US20100205670A1 - Method and apparatus for tracing packets - Google Patents
Method and apparatus for tracing packets Download PDFInfo
- Publication number
- US20100205670A1 US20100205670A1 US12/762,366 US76236610A US2010205670A1 US 20100205670 A1 US20100205670 A1 US 20100205670A1 US 76236610 A US76236610 A US 76236610A US 2010205670 A1 US2010205670 A1 US 2010205670A1
- Authority
- US
- United States
- Prior art keywords
- network
- packet
- program product
- computer program
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L51/00—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
- H04L51/21—Monitoring or handling of messages
- H04L51/212—Monitoring or handling of messages using filtering or selective blocking
Definitions
- the present invention relates generally to the field of network security and more specifically to using low overhead methods for identifying the intrusion location of a packet in a network.
- each router, switch, or computer connected to the Internet may be a potential entry point from which a malicious individual can launch an attack while remaining largely undetected.
- Attacks carried out on the Internet often consist of malicious packets being injected into the network. Malicious packets can be injected directly into the network by a computer, or a device attached to the network, such as a router or switch. Such a computer or device can be compromised and configured to place malicious packets onto the network.
- IP Internet Protocol
- NAT network address translation
- Network attacks can also be launched using a single packet. While single packet attacks are not as well publicized as multi-packet attacks, they are becoming more common and they arc capable of inflicting significant damage to vulnerable networks. At present, it is extremely difficult to detect single packet attacks in a timely manner using known methods of intrusion detection, which exacerbates the challenge in dealing with them. As a result, network data, currently, must be analyzed after the fact to determine if a single packet attack was the source of disruption. Any tracing of the single packet to its origins, in accordance with prior art techniques, must also take place after the attacking packet traversed the network.
- source IP addresses may be transmitted with data, they are easy to forge, and as a result they are untrustworthy.
- a forged source address may bear no similarity to the actual source address from which the packet came.
- most prior art techniques and devices for preventing network attacks attempt to stop delivery of malicious packets at the ultimate destination device rather than attempting to locate their origin.
- Such origin is referred to as an entry point, also referred to as an ingress point or intrusion location, onto the network. Failing to identify the source address of malicious packets inhibits preventing further attacks, and such failure makes identification of the actual perpetrator difficult.
- FIG. 1 A first figure.
- FIG. 1 provides an example of a network employing prior art devices to thwart malicious packets.
- Two prior art autonomous systems are shown, PAS 1 and PAS 2 , respectively, connected to the Internet, or public network (PN 1 ) shown comprised of routers R 2 -R 6 .
- An autonomous system (AS) is a network domain in which all routers in the AS can exchange routing tables.
- the AS may be a local area network (LAN) such as one found at a university, municipality, large corporation, or Internet Service Provider (ISP).
- An AS may further be comprised of computers, or hosts, connected to the AS such as H 1 -H 3 for PAS 1 or H 4 -H 5 for PAS 2 , respectively.
- An AS is normally connected to the public network by one or more border routers, here R 1 (for PAS 1 ) or a firewall F 1 (for PAS 2 ) incorporating router functionality.
- Border routers contain routing tables for other routers within the AS and for routers within the public network that are connected to the AS by a link, i.e. a communicative connection.
- R 1 is a border router for PAS 1 and it connects to the Internet using representative link L 1 .
- Routing tables act as road maps for routers on the network, in that they are used to ensure that network traffic is forwarded through the appropriate links in route to a desired destination address.
- Firewalls are typically installed between a local area network (LAN), or intranet, and the Internet, or public network. Firewalls act as gatekeepers for an AS in that they allow certain packets in while excluding other packets. Firewalls may be implemented in routers or servers connected between an AS and the Internet, or they may function as standalone devices. Rule sets are used by firewalls to determine which packets will be allowed into their respective AS and which packets will be discarded. Since rules determine which packets get through the firewalls, only packets known to be problematic can be stopped. Therefore, rule sets must be updated on a regular basis to provide protection against new threat characteristics.
- IDSs intrusion detection systems
- IDSs also use rule-based algorithms to determine if a given pattern of network traffic is abnormal.
- the general premise used by an IDS is that malicious network traffic will have a different pattern from normal, or legitimate, network traffic.
- an IDS monitors inbound traffic to an AS. When a suspicious pattern or event is detected, the IDS may take remedial action, or it can instruct a border router or firewall to modify operation to address the malicious traffic pattern. For example, remedial actions may include disabling the link carrying malicious traffic, discarding packets coming from a particular source address, or discarding packets addressed to a particular destination.
- IDS 1 is used to protect PAS 1
- IDS 2 is used in conjunction with F 1 to protect PAS 2 .
- border routers, firewalls, and IDSs can be used to help prevent known packets from entering an AS, they are not well equipped for stopping unknown packets because they rely on rule-based look up tables containing signatures of known threats.
- border routers, firewalls, and IDSs generally are not well equipped for identifying the origin, or ingress location, of malicious packets, particularly when spoofing is employed. Even when spoofing is not used, the above-noted devices may not be able to determine the ingress point for packets because packets often traverse many Internet links and devices, such as routers, bridges, and switches, before arriving at an AS. Reliably tracing the path of a packet often requires information about each link traversed by a packet.
- routing data must remain with the packet or, alternatively, each router, or device, on the path must store information about, or a copy of, each packet traversing a network. With high-speed routers passing gigabits of data per second, storing full copies of packets is not practical.
- Embodiments of the present invention employ apparatus, system, computer program product and/or method for identifying an intrusion point of a malicious or target packet into a network. More specifically, in a network including multiple hosts and multiple routers for facilitating transmission of packets on a network, a system, for example, is employed for determining the point of entry of a malicious packet. An intrusion detection system detects the entry of a malicious packet in the network. A source path isolation server responsive to the intrusion detection system isolates the malicious packet and thereby determines the point of entry of the malicious packet. In a further embodiment of the system, the source path isolation server includes a means for generating a query message containing information about the malicious packet and a means for forwarding the query message to some of the routers located one hop away.
- certain of the routers include means for generating a hash value of the identification information about the malicious packet, a means for establishing a bit map of hash values representative of packets having passed through the respective router, and a means for comparing the hash value of the identification information to the hash values of packets having passes through the respective router.
- the network in a network carrying a plurality of packets where at least one of the packets is a target packet, the network includes at least one network component, a detection device and a server, a technique for determining the point of entry of a target packet into the network.
- the target packet is received from the detection device at the server.
- a query message is sent to a first one of the network components where the query message identifies the target packet.
- a reply containing information about the target packet from the first network component is received.
- the reply is processed to extract information contained therein. And, the information is used in a manner that allows the entry point of the target packet to ultimately be determined.
- a computer-readable data signal is embodied in a transmission medium used to identify an intrusion location of a target packet.
- the network includes a server and a network component having a memory storing representations of the plurality of packets, namely the data signal.
- a header portion includes an address of the network component.
- a body portion includes at least a portion of the target packet, the body portion being compared to corresponding representations where a match between a portion of the target packet and one of the representations indicates that the network component encountered the target packet.
- the network in a network carrying a plurality of packets, includes a network component having a memory storing first information about a subset of the plurality of packets having passed through the network component.
- the network component further includes a processor for computing a first hash value of a target packet and a second hash value of a member of the subset of the plurality of packets.
- the memory also stores second information about an intrusion location of the target packet in the network.
- a data structure stored in the memory includes information resident in a database used by a source path isolation program for determining the intrusion location with the data structure.
- a network component identification attribute corresponds to a location of the network component.
- a target packet attribute uniquely identifies the target packet.
- a reply packet attribute associated with at least one of the members and being associated with the network component identification attribute identifies the origin of the reply packet with the reply packet indicating that the member was encountered if the first hash value matches the second hash value.
- a further advantage of the invention is the elimination of problems caused by undetected malicious packets in a network.
- a still further advantage of the invention is that it detects malicious packets without requiring special purpose network equipment.
- the present invention communicates information about malicious packets to other network devices thus enhancing network security.
- Another advantage of the invention is that it efficiently uses stored information about packets to facilitate detecting malicious packets.
- FIG. 1 is a block diagram of a prior art network comprising autonomous systems
- FIG. 2 is a block diagram of an exemplary embodiment of the present invention operating in conjunction with an Internet network
- FIG. 3 is a schematic diagram of an autonomous system coupled to a plurality of external networks
- FIG. 4 is a flowchart illustrating an exemplary method for use with a source path isolation server
- FIG. 5 is a schematic diagram of an exemplary data structure for storing information in a source path isolation server for use in performing source path isolation techniques
- FIG. 6 is a block diagram of a general-purpose computer configurable for practicing exemplary embodiments or the invention.
- FIG. 2 illustrates an embodiment that may be used with an Internet Protocol network. More particularly, FIG. 2 is broken into three general areas enclosed within borders with communication media, such as links, carrying data traffic across the network, connecting the general areas. Links serve as a transmission media for data and signals on the network and may be comprised of wire, optical fiber, radio frequency (RF) transponders, or the like.
- RF radio frequency
- FIG. 2 denotes an AS, shown as AS 1 , enhanced by the addition of a source path isolation server (SS 1 ) and network components, here routers, modified to work as source path isolation routers (SRs), denoted by SR 14 - 17 , respectively.
- SS 1 source path isolation server
- SRs source path isolation routers
- IDS 1 intrusion detection system
- H 1 -H 3 host computers
- IDS 1 may take the form of a commercially available IDS, or alternatively it may be developed specifically for participating in source path isolation systems and methods. IDSs and firewalls are well known in the art and will not be described in detail herein.
- SS 1 may be comprised of a general-purpose computer, or server, operatively coupled to the network of AS 1 and executing machine-readable code enabling it to perform source path isolation in conjunction with SR 14 - 17 and IDS 1 . While SS 1 and IDS 1 are shown as separate devices in FIG. 2 , it is noted that they can be combined into a single unit performing both intrusion detection and source path isolation.
- SR 14 - 17 may be comprised of commercially available routers, or similar devices such as switches, bridges or the like, employing software and hardware enabling them to participate in source path isolation.
- the central portion of FIG. 2 represents the public network, shown as PN 1 , carrying traffic between the autonomous systems, namely IAS 1 , and AS 1 , AS 2 and AS 3 .
- PN 1 comprises routers R 2 -R 6 , links operatively coupling the routers making up PN 1 , and links attaching to ASs coupled to PN 1 .
- PN 1 may also comprise computers external to an AS (not shown).
- routers that have not been modified to act as source path isolation routers (SRs) are denoted as Rx, such as those located in PN 1 , where x is a number such as 2, 3, 4, etc.
- the lower portion of FIG. 2 includes other autonomous systems, AS 2 and AS 3 that may be operatively connected to PN 1 .
- AS 2 and AS 3 may employ source path isolation apparatus and methods, or alternatively, they may be prior art autonomous systems (PAS).
- PAS prior art autonomous systems
- FIG. 2 shows an autonomous system (IAS 1 ) used by an intruder to launch an attack on AS 1 .
- IAS 1 contains an IDS, shown as IDS 2 , operatively coupled to three host computers H 4 , H 5 and I 1 using links.
- I 1 has been configured such that it places a malicious packet (MP 1 ) onto LAS 1 for transmission to AS 1 via PN 1 .
- FIG. 2 illustrates a computer configured to place MP 1 onto the network, routers, switches, gateways and other hardware capable of placing machine-readable data onto a network may be used in place of or in conjunction with such computer.
- a device has been configured to inject an MP 1 onto a network, it is referred to as an intruder or intruding device.
- an intruder To launch an attack, an intruder generates malicious data traffic and places it onto a link for transmission to one or more destination devices having respective destination addresses.
- the heavy lines are used to indicate the path taken by MP 1 , namely I 1 to IDS 2 , IDS 2 -R 6 , R 6 -R 3 , R 3 -R 2 , R 2 -SR 15 , SR 15 -SR 16 , and SR 16 -IDS 1 (where hyphenation implies operative coupling between network components).
- the thick dashed link from IDS 1 -H 3 denotes the intended path to the targeted device H 3 .
- Detection and source path isolation of MP 1 may be accomplished as follows.
- Detection device here IDS 1 .
- IDS 1 identifies MP 1 using known methods.
- IDS 1 After detecting MP 1 , IDS 1 generates a notification packet, or triggering event, and sends it to SS 1 thus notifying SS 1 that a malicious packet has been detected within AS 1 .
- the notification packet may include MP 1 or portions thereof along with other information useful for SS 1 to begin source path isolation. Examples of information that may be sent from IDS 1 to SS 1 along with MP 1 are time-of-arrival, encapsulation information, link information, and the like.
- TP 1 target packet
- SS 1 may then generate a query message (QM 1 ) containing TP 1 , a portion thereof, or a representation of TP 1 such as a hash value. After generating QM 1 containing identification information about TP 1 , SS 1 sends it to some, or all, participating routers. Accordingly, SS 1 may send QM 1 to participating routers located one hop away; however the disclosed invention is not limited to single hops. For example, SR 16 is one hop away from SS 1 , whereas SR 14 , SR 15 and SR 17 are two hops away from SS 1 and one hop away from SR 16 , respectively. When SR 16 receives QM 1 from SS 1 , SR 16 determines if TP 1 has been seen.
- QM 1 query message
- SR 16 is considered to have observed, or encountered, a packet when the packet is passed from one of its input ports to one of its output ports such as would be done when SR 16 forwards during normal operation within a network.
- SR 16 To determine if a packet has been observed, SR 16 first stores a representation of each packet it forwards. Then SR 16 compares the stored representation to the information about TP 1 contained in QM 1 . Typically, a representation of a packet passed through SR 16 will not be a copy of the entire packet, but rather it will be comprised of a portion of the packet or some unique value representative of the packet. Since modern routers can pass gigabits of data per second, storing complete packets is not practical because memories become prohibitively large. In contrast, storing a value representative of the contents of a packet uses memory in a more efficient manner.
- a fixed width number may be computed across the bits making up a packet in a manner that allows the entire packet to be uniquely identified.
- a hash value, or hash digest is an example of such a fixed width number.
- the digest may be stored in memory or, alternatively, the digest may be used as an index, or address, into memory. Using the digest, or an index derived therefrom, results in efficient use of memory while still allowing identification of each packet passing through a router.
- the disclosed invention works with any storage scheme that saves information about each packet in a space efficient fashion, that can definitively determine if a packet has not been observed, and that will respond positively (i.e. in a predictable way) when a packet has been observed.
- the invention works with virtually any technique for deriving representations of packets, for brevity, the remaining discussion will use hash digests as exemplary representations of packets having passed through a participating router.
- SR 16 may so inform SS 1 . But if SR 16 has a hash matching TP 1 , it may send a response to SS 1 indicating that the packet was observed by, or at, SR 16 . In addition, SR 16 may forward QM 1 to adjacent routers 1 hop away, In FIG. 2 , SR 16 sends QM 1 to SR 14 , SR 15 and SR 17 . Then, SR 14 , 15 and 17 determine if they have seen TP 1 and notify SS 1 accordingly. In this fashion, the query message/reply process is forwarded to virtually all SRs within an AS on a hop-by-hop basis.
- routers SR 14 , SR 15 and SR 17 are border routers for AS 1 , namely they are the routers that contain routing tables for routers outside AS 1 . If routers external to AS 1 have not been configured to operate as SRs, then the query message/reply process stops at SR 14 - 17 ; however, if the public network routers are configured to act as SRs then the query message/reply process may continue until the SR closest to the ingress point of TP 1 is reached.
- the SR closest to the ingress point When the SR closest to the ingress point is found, it can be instructed to disconnect the link used by the intruder or it can be instructed to drop packets originating from the intruder's Internet Protocol (IP) address on a particular link, or based on other identifying information.
- IP Internet Protocol
- SR 15 excludes a TP, present at an input port, by preventing it from passing to an output port.
- R 6 could be instructed to exclude TPs present at its input port.
- an inward-out technique After being triggered by an IDS, an inward-out technique begins its queries from a generally central portion of an AS. The inward-out technique then employs QMs that hop outward from the central portion of the AS toward the border routers comprised therein.
- FIG. 3 illustrates an autonomous system (AS), 300 , employing border routers denoted generally as B connected to external networks EN 1 -EN 7 , other routers within 300 connected to the border routers generally denoted as A, and a source path isolation server denoted as SS.
- AS 300 may also include additional routers (not shown) located between SS and border routers B.
- An inward-out solution begins with SS at the center of FIG. 3 and works outward one hop at a time until the border routers, B, are reached. For FIG. 3 , the routers labeled A are queried on the first hop and the border routers, B, are queried on a second, or subsequent, hop.
- an outward-in solution may also be employed.
- SS first queries the border routers, B, and they in turn query the routers labeled A.
- an outward-in solution gets progressively closer to the center of AS 300 .
- the disclosed technique can be used on networks containing virtually any number of participating routers. While inward-out and outward-in techniques have been herein described, the disclosed techniques are not limited to any particular types of solution or localization algorithms.
- SS may send queries to participating routers located virtually anywhere in the network so that many types of source path isolation techniques can be employed. Thus it can be seen that the disclosed technique is very scalable and flexible.
- SS source path isolation server
- SR source path isolation router
- FIG. 4 illustrates an exemplary method for accomplishing source path isolation. The method begins when SS 1 receives TP 1 from IDS 1 operating within AS 1 (step 402 ).
- SS 1 may generate QM 1 comprising TP 1 and any additional information desirable for facilitating communication with participating routers (SRs) (step 404 ).
- additional information that may be included in QM 1 are, but are not limited to, destination addresses for participating routers, passwords required for querying a router, encryption keying information, time-to-live (TTL) fields, a hash digest of TP 1 , information for reconfiguring routers, and the like.
- SS 1 may then send QM 1 to SRs located at least one hop away (step 406 ).
- SR may then process QM 1 by hashing TP 1 contained therein and comparing the resulting value to hash values stored in local memory, where the stored hash values identify packets having previously passed through SR.
- an SR may send a reply to SS 1 (step 408 ).
- the response may indicate that a queried router has seen TP 1 , or alternatively, that it has not (step 410 ). It is important to observe that the two answers are not equal in their degree of certainty. If SR does not have a hash matching TP 1 , SR has definitively not seen TP 1 . However, if SR has a matching hash, then SR has seen TP 1 or a packet that has the same hash as TP 1 . When two different packets, having different contents, hash to the same value it is referred to as a hash collision.
- a reply and identification (ID) information for the respective SR is associated as active path data (step 414 ).
- the reply is associated as inactive path data (step 412 ).
- Replies received from queried SRs are used to build a source path trace of possible paths taken by TP 1 through the network using known methods (step 416 ).
- SS 1 may then attempt to identify the ingress point for TP 1 (step 418 ). If SS 1 is unable to determine the ingress point of TP 1 , subsequent responses from participating routers located an additional hop away are processed by executing steps 408 - 418 again (step 424 ).
- Examples of source path tracing techniques that may be employed with embodiments disclosed herein are, but are not limited to, a breadth-first search or a depth-first search.
- a breadth-first search all SRs in an area are queried to determine which SRs may have observed a target packet. Then, one or more graphs, containing nodes, are generated from the responses received by SS 1 . Where the nodes indicate locations that TP 1 may have passed. Any graphs containing a node where TP 1 was observed are associated as active, or candidate, paths, i.e. paths that TP 1 may have traversed.
- a depth-first search only SRs adjacent to a location where TP 1 was observed are queried.
- SRs issuing a positive reply are treated as starting points for candidate graphs because they have observed TP 1 .
- all SRs adjacent to those that responded with a positive reply are queried.
- the process of moving the query/response process out one hop at a time is referred to as a round. This process is repeated until all participating routers have been queried or all SRs in a round respond with a negative reply indicating that they have not observed TP 1 .
- a negative reply is received, it is associated as inactive path data.
- SS 1 When SS 1 has determined an ingress point for TP 1 , it may send a message to IDS 1 indicating that a solution has been found (step 420 ). Often it will be desirable to have the participating router closest to the ingress point close off the ingress path used by TP 1 . As such, SS 1 may send a message to the respective participating router instructing it to close off the ingress path using known techniques (step 422 ). SS 1 may also archive path solutions, data sent, data received, and the like either locally or remotely. Furthermore, SS 1 may communicate information about source path isolation attempts to devices at remote locations coupled to a network. For example, SS 1 may communicate information to a network operations center (NOC), a redundant source path isolation server, or to a data analysis facility for post processing.
- NOC network operations center
- SS 1 attempts to build a trace of the path taken by TP 1 , multiple paths may emerge as a result of hash collisions occurring in participating routers. When collisions occur, they act as false positives in the sense that SS 1 interprets the collision as an indication that a desired TP 1 has been observed. Fortunately the occurrences of hash collisions can be mitigated.
- One mechanism for reducing hash collisions is to compute large hash values over the packets since the chances of collisions rise as the number of bits comprising the hash value decreases.
- Another mechanism for reducing collisions is to control the density of the hash tables in the memories of participating routers.
- FIG. 5 illustrates an exemplary data structure 500 stored in a database (not shown) in a memory on a source path isolation server.
- Data structure 500 stores information used in conjunction with performing source path isolation of a target packet. While FIG. 5 illustrates one data structure, it will be obvious to those skilled in the relevant arts that a plurality of data structures may be employed and that the data structures may include additional parameters and take on different forms from those of the exemplary data structure discussed herein.
- Data structure 500 is comprised of a record R( 1 ) containing attributes, or parameters, having data associated therewith.
- a target packet attribute shown as Target ID
- a time attribute shown as Time
- a source attribute shown as Source.
- Target ID is associated with unique information associated with a particular target packet (TP) received from a detection device such as an IDS or firewall.
- Time may be used to identify either the time at which TP was received at an SS, the time that TP was received at a detection device, or the time that R( 1 ) was opened.
- Source may be used to identify the link that TP was detected on by the detection device, or alternatively, source may be used to uniquely identify the detection device that forwarded TP to SS.
- a network component identification attribute shown as node ID
- Link may be used to identify the particular link on which TP was observed.
- a reply packet attribute shown as Node Response, may be used to indicate if a queried node has observed TP.
- Node time may indicate the time, preferably using some common reference, at which a respective node observed TP. Time is useful for assessing how long TP has been in the network and for performing comparisons with fields such as time-to-live (TTL).
- TTL time-to-live
- the attribute Transformed is used to track variants of TP in the event it has undergone a transformation. If TP has been transformed, it may he useful to have multiple entries associated the respective TP. For example in FIG. 5 , node 04 has two entries for tracing an untransformed and a transformed version of TP. Status may be used to monitor network links associated with queried nodes. For example, a status of “ON” may indicate that a link is still active, i.e. carrying data traffic, while a status of “OFF” may indicate that a link has been disabled to exclude data traffic.
- FIG. 5 illustrates one exemplary embodiment of a data structure that may be used for facilitating source path isolation; however, variations of the data structure format and number of records may be readily employed without departing from the spirit of the invention.
- the terms “YES/NO” and “ON/OFF” used in conjunction with node response, transformed, and status may be desirable when conveying information to an operator; however, flags such as 1 or 0 may also be used to indicate the status of various attributes.
- a plurality of records may be generated when performing source path isolation.
- other column entries may be used in conjunction with, or in place of, those shown in FIG. 5 .
- FIG. 6 illustrates a system 620 comprising a general-purpose computer that can be configured to practice disclosed embodiments.
- System 620 executes machine-readable code to perform the methods heretofore disclosed and includes a processor 602 , main memory 604 , read only memory (ROM) 606 , storage device 608 , bus 610 , display 612 , keyboard 614 , cursor control 616 , and communication interface 618 .
- processor 602 main memory 604
- ROM read only memory
- storage device 608 includes a processor 602 , main memory 604 , read only memory (ROM) 606 , storage device 608 , bus 610 , display 612 , keyboard 614 , cursor control 616 , and communication interface 618 .
- ROM read only memory
- Processor 602 may be any type of conventional processing device that interprets and executes instructions.
- Main memory 604 may be a random access memory (RAM) or a similar dynamic storage device.
- Main memory 604 stores information and instructions to be executed by processor 602 .
- Main memory 604 may also be used for storing temporary variables or other intermediate information during execution of instructions by processor 602 .
- ROM 606 stores static information and instructions for processor 602 . It will be appreciated that ROM 606 may be replaced with some other type of static storage device.
- Storage device 608 also referred to as data storage device, may include any type of magnetic or optical media and their corresponding interfaces and operational hardware. Storage device 608 stores information and instructions for use by processor 602 .
- Bus 610 includes a set of hardware lines (conductors, optical fibers, or the like) that allow for data transfer among the components of system 620 .
- Display device 612 may be a cathode ray tube (CRT), liquid crystal display (LCD) or the like, for displaying information in an operator or machine-readable form.
- Keyboard 614 and cursor control 616 allow the operator to interact with system 620 .
- Cursor control 616 may be, for example, a mouse.
- keyboard 614 and cursor control 616 can be replaced with a microphone and voice recognition means to enable an operator or machine to interact with system 620 .
- Communication interface 618 enables system 620 to communicate with other devices/systems via any communications medium.
- communication interface 618 may be a modem, an Ethernet interface to a LAN, an interface to the Internet, a printer interface, etc.
- communication interface 618 can be any other interface that enables communication between system 620 and other devices, systems or networks.
- Communication interface 618 can be used in lieu of keyboard 614 and cursor control 616 to facilitate operator or machine remote control and communication with system 620 .
- system 620 may provide SS 1 operating within AS 1 with the ability to perform source path isolation for a given TP.
- SS 1 may receive MP 1 from IDS 1 and generate QM 1 in response to processor 602 executing sequences of instructions contained in, for example, memory 604 .
- Such instructions may be read into memory 604 from another computer-readable medium, such as storage device 608 , or from another device coupled to bus 610 or coupled via communication interface 618 .
- Execution of sequences of instructions contained in memory 604 causes processor 602 to perform the method described in conjunction with FIG. 4 .
- processor 602 may execute instructions to perform the functions of receiving a target packet (step 402 ), receiving replies from queried routers (step 408 ), and building a trace of the path traveled by TP (step 416 ).
- hard-wired circuitry may be used in place of or in combination with software instructions to implement the functions of SS 1 .
- the disclosed embodiments of SS 1 are not limited to any specific combination of hardware circuitry and software.
- the functionality may be implemented in an application specific integrated circuit (ASIC), a field-programmable gate array (FPGA), or the like, either alone or in combination with other devices to provide desired functionality.
- ASIC application specific integrated circuit
- FPGA field-programmable gate array
- the disclosed embodiments provide the functionality necessary to facilitate source path isolation of malicious packets in a network. While the preceding disclosure is directed to an Internet Protocol (IP) network, disclosed embodiments can be used in conjunction with other network protocols such as frame relay, asynchronous transfer mode (ATM), synchronous optical network (SONET), and the like. In addition, disclosed embodiments may be adapted to operate within different layers of a network such as the data link layer, network layer, transport layer or the like. Furthermore, the disclosed embodiments are not limited to particular network topologies or architectures.
- IP Internet Protocol
- ATM asynchronous transfer mode
- SONET synchronous optical network
- disclosed embodiments may be adapted to operate within different layers of a network such as the data link layer, network layer, transport layer or the like.
- the disclosed embodiments are not limited to particular network topologies or architectures.
- SS source path isolation server
- software for performing the functions of SS may be implemented in a high level programming language such as C, C++, LISP, or the like.
- software may be implemented in a lower level language such as assembly language, or a device specific language, where requirements such as speed must be met.
- SS may be configured to communicate with, and make information available to, other devices operatively connected to a network using known programming languages and techniques. For example, it may be desirable to have SS make source path isolation solutions available to an operator responsible for monitoring network security.
- SS can be implemented in a distributed fashion either by employing multiple processors or by having various components physically separated and coupled by a communication means such as a distributed bus, network, or the like.
- a communication means such as a distributed bus, network, or the like.
- Query messages (QMs) and replies are not limited, to a single network protocol or packet type. In many instances, it will be desirable to have QMs and replies transported using readily known protocols; however, customized protocols and message types can be used. For example, it may be desirable to employ a smart packet for sending QMs to participating routers.
- a smart packet is one that may contain a standard message, such as the data from a target packet, along with machine-readable instructions for instructing a receiving device, such as an SR, to modify its operation in response to the contents of the executable instructions contained therein. Smart packets facilitate rapid responses to network intrusions by allowing an SR to modify operation soon after receiving a QM from as SS, or a forwarded QM from a participating router.
- the disclosed methods can operate on encapsulated data such as would be encountered if network data were encrypted, converted from one network protocol to another, or a packet was split for transmission over more than one link.
- encapsulated data such as would be encountered if network data were encrypted, converted from one network protocol to another, or a packet was split for transmission over more than one link.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Software Systems (AREA)
- Computing Systems (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Information Transfer Between Computers (AREA)
Abstract
A system and method for performing source path isolation in a network. The system comprises an intrusion detection system (IDS), a source path isolation server (SS1) and at least one router configured to operate as a source path isolation router (SR1) operating within an autonomous system. When IDS detects a malicious packet, a message is sent to SS1. SS1 in turn generates a query message (QM) containing at least a portion of the malicious packet. Then, QM is sent to participating routers located one hop away. SR1 uses the query message to determine if it has observed the malicious packet by comparing it with locally stored information about packets having passed through SR1. SR1 sends a reply to SS1, and SS1 uses the reply to identify the ingress point into the network of the malicious packet.
Description
- This application is a continuation of U.S. patent application Ser. No. 10/654,771, filed Sep. 4, 2003, which, in turn, claims priority under 35 U.S.C. §119 based on U.S. Provisional Application No. 60/407,975, filed Sep. 5, 2002, both of which are incorporated herein by reference. U.S. patent application Ser. No. 10/654,771 is also a continuation-in-part of U.S. patent application Ser. No. 10/251,403, filed Sep. 20, 2002, which claims priority under 35 U.S.C. §119 based on U.S. Provisional Application No. 60/341,462, filed Dec. 14, 2001, both of which are incorporated herein by reference. U.S. patent application Ser. No. 10/654,771 is also a continuation-in-part of U.S. patent application Ser. No. 09/881,145, and U.S. patent application Ser. No. 09/881,074, both of which were filed on Jun. 14, 2001, and both of which claim priority under 35 U.S.C. §119 based on U.S. Provisional Application No. 60/212,425, filed Jun. 19, 2000, all of which are incorporated herein by reference.
- 1. Field of the Invention
- The present invention relates generally to the field of network security and more specifically to using low overhead methods for identifying the intrusion location of a packet in a network.
- 2. Description of Prior Art
- Availability of low cost computers, high speed networking products, and readily available network connections has helped fuel proliferation of the Internet. This proliferation has caused the Internet to become an essential tool for both the business community and private individuals. Dependence on the Internet arises, in part, because the Internet makes it possible for multitudes of users to access vast amounts of information and perform remote transactions expeditiously and efficiently. Along with rapid growth of the Internet have come problems caused by malicious individuals or pranksters launching attacks from within the network. As the size of the Internet continues to grow, so does the threat posed by these individuals.
- The ever-increasing number of computers, routers and connections making up the Internet increases the number of vulnerability points from which these malicious individuals can launch attacks. These attacks can be focused on the Internet as a whole or on specific devices, such as hosts or computers, connected to the network. In fact, each router, switch, or computer connected to the Internet may be a potential entry point from which a malicious individual can launch an attack while remaining largely undetected. Attacks carried out on the Internet often consist of malicious packets being injected into the network. Malicious packets can be injected directly into the network by a computer, or a device attached to the network, such as a router or switch. Such a computer or device can be compromised and configured to place malicious packets onto the network.
- The most publicized forms of network attacks often involve placing thousands or millions of packets onto the network using a practice known as flooding. The flood of packets can be targeted to a specific device on the network, for example a corporate web site, thus causing the device to become overwhelmed and shutdown. Alternatively, an attack may be designed to clog the links, or connection points, between network components. Network attacks can be further enhanced using a practice known as spoofing. Spoofing involves associating bogus Internet Protocol (IP) addresses with transmitted packets, thus making the packets' origins impossible to determine based upon looking only at a received packet. Spoofing can be further enhanced using a technique referred to as transformation. When a packet is transformed, it undergoes a process that changes the original packet into a new packet, as, for example, would happen during tunneling or network address translation (NAT). Locating the origin of a network attack is further complicated because coordinated attacks can be employed. In a coordinated attack, multiple network devices are compromised and then used to launch a distributed attack. A distributed attack is one that is launched essentially simultaneously from several locations within the network.
- Network attacks can also be launched using a single packet. While single packet attacks are not as well publicized as multi-packet attacks, they are becoming more common and they arc capable of inflicting significant damage to vulnerable networks. At present, it is extremely difficult to detect single packet attacks in a timely manner using known methods of intrusion detection, which exacerbates the challenge in dealing with them. As a result, network data, currently, must be analyzed after the fact to determine if a single packet attack was the source of disruption. Any tracing of the single packet to its origins, in accordance with prior art techniques, must also take place after the attacking packet traversed the network.
- Much of the difficulty in identifying the origin of an attack arises because the Internet employs a stateless routing infrastructure, in that it is one in which routing is based solely on destination addresses. Although source IP addresses may be transmitted with data, they are easy to forge, and as a result they are untrustworthy. A forged source address may bear no similarity to the actual source address from which the packet came. As a result, most prior art techniques and devices for preventing network attacks attempt to stop delivery of malicious packets at the ultimate destination device rather than attempting to locate their origin. Such origin is referred to as an entry point, also referred to as an ingress point or intrusion location, onto the network. Failing to identify the source address of malicious packets inhibits preventing further attacks, and such failure makes identification of the actual perpetrator difficult.
-
FIG. 1 provides an example of a network employing prior art devices to thwart malicious packets. Two prior art autonomous systems are shown, PAS1 and PAS2, respectively, connected to the Internet, or public network (PN1) shown comprised of routers R2-R6. An autonomous system (AS) is a network domain in which all routers in the AS can exchange routing tables. Often the AS may be a local area network (LAN) such as one found at a university, municipality, large corporation, or Internet Service Provider (ISP). An AS may further be comprised of computers, or hosts, connected to the AS such as H1-H3 for PAS1 or H4-H5 for PAS2, respectively. An AS is normally connected to the public network by one or more border routers, here R1 (for PAS1) or a firewall F1 (for PAS2) incorporating router functionality. - Border routers contain routing tables for other routers within the AS and for routers within the public network that are connected to the AS by a link, i.e. a communicative connection. In
FIG. 1 , R1 is a border router for PAS1 and it connects to the Internet using representative link L1. Routing tables act as road maps for routers on the network, in that they are used to ensure that network traffic is forwarded through the appropriate links in route to a desired destination address. - Firewalls are typically installed between a local area network (LAN), or intranet, and the Internet, or public network. Firewalls act as gatekeepers for an AS in that they allow certain packets in while excluding other packets. Firewalls may be implemented in routers or servers connected between an AS and the Internet, or they may function as standalone devices. Rule sets are used by firewalls to determine which packets will be allowed into their respective AS and which packets will be discarded. Since rules determine which packets get through the firewalls, only packets known to be problematic can be stopped. Therefore, rule sets must be updated on a regular basis to provide protection against new threat characteristics.
- Additional protection for an AS may be obtained by supplementing border routers and firewalls with intrusion detection systems (IDSs). IDSs also use rule-based algorithms to determine if a given pattern of network traffic is abnormal. The general premise used by an IDS is that malicious network traffic will have a different pattern from normal, or legitimate, network traffic. Using a rule set, an IDS monitors inbound traffic to an AS. When a suspicious pattern or event is detected, the IDS may take remedial action, or it can instruct a border router or firewall to modify operation to address the malicious traffic pattern. For example, remedial actions may include disabling the link carrying malicious traffic, discarding packets coming from a particular source address, or discarding packets addressed to a particular destination. In
FIG. 1 , IDS1 is used to protect PAS1 and IDS2 is used in conjunction with F1 to protect PAS2. - Although border routers, firewalls, and IDSs can be used to help prevent known packets from entering an AS, they are not well equipped for stopping unknown packets because they rely on rule-based look up tables containing signatures of known threats. In addition, border routers, firewalls, and IDSs generally are not well equipped for identifying the origin, or ingress location, of malicious packets, particularly when spoofing is employed. Even when spoofing is not used, the above-noted devices may not be able to determine the ingress point for packets because packets often traverse many Internet links and devices, such as routers, bridges, and switches, before arriving at an AS. Reliably tracing the path of a packet often requires information about each link traversed by a packet. To obtain this information, routing data must remain with the packet or, alternatively, each router, or device, on the path must store information about, or a copy of, each packet traversing a network. With high-speed routers passing gigabits of data per second, storing full copies of packets is not practical.
- What has been needed and what has not been available is a method for identifying the origin of malicious packets that can be implemented in an AS on the Internet and which addresses all shortcomings of prior art protection techniques. Embodiments of the present invention offer welcome solutions to these prior art protection problems.
- Embodiments of the present invention employ apparatus, system, computer program product and/or method for identifying an intrusion point of a malicious or target packet into a network. More specifically, in a network including multiple hosts and multiple routers for facilitating transmission of packets on a network, a system, for example, is employed for determining the point of entry of a malicious packet. An intrusion detection system detects the entry of a malicious packet in the network. A source path isolation server responsive to the intrusion detection system isolates the malicious packet and thereby determines the point of entry of the malicious packet. In a further embodiment of the system, the source path isolation server includes a means for generating a query message containing information about the malicious packet and a means for forwarding the query message to some of the routers located one hop away. In still a further embodiment of the system, certain of the routers include means for generating a hash value of the identification information about the malicious packet, a means for establishing a bit map of hash values representative of packets having passed through the respective router, and a means for comparing the hash value of the identification information to the hash values of packets having passes through the respective router.
- In a further aspect of the invention, in a network carrying a plurality of packets where at least one of the packets is a target packet, the network includes at least one network component, a detection device and a server, a technique for determining the point of entry of a target packet into the network. The target packet is received from the detection device at the server. A query message is sent to a first one of the network components where the query message identifies the target packet. A reply containing information about the target packet from the first network component is received. The reply is processed to extract information contained therein. And, the information is used in a manner that allows the entry point of the target packet to ultimately be determined.
- In yet a further aspect of the invention, in a network carrying a plurality of packets, a computer-readable data signal is embodied in a transmission medium used to identify an intrusion location of a target packet. The network includes a server and a network component having a memory storing representations of the plurality of packets, namely the data signal. A header portion includes an address of the network component. And, a body portion includes at least a portion of the target packet, the body portion being compared to corresponding representations where a match between a portion of the target packet and one of the representations indicates that the network component encountered the target packet.
- In still a further aspect of the invention, in a network carrying a plurality of packets, the network includes a network component having a memory storing first information about a subset of the plurality of packets having passed through the network component. The network component further includes a processor for computing a first hash value of a target packet and a second hash value of a member of the subset of the plurality of packets. The memory also stores second information about an intrusion location of the target packet in the network. A data structure stored in the memory includes information resident in a database used by a source path isolation program for determining the intrusion location with the data structure. A network component identification attribute corresponds to a location of the network component. A target packet attribute uniquely identifies the target packet. And, a reply packet attribute associated with at least one of the members and being associated with the network component identification attribute identifies the origin of the reply packet with the reply packet indicating that the member was encountered if the first hash value matches the second hash value.
- It is advantageous to employ embodiments of the present invention to protect data networks. A further advantage of the invention is the elimination of problems caused by undetected malicious packets in a network. A still further advantage of the invention is that it detects malicious packets without requiring special purpose network equipment. Furthermore, the present invention communicates information about malicious packets to other network devices thus enhancing network security. Another advantage of the invention is that it efficiently uses stored information about packets to facilitate detecting malicious packets.
- It is thus a general object of the present invention to provide improved packet networks.
- It is another object of the present invention to eliminate problems caused by malicious packets in a network.
- It is a further object of the present invention to identify malicious packets to facilitate identifying their intrusion locations into the network.
- It is a further object of the present invention to quickly identify ingress points of malicious packets when distributed attacks are launched against a network.
- It is yet a further object of the present invention to efficiently use stored information about packets traversing a link in a network.
- Further objects and advantages of the present invention will become more apparent after reference to the detailed description of exemplary embodiments thereof taken in conjunction with the accompanying drawings in which:
-
FIG. 1 is a block diagram of a prior art network comprising autonomous systems; -
FIG. 2 is a block diagram of an exemplary embodiment of the present invention operating in conjunction with an Internet network; -
FIG. 3 is a schematic diagram of an autonomous system coupled to a plurality of external networks; -
FIG. 4 is a flowchart illustrating an exemplary method for use with a source path isolation server; -
FIG. 5 is a schematic diagram of an exemplary data structure for storing information in a source path isolation server for use in performing source path isolation techniques; and -
FIG. 6 is a block diagram of a general-purpose computer configurable for practicing exemplary embodiments or the invention. - A preferred embodiment uses a server and one or more specially configured network components, or devices, such as a router, within an autonomous system (AS) to determine the ingress point, or location, for a malicious packet (MP1).
FIG. 2 illustrates an embodiment that may be used with an Internet Protocol network. More particularly,FIG. 2 is broken into three general areas enclosed within borders with communication media, such as links, carrying data traffic across the network, connecting the general areas. Links serve as a transmission media for data and signals on the network and may be comprised of wire, optical fiber, radio frequency (RF) transponders, or the like. - The rightmost portion of
FIG. 2 denotes an AS, shown as AS1, enhanced by the addition of a source path isolation server (SS1) and network components, here routers, modified to work as source path isolation routers (SRs), denoted by SR14-17, respectively. Also included within AS1 is a detection device, here an intrusion detection system (IDS) denoted as IDS1, and host computers H1-H3. IDS1 may take the form of a commercially available IDS, or alternatively it may be developed specifically for participating in source path isolation systems and methods. IDSs and firewalls are well known in the art and will not be described in detail herein. An informative source of information on IDS and firewall functionality that may be used with the disclosed embodiments can be found in Firewalls and Internet Security: Repelling the Wily Hacker, by William R. Cheswick and Steven M. Bellowin, Addison-Wesley (1994). - SS1 may be comprised of a general-purpose computer, or server, operatively coupled to the network of AS1 and executing machine-readable code enabling it to perform source path isolation in conjunction with SR14-17 and IDS1. While SS1 and IDS1 are shown as separate devices in
FIG. 2 , it is noted that they can be combined into a single unit performing both intrusion detection and source path isolation. SR14-17 may be comprised of commercially available routers, or similar devices such as switches, bridges or the like, employing software and hardware enabling them to participate in source path isolation. - The central portion of
FIG. 2 represents the public network, shown as PN1, carrying traffic between the autonomous systems, namely IAS1, and AS1, AS2 and AS3. PN1 comprises routers R2-R6, links operatively coupling the routers making up PN1, and links attaching to ASs coupled to PN1. PN1 may also comprise computers external to an AS (not shown). In the foregoing discussion, routers that have not been modified to act as source path isolation routers (SRs) are denoted as Rx, such as those located in PN1, where x is a number such as 2, 3, 4, etc. - The lower portion of
FIG. 2 includes other autonomous systems, AS2 and AS3 that may be operatively connected to PN1. AS2 and AS3 may employ source path isolation apparatus and methods, or alternatively, they may be prior art autonomous systems (PAS). - The leftmost portion of
FIG. 2 shows an autonomous system (IAS1) used by an intruder to launch an attack on AS1. IAS1 contains an IDS, shown as IDS2, operatively coupled to three host computers H4, H5 and I1 using links. InFIG. 2 , I1 has been configured such that it places a malicious packet (MP1) onto LAS1 for transmission to AS1 via PN1. WhileFIG. 2 illustrates a computer configured to place MP1 onto the network, routers, switches, gateways and other hardware capable of placing machine-readable data onto a network may be used in place of or in conjunction with such computer. When a device has been configured to inject an MP1 onto a network, it is referred to as an intruder or intruding device. - To launch an attack, an intruder generates malicious data traffic and places it onto a link for transmission to one or more destination devices having respective destination addresses. In
FIG. 2 , the heavy lines are used to indicate the path taken by MP1, namely I1 to IDS2, IDS2-R6, R6-R3, R3-R2, R2-SR15, SR15-SR16, and SR16-IDS1 (where hyphenation implies operative coupling between network components). The thick dashed link from IDS1-H3 denotes the intended path to the targeted device H3. - Detection and source path isolation of MP1 may be accomplished as follows. Detection device, here IDS1, identifies MP1 using known methods. After detecting MP1, IDS1 generates a notification packet, or triggering event, and sends it to SS1 thus notifying SS1 that a malicious packet has been detected within AS1. The notification packet may include MP1 or portions thereof along with other information useful for SS1 to begin source path isolation. Examples of information that may be sent from IDS1 to SS1 along with MP1 are time-of-arrival, encapsulation information, link information, and the like. When MP1 (or fraction thereof) has been identified and forwarded to SS1 it is referred to as a target packet (TP1) because it becomes the target of the source path isolation method further described herein.
- SS1 may then generate a query message (QM1) containing TP1, a portion thereof, or a representation of TP1 such as a hash value. After generating QM1 containing identification information about TP1, SS1 sends it to some, or all, participating routers. Accordingly, SS1 may send QM1 to participating routers located one hop away; however the disclosed invention is not limited to single hops. For example, SR16 is one hop away from SS1, whereas SR14, SR15 and SR17 are two hops away from SS1 and one hop away from SR16, respectively. When SR16 receives QM1 from SS1, SR16 determines if TP1 has been seen. This determination is made by comparing TP1 with a database containing signatures of other characteristics representative of packets having passed through SR16. Typically, SR16 is considered to have observed, or encountered, a packet when the packet is passed from one of its input ports to one of its output ports such as would be done when SR16 forwards during normal operation within a network.
- To determine if a packet has been observed, SR16 first stores a representation of each packet it forwards. Then SR16 compares the stored representation to the information about TP1 contained in QM1. Typically, a representation of a packet passed through SR16 will not be a copy of the entire packet, but rather it will be comprised of a portion of the packet or some unique value representative of the packet. Since modern routers can pass gigabits of data per second, storing complete packets is not practical because memories become prohibitively large. In contrast, storing a value representative of the contents of a packet uses memory in a more efficient manner. By way of example, if incoming packets range in size from 256 bits to 1000 bits, a fixed width number may be computed across the bits making up a packet in a manner that allows the entire packet to be uniquely identified. A hash value, or hash digest, is an example of such a fixed width number. To further illustrate the use of representations, if a 32-bit hash digest is computed across each packet, then the digest may be stored in memory or, alternatively, the digest may be used as an index, or address, into memory. Using the digest, or an index derived therefrom, results in efficient use of memory while still allowing identification of each packet passing through a router. The disclosed invention works with any storage scheme that saves information about each packet in a space efficient fashion, that can definitively determine if a packet has not been observed, and that will respond positively (i.e. in a predictable way) when a packet has been observed. Although the invention works with virtually any technique for deriving representations of packets, for brevity, the remaining discussion will use hash digests as exemplary representations of packets having passed through a participating router.
- Returning to the discussion of
FIG. 2 , if SR16 has not observed TP1, it may so inform SS1. But if SR16 has a hash matching TP1, it may send a response to SS1 indicating that the packet was observed by, or at, SR16. In addition, SR16 may forward QM1 toadjacent routers 1 hop away, InFIG. 2 , SR16 sends QM1 to SR14, SR15 and SR17. Then, SR14, 15 and 17 determine if they have seen TP1 and notify SS1 accordingly. In this fashion, the query message/reply process is forwarded to virtually all SRs within an AS on a hop-by-hop basis. - In
FIG. 2 , routers SR14, SR15 and SR17 are border routers for AS1, namely they are the routers that contain routing tables for routers outside AS1. If routers external to AS1 have not been configured to operate as SRs, then the query message/reply process stops at SR14-17; however, if the public network routers are configured to act as SRs then the query message/reply process may continue until the SR closest to the ingress point of TP1 is reached. When the SR closest to the ingress point is found, it can be instructed to disconnect the link used by the intruder or it can be instructed to drop packets originating from the intruder's Internet Protocol (IP) address on a particular link, or based on other identifying information. - Still referring to
FIG. 2 and the route taken by MP1, if the routers making up PN1 are not participating as SRs, then SR15 would be instructed to exclude TPs. SR15 excludes a TP, present at an input port, by preventing it from passing to an output port. In contrast, if the routers making up PN1 were participating as SRs then R6 could be instructed to exclude TPs present at its input port. - The process used to perform source path isolation in
FIG. 2 is referred to as an inward-out technique. After being triggered by an IDS, an inward-out technique begins its queries from a generally central portion of an AS. The inward-out technique then employs QMs that hop outward from the central portion of the AS toward the border routers comprised therein. -
FIG. 3 illustrates an autonomous system (AS), 300, employing border routers denoted generally as B connected to external networks EN1-EN7, other routers within 300 connected to the border routers generally denoted as A, and a source path isolation server denoted as SS. AS 300 may also include additional routers (not shown) located between SS and border routers B. An inward-out solution begins with SS at the center ofFIG. 3 and works outward one hop at a time until the border routers, B, are reached. ForFIG. 3 , the routers labeled A are queried on the first hop and the border routers, B, are queried on a second, or subsequent, hop. Since the locations of border routers are known within AS 300, an outward-in solution may also be employed. With an outward-in solution, SS first queries the border routers, B, and they in turn query the routers labeled A. As can be seen fromFIG. 3 , an outward-in solution gets progressively closer to the center ofAS 300. The disclosed technique can be used on networks containing virtually any number of participating routers. While inward-out and outward-in techniques have been herein described, the disclosed techniques are not limited to any particular types of solution or localization algorithms. Furthermore, SS may send queries to participating routers located virtually anywhere in the network so that many types of source path isolation techniques can be employed. Thus it can be seen that the disclosed technique is very scalable and flexible. - Further detail of the operation of a source path isolation server (SS) and a source path isolation router (SR) are provided hereinbelow.
-
FIG. 4 illustrates an exemplary method for accomplishing source path isolation. The method begins when SS1 receives TP1 from IDS1 operating within AS1 (step 402). - After receiving TP1, SS1 may generate QM1 comprising TP1 and any additional information desirable for facilitating communication with participating routers (SRs) (step 404). Examples of additional information that may be included in QM1 are, but are not limited to, destination addresses for participating routers, passwords required for querying a router, encryption keying information, time-to-live (TTL) fields, a hash digest of TP1, information for reconfiguring routers, and the like. SS1 may then send QM1 to SRs located at least one hop away (step 406). SR may then process QM1 by hashing TP1 contained therein and comparing the resulting value to hash values stored in local memory, where the stored hash values identify packets having previously passed through SR.
- After processing QM1, an SR may send a reply to SS1 (step 408). The response may indicate that a queried router has seen TP1, or alternatively, that it has not (step 410). It is important to observe that the two answers are not equal in their degree of certainty. If SR does not have a hash matching TP1, SR has definitively not seen TP1. However, if SR has a matching hash, then SR has seen TP1 or a packet that has the same hash as TP1. When two different packets, having different contents, hash to the same value it is referred to as a hash collision.
- If a queried SR has seen TP1, a reply and identification (ID) information for the respective SR is associated as active path data (step 414). Alternatively, if an SR has not seen TP1, the reply is associated as inactive path data (step 412). Replies received from queried SRs are used to build a source path trace of possible paths taken by TP1 through the network using known methods (step 416). SS1 may then attempt to identify the ingress point for TP1 (step 418). If SS1 is unable to determine the ingress point of TP1, subsequent responses from participating routers located an additional hop away are processed by executing steps 408-418 again (step 424).
- Examples of source path tracing techniques that may be employed with embodiments disclosed herein are, but are not limited to, a breadth-first search or a depth-first search. In a breadth-first search, all SRs in an area are queried to determine which SRs may have observed a target packet. Then, one or more graphs, containing nodes, are generated from the responses received by SS1. Where the nodes indicate locations that TP1 may have passed. Any graphs containing a node where TP1 was observed are associated as active, or candidate, paths, i.e. paths that TP1 may have traversed. With a depth-first search, only SRs adjacent to a location where TP1 was observed are queried. SRs issuing a positive reply are treated as starting points for candidate graphs because they have observed TP1. Next, all SRs adjacent to those that responded with a positive reply are queried. The process of moving the query/response process out one hop at a time is referred to as a round. This process is repeated until all participating routers have been queried or all SRs in a round respond with a negative reply indicating that they have not observed TP1. When a negative reply is received, it is associated as inactive path data.
- When SS1 has determined an ingress point for TP1, it may send a message to IDS1 indicating that a solution has been found (step 420). Often it will be desirable to have the participating router closest to the ingress point close off the ingress path used by TP1. As such, SS1 may send a message to the respective participating router instructing it to close off the ingress path using known techniques (step 422). SS1 may also archive path solutions, data sent, data received, and the like either locally or remotely. Furthermore, SS1 may communicate information about source path isolation attempts to devices at remote locations coupled to a network. For example, SS1 may communicate information to a network operations center (NOC), a redundant source path isolation server, or to a data analysis facility for post processing.
- Here it is noted that as SS1 attempts to build a trace of the path taken by TP1, multiple paths may emerge as a result of hash collisions occurring in participating routers. When collisions occur, they act as false positives in the sense that SS1 interprets the collision as an indication that a desired TP1 has been observed. Fortunately the occurrences of hash collisions can be mitigated. One mechanism for reducing hash collisions is to compute large hash values over the packets since the chances of collisions rise as the number of bits comprising the hash value decreases. Another mechanism for reducing collisions is to control the density of the hash tables in the memories of participating routers. That is, rather than computing a single hash value and setting a single bit for an observed packet, a plurality of hash values are computed for each observed packet using several unique hash functions. This produces a corresponding number of unique hash values for each observed packet. While this approach fills the router's hash table at a faster rate, the reduction in the number of hash collisions makes the tradeoff worthwhile in many instances.
-
FIG. 5 illustrates anexemplary data structure 500 stored in a database (not shown) in a memory on a source path isolation server.Data structure 500 stores information used in conjunction with performing source path isolation of a target packet. WhileFIG. 5 illustrates one data structure, it will be obvious to those skilled in the relevant arts that a plurality of data structures may be employed and that the data structures may include additional parameters and take on different forms from those of the exemplary data structure discussed herein. -
Data structure 500 is comprised of a record R(1) containing attributes, or parameters, having data associated therewith. In the upper left portion ofFIG. 5 are three parameters associated with the entire record R(1), namely a target packet attribute, shown as Target ID, a time attribute, shown as Time, and a source attribute, shown as Source. These attributes together serve as a handle for R(1) to facilitate storage into, and recall from, a machine-readable memory (not shown). Here Target ID is associated with unique information associated with a particular target packet (TP) received from a detection device such as an IDS or firewall. Time may be used to identify either the time at which TP was received at an SS, the time that TP was received at a detection device, or the time that R(1) was opened. Source may be used to identify the link that TP was detected on by the detection device, or alternatively, source may be used to uniquely identify the detection device that forwarded TP to SS. - Within 500 are exemplary column headings indicating still other attributes that may be used to facilitate source path isolation of TP. For example, a network component identification attribute, shown as node ID, may be used to identify particular nodes, such as routers, switches, bridges, or the like, within a network that have been queried by SS. Link may be used to identify the particular link on which TP was observed. A reply packet attribute, shown as Node Response, may be used to indicate if a queried node has observed TP. Node time may indicate the time, preferably using some common reference, at which a respective node observed TP. Time is useful for assessing how long TP has been in the network and for performing comparisons with fields such as time-to-live (TTL). The attribute Transformed is used to track variants of TP in the event it has undergone a transformation. If TP has been transformed, it may he useful to have multiple entries associated the respective TP. For example in
FIG. 5 ,node 04 has two entries for tracing an untransformed and a transformed version of TP. Status may be used to monitor network links associated with queried nodes. For example, a status of “ON” may indicate that a link is still active, i.e. carrying data traffic, while a status of “OFF” may indicate that a link has been disabled to exclude data traffic. -
FIG. 5 illustrates one exemplary embodiment of a data structure that may be used for facilitating source path isolation; however, variations of the data structure format and number of records may be readily employed without departing from the spirit of the invention. For example, the terms “YES/NO” and “ON/OFF” used in conjunction with node response, transformed, and status may be desirable when conveying information to an operator; however, flags such as 1 or 0 may also be used to indicate the status of various attributes. In addition, a plurality of records may be generated when performing source path isolation. Additionally, other column entries may be used in conjunction with, or in place of, those shown inFIG. 5 . For example, it may be desirable to associate the hash value, or alternatively, the contents of TP with each record. It may also be desirable to have a record associated with each target packet encountered or, alternatively, with each detection device employed within a network. And, it may be desirable to have still other data structures or records associated with source path solutions that have been generated in response to detected TPs. -
FIG. 6 illustrates asystem 620 comprising a general-purpose computer that can be configured to practice disclosed embodiments.System 620 executes machine-readable code to perform the methods heretofore disclosed and includes aprocessor 602,main memory 604, read only memory (ROM) 606,storage device 608,bus 610,display 612,keyboard 614,cursor control 616, andcommunication interface 618. -
Processor 602 may be any type of conventional processing device that interprets and executes instructions.Main memory 604 may be a random access memory (RAM) or a similar dynamic storage device.Main memory 604 stores information and instructions to be executed byprocessor 602.Main memory 604 may also be used for storing temporary variables or other intermediate information during execution of instructions byprocessor 602.ROM 606 stores static information and instructions forprocessor 602. It will be appreciated thatROM 606 may be replaced with some other type of static storage device.Storage device 608, also referred to as data storage device, may include any type of magnetic or optical media and their corresponding interfaces and operational hardware.Storage device 608 stores information and instructions for use byprocessor 602.Bus 610 includes a set of hardware lines (conductors, optical fibers, or the like) that allow for data transfer among the components ofsystem 620. -
Display device 612 may be a cathode ray tube (CRT), liquid crystal display (LCD) or the like, for displaying information in an operator or machine-readable form.Keyboard 614 andcursor control 616 allow the operator to interact withsystem 620.Cursor control 616 may be, for example, a mouse. In an alternative configuration,keyboard 614 andcursor control 616 can be replaced with a microphone and voice recognition means to enable an operator or machine to interact withsystem 620. -
Communication interface 618 enablessystem 620 to communicate with other devices/systems via any communications medium. For example,communication interface 618 may be a modem, an Ethernet interface to a LAN, an interface to the Internet, a printer interface, etc. Alternatively,communication interface 618 can be any other interface that enables communication betweensystem 620 and other devices, systems or networks.Communication interface 618 can be used in lieu ofkeyboard 614 andcursor control 616 to facilitate operator or machine remote control and communication withsystem 620. - As will be described in detail below,
system 620 may provide SS1 operating within AS1 with the ability to perform source path isolation for a given TP. SS1 may receive MP1 from IDS1 and generate QM1 in response toprocessor 602 executing sequences of instructions contained in, for example,memory 604. Such instructions may be read intomemory 604 from another computer-readable medium, such asstorage device 608, or from another device coupled tobus 610 or coupled viacommunication interface 618. Execution of sequences of instructions contained inmemory 604 causesprocessor 602 to perform the method described in conjunction withFIG. 4 . For example,processor 602 may execute instructions to perform the functions of receiving a target packet (step 402), receiving replies from queried routers (step 408), and building a trace of the path traveled by TP (step 416). Alternatively, hard-wired circuitry may be used in place of or in combination with software instructions to implement the functions of SS1. Thus, the disclosed embodiments of SS1 are not limited to any specific combination of hardware circuitry and software. For example, the functionality may be implemented in an application specific integrated circuit (ASIC), a field-programmable gate array (FPGA), or the like, either alone or in combination with other devices to provide desired functionality. - As can be seen, the disclosed embodiments provide the functionality necessary to facilitate source path isolation of malicious packets in a network. While the preceding disclosure is directed to an Internet Protocol (IP) network, disclosed embodiments can be used in conjunction with other network protocols such as frame relay, asynchronous transfer mode (ATM), synchronous optical network (SONET), and the like. In addition, disclosed embodiments may be adapted to operate within different layers of a network such as the data link layer, network layer, transport layer or the like. Furthermore, the disclosed embodiments are not limited to particular network topologies or architectures.
- Furthermore the disclosed methods for implementing a source path isolation server (SS) are not limited to a single programming language or hardware architecture. For example, software for performing the functions of SS may be implemented in a high level programming language such as C, C++, LISP, or the like. Alternatively, software may be implemented in a lower level language such as assembly language, or a device specific language, where requirements such as speed must be met. Furthermore, SS may be configured to communicate with, and make information available to, other devices operatively connected to a network using known programming languages and techniques. For example, it may be desirable to have SS make source path isolation solutions available to an operator responsible for monitoring network security. In addition, SS can be implemented in a distributed fashion either by employing multiple processors or by having various components physically separated and coupled by a communication means such as a distributed bus, network, or the like. Also, it may be desirable to have SS communicate with one or more SRs over a dedicated network instead of using the network carrying data traffic among the SRs. For example, using a dedicated network may provide additional security, reliable bandwidth, or communication redundancy in the event that one or more links to an SR is disabled.
- Query messages (QMs) and replies are not limited, to a single network protocol or packet type. In many instances, it will be desirable to have QMs and replies transported using readily known protocols; however, customized protocols and message types can be used. For example, it may be desirable to employ a smart packet for sending QMs to participating routers. A smart packet is one that may contain a standard message, such as the data from a target packet, along with machine-readable instructions for instructing a receiving device, such as an SR, to modify its operation in response to the contents of the executable instructions contained therein. Smart packets facilitate rapid responses to network intrusions by allowing an SR to modify operation soon after receiving a QM from as SS, or a forwarded QM from a participating router.
- Furthermore, the disclosed methods can operate on encapsulated data such as would be encountered if network data were encrypted, converted from one network protocol to another, or a packet was split for transmission over more than one link. As can be seen, many variations of the disclosed embodiments are possible without departing from the spirit of the invention.
- Therefore, the present embodiments are to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes within the meaning and range of equivalency of the claims are therefore intended to be embraced therein.
Claims (19)
1. A system for determining a point of entry of a malicious packet into a network using a representation of the malicious packet, the system comprising:
an intrusion detection system for detecting the malicious packet in the network; and
an isolation server responsive to operation of the intrusion detection system, for isolating the malicious packet;
wherein the system is operable such that the point of entry of the malicious packet is determined.
2. The system of claim 1 and wherein the isolation server further comprises: computer code for generating a message containing identification information about the malicious packet.
3. The system of claim 2 and wherein the isolation server further comprises: computer code for forwarding the message to certain of a plurality of routers displaced one hop away from the server.
4. The system of claim 3 and wherein the certain of the plurality of routers comprises:
computer code for generating a hash value of the identification information;
computer code for establishing a bit map of hash values representative of those of packets which are transmitted through the certain of the plurality of routers; and
computer code for comparing the hash value against the hash values.
5. A computer program product embodied on a computer readable medium for determining whether a target packet has been encountered in a network, comprising:
computer code for sending a message identifying the target packet to at least one network component;
computer code for receiving a reply containing information associated with the target packet from the at least one network component; and
computer code for processing the reply to extract the information; and
computer code for using the information, wherein the computer program product is operable such that it is determined whether the target packet has been encountered in the network.
6. The computer program product of claim 5 and wherein a detection device is incorporated into a server including at least a portion of the computer code.
7. The computer program product of claim 5 and wherein the network further includes a host, the host including capability for placing packets onto the network.
8. The computer program product of claim 5 and wherein the computer code for sending operates to include the target packet into the message.
9. The computer program product of claim 5 and wherein the message comprises a representation of the target packet.
10. The computer program product of claim 9 and wherein the representation is a hash of at least a portion of the target packet.
11. The computer program product of claim 5 and wherein the at least one network component is located one hop away from a server.
12. The computer program product of claim 5 and wherein the at least one network component is located more than one hop away from a server.
13. The computer program product of claim 5 and wherein a first component of the at least one network component forwards the reply to another of the at least one network component.
14. The computer program product of claim 13 and wherein the first component is a router.
15. The computer program product of claim 5 and wherein the information is hash information derived from hashing at least a portion of the message to obtain a query hash value.
16. The computer program product of claim 5 and wherein the computer code for determining is accomplished using a source path isolation technique.
17. The computer program product of claim 16 and wherein the source path isolation technique includes a breadth-first search.
18. The computer program product of claim 16 and wherein the source path isolation technique includes a depth-first search.
19. A method for determining whether a target packet has been encountered in a network, comprising:
sending a message identifying the target packet to at least one network component;
receiving a reply containing information associated with the target packet from the at least one network component; and
processing the reply to extract the information; and
using the information, wherein it is determined whether the target packet has been encountered in the network.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US12/762,366 US20100205670A1 (en) | 2000-06-19 | 2010-04-18 | Method and apparatus for tracing packets |
Applications Claiming Priority (9)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US21242500P | 2000-06-19 | 2000-06-19 | |
US88114501A | 2001-06-14 | 2001-06-14 | |
US09/881,074 US6981158B1 (en) | 2000-06-19 | 2001-06-14 | Method and apparatus for tracing packets |
US34146201P | 2001-12-14 | 2001-12-14 | |
US40797502P | 2002-09-05 | 2002-09-05 | |
US10/251,403 US7328349B2 (en) | 2001-12-14 | 2002-09-20 | Hash-based systems and methods for detecting, preventing, and tracing network worms and viruses |
US10/654,771 US20040073617A1 (en) | 2000-06-19 | 2003-09-04 | Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail |
US12/249,804 US20090313339A1 (en) | 2000-06-19 | 2008-10-10 | Method and apparatus for tracing packets |
US12/762,366 US20100205670A1 (en) | 2000-06-19 | 2010-04-18 | Method and apparatus for tracing packets |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US12/249,804 Continuation US20090313339A1 (en) | 2000-06-19 | 2008-10-10 | Method and apparatus for tracing packets |
Publications (1)
Publication Number | Publication Date |
---|---|
US20100205670A1 true US20100205670A1 (en) | 2010-08-12 |
Family
ID=46204947
Family Applications (13)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/654,771 Abandoned US20040073617A1 (en) | 2000-06-19 | 2003-09-04 | Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail |
US12/243,785 Abandoned US20090031129A1 (en) | 2000-06-19 | 2008-10-01 | Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail |
US12/243,778 Abandoned US20090031136A1 (en) | 2000-06-19 | 2008-10-01 | Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail |
US12/248,790 Expired - Fee Related US8204945B2 (en) | 2000-06-19 | 2008-10-09 | Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail |
US12/249,803 Abandoned US20090158435A1 (en) | 2000-06-19 | 2008-10-10 | Hash-based systems and methods for detecting, preventing, and tracing network worms and viruses |
US12/249,832 Abandoned US20090182867A1 (en) | 2000-06-19 | 2008-10-10 | Method and apparatus for identifying a packet |
US12/249,823 Abandoned US20090158046A1 (en) | 2000-06-19 | 2008-10-10 | Hash-based systems and methods for detecting and preventing transmission of polymorphic network worms and viruses |
US12/249,804 Abandoned US20090313339A1 (en) | 2000-06-19 | 2008-10-10 | Method and apparatus for tracing packets |
US12/762,366 Abandoned US20100205670A1 (en) | 2000-06-19 | 2010-04-18 | Method and apparatus for tracing packets |
US12/762,365 Abandoned US20100205672A1 (en) | 2000-06-19 | 2010-04-18 | Hash-based systems and methods for detecting, preventing, and tracing network worms and viruses |
US12/762,367 Expired - Fee Related US8272060B2 (en) | 2000-06-19 | 2010-04-18 | Hash-based systems and methods for detecting and preventing transmission of polymorphic network worms and viruses |
US12/762,368 Abandoned US20100205265A1 (en) | 2000-06-19 | 2010-04-19 | Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail |
US13/620,692 Abandoned US20130014261A1 (en) | 2000-06-19 | 2012-09-14 | Hash-based systems and methods for detecting and preventing transmission of polymorphic network worms and viruses |
Family Applications Before (8)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/654,771 Abandoned US20040073617A1 (en) | 2000-06-19 | 2003-09-04 | Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail |
US12/243,785 Abandoned US20090031129A1 (en) | 2000-06-19 | 2008-10-01 | Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail |
US12/243,778 Abandoned US20090031136A1 (en) | 2000-06-19 | 2008-10-01 | Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail |
US12/248,790 Expired - Fee Related US8204945B2 (en) | 2000-06-19 | 2008-10-09 | Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail |
US12/249,803 Abandoned US20090158435A1 (en) | 2000-06-19 | 2008-10-10 | Hash-based systems and methods for detecting, preventing, and tracing network worms and viruses |
US12/249,832 Abandoned US20090182867A1 (en) | 2000-06-19 | 2008-10-10 | Method and apparatus for identifying a packet |
US12/249,823 Abandoned US20090158046A1 (en) | 2000-06-19 | 2008-10-10 | Hash-based systems and methods for detecting and preventing transmission of polymorphic network worms and viruses |
US12/249,804 Abandoned US20090313339A1 (en) | 2000-06-19 | 2008-10-10 | Method and apparatus for tracing packets |
Family Applications After (4)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US12/762,365 Abandoned US20100205672A1 (en) | 2000-06-19 | 2010-04-18 | Hash-based systems and methods for detecting, preventing, and tracing network worms and viruses |
US12/762,367 Expired - Fee Related US8272060B2 (en) | 2000-06-19 | 2010-04-18 | Hash-based systems and methods for detecting and preventing transmission of polymorphic network worms and viruses |
US12/762,368 Abandoned US20100205265A1 (en) | 2000-06-19 | 2010-04-19 | Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail |
US13/620,692 Abandoned US20130014261A1 (en) | 2000-06-19 | 2012-09-14 | Hash-based systems and methods for detecting and preventing transmission of polymorphic network worms and viruses |
Country Status (1)
Country | Link |
---|---|
US (13) | US20040073617A1 (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9853885B1 (en) | 2014-03-18 | 2017-12-26 | Amazon Technologies, Inc. | Using packet duplication in a packet-switched network to increase reliability |
US9871720B1 (en) * | 2014-03-18 | 2018-01-16 | Amazon Technologies, Inc. | Using packet duplication with encapsulation in a packet-switched network to increase reliability |
US10721267B1 (en) * | 2014-07-18 | 2020-07-21 | NortonLifeLock Inc. | Systems and methods for detecting system attacks |
Families Citing this family (371)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6628194B1 (en) * | 1999-08-31 | 2003-09-30 | At&T Wireless Services, Inc. | Filtered in-box for voice mail, e-mail, pages, web-based information, and faxes |
EP1085396A1 (en) | 1999-09-17 | 2001-03-21 | Hewlett-Packard Company | Operation of trusted state in computing platform |
US7032023B1 (en) | 2000-05-16 | 2006-04-18 | America Online, Inc. | Throttling electronic communications from one or more senders |
GB0020441D0 (en) | 2000-08-18 | 2000-10-04 | Hewlett Packard Co | Performance of a service on a computing platform |
GB2376763B (en) * | 2001-06-19 | 2004-12-15 | Hewlett Packard Co | Demonstrating integrity of a compartment of a compartmented operating system |
GB0102516D0 (en) * | 2001-01-31 | 2001-03-21 | Hewlett Packard Co | Trusted gateway system |
CN101030275B (en) * | 2001-02-12 | 2013-11-06 | Emc公司 | System and method of indexing unique electronic mail messages and uses for the same |
GB2372345A (en) * | 2001-02-17 | 2002-08-21 | Hewlett Packard Co | Secure email handling using a compartmented operating system |
GB2372595A (en) * | 2001-02-23 | 2002-08-28 | Hewlett Packard Co | Method of and apparatus for ascertaining the status of a data processing environment. |
GB2372592B (en) | 2001-02-23 | 2005-03-30 | Hewlett Packard Co | Information system |
GB2376765B (en) | 2001-06-19 | 2004-12-29 | Hewlett Packard Co | Multiple trusted computing environments with verifiable environment identities |
GB2376761A (en) * | 2001-06-19 | 2002-12-24 | Hewlett Packard Co | An arrangement in which a process is run on a host operating system but may be switched to a guest system if it poses a security risk |
US8056131B2 (en) * | 2001-06-21 | 2011-11-08 | Cybersoft, Inc. | Apparatus, methods and articles of manufacture for intercepting, examining and controlling code, data and files and their transfer |
US7673342B2 (en) * | 2001-07-26 | 2010-03-02 | Mcafee, Inc. | Detecting e-mail propagated malware |
US7487544B2 (en) * | 2001-07-30 | 2009-02-03 | The Trustees Of Columbia University In The City Of New York | System and methods for detection of new malicious executables |
US20030079140A1 (en) * | 2001-10-24 | 2003-04-24 | Yosuke Ura | Multiple protecting system to protect personal computer data from burglary utilized flash memory drive |
US20030084323A1 (en) * | 2001-10-31 | 2003-05-01 | Gales George S. | Network intrusion detection system and method |
EP1315066A1 (en) * | 2001-11-21 | 2003-05-28 | BRITISH TELECOMMUNICATIONS public limited company | Computer security system |
GB2382419B (en) * | 2001-11-22 | 2005-12-14 | Hewlett Packard Co | Apparatus and method for creating a trusted environment |
US7155608B1 (en) * | 2001-12-05 | 2006-12-26 | Bellsouth Intellectual Property Corp. | Foreign network SPAM blocker |
US7194464B2 (en) | 2001-12-07 | 2007-03-20 | Websense, Inc. | System and method for adapting an internet filter |
US8046832B2 (en) * | 2002-06-26 | 2011-10-25 | Microsoft Corporation | Spam detector with challenges |
DE60322575D1 (en) * | 2002-12-03 | 2008-09-11 | Research In Motion Ltd | PROCEDURE, SYSTEM AND COMPUTER SOFTWARE PRODUCT FOR PREFERRED FOLDER FOR ONE MESSAGE |
US20040111531A1 (en) * | 2002-12-06 | 2004-06-10 | Stuart Staniford | Method and system for reducing the rate of infection of a communications network by a software worm |
US7219131B2 (en) * | 2003-01-16 | 2007-05-15 | Ironport Systems, Inc. | Electronic message delivery using an alternate source approach |
US7461263B2 (en) | 2003-01-23 | 2008-12-02 | Unspam, Llc. | Method and apparatus for a non-revealing do-not-contact list system |
US7249162B2 (en) * | 2003-02-25 | 2007-07-24 | Microsoft Corporation | Adaptive junk message filtering system |
US7219148B2 (en) | 2003-03-03 | 2007-05-15 | Microsoft Corporation | Feedback loop for spam prevention |
US7543053B2 (en) * | 2003-03-03 | 2009-06-02 | Microsoft Corporation | Intelligent quarantining for spam prevention |
US7676546B2 (en) * | 2003-03-25 | 2010-03-09 | Verisign, Inc. | Control and management of electronic messaging |
US20040193691A1 (en) * | 2003-03-31 | 2004-09-30 | Chang William I. | System and method for providing an open eMail directory |
US8606860B2 (en) * | 2003-03-31 | 2013-12-10 | Affini, Inc. | System and method for providing filtering email messages |
US7680886B1 (en) | 2003-04-09 | 2010-03-16 | Symantec Corporation | Suppressing spam using a machine learning based spam filter |
US7650382B1 (en) | 2003-04-24 | 2010-01-19 | Symantec Corporation | Detecting spam e-mail with backup e-mail server traps |
US7366919B1 (en) | 2003-04-25 | 2008-04-29 | Symantec Corporation | Use of geo-location data for spam detection |
US7739494B1 (en) | 2003-04-25 | 2010-06-15 | Symantec Corporation | SSL validation and stripping using trustworthiness factors |
US7640590B1 (en) | 2004-12-21 | 2009-12-29 | Symantec Corporation | Presentation of network source and executable characteristics |
US7483947B2 (en) * | 2003-05-02 | 2009-01-27 | Microsoft Corporation | Message rendering for identification of content features |
US7831667B2 (en) * | 2003-05-15 | 2010-11-09 | Symantec Corporation | Method and apparatus for filtering email spam using email noise reduction |
US7293063B1 (en) | 2003-06-04 | 2007-11-06 | Symantec Corporation | System utilizing updated spam signatures for performing secondary signature-based analysis of a held e-mail to improve spam email detection |
US7272853B2 (en) * | 2003-06-04 | 2007-09-18 | Microsoft Corporation | Origination/destination features and lists for spam prevention |
US7287060B1 (en) * | 2003-06-12 | 2007-10-23 | Storage Technology Corporation | System and method for rating unsolicited e-mail |
US8145710B2 (en) | 2003-06-18 | 2012-03-27 | Symantec Corporation | System and method for filtering spam messages utilizing URL filtering module |
US7711779B2 (en) * | 2003-06-20 | 2010-05-04 | Microsoft Corporation | Prevention of outgoing spam |
US7519668B2 (en) * | 2003-06-20 | 2009-04-14 | Microsoft Corporation | Obfuscation of spam filter |
US8533270B2 (en) * | 2003-06-23 | 2013-09-10 | Microsoft Corporation | Advanced spam detection techniques |
US7155484B2 (en) | 2003-06-30 | 2006-12-26 | Bellsouth Intellectual Property Corporation | Filtering email messages corresponding to undesirable geographical regions |
US7814545B2 (en) | 2003-07-22 | 2010-10-12 | Sonicwall, Inc. | Message classification using classifiers |
US8112483B1 (en) * | 2003-08-08 | 2012-02-07 | Emigh Aaron T | Enhanced challenge-response |
US7503070B1 (en) * | 2003-09-19 | 2009-03-10 | Marshall Van Alstyne | Methods and systems for enabling analysis of communication content while preserving confidentiality |
US7203964B1 (en) * | 2003-10-07 | 2007-04-10 | Elmer V. Pass | Method of stopping internet viruses |
US7610341B2 (en) * | 2003-10-14 | 2009-10-27 | At&T Intellectual Property I, L.P. | Filtered email differentiation |
US7921159B1 (en) | 2003-10-14 | 2011-04-05 | Symantec Corporation | Countering spam that uses disguised characters |
US7664812B2 (en) * | 2003-10-14 | 2010-02-16 | At&T Intellectual Property I, L.P. | Phonetic filtering of undesired email messages |
US7930351B2 (en) * | 2003-10-14 | 2011-04-19 | At&T Intellectual Property I, L.P. | Identifying undesired email messages having attachments |
US20050080642A1 (en) * | 2003-10-14 | 2005-04-14 | Daniell W. Todd | Consolidated email filtering user interface |
US7451184B2 (en) * | 2003-10-14 | 2008-11-11 | At&T Intellectual Property I, L.P. | Child protection from harmful email |
US7548956B1 (en) * | 2003-12-30 | 2009-06-16 | Aol Llc | Spam control based on sender account characteristics |
US20050154601A1 (en) * | 2004-01-09 | 2005-07-14 | Halpern Joshua I. | Information security threat identification, analysis, and management |
JP4297345B2 (en) * | 2004-01-14 | 2009-07-15 | Kddi株式会社 | Mass mail detection method and mail server |
US8301702B2 (en) * | 2004-01-20 | 2012-10-30 | Cloudmark, Inc. | Method and an apparatus to screen electronic communications |
CA2457478A1 (en) * | 2004-02-12 | 2005-08-12 | Opersys Inc. | System and method for warranting electronic mail using a hybrid public key encryption scheme |
US7653695B2 (en) | 2004-02-17 | 2010-01-26 | Ironport Systems, Inc. | Collecting, aggregating, and managing information relating to electronic messages |
US8214438B2 (en) * | 2004-03-01 | 2012-07-03 | Microsoft Corporation | (More) advanced spam detection features |
US7644127B2 (en) * | 2004-03-09 | 2010-01-05 | Gozoom.Com, Inc. | Email analysis using fuzzy matching of text |
US20050204006A1 (en) * | 2004-03-12 | 2005-09-15 | Purcell Sean E. | Message junk rating interface |
US20050204005A1 (en) * | 2004-03-12 | 2005-09-15 | Purcell Sean E. | Selective treatment of messages based on junk rating |
US7966658B2 (en) * | 2004-04-08 | 2011-06-21 | The Regents Of The University Of California | Detecting public network attacks using signatures and fast content analysis |
US8171549B2 (en) * | 2004-04-26 | 2012-05-01 | Cybersoft, Inc. | Apparatus, methods and articles of manufacture for intercepting, examining and controlling code, data, files and their transfer |
US7941490B1 (en) * | 2004-05-11 | 2011-05-10 | Symantec Corporation | Method and apparatus for detecting spam in email messages and email attachments |
US7912905B2 (en) * | 2004-05-18 | 2011-03-22 | Computer Associates Think, Inc. | System and method for filtering network messages |
US7756930B2 (en) * | 2004-05-28 | 2010-07-13 | Ironport Systems, Inc. | Techniques for determining the reputation of a message sender |
US20060101680A1 (en) * | 2004-05-28 | 2006-05-18 | Smith Michael J | Container contents identifier |
US7870200B2 (en) * | 2004-05-29 | 2011-01-11 | Ironport Systems, Inc. | Monitoring the flow of messages received at a server |
US7849142B2 (en) * | 2004-05-29 | 2010-12-07 | Ironport Systems, Inc. | Managing connections, messages, and directory harvest attacks at a server |
US8166310B2 (en) | 2004-05-29 | 2012-04-24 | Ironport Systems, Inc. | Method and apparatus for providing temporary access to a network device |
US7917588B2 (en) * | 2004-05-29 | 2011-03-29 | Ironport Systems, Inc. | Managing delivery of electronic messages using bounce profiles |
US7873695B2 (en) * | 2004-05-29 | 2011-01-18 | Ironport Systems, Inc. | Managing connections and messages at a server by associating different actions for both different senders and different recipients |
US7941491B2 (en) * | 2004-06-04 | 2011-05-10 | Messagemind, Inc. | System and method for dynamic adaptive user-based prioritization and display of electronic messages |
US7748038B2 (en) * | 2004-06-16 | 2010-06-29 | Ironport Systems, Inc. | Method and apparatus for managing computer virus outbreaks |
US7565445B2 (en) | 2004-06-18 | 2009-07-21 | Fortinet, Inc. | Systems and methods for categorizing network traffic content |
US7664819B2 (en) | 2004-06-29 | 2010-02-16 | Microsoft Corporation | Incremental anti-spam lookup and update service |
GB2415854B (en) * | 2004-07-01 | 2006-12-27 | Ericsson Telefon Ab L M | Email spam reduction method |
US7343624B1 (en) * | 2004-07-13 | 2008-03-11 | Sonicwall, Inc. | Managing infectious messages as identified by an attachment |
US9154511B1 (en) | 2004-07-13 | 2015-10-06 | Dell Software Inc. | Time zero detection of infectious messages |
US7904517B2 (en) * | 2004-08-09 | 2011-03-08 | Microsoft Corporation | Challenge response systems |
US20060036695A1 (en) * | 2004-08-12 | 2006-02-16 | Rolnik Robert C | Timed delivery of alert notifications based on user set criteria |
US7660865B2 (en) * | 2004-08-12 | 2010-02-09 | Microsoft Corporation | Spam filtering with probabilistic secure hashes |
FR2875317A1 (en) * | 2004-09-10 | 2006-03-17 | France Telecom | METHOD FOR MONITORING ELECTRONIC COURIERES ISSUED AND / OR RECEIVED BY A CLIENT OF AN INTERNET ACCESS PROVIDER WITHIN A TELECOMMUNICATION NETWORK |
US7490244B1 (en) | 2004-09-14 | 2009-02-10 | Symantec Corporation | Blocking e-mail propagation of suspected malicious computer code |
US7555524B1 (en) | 2004-09-16 | 2009-06-30 | Symantec Corporation | Bulk electronic message detection by header similarity analysis |
US7630381B1 (en) * | 2004-09-27 | 2009-12-08 | Radix Holdings, Llc | Distributed patch distribution |
US8056128B1 (en) | 2004-09-30 | 2011-11-08 | Google Inc. | Systems and methods for detecting potential communications fraud |
US8495144B1 (en) * | 2004-10-06 | 2013-07-23 | Trend Micro Incorporated | Techniques for identifying spam e-mail |
US7197539B1 (en) | 2004-11-01 | 2007-03-27 | Symantec Corporation | Automated disablement of disposable e-mail addresses based on user actions |
US7546349B1 (en) | 2004-11-01 | 2009-06-09 | Symantec Corporation | Automatic generation of disposable e-mail addresses |
FR2877528B1 (en) * | 2004-11-02 | 2007-02-02 | Bruno Decarpigny | SYSTEM AND METHOD FOR SENDING MESSAGES IN AN ELECTRONIC MESSAGING COMMUNICATION NETWORK, BASED ON THE USE OF A SENDING FILTER |
US7936682B2 (en) * | 2004-11-09 | 2011-05-03 | Cisco Technology, Inc. | Detecting malicious attacks using network behavior and header analysis |
US8010685B2 (en) * | 2004-11-09 | 2011-08-30 | Cisco Technology, Inc. | Method and apparatus for content classification |
US20060161989A1 (en) * | 2004-12-13 | 2006-07-20 | Eran Reshef | System and method for deterring rogue users from attacking protected legitimate users |
US7756933B2 (en) * | 2004-12-13 | 2010-07-13 | Collactive Ltd. | System and method for deterring rogue users from attacking protected legitimate users |
US20060212523A1 (en) * | 2005-03-21 | 2006-09-21 | International Business Machines Corporation | Policy based control of multiple message forwards |
WO2006100522A1 (en) | 2005-03-22 | 2006-09-28 | Hewlett-Packard Development Company, L.P. | Methods, devices and data structures for trusted data |
US7975010B1 (en) | 2005-03-23 | 2011-07-05 | Symantec Corporation | Countering spam through address comparison |
US20060227772A1 (en) * | 2005-03-30 | 2006-10-12 | Fujitsu Limited | Method and system for packet data communication between networks |
US8316446B1 (en) * | 2005-04-22 | 2012-11-20 | Blue Coat Systems, Inc. | Methods and apparatus for blocking unwanted software downloads |
JP4559295B2 (en) * | 2005-05-17 | 2010-10-06 | 株式会社エヌ・ティ・ティ・ドコモ | Data communication system and data communication method |
US7757288B1 (en) | 2005-05-23 | 2010-07-13 | Symantec Corporation | Malicious e-mail attack inversion filter |
US8161122B2 (en) * | 2005-06-03 | 2012-04-17 | Messagemind, Inc. | System and method of dynamically prioritized electronic mail graphical user interface, and measuring email productivity and collaboration trends |
US7873998B1 (en) * | 2005-07-19 | 2011-01-18 | Trustwave Holdings, Inc. | Rapidly propagating threat detection |
US7930353B2 (en) * | 2005-07-29 | 2011-04-19 | Microsoft Corporation | Trees of classifiers for detecting email spam |
US7856090B1 (en) | 2005-08-08 | 2010-12-21 | Symantec Corporation | Automatic spim detection |
US8201254B1 (en) | 2005-08-30 | 2012-06-12 | Symantec Corporation | Detection of e-mail threat acceleration |
US7617285B1 (en) | 2005-09-29 | 2009-11-10 | Symantec Corporation | Adaptive threshold based spam classification |
US20070118759A1 (en) * | 2005-10-07 | 2007-05-24 | Sheppard Scott K | Undesirable email determination |
US7912907B1 (en) | 2005-10-07 | 2011-03-22 | Symantec Corporation | Spam email detection based on n-grams with feature selection |
US8065370B2 (en) | 2005-11-03 | 2011-11-22 | Microsoft Corporation | Proofs to filter spam |
US8191105B2 (en) * | 2005-11-18 | 2012-05-29 | Research In Motion Limited | System and method for handling electronic messages |
US8413245B2 (en) * | 2005-12-16 | 2013-04-02 | Cisco Technology, Inc. | Methods and apparatus providing computer and network security for polymorphic attacks |
US7882560B2 (en) * | 2005-12-16 | 2011-02-01 | Cisco Technology, Inc. | Methods and apparatus providing computer and network security utilizing probabilistic policy reposturing |
US8495743B2 (en) * | 2005-12-16 | 2013-07-23 | Cisco Technology, Inc. | Methods and apparatus providing automatic signature generation and enforcement |
US9286469B2 (en) * | 2005-12-16 | 2016-03-15 | Cisco Technology, Inc. | Methods and apparatus providing computer and network security utilizing probabilistic signature generation |
US7810160B2 (en) * | 2005-12-28 | 2010-10-05 | Microsoft Corporation | Combining communication policies into common rules store |
US8495037B1 (en) * | 2006-02-21 | 2013-07-23 | Symantec Operating Corporation | Efficient isolation of backup versions of data objects affected by malicious software |
US7627641B2 (en) * | 2006-03-09 | 2009-12-01 | Watchguard Technologies, Inc. | Method and system for recognizing desired email |
MX2008012891A (en) * | 2006-04-06 | 2009-07-22 | Smobile Systems Inc | Malware detection system and method for limited access mobile platforms. |
US8028026B2 (en) * | 2006-05-31 | 2011-09-27 | Microsoft Corporation | Perimeter message filtering with extracted user-specific preferences |
US8332947B1 (en) | 2006-06-27 | 2012-12-11 | Symantec Corporation | Security threat reporting in light of local security tools |
US8020206B2 (en) | 2006-07-10 | 2011-09-13 | Websense, Inc. | System and method of analyzing web content |
US8615800B2 (en) | 2006-07-10 | 2013-12-24 | Websense, Inc. | System and method for analyzing web content |
US20080052284A1 (en) * | 2006-08-05 | 2008-02-28 | Terry Stokes | System and Method for the Capture and Archival of Electronic Communications |
US20080059588A1 (en) * | 2006-09-01 | 2008-03-06 | Ratliff Emily J | Method and System for Providing Notification of Nefarious Remote Control of a Data Processing System |
US20080059590A1 (en) * | 2006-09-05 | 2008-03-06 | Ecole Polytechnique Federale De Lausanne (Epfl) | Method to filter electronic messages in a message processing system |
US8856920B2 (en) * | 2006-09-18 | 2014-10-07 | Alcatel Lucent | System and method of securely processing lawfully intercepted network traffic |
US7788576B1 (en) * | 2006-10-04 | 2010-08-31 | Trend Micro Incorporated | Grouping of documents that contain markup language code |
SG10201501549XA (en) * | 2006-11-06 | 2015-04-29 | Metric Holdings Llc | A system and method for managing data across multiple environments |
KR100859664B1 (en) * | 2006-11-13 | 2008-09-23 | 삼성에스디에스 주식회사 | Method for detecting a virus pattern of email |
US9654495B2 (en) | 2006-12-01 | 2017-05-16 | Websense, Llc | System and method of analyzing web addresses |
US8224905B2 (en) | 2006-12-06 | 2012-07-17 | Microsoft Corporation | Spam filtration utilizing sender activity data |
JP2008146517A (en) * | 2006-12-13 | 2008-06-26 | Hitachi Ltd | System for distributing data and apparatus for maintaining index |
US9152706B1 (en) | 2006-12-30 | 2015-10-06 | Emc Corporation | Anonymous identification tokens |
US9497205B1 (en) * | 2008-05-19 | 2016-11-15 | Emc Corporation | Global commonality and network logging |
US8577680B2 (en) * | 2006-12-30 | 2013-11-05 | Emc Corporation | Monitoring and logging voice traffic on data network |
GB2458094A (en) | 2007-01-09 | 2009-09-09 | Surfcontrol On Demand Ltd | URL interception and categorization in firewalls |
US20130246378A1 (en) * | 2007-04-30 | 2013-09-19 | Stephen Owen Hearnden | Partial hash system, method, and computer program product |
US8423616B2 (en) * | 2007-05-03 | 2013-04-16 | Microsoft Corporation | Identifying and correlating electronic mail messages |
GB0709527D0 (en) | 2007-05-18 | 2007-06-27 | Surfcontrol Plc | Electronic messaging system, message processing apparatus and message processing method |
US20080313708A1 (en) * | 2007-06-12 | 2008-12-18 | Alcatel Lucent | Data content matching |
US20090077182A1 (en) * | 2007-09-17 | 2009-03-19 | Iconix, Inc | System and method for identifying email campaigns |
US20090083413A1 (en) * | 2007-09-24 | 2009-03-26 | Levow Zachary S | Distributed frequency data collection via DNS |
US7769485B2 (en) * | 2007-09-29 | 2010-08-03 | Pitney Bowes Inc. | Systems and methods for segregating undesired mail |
JP4444998B2 (en) * | 2007-10-12 | 2010-03-31 | 富士通株式会社 | E-mail information management program, e-mail information management apparatus, and e-mail information management method |
WO2009079264A1 (en) * | 2007-12-19 | 2009-06-25 | Casdex, Inc. | System and method for content-based email authentication |
US8316442B2 (en) * | 2008-01-15 | 2012-11-20 | Microsoft Corporation | Preventing secure data from leaving the network perimeter |
US8392511B2 (en) * | 2008-01-17 | 2013-03-05 | International Business Machines Corporation | Embedding a unique serial number into the content of an email for tracking information dispersion |
US8489610B2 (en) * | 2008-03-28 | 2013-07-16 | Nec Corporation | Method, system and program for information re-organization |
US8161188B2 (en) * | 2008-05-04 | 2012-04-17 | Check Point Software Technologies, Ltd | Devices and methods for providing network access control utilizing traffic-regulation hardware |
US9456054B2 (en) | 2008-05-16 | 2016-09-27 | Palo Alto Research Center Incorporated | Controlling the spread of interests and content in a content centric network |
US8214977B2 (en) * | 2008-05-21 | 2012-07-10 | Symantec Corporation | Centralized scanner database with optimal definition distribution using network queries |
US8732825B2 (en) * | 2008-05-28 | 2014-05-20 | Symantec Corporation | Intelligent hashes for centralized malware detection |
WO2009146536A1 (en) | 2008-06-02 | 2009-12-10 | Corporation De L'ecole Polytechnique De Montreal | File presence detection and monitoring |
US8806590B2 (en) * | 2008-06-22 | 2014-08-12 | Microsoft Corporation | Signed ephemeral email addresses |
EP2318955A1 (en) | 2008-06-30 | 2011-05-11 | Websense, Inc. | System and method for dynamic and real-time categorization of webpages |
US7530106B1 (en) * | 2008-07-02 | 2009-05-05 | Kaspersky Lab, Zao | System and method for security rating of computer processes |
US8180838B2 (en) * | 2008-08-29 | 2012-05-15 | Microsoft Corporation | Efficiently managing modular data storage systems |
US9177144B2 (en) * | 2008-10-30 | 2015-11-03 | Mcafee, Inc. | Structural recognition of malicious code patterns |
CN101415159B (en) * | 2008-12-02 | 2010-06-02 | 腾讯科技(深圳)有限公司 | Method and apparatus for intercepting junk mail |
US9461930B2 (en) | 2009-04-27 | 2016-10-04 | Intel Corporation | Modifying data streams without reordering in a multi-thread, multi-flow network processor |
US8515965B2 (en) * | 2010-05-18 | 2013-08-20 | Lsi Corporation | Concurrent linked-list traversal for real-time hash processing in multi-core, multi-thread network processors |
US9208475B2 (en) * | 2009-06-11 | 2015-12-08 | Hewlett-Packard Development Company, L.P. | Apparatus and method for email storage |
US20100325372A1 (en) * | 2009-06-17 | 2010-12-23 | Housty Oswin E | Parallel training of dynamic random access memory channel controllers |
EP2665002A3 (en) * | 2009-06-19 | 2014-04-02 | Blekko, Inc. | A method of counting unique items in a database system |
US8489685B2 (en) | 2009-07-17 | 2013-07-16 | Aryaka Networks, Inc. | Application acceleration as a service system and method |
US8874663B2 (en) * | 2009-08-28 | 2014-10-28 | Facebook, Inc. | Comparing similarity between documents for filtering unwanted documents |
CN102045305B (en) * | 2009-10-20 | 2015-06-10 | 中兴通讯股份有限公司 | Method and system for monitoring and tracking multimedia resource transmission |
US8923293B2 (en) | 2009-10-21 | 2014-12-30 | Palo Alto Research Center Incorporated | Adaptive multi-interface use for content networking |
US8463938B2 (en) * | 2009-10-23 | 2013-06-11 | Comcast Cable Communications, Llc | Address couplet communication filtering |
US8751808B2 (en) * | 2009-11-12 | 2014-06-10 | Roy Gelbard | Method and system for sharing trusted contact information |
US8683216B2 (en) * | 2010-07-13 | 2014-03-25 | F-Secure Corporation | Identifying polymorphic malware |
KR20120066465A (en) * | 2010-12-14 | 2012-06-22 | 한국전자통신연구원 | Method for blocking denial-of-service attack |
US9336380B2 (en) | 2010-12-15 | 2016-05-10 | Microsoft Technology Licensing Llc | Applying activity actions to frequent activities |
US9058492B1 (en) * | 2011-02-14 | 2015-06-16 | Symantec Corporation | Techniques for reducing executable code vulnerability |
US8458796B2 (en) * | 2011-03-08 | 2013-06-04 | Hewlett-Packard Development Company, L.P. | Methods and systems for full pattern matching in hardware |
US8462781B2 (en) | 2011-04-06 | 2013-06-11 | Anue Systems, Inc. | Systems and methods for in-line removal of duplicate network packets |
US8806647B1 (en) * | 2011-04-25 | 2014-08-12 | Twitter, Inc. | Behavioral scanning of mobile applications |
US9116879B2 (en) * | 2011-05-25 | 2015-08-25 | Microsoft Technology Licensing, Llc | Dynamic rule reordering for message classification |
US9224000B1 (en) * | 2011-06-14 | 2015-12-29 | Ionic Security, Inc. | Systems and methods for providing information security using context-based keys |
US8621630B2 (en) * | 2011-06-17 | 2013-12-31 | Microsoft Corporation | System, method and device for cloud-based content inspection for mobile devices |
US9553817B1 (en) * | 2011-07-14 | 2017-01-24 | Sprint Communications Company L.P. | Diverse transmission of packet content |
US9811664B1 (en) | 2011-08-15 | 2017-11-07 | Trend Micro Incorporated | Methods and systems for detecting unwanted web contents |
US8543543B2 (en) * | 2011-09-13 | 2013-09-24 | Microsoft Corporation | Hash-based file comparison |
US8700913B1 (en) | 2011-09-23 | 2014-04-15 | Trend Micro Incorporated | Detection of fake antivirus in computers |
US20130184878A1 (en) * | 2012-01-13 | 2013-07-18 | General Electric Company | Systems and Methods for Tracing Nodes in an Electrical Network |
US8954519B2 (en) | 2012-01-25 | 2015-02-10 | Bitdefender IPR Management Ltd. | Systems and methods for spam detection using character histograms |
US9130778B2 (en) * | 2012-01-25 | 2015-09-08 | Bitdefender IPR Management Ltd. | Systems and methods for spam detection using frequency spectra of character strings |
US9497149B2 (en) * | 2012-02-03 | 2016-11-15 | Richard Kramer | System and method for reducing unsolicited E-mails |
CN102664875B (en) * | 2012-03-31 | 2014-12-17 | 华中科技大学 | Malicious code type detection method based on cloud mode |
US8719356B2 (en) | 2012-04-17 | 2014-05-06 | Return Path, Inc | Methods, systems, and computer readable media for monitoring deliverability of electronic mail based on subscriber and seed deliverability data |
US8347391B1 (en) | 2012-05-23 | 2013-01-01 | TrustPipe LLC | System and method for detecting network activity of interest |
US20140007229A1 (en) * | 2012-06-29 | 2014-01-02 | Christopher T. Smith | System and method for identifying installed software products |
EP2693717B1 (en) | 2012-07-29 | 2015-05-06 | Verint Systems Limited | System and method of high volume rule engine related applications |
KR101336278B1 (en) | 2012-09-19 | 2013-12-03 | 충북대학교 산학협력단 | Light-weight hash algorithm for data security in wireless sensor networks |
US10346369B2 (en) * | 2012-10-11 | 2019-07-09 | Delphix Corp. | Retrieving point-in-time copies of a source database for creating virtual databases |
EP2720416A1 (en) * | 2012-10-12 | 2014-04-16 | Anam Technologies Limited | Method for user reporting of spam mobile messages and filter node |
US9241259B2 (en) | 2012-11-30 | 2016-01-19 | Websense, Inc. | Method and apparatus for managing the transfer of sensitive information to mobile devices |
US9202050B1 (en) * | 2012-12-14 | 2015-12-01 | Symantec Corporation | Systems and methods for detecting malicious files |
US9332028B2 (en) | 2013-01-25 | 2016-05-03 | REMTCS Inc. | System, method, and apparatus for providing network security |
US9525700B1 (en) | 2013-01-25 | 2016-12-20 | REMTCS Inc. | System and method for detecting malicious activity and harmful hardware/software modifications to a vehicle |
US8856324B2 (en) | 2013-01-28 | 2014-10-07 | TrustPipe LLC | System and method for detecting a compromised computing system |
US8935783B2 (en) | 2013-03-08 | 2015-01-13 | Bitdefender IPR Management Ltd. | Document classification using multiscale text fingerprints |
US8959595B2 (en) | 2013-03-15 | 2015-02-17 | Bullaproof, Inc. | Methods and systems for providing secure transactions |
US9792436B1 (en) * | 2013-04-29 | 2017-10-17 | Symantec Corporation | Techniques for remediating an infected file |
EP2811699B1 (en) * | 2013-06-06 | 2015-11-25 | Kaspersky Lab, ZAO | System and method for spam filtering using shingles |
RU2583713C2 (en) | 2013-06-06 | 2016-05-10 | Закрытое акционерное общество "Лаборатория Касперского" | System and method of eliminating shingles from insignificant parts of messages when filtering spam |
US9544256B2 (en) * | 2013-06-28 | 2017-01-10 | Td Ameritrade Ip Company, Inc. | Crowdsourcing e-mail filtering |
US9319425B2 (en) * | 2013-07-23 | 2016-04-19 | Crypteia Networks S.A. | Systems and methods for self-tuning network intrusion detection and prevention |
US10075460B2 (en) | 2013-10-16 | 2018-09-11 | REMTCS Inc. | Power grid universal detection and countermeasure overlay intelligence ultra-low latency hypervisor |
US10805251B2 (en) * | 2013-10-30 | 2020-10-13 | Mesh Labs Inc. | Method and system for filtering electronic communications |
US9392007B2 (en) | 2013-11-04 | 2016-07-12 | Crypteia Networks S.A. | System and method for identifying infected networks and systems from unknown attacks |
US10694029B1 (en) | 2013-11-07 | 2020-06-23 | Rightquestion, Llc | Validating automatic number identification data |
US10098051B2 (en) | 2014-01-22 | 2018-10-09 | Cisco Technology, Inc. | Gateways and routing in software-defined manets |
US9223971B1 (en) * | 2014-01-28 | 2015-12-29 | Exelis Inc. | User reporting and automatic threat processing of suspicious email |
US10469510B2 (en) * | 2014-01-31 | 2019-11-05 | Juniper Networks, Inc. | Intermediate responses for non-html downloads |
US9954678B2 (en) | 2014-02-06 | 2018-04-24 | Cisco Technology, Inc. | Content-based transport security |
US9264418B1 (en) * | 2014-02-20 | 2016-02-16 | Amazon Technologies, Inc. | Client-side spam detection and prevention |
US9836540B2 (en) | 2014-03-04 | 2017-12-05 | Cisco Technology, Inc. | System and method for direct storage access in a content-centric network |
US9473405B2 (en) * | 2014-03-10 | 2016-10-18 | Palo Alto Research Center Incorporated | Concurrent hashes and sub-hashes on data streams |
US9626413B2 (en) | 2014-03-10 | 2017-04-18 | Cisco Systems, Inc. | System and method for ranking content popularity in a content-centric network |
US9826395B2 (en) * | 2014-03-21 | 2017-11-21 | Telefonaktiebolaget Lm Ericsson (Publ) | Methods and devices for addressing device to device communications |
US10057850B2 (en) * | 2014-03-24 | 2018-08-21 | Acer Incorporated | Methods for deferring communications between a mobile communication device and a service network |
US9716622B2 (en) | 2014-04-01 | 2017-07-25 | Cisco Technology, Inc. | System and method for dynamic name configuration in content-centric networks |
US9473576B2 (en) | 2014-04-07 | 2016-10-18 | Palo Alto Research Center Incorporated | Service discovery using collection synchronization with exact names |
US20150295869A1 (en) * | 2014-04-14 | 2015-10-15 | Microsoft Corporation | Filtering Electronic Messages |
US10333877B2 (en) * | 2014-04-29 | 2019-06-25 | At&T Intellectual Property I, L.P. | Methods of generating signatures from groups of electronic messages and related methods and systems for identifying spam messages |
US9992281B2 (en) | 2014-05-01 | 2018-06-05 | Cisco Technology, Inc. | Accountable content stores for information centric networks |
US9928465B2 (en) | 2014-05-20 | 2018-03-27 | Oath Inc. | Machine learning and validation of account names, addresses, and/or identifiers |
US9609014B2 (en) | 2014-05-22 | 2017-03-28 | Cisco Systems, Inc. | Method and apparatus for preventing insertion of malicious content at a named data network router |
US9443108B1 (en) * | 2014-06-27 | 2016-09-13 | Amazon Technologies, Inc. | Secure timestamping |
US9699198B2 (en) | 2014-07-07 | 2017-07-04 | Cisco Technology, Inc. | System and method for parallel secure content bootstrapping in content-centric networks |
US9621354B2 (en) | 2014-07-17 | 2017-04-11 | Cisco Systems, Inc. | Reconstructable content objects |
US9729616B2 (en) | 2014-07-18 | 2017-08-08 | Cisco Technology, Inc. | Reputation-based strategy for forwarding and responding to interests over a content centric network |
US9590887B2 (en) | 2014-07-18 | 2017-03-07 | Cisco Systems, Inc. | Method and system for keeping interest alive in a content centric network |
US9882964B2 (en) | 2014-08-08 | 2018-01-30 | Cisco Technology, Inc. | Explicit strategy feedback in name-based forwarding |
US9729662B2 (en) | 2014-08-11 | 2017-08-08 | Cisco Technology, Inc. | Probabilistic lazy-forwarding technique without validation in a content centric network |
US9800637B2 (en) | 2014-08-19 | 2017-10-24 | Cisco Technology, Inc. | System and method for all-in-one content stream in content-centric networks |
US9363280B1 (en) * | 2014-08-22 | 2016-06-07 | Fireeye, Inc. | System and method of detecting delivery of malware using cross-customer data |
US9876806B2 (en) * | 2014-09-25 | 2018-01-23 | Mcafee, Llc | Behavioral detection of malware agents |
US10091174B2 (en) * | 2014-09-29 | 2018-10-02 | Dropbox, Inc. | Identifying related user accounts based on authentication data |
US10069933B2 (en) | 2014-10-23 | 2018-09-04 | Cisco Technology, Inc. | System and method for creating virtual interfaces based on network characteristics |
US9942182B2 (en) * | 2014-11-17 | 2018-04-10 | At&T Intellectual Property I, L.P. | System and method for cloud based IP mobile messaging spam detection and defense |
US9160680B1 (en) | 2014-11-18 | 2015-10-13 | Kaspersky Lab Zao | System and method for dynamic network resource categorization re-assignment |
US10044625B2 (en) | 2014-11-25 | 2018-08-07 | Keysight Technologies Singapore (Holdings) Pte Ltd | Hash level load balancing for deduplication of network packets |
US9590948B2 (en) | 2014-12-15 | 2017-03-07 | Cisco Systems, Inc. | CCN routing using hardware-assisted hash tables |
US10237189B2 (en) | 2014-12-16 | 2019-03-19 | Cisco Technology, Inc. | System and method for distance-based interest forwarding |
US10003520B2 (en) | 2014-12-22 | 2018-06-19 | Cisco Technology, Inc. | System and method for efficient name-based content routing using link-state information in information-centric networks |
US9660825B2 (en) | 2014-12-24 | 2017-05-23 | Cisco Technology, Inc. | System and method for multi-source multicasting in content-centric networks |
US9946743B2 (en) | 2015-01-12 | 2018-04-17 | Cisco Technology, Inc. | Order encoded manifests in a content centric network |
US9832291B2 (en) | 2015-01-12 | 2017-11-28 | Cisco Technology, Inc. | Auto-configurable transport stack |
US9916457B2 (en) | 2015-01-12 | 2018-03-13 | Cisco Technology, Inc. | Decoupled name security binding for CCN objects |
US9954795B2 (en) | 2015-01-12 | 2018-04-24 | Cisco Technology, Inc. | Resource allocation using CCN manifests |
US9614670B1 (en) | 2015-02-05 | 2017-04-04 | Ionic Security Inc. | Systems and methods for encryption and provision of information security using platform services |
US10333840B2 (en) | 2015-02-06 | 2019-06-25 | Cisco Technology, Inc. | System and method for on-demand content exchange with adaptive naming in information-centric networks |
US10075401B2 (en) | 2015-03-18 | 2018-09-11 | Cisco Technology, Inc. | Pending interest table behavior |
US9646159B2 (en) * | 2015-03-31 | 2017-05-09 | Juniper Networks, Inc. | Multi-file malware analysis |
US9641543B2 (en) * | 2015-04-22 | 2017-05-02 | Aktiebolaget AKF | Systems and methods for securing remote configuration |
US9781131B2 (en) * | 2015-04-22 | 2017-10-03 | Aktiebolaget Skf | Systems and methods for securing remote configuration |
CA2931455C (en) | 2015-05-27 | 2017-06-06 | OTC Systems Ltd. | System for analyzing email for compliance with rules |
US10075402B2 (en) | 2015-06-24 | 2018-09-11 | Cisco Technology, Inc. | Flexible command and control in content centric networks |
RU2629444C2 (en) | 2015-06-30 | 2017-08-29 | Общество С Ограниченной Ответственностью "Яндекс" | Method and server for determining spam activity in cloud system |
US10701038B2 (en) | 2015-07-27 | 2020-06-30 | Cisco Technology, Inc. | Content negotiation in a content centric network |
US9986034B2 (en) | 2015-08-03 | 2018-05-29 | Cisco Technology, Inc. | Transferring state in content centric network stacks |
CN105160268B (en) * | 2015-08-06 | 2018-06-01 | 武汉亚星电子技术有限责任公司 | Data tracking and monitoring system, intelligent router and its data tracking monitoring method |
US9832123B2 (en) | 2015-09-11 | 2017-11-28 | Cisco Technology, Inc. | Network named fragments in a content centric network |
US10355999B2 (en) | 2015-09-23 | 2019-07-16 | Cisco Technology, Inc. | Flow control with network named fragments |
US9977809B2 (en) | 2015-09-24 | 2018-05-22 | Cisco Technology, Inc. | Information and data framework in a content centric network |
US10313227B2 (en) | 2015-09-24 | 2019-06-04 | Cisco Technology, Inc. | System and method for eliminating undetected interest looping in information-centric networks |
US10454820B2 (en) | 2015-09-29 | 2019-10-22 | Cisco Technology, Inc. | System and method for stateless information-centric networking |
US10263965B2 (en) | 2015-10-16 | 2019-04-16 | Cisco Technology, Inc. | Encrypted CCNx |
US9912776B2 (en) | 2015-12-02 | 2018-03-06 | Cisco Technology, Inc. | Explicit content deletion commands in a content centric network |
US10097346B2 (en) | 2015-12-09 | 2018-10-09 | Cisco Technology, Inc. | Key catalogs in a content centric network |
US10558822B2 (en) * | 2015-12-15 | 2020-02-11 | Oath Inc. | Enforcing anonymity in the auditing of electronic documents |
US10740474B1 (en) | 2015-12-28 | 2020-08-11 | Ionic Security Inc. | Systems and methods for generation of secure indexes for cryptographically-secure queries |
US10503730B1 (en) | 2015-12-28 | 2019-12-10 | Ionic Security Inc. | Systems and methods for cryptographically-secure queries using filters generated by multiple parties |
US10257271B2 (en) | 2016-01-11 | 2019-04-09 | Cisco Technology, Inc. | Chandra-Toueg consensus in a content centric network |
US10305864B2 (en) | 2016-01-25 | 2019-05-28 | Cisco Technology, Inc. | Method and system for interest encryption in a content centric network |
US10038603B1 (en) | 2016-02-23 | 2018-07-31 | Area 1 Security, Inc. | Packet capture collection tasking system |
US10187400B1 (en) * | 2016-02-23 | 2019-01-22 | Area 1 Security, Inc. | Packet filters in security appliances with modes and intervals |
US10778721B1 (en) | 2016-02-26 | 2020-09-15 | Arista Networks, Inc. | Hash-based ACL lookup offload |
US10043016B2 (en) | 2016-02-29 | 2018-08-07 | Cisco Technology, Inc. | Method and system for name encryption agreement in a content centric network |
US10742596B2 (en) | 2016-03-04 | 2020-08-11 | Cisco Technology, Inc. | Method and system for reducing a collision probability of hash-based names using a publisher identifier |
US10051071B2 (en) | 2016-03-04 | 2018-08-14 | Cisco Technology, Inc. | Method and system for collecting historical network information in a content centric network |
US10038633B2 (en) | 2016-03-04 | 2018-07-31 | Cisco Technology, Inc. | Protocol to query for historical network information in a content centric network |
US10003507B2 (en) | 2016-03-04 | 2018-06-19 | Cisco Technology, Inc. | Transport session state protocol |
US9832116B2 (en) | 2016-03-14 | 2017-11-28 | Cisco Technology, Inc. | Adjusting entries in a forwarding information base in a content centric network |
US10212196B2 (en) | 2016-03-16 | 2019-02-19 | Cisco Technology, Inc. | Interface discovery and authentication in a name-based network |
US11436656B2 (en) | 2016-03-18 | 2022-09-06 | Palo Alto Research Center Incorporated | System and method for a real-time egocentric collaborative filter on large datasets |
US10067948B2 (en) | 2016-03-18 | 2018-09-04 | Cisco Technology, Inc. | Data deduping in content centric networking manifests |
US10091330B2 (en) | 2016-03-23 | 2018-10-02 | Cisco Technology, Inc. | Interest scheduling by an information and data framework in a content centric network |
US10033639B2 (en) | 2016-03-25 | 2018-07-24 | Cisco Technology, Inc. | System and method for routing packets in a content centric network using anonymous datagrams |
CN107294834A (en) * | 2016-03-31 | 2017-10-24 | 阿里巴巴集团控股有限公司 | A kind of method and apparatus for recognizing spam |
US10320760B2 (en) | 2016-04-01 | 2019-06-11 | Cisco Technology, Inc. | Method and system for mutating and caching content in a content centric network |
US9930146B2 (en) | 2016-04-04 | 2018-03-27 | Cisco Technology, Inc. | System and method for compressing content centric networking messages |
US10425503B2 (en) | 2016-04-07 | 2019-09-24 | Cisco Technology, Inc. | Shared pending interest table in a content centric network |
US10027578B2 (en) | 2016-04-11 | 2018-07-17 | Cisco Technology, Inc. | Method and system for routable prefix queries in a content centric network |
US10133503B1 (en) * | 2016-05-02 | 2018-11-20 | Pure Storage, Inc. | Selecting a deduplication process based on a difference between performance metrics |
US10404450B2 (en) | 2016-05-02 | 2019-09-03 | Cisco Technology, Inc. | Schematized access control in a content centric network |
US10320675B2 (en) | 2016-05-04 | 2019-06-11 | Cisco Technology, Inc. | System and method for routing packets in a stateless content centric network |
US10547589B2 (en) | 2016-05-09 | 2020-01-28 | Cisco Technology, Inc. | System for implementing a small computer systems interface protocol over a content centric network |
US10063414B2 (en) | 2016-05-13 | 2018-08-28 | Cisco Technology, Inc. | Updating a transport stack in a content centric network |
US10084764B2 (en) | 2016-05-13 | 2018-09-25 | Cisco Technology, Inc. | System for a secure encryption proxy in a content centric network |
US10103989B2 (en) | 2016-06-13 | 2018-10-16 | Cisco Technology, Inc. | Content object return messages in a content centric network |
US10305865B2 (en) | 2016-06-21 | 2019-05-28 | Cisco Technology, Inc. | Permutation-based content encryption with manifests in a content centric network |
RU2634180C1 (en) | 2016-06-24 | 2017-10-24 | Акционерное общество "Лаборатория Касперского" | System and method for determining spam-containing message by topic of message sent via e-mail |
US10148572B2 (en) | 2016-06-27 | 2018-12-04 | Cisco Technology, Inc. | Method and system for interest groups in a content centric network |
US10009266B2 (en) | 2016-07-05 | 2018-06-26 | Cisco Technology, Inc. | Method and system for reference counted pending interest tables in a content centric network |
US9992097B2 (en) | 2016-07-11 | 2018-06-05 | Cisco Technology, Inc. | System and method for piggybacking routing information in interests in a content centric network |
US10241847B2 (en) | 2016-07-19 | 2019-03-26 | 2236008 Ontario Inc. | Anomaly detection using sequences of system calls |
US10122624B2 (en) | 2016-07-25 | 2018-11-06 | Cisco Technology, Inc. | System and method for ephemeral entries in a forwarding information base in a content centric network |
US10069729B2 (en) | 2016-08-08 | 2018-09-04 | Cisco Technology, Inc. | System and method for throttling traffic based on a forwarding information base in a content centric network |
US10956412B2 (en) | 2016-08-09 | 2021-03-23 | Cisco Technology, Inc. | Method and system for conjunctive normal form attribute matching in a content centric network |
US10033642B2 (en) | 2016-09-19 | 2018-07-24 | Cisco Technology, Inc. | System and method for making optimal routing decisions based on device-specific parameters in a content centric network |
ES2699956T3 (en) * | 2016-09-19 | 2019-02-13 | Retarus Gmbh | Technique to detect suspicious electronic messages |
US10657182B2 (en) | 2016-09-20 | 2020-05-19 | International Business Machines Corporation | Similar email spam detection |
US9847973B1 (en) | 2016-09-26 | 2017-12-19 | Agari Data, Inc. | Mitigating communication risk by detecting similarity to a trusted message contact |
US10880322B1 (en) | 2016-09-26 | 2020-12-29 | Agari Data, Inc. | Automated tracking of interaction with a resource of a message |
US10805314B2 (en) | 2017-05-19 | 2020-10-13 | Agari Data, Inc. | Using message context to evaluate security of requested data |
US11936604B2 (en) | 2016-09-26 | 2024-03-19 | Agari Data, Inc. | Multi-level security analysis and intermediate delivery of an electronic message |
US10212248B2 (en) | 2016-10-03 | 2019-02-19 | Cisco Technology, Inc. | Cache management on high availability routers in a content centric network |
US10447805B2 (en) | 2016-10-10 | 2019-10-15 | Cisco Technology, Inc. | Distributed consensus in a content centric network |
US10511563B2 (en) * | 2016-10-28 | 2019-12-17 | Micro Focus Llc | Hashes of email text |
US10135948B2 (en) | 2016-10-31 | 2018-11-20 | Cisco Technology, Inc. | System and method for process migration in a content centric network |
US10855714B2 (en) * | 2016-10-31 | 2020-12-01 | KnowBe4, Inc. | Systems and methods for an artificial intelligence driven agent |
US10243851B2 (en) | 2016-11-21 | 2019-03-26 | Cisco Technology, Inc. | System and method for forwarder connection information in a content centric network |
US11044267B2 (en) | 2016-11-30 | 2021-06-22 | Agari Data, Inc. | Using a measure of influence of sender in determining a security risk associated with an electronic message |
US11722513B2 (en) | 2016-11-30 | 2023-08-08 | Agari Data, Inc. | Using a measure of influence of sender in determining a security risk associated with an electronic message |
US11210412B1 (en) | 2017-02-01 | 2021-12-28 | Ionic Security Inc. | Systems and methods for requiring cryptographic data protection as a precondition of system access |
US10708272B1 (en) * | 2017-02-10 | 2020-07-07 | Arista Networks, Inc. | Optimized hash-based ACL lookup offload |
US10142263B2 (en) | 2017-02-21 | 2018-11-27 | Keysight Technologies Singapore (Holdings) Pte Ltd | Packet deduplication for network packet monitoring in virtual processing environments |
US10757053B2 (en) * | 2017-03-02 | 2020-08-25 | Microsoft Technology Licensing, Llc | High confidence digital content treatment |
US20180268474A1 (en) * | 2017-03-16 | 2018-09-20 | Amobee, Inc. | Sketch-based bid fraud detection |
US11019076B1 (en) | 2017-04-26 | 2021-05-25 | Agari Data, Inc. | Message security assessment using sender identity profiles |
CN107196931B (en) * | 2017-05-17 | 2020-09-08 | 南京南瑞继保电气有限公司 | Deep packet inspection method based on network isolation device |
US10834099B2 (en) * | 2017-05-23 | 2020-11-10 | Juniper Networks, Inc. | Identifying a file using metadata and determining a security classification of the file before completing receipt of the file |
US11102244B1 (en) * | 2017-06-07 | 2021-08-24 | Agari Data, Inc. | Automated intelligence gathering |
US11757914B1 (en) * | 2017-06-07 | 2023-09-12 | Agari Data, Inc. | Automated responsive message to determine a security risk of a message sender |
US10708283B2 (en) * | 2017-06-30 | 2020-07-07 | Fortinet, Inc. | Detection and mitigation of time-delay based network attacks |
US10594725B2 (en) * | 2017-07-27 | 2020-03-17 | Cypress Semiconductor Corporation | Generating and analyzing network profile data |
US10708297B2 (en) * | 2017-08-25 | 2020-07-07 | Ecrime Management Strategies, Inc. | Security system for detection and mitigation of malicious communications |
US10747729B2 (en) | 2017-09-01 | 2020-08-18 | Microsoft Technology Licensing, Llc | Device specific chunked hash size tuning |
CN109660487B (en) * | 2017-10-10 | 2021-11-09 | 武汉斗鱼网络科技有限公司 | Authorization method based on H5 webpage, storage medium, electronic device and system |
US10891419B2 (en) * | 2017-10-27 | 2021-01-12 | International Business Machines Corporation | Displaying electronic text-based messages according to their typographic features |
CA3027220A1 (en) | 2017-12-12 | 2019-06-12 | Interset Software, Inc. | Tracking file movement in a network environment |
CA3027218A1 (en) * | 2017-12-12 | 2019-06-12 | Interset Software, Inc. | Systems and methods for file fingerprinting |
US11477222B2 (en) * | 2018-02-20 | 2022-10-18 | Darktrace Holdings Limited | Cyber threat defense system protecting email networks with machine learning models using a range of metadata from observed email communications |
US11038900B2 (en) * | 2018-09-04 | 2021-06-15 | Cisco Technology, Inc. | Structural command and control detection of polymorphic malware |
EP3854059A4 (en) * | 2018-09-17 | 2022-06-15 | Valimail Inc. | Entity-separated email domain authentication for known and open sign-up domains |
US10462143B1 (en) * | 2018-11-21 | 2019-10-29 | Capital One Services, Llc | Method and system for electronic mail attachment management |
EP3925248A4 (en) * | 2019-02-14 | 2022-11-16 | Telefonaktiebolaget Lm Ericsson (Publ) | Methods, apparatus and computer-readable mediums relating to capability reporting in a wireless network |
CN109889891B (en) * | 2019-03-05 | 2023-03-24 | 腾讯科技(深圳)有限公司 | Method, device and storage medium for acquiring target media file |
US11777712B2 (en) * | 2019-03-22 | 2023-10-03 | International Business Machines Corporation | Information management in a database |
US11101979B2 (en) * | 2019-05-30 | 2021-08-24 | Kira Inc. | Method and system for creating word-level differential privacy using feature hashing techniques |
US11641331B2 (en) * | 2019-06-04 | 2023-05-02 | Microsoft Technology Licensing, Llc | System and method for blocking distribution of non-acceptable attachments |
US11363064B2 (en) * | 2019-07-12 | 2022-06-14 | Adobe Inc. | Identifying spam using near-duplicate detection for text and images |
US11086947B1 (en) * | 2019-10-11 | 2021-08-10 | Tubular Labs, Inc. | Efficient uniques querying |
US11582190B2 (en) * | 2020-02-10 | 2023-02-14 | Proofpoint, Inc. | Electronic message processing systems and methods |
US11811943B2 (en) * | 2020-04-01 | 2023-11-07 | Lg Electronics Inc. | Verification of messages using hash chaining |
US11777912B2 (en) * | 2020-05-27 | 2023-10-03 | Step Software Inc. | Systems and methods for data communications |
US11411905B2 (en) | 2020-10-29 | 2022-08-09 | Proofpoint, Inc. | Bulk messaging detection and enforcement |
US20240004610A1 (en) * | 2022-06-30 | 2024-01-04 | International Business Machines Corporation | String similarity based weighted min-hashing |
US20240039733A1 (en) | 2022-07-27 | 2024-02-01 | Rapid7, Inc. | Machine learning techniques for verifying correctness of associations between assets related to events and addressable computer network assets |
US12072961B2 (en) | 2022-07-29 | 2024-08-27 | Bank Of America Corporation | Systems and methods for password spraying identification and prevention using hash signature segmentation and behavior clustering analysis |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5905859A (en) * | 1997-01-09 | 1999-05-18 | International Business Machines Corporation | Managed network device security method and apparatus |
US6119236A (en) * | 1996-10-07 | 2000-09-12 | Shipley; Peter M. | Intelligent network security device and method |
US6215763B1 (en) * | 1997-10-29 | 2001-04-10 | Lucent Technologies Inc. | Multi-phase process for distributed precomputation of network signal paths |
US6609205B1 (en) * | 1999-03-18 | 2003-08-19 | Cisco Technology, Inc. | Network intrusion detection signature analysis using decision graphs |
US6678270B1 (en) * | 1999-03-12 | 2004-01-13 | Sandstorm Enterprises, Inc. | Packet interception system including arrangement facilitating authentication of intercepted packets |
US6981158B1 (en) * | 2000-06-19 | 2005-12-27 | Bbnt Solutions Llc | Method and apparatus for tracing packets |
Family Cites Families (872)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR2258112A5 (en) | 1973-11-30 | 1975-08-08 | Honeywell Bull Soc Ind | |
US3956615A (en) | 1974-06-25 | 1976-05-11 | Ibm Corporation | Transaction execution system with secure data storage and communications |
US4104721A (en) | 1976-12-30 | 1978-08-01 | International Business Machines Corporation | Hierarchical security mechanism for dynamically assigning security levels to object programs |
US4200770A (en) | 1977-09-06 | 1980-04-29 | Stanford University | Cryptographic apparatus and method |
US4405829A (en) | 1977-12-14 | 1983-09-20 | Massachusetts Institute Of Technology | Cryptographic communications system and method |
US4289930A (en) | 1978-11-30 | 1981-09-15 | The General Electric Company Limited | Electronic apparatus for the display of information received over a line |
US4386416A (en) | 1980-06-02 | 1983-05-31 | Mostek Corporation | Data compression, encryption, and in-line transmission system |
US4384325A (en) | 1980-06-23 | 1983-05-17 | Sperry Corporation | Apparatus and method for searching a data base using variable search criteria |
US4386233A (en) | 1980-09-29 | 1983-05-31 | Smid Miles E | Crytographic key notarization methods and apparatus |
US4442484A (en) | 1980-10-14 | 1984-04-10 | Intel Corporation | Microprocessor memory management and protection mechanism |
US4648031A (en) | 1982-06-21 | 1987-03-03 | International Business Machines Corporation | Method and apparatus for restarting a computing system |
US4532588A (en) | 1982-11-09 | 1985-07-30 | International Business Machines Corporation | Electronic document distribution network with uniform data stream |
US4641274A (en) * | 1982-12-03 | 1987-02-03 | International Business Machines Corporation | Method for communicating changes made to text form a text processor to a remote host |
NL8301458A (en) | 1983-04-26 | 1984-11-16 | Philips Nv | METHOD FOR DISTRIBUTING AND USING ENCRYPTION KEYS. |
US4870571A (en) | 1983-05-04 | 1989-09-26 | The Johns Hopkins University | Intercomputer communications based on message broadcasting with receiver selection |
US4590470A (en) | 1983-07-11 | 1986-05-20 | At&T Bell Laboratories | User authentication system employing encryption functions |
US4947430A (en) | 1987-11-23 | 1990-08-07 | David Chaum | Undeniable signature systems |
US4926480A (en) | 1983-08-22 | 1990-05-15 | David Chaum | Card-computer moderated systems |
US4584639A (en) | 1983-12-23 | 1986-04-22 | Key Logic, Inc. | Computer security system |
US4621321A (en) | 1984-02-16 | 1986-11-04 | Honeywell Inc. | Secure data processing system architecture |
US4710763A (en) | 1984-10-19 | 1987-12-01 | Texas Instruments Incorporated | Method for generating and displaying tree structures in a limited display area |
US4713753A (en) | 1985-02-21 | 1987-12-15 | Honeywell Inc. | Secure data processing system architecture with format control |
US4713780A (en) | 1985-04-15 | 1987-12-15 | Express Communications, Inc. | Electronic mail |
US4754428A (en) | 1985-04-15 | 1988-06-28 | Express Communications, Inc. | Apparatus and method of distributing documents to remote terminals with different formats |
US4914568A (en) | 1986-10-24 | 1990-04-03 | National Instruments, Inc. | Graphical system for modelling a process and associated method |
US4837798A (en) | 1986-06-02 | 1989-06-06 | American Telephone And Telegraph Company | Communication system having unified messaging |
NL8602418A (en) | 1986-09-25 | 1988-04-18 | Philips Nv | DEVICE FOR DISPLAYING A PCM MODULATED SIGNAL WITH A MUTE CIRCUIT. |
JP2702927B2 (en) | 1987-06-15 | 1998-01-26 | 株式会社日立製作所 | String search device |
DE3851724T2 (en) | 1987-07-08 | 1995-05-04 | Matsushita Electric Ind Co Ltd | Method and device for protecting copy signals. |
FR2618002B1 (en) | 1987-07-10 | 1991-07-05 | Schlumberger Ind Sa | METHOD AND SYSTEM FOR AUTHENTICATING ELECTRONIC MEMORY CARDS |
US4853961A (en) | 1987-12-18 | 1989-08-01 | Pitney Bowes Inc. | Reliable document authentication system |
US4885789A (en) | 1988-02-01 | 1989-12-05 | International Business Machines Corporation | Remote trusted path mechanism for telnet |
US5214702A (en) | 1988-02-12 | 1993-05-25 | Fischer Addison M | Public key/signature cryptosystem with enhanced digital signature certification |
US5005200A (en) | 1988-02-12 | 1991-04-02 | Fischer Addison M | Public key/signature cryptosystem with enhanced digital signature certification |
US4868877A (en) | 1988-02-12 | 1989-09-19 | Fischer Addison M | Public key/signature cryptosystem with enhanced digital signature certification |
CA1314101C (en) | 1988-02-17 | 1993-03-02 | Henry Shao-Lin Teng | Expert system for security inspection of a digital computer system in a network environment |
US4951196A (en) | 1988-05-04 | 1990-08-21 | Supply Tech, Inc. | Method and apparatus for electronic data interchange |
US5008814A (en) | 1988-08-15 | 1991-04-16 | Network Equipment Technologies, Inc. | Method and apparatus for updating system software for a plurality of data processing units in a communication network |
US5144660A (en) | 1988-08-31 | 1992-09-01 | Rose Anthony M | Securing a computer against undesired write operations to or read operations from a mass storage device |
US5054096A (en) | 1988-10-24 | 1991-10-01 | Empire Blue Cross/Blue Shield | Method and apparatus for converting documents into electronic data for transaction processing |
US4975950A (en) | 1988-11-03 | 1990-12-04 | Lentz Stephen A | System and method of protecting integrity of computer data and software |
US5313637A (en) | 1988-11-29 | 1994-05-17 | Rose David K | Method and apparatus for validating authorization to access information in an information processing system |
US5167011A (en) | 1989-02-15 | 1992-11-24 | W. H. Morris | Method for coodinating information storage and retrieval |
US5210824A (en) | 1989-03-03 | 1993-05-11 | Xerox Corporation | Encoding-format-desensitized methods and means for interchanging electronic document as appearances |
US5020059A (en) | 1989-03-31 | 1991-05-28 | At&T Bell Laboratories | Reconfigurable signal processor |
US5191611A (en) | 1989-04-03 | 1993-03-02 | Lang Gerald S | Method and apparatus for protecting material on storage media and for transferring material on storage media to various recipients |
US5144659A (en) | 1989-04-19 | 1992-09-01 | Richard P. Jones | Computer file protection system |
US5119465A (en) | 1989-06-19 | 1992-06-02 | Digital Equipment Corporation | System for selectively converting plurality of source data structures through corresponding source intermediate structures, and target intermediate structures into selected target structure |
US4996711A (en) * | 1989-06-21 | 1991-02-26 | Chaum David L | Selected-exponent signature systems |
GB8918553D0 (en) | 1989-08-15 | 1989-09-27 | Digital Equipment Int | Message control system |
US5105184B1 (en) | 1989-11-09 | 1997-06-17 | Noorali Pirani | Methods for displaying and integrating commercial advertisements with computer software |
US5495610A (en) * | 1989-11-30 | 1996-02-27 | Seer Technologies, Inc. | Software distribution system to build and distribute a software release |
GB8927623D0 (en) * | 1989-12-06 | 1990-02-07 | Bicc Plc | Repeaters for secure local area networks |
US5159685A (en) * | 1989-12-06 | 1992-10-27 | Racal Data Communications Inc. | Expert system for communications network |
DE68925695D1 (en) | 1989-12-13 | 1996-03-28 | Ibm | Computer system security device |
US5093914A (en) | 1989-12-15 | 1992-03-03 | At&T Bell Laboratories | Method of controlling the execution of object-oriented programs |
DE69031614T2 (en) * | 1990-01-29 | 1998-05-07 | Security Techn Corp | Optionally moderated transaction systems |
US5263157A (en) | 1990-02-15 | 1993-11-16 | International Business Machines Corporation | Method and system for providing user access control within a distributed data processing system by the exchange of access control profiles |
JP3080382B2 (en) | 1990-02-21 | 2000-08-28 | 株式会社日立製作所 | Cryptographic communication system |
EP0451384B1 (en) | 1990-04-10 | 1997-09-24 | International Business Machines Corporation | Hypertext data processing system and method |
US5319776A (en) | 1990-04-19 | 1994-06-07 | Hilgraeve Corporation | In transit detection of computer virus with safeguard |
US5210825A (en) | 1990-04-26 | 1993-05-11 | Teknekron Communications Systems, Inc. | Method and an apparatus for displaying graphical data received from a remote computer by a local computer |
US5822527A (en) | 1990-05-04 | 1998-10-13 | Digital Equipment Corporation | Method and apparatus for information stream filtration using tagged information access and action registration |
US5226080A (en) | 1990-06-22 | 1993-07-06 | Grid Systems Corporation | Method and apparatus for password protection of a computer |
US5204961A (en) | 1990-06-25 | 1993-04-20 | Digital Equipment Corporation | Computer network operating with multilevel hierarchical security with selectable common trust realms and corresponding security protocols |
US5070528A (en) | 1990-06-29 | 1991-12-03 | Digital Equipment Corporation | Generic encryption technique for communication networks |
GB9015799D0 (en) | 1990-07-18 | 1991-06-12 | Plessey Telecomm | A data communication system |
US5124984A (en) | 1990-08-07 | 1992-06-23 | Concord Communications, Inc. | Access controller for local area network |
US5144557A (en) | 1990-08-13 | 1992-09-01 | International Business Machines Corporation | Method and system for document distribution by reference to a first group and particular document to a second group of user in a data processing system |
US5276869A (en) * | 1990-09-10 | 1994-01-04 | International Business Machines Corporation | System for selecting document recipients as determined by technical content of document and for electronically corroborating receipt of document |
US5790198A (en) | 1990-09-10 | 1998-08-04 | Starsight Telecast, Inc. | Television schedule information transmission and utilization system and process |
US5247661A (en) | 1990-09-10 | 1993-09-21 | International Business Machines Corporation | Method and apparatus for automated document distribution in a data processing system |
US5224163A (en) | 1990-09-28 | 1993-06-29 | Digital Equipment Corporation | Method for delegating authorization from one entity to another through the use of session encryption keys |
US5315657A (en) | 1990-09-28 | 1994-05-24 | Digital Equipment Corporation | Compound principals in access control lists |
US5239466A (en) | 1990-10-04 | 1993-08-24 | Motorola, Inc. | System for selectively routing and merging independent annotations to a document at remote locations |
US5153918A (en) | 1990-11-19 | 1992-10-06 | Vorec Corporation | Security system for data communications |
JP3161725B2 (en) * | 1990-11-21 | 2001-04-25 | 株式会社日立製作所 | Workstations and collaborative information processing systems |
US5283887A (en) * | 1990-12-19 | 1994-02-01 | Bull Hn Information Systems Inc. | Automatic document format conversion in an electronic mail system based upon user preference |
US5263147A (en) | 1991-03-01 | 1993-11-16 | Hughes Training, Inc. | System for providing high security for personal computers and workstations |
JP3177684B2 (en) | 1991-03-14 | 2001-06-18 | 株式会社日立製作所 | Email system |
US5424724A (en) | 1991-03-27 | 1995-06-13 | International Business Machines Corporation | Method and apparatus for enhanced electronic mail distribution |
US5272754A (en) | 1991-03-28 | 1993-12-21 | Secure Computing Corporation | Secure computer interface |
US5513323A (en) | 1991-06-14 | 1996-04-30 | International Business Machines Corporation | Method and apparatus for multistage document format transformation in a data processing system |
US5228083A (en) | 1991-06-28 | 1993-07-13 | Digital Equipment Corporation | Cryptographic processing in a communication network, using a single cryptographic engine |
US5577209A (en) | 1991-07-11 | 1996-11-19 | Itt Corporation | Apparatus and method for providing multi-level security for communication among computers and terminals on a network |
US5379340A (en) * | 1991-08-02 | 1995-01-03 | Betterprize Limited | Text communication system |
US5621579A (en) | 1991-08-19 | 1997-04-15 | Index Systems, Inc. | Method for selectively playing back programs recorded on a video tape |
US5367621A (en) | 1991-09-06 | 1994-11-22 | International Business Machines Corporation | Data processing method to provide a generalized link from a reference point in an on-line book to an arbitrary multimedia object which can be dynamically updated |
JPH06102822A (en) | 1991-09-26 | 1994-04-15 | Rooreru Intelligent Syst:Kk | File security system |
US5355474A (en) | 1991-09-27 | 1994-10-11 | Thuraisngham Bhavani M | System for multilevel secure database management using a knowledge base with release-based and other security constraints for query, response and update modification |
US5200999A (en) | 1991-09-27 | 1993-04-06 | International Business Machines Corporation | Public key cryptosystem key management based on control vectors |
US5177788A (en) | 1991-10-15 | 1993-01-05 | Ungermann-Bass, Inc. | Network message security method and apparatus |
US5265164A (en) | 1991-10-31 | 1993-11-23 | International Business Machines Corporation | Cryptographic facility environment backup/restore and replication in a public key cryptosystem |
US5164988A (en) | 1991-10-31 | 1992-11-17 | International Business Machines Corporation | Method to establish and enforce a network cryptographic security policy in a public key cryptosystem |
US5325370A (en) | 1991-11-12 | 1994-06-28 | Storage Technology Corporation | Method and apparatus for recording data on magnetic tape media |
US5276901A (en) * | 1991-12-16 | 1994-01-04 | International Business Machines Corporation | System for controlling group access to objects using group access control folder and group identification as individual user |
US5210795A (en) | 1992-01-10 | 1993-05-11 | Digital Equipment Corporation | Secure user authentication from personal computer |
DK170490B1 (en) | 1992-04-28 | 1995-09-18 | Multi Inform As | Data Processing Plant |
FR2686755A1 (en) | 1992-01-28 | 1993-07-30 | Electricite De France | METHOD FOR ENCRYPTING MESSAGES TRANSMITTED BETWEEN INTERCONNECTED NETWORKS, ENCRYPTION APPARATUS AND DEVICE FOR COMMUNICATING ENCRYPTED DATA USING SUCH A METHOD. |
GB9205774D0 (en) | 1992-03-17 | 1992-04-29 | Int Computers Ltd | Computer security system |
US5333266A (en) | 1992-03-27 | 1994-07-26 | International Business Machines Corporation | Method and apparatus for message handling in computer systems |
US5649095A (en) | 1992-03-30 | 1997-07-15 | Cozza; Paul D. | Method and apparatus for detecting computer viruses through the use of a scan information cache |
US5278460A (en) | 1992-04-07 | 1994-01-11 | Micron Technology, Inc. | Voltage compensating CMOS input buffer |
US5280527A (en) * | 1992-04-14 | 1994-01-18 | Kamahira Safe Co., Inc. | Biometric token for authorizing access to a host system |
US5313521A (en) | 1992-04-15 | 1994-05-17 | Fujitsu Limited | Key distribution protocol for file transfer in the local area network |
US5276735A (en) * | 1992-04-17 | 1994-01-04 | Secure Computing Corporation | Data enclave and trusted path system |
US5276737B1 (en) * | 1992-04-20 | 1995-09-12 | Silvio Micali | Fair cryptosystems and methods of use |
US5315658B1 (en) | 1992-04-20 | 1995-09-12 | Silvio Micali | Fair cryptosystems and methods of use |
US5278901A (en) * | 1992-04-30 | 1994-01-11 | International Business Machines Corporation | Pattern-oriented intrusion-detection system and method |
US5485409A (en) * | 1992-04-30 | 1996-01-16 | International Business Machines Corporation | Automated penetration analysis system and method |
US5311593A (en) | 1992-05-13 | 1994-05-10 | Chipcom Corporation | Security system for a network concentrator |
US5412717A (en) | 1992-05-15 | 1995-05-02 | Fischer; Addison M. | Computer system security method and apparatus having program authorization information data structures |
US5241594A (en) | 1992-06-02 | 1993-08-31 | Hughes Aircraft Company | One-time logon means and methods for distributed computing systems |
GB9212655D0 (en) | 1992-06-15 | 1992-07-29 | Digital Equipment Int | Communications system |
WO1993026109A1 (en) | 1992-06-17 | 1993-12-23 | The Trustees Of The University Of Pennsylvania | Apparatus for providing cryptographic support in a network |
US5359659A (en) | 1992-06-19 | 1994-10-25 | Doren Rosenthal | Method for securing software against corruption by computer viruses |
GB9213169D0 (en) | 1992-06-22 | 1992-08-05 | Ncr Int Inc | Cryptographic key management apparatus and method |
US5235642A (en) | 1992-07-21 | 1993-08-10 | Digital Equipment Corporation | Access control subsystem and method for distributed computer system using locally cached authentication credentials |
IL102843A (en) | 1992-08-17 | 1996-06-18 | Zisapel Yehuda | Carrier sensing multiple access/collision detection local area networks |
US5418908A (en) | 1992-10-15 | 1995-05-23 | International Business Machines Corporation | System for automatically establishing a link between an electronic mail item and a remotely stored reference through a place mark inserted into the item |
US5432932A (en) | 1992-10-23 | 1995-07-11 | International Business Machines Corporation | System and method for dynamically controlling remote processes from a performance monitor |
JP3553987B2 (en) * | 1992-11-13 | 2004-08-11 | 株式会社日立製作所 | Client server system |
US5675733A (en) | 1992-11-30 | 1997-10-07 | International Business Machines Corporation | Statistical analysis and display of reception status of electronic messages |
US5666530A (en) | 1992-12-02 | 1997-09-09 | Compaq Computer Corporation | System for automatic synchronization of common file between portable computer and host computer via communication channel selected from a plurality of usable channels there between |
US5410326A (en) | 1992-12-04 | 1995-04-25 | Goldstein; Steven W. | Programmable remote control device for interacting with a plurality of remotely controlled devices |
US5341426A (en) | 1992-12-15 | 1994-08-23 | Motorola, Inc. | Cryptographic key management apparatus and method |
WO1994013797A1 (en) | 1992-12-15 | 1994-06-23 | Commonwealth Scientific & Industrial Research Organisation | Dna molecules encoding inducible plant promoters and tomato adh2 enzyme |
US5828893A (en) | 1992-12-24 | 1998-10-27 | Motorola, Inc. | System and method of communicating between trusted and untrusted computer systems |
US5544320A (en) | 1993-01-08 | 1996-08-06 | Konrad; Allan M. | Remote information service access system based on a client-server-service model |
US5440723A (en) | 1993-01-19 | 1995-08-08 | International Business Machines Corporation | Automatic immune system for computers and computer networks |
US5406557A (en) | 1993-02-01 | 1995-04-11 | National Semiconductor Corporation | Interenterprise electronic mail hub |
US5351293A (en) | 1993-02-01 | 1994-09-27 | Wave Systems Corp. | System method and apparatus for authenticating an encrypted signal |
US5586260A (en) | 1993-02-12 | 1996-12-17 | Digital Equipment Corporation | Method and apparatus for authenticating a client to a server in computer systems which support different security mechanisms |
US5299263A (en) | 1993-03-04 | 1994-03-29 | Bell Communications Research, Inc. | Two-way public key authentication and key agreement for low-cost terminals |
US5479411A (en) | 1993-03-10 | 1995-12-26 | At&T Corp. | Multi-media integrated message arrangement |
US5414650A (en) | 1993-03-24 | 1995-05-09 | Compression Research Group, Inc. | Parsing information onto packets using context-insensitive parsing rules based on packet characteristics |
US5404231A (en) | 1993-05-24 | 1995-04-04 | Audiofax, Inc. | Sender-based facsimile store and forward facility |
FR2706652B1 (en) | 1993-06-09 | 1995-08-18 | Alsthom Cge Alcatel | Device for detecting intrusions and suspicious users for a computer system and security system comprising such a device. |
JPH0764788A (en) | 1993-06-14 | 1995-03-10 | Mitsubishi Electric Corp | Microcomputer |
JPH0737087A (en) | 1993-07-19 | 1995-02-07 | Matsushita Electric Ind Co Ltd | Picture processor |
JPH0779298A (en) | 1993-09-08 | 1995-03-20 | Hitachi Ltd | Facsimile server system |
US5983012A (en) | 1993-09-28 | 1999-11-09 | Bull Hn Information Systems Inc. | Executing programs of a first system on a second system |
US5657461A (en) | 1993-10-04 | 1997-08-12 | Xerox Corporation | User interface for defining and automatically transmitting data according to preferred communication channels |
US5513126A (en) | 1993-10-04 | 1996-04-30 | Xerox Corporation | Network having selectively accessible recipient prioritized communication channel profiles |
US5436972A (en) | 1993-10-04 | 1995-07-25 | Fischer; Addison M. | Method for preventing inadvertent betrayal by a trustee of escrowed digital secrets |
US5414833A (en) | 1993-10-27 | 1995-05-09 | International Business Machines Corporation | Network security system and method using a parallel finite state machine adaptive active monitor and responder |
US5371794A (en) | 1993-11-02 | 1994-12-06 | Sun Microsystems, Inc. | Method and apparatus for privacy and authentication in wireless networks |
US5771354A (en) | 1993-11-04 | 1998-06-23 | Crawford; Christopher M. | Internet online backup system provides remote storage for customers using IDs and passwords which were interactively established when signing up for backup services |
US5499294A (en) | 1993-11-24 | 1996-03-12 | The United States Of America As Represented By The Administrator Of The National Aeronautics And Space Administration | Digital camera with apparatus for authentication of images produced from an image file |
FR2713419B1 (en) | 1993-12-02 | 1996-07-05 | Gemplus Card Int | Method for generating DSA signatures with low cost portable devices. |
WO1995016238A1 (en) | 1993-12-06 | 1995-06-15 | Telequip Corporation | Secure computer memory card |
DE69330065T2 (en) | 1993-12-08 | 2001-08-09 | International Business Machines Corp., Armonk | Method and system for key distribution and authentication in a data transmission system |
US5606668A (en) * | 1993-12-15 | 1997-02-25 | Checkpoint Software Technologies Ltd. | System for securing inbound and outbound data packet flow in a computer network |
US5491750A (en) * | 1993-12-30 | 1996-02-13 | International Business Machines Corporation | Method and apparatus for three-party entity authentication and key distribution using message authentication codes |
PT739560E (en) * | 1994-01-13 | 2001-12-28 | Certco Inc | CRYPTOGRAPHIC SYSTEM AND PROCESS WITH KEY WARRANTY CHARACTERISTICS |
US5509074A (en) | 1994-01-27 | 1996-04-16 | At&T Corp. | Method of protecting electronically published materials using cryptographic protocols |
US5485455A (en) * | 1994-01-28 | 1996-01-16 | Cabletron Systems, Inc. | Network having secure fast packet switching and guaranteed quality of service |
US6381694B1 (en) | 1994-02-18 | 2002-04-30 | Apple Computer, Inc. | System for automatic recovery from software problems that cause computer failure |
US5557742A (en) | 1994-03-07 | 1996-09-17 | Haystack Labs, Inc. | Method and system for detecting intrusion into and misuse of a data processing system |
US5974141A (en) | 1995-03-31 | 1999-10-26 | Mitsubishi Corporation | Data management system |
US5572590A (en) | 1994-04-12 | 1996-11-05 | International Business Machines Corporation | Discrimination of malicious changes to digital information using multiple signatures |
US5481613A (en) * | 1994-04-15 | 1996-01-02 | Northern Telecom Limited | Computer network cryptographic key distribution system |
US5627977A (en) | 1994-04-19 | 1997-05-06 | Orchid Systems, Inc. | Trainable user interface translator |
US5541993A (en) | 1994-05-10 | 1996-07-30 | Fan; Eric | Structure and method for secure image transmission |
US5675507A (en) | 1995-04-28 | 1997-10-07 | Bobo, Ii; Charles R. | Message storage and delivery system |
US5511122A (en) | 1994-06-03 | 1996-04-23 | The United States Of America As Represented By The Secretary Of The Navy | Intermediate network authentication |
US5416842A (en) | 1994-06-10 | 1995-05-16 | Sun Microsystems, Inc. | Method and apparatus for key-management scheme for use with internet protocols at site firewalls |
US5561703A (en) | 1994-07-06 | 1996-10-01 | Rolm Company | System and method for integration of a paging server into a private branch exchange environment |
US5535276A (en) | 1994-11-09 | 1996-07-09 | Bell Atlantic Network Services, Inc. | Yaksha, an improved system and method for securing communications using split private key asymmetric cryptography |
US5615340A (en) | 1994-07-21 | 1997-03-25 | Allied Telesyn Int'l Corp. | Network interfacing apparatus and method using repeater and cascade interface with scrambling |
US5557346A (en) | 1994-08-11 | 1996-09-17 | Trusted Information Systems, Inc. | System and method for key escrow encryption |
US5537533A (en) | 1994-08-11 | 1996-07-16 | Miralink Corporation | System and method for remote mirroring of digital data from a primary network server to a remote network server |
US5557765A (en) | 1994-08-11 | 1996-09-17 | Trusted Information Systems, Inc. | System and method for data recovery |
JPH10511471A (en) | 1994-08-12 | 1998-11-04 | リートン,フランク、タムスン | Fail-safe key marking system |
US5485460A (en) * | 1994-08-19 | 1996-01-16 | Microsoft Corporation | System and method for running multiple incompatible network protocol stacks |
US5604490A (en) * | 1994-09-09 | 1997-02-18 | International Business Machines Corporation | Method and system for providing a user access to multiple secured subsystems |
US5481312A (en) * | 1994-09-12 | 1996-01-02 | At&T Corp. | Method of and apparatus for the transmission of high and low priority segments of a video bitstream over packet networks |
US5548646A (en) | 1994-09-15 | 1996-08-20 | Sun Microsystems, Inc. | System for signatureless transmission and reception of data packets between computer networks |
US5740231A (en) | 1994-09-16 | 1998-04-14 | Octel Communications Corporation | Network-based multimedia communications and directory system and method of operation |
US5933478A (en) | 1994-09-28 | 1999-08-03 | Hitachi, Ltd. | Data transfer system and handheld terminal device used therefor |
JPH0897159A (en) | 1994-09-29 | 1996-04-12 | Handotai Process Kenkyusho:Kk | Method and system for epitaxial growth |
US5794047A (en) | 1994-09-29 | 1998-08-11 | International Business Machines Corporation | Method of walking-up a call stack for a client/server program that uses remote procedure call |
US5864683A (en) * | 1994-10-12 | 1999-01-26 | Secure Computing Corporartion | System for providing secure internetwork by connecting type enforcing secure computers to external network for limiting access to data based on user and process access rights |
GB2295299B (en) | 1994-11-16 | 1999-04-28 | Network Services Inc Enterpris | Enterprise network management method and apparatus |
US5623601A (en) | 1994-11-18 | 1997-04-22 | Milkway Networks Corporation | Apparatus and method for providing a secure gateway for communication and data exchanges between networks |
US5623598A (en) | 1994-11-22 | 1997-04-22 | Hewlett-Packard Company | Method for identifying ways to improve performance in computer data storage systems |
US6154879A (en) * | 1994-11-28 | 2000-11-28 | Smarttouch, Inc. | Tokenless biometric ATM access system |
US5805719A (en) | 1994-11-28 | 1998-09-08 | Smarttouch | Tokenless identification of individuals |
US5758257A (en) | 1994-11-29 | 1998-05-26 | Herz; Frederick | System and method for scheduling broadcast of and access to video programs and other data using customer profiles |
US5619648A (en) | 1994-11-30 | 1997-04-08 | Lucent Technologies Inc. | Message filtering techniques |
US5608874A (en) | 1994-12-02 | 1997-03-04 | Autoentry Online, Inc. | System and method for automatic data file format translation and transmission having advanced features |
US5550984A (en) | 1994-12-07 | 1996-08-27 | Matsushita Electric Corporation Of America | Security system for preventing unauthorized communications between networks by translating communications received in ip protocol to non-ip protocol to remove address and routing services information |
US5646997A (en) | 1994-12-14 | 1997-07-08 | Barton; James M. | Method and apparatus for embedding authentication information within digital data |
US5530852A (en) | 1994-12-20 | 1996-06-25 | Sun Microsystems, Inc. | Method for extracting profiles and topics from a first file written in a first markup language and generating files in different markup languages containing the profiles and topics for use in accessing data described by the profiles and topics |
US5566170A (en) | 1994-12-29 | 1996-10-15 | Storage Technology Corporation | Method and apparatus for accelerated packet forwarding |
US5638487A (en) | 1994-12-30 | 1997-06-10 | Purespeech, Inc. | Automatic speech recognition |
US5694616A (en) | 1994-12-30 | 1997-12-02 | International Business Machines Corporation | Method and system for prioritization of email items by selectively associating priority attribute with at least one and fewer than all of the recipients |
US5878230A (en) | 1995-01-05 | 1999-03-02 | International Business Machines Corporation | System for email messages wherein the sender designates whether the recipient replies or forwards to addresses also designated by the sender |
US5583995A (en) | 1995-01-30 | 1996-12-10 | Mrj, Inc. | Apparatus and method for data storage and retrieval using bandwidth allocation |
US5504454A (en) | 1995-01-30 | 1996-04-02 | Westinghouse Elec. Corp. | Demodulator for powerline carrier communications |
US5943422A (en) | 1996-08-12 | 1999-08-24 | Intertrust Technologies Corp. | Steganographic techniques for securely delivering electronic digital rights management control information over insecure communication channels |
US6658568B1 (en) | 1995-02-13 | 2003-12-02 | Intertrust Technologies Corporation | Trusted infrastructure support system, methods and techniques for secure electronic commerce transaction and rights management |
US6272632B1 (en) | 1995-02-21 | 2001-08-07 | Network Associates, Inc. | System and method for controlling access to a user secret using a key recovery field |
US5835758A (en) | 1995-02-28 | 1998-11-10 | Vidya Technologies, Inc. | Method and system for respresenting and processing physical and conceptual entities |
US5655081A (en) | 1995-03-08 | 1997-08-05 | Bmc Software, Inc. | System for monitoring and managing computer resources and applications across a distributed computing environment using an intelligent autonomous agent architecture |
US5564106A (en) | 1995-03-09 | 1996-10-08 | Motorola, Inc. | Method for providing blind access to an encryption key |
US5710883A (en) * | 1995-03-10 | 1998-01-20 | Stanford University | Hypertext document transport mechanism for firewall-compatible distributed world-wide web publishing |
US5553145A (en) | 1995-03-21 | 1996-09-03 | Micali; Silvia | Simultaneous electronic transactions with visible trusted parties |
US5699513A (en) | 1995-03-31 | 1997-12-16 | Motorola, Inc. | Method for secure network access via message intercept |
US5790793A (en) | 1995-04-04 | 1998-08-04 | Higley; Thomas | Method and system to create, transmit, receive and process information, including an address to further information |
IL113259A (en) * | 1995-04-05 | 2001-03-19 | Diversinet Corp | Apparatus and method for safe communication handshake and data transfer |
US5677955A (en) | 1995-04-07 | 1997-10-14 | Financial Services Technology Consortium | Electronic funds transfer instruments |
US5852665A (en) | 1995-04-13 | 1998-12-22 | Fortress U & T Ltd. | Internationally regulated system for one to one cryptographic communications with national sovereignty without key escrow |
US5724512A (en) | 1995-04-17 | 1998-03-03 | Lucent Technologies Inc. | Methods and apparatus for storage and retrieval of name space information in a distributed computing system |
DE69628882T2 (en) | 1995-04-25 | 2004-05-27 | Canon K.K. | Data transmission device and method |
US5790856A (en) | 1995-05-08 | 1998-08-04 | Apple Computer, Inc. | Methods, apparatus, and data structures for data driven computer patches and static analysis of same |
JP3338585B2 (en) * | 1995-05-16 | 2002-10-28 | 富士通株式会社 | Apparatus and method for converting presentation data |
US5632011A (en) | 1995-05-22 | 1997-05-20 | Sterling Commerce, Inc. | Electronic mail management system for operation on a host computer system |
KR19990022451A (en) | 1995-06-05 | 1999-03-25 | 피터 씨. 프레운드 | Multilevel digital signature method and system |
US5708780A (en) * | 1995-06-07 | 1998-01-13 | Open Market, Inc. | Internet server access control and monitoring systems |
US5812776A (en) | 1995-06-07 | 1998-09-22 | Open Market, Inc. | Method of providing internet pages by mapping telephone number provided by client to URL and returning the same in a redirect command by server |
US5636371A (en) | 1995-06-07 | 1997-06-03 | Bull Hn Information Systems Inc. | Virtual network mechanism to access well known port application programs running on a single host system |
US5689565A (en) | 1995-06-29 | 1997-11-18 | Microsoft Corporation | Cryptography system and method for providing cryptographic services for a computer application |
US5761531A (en) | 1995-06-30 | 1998-06-02 | Fujitsu Limited | Input/output control apparatus and method for transfering track data from cache module to channel unit during the staging of the data track from device adapter |
US5706507A (en) * | 1995-07-05 | 1998-01-06 | International Business Machines Corporation | System and method for controlling access to data located on a content server |
GB2303947A (en) | 1995-07-31 | 1997-03-05 | Ibm | Boot sector virus protection in computer systems |
JPH0954699A (en) | 1995-08-11 | 1997-02-25 | Fujitsu Ltd | Process scheduler of computer |
US5742759A (en) | 1995-08-18 | 1998-04-21 | Sun Microsystems, Inc. | Method and system for facilitating access control to system resources in a distributed computer system |
EP0762337A3 (en) | 1995-09-08 | 2000-01-19 | Francotyp-Postalia Aktiengesellschaft & Co. | Method and device for enhancing manipulation-proof of critical data |
US5631961A (en) | 1995-09-15 | 1997-05-20 | The United States Of America As Represented By The Director Of The National Security Agency | Device for and method of cryptography that allows third party access |
US6134551A (en) | 1995-09-15 | 2000-10-17 | Intel Corporation | Method of caching digital certificate revocation lists |
US5623600A (en) | 1995-09-26 | 1997-04-22 | Trend Micro, Incorporated | Virus detection and removal apparatus for computer networks |
US5889943A (en) | 1995-09-26 | 1999-03-30 | Trend Micro Incorporated | Apparatus and method for electronic mail virus detection and elimination |
US5765030A (en) | 1996-07-19 | 1998-06-09 | Symantec Corp | Processor emulator module having a variable pre-fetch queue size for program execution |
US5826013A (en) | 1995-09-28 | 1998-10-20 | Symantec Corporation | Polymorphic virus detection module |
US5854916A (en) | 1995-09-28 | 1998-12-29 | Symantec Corporation | State-based cache for antivirus software |
US6067410A (en) | 1996-02-09 | 2000-05-23 | Symantec Corporation | Emulation repair system |
US5696822A (en) | 1995-09-28 | 1997-12-09 | Symantec Corporation | Polymorphic virus detection module |
US6097811A (en) | 1995-11-02 | 2000-08-01 | Micali; Silvio | Tree-based certificate revocation system |
US6487658B1 (en) | 1995-10-02 | 2002-11-26 | Corestreet Security, Ltd. | Efficient certificate revocation |
US5666416A (en) | 1995-10-24 | 1997-09-09 | Micali; Silvio | Certificate revocation system |
US5793868A (en) | 1996-08-29 | 1998-08-11 | Micali; Silvio | Certificate revocation system |
US6766450B2 (en) | 1995-10-24 | 2004-07-20 | Corestreet, Ltd. | Certificate revocation system |
US5717757A (en) * | 1996-08-29 | 1998-02-10 | Micali; Silvio | Certificate issue lists |
US5717758A (en) * | 1995-11-02 | 1998-02-10 | Micall; Silvio | Witness-based certificate revocation system |
US5859966A (en) * | 1995-10-10 | 1999-01-12 | Data General Corporation | Security system for computer systems |
US5572643A (en) | 1995-10-19 | 1996-11-05 | Judson; David H. | Web browser with dynamic display of information objects during linking |
US5689566A (en) | 1995-10-24 | 1997-11-18 | Nguyen; Minhtam C. | Network with secure communications sessions |
US5687235A (en) | 1995-10-26 | 1997-11-11 | Novell, Inc. | Certificate revocation performance optimization |
US5948062A (en) | 1995-10-27 | 1999-09-07 | Emc Corporation | Network file server using a cached disk array storing a network file directory including file locking information and data mover computers each having file system software for shared read-write file access |
US5826029A (en) | 1995-10-31 | 1998-10-20 | International Business Machines Corporation | Secured gateway interface |
US5724428A (en) | 1995-11-01 | 1998-03-03 | Rsa Data Security, Inc. | Block encryption algorithm with data-dependent rotations |
US5793763A (en) | 1995-11-03 | 1998-08-11 | Cisco Technology, Inc. | Security system for network address translation systems |
US5923846A (en) | 1995-11-06 | 1999-07-13 | Microsoft Corporation | Method of uploading a message containing a file reference to a server and downloading a file from the server using the file reference |
US5764906A (en) | 1995-11-07 | 1998-06-09 | Netword Llc | Universal electronic resource denotation, request and delivery system |
US5699431A (en) | 1995-11-13 | 1997-12-16 | Northern Telecom Limited | Method for efficient management of certificate revocation lists and update information |
US5671279A (en) | 1995-11-13 | 1997-09-23 | Netscape Communications Corporation | Electronic commerce using a secure courier system |
JPH09153050A (en) | 1995-11-29 | 1997-06-10 | Hitachi Ltd | Method and device for gathering document information |
JP3688830B2 (en) | 1995-11-30 | 2005-08-31 | 株式会社東芝 | Packet transfer method and packet processing apparatus |
US5892825A (en) | 1996-05-15 | 1999-04-06 | Hyperlock Technologies Inc | Method of secure server control of local media via a trigger through a network for instant local access of encrypted data on local media |
US5937164A (en) | 1995-12-07 | 1999-08-10 | Hyperlock Technologies, Inc. | Method and apparatus of secure server control of local media via a trigger through a network for instant local access of encrypted data on local media within a platform independent networking system |
US5812844A (en) | 1995-12-07 | 1998-09-22 | Microsoft Corporation | Method and system for scheduling the execution of threads using optional time-specific scheduling constraints |
US5758343A (en) | 1995-12-08 | 1998-05-26 | Ncr Corporation | Apparatus and method for integrating multiple delegate directory service agents |
US5745574A (en) | 1995-12-15 | 1998-04-28 | Entegrity Solutions Corporation | Security infrastructure for electronic transactions |
US5793954A (en) | 1995-12-20 | 1998-08-11 | Nb Networks | System and method for general purpose network analysis |
US5706442A (en) * | 1995-12-20 | 1998-01-06 | Block Financial Corporation | System for on-line financial services using distributed objects |
US5781901A (en) | 1995-12-21 | 1998-07-14 | Intel Corporation | Transmitting electronic mail attachment over a network using a e-mail page |
US5903723A (en) | 1995-12-21 | 1999-05-11 | Intel Corporation | Method and apparatus for transmitting electronic mail attachments with attachment references |
US5602918A (en) * | 1995-12-22 | 1997-02-11 | Virtual Open Network Environment Corp. | Application level security system and method |
CA2242596C (en) | 1996-01-11 | 2012-06-19 | Mrj, Inc. | System for controlling access and distribution of digital property |
US5801700A (en) | 1996-01-19 | 1998-09-01 | Silicon Graphics Incorporated | System and method for an iconic drag and drop interface for electronic file transfer |
US5898830A (en) | 1996-10-17 | 1999-04-27 | Network Engineering Software | Firewall providing enhanced network security and user transparency |
US5826014A (en) | 1996-02-06 | 1998-10-20 | Network Engineering Software | Firewall system for protecting network elements connected to a public network |
JP3165366B2 (en) | 1996-02-08 | 2001-05-14 | 株式会社日立製作所 | Network security system |
US6587949B1 (en) | 1998-06-26 | 2003-07-01 | Fotonation Holdings, Llc | Secure storage device for transfer of data via removable storage |
US5963915A (en) | 1996-02-21 | 1999-10-05 | Infoseek Corporation | Secure, convenient and efficient system and method of performing trans-internet purchase transactions |
US5855020A (en) | 1996-02-21 | 1998-12-29 | Infoseek Corporation | Web scan process |
US5751956A (en) | 1996-02-21 | 1998-05-12 | Infoseek Corporation | Method and apparatus for redirection of server external hyper-link references |
US5790664A (en) | 1996-02-26 | 1998-08-04 | Network Engineering Software, Inc. | Automated system for management of licensed software |
US20010011253A1 (en) | 1998-08-04 | 2001-08-02 | Christopher D. Coley | Automated system for management of licensed software |
US6075863A (en) | 1996-02-28 | 2000-06-13 | Encanto Networks | Intelligent communication device |
US5862325A (en) * | 1996-02-29 | 1999-01-19 | Intermind Corporation | Computer-based communication system and method using metadata defining a control structure |
US5768388A (en) | 1996-03-01 | 1998-06-16 | Goldwasser; Shafi | Time delayed key escrow |
US5684951A (en) | 1996-03-20 | 1997-11-04 | Synopsys, Inc. | Method and system for user authorization over a multi-user computer system |
US5673322A (en) | 1996-03-22 | 1997-09-30 | Bell Communications Research, Inc. | System and method for providing protocol translation and filtering to access the world wide web from wireless or low-bandwidth networks |
US5850442A (en) | 1996-03-26 | 1998-12-15 | Entegrity Solutions Corporation | Secure world wide electronic commerce over an open network |
US5826022A (en) | 1996-04-05 | 1998-10-20 | Sun Microsystems, Inc. | Method and apparatus for receiving electronic mail |
US5727156A (en) | 1996-04-10 | 1998-03-10 | Hotoffice Technologies, Inc. | Internet-based automatic publishing system |
US5815573A (en) | 1996-04-10 | 1998-09-29 | International Business Machines Corporation | Cryptographic key recovery system |
US5845084A (en) | 1996-04-18 | 1998-12-01 | Microsoft Corporation | Automatic data display formatting with a networking application |
US5778372A (en) | 1996-04-18 | 1998-07-07 | Microsoft Corporation | Remote retrieval and display management of electronic document with incorporated images |
US5815657A (en) | 1996-04-26 | 1998-09-29 | Verifone, Inc. | System, method and article of manufacture for network electronic authorization utilizing an authorization instrument |
US5864852A (en) * | 1996-04-26 | 1999-01-26 | Netscape Communications Corporation | Proxy server caching mechanism that provides a file directory structure and a mapping mechanism within the file directory structure |
US5842216A (en) | 1996-05-03 | 1998-11-24 | Mitsubishi Electric Information Technology Center America, Inc. | System for sending small positive data notification messages over a network to indicate that a recipient node should obtain a particular version of a particular data item |
US5793972A (en) | 1996-05-03 | 1998-08-11 | Westminster International Computers Inc. | System and method providing an interactive response to direct mail by creating personalized web page based on URL provided on mail piece |
US5742769A (en) | 1996-05-06 | 1998-04-21 | Banyan Systems, Inc. | Directory with options for access to and display of email addresses |
US5903651A (en) | 1996-05-14 | 1999-05-11 | Valicert, Inc. | Apparatus and method for demonstrating and confirming the status of a digital certificates and other data |
US6085320A (en) | 1996-05-15 | 2000-07-04 | Rsa Security Inc. | Client/server protocol for proving authenticity |
US5884033A (en) | 1996-05-15 | 1999-03-16 | Spyglass, Inc. | Internet filtering system for filtering data transferred over the internet utilizing immediate and deferred filtering actions |
US5768528A (en) | 1996-05-24 | 1998-06-16 | V-Cast, Inc. | Client-server system for delivery of online information |
US6092067A (en) | 1996-05-30 | 2000-07-18 | Microsoft Corporation | Desktop information manager for recording and viewing important events data structure |
US5918013A (en) | 1996-06-03 | 1999-06-29 | Webtv Networks, Inc. | Method of transcoding documents in a network environment using a proxy server |
US5822526A (en) | 1996-06-03 | 1998-10-13 | Microsoft Corporation | System and method for maintaining and administering email address names in a network |
CA2257309C (en) | 1996-06-07 | 2002-06-11 | At&T Corp. | Internet file system |
US6151643A (en) | 1996-06-07 | 2000-11-21 | Networks Associates, Inc. | Automatic updating of diverse software products on multiple client computer systems by downloading scanning application to client computer and generating software list on client computer |
US5812398A (en) | 1996-06-10 | 1998-09-22 | Sun Microsystems, Inc. | Method and system for escrowed backup of hotelled world wide web sites |
US6108688A (en) | 1996-06-12 | 2000-08-22 | Sun Microsystems, Inc. | System for reminding a sender of an email if recipient of the email does not respond by a selected time set by the sender |
US6178509B1 (en) * | 1996-06-13 | 2001-01-23 | Intel Corporation | Tamper resistant methods and apparatus |
US6373950B1 (en) | 1996-06-17 | 2002-04-16 | Hewlett-Packard Company | System, method and article of manufacture for transmitting messages within messages utilizing an extensible, flexible architecture |
US5798706A (en) | 1996-06-18 | 1998-08-25 | Raptor Systems, Inc. | Detecting unauthorized network communication |
US5901227A (en) | 1996-06-20 | 1999-05-04 | Novell, Inc. | Method and apparatus for implementing partial and complete optional key escrow |
US5991807A (en) | 1996-06-24 | 1999-11-23 | Nortel Networks Corporation | System for controlling users access to a distributive network in accordance with constraints present in common access distributive network interface separate from a server |
US5781857A (en) | 1996-06-28 | 1998-07-14 | Motorola, Inc. | Method of establishing an email monitor responsive to a wireless communications system user |
JP3531367B2 (en) | 1996-07-04 | 2004-05-31 | 株式会社日立製作所 | Translator |
US5796830A (en) | 1996-07-29 | 1998-08-18 | International Business Machines Corporation | Interoperable cryptographic key recovery system |
US5802178A (en) | 1996-07-30 | 1998-09-01 | Itt Industries, Inc. | Stand alone device for providing security within computer networks |
US5828832A (en) | 1996-07-30 | 1998-10-27 | Itt Industries, Inc. | Mixed enclave operation in a computer network with multi-level network security |
US5790789A (en) | 1996-08-02 | 1998-08-04 | Suarez; Larry | Method and architecture for the creation, control and deployment of services within a distributed computer environment |
US5872931A (en) * | 1996-08-13 | 1999-02-16 | Veritas Software, Corp. | Management agent automatically executes corrective scripts in accordance with occurrences of specified events regardless of conditions of management interface and management engine |
US5711348A (en) * | 1996-08-14 | 1998-01-27 | Moog Inc. | Hot gas control valve |
US5907620A (en) | 1996-08-23 | 1999-05-25 | Cheyenne Property Trust | Method and apparatus for enforcing the use of cryptography in an international cryptography framework |
US5799083A (en) | 1996-08-26 | 1998-08-25 | Brothers; Harlan Jay | Event verification system |
US5832208A (en) | 1996-09-05 | 1998-11-03 | Cheyenne Software International Sales Corp. | Anti-virus agent for use with databases and mail servers |
US5892903A (en) | 1996-09-12 | 1999-04-06 | Internet Security Systems, Inc. | Method and apparatus for detecting and identifying security vulnerabilities in an open network computer communication system |
US5950195A (en) | 1996-09-18 | 1999-09-07 | Secure Computing Corporation | Generalized security policy management system and method |
US6072942A (en) | 1996-09-18 | 2000-06-06 | Secure Computing Corporation | System and method of electronic mail filtering using interconnected nodes |
US5937066A (en) | 1996-10-02 | 1999-08-10 | International Business Machines Corporation | Two-phase cryptographic key recovery system |
US5951698A (en) | 1996-10-02 | 1999-09-14 | Trend Micro, Incorporated | System, apparatus and method for the detection and removal of viruses in macros |
JPH10111727A (en) | 1996-10-03 | 1998-04-28 | Toshiba Corp | Information equipment having telephone function and security rearising method therefor |
US6012144A (en) * | 1996-10-08 | 2000-01-04 | Pickett; Thomas E. | Transaction security method and apparatus |
US5835090A (en) | 1996-10-16 | 1998-11-10 | Etma, Inc. | Desktop manager for graphical user interface based system with enhanced desktop |
US5930479A (en) | 1996-10-21 | 1999-07-27 | At&T Corp | Communications addressing system |
US6192407B1 (en) * | 1996-10-24 | 2001-02-20 | Tumbleweed Communications Corp. | Private, trackable URLs for directed document delivery |
US6502191B1 (en) | 1997-02-14 | 2002-12-31 | Tumbleweed Communications Corp. | Method and system for binary data firewall delivery |
US6385655B1 (en) | 1996-10-24 | 2002-05-07 | Tumbleweed Communications Corp. | Method and apparatus for delivering documents over an electronic network |
US6119137A (en) | 1997-01-30 | 2000-09-12 | Tumbleweed Communications Corp. | Distributed dynamic document conversion server |
US5790790A (en) | 1996-10-24 | 1998-08-04 | Tumbleweed Software Corporation | Electronic document delivery system in which notification of said electronic document is sent to a recipient thereof |
WO1998019260A1 (en) | 1996-10-30 | 1998-05-07 | Theodor Holm Nelson | Many-to-many payment system for network content materials |
US5923885A (en) | 1996-10-31 | 1999-07-13 | Sun Microsystems, Inc. | Acquisition and operation of remotely loaded software using applet modification of browser software |
US6453345B2 (en) | 1996-11-06 | 2002-09-17 | Datadirect Networks, Inc. | Network security and surveillance system |
US6167520A (en) | 1996-11-08 | 2000-12-26 | Finjan Software, Inc. | System and method for protecting a client during runtime from hostile downloadables |
US5991881A (en) | 1996-11-08 | 1999-11-23 | Harris Corporation | Network surveillance system |
US6154844A (en) | 1996-11-08 | 2000-11-28 | Finjan Software, Ltd. | System and method for attaching a downloadable security profile to a downloadable |
US5796948A (en) | 1996-11-12 | 1998-08-18 | Cohen; Elliot D. | Offensive message interceptor for computers |
US5872844A (en) * | 1996-11-18 | 1999-02-16 | Microsoft Corporation | System and method for detecting fraudulent expenditure of transferable electronic assets |
US5796942A (en) | 1996-11-21 | 1998-08-18 | Computer Associates International, Inc. | Method and apparatus for automated network-wide surveillance and security breach intervention |
JPH10164124A (en) | 1996-12-04 | 1998-06-19 | Canon Inc | Communication device |
US6367012B1 (en) | 1996-12-06 | 2002-04-02 | Microsoft Corporation | Embedding certifications in executable files for network transmission |
US5892904A (en) | 1996-12-06 | 1999-04-06 | Microsoft Corporation | Code certification for network transmission |
US5959976A (en) | 1996-12-09 | 1999-09-28 | Kuo; Yung-Tien | Method and device for filtering transmission |
US5968119A (en) | 1996-12-09 | 1999-10-19 | Wall Data Incorporated | Method of accessing information of an SNA host computer from a client computer using a specific terminal emulation |
US5903882A (en) | 1996-12-13 | 1999-05-11 | Certco, Llc | Reliance server for electronic transaction system |
US6285991B1 (en) | 1996-12-13 | 2001-09-04 | Visa International Service Association | Secure interactive electronic account statement delivery system |
US6009274A (en) | 1996-12-13 | 1999-12-28 | 3Com Corporation | Method and apparatus for automatically updating software components on end systems over a network |
RU2144270C1 (en) | 1996-12-16 | 2000-01-10 | Самсунг Электроникс Ко., Лтд. | Method for transmission of e-mail messages in local-area network and device which implements said method |
US5911776A (en) | 1996-12-18 | 1999-06-15 | Unisys Corporation | Automatic format conversion system and publishing methodology for multi-user network |
US6061722A (en) | 1996-12-23 | 2000-05-09 | T E Network, Inc. | Assessing network performance without interference with normal network operations |
US5951644A (en) | 1996-12-24 | 1999-09-14 | Apple Computer, Inc. | System for predicting and managing network performance by managing and monitoring resourse utilization and connection of network |
US5907618A (en) | 1997-01-03 | 1999-05-25 | International Business Machines Corporation | Method and apparatus for verifiably providing key recovery information in a cryptographic system |
US5805801A (en) | 1997-01-09 | 1998-09-08 | International Business Machines Corporation | System and method for detecting and preventing security |
US5898836A (en) | 1997-01-14 | 1999-04-27 | Netmind Services, Inc. | Change-detection tool indicating degree and location of change of internet documents by comparison of cyclic-redundancy-check(CRC) signatures |
US5933647A (en) | 1997-01-24 | 1999-08-03 | Cognet Corporation | System and method for software distribution and desktop management in a computer network environment |
US5978799A (en) | 1997-01-30 | 1999-11-02 | Hirsch; G. Scott | Search engine including query database, user profile database, information templates and email facility |
US5956481A (en) | 1997-02-06 | 1999-09-21 | Microsoft Corporation | Method and apparatus for protecting data files on a computer from virus infection |
EP0858184A3 (en) * | 1997-02-07 | 1999-09-01 | Nds Limited | Digital recording protection system |
US5953502A (en) * | 1997-02-13 | 1999-09-14 | Helbig, Sr.; Walter A | Method and apparatus for enhancing computer system security |
JPH10232875A (en) | 1997-02-19 | 1998-09-02 | Hitachi Ltd | Data base managing method and parallel data base managing system |
US5896499A (en) | 1997-02-21 | 1999-04-20 | International Business Machines Corporation | Embedded security processor |
US5920630A (en) | 1997-02-25 | 1999-07-06 | United States Of America | Method of public key cryptography that includes key escrow |
US5922074A (en) | 1997-02-28 | 1999-07-13 | Xcert Software, Inc. | Method of and apparatus for providing secure distributed directory services and public key infrastructure |
US6408336B1 (en) | 1997-03-10 | 2002-06-18 | David S. Schneider | Distributed administration of access to information |
GB2324892B (en) * | 1997-03-14 | 1999-12-01 | Interactuality Limited | Process monitoring system |
US5960170A (en) | 1997-03-18 | 1999-09-28 | Trend Micro, Inc. | Event triggered iterative virus detection |
US5987606A (en) | 1997-03-19 | 1999-11-16 | Bascom Global Internet Services, Inc. | Method and system for content filtering information retrieved from an internet computer network |
US5958010A (en) | 1997-03-20 | 1999-09-28 | Firstsense Software, Inc. | Systems and methods for monitoring distributed applications including an interface running in an operating system kernel |
US5996011A (en) | 1997-03-25 | 1999-11-30 | Unified Research Laboratories, Inc. | System and method for filtering data received by a computer system |
US6539430B1 (en) | 1997-03-25 | 2003-03-25 | Symantec Corporation | System and method for filtering data received by a computer system |
US6304904B1 (en) | 1997-03-27 | 2001-10-16 | Intel Corporation | Method and apparatus for collecting page-level performance statistics from a network device |
CA2284797C (en) | 1997-03-31 | 2004-12-28 | Broadband Associates | Method and system for providing a presentation on a network |
US6061448A (en) | 1997-04-01 | 2000-05-09 | Tumbleweed Communications Corp. | Method and system for dynamic server document encryption |
US6249585B1 (en) | 1998-04-08 | 2001-06-19 | Network Associates, Inc | Publicly verifiable key recovery |
US5964889A (en) | 1997-04-16 | 1999-10-12 | Symantec Corporation | Method to analyze a program for presence of computer viruses by examining the opcode for faults before emulating instruction in emulator |
US6108786A (en) | 1997-04-25 | 2000-08-22 | Intel Corporation | Monitor network bindings for computer security |
US6243815B1 (en) | 1997-04-25 | 2001-06-05 | Anand K. Antur | Method and apparatus for reconfiguring and managing firewalls and security devices |
US6123737A (en) | 1997-05-21 | 2000-09-26 | Symantec Corporation | Push deployment of software packages using notification transports |
US6167438A (en) | 1997-05-22 | 2000-12-26 | Trustees Of Boston University | Method and system for distributed caching, prefetching and replication |
US5948104A (en) | 1997-05-23 | 1999-09-07 | Neuromedical Systems, Inc. | System and method for automated anti-viral file update |
TW338865B (en) * | 1997-06-03 | 1998-08-21 | Philips Eloctronics N V | Authentication system |
US6314190B1 (en) | 1997-06-06 | 2001-11-06 | Networks Associates Technology, Inc. | Cryptographic system with methods for user-controlled message recovery |
US6070243A (en) | 1997-06-13 | 2000-05-30 | Xylan Corporation | Deterministic user authentication service for communication network |
US5996077A (en) | 1997-06-16 | 1999-11-30 | Cylink Corporation | Access control system and method using hierarchical arrangement of security devices |
US6009462A (en) | 1997-06-16 | 1999-12-28 | Digital Equipment Corporation | Replacing large bit component of electronic mail (e-mail) message with hot-link in distributed computer system |
US6449640B1 (en) | 1997-06-19 | 2002-09-10 | International Business Machines Corporation | Web server with unique identification of linked objects |
US6226666B1 (en) | 1997-06-27 | 2001-05-01 | International Business Machines Corporation | Agent-based management system having an open layered architecture for synchronous and/or asynchronous messaging handling |
US6144744A (en) | 1997-06-30 | 2000-11-07 | International Business Machines Corporation | Method and apparatus for the secure transfer of objects between cryptographic processors |
US6453352B1 (en) | 1997-07-14 | 2002-09-17 | Electronic Data Systems Corporation | Integrated electronic commerce system and method |
US6230194B1 (en) | 1997-07-14 | 2001-05-08 | Freegate Corporation | Upgrading a secure network interface |
US5958005A (en) | 1997-07-17 | 1999-09-28 | Bell Atlantic Network Services, Inc. | Electronic mail security |
US7117358B2 (en) * | 1997-07-24 | 2006-10-03 | Tumbleweed Communications Corp. | Method and system for filtering communication |
US7127741B2 (en) | 1998-11-03 | 2006-10-24 | Tumbleweed Communications Corp. | Method and system for e-mail message transmission |
US6609196B1 (en) | 1997-07-24 | 2003-08-19 | Tumbleweed Communications Corp. | E-mail firewall with stored key encryption/decryption |
US20050081059A1 (en) * | 1997-07-24 | 2005-04-14 | Bandini Jean-Christophe Denis | Method and system for e-mail filtering |
US7162738B2 (en) | 1998-11-03 | 2007-01-09 | Tumbleweed Communications Corp. | E-mail firewall with stored key encryption/decryption |
US5941998A (en) | 1997-07-25 | 1999-08-24 | Samsung Electronics Co., Ltd. | Disk drive incorporating read-verify after write method |
US6073140A (en) | 1997-07-29 | 2000-06-06 | Acxiom Corporation | Method and system for the creation, enhancement and update of remote data using persistent keys |
US5946679A (en) | 1997-07-31 | 1999-08-31 | Torrent Networking Technologies, Corp. | System and method for locating a route in a route table using hashing and compressed radix tree searching |
US5919257A (en) | 1997-08-08 | 1999-07-06 | Novell, Inc. | Networked workstation intrusion detection system |
US6006329A (en) | 1997-08-11 | 1999-12-21 | Symantec Corporation | Detection of computer viruses spanning multiple data streams |
US5999967A (en) * | 1997-08-17 | 1999-12-07 | Sundsted; Todd | Electronic mail filtering by electronic stamp |
US6199102B1 (en) | 1997-08-26 | 2001-03-06 | Christopher Alan Cobb | Method and system for filtering electronic messages |
US6442688B1 (en) | 1997-08-29 | 2002-08-27 | Entrust Technologies Limited | Method and apparatus for obtaining status of public key certificate updates |
US6357008B1 (en) | 1997-09-23 | 2002-03-12 | Symantec Corporation | Dynamic heuristic method for detecting computer viruses using decryption exploration and evaluation phases |
US9197599B1 (en) | 1997-09-26 | 2015-11-24 | Verizon Patent And Licensing Inc. | Integrated business system for web based telecommunications management |
US6119230A (en) | 1997-10-01 | 2000-09-12 | Novell, Inc. | Distributed dynamic security capabilities |
US6185678B1 (en) * | 1997-10-02 | 2001-02-06 | Trustees Of The University Of Pennsylvania | Secure and reliable bootstrap architecture |
US6055519A (en) | 1997-10-11 | 2000-04-25 | I2 Technologies, Inc. | Framework for negotiation and tracking of sale of goods |
US6393568B1 (en) | 1997-10-23 | 2002-05-21 | Entrust Technologies Limited | Encryption and decryption system and method with content analysis provision |
US5991879A (en) | 1997-10-23 | 1999-11-23 | Bull Hn Information Systems Inc. | Method for gradual deployment of user-access security within a data processing system |
US6092102A (en) | 1997-10-24 | 2000-07-18 | University Of Pittsburgh Of The Commonwealth System Of Higher Education | System and method for notifying users about information or events of an enterprise |
US6092201A (en) | 1997-10-24 | 2000-07-18 | Entrust Technologies | Method and apparatus for extending secure communication operations via a shared list |
US6496979B1 (en) | 1997-10-24 | 2002-12-17 | Microsoft Corporation | System and method for managing application installation for a mobile device |
US6223172B1 (en) | 1997-10-31 | 2001-04-24 | Nortel Networks Limited | Address routing using address-sensitive mask decimation scheme |
US6119231A (en) | 1997-10-31 | 2000-09-12 | Cisco Technologies, Inc. | Data scanning network security technique |
US6112181A (en) | 1997-11-06 | 2000-08-29 | Intertrust Technologies Corporation | Systems and methods for matching, selecting, narrowcasting, and/or classifying based on rights management and/or other information |
US6275937B1 (en) | 1997-11-06 | 2001-08-14 | International Business Machines Corporation | Collaborative server processing of content and meta-information with application to virus checking in a server network |
US6362836B1 (en) | 1998-04-06 | 2002-03-26 | The Santa Cruz Operation, Inc. | Universal application server for providing applications on a variety of client devices in a client/server network |
US6119165A (en) | 1997-11-17 | 2000-09-12 | Trend Micro, Inc. | Controlled distribution of application programs in a computer network |
US6003027A (en) | 1997-11-21 | 1999-12-14 | International Business Machines Corporation | System and method for determining confidence levels for the results of a categorization system |
US6021510A (en) * | 1997-11-24 | 2000-02-01 | Symantec Corporation | Antivirus accelerator |
US6094731A (en) | 1997-11-24 | 2000-07-25 | Symantec Corporation | Antivirus accelerator for computer networks |
US6393465B2 (en) * | 1997-11-25 | 2002-05-21 | Nixmail Corporation | Junk electronic mail detector and eliminator |
US5860068A (en) * | 1997-12-04 | 1999-01-12 | Petabyte Corporation | Method and system for custom manufacture and delivery of a data product |
US6202157B1 (en) | 1997-12-08 | 2001-03-13 | Entrust Technologies Limited | Computer network security system and method having unilateral enforceable security policy provision |
JPH11175329A (en) | 1997-12-08 | 1999-07-02 | Hitachi Ltd | Application linking method and device therefor |
US7055173B1 (en) | 1997-12-19 | 2006-05-30 | Avaya Technology Corp. | Firewall pooling in a network flowswitch |
US6023723A (en) * | 1997-12-22 | 2000-02-08 | Accepted Marketing, Inc. | Method and system for filtering unwanted junk e-mail utilizing a plurality of filtering mechanisms |
US6009103A (en) | 1997-12-23 | 1999-12-28 | Mediaone Group, Inc. | Method and system for automatic allocation of resources in a network |
US6052709A (en) * | 1997-12-23 | 2000-04-18 | Bright Light Technologies, Inc. | Apparatus and method for controlling delivery of unsolicited electronic mail |
KR100403270B1 (en) | 1997-12-29 | 2004-03-20 | 삼성전자주식회사 | Method and device for protecting copyright of digital recording medium, and the digital recording medium thereof |
US6088803A (en) | 1997-12-30 | 2000-07-11 | Intel Corporation | System for virus-checking network data during download to a client device |
US6035423A (en) | 1997-12-31 | 2000-03-07 | Network Associates, Inc. | Method and system for providing automated updating and upgrading of antivirus applications using a computer network |
US6279133B1 (en) | 1997-12-31 | 2001-08-21 | Kawasaki Steel Corporation | Method and apparatus for significantly improving the reliability of multilevel memory architecture |
US6029256A (en) * | 1997-12-31 | 2000-02-22 | Network Associates, Inc. | Method and system for allowing computer programs easy access to features of a virus scanning engine |
US6088804A (en) | 1998-01-12 | 2000-07-11 | Motorola, Inc. | Adaptive system and method for responding to computer network security attacks |
US5999932A (en) | 1998-01-13 | 1999-12-07 | Bright Light Technologies, Inc. | System and method for filtering unsolicited electronic mail messages using data matching and heuristic processing |
US6138254A (en) | 1998-01-22 | 2000-10-24 | Micron Technology, Inc. | Method and apparatus for redundant location addressing using data compression |
CA2228687A1 (en) | 1998-02-04 | 1999-08-04 | Brett Howard | Secured virtual private networks |
US6385596B1 (en) | 1998-02-06 | 2002-05-07 | Liquid Audio, Inc. | Secure online music distribution system |
SE513828C2 (en) * | 1998-07-02 | 2000-11-13 | Effnet Group Ab | Firewall device and method for controlling network data packet traffic between internal and external networks |
US5987610A (en) | 1998-02-12 | 1999-11-16 | Ameritech Corporation | Computer virus screening methods and systems |
US6233577B1 (en) | 1998-02-17 | 2001-05-15 | Phone.Com, Inc. | Centralized certificate management system for two-way interactive communication devices in data networks |
ATE555472T1 (en) | 1998-02-27 | 2012-05-15 | Doug Carson & Associates Inc | INDIVIDUAL ADJUSTMENT OF HOLE AND BAR TRANSITION TYPES IN A PROCESS FOR PRODUCING A MATRIZE FOR OPTICAL PLATES |
US6026414A (en) * | 1998-03-05 | 2000-02-15 | International Business Machines Corporation | System including a proxy client to backup files in a distributed computing environment |
US6279113B1 (en) | 1998-03-16 | 2001-08-21 | Internet Tools, Inc. | Dynamic signature inspection-based network intrusion detection |
US6182226B1 (en) * | 1998-03-18 | 2001-01-30 | Secure Computing Corporation | System and method for controlling interactions between networks |
US6134550A (en) | 1998-03-18 | 2000-10-17 | Entrust Technologies Limited | Method and apparatus for use in determining validity of a certificate in a communication system employing trusted paths |
US6738814B1 (en) | 1998-03-18 | 2004-05-18 | Cisco Technology, Inc. | Method for blocking denial of service and address spoofing attacks on a private network |
US6453419B1 (en) | 1998-03-18 | 2002-09-17 | Secure Computing Corporation | System and method for implementing a security policy |
US6052531A (en) | 1998-03-25 | 2000-04-18 | Symantec Corporation | Multi-tiered incremental software updating |
US6154769A (en) | 1998-03-27 | 2000-11-28 | Hewlett-Packard Company | Scheduling server requests to decrease response time and increase server throughput |
US6430184B1 (en) | 1998-04-10 | 2002-08-06 | Top Layer Networks, Inc. | System and process for GHIH-speed pattern matching for application-level switching of data packets |
US6092114A (en) | 1998-04-17 | 2000-07-18 | Siemens Information And Communication Networks, Inc. | Method and system for determining the location for performing file-format conversions of electronics message attachments |
US6145083A (en) | 1998-04-23 | 2000-11-07 | Siemens Information And Communication Networks, Inc. | Methods and system for providing data and telephony security |
US6529498B1 (en) * | 1998-04-28 | 2003-03-04 | Cisco Technology, Inc. | Routing support for point-to-multipoint connections |
US6104500A (en) | 1998-04-29 | 2000-08-15 | Bcl, Computer Inc. | Networked fax routing via email |
US6298445B1 (en) | 1998-04-30 | 2001-10-02 | Netect, Ltd. | Computer security |
US6119157A (en) | 1998-05-14 | 2000-09-12 | Sun Microsystems, Inc. | Protocol for exchanging configuration data in a computer network |
JP3017712B2 (en) | 1998-05-15 | 2000-03-13 | 松下電送システム株式会社 | Internet facsimile |
US6275942B1 (en) | 1998-05-20 | 2001-08-14 | Network Associates, Inc. | System, method and computer program product for automatic response to computer system misuse using active response modules |
US6058482A (en) | 1998-05-22 | 2000-05-02 | Sun Microsystems, Inc. | Apparatus, method and system for providing network security for executable code in computer and communications networks |
US6330589B1 (en) | 1998-05-26 | 2001-12-11 | Microsoft Corporation | System and method for using a client database to manage conversation threads generated from email or news messages |
GB2337903B (en) | 1998-05-28 | 2000-06-07 | 3Com Corp | Methods and apparatus for collecting storing processing and using network traffic data |
CA2239060A1 (en) | 1998-05-28 | 1999-11-28 | Newbridge Networks Corporation | Rate monitoring of connections in a communications network using history buffer |
US6397259B1 (en) | 1998-05-29 | 2002-05-28 | Palm, Inc. | Method, system and apparatus for packet minimized communications |
US6289214B1 (en) | 1998-05-29 | 2001-09-11 | Ericsson Inc. | Systems and methods for deactivating a cellular radiotelephone system using an ANSI-41 short message service email |
US6167407A (en) | 1998-06-03 | 2000-12-26 | Symantec Corporation | Backtracked incremental updating |
US6240401B1 (en) | 1998-06-05 | 2001-05-29 | Digital Video Express, L.P. | System and method for movie transaction processing |
US6347374B1 (en) | 1998-06-05 | 2002-02-12 | Intrusion.Com, Inc. | Event detection |
US6216175B1 (en) | 1998-06-08 | 2001-04-10 | Microsoft Corporation | Method for upgrading copies of an original file with same update data after normalizing differences between copies created during respective original installations |
WO1999066383A2 (en) * | 1998-06-15 | 1999-12-23 | Dmw Worldwide, Inc. | Method and apparatus for assessing the security of a computer system |
US6317829B1 (en) | 1998-06-19 | 2001-11-13 | Entrust Technologies Limited | Public key cryptography based security system to facilitate secure roaming of users |
US6192360B1 (en) * | 1998-06-23 | 2001-02-20 | Microsoft Corporation | Methods and apparatus for classifying text and for building a text classifier |
US6266337B1 (en) | 1998-06-23 | 2001-07-24 | Expand Network Ltd. | Packet retransmission eliminator |
US6161130A (en) | 1998-06-23 | 2000-12-12 | Microsoft Corporation | Technique which utilizes a probabilistic classifier to detect "junk" e-mail by automatically updating a training and re-training the classifier based on the updated training set |
US6049789A (en) | 1998-06-24 | 2000-04-11 | Mentor Graphics Corporation | Software pay per use licensing system |
US6185689B1 (en) * | 1998-06-24 | 2001-02-06 | Richard S. Carson & Assoc., Inc. | Method for network self security assessment |
US6141778A (en) | 1998-06-29 | 2000-10-31 | Mci Communications Corporation | Method and apparatus for automating security functions in a computer system |
US6446109B2 (en) | 1998-06-29 | 2002-09-03 | Sun Microsystems, Inc. | Application computing environment |
US6324656B1 (en) | 1998-06-30 | 2001-11-27 | Cisco Technology, Inc. | System and method for rules-driven multi-phase network vulnerability assessment |
JP2000023116A (en) | 1998-07-01 | 2000-01-21 | Hitachi Ltd | Object identifier processing method and recording medium for providing the same |
US6442686B1 (en) | 1998-07-02 | 2002-08-27 | Networks Associates Technology, Inc. | System and methodology for messaging server-based management and enforcement of crypto policies |
US6347375B1 (en) | 1998-07-08 | 2002-02-12 | Ontrack Data International, Inc | Apparatus and method for remote virus diagnosis and repair |
US6182142B1 (en) * | 1998-07-10 | 2001-01-30 | Encommerce, Inc. | Distributed access management of information resources |
US6292833B1 (en) | 1998-07-17 | 2001-09-18 | Openwave Systems Inc. | Method and apparatus for providing access control to local services of mobile devices |
US6253337B1 (en) | 1998-07-21 | 2001-06-26 | Raytheon Company | Information security analysis system |
US6269447B1 (en) | 1998-07-21 | 2001-07-31 | Raytheon Company | Information security analysis system |
US6151675A (en) | 1998-07-23 | 2000-11-21 | Tumbleweed Software Corporation | Method and apparatus for effecting secure document format conversion |
GB2340344A (en) | 1998-07-29 | 2000-02-16 | Nokia Mobile Phones Ltd | Bilateral Data Transfer Verification for Programming a Cellular Phone |
US6711127B1 (en) | 1998-07-31 | 2004-03-23 | General Dynamics Government Systems Corporation | System for intrusion detection and vulnerability analysis in a telecommunications signaling network |
US6223213B1 (en) | 1998-07-31 | 2001-04-24 | Webtv Networks, Inc. | Browser-based email system with user interface for audio/video capture |
US6266668B1 (en) | 1998-08-04 | 2001-07-24 | Dryken Technologies, Inc. | System and method for dynamic data-mining and on-line communication of customized information |
US6304973B1 (en) | 1998-08-06 | 2001-10-16 | Cryptek Secure Communications, Llc | Multi-level security network system |
US6330551B1 (en) | 1998-08-06 | 2001-12-11 | Cybersettle.Com, Inc. | Computerized dispute resolution system and method |
US6169969B1 (en) * | 1998-08-07 | 2001-01-02 | The United States Of America As Represented By The Director Of The National Security Agency | Device and method for full-text large-dictionary string matching using n-gram hashing |
US6356935B1 (en) * | 1998-08-14 | 2002-03-12 | Xircom Wireless, Inc. | Apparatus and method for an authenticated electronic userid |
US6442588B1 (en) | 1998-08-20 | 2002-08-27 | At&T Corp. | Method of administering a dynamic filtering firewall |
US6223094B1 (en) | 1998-08-21 | 2001-04-24 | Sap Aktiengesellschaft | Multi-tiered structure for storing and displaying product and process variants |
US6269380B1 (en) | 1998-08-31 | 2001-07-31 | Xerox Corporation | Property based mechanism for flexibility supporting front-end and back-end components having different communication protocols |
US6438612B1 (en) | 1998-09-11 | 2002-08-20 | Ssh Communications Security, Ltd. | Method and arrangement for secure tunneling of data between virtual routers |
US6401210B1 (en) | 1998-09-23 | 2002-06-04 | Intel Corporation | Method of managing computer virus infected files |
US6324569B1 (en) | 1998-09-23 | 2001-11-27 | John W. L. Ogilvie | Self-removing email verified or designated as such by a message distributor for the convenience of a recipient |
US6687732B1 (en) | 1998-09-28 | 2004-02-03 | Inktomi Corporation | Adaptive traffic bypassing in an intercepting network driver |
US6338141B1 (en) * | 1998-09-30 | 2002-01-08 | Cybersoft, Inc. | Method and apparatus for computer virus detection, analysis, and removal in real time |
US6577920B1 (en) | 1998-10-02 | 2003-06-10 | Data Fellows Oyj | Computer virus screening |
US6256733B1 (en) | 1998-10-08 | 2001-07-03 | Entrust Technologies Limited | Access and storage of secure group communication cryptographic keys |
US6230190B1 (en) | 1998-10-09 | 2001-05-08 | Openwave Systems Inc. | Shared-everything file storage for clustered system |
US6219706B1 (en) | 1998-10-16 | 2001-04-17 | Cisco Technology, Inc. | Access control for networks |
US6327652B1 (en) | 1998-10-26 | 2001-12-04 | Microsoft Corporation | Loading and identifying a digital rights management operating system |
US6330670B1 (en) | 1998-10-26 | 2001-12-11 | Microsoft Corporation | Digital rights management operating system |
US6460141B1 (en) | 1998-10-28 | 2002-10-01 | Rsa Security Inc. | Security and access management system for web-enabled and non-web-enabled applications and content on a computer network |
US6260043B1 (en) | 1998-11-06 | 2001-07-10 | Microsoft Corporation | Automatic file format converter |
US6820202B1 (en) | 1998-11-09 | 2004-11-16 | First Data Corporation | Account authority digital signature (AADS) system |
US6321338B1 (en) | 1998-11-09 | 2001-11-20 | Sri International | Network surveillance |
US6282565B1 (en) | 1998-11-17 | 2001-08-28 | Kana Communications, Inc. | Method and apparatus for performing enterprise email management |
US6249807B1 (en) | 1998-11-17 | 2001-06-19 | Kana Communications, Inc. | Method and apparatus for performing enterprise email management |
US6272532B1 (en) | 1998-12-02 | 2001-08-07 | Harold F. Feinleib | Electronic reminder system with universal email input |
US6438549B1 (en) | 1998-12-03 | 2002-08-20 | International Business Machines Corporation | Method for storing sparse hierarchical data in a relational database |
US6341369B1 (en) * | 1998-12-03 | 2002-01-22 | International Business Machines Corporation | Method and data processing system for specifying and applying rules to classification-based decision points in an application system |
JP4218099B2 (en) * | 1998-12-03 | 2009-02-04 | ソニー株式会社 | Database, customer information search method, and customer information search device |
US6571245B2 (en) | 1998-12-07 | 2003-05-27 | Magically, Inc. | Virtual desktop in a computer network |
US6370648B1 (en) | 1998-12-08 | 2002-04-09 | Visa International Service Association | Computer network intrusion detection |
US6266774B1 (en) | 1998-12-08 | 2001-07-24 | Mcafee.Com Corporation | Method and system for securing, managing or optimizing a personal computer |
US6546416B1 (en) | 1998-12-09 | 2003-04-08 | Infoseek Corporation | Method and system for selectively blocking delivery of bulk electronic mail |
US6400804B1 (en) | 1998-12-10 | 2002-06-04 | At&T Corp. | On-hold activity selection apparatus and method |
US6550012B1 (en) | 1998-12-11 | 2003-04-15 | Network Associates, Inc. | Active firewall system and methodology |
US6249575B1 (en) | 1998-12-11 | 2001-06-19 | Securelogix Corporation | Telephony security system |
US6510466B1 (en) * | 1998-12-14 | 2003-01-21 | International Business Machines Corporation | Methods, systems and computer program products for centralized management of application programs on a network |
US6367009B1 (en) | 1998-12-17 | 2002-04-02 | International Business Machines Corporation | Extending SSL to a multi-tier environment using delegation of authentication and authority |
US6430688B1 (en) | 1998-12-22 | 2002-08-06 | International Business Machines Corporation | Architecture for web-based on-line-off-line digital certificate authority |
US6664666B2 (en) | 1998-12-23 | 2003-12-16 | Engineering Matters, Inc. | Motor assembly allowing output in multiple degrees of freedom |
US6574737B1 (en) | 1998-12-23 | 2003-06-03 | Symantec Corporation | System for penetrating computer or computer network |
US6434536B1 (en) | 1998-12-23 | 2002-08-13 | Timothy S. Geiger | Methods and systems for commerce |
US6615242B1 (en) * | 1998-12-28 | 2003-09-02 | At&T Corp. | Automatic uniform resource locator-based message filter |
US6118856A (en) | 1998-12-28 | 2000-09-12 | Nortel Networks Corporation | Method and apparatus for automatically forwarding an email message or portion thereof to a remote device |
US6499107B1 (en) | 1998-12-29 | 2002-12-24 | Cisco Technology, Inc. | Method and system for adaptive network security using intelligent packet analysis |
US6301668B1 (en) | 1998-12-29 | 2001-10-09 | Cisco Technology, Inc. | Method and system for adaptive network security using network vulnerability assessment |
US6654787B1 (en) | 1998-12-31 | 2003-11-25 | Brightmail, Incorporated | Method and apparatus for filtering e-mail |
US6266692B1 (en) | 1999-01-04 | 2001-07-24 | International Business Machines Corporation | Method for blocking all unwanted e-mail (SPAM) using a header-based password |
US6477651B1 (en) | 1999-01-08 | 2002-11-05 | Cisco Technology, Inc. | Intrusion detection system and method having dynamically loaded signatures |
US6715082B1 (en) | 1999-01-14 | 2004-03-30 | Cisco Technology, Inc. | Security server token caching |
US6954775B1 (en) | 1999-01-15 | 2005-10-11 | Cisco Technology, Inc. | Parallel intrusion detection sensors with load balancing for high speed networks |
US6487666B1 (en) | 1999-01-15 | 2002-11-26 | Cisco Technology, Inc. | Intrusion detection signature analysis using regular expressions and logical operators |
US6578147B1 (en) | 1999-01-15 | 2003-06-10 | Cisco Technology, Inc. | Parallel intrusion detection sensors with load balancing for high speed networks |
US6327594B1 (en) | 1999-01-29 | 2001-12-04 | International Business Machines Corporation | Methods for shared data management in a pervasive computing environment |
US6230266B1 (en) | 1999-02-03 | 2001-05-08 | Sun Microsystems, Inc. | Authentication system and process |
US7917744B2 (en) | 1999-02-03 | 2011-03-29 | Cybersoft, Inc. | Apparatus and methods for intercepting, examining and controlling code, data and files and their transfer in instant messaging and peer-to-peer applications |
US6424650B1 (en) | 1999-02-09 | 2002-07-23 | 3Com Corporation | Network address filter device |
US20030023695A1 (en) * | 1999-02-26 | 2003-01-30 | Atabok Japan, Inc. | Modifying an electronic mail system to produce a secure delivery system |
JP4779183B2 (en) | 1999-03-26 | 2011-09-28 | ソニー株式会社 | Playback apparatus and playback method |
US6405318B1 (en) | 1999-03-12 | 2002-06-11 | Psionic Software, Inc. | Intrusion detection system |
US6725377B1 (en) | 1999-03-12 | 2004-04-20 | Networks Associates Technology, Inc. | Method and system for updating anti-intrusion software |
US6301699B1 (en) | 1999-03-18 | 2001-10-09 | Corekt Security Systems, Inc. | Method for detecting buffer overflow for computer security |
US6438576B1 (en) | 1999-03-29 | 2002-08-20 | International Business Machines Corporation | Method and apparatus of a collaborative proxy system for distributed deployment of object rendering |
US6711679B1 (en) | 1999-03-31 | 2004-03-23 | International Business Machines Corporation | Public key infrastructure delegation |
US6732149B1 (en) | 1999-04-09 | 2004-05-04 | International Business Machines Corporation | System and method for hindering undesired transmission or receipt of electronic messages |
JP2000293587A (en) * | 1999-04-09 | 2000-10-20 | Sony Corp | Information processor, information processing method, management device and method, and providing medium |
US6584488B1 (en) | 1999-04-12 | 2003-06-24 | International Business Machines Corporation | Controlling allocation of system resources with an enhanced priority calculation |
US6804778B1 (en) | 1999-04-15 | 2004-10-12 | Gilian Technologies, Ltd. | Data quality assurance |
US6681331B1 (en) * | 1999-05-11 | 2004-01-20 | Cylant, Inc. | Dynamic software system intrusion detection |
US6981146B1 (en) | 1999-05-17 | 2005-12-27 | Invicta Networks, Inc. | Method of communications and communication network intrusion protection methods and intrusion attempt detection system |
US6988199B2 (en) * | 2000-07-07 | 2006-01-17 | Message Secure | Secure and reliable document delivery |
US6578025B1 (en) | 1999-06-11 | 2003-06-10 | Abuzz Technologies, Inc. | Method and apparatus for distributing information to users |
US6901402B1 (en) * | 1999-06-18 | 2005-05-31 | Microsoft Corporation | System for improving the performance of information retrieval-type tasks by identifying the relations of constituents |
US6731756B1 (en) | 1999-06-21 | 2004-05-04 | Elisar Software Corporation, Inc. | Method for securing video images |
US6804237B1 (en) | 1999-06-23 | 2004-10-12 | Nortel Networks Limited | Method, devices and signals for multiplexing payload data for transport in a data network |
US6484176B1 (en) | 1999-06-25 | 2002-11-19 | Baynet World, Inc. | System and process for providing remote interactive access to a real estate information database using a portable computing device |
US6510431B1 (en) * | 1999-06-28 | 2003-01-21 | International Business Machines Corporation | Method and system for the routing of requests using an automated classification and profile matching in a networked environment |
US6895436B1 (en) | 1999-07-01 | 2005-05-17 | International Business Machines Corporation | Method and system for evaluating network security |
US6675153B1 (en) * | 1999-07-06 | 2004-01-06 | Zix Corporation | Transaction authorization system |
US6910135B1 (en) | 1999-07-07 | 2005-06-21 | Verizon Corporate Services Group Inc. | Method and apparatus for an intruder detection reporting and response system |
US6560632B1 (en) | 1999-07-16 | 2003-05-06 | International Business Machines Corporation | System and method for managing files in a distributed system using prioritization |
US6772346B1 (en) | 1999-07-16 | 2004-08-03 | International Business Machines Corporation | System and method for managing files in a distributed system using filtering |
US6675209B1 (en) * | 1999-07-19 | 2004-01-06 | Hewlett-Packard Development Company, L.P. | Method and system for assigning priority among network segments |
US6845449B1 (en) * | 1999-07-23 | 2005-01-18 | Networks Associates Technology, Inc. | System and method for fast nested message authentication codes and error correction codes |
US6976168B1 (en) | 1999-07-23 | 2005-12-13 | Mcafee, Inc. | System and method for adaptive cryptographically synchronized authentication |
US6915426B1 (en) | 1999-07-23 | 2005-07-05 | Networks Associates Technology, Inc. | System and method for enabling authentication at different authentication strength-performance levels |
US6842860B1 (en) * | 1999-07-23 | 2005-01-11 | Networks Associates Technology, Inc. | System and method for selectively authenticating data |
US7886008B2 (en) * | 1999-07-28 | 2011-02-08 | Rpost International Limited | System and method for verifying delivery and integrity of electronic messages |
US6684335B1 (en) * | 1999-08-19 | 2004-01-27 | Epstein, Iii Edwin A. | Resistance cell architecture |
US6647400B1 (en) | 1999-08-30 | 2003-11-11 | Symantec Corporation | System and method for analyzing filesystems to detect intrusions |
US6324647B1 (en) | 1999-08-31 | 2001-11-27 | Michel K. Bowman-Amuah | System, method and article of manufacture for security management in a development architecture framework |
US6742015B1 (en) | 1999-08-31 | 2004-05-25 | Accenture Llp | Base services patterns in a netcentric environment |
US6332163B1 (en) | 1999-09-01 | 2001-12-18 | Accenture, Llp | Method for providing communication services over a computer network system |
US7853989B2 (en) | 2000-02-08 | 2010-12-14 | Katsikas Peter L | System for eliminating unauthorized electronic mail |
US6952776B1 (en) | 1999-09-22 | 2005-10-04 | International Business Machines Corporation | Method and apparatus for increasing virus detection speed using a database |
US6389419B1 (en) | 1999-10-06 | 2002-05-14 | Cisco Technology, Inc. | Storing and retrieving connection information using bidirectional hashing of connection identifiers |
US6304898B1 (en) | 1999-10-13 | 2001-10-16 | Datahouse, Inc. | Method and system for creating and sending graphical email |
US6789202B1 (en) | 1999-10-15 | 2004-09-07 | Networks Associates Technology, Inc. | Method and apparatus for providing a policy-driven intrusion detection system |
JP3843667B2 (en) | 1999-10-15 | 2006-11-08 | セイコーエプソン株式会社 | Data transfer control device and electronic device |
US6662230B1 (en) | 1999-10-20 | 2003-12-09 | International Business Machines Corporation | System and method for dynamically limiting robot access to server data |
US6611869B1 (en) | 1999-10-28 | 2003-08-26 | Networks Associates, Inc. | System and method for providing trustworthy network security concern communication in an active security management environment |
US7181768B1 (en) * | 1999-10-28 | 2007-02-20 | Cigital | Computer intrusion detection system and method based on application monitoring |
JP3463803B2 (en) | 1999-11-09 | 2003-11-05 | 松下電器産業株式会社 | Cluster server device |
US6990591B1 (en) | 1999-11-18 | 2006-01-24 | Secureworks, Inc. | Method and system for remotely configuring and monitoring a communication device |
US7363361B2 (en) | 2000-08-18 | 2008-04-22 | Akamai Technologies, Inc. | Secure content delivery system |
US6321267B1 (en) | 1999-11-23 | 2001-11-20 | Escom Corporation | Method and apparatus for filtering junk email |
US6363489B1 (en) | 1999-11-29 | 2002-03-26 | Forescout Technologies Inc. | Method for automatic intrusion detection and deflection in a network |
US6851057B1 (en) | 1999-11-30 | 2005-02-01 | Symantec Corporation | Data driven detection of viruses |
US6728886B1 (en) | 1999-12-01 | 2004-04-27 | Trend Micro Incorporated | Distributed virus scanning arrangements and methods therefor |
US6510464B1 (en) * | 1999-12-14 | 2003-01-21 | Verizon Corporate Services Group Inc. | Secure gateway having routing feature |
FR2802667B1 (en) | 1999-12-21 | 2002-01-25 | Bull Sa | METHOD AND DEVICE FOR CONFIGURING FIREWALLS IN A COMPUTER SYSTEM |
US6460050B1 (en) * | 1999-12-22 | 2002-10-01 | Mark Raymond Pace | Distributed content identification system |
US6697950B1 (en) | 1999-12-22 | 2004-02-24 | Networks Associates Technology, Inc. | Method and apparatus for detecting a macro computer virus using static analysis |
US6775657B1 (en) | 1999-12-22 | 2004-08-10 | Cisco Technology, Inc. | Multilayered intrusion detection system and method |
US20010034839A1 (en) | 1999-12-24 | 2001-10-25 | Guenter Karjoth | Method and apparatus for secure transmission of data and applications |
GB2353372B (en) | 1999-12-24 | 2001-08-22 | F Secure Oyj | Remote computer virus scanning |
US6976271B1 (en) | 2000-01-06 | 2005-12-13 | International Business Machines Corporation | Method and system for retrieving an anti-virus signature from one or a plurality of virus-free certificate authorities |
US6928550B1 (en) | 2000-01-06 | 2005-08-09 | International Business Machines Corporation | Method and system for generating and using a virus free file certificate |
US6701440B1 (en) | 2000-01-06 | 2004-03-02 | Networks Associates Technology, Inc. | Method and system for protecting a computer using a remote e-mail scanning device |
US6735700B1 (en) | 2000-01-11 | 2004-05-11 | Network Associates Technology, Inc. | Fast virus scanning using session stamping |
US6802002B1 (en) | 2000-01-14 | 2004-10-05 | Hewlett-Packard Development Company, L.P. | Method and apparatus for providing field confidentiality in digital certificates |
US6785818B1 (en) | 2000-01-14 | 2004-08-31 | Symantec Corporation | Thwarting malicious registry mapping modifications and map-loaded module masquerade attacks |
IL134066A (en) | 2000-01-16 | 2004-07-25 | Eluv Holdings Ltd | Key encrypted e-mail system |
JP2001209584A (en) | 2000-01-26 | 2001-08-03 | Nec Niigata Ltd | Data encryption device and its method |
US6883101B1 (en) | 2000-02-08 | 2005-04-19 | Harris Corporation | System and method for assessing the security posture of a network using goal oriented fuzzy logic decision rules |
US20020016910A1 (en) * | 2000-02-11 | 2002-02-07 | Wright Robert P. | Method for secure distribution of documents over electronic networks |
US7117246B2 (en) | 2000-02-22 | 2006-10-03 | Sendmail, Inc. | Electronic mail system with methodology providing distributed message store |
US6452613B1 (en) | 2000-03-01 | 2002-09-17 | First Usa Bank, N.A. | System and method for an automated scoring tool for assessing new technologies |
US6691156B1 (en) | 2000-03-10 | 2004-02-10 | International Business Machines Corporation | Method for restricting delivery of unsolicited E-mail |
US6971019B1 (en) | 2000-03-14 | 2005-11-29 | Symantec Corporation | Histogram-based virus detection |
US7159237B2 (en) * | 2000-03-16 | 2007-01-02 | Counterpane Internet Security, Inc. | Method and system for dynamic network intrusion monitoring, detection and response |
US6842861B1 (en) * | 2000-03-24 | 2005-01-11 | Networks Associates Technology, Inc. | Method and system for detecting viruses on handheld computers |
US6892237B1 (en) | 2000-03-28 | 2005-05-10 | Cisco Technology, Inc. | Method and apparatus for high-speed parsing of network messages |
US6748531B1 (en) | 2000-03-28 | 2004-06-08 | Koninklijke Philips Electronics N.V | Method and apparatus for confirming and revoking trust in a multi-level content distribution system |
US7177421B2 (en) * | 2000-04-13 | 2007-02-13 | Broadcom Corporation | Authentication engine architecture and method |
US6519703B1 (en) | 2000-04-14 | 2003-02-11 | James B. Joyce | Methods and apparatus for heuristic firewall |
US6584564B2 (en) * | 2000-04-25 | 2003-06-24 | Sigaba Corporation | Secure e-mail system |
US7921459B2 (en) * | 2000-04-28 | 2011-04-05 | International Business Machines Corporation | System and method for managing security events on a network |
US7089428B2 (en) | 2000-04-28 | 2006-08-08 | Internet Security Systems, Inc. | Method and system for managing computer security information |
US6742124B1 (en) | 2000-05-08 | 2004-05-25 | Networks Associates Technology, Inc. | Sequence-based anomaly detection using a distance matrix |
US6735703B1 (en) | 2000-05-08 | 2004-05-11 | Networks Associates Technology, Inc. | Multi-platform sequence-based anomaly detection wrapper |
US6968336B1 (en) | 2000-05-18 | 2005-11-22 | International Business Machines Corporation | Method for generating, organizing table codes either code is highest code level or code is linked to parent code in hierarchical structure |
US6950933B1 (en) | 2000-05-19 | 2005-09-27 | Networks Associates Technology, Inc. | Method and system for management and notification of electronic certificate changes |
US6922776B2 (en) | 2000-05-19 | 2005-07-26 | Networks Associates Technology, Inc. | Scalable system and method for management and notification of electronic certificate changes |
US20030159070A1 (en) | 2001-05-28 | 2003-08-21 | Yaron Mayer | System and method for comprehensive general generic protection for computers against malicious programs that may steal information and/or cause damages |
JP2002056176A (en) | 2000-06-01 | 2002-02-20 | Asgent Inc | Method and device for structuring security policy and method and device for supporting security policy structuring |
US6892178B1 (en) | 2000-06-02 | 2005-05-10 | Open Ratings Inc. | Method and system for ascribing a reputation to an entity from the perspective of another entity |
US6895385B1 (en) | 2000-06-02 | 2005-05-17 | Open Ratings | Method and system for ascribing a reputation to an entity as a rater of other entities |
US6892179B1 (en) | 2000-06-02 | 2005-05-10 | Open Ratings Inc. | System and method for ascribing a reputation to an entity |
US20020023140A1 (en) * | 2000-06-08 | 2002-02-21 | Hile John K. | Electronic document delivery system |
US7134141B2 (en) | 2000-06-12 | 2006-11-07 | Hewlett-Packard Development Company, L.P. | System and method for host and network based intrusion detection and response |
US7007301B2 (en) | 2000-06-12 | 2006-02-28 | Hewlett-Packard Development Company, L.P. | Computer architecture for an intrusion detection system |
US6985923B1 (en) * | 2000-06-13 | 2006-01-10 | International Business Machines Corporation | Method, article of manufacture and apparatus for processing redundant electronic mail messages |
US6611925B1 (en) | 2000-06-13 | 2003-08-26 | Networks Associates Technology, Inc. | Single point of entry/origination item scanning within an enterprise or workgroup |
US6721721B1 (en) | 2000-06-15 | 2004-04-13 | International Business Machines Corporation | Virus checking and reporting for computer database search results |
US6732101B1 (en) | 2000-06-15 | 2004-05-04 | Zix Corporation | Secure message forwarding system detecting user's preferences including security preferences |
US20030061506A1 (en) | 2001-04-05 | 2003-03-27 | Geoffrey Cooper | System and method for security policy |
US7328349B2 (en) | 2001-12-14 | 2008-02-05 | Bbn Technologies Corp. | Hash-based systems and methods for detecting, preventing, and tracing network worms and viruses |
US7058974B1 (en) | 2000-06-21 | 2006-06-06 | Netrake Corporation | Method and apparatus for preventing denial of service attacks |
US20020046041A1 (en) | 2000-06-23 | 2002-04-18 | Ken Lang | Automated reputation/trust service |
US7127743B1 (en) | 2000-06-23 | 2006-10-24 | Netforensics, Inc. | Comprehensive security structure platform for network managers |
EP1295454B1 (en) | 2000-06-30 | 2005-05-11 | BRITISH TELECOMMUNICATIONS public limited company | Packet data communications |
US6870849B1 (en) | 2000-07-06 | 2005-03-22 | Ross W. Callon | Apparatus and method for efficient hashing in networks |
US8661539B2 (en) | 2000-07-10 | 2014-02-25 | Oracle International Corporation | Intrusion threat detection |
US6738462B1 (en) | 2000-07-19 | 2004-05-18 | Avaya Technology Corp. | Unified communications automated personal name addressing |
US6757675B2 (en) | 2000-07-24 | 2004-06-29 | The Regents Of The University Of California | Method and apparatus for indexing document content and content comparison with World Wide Web search service |
ATE397346T1 (en) | 2000-07-25 | 2008-06-15 | Juniper Networks Inc | NETWORK ARCHITECTURE AND METHOD FOR TRANSPARENT ONLINE CROSS- SECTIONAL CODING AND TRANSPORTING NETWORK COMMUNICATIONS DATA |
US6687696B2 (en) | 2000-07-26 | 2004-02-03 | Recommind Inc. | System and method for personalized search, information filtering, and for generating recommendations utilizing statistical latent class models |
US6687687B1 (en) | 2000-07-26 | 2004-02-03 | Zix Scm, Inc. | Dynamic indexing information retrieval or filtering system |
US7085934B1 (en) | 2000-07-27 | 2006-08-01 | Mcafee, Inc. | Method and system for limiting processor utilization by a virus scanner |
GB2365158A (en) | 2000-07-28 | 2002-02-13 | Content Technologies Ltd | File analysis using byte distributions |
EP1312193A2 (en) | 2000-08-16 | 2003-05-21 | Filestream, Inc. | End-to-end secure file transfer method and system |
US6799197B1 (en) | 2000-08-29 | 2004-09-28 | Networks Associates Technology, Inc. | Secure method and system for using a public network or email to administer to software on a plurality of client computers |
US6910134B1 (en) | 2000-08-29 | 2005-06-21 | Netrake Corporation | Method and device for innoculating email infected with a virus |
GB2368233B (en) | 2000-08-31 | 2002-10-16 | F Secure Oyj | Maintaining virus detection software |
US6772334B1 (en) | 2000-08-31 | 2004-08-03 | Networks Associates, Inc. | System and method for preventing a spoofed denial of service attack in a networked computing environment |
US7278159B2 (en) | 2000-09-07 | 2007-10-02 | Mazu Networks, Inc. | Coordinated thwarting of denial of service attacks |
US7043759B2 (en) | 2000-09-07 | 2006-05-09 | Mazu Networks, Inc. | Architecture to thwart denial of service attacks |
US20020038339A1 (en) | 2000-09-08 | 2002-03-28 | Wei Xu | Systems and methods for packet distribution |
US20020032871A1 (en) | 2000-09-08 | 2002-03-14 | The Regents Of The University Of Michigan | Method and system for detecting, tracking and blocking denial of service attacks over a computer network |
US6944673B2 (en) | 2000-09-08 | 2005-09-13 | The Regents Of The University Of Michigan | Method and system for profiling network flows at a measurement point within a computer network |
US6785732B1 (en) | 2000-09-11 | 2004-08-31 | International Business Machines Corporation | Web server apparatus and method for virus checking |
US6826698B1 (en) | 2000-09-15 | 2004-11-30 | Networks Associates Technology, Inc. | System, method and computer program product for rule based network security policies |
US6650890B1 (en) | 2000-09-29 | 2003-11-18 | Postini, Inc. | Value-added electronic messaging services and transparent implementation thereof using intermediate server |
US6968461B1 (en) | 2000-10-03 | 2005-11-22 | Networks Associates Technology, Inc. | Providing break points in a malware scanning operation |
US6757830B1 (en) | 2000-10-03 | 2004-06-29 | Networks Associates Technology, Inc. | Detecting unwanted properties in received email messages |
US20020069263A1 (en) | 2000-10-13 | 2002-06-06 | Mark Sears | Wireless java technology |
US20030097439A1 (en) | 2000-10-23 | 2003-05-22 | Strayer William Timothy | Systems and methods for identifying anomalies in network data streams |
US20020129002A1 (en) | 2000-10-27 | 2002-09-12 | Alberts Douglas Wesley | eMediaCarts |
US7082536B2 (en) | 2000-11-13 | 2006-07-25 | Globalcerts, Lc | System and method for computerized global messaging encryption |
US20040181462A1 (en) * | 2000-11-17 | 2004-09-16 | Bauer Robert D. | Electronic communication service |
US6934857B1 (en) | 2000-11-27 | 2005-08-23 | Networks Associates Technology, Inc. | Security system and method for handheld computers |
US6782503B1 (en) | 2000-11-28 | 2004-08-24 | Nortel Networks Limited | Generating a signature to add to a test packet to achieve a target check value |
US20020078382A1 (en) | 2000-11-29 | 2002-06-20 | Ali Sheikh | Scalable system for monitoring network system and components and methodology therefore |
EP1338130B1 (en) | 2000-11-30 | 2006-11-02 | Lancope, Inc. | Flow-based detection of network intrusions |
CA2327211A1 (en) | 2000-12-01 | 2002-06-01 | Nortel Networks Limited | Management of log archival and reporting for data network security systems |
US7844666B2 (en) | 2000-12-12 | 2010-11-30 | Microsoft Corporation | Controls and displays for acquiring preferences, inspecting behavior, and guiding the learning and decision policies of an adaptive communications prioritization and routing system |
US6622150B1 (en) | 2000-12-18 | 2003-09-16 | Networks Associates Technology, Inc. | System and method for efficiently managing computer virus definitions using a structured virus database |
US20020083342A1 (en) | 2000-12-21 | 2002-06-27 | Webb Brian T. | Systems, methods and computer program products for accessing devices on private networks via clients on a public network |
US6725223B2 (en) * | 2000-12-22 | 2004-04-20 | International Business Machines Corporation | Storage format for encoded vector indexes |
US20030084020A1 (en) | 2000-12-22 | 2003-05-01 | Li Shu | Distributed fault tolerant and secure storage |
US6738932B1 (en) | 2000-12-22 | 2004-05-18 | Sun Microsystems, Inc. | Method and system for identifying software revisions from memory images |
US6779033B1 (en) | 2000-12-28 | 2004-08-17 | Networks Associates Technology, Inc. | System and method for transacting a validated application session in a networked computing environment |
US6775704B1 (en) | 2000-12-28 | 2004-08-10 | Networks Associates Technology, Inc. | System and method for preventing a spoofed remote procedure call denial of service attack in a networked computing environment |
WO2002054325A2 (en) | 2001-01-02 | 2002-07-11 | Trusecure Corporation | Object-oriented method, system and medium for risk management by creating inter-dependency between objects, criteria and metrics |
US6965939B2 (en) | 2001-01-05 | 2005-11-15 | International Business Machines Corporation | Method and apparatus for processing requests in a network data processing system based on a trust association between servers |
GB2371125A (en) | 2001-01-13 | 2002-07-17 | Secr Defence | Computer protection system |
US20020133586A1 (en) | 2001-01-16 | 2002-09-19 | Carter Shanklin | Method and device for monitoring data traffic and preventing unauthorized access to a network |
US20030051026A1 (en) | 2001-01-19 | 2003-03-13 | Carter Ernst B. | Network surveillance and security system |
US7168093B2 (en) | 2001-01-25 | 2007-01-23 | Solutionary, Inc. | Method and apparatus for verifying the integrity and security of computer networks and implementation of counter measures |
US6983380B2 (en) | 2001-02-06 | 2006-01-03 | Networks Associates Technology, Inc. | Automatically generating valid behavior specifications for intrusion detection |
US7281267B2 (en) | 2001-02-20 | 2007-10-09 | Mcafee, Inc. | Software audit system |
US8219620B2 (en) | 2001-02-20 | 2012-07-10 | Mcafee, Inc. | Unwanted e-mail filtering system including voting feedback |
US7415504B2 (en) * | 2001-02-26 | 2008-08-19 | Symantec Corporation | System and method for controlling distribution of network communications |
US20020120853A1 (en) | 2001-02-27 | 2002-08-29 | Networks Associates Technology, Inc. | Scripted distributed denial-of-service (DDoS) attack discrimination using turing tests |
US7363657B2 (en) | 2001-03-12 | 2008-04-22 | Emc Corporation | Using a virus checker in one file server to check for viruses in another file server |
US20020143963A1 (en) | 2001-03-15 | 2002-10-03 | International Business Machines Corporation | Web server intrusion detection method and apparatus |
US7313822B2 (en) * | 2001-03-16 | 2007-12-25 | Protegrity Corporation | Application-layer security method and system |
US20020133365A1 (en) | 2001-03-19 | 2002-09-19 | William Grey | System and method for aggregating reputational information |
US7287280B2 (en) | 2002-02-12 | 2007-10-23 | Goldman Sachs & Co. | Automated security management |
US20040193482A1 (en) | 2001-03-23 | 2004-09-30 | Restaurant Services, Inc. | System, method and computer program product for user-specific advertising in a supply chain management framework |
US20020138759A1 (en) | 2001-03-26 | 2002-09-26 | International Business Machines Corporation | System and method for secure delivery of a parcel or document |
US7010696B1 (en) | 2001-03-30 | 2006-03-07 | Mcafee, Inc. | Method and apparatus for predicting the incidence of a virus |
US7080000B1 (en) | 2001-03-30 | 2006-07-18 | Mcafee, Inc. | Method and system for bi-directional updating of antivirus database |
US7007169B2 (en) | 2001-04-04 | 2006-02-28 | International Business Machines Corporation | Method and apparatus for protecting a web server against vandals attacks without restricting legitimate access |
WO2002093334A2 (en) | 2001-04-06 | 2002-11-21 | Symantec Corporation | Temporal access control for computer virus outbreaks |
US20020147734A1 (en) | 2001-04-06 | 2002-10-10 | Shoup Randall Scott | Archiving method and system |
US20020147780A1 (en) | 2001-04-09 | 2002-10-10 | Liu James Y. | Method and system for scanning electronic mail to detect and eliminate computer viruses using a group of email-scanning servers and a recipient's email gateway |
US7089589B2 (en) | 2001-04-10 | 2006-08-08 | Lenovo (Singapore) Pte. Ltd. | Method and apparatus for the detection, notification, and elimination of certain computer viruses on a network using a promiscuous system as bait |
US20020194161A1 (en) | 2001-04-12 | 2002-12-19 | Mcnamee J. Paul | Directed web crawler with machine learning |
CN101567889B (en) * | 2001-04-13 | 2014-01-08 | 诺基亚公司 | System and method for providing protection for networks |
US6941478B2 (en) | 2001-04-13 | 2005-09-06 | Nokia, Inc. | System and method for providing exploit protection with message tracking |
US6947936B1 (en) | 2001-04-30 | 2005-09-20 | Hewlett-Packard Development Company, L.P. | Method for a topic hierarchy classification system |
US7603709B2 (en) | 2001-05-03 | 2009-10-13 | Computer Associates Think, Inc. | Method and apparatus for predicting and preventing attacks in communications networks |
US7769845B2 (en) | 2001-05-04 | 2010-08-03 | Whale Communications Ltd | Method and system for terminating an authentication session upon user sign-off |
US20030055931A1 (en) | 2001-09-18 | 2003-03-20 | Cravo De Almeida Marcio | Managing a remote device |
US7228565B2 (en) | 2001-05-15 | 2007-06-05 | Mcafee, Inc. | Event reporting between a reporting computer and a receiving computer |
US6768991B2 (en) | 2001-05-15 | 2004-07-27 | Networks Associates Technology, Inc. | Searching for sequences of character data |
CA2386491A1 (en) | 2001-05-16 | 2002-11-16 | Kasten Chase Applied Research Limited | System for secure electronic information transmission |
US7325252B2 (en) * | 2001-05-18 | 2008-01-29 | Achilles Guard Inc. | Network security testing |
US20030028803A1 (en) | 2001-05-18 | 2003-02-06 | Bunker Nelson Waldo | Network vulnerability assessment system and method |
US20020178227A1 (en) | 2001-05-25 | 2002-11-28 | International Business Machines Corporation | Routing instant messages using configurable, pluggable delivery managers |
US20030009698A1 (en) * | 2001-05-30 | 2003-01-09 | Cascadezone, Inc. | Spam avenger |
US7380126B2 (en) | 2001-06-01 | 2008-05-27 | Logan James D | Methods and apparatus for controlling the transmission and receipt of email messages |
US7458094B2 (en) | 2001-06-06 | 2008-11-25 | Science Applications International Corporation | Intrusion prevention system |
US20040103315A1 (en) * | 2001-06-07 | 2004-05-27 | Geoffrey Cooper | Assessment tool |
US7350234B2 (en) | 2001-06-11 | 2008-03-25 | Research Triangle Institute | Intrusion tolerant communication networks and associated methods |
US20020186698A1 (en) | 2001-06-12 | 2002-12-12 | Glen Ceniza | System to map remote lan hosts to local IP addresses |
US7234168B2 (en) * | 2001-06-13 | 2007-06-19 | Mcafee, Inc. | Hierarchy-based method and apparatus for detecting attacks on a computer system |
EP1267545B1 (en) | 2001-06-14 | 2008-08-20 | International Business Machines Corporation | Intrusion detection in data processing system |
US20020194490A1 (en) | 2001-06-18 | 2002-12-19 | Avner Halperin | System and method of virus containment in computer networks |
EP1271283B1 (en) * | 2001-06-29 | 2007-05-23 | Stonesoft Corporation | An intrusion detection method and system |
US20030005326A1 (en) * | 2001-06-29 | 2003-01-02 | Todd Flemming | Method and system for implementing a security application services provider |
US6928549B2 (en) * | 2001-07-09 | 2005-08-09 | International Business Machines Corporation | Dynamic intrusion detection for computer systems |
US7356689B2 (en) * | 2001-07-09 | 2008-04-08 | Lucent Technologies Inc. | Method and apparatus for tracing packets in a communications network |
US7380279B2 (en) * | 2001-07-16 | 2008-05-27 | Lenel Systems International, Inc. | System for integrating security and access for facilities and information systems |
US7023861B2 (en) * | 2001-07-26 | 2006-04-04 | Mcafee, Inc. | Malware scanning using a network bridge |
US7673342B2 (en) * | 2001-07-26 | 2010-03-02 | Mcafee, Inc. | Detecting e-mail propagated malware |
US6769016B2 (en) | 2001-07-26 | 2004-07-27 | Networks Associates Technology, Inc. | Intelligent SPAM detection system using an updateable neural analysis engine |
JP2003046576A (en) * | 2001-07-27 | 2003-02-14 | Fujitsu Ltd | Message delivery system, message delivery management server, message distribution management program, and computer-readable recording medium with the program recorded thereon |
US7181015B2 (en) | 2001-07-31 | 2007-02-20 | Mcafee, Inc. | Method and apparatus for cryptographic key establishment using an identity based symmetric keying technique |
US6993660B1 (en) * | 2001-08-03 | 2006-01-31 | Mcafee, Inc. | System and method for performing efficient computer virus scanning of transient messages using checksums in a distributed computing environment |
US7117533B1 (en) | 2001-08-03 | 2006-10-03 | Mcafee, Inc. | System and method for providing dynamic screening of transient messages in a distributed computing environment |
US6745192B1 (en) | 2001-08-03 | 2004-06-01 | Networks Associates Technology Inc. | System and method for providing a multi-tiered hierarchical transient message store accessed using multiply hashed unique filenames |
US7243374B2 (en) | 2001-08-08 | 2007-07-10 | Microsoft Corporation | Rapid application security threat analysis |
US20030033463A1 (en) | 2001-08-10 | 2003-02-13 | Garnett Paul J. | Computer system storage |
US20030037141A1 (en) | 2001-08-16 | 2003-02-20 | Gary Milo | Heuristic profiler software features |
US7657935B2 (en) * | 2001-08-16 | 2010-02-02 | The Trustees Of Columbia University In The City Of New York | System and methods for detecting malicious email transmission |
US7120252B1 (en) | 2001-08-16 | 2006-10-10 | Mcafee, Inc. | System and method for automatically protecting private video content using cryptographic security for legacy systems |
US7278160B2 (en) | 2001-08-16 | 2007-10-02 | International Business Machines Corporation | Presentation of correlated events as situation classes |
US6928556B2 (en) | 2001-08-30 | 2005-08-09 | International Business Machines Corporation | Method and apparatus in a data processing system for managing situations from correlated events |
US6978223B2 (en) | 2001-09-06 | 2005-12-20 | Bbnt Solutions Llc | Systems and methods for network performance measurement using packet signature collection |
US20030051163A1 (en) | 2001-09-13 | 2003-03-13 | Olivier Bidaud | Distributed network architecture security system |
US7107618B1 (en) | 2001-09-25 | 2006-09-12 | Mcafee, Inc. | System and method for certifying that data received over a computer network has been checked for viruses |
US7266844B2 (en) | 2001-09-27 | 2007-09-04 | Mcafee, Inc. | Heuristic detection of polymorphic computer viruses based on redundancy in viral code |
US20030065943A1 (en) | 2001-09-28 | 2003-04-03 | Christoph Geis | Method and apparatus for recognizing and reacting to denial of service attacks on a computerized network |
US7010608B2 (en) | 2001-09-28 | 2006-03-07 | Intel Corporation | System and method for remotely accessing a home server while preserving end-to-end security |
US6892241B2 (en) | 2001-09-28 | 2005-05-10 | Networks Associates Technology, Inc. | Anti-virus policy enforcement system and method |
US6907430B2 (en) | 2001-10-04 | 2005-06-14 | Booz-Allen Hamilton, Inc. | Method and system for assessing attacks on computer networks using Bayesian networks |
US8261059B2 (en) | 2001-10-25 | 2012-09-04 | Verizon Business Global Llc | Secure file transfer and secure file transfer protocol |
US7310818B1 (en) | 2001-10-25 | 2007-12-18 | Mcafee, Inc. | System and method for tracking computer viruses |
US7444679B2 (en) | 2001-10-31 | 2008-10-28 | Hewlett-Packard Development Company, L.P. | Network, method and computer readable medium for distributing security updates to select nodes on a network |
US20030135749A1 (en) | 2001-10-31 | 2003-07-17 | Gales George S. | System and method of defining the security vulnerabilities of a computer system |
US20030084323A1 (en) | 2001-10-31 | 2003-05-01 | Gales George S. | Network intrusion detection system and method |
JP2003150748A (en) | 2001-11-09 | 2003-05-23 | Asgent Inc | Risk evaluation method |
US20030093695A1 (en) | 2001-11-13 | 2003-05-15 | Santanu Dutta | Secure handling of stored-value data objects |
US7315944B2 (en) | 2001-11-13 | 2008-01-01 | Ericsson Inc. | Secure handling of stored-value data objects |
US20030095555A1 (en) | 2001-11-16 | 2003-05-22 | Mcnamara Justin | System for the validation and routing of messages |
US7487262B2 (en) | 2001-11-16 | 2009-02-03 | At & T Mobility Ii, Llc | Methods and systems for routing messages through a communications network based on message content |
US20030101381A1 (en) * | 2001-11-29 | 2003-05-29 | Nikolay Mateev | System and method for virus checking software |
WO2003048960A1 (en) | 2001-11-30 | 2003-06-12 | A New Voice, Inc. | Method and system for contextual prioritization of unified messages |
US6546493B1 (en) | 2001-11-30 | 2003-04-08 | Networks Associates Technology, Inc. | System, method and computer program product for risk assessment scanning based on detected anomalous events |
US20030126464A1 (en) | 2001-12-04 | 2003-07-03 | Mcdaniel Patrick D. | Method and system for determining and enforcing security policy in a communication session |
US20030110392A1 (en) | 2001-12-06 | 2003-06-12 | Aucsmith David W. | Detecting intrusions |
US7150042B2 (en) | 2001-12-06 | 2006-12-12 | Mcafee, Inc. | Techniques for performing malware scanning of files stored within a file storage device of a computer network |
US7093002B2 (en) | 2001-12-06 | 2006-08-15 | Mcafee, Inc. | Handling of malware scanning of files stored within a file storage device of a computer network |
US7150043B2 (en) | 2001-12-12 | 2006-12-12 | International Business Machines Corporation | Intrusion detection method and signature table |
KR100427449B1 (en) | 2001-12-14 | 2004-04-14 | 한국전자통신연구원 | Intrusion detection method using adaptive rule estimation in nids |
US6754705B2 (en) | 2001-12-21 | 2004-06-22 | Networks Associates Technology, Inc. | Enterprise network analyzer architecture framework |
US7096500B2 (en) | 2001-12-21 | 2006-08-22 | Mcafee, Inc. | Predictive malware scanning of internet data |
US7400729B2 (en) | 2001-12-28 | 2008-07-15 | Intel Corporation | Secure delivery of encrypted digital content |
WO2003058457A1 (en) | 2001-12-31 | 2003-07-17 | Citadel Security Software Inc. | Automated computer vulnerability resolution system |
JP4152108B2 (en) | 2002-01-18 | 2008-09-17 | 株式会社コムスクエア | Vulnerability monitoring method and system |
US7076803B2 (en) | 2002-01-28 | 2006-07-11 | International Business Machines Corporation | Integrated intrusion detection services |
US7222366B2 (en) | 2002-01-28 | 2007-05-22 | International Business Machines Corporation | Intrusion event filtering |
US7743415B2 (en) | 2002-01-31 | 2010-06-22 | Riverbed Technology, Inc. | Denial of service attacks characterization |
US7268899B2 (en) | 2002-01-31 | 2007-09-11 | Hewlett-Packard Development Company, L.P. | Secure system for delivery of a fax to a remote user |
US7174566B2 (en) | 2002-02-01 | 2007-02-06 | Intel Corporation | Integrated network intrusion detection |
US20030149887A1 (en) | 2002-02-01 | 2003-08-07 | Satyendra Yadav | Application-specific network intrusion detection |
US8370936B2 (en) | 2002-02-08 | 2013-02-05 | Juniper Networks, Inc. | Multi-method gateway-based network security systems and methods |
US6760845B1 (en) | 2002-02-08 | 2004-07-06 | Networks Associates Technology, Inc. | Capture file format system and method for a network analyzer |
US7073074B2 (en) | 2002-02-13 | 2006-07-04 | Microsoft Corporation | System and method for storing events to enhance intrusion detection |
KR100468232B1 (en) | 2002-02-19 | 2005-01-26 | 한국전자통신연구원 | Network-based Attack Tracing System and Method Using Distributed Agent and Manager Systems |
US6941348B2 (en) | 2002-02-19 | 2005-09-06 | Postini, Inc. | Systems and methods for managing the transmission of electronic messages through active message date updating |
US7124438B2 (en) | 2002-03-08 | 2006-10-17 | Ciphertrust, Inc. | Systems and methods for anomaly detection in patterns of monitored communications |
US7694128B2 (en) | 2002-03-08 | 2010-04-06 | Mcafee, Inc. | Systems and methods for secure communication delivery |
US20030172291A1 (en) | 2002-03-08 | 2003-09-11 | Paul Judge | Systems and methods for automated whitelisting in monitored communications |
US6941467B2 (en) | 2002-03-08 | 2005-09-06 | Ciphertrust, Inc. | Systems and methods for adaptive message interrogation through multiple queues |
US7458098B2 (en) | 2002-03-08 | 2008-11-25 | Secure Computing Corporation | Systems and methods for enhancing electronic communication security |
US20030233328A1 (en) | 2002-04-23 | 2003-12-18 | Scott David A. | Method and system for securely communicating data in a communications network |
AUPS193202A0 (en) | 2002-04-23 | 2002-05-30 | Pickup, Robert Barkley Mr | A method and system for authorising electronic mail |
US6741595B2 (en) | 2002-06-11 | 2004-05-25 | Netrake Corporation | Device for enabling trap and trace of internet protocol communications |
EP1376420A1 (en) | 2002-06-19 | 2004-01-02 | Pitsos Errikos | Method and system for classifying electronic documents |
US20040203589A1 (en) | 2002-07-11 | 2004-10-14 | Wang Jiwei R. | Method and system for controlling messages in a communication network |
US7222157B1 (en) * | 2002-07-15 | 2007-05-22 | Aol Llc | Identification and filtration of digital communications |
US8924484B2 (en) * | 2002-07-16 | 2014-12-30 | Sonicwall, Inc. | Active e-mail filter with challenge-response |
US7017186B2 (en) | 2002-07-30 | 2006-03-21 | Steelcloud, Inc. | Intrusion detection system using self-organizing clusters |
US6847888B2 (en) * | 2002-08-07 | 2005-01-25 | Hrl Laboratories, Llc | Method and apparatus for geographic shape preservation for identification |
US6742128B1 (en) | 2002-08-28 | 2004-05-25 | Networks Associates Technology | Threat assessment orchestrator system and method |
JP3831696B2 (en) | 2002-09-20 | 2006-10-11 | 株式会社日立製作所 | Network management apparatus and network management method |
US7200658B2 (en) * | 2002-11-12 | 2007-04-03 | Movielink, Llc | Network geo-location system |
US20040111531A1 (en) | 2002-12-06 | 2004-06-10 | Stuart Staniford | Method and system for reducing the rate of infection of a communications network by a software worm |
US6732157B1 (en) | 2002-12-13 | 2004-05-04 | Networks Associates Technology, Inc. | Comprehensive anti-spam system, method, and computer program product for filtering unwanted e-mail messages |
US6859793B1 (en) | 2002-12-19 | 2005-02-22 | Networks Associates Technology, Inc. | Software license reporting and control system and method |
US7401141B2 (en) * | 2003-01-07 | 2008-07-15 | International Business Machines Corporation | Method and system for monitoring performance of distributed applications |
US7171450B2 (en) | 2003-01-09 | 2007-01-30 | Microsoft Corporation | Framework to enable integration of anti-spam technologies |
US8266215B2 (en) | 2003-02-20 | 2012-09-11 | Sonicwall, Inc. | Using distinguishing properties to classify messages |
US20040177120A1 (en) | 2003-03-07 | 2004-09-09 | Kirsch Steven T. | Method for filtering e-mail messages |
JP2004284241A (en) | 2003-03-24 | 2004-10-14 | Tdk Corp | Optical recording medium and sputtering target for optical recording medium |
US20060168006A1 (en) * | 2003-03-24 | 2006-07-27 | Mr. Marvin Shannon | System and method for the classification of electronic communication |
US7676546B2 (en) | 2003-03-25 | 2010-03-09 | Verisign, Inc. | Control and management of electronic messaging |
GB0307913D0 (en) | 2003-04-05 | 2003-05-14 | Hewlett Packard Development Co | Management of peer-to-peer network using reputation services |
US7483947B2 (en) * | 2003-05-02 | 2009-01-27 | Microsoft Corporation | Message rendering for identification of content features |
WO2005061467A2 (en) * | 2003-06-20 | 2005-07-07 | Amgen Inc. | Piperazine derivatives as bradykinin antagonists |
US7051077B2 (en) | 2003-06-30 | 2006-05-23 | Mx Logic, Inc. | Fuzzy logic voting method and system for classifying e-mail using inputs from multiple spam classifiers |
US7769594B2 (en) | 2003-09-05 | 2010-08-03 | France Telecom | Evaluation of reputation of an entity by a primary evaluation centre |
US7415018B2 (en) | 2003-09-17 | 2008-08-19 | Alcatel Lucent | IP Time to Live (TTL) field used as a covert channel |
US20050086526A1 (en) | 2003-10-17 | 2005-04-21 | Panda Software S.L. (Sociedad Unipersonal) | Computer implemented method providing software virus infection information in real time |
US20050102366A1 (en) | 2003-11-07 | 2005-05-12 | Kirsch Steven T. | E-mail filter employing adaptive ruleset |
US7624274B1 (en) * | 2004-02-11 | 2009-11-24 | AOL LLC, a Delaware Limited Company | Decreasing the fragility of duplicate document detecting algorithms |
US8918466B2 (en) | 2004-03-09 | 2014-12-23 | Tonny Yu | System for email processing and analysis |
US20050204159A1 (en) * | 2004-03-09 | 2005-09-15 | International Business Machines Corporation | System, method and computer program to block spam |
US7644127B2 (en) | 2004-03-09 | 2010-01-05 | Gozoom.Com, Inc. | Email analysis using fuzzy matching of text |
US7366764B1 (en) * | 2004-06-23 | 2008-04-29 | Chelonia Llc | Method for the identification and management of mass unsolicited e-mail |
US7693945B1 (en) * | 2004-06-30 | 2010-04-06 | Google Inc. | System for reclassification of electronic messages in a spam filtering system |
US7660865B2 (en) * | 2004-08-12 | 2010-02-09 | Microsoft Corporation | Spam filtering with probabilistic secure hashes |
US7933985B2 (en) | 2004-08-13 | 2011-04-26 | Sipera Systems, Inc. | System and method for detecting and preventing denial of service attacks in a communications system |
US8010460B2 (en) | 2004-09-02 | 2011-08-30 | Linkedin Corporation | Method and system for reputation evaluation of online users in a social networking scheme |
US20060047794A1 (en) | 2004-09-02 | 2006-03-02 | Microsoft Corporation | Application of genetic algorithms to computer system tuning |
US20060095404A1 (en) | 2004-10-29 | 2006-05-04 | The Go Daddy Group, Inc | Presenting search engine results based on domain name related reputation |
US20060095966A1 (en) * | 2004-11-03 | 2006-05-04 | Shawn Park | Method of detecting, comparing, blocking, and eliminating spam emails |
US7574409B2 (en) * | 2004-11-04 | 2009-08-11 | Vericept Corporation | Method, apparatus, and system for clustering and classification |
US20060168017A1 (en) * | 2004-11-30 | 2006-07-27 | Microsoft Corporation | Dynamic spam trap accounts |
US20060123083A1 (en) | 2004-12-03 | 2006-06-08 | Xerox Corporation | Adaptive spam message detector |
US20060149820A1 (en) * | 2005-01-04 | 2006-07-06 | International Business Machines Corporation | Detecting spam e-mail using similarity calculations |
US20060230039A1 (en) | 2005-01-25 | 2006-10-12 | Markmonitor, Inc. | Online identity tracking |
US20060212931A1 (en) | 2005-03-02 | 2006-09-21 | Markmonitor, Inc. | Trust evaluation systems and methods |
US7822620B2 (en) | 2005-05-03 | 2010-10-26 | Mcafee, Inc. | Determining website reputations using automatic testing |
US20060259551A1 (en) * | 2005-05-12 | 2006-11-16 | Idalis Software | Detection of unsolicited electronic messages |
US20090064329A1 (en) * | 2007-06-25 | 2009-03-05 | Google Inc. | Zero-hour quarantine of suspect electronic messages |
US20090083413A1 (en) * | 2007-09-24 | 2009-03-26 | Levow Zachary S | Distributed frequency data collection via DNS |
US8364766B2 (en) * | 2008-12-04 | 2013-01-29 | Yahoo! Inc. | Spam filtering based on statistics and token frequency modeling |
-
2003
- 2003-09-04 US US10/654,771 patent/US20040073617A1/en not_active Abandoned
-
2008
- 2008-10-01 US US12/243,785 patent/US20090031129A1/en not_active Abandoned
- 2008-10-01 US US12/243,778 patent/US20090031136A1/en not_active Abandoned
- 2008-10-09 US US12/248,790 patent/US8204945B2/en not_active Expired - Fee Related
- 2008-10-10 US US12/249,803 patent/US20090158435A1/en not_active Abandoned
- 2008-10-10 US US12/249,832 patent/US20090182867A1/en not_active Abandoned
- 2008-10-10 US US12/249,823 patent/US20090158046A1/en not_active Abandoned
- 2008-10-10 US US12/249,804 patent/US20090313339A1/en not_active Abandoned
-
2010
- 2010-04-18 US US12/762,366 patent/US20100205670A1/en not_active Abandoned
- 2010-04-18 US US12/762,365 patent/US20100205672A1/en not_active Abandoned
- 2010-04-18 US US12/762,367 patent/US8272060B2/en not_active Expired - Fee Related
- 2010-04-19 US US12/762,368 patent/US20100205265A1/en not_active Abandoned
-
2012
- 2012-09-14 US US13/620,692 patent/US20130014261A1/en not_active Abandoned
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6119236A (en) * | 1996-10-07 | 2000-09-12 | Shipley; Peter M. | Intelligent network security device and method |
US5905859A (en) * | 1997-01-09 | 1999-05-18 | International Business Machines Corporation | Managed network device security method and apparatus |
US6215763B1 (en) * | 1997-10-29 | 2001-04-10 | Lucent Technologies Inc. | Multi-phase process for distributed precomputation of network signal paths |
US6678270B1 (en) * | 1999-03-12 | 2004-01-13 | Sandstorm Enterprises, Inc. | Packet interception system including arrangement facilitating authentication of intercepted packets |
US6609205B1 (en) * | 1999-03-18 | 2003-08-19 | Cisco Technology, Inc. | Network intrusion detection signature analysis using decision graphs |
US6981158B1 (en) * | 2000-06-19 | 2005-12-27 | Bbnt Solutions Llc | Method and apparatus for tracing packets |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9853885B1 (en) | 2014-03-18 | 2017-12-26 | Amazon Technologies, Inc. | Using packet duplication in a packet-switched network to increase reliability |
US9871720B1 (en) * | 2014-03-18 | 2018-01-16 | Amazon Technologies, Inc. | Using packet duplication with encapsulation in a packet-switched network to increase reliability |
US10721267B1 (en) * | 2014-07-18 | 2020-07-21 | NortonLifeLock Inc. | Systems and methods for detecting system attacks |
Also Published As
Publication number | Publication date |
---|---|
US20090313339A1 (en) | 2009-12-17 |
US20090182867A1 (en) | 2009-07-16 |
US20090158435A1 (en) | 2009-06-18 |
US20100205672A1 (en) | 2010-08-12 |
US20090158046A1 (en) | 2009-06-18 |
US20090031129A1 (en) | 2009-01-29 |
US8204945B2 (en) | 2012-06-19 |
US20130014261A1 (en) | 2013-01-10 |
US8272060B2 (en) | 2012-09-18 |
US20100205671A1 (en) | 2010-08-12 |
US20100205265A1 (en) | 2010-08-12 |
US20090031136A1 (en) | 2009-01-29 |
US20040073617A1 (en) | 2004-04-15 |
US20090132669A1 (en) | 2009-05-21 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US6981158B1 (en) | Method and apparatus for tracing packets | |
US20100205670A1 (en) | Method and apparatus for tracing packets | |
US7328349B2 (en) | Hash-based systems and methods for detecting, preventing, and tracing network worms and viruses | |
US8918875B2 (en) | System and method for ARP anti-spoofing security | |
US6895432B2 (en) | IP network system having unauthorized intrusion safeguard function | |
US6775657B1 (en) | Multilayered intrusion detection system and method | |
US6487666B1 (en) | Intrusion detection signature analysis using regular expressions and logical operators | |
US7100201B2 (en) | Undetectable firewall | |
EP1330095B1 (en) | Monitoring of data flow for enhancing network security | |
US7167922B2 (en) | Method and apparatus for providing automatic ingress filtering | |
US7818786B2 (en) | Apparatus and method for managing session state | |
US7266602B2 (en) | System, method and computer program product for processing accounting information | |
US20060256729A1 (en) | Method and apparatus for identifying and disabling worms in communication networks | |
US7596808B1 (en) | Zero hop algorithm for network threat identification and mitigation | |
GB2353449A (en) | Monitoring a network gateway for cracker attacks | |
JP3731111B2 (en) | Intrusion detection device and system and router | |
CN103609070A (en) | Network traffic detection method, system, equipment and controller | |
JP2000261483A (en) | Network monitoring system | |
US7854003B1 (en) | Method and system for aggregating algorithms for detecting linked interactive network connections | |
Bahashwan et al. | Propose a flow-based approach for detecting abnormal behavior in neighbor discovery protocol (NDP) | |
US20060225141A1 (en) | Unauthorized access searching method and device | |
KR101060615B1 (en) | Attack Detection and Tracking System and Method in All IP Network Environment | |
Trabelsi et al. | On investigating ARP spoofing security solutions | |
KR100960119B1 (en) | Hardware Based Method and System for High Performance Abnormal Traffic Detection | |
Selvarajan et al. | Techniques to secure address resolution protocol |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |