861 ,  H04L63/102 ,  H04L63/126 ,  H04L63/1416 ,  H04L63/1433 ,  H04L63/1441 ,  H04L63/1458 ,  H04L63/1466 ,  H04L67/02 ,  H04L67/146 ,  H04L67/56 ,  H04L67/561 ,  H04L67/568 ,  H04L69/40 ,  H04L61/59

Abstract: A proxy server receives from a client device a request for a network resource that is hosted at an origin server for a domain. The request is received at the proxy server as a result of DNS request for the domain returning an IP address of the proxy server instead of an IP address of the origin server. The proxy server retrieves the requested network resource. The proxy server determines that the retrieved network resource includes at least one modification token that is of a type that indicates a threat to the client device. For at least this modification token, the proxy server automatically modifies at least a portion of the retrieved network resource that corresponds to that modification token. The proxy server transmits the modified network resource to the client device.

公开(公告)号：US20230336577A1

公开(公告)日：2023-10-19

申请号：US18339738

申请日：2023-06-22

Applicant: iboss, Inc

Inventor： Paul Michael Martini

IPC: H04L9/40 ,  H04L61/4511 ,  H04L67/562 ,  G06F21/56 ,  H04L61/59 ,  H04L67/02

CPC classification number: H04L63/1425 ,  G06F21/567 ,  H04L61/4511 ,  H04L61/59 ,  H04L63/0281 ,  H04L63/1416 ,  H04L63/1441 ,  H04L63/164 ,  H04L63/168 ,  H04L67/02 ,  H04L67/562 ,  H04L2101/35

Abstract: This specification generally relates to methods and systems for applying network policies to devices based on their current access network. One example method includes identifying a proxy connection request sent from a particular client device to a proxy server over a network, the proxy connection request including a hostname and configured to direct the proxy server to establish communication with the computer identified by the hostname on behalf of the client device; determining an identity of the client device based on the proxy connection request; identifying a domain name system (DNS) response to a DNS request including the hostname from the proxy connection request; and updating DNS usage information for the particular client based on the identified DNS response including the hostname from the proxy connection request.

公开(公告)号：US11792154B2

公开(公告)日：2023-10-17

申请号：US17605880

申请日：2020-04-23

Applicant: INTERDIGITAL PATENT HOLDINGS, INC.

Inventor： Antonio de la Oliva ,  Robert G. Gazda

IPC: H04L61/2557 ,  H04L61/5007 ,  H04L61/59 ,  H04L61/50 ,  H04L61/5069 ,  H04L61/25 ,  H04L101/695 ,  H04L101/622

CPC classification number: H04L61/2557 ,  H04L61/25 ,  H04L61/50 ,  H04L61/5007 ,  H04L61/5069 ,  H04L61/59 ,  H04L2101/622 ,  H04L2101/695

Abstract: Methods and apparatuses are described herein for multicast and unicast MAC address assignment protocol (MUMAAP). A first node may transmit, to a second node, based on a unicast MAC address of the second node or a multicast MAC address associated with the second node, a discover message that may include a first MAC address or a first range of MAC addresses. The first node may receive an offer message with a second range of MAC addresses. If the first node selects a second MAC address from the received second range of MAC addresses, the first node may transmit a request message indicating that the second MAC address or the second range of MAC addresses is allocated to the first node. The first node may receive an acknowledge message indicating that the second MAC address or the second range of MAC addresses is allocated to the first node.

公开(公告)号：US11750561B2

公开(公告)日：2023-09-05

申请号：US17036286

申请日：2020-09-29

Applicant: Centrify Corporation

Inventor： Paul Moore ,  Nathaniel Wayne Yocom

IPC: H04L29/06 ,  G06F16/2455 ,  G06F9/54 ,  H04L9/40 ,  H04L61/45 ,  H04L61/59

CPC classification number: H04L63/02 ,  G06F9/547 ,  G06F16/2455 ,  H04L61/45 ,  H04L61/59 ,  H04L63/0281 ,  H04L63/0823

Abstract: A system and method for providing secure access to an organization's internal directory service from external hosted services. The system includes a remote directory service configured to accept directory service queries from an application running on hosted services. The remote directory service passes the queries to a directory service proxy server inside a firewall of the organization via a secure connection service. The directory service proxy server passes the queries to the internal directory service inside said firewall. Request responses from the internal directory service pass through the directory service proxy server to the remote directory service through said firewall via the secure connection service. The remote directory service returns the response to the requesting application.

公开(公告)号：US11683275B2

公开(公告)日：2023-06-20

申请号：US14403439

申请日：2013-05-17

Applicant: SAGEMCOM BROADBAND SAS

Inventor： Stéphane Colin

IPC: H04L49/00 ,  H04L61/2585 ,  H04L12/28 ,  H04L61/2521 ,  H04L61/59 ,  H04L61/5007 ,  H04L45/74 ,  H04L49/15

CPC classification number: H04L49/309 ,  H04L12/2809 ,  H04L12/2832 ,  H04L45/74 ,  H04L49/15 ,  H04L61/2528 ,  H04L61/2585 ,  H04L61/5007 ,  H04L61/59

Abstract: An interconnection device for interconnecting two sub-networks, on which UPnP devices are connected: determines actual IP addresses and port numbers of servers of the UPnP device; allocates a port number to each server, establishes a connection with a UPnP device of the femtocell and a connection with a UPnP device of the local area network; replaces, in frames received via one of said connections, each actual server IP address and port number allocated by the interconnection device to said server; and replaces, in frames received via one of said connections, each actual IP address and port number with an IP address of the interconnection device to said server; and replaces, in said received frames, each IP address of the interconnection device and port number allocated by the interconnection device to a server with the IP address and port number of the corresponding server.

公开(公告)号：US11657110B2

公开(公告)日：2023-05-23

申请号：US16938991

申请日：2020-07-26

Applicant: BRIGHT DATA LTD

Inventor： Derry Shribman ,  Ofer Vilenski

IPC: G06F16/909 ,  G06F16/955 ,  G06F9/54 ,  H04L67/02 ,  H04L67/146 ,  H04L1/00 ,  H04L69/40 ,  H04L67/01 ,  H04L67/568 ,  H04L61/59 ,  H04L67/56

CPC classification number: G06F16/9566 ,  G06F9/547 ,  G06F16/909 ,  G06F16/955 ,  G06F16/9558 ,  H04L1/00 ,  H04L67/01 ,  H04L67/02 ,  H04L67/146 ,  H04L67/568 ,  H04L69/40 ,  H04L61/59 ,  H04L67/56

Abstract: A method for overcoming intermittent, temporary, or other fetching failures by using multiple attempts for retrieving a content from a web server to a client device is disclosed. The URL fetching may use direct or non-direct fetching schemes, or a combination thereof. The non-direct fetching method may use intermediate devices, such as proxy server, Data-Center proxy server, tunnel devices, or any combination thereof. Upon sensing a failure of a fetching action, the action is repeated using the same or different parameters or attributes, such as by using different intermediate devices, selected based on different parameters or attributes, such as different countries. The repetitions are limited to a pre-defined maximum number or attempts. The fetching attempts may be performed by the client device, by an intermediate device in a non-direct fetching scheme, or a combination thereof. Various fetching schemes may be used sequentially until the content is retrieved.

公开(公告)号：US11593446B2

公开(公告)日：2023-02-28

申请号：US17202427

申请日：2021-03-16

Applicant: BRIGHT DATA LTD

Inventor： Derry Shribman ,  Ofer Vilenski

IPC: H04L29/08 ,  H04L1/00 ,  G06F16/955 ,  G06F16/909 ,  G06F9/54 ,  H04L67/02 ,  H04L67/146 ,  H04L69/40 ,  H04L67/01 ,  H04L67/568 ,  H04L61/59 ,  H04L67/56

Abstract: A method for overcoming intermittent, temporary, or other fetching failures by using multiple attempts for retrieving a content from a web server to a client device is disclosed. The URL fetching may use direct or non-direct fetching schemes, or a combination thereof. The non-direct fetching method may use intermediate devices, such as proxy server, Data-Center proxy server, tunnel devices, or any combination thereof. Upon sensing a failure of a fetching action, the action is repeated using the same or different parameters or attributes, such as by using different intermediate devices, selected based on different parameters or attributes, such as different countries. The repetitions are limited to a pre-defined maximum number or attempts. The fetching attempts may be performed by the client device, by an intermediate device in a non-direct fetching scheme, or a combination thereof. Various fetching schemes may be used sequentially until the content is retrieved.

公开(公告)号：US20230004618A1

公开(公告)日：2023-01-05

申请号：US17943294

申请日：2022-09-13

Applicant: BRIGHT DATA LTD.

Inventor： Derry Shribman ,  Ofer Vilenski

IPC: G06F16/955 ,  H04L67/568 ,  H04L67/01 ,  H04L67/146 ,  H04L1/00 ,  H04L67/02 ,  G06F9/54 ,  G06F16/909 ,  H04L69/40 ,  H04L61/59 ,  H04L67/56

Abstract: A method for overcoming intermittent, temporary, or other fetching failures by using multiple attempts for retrieving a content from a web server to a client device is disclosed. The URL fetching may use direct or non-direct fetching schemes, or a combination thereof. The non-direct fetching method may use intermediate devices, such as proxy server, Data-Center proxy server, tunnel devices, or any combination thereof. Upon sensing a failure of a fetching action, the action is repeated using the same or different parameters or attributes, such as by using different intermediate devices, selected based on different parameters or attributes, such as different countries. The repetitions are limited to a pre-defined maximum number or attempts. The fetching attempts may be performed by the client device, by an intermediate device in a non-direct fetching scheme, or a combination thereof. Various fetching schemes may be used sequentially until the content is retrieved.

公开(公告)号：US11546444B2

公开(公告)日：2023-01-03

申请号：US16361364

申请日：2019-03-22

Applicant: Akamai Technologies, Inc.

Inventor： Seetharama Sarma Ayyadevara ,  Charles E. Gero ,  Stephan Benny ,  Pravin Tatti ,  Manoj Kumar ,  Seemant Choudhary ,  Robert Lauro Quiros ,  Priyatham Phani Srinath Adigopula ,  Poornima Venkatesha, Sr. ,  Sumeet Gupta

IPC: G06F15/173 ,  H04L67/56 ,  H04L61/4511 ,  H04L61/59

Abstract: A method of traffic forwarding and disambiguation through the use of local proxies and addresses. The technique leverages DNS to on-ramp traffic to a local proxy. The local proxy runs on the end user's device. According to a first embodiment, DNS is used to remap what would normally be a wide range of IP addresses to localhost based on 127.0.0.0/8 listening sockets, where the system can then listen for connections and data. In a second embodiment, a localhost proxy based on a TUN/TAP interface (or other packet interception method) with a user-defined CIDR range to which the local DNS server drives traffic is used. Requests on that local proxy are annotated (by adding data to the upstream connection).