专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US07701945B2 Device, system and method for analysis of segments in a transmission control protocol (TCP) session 有权
标题翻译：用于分析传输控制协议（TCP）会话中的段的设备，系统和方法
公开(公告)号：US07701945B2
公开(公告)日：2010-04-20
申请号：US11501776
申请日：2006-08-10
申请人： Martin Frederick Roesch , Judy Hollis Novak , Steven Sturges
发明人： Martin Frederick Roesch , Judy Hollis Novak , Steven Sturges
IPC分类号： H04L12/28
CPC分类号： H04L63/1408 , H04L63/1466 , H04L63/20 , H04L69/16 , H04L69/166
摘要： A method performed in an intrusion detection/prevention system, a system or a device for analyzing segments in a transmission in a communication network. The transmission includes segments in the same transmission control protocol (TCP) session. Segments in a transmission are monitored. Data in the segments in the transmission are reassembled in an order indicated by a segment reassembly policy, the segment reassembly policy indicating an order specific to at least comprehensively overlapped segments.
摘要翻译：在入侵检测/预防系统中执行的方法，用于分析通信网络中的传输中的段的系统或设备。传输包括相同传输控制协议（TCP）会话中的段。监视传输中的分段。传输中的段中的数据按照段重组策略指示的顺序被重新组合，段重组策略指示至少是全面重叠的段的特定顺序。

2. 发明申请

US20080037587A1 Device, system and method for analysis of fragments in a transmission control protocol (TCP) session 有权
标题翻译：用于分析传输控制协议（TCP）会话中的片段的设备，系统和方法
公开(公告)号：US20080037587A1
公开(公告)日：2008-02-14
申请号：US11501776
申请日：2006-08-10
申请人： Martin Frederick Roesch , Judy Hollis Novak , Steven Sturges
发明人： Martin Frederick Roesch , Judy Hollis Novak , Steven Sturges
IPC分类号： H04J3/24
CPC分类号： H04L63/1408 , H04L63/1466 , H04L63/20 , H04L69/16 , H04L69/166
摘要： A method performed in an intrusion detection/prevention system, a system or a device for analyzing segments in a transmission in a communication network. The transmission includes segments in the same transmission control protocol (TCP) session. Segments in a transmission are monitored. Data in the segments in the transmission are reassembled in an order indicated by a segment reassembly policy, the segment reassembly policy indicating an order specific to at least comprehensively overlapped segments.
摘要翻译：在入侵检测/预防系统中执行的方法，用于分析通信网络中的传输中的段的系统或设备。传输包括相同传输控制协议（TCP）会话中的段。监视传输中的分段。传输中的段中的数据按照段重组策略指示的顺序被重新组合，段重组策略指示至少是全面重叠的段的特定顺序。

3. 发明授权

US08601034B2 System and method for real time data awareness 有权
公开(公告)号：US08601034B2
公开(公告)日：2013-12-03
申请号：US13046127
申请日：2011-03-11
申请人： Martin Frederick Roesch
发明人： Martin Frederick Roesch
IPC分类号： G06F15/173 , G06F17/30
CPC分类号： H04L63/1416 , G06F21/50 , H04L63/102 , H04L63/1408 , H04L63/1466
摘要： A system includes a sensor and a processor. The sensor is configured to passively read data in packets as the packets are in motion on a network. The processor is cooperatively operable with the sensor The processor is configured to receive the read data from the sensor; and originate real-time map profiles of files and file data, both from the read data from the sensor, as the passively read packets are in motion on the network.

4. 发明申请

US20080127342A1 Device, system and method for analysis of fragments in a fragment train 有权
标题翻译：用于分析碎片列中碎片的装置，系统和方法
公开(公告)号：US20080127342A1
公开(公告)日：2008-05-29
申请号：US11493934
申请日：2006-07-27
申请人： Martin Frederick Roesch , Judy Hollis Novak , Steven Sturges
发明人： Martin Frederick Roesch , Judy Hollis Novak , Steven Sturges
IPC分类号： G06F12/14 , G06F15/16
CPC分类号： H04L63/0227 , H04L63/1408
摘要： Fragment trains in a communication network are analyzed. A fragment train includes fragments in the same fragment train and associated with the same target system. One or more fragment reassembly policies are identified out of several fragment reassembly policies, where the fragment reassembly policy corresponds to a target system associated with fragments in a fragment train. The data in the fragments in the fragment train are provided in an order indicated by the fragment reassembly policy. The fragment reassembly policy can include determining the order responsive to an offset and a more fragments indication in the fragments, and/or indicating an order specific to overlapped fragments such as comprehensively overlapped fragments.
摘要翻译：分析通信网络中的分段列车。片段列车包括相同片段列中的片段，并与相同的目标系统相关联。从多个片段重组策略中识别出一个或多个片段重组策略，其中片段重组策略对应于与片段列中的片段相关联的目标系统。以片段重组策略表示的顺序提供片段列中的片段中的数据。片段重组策略可以包括响应于片段中的偏移和更多片段指示来确定顺序，和/或指示特定于诸如全面重叠片段的重叠片段的顺序。

5. 发明申请

US20080196102A1 Device, system and method for use of micro-policies in intrusion detection/prevention 审中-公开
标题翻译：在入侵检测/预防中使用微观策略的设备，系统和方法
公开(公告)号：US20080196102A1
公开(公告)日：2008-08-14
申请号：US11905980
申请日：2007-10-05
申请人： Martin Frederick Roesch
发明人： Martin Frederick Roesch
IPC分类号： G06F21/06
CPC分类号： H04L63/1408 , G06F21/55 , G06F21/554
摘要： A method, computer system and/or computer readable medium, associates attack detection/prevention rules with a target in a communication network. The attack detection/prevention rules are provided for the target without differentiation as to flows. A particular flow is associated with a transmission destination, a port number, a platform, a network service, or a client application on the target. A micro-policy is bound to a target of the particular flow based on monitored transmissions. The micro-policy that was bound to the target of the particular flow, is applied to the target to detect an intrusion in the particular flow. Binding the micro-policy includes selecting, as the micro-policy, only rules in the attack detection/prevention rules that are specific to the port number, the protocol, the family of machine, and the version associated with the particular flow, and associating only the selected rules of the micro-policy with the target of the particular flow.
摘要翻译：方法，计算机系统和/或计算机可读介质将攻击检测/预防规则与通信网络中的目标相关联。为目标提供攻击检测/预防规则，而不会流动。特定流程与目标上的传输目的地，端口号，平台，网络服务或客户端应用相关联。基于受监控的传输，微观策略必须与特定流的目标相关联。绑定到特定流程的目标的微观政策被应用于目标以检测特定流程中的入侵。绑定微观策略包括选择作为微策略的攻击检测/预防规则中仅特定于端口号，协议，机器族和与特定流相关联的版本的规则，以及关联只有微观政策的选定规则与特定流程的目标。

6. 发明申请

US20120233222A1 SYSTEM AND METHOD FOR REAL TIME DATA AWARENESS 有权
标题翻译：用于实时数据识别的系统和方法
公开(公告)号：US20120233222A1
公开(公告)日：2012-09-13
申请号：US13046127
申请日：2011-03-11
申请人： Martin Frederick Roesch
发明人： Martin Frederick Roesch
IPC分类号： G06F15/173 , G06F17/30
CPC分类号： H04L63/1416 , G06F21/50 , H04L63/102 , H04L63/1408 , H04L63/1466
摘要： A system includes a sensor and a processor. The sensor is configured to passively read data in packets as the packets are in motion on a network. The processor is cooperatively operable with the sensor The processor is configured to receive the read data from the sensor; and originate real-time map profiles of files and file data, both from the read data from the sensor, as the passively read packets are in motion on the network.
摘要翻译：系统包括传感器和处理器。传感器被配置为在网络上数据包运动时，以数据包的方式被动读取数据。处理器与传感器协同工作。处理器被配置为从传感器接收读取的数据; 并且随着被动读取的数据包在网络中运动，它们都来自传感器的读取数据的文件和文件数据的实时映射配置文件。

7. 发明授权

US07948988B2 Device, system and method for analysis of fragments in a fragment train 有权
标题翻译：用于分析碎片列中碎片的装置，系统和方法
公开(公告)号：US07948988B2
公开(公告)日：2011-05-24
申请号：US11493934
申请日：2006-07-27
申请人： Martin Frederick Roesch , Judy Hollis Novak , Steven Sturges
发明人： Martin Frederick Roesch , Judy Hollis Novak , Steven Sturges
IPC分类号： H04L12/28
CPC分类号： H04L63/0227 , H04L63/1408
摘要： Fragment trains in a communication network are analyzed. A fragment train includes fragments in the same fragment train and associated with the same target system. One or more fragment reassembly policies are identified out of several fragment reassembly policies, where the fragment reassembly policy corresponds to a target system associated with fragments in a fragment train. The data in the fragments in the fragment train are provided in an order indicated by the fragment reassembly policy. The fragment reassembly policy can include determining the order responsive to an offset and a more fragments indication in the fragments, and/or indicating an order specific to overlapped fragments such as comprehensively overlapped fragments.
摘要翻译：分析通信网络中的分段列车。片段列车包括相同片段列中的片段，并与相同的目标系统相关联。从多个片段重组策略中识别出一个或多个片段重组策略，其中片段重组策略对应于与片段列中的片段相关联的目标系统。以片段重组策略表示的顺序提供片段列中的片段中的数据。片段重组策略可以包括响应于片段中的偏移和更多片段指示来确定顺序，和/或指示特定于诸如全面重叠片段的重叠片段的顺序。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式