公开(公告)号：WO2022272118A1

公开(公告)日：2022-12-29

申请号：PCT/US2022/034976

申请日：2022-06-24

Applicant: CISCO TECHNOLOGY, INC.

Inventor： PARLA, Vincent, E. ,  ZAWADOWSKIY, Andrew ,  BESSONOV, Oleg ,  BOSCH, Hendrikus, G., P.

IPC: H04L45/30 ,  H04L45/302 ,  H04L47/20 ,  H04L47/24 ,  H04L47/2425 ,  H04L45/3065

Abstract: A method of defining priority of a number of data packets within a queue includes generating a policy. The policy defines a first multiplexed channel of a plurality of multiplexed channels. The first multiplexed channel having a first priority. The policy also defines a second multiplexed channel of the plurality of multiplexed channels. The second multiplexed channel having a second priority. The first priority is defined as being of a higher priority relative to the second priority. The method further includes receiving the number of data packets over the plurality of multiplexed channels associated with a session based at least in part on the policy.

公开(公告)号：WO2007130354A2

公开(公告)日：2007-11-15

申请号：PCT/US2007/010454

申请日：2007-04-30

Applicant: CISCO TECHNOLOGY, INC. ,  KRAEMER, Jeffrey A. ,  ZAWADOWSKIY, Andrew

Inventor： KRAEMER, Jeffrey A. ,  ZAWADOWSKIY, Andrew

IPC: G06F12/14

CPC classification number: H04L63/1408 ,  G06F21/564 ,  G06F21/566

Abstract: A system detects an attack on the computer system. The system identifies the attack as polymorphic, capable of modifying itself for every instance of execution of the attack. The modification of the attack is utilized to defeat detection of the attack. In one embodiment, the system determines generation of an effective signature of the attack has failed. The signature is utilized to prevent execution of the attack. The system then adjusts access to an interface to prevent further damage caused to the computer system by the attack.

Abstract translation: 系统检测到对计算机系统的攻击。 系统将攻击识别为多态，能够对攻击的每个执行实例进行修改。 攻击的修改被用来击败攻击的检测。 在一个实施例中，系统确定攻击的有效签名的生成失败。 该签名用于防止攻击的执行。 系统然后调整对接口的访问，以防止攻击对计算机系统造成进一步的损坏。

公开(公告)号：WO2008016452A2

公开(公告)日：2008-02-07

申请号：PCT/US2007/015065

申请日：2007-06-28

Applicant: CISCO TECHNOLOGY, INC. ,  KRAEMER, Jeffrey, A. ,  ZAWADOWSKIY, Andrew

Inventor： KRAEMER, Jeffrey, A. ,  ZAWADOWSKIY, Andrew

IPC: G06F12/14

CPC classification number: G06F21/52 ,  G06F21/55 ,  G06F21/552 ,  G06F21/56 ,  G06F21/566 ,  H04L63/1408 ,  H04L63/20

Abstract: A system receives information from at least one security interceptor associated with at least one computer system. The information identifies details associated with a traffic flow in a computer system of the computer networking environment. The system determines a probability that an attack on the computer system is in progress based on a probabilistic link provided by the information. The probabilistic link is determined by attack information associated with previous attacks. Based on the information provided by the at least one security interceptor, the system generates a signature utilized to prevent a similar attack on the computer system.

Abstract translation: 系统从与至少一个计算机系统相关联的至少一个安全拦截器接收信息。 该信息识别与计算机联网环境的计算机系统中的交通流相关联的细节。 系统根据信息提供的概率链接确定对计算机系统的攻击正在进行的概率。 概率链接由与先前攻击相关的攻击信息决定。 基于由至少一个安全拦截器提供的信息，系统生成用于防止对计算机系统进行类似攻击的签名。

公开(公告)号：WO2007130332A2

公开(公告)日：2007-11-15

申请号：PCT/US2007/010409

申请日：2007-04-30

Applicant: CISCO TECHNOLOGY, INC. ,  KRAEMER, Jeffrey A. ,  ZAWADOWSKIY, Andrew

Inventor： KRAEMER, Jeffrey A. ,  ZAWADOWSKIY, Andrew

IPC: G06F12/14

CPC classification number: H04L63/1416 ,  G06F21/55 ,  G06F21/552 ,  G06F21/56 ,  G06F21/566 ,  H04L63/0227

Abstract: A system defines at least one key event to be monitored by at least one agent, and creates a graphical model for the at least one key event. The system observes the at least one key event. The system infers a degree of attack on the computer system based on an observation of the at least one key event in conjunction with a result of an effect the at least one key event has on the graphical model. The system then adjusts a security policy based on an output of the graphical model.

Abstract translation: 系统定义要由至少一个代理监视的至少一个密钥事件，并且为至少一个密钥事件创建图形模型。 该系统观察至少一个关键事件。 该系统结合至少一个关键事件对图形模型的影响的结果，基于至少一个键事件的观察来对计算机系统造成一定程度的攻击。 系统然后根据图形模型的输出调整安全策略。