ATE504148T1 - Verfahren, aufzeichnungsmedium und netzwerkleitungskarte zum ausführen der inhaltsinspektion über mehrere pakete hinweg - Google Patents

Verfahren, aufzeichnungsmedium und netzwerkleitungskarte zum ausführen der inhaltsinspektion über mehrere pakete hinweg

Info

Publication number
ATE504148T1
ATE504148T1 AT06850502T AT06850502T ATE504148T1 AT E504148 T1 ATE504148 T1 AT E504148T1 AT 06850502 T AT06850502 T AT 06850502T AT 06850502 T AT06850502 T AT 06850502T AT E504148 T1 ATE504148 T1 AT E504148T1
Authority
AT
Austria
Prior art keywords
packet
content inspection
state
employed
pattern data
Prior art date
Application number
AT06850502T
Other languages
English (en)
Inventor
Santosh Balakrishnan
Venkatraman Ramakrishna
Original Assignee
Intel Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Intel Corp filed Critical Intel Corp
Application granted granted Critical
Publication of ATE504148T1 publication Critical patent/ATE504148T1/de

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0245Filtering by information in the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/02Capturing of monitoring data
    • H04L43/026Capturing of monitoring data using flow identification
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0263Rule management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/50Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
  • Testing, Inspecting, Measuring Of Stereoscopic Televisions And Televisions (AREA)
AT06850502T 2005-06-30 2006-06-30 Verfahren, aufzeichnungsmedium und netzwerkleitungskarte zum ausführen der inhaltsinspektion über mehrere pakete hinweg ATE504148T1 (de)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US11/174,373 US7784094B2 (en) 2005-06-30 2005-06-30 Stateful packet content matching mechanisms
PCT/US2006/026069 WO2007120165A2 (en) 2005-06-30 2006-06-30 Stateful packet content matching mechanisms

Publications (1)

Publication Number Publication Date
ATE504148T1 true ATE504148T1 (de) 2011-04-15

Family

ID=37619733

Family Applications (1)

Application Number Title Priority Date Filing Date
AT06850502T ATE504148T1 (de) 2005-06-30 2006-06-30 Verfahren, aufzeichnungsmedium und netzwerkleitungskarte zum ausführen der inhaltsinspektion über mehrere pakete hinweg

Country Status (7)

Country Link
US (1) US7784094B2 (de)
EP (1) EP1905213B1 (de)
JP (1) JP4598127B2 (de)
CN (1) CN101258721B (de)
AT (1) ATE504148T1 (de)
DE (1) DE602006021028D1 (de)
WO (1) WO2007120165A2 (de)

Families Citing this family (149)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4452183B2 (ja) * 2002-09-12 2010-04-21 インターナショナル・ビジネス・マシーンズ・コーポレーション プログラマブル状態マシンのデータ構造を作成して入力単語連鎖を構文解析する方法、プログラマブル状態マシンのデータ構造を使用して入力単語連鎖に対応する結果として得られた値を検索する方法、ワイヤスピードのディープ・パケット処理を行う方法、ディープ・パケット処理のための装置、チップ埋め込み装置、およびプログラミング・コード命令を含むコンピュータ・プログラム(ディープ・パケット処理のための方法および装置)
US8560475B2 (en) 2004-09-10 2013-10-15 Cavium, Inc. Content search mechanism that uses a deterministic finite automata (DFA) graph, a DFA state machine, and a walker process
US7784094B2 (en) 2005-06-30 2010-08-24 Intel Corporation Stateful packet content matching mechanisms
US7430560B1 (en) * 2005-07-22 2008-09-30 X-Engines, Inc. Multi-level compressed lock-up tables formed by logical operations to compress selected index bits
JP4810915B2 (ja) * 2005-07-28 2011-11-09 日本電気株式会社 データ検索装置及び方法、並びにコンピュータ・プログラム
US7778250B2 (en) * 2005-08-11 2010-08-17 Ericsson Ab Method and apparatus for securing a layer II bridging switch/switch for subscriber aggregation
US7984180B2 (en) * 2005-10-20 2011-07-19 Solarflare Communications, Inc. Hashing algorithm for network receive filtering
GB2416891B (en) * 2005-11-09 2006-11-01 Streamshield Networks Ltd A network implemented content processing system
US7725573B2 (en) * 2005-11-29 2010-05-25 Intel Corporation Methods and apparatus for supporting agile run-time network systems via identification and execution of most efficient application code in view of changing network traffic conditions
JP4767057B2 (ja) * 2006-03-27 2011-09-07 富士通株式会社 ハッシュ値生成プログラム、ストレージ管理プログラム、判定プログラム及びデータ変更検証装置
US8009566B2 (en) 2006-06-26 2011-08-30 Palo Alto Networks, Inc. Packet classification in a network security device
US8234706B2 (en) * 2006-09-08 2012-07-31 Microsoft Corporation Enabling access to aggregated software security information
US9147271B2 (en) 2006-09-08 2015-09-29 Microsoft Technology Licensing, Llc Graphical representation of aggregated data
US7644080B2 (en) * 2006-09-19 2010-01-05 Netlogic Microsystems, Inc. Method and apparatus for managing multiple data flows in a content search system
US7529746B2 (en) * 2006-09-19 2009-05-05 Netlogic Microsystems, Inc. Search circuit having individually selectable search engines
US7539031B2 (en) * 2006-09-19 2009-05-26 Netlogic Microsystems, Inc. Inexact pattern searching using bitmap contained in a bitcheck command
US7539032B2 (en) 2006-09-19 2009-05-26 Netlogic Microsystems, Inc. Regular expression searching of packet contents using dedicated search circuits
US7624105B2 (en) * 2006-09-19 2009-11-24 Netlogic Microsystems, Inc. Search engine having multiple co-processors for performing inexact pattern search operations
US8051474B1 (en) * 2006-09-26 2011-11-01 Avaya Inc. Method and apparatus for identifying trusted sources based on access point
US8191142B2 (en) * 2006-10-26 2012-05-29 Polytechnic Institute Of New York University Detecting whether an arbitrary-length bit string input matches one of a plurality of known arbitrary-length bit strings using a hierarchical data structure
US7827218B1 (en) 2006-11-18 2010-11-02 X-Engines, Inc. Deterministic lookup using hashed key in a multi-stride compressed trie structure
WO2008067743A1 (fr) 2006-12-08 2008-06-12 Hangzhou H3C Technologies Co., Ltd. Procédé et dispositif d'appariement de formes
US7676444B1 (en) * 2007-01-18 2010-03-09 Netlogic Microsystems, Inc. Iterative compare operations using next success size bitmap
US7630982B2 (en) 2007-02-24 2009-12-08 Trend Micro Incorporated Fast identification of complex strings in a data stream
US20080219261A1 (en) * 2007-03-06 2008-09-11 Lin Yeejang James Apparatus and method for processing data streams
US8594085B2 (en) * 2007-04-11 2013-11-26 Palo Alto Networks, Inc. L2/L3 multi-mode switch including policy processing
US20080320596A1 (en) * 2007-06-22 2008-12-25 Feng Chi Wang Distributed digital rights management system and methods for use therewith
US8250651B2 (en) * 2007-06-28 2012-08-21 Microsoft Corporation Identifying attributes of aggregated data
US8302197B2 (en) * 2007-06-28 2012-10-30 Microsoft Corporation Identifying data associated with security issue attributes
US9270641B1 (en) * 2007-07-31 2016-02-23 Hewlett Packard Enterprise Development Lp Methods and systems for using keywords preprocessing, Boyer-Moore analysis, and hybrids thereof, for processing regular expressions in intrusion-prevention systems
US20090041013A1 (en) * 2007-08-07 2009-02-12 Mitchell Nathan A Dynamically Assigning A Policy For A Communication Session
US20090041014A1 (en) * 2007-08-08 2009-02-12 Dixon Walter G Obtaining Information From Tunnel Layers Of A Packet At A Midpoint
US8819217B2 (en) * 2007-11-01 2014-08-26 Cavium, Inc. Intelligent graph walking
CN101861722A (zh) * 2007-11-16 2010-10-13 法国电信公司 用于对分组进行归类的方法和装置
US8885644B2 (en) * 2008-02-28 2014-11-11 Alcatel Lucent Compressed IP flow recognition for in-line, integrated mobile DPI
US8386461B2 (en) * 2008-06-16 2013-02-26 Qualcomm Incorporated Method and apparatus for generating hash mnemonics
JP2012504266A (ja) * 2008-09-30 2012-02-16 レインスター リミテッド データ記憶のためのシステム及び方法
US8473523B2 (en) 2008-10-31 2013-06-25 Cavium, Inc. Deterministic finite automata graph traversal with nodal bit mapping
ATE536030T1 (de) * 2008-12-24 2011-12-15 Mitsubishi Electric Corp Partieller wiederzusammenbau zum mustervergleich
US8873556B1 (en) * 2008-12-24 2014-10-28 Palo Alto Networks, Inc. Application based packet forwarding
CN101771627B (zh) 2009-01-05 2015-04-08 武汉邮电科学研究院 互联网实时深度包解析和控制节点设备和方法
CN101478551B (zh) * 2009-01-19 2011-12-28 清华大学 基于多核处理器的多域网包分类方法
US8769664B1 (en) 2009-01-30 2014-07-01 Palo Alto Networks, Inc. Security processing in active security devices
US8051167B2 (en) * 2009-02-13 2011-11-01 Alcatel Lucent Optimized mirror for content identification
IL199616A0 (en) * 2009-06-28 2010-05-17 Chaim Shen Orr Pattern-free encryption
KR101292887B1 (ko) * 2009-12-21 2013-08-02 한국전자통신연구원 패킷 동일성 검사를 이용한 라우터의 패킷 스트림 모니터링 장치 및 방법
US9264321B2 (en) 2009-12-23 2016-02-16 Juniper Networks, Inc. Methods and apparatus for tracking data flow based on flow state values
IT1398339B1 (it) * 2010-03-09 2013-02-22 Dainotti Metodo e sistema per la classificazione di flussi di traffico in una rete di comunicazione dati che utilizza firme basate sul contenuto del traffico
JP5425840B2 (ja) * 2010-06-07 2014-02-26 サムソン エスディーエス カンパニー リミテッド アンチマルウェアシステム及びその動作方法
EP2400424B8 (de) * 2010-06-18 2016-05-18 Samsung SDS Co., Ltd. Anti-Malware-System und Betriebsverfahren dafür
US8365287B2 (en) 2010-06-18 2013-01-29 Samsung Sds Co., Ltd. Anti-malware system and operating method thereof
US8930618B2 (en) 2010-08-24 2015-01-06 Futurewei Technologies, Inc. Smart memory
US8862603B1 (en) 2010-11-03 2014-10-14 Netlogic Microsystems, Inc. Minimizing state lists for non-deterministic finite state automatons
CN102143148B (zh) * 2010-11-29 2014-04-02 华为技术有限公司 用于通用协议解析的参数获取和通用协议解析方法及装置
KR20120066465A (ko) * 2010-12-14 2012-06-22 한국전자통신연구원 서비스 거부 공격 차단 방법
CN102546363A (zh) * 2010-12-21 2012-07-04 深圳市恒扬科技有限公司 一种报文处理方法、装置及设备
US9465836B2 (en) * 2010-12-23 2016-10-11 Sap Se Enhanced business object retrieval
IL210900A (en) * 2011-01-27 2015-08-31 Verint Systems Ltd System and method for efficient classification and processing of network traffic
GB201101875D0 (en) * 2011-02-03 2011-03-23 Roke Manor Research A method and apparatus for communications analysis
EP2500838A1 (de) 2011-03-16 2012-09-19 Samsung SDS Co. Ltd. SOC-basierte Vorrichtung zum Paketfiltern und Paketfilterverfahren dafür
US8909813B2 (en) * 2011-03-22 2014-12-09 Ramot At Tel-Aviv University Ltd. Efficient processing of compressed communication traffic
US9047441B2 (en) 2011-05-24 2015-06-02 Palo Alto Networks, Inc. Malware analysis system
US8695096B1 (en) 2011-05-24 2014-04-08 Palo Alto Networks, Inc. Automatic signature generation for malicious PDF files
US9596222B2 (en) 2011-08-02 2017-03-14 Cavium, Inc. Method and apparatus encoding a rule for a lookup request in a processor
US8918375B2 (en) * 2011-08-31 2014-12-23 Microsoft Corporation Content aware chunking for achieving an improved chunk size distribution
US9154335B2 (en) * 2011-11-08 2015-10-06 Marvell Israel (M.I.S.L) Ltd. Method and apparatus for transmitting data on a network
KR102019104B1 (ko) * 2012-01-20 2019-09-06 한국전자통신연구원 다중 네트워크 인터페이스 카드를 이용한 트래픽 처리방법 및 네트워크 디바이스
CN103226551B (zh) * 2012-01-31 2016-05-25 中国科学技术大学 基于tcam的非确定性有限自动机的匹配方法和装置
CN103248530B (zh) * 2012-02-09 2015-12-16 深圳市恒扬科技股份有限公司 一种基于浮动位置的特征字分流检测方法及装置
WO2013126852A2 (en) 2012-02-24 2013-08-29 Missing Link Electronics, Inc. Partitioning systems operating in multiple domains
US9798588B1 (en) * 2012-04-25 2017-10-24 Significs And Elements, Llc Efficient packet forwarding using cyber-security aware policies
US9634945B2 (en) * 2012-08-30 2017-04-25 Hughes Network Systems, Llc Apparatus and method for staged traffic classification among terminal and aggregation nodes of a broadband communications system
CN103023883A (zh) * 2012-11-26 2013-04-03 清华大学 基于ac自动机和后缀树的字符串匹配方法
CN103873317B (zh) * 2012-12-18 2017-04-12 中国科学院空间科学与应用研究中心 一种ccsds空间链路协议检测方法及系统
CN103441889B (zh) * 2013-01-25 2017-05-03 刘俊 一种统计信息生成方法和系统
US9130819B2 (en) * 2013-03-15 2015-09-08 Cavium, Inc. Method and apparatus for scheduling rule matching in a processor
CN104253786B (zh) * 2013-06-26 2017-07-07 北京思普崚技术有限公司 一种基于正则表达式的深度包检测方法
CN103354522B (zh) * 2013-06-28 2016-08-10 华为技术有限公司 一种多级流表查找方法和装置
JP6351363B2 (ja) * 2013-08-01 2018-07-04 キヤノン株式会社 通信装置およびそのデータ処理方法
CN104426768B (zh) * 2013-09-05 2018-06-15 华为技术有限公司 一种数据报文转发方法及装置
EP3020176B1 (de) * 2013-12-12 2020-07-22 NEC Corporation Verfahren und system zur analyse eines datenstroms
US10635719B2 (en) * 2013-12-23 2020-04-28 British Telecommunications Plc Pattern matching machine with mapping table
EP3087508A1 (de) * 2013-12-23 2016-11-02 British Telecommunications Public Limited Company Verbesserte musterabgleichmaschine
WO2015097429A1 (en) 2013-12-23 2015-07-02 British Telecommunications Public Limited Company Improved pattern matching machine for repeating symbols
US9544402B2 (en) 2013-12-31 2017-01-10 Cavium, Inc. Multi-rule approach to encoding a group of rules
US9667446B2 (en) 2014-01-08 2017-05-30 Cavium, Inc. Condition code approach for comparing rule and packet data that are provided in portions
CN105900065A (zh) * 2014-01-13 2016-08-24 华为技术有限公司 模式处理方法
US9588923B2 (en) 2014-01-24 2017-03-07 Applied Micro Circuits Corporation Flow pinning in a server on a chip
WO2015151444A1 (ja) * 2014-03-31 2015-10-08 Necソリューションイノベータ株式会社 データ構造、情報処理装置、情報処理方法、及びプログラム記録媒体
US9237129B2 (en) 2014-05-13 2016-01-12 Dell Software Inc. Method to enable deep packet inspection (DPI) in openflow-based software defined network (SDN)
US9680797B2 (en) * 2014-05-28 2017-06-13 Oracle International Corporation Deep packet inspection (DPI) of network packets for keywords of a vocabulary
US9825913B2 (en) * 2014-06-04 2017-11-21 Nicira, Inc. Use of stateless marking to speed up stateful firewall rule processing
US9729512B2 (en) 2014-06-04 2017-08-08 Nicira, Inc. Use of stateless marking to speed up stateful firewall rule processing
US9742881B2 (en) * 2014-06-30 2017-08-22 Nicira, Inc. Network virtualization using just-in-time distributed capability for classification encoding
US10375087B2 (en) * 2014-07-21 2019-08-06 Honeywell International Inc. Security architecture for the connected aircraft
US9537872B2 (en) 2014-12-31 2017-01-03 Dell Software Inc. Secure neighbor discovery (SEND) using pre-shared key
US9998425B2 (en) 2015-01-27 2018-06-12 Sonicwall Inc. Dynamic bypass of TLS connections matching exclusion list in DPI-SSL in a NAT deployment
CN104901829B (zh) * 2015-04-09 2018-06-22 清华大学 基于动作编码的路由数据转发行为一致性验证方法及装置
WO2016171690A1 (en) * 2015-04-23 2016-10-27 Hewlett Packard Enterprise Development Lp Pre-filter rules for network infrastructure devices
US10785130B2 (en) * 2015-04-23 2020-09-22 Hewlett Packard Enterprise Development Lp Network infrastructure device to implement pre-filter rules
US9596215B1 (en) * 2015-04-27 2017-03-14 Juniper Networks, Inc. Partitioning a filter to facilitate filtration of packets
WO2016175849A1 (en) 2015-04-30 2016-11-03 Hewlett Packard Enterprise Development Lp Uplink port oversubscription determination
US9787641B2 (en) 2015-06-30 2017-10-10 Nicira, Inc. Firewall rule management
WO2017018980A1 (en) * 2015-07-24 2017-02-02 Applied Micro Circuits Corporation Flow pinning in a server on a chip
US11277383B2 (en) * 2015-11-17 2022-03-15 Zscaler, Inc. Cloud-based intrusion prevention system
US10419321B2 (en) 2016-10-31 2019-09-17 Nicira, Inc. Managing resource consumption for distributed services
US11258681B2 (en) * 2016-12-16 2022-02-22 Nicira, Inc. Application assessment and visibility for micro-segmentation of a network deployment
US10567440B2 (en) 2016-12-16 2020-02-18 Nicira, Inc. Providing application visibility for micro-segmentation of a network deployment
US10298619B2 (en) * 2016-12-16 2019-05-21 Nicira, Inc. Application template generation and deep packet inspection approach for creation of micro-segmentation policy for network applications
US10673816B1 (en) * 2017-04-07 2020-06-02 Perspecta Labs Inc. Low delay network intrusion prevention
US10454965B1 (en) * 2017-04-17 2019-10-22 Symantec Corporation Detecting network packet injection
US10819683B2 (en) * 2017-11-20 2020-10-27 Forcepoint Llc Inspection context caching for deep packet inspection
US10742673B2 (en) 2017-12-08 2020-08-11 Nicira, Inc. Tracking the dynamics of application-centric clusters in a virtualized datacenter
US11431677B2 (en) * 2018-01-11 2022-08-30 Nicira, Inc. Mechanisms for layer 7 context accumulation for enforcing layer 4, layer 7 and verb-based rules
US20190215306A1 (en) * 2018-01-11 2019-07-11 Nicira, Inc. Rule processing and enforcement for interleaved layer 4, layer 7 and verb based rulesets
US11296960B2 (en) 2018-03-08 2022-04-05 Nicira, Inc. Monitoring distributed applications
ES2917448T3 (es) * 2018-03-16 2022-07-08 Acklio Método y aparato para procesar datos de mensaje
US10747819B2 (en) 2018-04-20 2020-08-18 International Business Machines Corporation Rapid partial substring matching
US10732972B2 (en) 2018-08-23 2020-08-04 International Business Machines Corporation Non-overlapping substring detection within a data element string
US10782968B2 (en) * 2018-08-23 2020-09-22 International Business Machines Corporation Rapid substring detection within a data element string
US11288256B2 (en) 2019-07-23 2022-03-29 Vmware, Inc. Dynamically providing keys to host for flow aggregation
US11436075B2 (en) 2019-07-23 2022-09-06 Vmware, Inc. Offloading anomaly detection from server to host
US11340931B2 (en) 2019-07-23 2022-05-24 Vmware, Inc. Recommendation generation based on selection of selectable elements of visual representation
US10911335B1 (en) 2019-07-23 2021-02-02 Vmware, Inc. Anomaly detection on groups of flows
US11188570B2 (en) 2019-07-23 2021-11-30 Vmware, Inc. Using keys to aggregate flow attributes at host
US11743135B2 (en) 2019-07-23 2023-08-29 Vmware, Inc. Presenting data regarding grouped flows
US11176157B2 (en) 2019-07-23 2021-11-16 Vmware, Inc. Using keys to aggregate flows at appliance
US11140090B2 (en) 2019-07-23 2021-10-05 Vmware, Inc. Analyzing flow group attributes using configuration tags
US11398987B2 (en) 2019-07-23 2022-07-26 Vmware, Inc. Host-based flow aggregation
US11349876B2 (en) 2019-07-23 2022-05-31 Vmware, Inc. Security policy recommendation generation
US11042371B2 (en) 2019-09-11 2021-06-22 International Business Machines Corporation Plausability-driven fault detection in result logic and condition codes for fast exact substring match
US10996951B2 (en) 2019-09-11 2021-05-04 International Business Machines Corporation Plausibility-driven fault detection in string termination logic for fast exact substring match
US11520738B2 (en) * 2019-09-20 2022-12-06 Samsung Electronics Co., Ltd. Internal key hash directory in table
US11588854B2 (en) 2019-12-19 2023-02-21 Vmware, Inc. User interface for defining security groups
US11321213B2 (en) 2020-01-16 2022-05-03 Vmware, Inc. Correlation key used to correlate flow and con text data
US11829793B2 (en) 2020-09-28 2023-11-28 Vmware, Inc. Unified management of virtual machines and bare metal computers
KR102447130B1 (ko) * 2020-11-05 2022-09-26 국민대학교산학협력단 네트워크 패킷 분석 기반의 대상파일 검출 장치 및 방법
CN112100361B (zh) * 2020-11-12 2021-02-26 南京中孚信息技术有限公司 一种基于ac自动机的字符串多模模糊匹配方法
US11785032B2 (en) 2021-01-22 2023-10-10 Vmware, Inc. Security threat detection based on network flow analysis
US11991187B2 (en) 2021-01-22 2024-05-21 VMware LLC Security threat detection based on network flow analysis
CN113539405B (zh) * 2021-06-24 2024-03-19 北京天健源达科技股份有限公司 电子病历表格运算控件的处理方法
US11997120B2 (en) 2021-07-09 2024-05-28 VMware LLC Detecting threats to datacenter based on analysis of anomalous events
US11831667B2 (en) 2021-07-09 2023-11-28 Vmware, Inc. Identification of time-ordered sets of connections to identify threats to a datacenter
US11792151B2 (en) 2021-10-21 2023-10-17 Vmware, Inc. Detection of threats based on responses to name resolution requests
US12015591B2 (en) 2021-12-06 2024-06-18 VMware LLC Reuse of groups in security policy
US11995024B2 (en) 2021-12-22 2024-05-28 VMware LLC State sharing between smart NICs
US12034702B2 (en) * 2022-01-31 2024-07-09 Bank Of America Corporation Enhancing kernel security in cloud environment by performing a rules-based analysis of incoming data packets before routing them to the kernel
US11928062B2 (en) 2022-06-21 2024-03-12 VMware LLC Accelerating data message classification with smart NICs
US11899594B2 (en) 2022-06-21 2024-02-13 VMware LLC Maintenance of data message classification cache on smart NIC

Family Cites Families (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH11161677A (ja) * 1997-11-28 1999-06-18 Ricoh Co Ltd 辞書照合装置
US6631466B1 (en) * 1998-12-31 2003-10-07 Pmc-Sierra Parallel string pattern searches in respective ones of array of nanocomputers
US6738846B1 (en) * 1999-02-23 2004-05-18 Sun Microsystems, Inc. Cooperative processing of tasks in a multi-threaded computing system
US6493698B1 (en) * 1999-07-26 2002-12-10 Intel Corporation String search scheme in a distributed architecture
JP2001168911A (ja) * 1999-12-09 2001-06-22 Hitachi Cable Ltd パケットフィルタ装置
AU2001232784A1 (en) 2000-01-30 2001-08-07 Celox Networks, Inc. Device and method for packet inspection
US7107265B1 (en) * 2000-04-06 2006-09-12 International Business Machines Corporation Software management tree implementation for a network processor
JP3609358B2 (ja) * 2000-08-17 2005-01-12 日本電信電話株式会社 フロー識別検索装置および方法
JP2002207630A (ja) * 2001-01-10 2002-07-26 Nec Access Technica Ltd コンテンツ閲覧システム及びそれに用いるコンテンツ閲覧方法
US20030110208A1 (en) * 2001-09-12 2003-06-12 Raqia Networks, Inc. Processing data across packet boundaries
US7181742B2 (en) * 2002-11-19 2007-02-20 Intel Corporation Allocation of packets and threads
US7305708B2 (en) * 2003-04-14 2007-12-04 Sourcefire, Inc. Methods and systems for intrusion detection
US20050108518A1 (en) * 2003-06-10 2005-05-19 Pandya Ashish A. Runtime adaptable security processor
US7463590B2 (en) * 2003-07-25 2008-12-09 Reflex Security, Inc. System and method for threat detection and response
US7586851B2 (en) * 2004-04-26 2009-09-08 Cisco Technology, Inc. Programmable packet parsing processor
US7784094B2 (en) 2005-06-30 2010-08-24 Intel Corporation Stateful packet content matching mechanisms

Also Published As

Publication number Publication date
WO2007120165A2 (en) 2007-10-25
EP1905213A2 (de) 2008-04-02
WO2007120165A3 (en) 2007-12-27
US20070011734A1 (en) 2007-01-11
JP2008544728A (ja) 2008-12-04
DE602006021028D1 (de) 2011-05-12
US7784094B2 (en) 2010-08-24
CN101258721A (zh) 2008-09-03
CN101258721B (zh) 2012-10-10
JP4598127B2 (ja) 2010-12-15
EP1905213B1 (de) 2011-03-30

Similar Documents

Publication Publication Date Title
ATE504148T1 (de) Verfahren, aufzeichnungsmedium und netzwerkleitungskarte zum ausführen der inhaltsinspektion über mehrere pakete hinweg
ATE443391T1 (de) Verfahren zum erlernen und weiterleiten von ethernetdatenrahmen, ethernet-netzwerk und brücke
ATE537645T1 (de) Inspektionsmechanismus für mehrstrukturpaketinhalt mit eigenschaftswerten
WO2008094433A3 (en) Method and apparatus to store data patterns
ATE535868T1 (de) Verfahren und vorrichtung zur aufzeichnung von datenadressen
DK2547031T3 (da) Fremgangsmåde og apparat til omordning af data i en Evolved High Speed Packet Access
WO2008144964A8 (en) Detecting name entities and new words
ATE411578T1 (de) Verfahren zum zugriff von einer datenstation auf ein elektronisches gerät
WO2007112283A3 (en) Method and apparatus for data stream sampling
TW200630786A (en) A method, apparatus, and system for buffering instructions
GB2466580A (en) Data processing apparatus and method of processing data
WO2007123753A3 (en) Digital data processing apparatus and methods for improving plant performance
ATE458361T1 (de) Einrichtung und verfahren zum verarbeiten eines audio-datenstroms
DE502005005058D1 (de) Kühlungssystem für geräte- und netzwerkschränke und verfahren zur kühlung von geräte- und netzwerkschränken
ATE476803T1 (de) Tabellenteilung für kryptografische verfahren
EA201070628A1 (ru) Устройство обработки данных и способ обработки данных
ATE527799T1 (de) Verfahren und vorrichtung zur filterung von datenpaketen
DE602006015827D1 (de) Verfahren und Vorrichtung zur Erkennung der IP-Adresse eines Computers und damit verbundene Standortinformation
ATE476068T1 (de) Verfahren und vorrichtung zum umkonfigurieren eines gemeinsamen kanals
NO20075285L (no) Fremgangsmate for a bestemme og kontrollere dannelsen av avsetninger i et vannsystem
ATE366492T1 (de) Verfahren und vorrichtung zur unterstützung von transaktionen
TW200712876A (en) Data processing methods and systems, and machine readable medium thereof
ATE328424T1 (de) System und verfahren zum testen eines routers
ATE511300T1 (de) Verfahren und vorrichtungen zur verwendung eines caches für ausgehende paketidentifikatoren zur wiederherstellung nach einem protokollfehler in gtp-u
DE60323053D1 (de) Verfahren zum schutz von bufferspeichern gegen unauthorisierten zugriff

Legal Events

Date Code Title Description
RER Ceased as to paragraph 5 lit. 3 law introducing patent treaties