CN1685657A - 在分组网络的路由器中提供节点安全的方法和装置 - Google Patents
在分组网络的路由器中提供节点安全的方法和装置 Download PDFInfo
- Publication number
- CN1685657A CN1685657A CNA028201558A CN02820155A CN1685657A CN 1685657 A CN1685657 A CN 1685657A CN A028201558 A CNA028201558 A CN A028201558A CN 02820155 A CN02820155 A CN 02820155A CN 1685657 A CN1685657 A CN 1685657A
- Authority
- CN
- China
- Prior art keywords
- packet
- router
- originator
- harmful
- monitoring
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims description 38
- 230000005540 biological transmission Effects 0.000 claims abstract description 20
- 230000004044 response Effects 0.000 claims abstract description 8
- 238000011144 upstream manufacturing Methods 0.000 claims description 32
- 238000012544 monitoring process Methods 0.000 claims description 24
- 241000700605 Viruses Species 0.000 claims description 7
- 238000005070 sampling Methods 0.000 claims description 7
- 230000013011 mating Effects 0.000 claims description 3
- 238000012545 processing Methods 0.000 claims description 3
- 238000005516 engineering process Methods 0.000 description 9
- 238000004891 communication Methods 0.000 description 7
- 230000006378 damage Effects 0.000 description 6
- 238000010586 diagram Methods 0.000 description 3
- 230000000694 effects Effects 0.000 description 3
- 238000001514 detection method Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000000903 blocking effect Effects 0.000 description 1
- 239000012141 concentrate Substances 0.000 description 1
- 230000001066 destructive effect Effects 0.000 description 1
- 230000035876 healing Effects 0.000 description 1
- 230000009545 invasion Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 239000000203 mixture Substances 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/22—Arrangements for preventing the taking of data from a data transmission channel without authorisation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Virology (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Computing Systems (AREA)
- Health & Medical Sciences (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
- Small-Scale Networks (AREA)
Abstract
Description
Claims (20)
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US09/976,516 US7181765B2 (en) | 2001-10-12 | 2001-10-12 | Method and apparatus for providing node security in a router of a packet network |
US09/976,516 | 2001-10-12 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN1685657A true CN1685657A (zh) | 2005-10-19 |
CN100518052C CN100518052C (zh) | 2009-07-22 |
Family
ID=25524171
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CNB028201558A Expired - Lifetime CN100518052C (zh) | 2001-10-12 | 2002-10-09 | 在分组网络的路由器中提供节点安全的方法和装置 |
Country Status (6)
Country | Link |
---|---|
US (1) | US7181765B2 (zh) |
JP (1) | JP2005506736A (zh) |
KR (1) | KR100610287B1 (zh) |
CN (1) | CN100518052C (zh) |
FI (1) | FI122571B (zh) |
WO (1) | WO2003032571A1 (zh) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105119943A (zh) * | 2015-09-21 | 2015-12-02 | 上海斐讯数据通信技术有限公司 | 一种网络病毒防护方法、网络病毒防护路由器及系统 |
Families Citing this family (57)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7139743B2 (en) | 2000-04-07 | 2006-11-21 | Washington University | Associative database scanning and information retrieval using FPGA devices |
US6711558B1 (en) | 2000-04-07 | 2004-03-23 | Washington University | Associative database scanning and information retrieval |
US8095508B2 (en) | 2000-04-07 | 2012-01-10 | Washington University | Intelligent data storage and processing using FPGA devices |
US20090161568A1 (en) * | 2007-12-21 | 2009-06-25 | Charles Kastner | TCP data reassembly |
US7716330B2 (en) * | 2001-10-19 | 2010-05-11 | Global Velocity, Inc. | System and method for controlling transmission of data packets over an information network |
US20090006659A1 (en) * | 2001-10-19 | 2009-01-01 | Collins Jack M | Advanced mezzanine card for digital network data inspection |
US8788650B1 (en) | 2002-07-19 | 2014-07-22 | Fortinet, Inc. | Hardware based detection devices for detecting network traffic content and methods of using the same |
US7711844B2 (en) * | 2002-08-15 | 2010-05-04 | Washington University Of St. Louis | TCP-splitter: reliable packet monitoring methods and apparatus for high speed networks |
US20040111531A1 (en) * | 2002-12-06 | 2004-06-10 | Stuart Staniford | Method and system for reducing the rate of infection of a communications network by a software worm |
US10572824B2 (en) | 2003-05-23 | 2020-02-25 | Ip Reservoir, Llc | System and method for low latency multi-functional pipeline with correlation logic and selectively activated/deactivated pipelined data processing engines |
US20070277036A1 (en) | 2003-05-23 | 2007-11-29 | Washington University, A Corporation Of The State Of Missouri | Intelligent data storage and processing using fpga devices |
US7444515B2 (en) * | 2003-08-14 | 2008-10-28 | Washington University | Method and apparatus for detecting predefined signatures in packet payload using Bloom filters |
US8347375B2 (en) * | 2003-10-03 | 2013-01-01 | Enterasys Networks, Inc. | System and method for dynamic distribution of intrusion signatures |
US7602785B2 (en) * | 2004-02-09 | 2009-10-13 | Washington University | Method and system for performing longest prefix matching for network address lookup using bloom filters |
US7603716B2 (en) * | 2004-02-13 | 2009-10-13 | Microsoft Corporation | Distributed network security service |
US8051483B2 (en) * | 2004-03-12 | 2011-11-01 | Fortinet, Inc. | Systems and methods for updating content detection devices and systems |
FR2872653B1 (fr) * | 2004-06-30 | 2006-12-29 | Skyrecon Systems Sa | Systeme et procedes de securisation de postes informatiques et/ou de reseaux de communications |
US20060053295A1 (en) * | 2004-08-24 | 2006-03-09 | Bharath Madhusudan | Methods and systems for content detection in a reconfigurable hardware |
GB2418563A (en) * | 2004-09-23 | 2006-03-29 | Agilent Technologies Inc | Monitoring for malicious attacks in a communications network |
JP4429892B2 (ja) * | 2004-12-22 | 2010-03-10 | 富士通株式会社 | セキュア通信システム、および通信経路選択装置 |
FI20041681A0 (fi) | 2004-12-29 | 2004-12-29 | Nokia Corp | Liikenteen rajoittaminen kommunikaatiojärjestelmissä |
WO2006096324A2 (en) | 2005-03-03 | 2006-09-14 | Washington University | Method and apparatus for performing biosequence similarity searching |
TW200644495A (en) * | 2005-06-10 | 2006-12-16 | D Link Corp | Regional joint detecting and guarding system for security of network information |
US20060294588A1 (en) * | 2005-06-24 | 2006-12-28 | International Business Machines Corporation | System, method and program for identifying and preventing malicious intrusions |
US20070011732A1 (en) * | 2005-07-05 | 2007-01-11 | Yang-Hung Peng | Network device for secure packet dispatching via port isolation |
US7702629B2 (en) | 2005-12-02 | 2010-04-20 | Exegy Incorporated | Method and device for high performance regular expression pattern matching |
US9794272B2 (en) * | 2006-01-03 | 2017-10-17 | Alcatel Lucent | Method and apparatus for monitoring malicious traffic in communication networks |
US7954114B2 (en) * | 2006-01-26 | 2011-05-31 | Exegy Incorporated | Firmware socket module for FPGA-based pipeline processing |
JP5087850B2 (ja) * | 2006-03-14 | 2012-12-05 | 富士通株式会社 | サービス仲介方法、サービス仲介装置及びサービス仲介システム |
US8379841B2 (en) | 2006-03-23 | 2013-02-19 | Exegy Incorporated | Method and system for high throughput blockwise independent encryption/decryption |
US7921046B2 (en) * | 2006-06-19 | 2011-04-05 | Exegy Incorporated | High speed processing of financial information using FPGA devices |
US7840482B2 (en) | 2006-06-19 | 2010-11-23 | Exegy Incorporated | Method and system for high speed options pricing |
WO2008022036A2 (en) * | 2006-08-10 | 2008-02-21 | Washington University | Method and apparatus for protein sequence alignment using fpga devices |
US7660793B2 (en) | 2006-11-13 | 2010-02-09 | Exegy Incorporated | Method and system for high performance integration, processing and searching of structured and unstructured data using coprocessors |
US8326819B2 (en) | 2006-11-13 | 2012-12-04 | Exegy Incorporated | Method and system for high performance data metatagging and data indexing using coprocessors |
WO2009029842A1 (en) | 2007-08-31 | 2009-03-05 | Exegy Incorporated | Method and apparatus for hardware-accelerated encryption/decryption |
US10229453B2 (en) | 2008-01-11 | 2019-03-12 | Ip Reservoir, Llc | Method and system for low latency basket calculation |
US8374986B2 (en) | 2008-05-15 | 2013-02-12 | Exegy Incorporated | Method and system for accelerated stream processing |
CA2744746C (en) | 2008-12-15 | 2019-12-24 | Exegy Incorporated | Method and apparatus for high-speed processing of financial market depth data |
US20110126194A1 (en) * | 2009-11-24 | 2011-05-26 | International Business Machines Corporation | Shared security device |
KR101292887B1 (ko) * | 2009-12-21 | 2013-08-02 | 한국전자통신연구원 | 패킷 동일성 검사를 이용한 라우터의 패킷 스트림 모니터링 장치 및 방법 |
JP6045505B2 (ja) | 2010-12-09 | 2016-12-14 | アイピー レザボア, エルエルシー.IP Reservoir, LLC. | 金融市場における注文を管理する方法および装置 |
GB201101507D0 (en) | 2011-01-28 | 2011-03-16 | Scentrics Information Security Technologies Ltd | Mobile device security |
US10121196B2 (en) | 2012-03-27 | 2018-11-06 | Ip Reservoir, Llc | Offload processing of data packets containing financial market data |
US9990393B2 (en) | 2012-03-27 | 2018-06-05 | Ip Reservoir, Llc | Intelligent feed switch |
US10650452B2 (en) | 2012-03-27 | 2020-05-12 | Ip Reservoir, Llc | Offload processing of data packets |
US11436672B2 (en) | 2012-03-27 | 2022-09-06 | Exegy Incorporated | Intelligent switch for processing financial market data |
WO2014066416A2 (en) | 2012-10-23 | 2014-05-01 | Ip Reservoir, Llc | Method and apparatus for accelerated format translation of data in a delimited data format |
US9633093B2 (en) | 2012-10-23 | 2017-04-25 | Ip Reservoir, Llc | Method and apparatus for accelerated format translation of data in a delimited data format |
US10133802B2 (en) | 2012-10-23 | 2018-11-20 | Ip Reservoir, Llc | Method and apparatus for accelerated record layout detection |
GB2541577A (en) | 2014-04-23 | 2017-02-22 | Ip Reservoir Llc | Method and apparatus for accelerated data translation |
SG11201701570RA (en) | 2014-09-02 | 2017-03-30 | Nasdaq Inc | Data packet processing methods, systems, and apparatus |
SE539821C2 (en) | 2015-04-29 | 2017-12-12 | Bioservo Tech Aktiebolag | Method of attaching an artificial tendon and a product |
US10942943B2 (en) | 2015-10-29 | 2021-03-09 | Ip Reservoir, Llc | Dynamic field data translation to support high performance stream data processing |
EP3206359B1 (en) * | 2016-02-15 | 2019-03-06 | Wipro Limited | Methods and systems for performing lawful interception (li) in communication networks involving content adulteration with colluding agents |
EP3560135A4 (en) | 2016-12-22 | 2020-08-05 | IP Reservoir, LLC | PIPELINES INTENDED FOR AUTOMATIC ACCELERATED LEARNING BY EQUIPMENT |
CN110110160B (zh) * | 2017-12-29 | 2020-04-14 | 阿里巴巴集团控股有限公司 | 确定数据异常的方法及装置 |
Family Cites Families (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5440723A (en) * | 1993-01-19 | 1995-08-08 | International Business Machines Corporation | Automatic immune system for computers and computer networks |
US5414833A (en) | 1993-10-27 | 1995-05-09 | International Business Machines Corporation | Network security system and method using a parallel finite state machine adaptive active monitor and responder |
US5557742A (en) | 1994-03-07 | 1996-09-17 | Haystack Labs, Inc. | Method and system for detecting intrusion into and misuse of a data processing system |
US5898830A (en) * | 1996-10-17 | 1999-04-27 | Network Engineering Software | Firewall providing enhanced network security and user transparency |
US6453345B2 (en) * | 1996-11-06 | 2002-09-17 | Datadirect Networks, Inc. | Network security and surveillance system |
US5991881A (en) | 1996-11-08 | 1999-11-23 | Harris Corporation | Network surveillance system |
US6789202B1 (en) * | 1999-10-15 | 2004-09-07 | Networks Associates Technology, Inc. | Method and apparatus for providing a policy-driven intrusion detection system |
US6519703B1 (en) * | 2000-04-14 | 2003-02-11 | James B. Joyce | Methods and apparatus for heuristic firewall |
US6944673B2 (en) * | 2000-09-08 | 2005-09-13 | The Regents Of The University Of Michigan | Method and system for profiling network flows at a measurement point within a computer network |
US7188366B2 (en) * | 2000-09-12 | 2007-03-06 | Nippon Telegraph And Telephone Corporation | Distributed denial of service attack defense method and device |
JP3723076B2 (ja) * | 2000-12-15 | 2005-12-07 | 富士通株式会社 | 不正侵入防御機能を有するip通信ネットワークシステム |
-
2001
- 2001-10-12 US US09/976,516 patent/US7181765B2/en not_active Expired - Lifetime
-
2002
- 2002-10-09 JP JP2003535409A patent/JP2005506736A/ja active Pending
- 2002-10-09 KR KR1020047005383A patent/KR100610287B1/ko active IP Right Grant
- 2002-10-09 WO PCT/US2002/032465 patent/WO2003032571A1/en active Application Filing
- 2002-10-09 CN CNB028201558A patent/CN100518052C/zh not_active Expired - Lifetime
-
2004
- 2004-04-07 FI FI20040514A patent/FI122571B/fi not_active IP Right Cessation
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105119943A (zh) * | 2015-09-21 | 2015-12-02 | 上海斐讯数据通信技术有限公司 | 一种网络病毒防护方法、网络病毒防护路由器及系统 |
Also Published As
Publication number | Publication date |
---|---|
US20030074582A1 (en) | 2003-04-17 |
KR20040045815A (ko) | 2004-06-02 |
FI20040514A0 (fi) | 2004-04-07 |
WO2003032571A1 (en) | 2003-04-17 |
FI20040514A (fi) | 2004-06-09 |
CN100518052C (zh) | 2009-07-22 |
JP2005506736A (ja) | 2005-03-03 |
KR100610287B1 (ko) | 2006-08-09 |
FI122571B (fi) | 2012-03-30 |
US7181765B2 (en) | 2007-02-20 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN100518052C (zh) | 在分组网络的路由器中提供节点安全的方法和装置 | |
Schuba et al. | Analysis of a denial of service attack on TCP | |
US6513122B1 (en) | Secure gateway for analyzing textual content to identify a harmful impact on computer systems with known vulnerabilities | |
US6792546B1 (en) | Intrusion detection signature analysis using regular expressions and logical operators | |
US9954873B2 (en) | Mobile device-based intrusion prevention system | |
Verba et al. | Idaho national laboratory supervisory control and data acquisition intrusion detection system (SCADA IDS) | |
US7356599B2 (en) | Method and apparatus for data normalization | |
US20020133586A1 (en) | Method and device for monitoring data traffic and preventing unauthorized access to a network | |
EP1481508B1 (en) | Multi-method gateway-based network security systems | |
CN100514960C (zh) | 用于检测tcp syn洪水式攻击的统计方法 | |
US20020107953A1 (en) | Method and device for monitoring data traffic and preventing unauthorized access to a network | |
US20140189867A1 (en) | DDoS ATTACK PROCESSING APPARATUS AND METHOD IN OPENFLOW SWITCH | |
US20040103314A1 (en) | System and method for network intrusion prevention | |
GB2449852A (en) | Monitoring network attacks using pattern matching | |
JP2007521718A (ja) | セキュリティブリーチ検知に対するネットワークのクオリティオブサービスを保護するシステムおよび方法 | |
KR101553264B1 (ko) | 네트워크 침입방지 시스템 및 방법 | |
JP2002252654A (ja) | 侵入検出装置およびシステムならびにルータ | |
US7269649B1 (en) | Protocol layer-level system and method for detecting virus activity | |
US9455953B2 (en) | Router chip and method of selectively blocking network traffic in a router chip | |
CN111083109A (zh) | 交换机联动防火墙防护提升方法 | |
US20200213355A1 (en) | Security Network Interface Controller (SNIC) Preprocessor with Cyber Data Threat Detection and Response Capability that Provides Security Protection for a Network Device with Memory or Client Device with Memory or Telecommunication Device with Memory | |
US8286244B2 (en) | Method and system for protecting a computer network against packet floods | |
KR100543664B1 (ko) | 네트워크 보호 장치 및 이의 운영 방법 | |
Yang et al. | Sniffing and chaffing network traffic in stepping-stone intrusion detection | |
US20040233849A1 (en) | Methodologies, systems and computer readable media for identifying candidate relay nodes on a network architecture |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
ASS | Succession or assignment of patent right |
Owner name: MOTOROLA MOBILE CO., LTD. Free format text: FORMER OWNER: MOTOROLA INC. Effective date: 20110114 |
|
C41 | Transfer of patent application or patent right or utility model | ||
TR01 | Transfer of patent right |
Effective date of registration: 20110114 Address after: Illinois State Patentee after: MOTOROLA MOBILITY, Inc. Address before: Illinois, USA Patentee before: Motorola, Inc. |
|
C41 | Transfer of patent application or patent right or utility model | ||
C56 | Change in the name or address of the patentee | ||
CP01 | Change in the name or title of a patent holder |
Address after: Illinois State Patentee after: MOTOROLA MOBILITY LLC Address before: Illinois State Patentee before: MOTOROLA MOBILITY, Inc. |
|
TR01 | Transfer of patent right |
Effective date of registration: 20160303 Address after: California, USA Patentee after: Google Technology Holdings LLC Address before: Illinois State Patentee before: MOTOROLA MOBILITY LLC |
|
CX01 | Expiry of patent term | ||
CX01 | Expiry of patent term |
Granted publication date: 20090722 |