US20100205670A1 - Method and apparatus for tracing packets - Google Patents

Method and apparatus for tracing packets Download PDF

Info

Publication number
US20100205670A1
US20100205670A1 US12/762,366 US76236610A US2010205670A1 US 20100205670 A1 US20100205670 A1 US 20100205670A1 US 76236610 A US76236610 A US 76236610A US 2010205670 A1 US2010205670 A1 US 2010205670A1
Authority
US
United States
Prior art keywords
network
packet
program product
computer program
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US12/762,366
Inventor
Walter Clark Milliken
William Timothy Strayer
Stephen Douglas Milligan
Luis Sanchez
Craig Partridge
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Azure Networks LLC
Original Assignee
Azure Networks LLC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to US21242500P priority Critical
Priority to US88114501A priority
Priority to US09/881,074 priority patent/US6981158B1/en
Priority to US34146201P priority
Priority to US40797502P priority
Priority to US10/251,403 priority patent/US7328349B2/en
Priority to US10/654,771 priority patent/US20040073617A1/en
Priority to US12/249,804 priority patent/US20090313339A1/en
Application filed by Azure Networks LLC filed Critical Azure Networks LLC
Priority to US12/762,366 priority patent/US20100205670A1/en
Publication of US20100205670A1 publication Critical patent/US20100205670A1/en
Application status is Abandoned legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00Arrangements for user-to-user messaging in packet-switching networks, e.g. e-mail or instant messages
    • H04L51/12Arrangements for user-to-user messaging in packet-switching networks, e.g. e-mail or instant messages with filtering and selective blocking capabilities

Abstract

A system and method for performing source path isolation in a network. The system comprises an intrusion detection system (IDS), a source path isolation server (SS1) and at least one router configured to operate as a source path isolation router (SR1) operating within an autonomous system. When IDS detects a malicious packet, a message is sent to SS1. SS1 in turn generates a query message (QM) containing at least a portion of the malicious packet. Then, QM is sent to participating routers located one hop away. SR1 uses the query message to determine if it has observed the malicious packet by comparing it with locally stored information about packets having passed through SR1. SR1 sends a reply to SS1, and SS1 uses the reply to identify the ingress point into the network of the malicious packet.

Description

    RELATED APPLICATIONS
  • This application is a continuation of U.S. patent application Ser. No. 10/654,771, filed Sep. 4, 2003, which, in turn, claims priority under 35 U.S.C. §119 based on U.S. Provisional Application No. 60/407,975, filed Sep. 5, 2002, both of which are incorporated herein by reference. U.S. patent application Ser. No. 10/654,771 is also a continuation-in-part of U.S. patent application Ser. No. 10/251,403, filed Sep. 20, 2002, which claims priority under 35 U.S.C. §119 based on U.S. Provisional Application No. 60/341,462, filed Dec. 14, 2001, both of which are incorporated herein by reference. U.S. patent application Ser. No. 10/654,771 is also a continuation-in-part of U.S. patent application Ser. No. 09/881,145, and U.S. patent application Ser. No. 09/881,074, both of which were filed on Jun. 14, 2001, and both of which claim priority under 35 U.S.C. §119 based on U.S. Provisional Application No. 60/212,425, filed Jun. 19, 2000, all of which are incorporated herein by reference.
  • BACKGROUND OF THE INVENTION
  • 1. Field of the Invention
  • The present invention relates generally to the field of network security and more specifically to using low overhead methods for identifying the intrusion location of a packet in a network.
  • 2. Description of Prior Art
  • Availability of low cost computers, high speed networking products, and readily available network connections has helped fuel proliferation of the Internet. This proliferation has caused the Internet to become an essential tool for both the business community and private individuals. Dependence on the Internet arises, in part, because the Internet makes it possible for multitudes of users to access vast amounts of information and perform remote transactions expeditiously and efficiently. Along with rapid growth of the Internet have come problems caused by malicious individuals or pranksters launching attacks from within the network. As the size of the Internet continues to grow, so does the threat posed by these individuals.
  • The ever-increasing number of computers, routers and connections making up the Internet increases the number of vulnerability points from which these malicious individuals can launch attacks. These attacks can be focused on the Internet as a whole or on specific devices, such as hosts or computers, connected to the network. In fact, each router, switch, or computer connected to the Internet may be a potential entry point from which a malicious individual can launch an attack while remaining largely undetected. Attacks carried out on the Internet often consist of malicious packets being injected into the network. Malicious packets can be injected directly into the network by a computer, or a device attached to the network, such as a router or switch. Such a computer or device can be compromised and configured to place malicious packets onto the network.
  • The most publicized forms of network attacks often involve placing thousands or millions of packets onto the network using a practice known as flooding. The flood of packets can be targeted to a specific device on the network, for example a corporate web site, thus causing the device to become overwhelmed and shutdown. Alternatively, an attack may be designed to clog the links, or connection points, between network components. Network attacks can be further enhanced using a practice known as spoofing. Spoofing involves associating bogus Internet Protocol (IP) addresses with transmitted packets, thus making the packets' origins impossible to determine based upon looking only at a received packet. Spoofing can be further enhanced using a technique referred to as transformation. When a packet is transformed, it undergoes a process that changes the original packet into a new packet, as, for example, would happen during tunneling or network address translation (NAT). Locating the origin of a network attack is further complicated because coordinated attacks can be employed. In a coordinated attack, multiple network devices are compromised and then used to launch a distributed attack. A distributed attack is one that is launched essentially simultaneously from several locations within the network.
  • Network attacks can also be launched using a single packet. While single packet attacks are not as well publicized as multi-packet attacks, they are becoming more common and they arc capable of inflicting significant damage to vulnerable networks. At present, it is extremely difficult to detect single packet attacks in a timely manner using known methods of intrusion detection, which exacerbates the challenge in dealing with them. As a result, network data, currently, must be analyzed after the fact to determine if a single packet attack was the source of disruption. Any tracing of the single packet to its origins, in accordance with prior art techniques, must also take place after the attacking packet traversed the network.
  • Much of the difficulty in identifying the origin of an attack arises because the Internet employs a stateless routing infrastructure, in that it is one in which routing is based solely on destination addresses. Although source IP addresses may be transmitted with data, they are easy to forge, and as a result they are untrustworthy. A forged source address may bear no similarity to the actual source address from which the packet came. As a result, most prior art techniques and devices for preventing network attacks attempt to stop delivery of malicious packets at the ultimate destination device rather than attempting to locate their origin. Such origin is referred to as an entry point, also referred to as an ingress point or intrusion location, onto the network. Failing to identify the source address of malicious packets inhibits preventing further attacks, and such failure makes identification of the actual perpetrator difficult.
  • FIG. 1
  • FIG. 1 provides an example of a network employing prior art devices to thwart malicious packets. Two prior art autonomous systems are shown, PAS1 and PAS2, respectively, connected to the Internet, or public network (PN1) shown comprised of routers R2-R6. An autonomous system (AS) is a network domain in which all routers in the AS can exchange routing tables. Often the AS may be a local area network (LAN) such as one found at a university, municipality, large corporation, or Internet Service Provider (ISP). An AS may further be comprised of computers, or hosts, connected to the AS such as H1-H3 for PAS1 or H4-H5 for PAS2, respectively. An AS is normally connected to the public network by one or more border routers, here R1 (for PAS1) or a firewall F1 (for PAS2) incorporating router functionality.
  • Border routers contain routing tables for other routers within the AS and for routers within the public network that are connected to the AS by a link, i.e. a communicative connection. In FIG. 1, R1 is a border router for PAS1 and it connects to the Internet using representative link L1. Routing tables act as road maps for routers on the network, in that they are used to ensure that network traffic is forwarded through the appropriate links in route to a desired destination address.
  • Firewalls are typically installed between a local area network (LAN), or intranet, and the Internet, or public network. Firewalls act as gatekeepers for an AS in that they allow certain packets in while excluding other packets. Firewalls may be implemented in routers or servers connected between an AS and the Internet, or they may function as standalone devices. Rule sets are used by firewalls to determine which packets will be allowed into their respective AS and which packets will be discarded. Since rules determine which packets get through the firewalls, only packets known to be problematic can be stopped. Therefore, rule sets must be updated on a regular basis to provide protection against new threat characteristics.
  • Additional protection for an AS may be obtained by supplementing border routers and firewalls with intrusion detection systems (IDSs). IDSs also use rule-based algorithms to determine if a given pattern of network traffic is abnormal. The general premise used by an IDS is that malicious network traffic will have a different pattern from normal, or legitimate, network traffic. Using a rule set, an IDS monitors inbound traffic to an AS. When a suspicious pattern or event is detected, the IDS may take remedial action, or it can instruct a border router or firewall to modify operation to address the malicious traffic pattern. For example, remedial actions may include disabling the link carrying malicious traffic, discarding packets coming from a particular source address, or discarding packets addressed to a particular destination. In FIG. 1, IDS1 is used to protect PAS1 and IDS2 is used in conjunction with F1 to protect PAS2.
  • Although border routers, firewalls, and IDSs can be used to help prevent known packets from entering an AS, they are not well equipped for stopping unknown packets because they rely on rule-based look up tables containing signatures of known threats. In addition, border routers, firewalls, and IDSs generally are not well equipped for identifying the origin, or ingress location, of malicious packets, particularly when spoofing is employed. Even when spoofing is not used, the above-noted devices may not be able to determine the ingress point for packets because packets often traverse many Internet links and devices, such as routers, bridges, and switches, before arriving at an AS. Reliably tracing the path of a packet often requires information about each link traversed by a packet. To obtain this information, routing data must remain with the packet or, alternatively, each router, or device, on the path must store information about, or a copy of, each packet traversing a network. With high-speed routers passing gigabits of data per second, storing full copies of packets is not practical.
  • What has been needed and what has not been available is a method for identifying the origin of malicious packets that can be implemented in an AS on the Internet and which addresses all shortcomings of prior art protection techniques. Embodiments of the present invention offer welcome solutions to these prior art protection problems.
  • SUMMARY OF THE INVENTION
  • Embodiments of the present invention employ apparatus, system, computer program product and/or method for identifying an intrusion point of a malicious or target packet into a network. More specifically, in a network including multiple hosts and multiple routers for facilitating transmission of packets on a network, a system, for example, is employed for determining the point of entry of a malicious packet. An intrusion detection system detects the entry of a malicious packet in the network. A source path isolation server responsive to the intrusion detection system isolates the malicious packet and thereby determines the point of entry of the malicious packet. In a further embodiment of the system, the source path isolation server includes a means for generating a query message containing information about the malicious packet and a means for forwarding the query message to some of the routers located one hop away. In still a further embodiment of the system, certain of the routers include means for generating a hash value of the identification information about the malicious packet, a means for establishing a bit map of hash values representative of packets having passed through the respective router, and a means for comparing the hash value of the identification information to the hash values of packets having passes through the respective router.
  • In a further aspect of the invention, in a network carrying a plurality of packets where at least one of the packets is a target packet, the network includes at least one network component, a detection device and a server, a technique for determining the point of entry of a target packet into the network. The target packet is received from the detection device at the server. A query message is sent to a first one of the network components where the query message identifies the target packet. A reply containing information about the target packet from the first network component is received. The reply is processed to extract information contained therein. And, the information is used in a manner that allows the entry point of the target packet to ultimately be determined.
  • In yet a further aspect of the invention, in a network carrying a plurality of packets, a computer-readable data signal is embodied in a transmission medium used to identify an intrusion location of a target packet. The network includes a server and a network component having a memory storing representations of the plurality of packets, namely the data signal. A header portion includes an address of the network component. And, a body portion includes at least a portion of the target packet, the body portion being compared to corresponding representations where a match between a portion of the target packet and one of the representations indicates that the network component encountered the target packet.
  • In still a further aspect of the invention, in a network carrying a plurality of packets, the network includes a network component having a memory storing first information about a subset of the plurality of packets having passed through the network component. The network component further includes a processor for computing a first hash value of a target packet and a second hash value of a member of the subset of the plurality of packets. The memory also stores second information about an intrusion location of the target packet in the network. A data structure stored in the memory includes information resident in a database used by a source path isolation program for determining the intrusion location with the data structure. A network component identification attribute corresponds to a location of the network component. A target packet attribute uniquely identifies the target packet. And, a reply packet attribute associated with at least one of the members and being associated with the network component identification attribute identifies the origin of the reply packet with the reply packet indicating that the member was encountered if the first hash value matches the second hash value.
  • It is advantageous to employ embodiments of the present invention to protect data networks. A further advantage of the invention is the elimination of problems caused by undetected malicious packets in a network. A still further advantage of the invention is that it detects malicious packets without requiring special purpose network equipment. Furthermore, the present invention communicates information about malicious packets to other network devices thus enhancing network security. Another advantage of the invention is that it efficiently uses stored information about packets to facilitate detecting malicious packets.
  • It is thus a general object of the present invention to provide improved packet networks.
  • It is another object of the present invention to eliminate problems caused by malicious packets in a network.
  • It is a further object of the present invention to identify malicious packets to facilitate identifying their intrusion locations into the network.
  • It is a further object of the present invention to quickly identify ingress points of malicious packets when distributed attacks are launched against a network.
  • It is yet a further object of the present invention to efficiently use stored information about packets traversing a link in a network.
  • Further objects and advantages of the present invention will become more apparent after reference to the detailed description of exemplary embodiments thereof taken in conjunction with the accompanying drawings in which:
  • BRIEF DESCRIPTION OF THE DRAWINGS
  • FIG. 1 is a block diagram of a prior art network comprising autonomous systems;
  • FIG. 2 is a block diagram of an exemplary embodiment of the present invention operating in conjunction with an Internet network;
  • FIG. 3 is a schematic diagram of an autonomous system coupled to a plurality of external networks;
  • FIG. 4 is a flowchart illustrating an exemplary method for use with a source path isolation server;
  • FIG. 5 is a schematic diagram of an exemplary data structure for storing information in a source path isolation server for use in performing source path isolation techniques; and
  • FIG. 6 is a block diagram of a general-purpose computer configurable for practicing exemplary embodiments or the invention.
  • DETAILED DESCRIPTION OF PREFERRED EMBODIMENT FIG. 2
  • A preferred embodiment uses a server and one or more specially configured network components, or devices, such as a router, within an autonomous system (AS) to determine the ingress point, or location, for a malicious packet (MP1). FIG. 2 illustrates an embodiment that may be used with an Internet Protocol network. More particularly, FIG. 2 is broken into three general areas enclosed within borders with communication media, such as links, carrying data traffic across the network, connecting the general areas. Links serve as a transmission media for data and signals on the network and may be comprised of wire, optical fiber, radio frequency (RF) transponders, or the like.
  • The rightmost portion of FIG. 2 denotes an AS, shown as AS1, enhanced by the addition of a source path isolation server (SS1) and network components, here routers, modified to work as source path isolation routers (SRs), denoted by SR14-17, respectively. Also included within AS1 is a detection device, here an intrusion detection system (IDS) denoted as IDS1, and host computers H1-H3. IDS1 may take the form of a commercially available IDS, or alternatively it may be developed specifically for participating in source path isolation systems and methods. IDSs and firewalls are well known in the art and will not be described in detail herein. An informative source of information on IDS and firewall functionality that may be used with the disclosed embodiments can be found in Firewalls and Internet Security: Repelling the Wily Hacker, by William R. Cheswick and Steven M. Bellowin, Addison-Wesley (1994).
  • SS1 may be comprised of a general-purpose computer, or server, operatively coupled to the network of AS1 and executing machine-readable code enabling it to perform source path isolation in conjunction with SR14-17 and IDS1. While SS1 and IDS1 are shown as separate devices in FIG. 2, it is noted that they can be combined into a single unit performing both intrusion detection and source path isolation. SR14-17 may be comprised of commercially available routers, or similar devices such as switches, bridges or the like, employing software and hardware enabling them to participate in source path isolation.
  • The central portion of FIG. 2 represents the public network, shown as PN1, carrying traffic between the autonomous systems, namely IAS1, and AS1, AS2 and AS3. PN1 comprises routers R2-R6, links operatively coupling the routers making up PN1, and links attaching to ASs coupled to PN1. PN1 may also comprise computers external to an AS (not shown). In the foregoing discussion, routers that have not been modified to act as source path isolation routers (SRs) are denoted as Rx, such as those located in PN1, where x is a number such as 2, 3, 4, etc.
  • The lower portion of FIG. 2 includes other autonomous systems, AS2 and AS3 that may be operatively connected to PN1. AS2 and AS3 may employ source path isolation apparatus and methods, or alternatively, they may be prior art autonomous systems (PAS).
  • The leftmost portion of FIG. 2 shows an autonomous system (IAS1) used by an intruder to launch an attack on AS1. IAS1 contains an IDS, shown as IDS2, operatively coupled to three host computers H4, H5 and I1 using links. In FIG. 2, I1 has been configured such that it places a malicious packet (MP1) onto LAS1 for transmission to AS1 via PN1. While FIG. 2 illustrates a computer configured to place MP1 onto the network, routers, switches, gateways and other hardware capable of placing machine-readable data onto a network may be used in place of or in conjunction with such computer. When a device has been configured to inject an MP1 onto a network, it is referred to as an intruder or intruding device.
  • To launch an attack, an intruder generates malicious data traffic and places it onto a link for transmission to one or more destination devices having respective destination addresses. In FIG. 2, the heavy lines are used to indicate the path taken by MP1, namely I1 to IDS2, IDS2-R6, R6-R3, R3-R2, R2-SR15, SR15-SR16, and SR16-IDS1 (where hyphenation implies operative coupling between network components). The thick dashed link from IDS1-H3 denotes the intended path to the targeted device H3.
  • Detection and source path isolation of MP1 may be accomplished as follows. Detection device, here IDS1, identifies MP1 using known methods. After detecting MP1, IDS1 generates a notification packet, or triggering event, and sends it to SS1 thus notifying SS1 that a malicious packet has been detected within AS1. The notification packet may include MP1 or portions thereof along with other information useful for SS1 to begin source path isolation. Examples of information that may be sent from IDS1 to SS1 along with MP1 are time-of-arrival, encapsulation information, link information, and the like. When MP1 (or fraction thereof) has been identified and forwarded to SS1 it is referred to as a target packet (TP1) because it becomes the target of the source path isolation method further described herein.
  • SS1 may then generate a query message (QM1) containing TP1, a portion thereof, or a representation of TP1 such as a hash value. After generating QM1 containing identification information about TP1, SS1 sends it to some, or all, participating routers. Accordingly, SS1 may send QM1 to participating routers located one hop away; however the disclosed invention is not limited to single hops. For example, SR16 is one hop away from SS1, whereas SR14, SR15 and SR17 are two hops away from SS1 and one hop away from SR16, respectively. When SR16 receives QM1 from SS1, SR16 determines if TP1 has been seen. This determination is made by comparing TP1 with a database containing signatures of other characteristics representative of packets having passed through SR16. Typically, SR16 is considered to have observed, or encountered, a packet when the packet is passed from one of its input ports to one of its output ports such as would be done when SR16 forwards during normal operation within a network.
  • To determine if a packet has been observed, SR16 first stores a representation of each packet it forwards. Then SR16 compares the stored representation to the information about TP1 contained in QM1. Typically, a representation of a packet passed through SR16 will not be a copy of the entire packet, but rather it will be comprised of a portion of the packet or some unique value representative of the packet. Since modern routers can pass gigabits of data per second, storing complete packets is not practical because memories become prohibitively large. In contrast, storing a value representative of the contents of a packet uses memory in a more efficient manner. By way of example, if incoming packets range in size from 256 bits to 1000 bits, a fixed width number may be computed across the bits making up a packet in a manner that allows the entire packet to be uniquely identified. A hash value, or hash digest, is an example of such a fixed width number. To further illustrate the use of representations, if a 32-bit hash digest is computed across each packet, then the digest may be stored in memory or, alternatively, the digest may be used as an index, or address, into memory. Using the digest, or an index derived therefrom, results in efficient use of memory while still allowing identification of each packet passing through a router. The disclosed invention works with any storage scheme that saves information about each packet in a space efficient fashion, that can definitively determine if a packet has not been observed, and that will respond positively (i.e. in a predictable way) when a packet has been observed. Although the invention works with virtually any technique for deriving representations of packets, for brevity, the remaining discussion will use hash digests as exemplary representations of packets having passed through a participating router.
  • Returning to the discussion of FIG. 2, if SR16 has not observed TP1, it may so inform SS1. But if SR16 has a hash matching TP1, it may send a response to SS1 indicating that the packet was observed by, or at, SR16. In addition, SR16 may forward QM1 to adjacent routers 1 hop away, In FIG. 2, SR16 sends QM1 to SR14, SR15 and SR17. Then, SR14, 15 and 17 determine if they have seen TP1 and notify SS1 accordingly. In this fashion, the query message/reply process is forwarded to virtually all SRs within an AS on a hop-by-hop basis.
  • In FIG. 2, routers SR14, SR15 and SR17 are border routers for AS1, namely they are the routers that contain routing tables for routers outside AS1. If routers external to AS1 have not been configured to operate as SRs, then the query message/reply process stops at SR14-17; however, if the public network routers are configured to act as SRs then the query message/reply process may continue until the SR closest to the ingress point of TP1 is reached. When the SR closest to the ingress point is found, it can be instructed to disconnect the link used by the intruder or it can be instructed to drop packets originating from the intruder's Internet Protocol (IP) address on a particular link, or based on other identifying information.
  • Still referring to FIG. 2 and the route taken by MP1, if the routers making up PN1 are not participating as SRs, then SR15 would be instructed to exclude TPs. SR15 excludes a TP, present at an input port, by preventing it from passing to an output port. In contrast, if the routers making up PN1 were participating as SRs then R6 could be instructed to exclude TPs present at its input port.
  • The process used to perform source path isolation in FIG. 2 is referred to as an inward-out technique. After being triggered by an IDS, an inward-out technique begins its queries from a generally central portion of an AS. The inward-out technique then employs QMs that hop outward from the central portion of the AS toward the border routers comprised therein.
  • FIG. 3
  • FIG. 3 illustrates an autonomous system (AS), 300, employing border routers denoted generally as B connected to external networks EN1-EN7, other routers within 300 connected to the border routers generally denoted as A, and a source path isolation server denoted as SS. AS 300 may also include additional routers (not shown) located between SS and border routers B. An inward-out solution begins with SS at the center of FIG. 3 and works outward one hop at a time until the border routers, B, are reached. For FIG. 3, the routers labeled A are queried on the first hop and the border routers, B, are queried on a second, or subsequent, hop. Since the locations of border routers are known within AS 300, an outward-in solution may also be employed. With an outward-in solution, SS first queries the border routers, B, and they in turn query the routers labeled A. As can be seen from FIG. 3, an outward-in solution gets progressively closer to the center of AS 300. The disclosed technique can be used on networks containing virtually any number of participating routers. While inward-out and outward-in techniques have been herein described, the disclosed techniques are not limited to any particular types of solution or localization algorithms. Furthermore, SS may send queries to participating routers located virtually anywhere in the network so that many types of source path isolation techniques can be employed. Thus it can be seen that the disclosed technique is very scalable and flexible.
  • Further detail of the operation of a source path isolation server (SS) and a source path isolation router (SR) are provided hereinbelow.
  • FIG. 4 Exemplary Method for Source Path Isolation Server
  • FIG. 4 illustrates an exemplary method for accomplishing source path isolation. The method begins when SS1 receives TP1 from IDS1 operating within AS1 (step 402).
  • After receiving TP1, SS1 may generate QM1 comprising TP1 and any additional information desirable for facilitating communication with participating routers (SRs) (step 404). Examples of additional information that may be included in QM1 are, but are not limited to, destination addresses for participating routers, passwords required for querying a router, encryption keying information, time-to-live (TTL) fields, a hash digest of TP1, information for reconfiguring routers, and the like. SS1 may then send QM1 to SRs located at least one hop away (step 406). SR may then process QM1 by hashing TP1 contained therein and comparing the resulting value to hash values stored in local memory, where the stored hash values identify packets having previously passed through SR.
  • After processing QM1, an SR may send a reply to SS1 (step 408). The response may indicate that a queried router has seen TP1, or alternatively, that it has not (step 410). It is important to observe that the two answers are not equal in their degree of certainty. If SR does not have a hash matching TP1, SR has definitively not seen TP1. However, if SR has a matching hash, then SR has seen TP1 or a packet that has the same hash as TP1. When two different packets, having different contents, hash to the same value it is referred to as a hash collision.
  • If a queried SR has seen TP1, a reply and identification (ID) information for the respective SR is associated as active path data (step 414). Alternatively, if an SR has not seen TP1, the reply is associated as inactive path data (step 412). Replies received from queried SRs are used to build a source path trace of possible paths taken by TP1 through the network using known methods (step 416). SS1 may then attempt to identify the ingress point for TP1 (step 418). If SS1 is unable to determine the ingress point of TP1, subsequent responses from participating routers located an additional hop away are processed by executing steps 408-418 again (step 424).
  • Examples of source path tracing techniques that may be employed with embodiments disclosed herein are, but are not limited to, a breadth-first search or a depth-first search. In a breadth-first search, all SRs in an area are queried to determine which SRs may have observed a target packet. Then, one or more graphs, containing nodes, are generated from the responses received by SS1. Where the nodes indicate locations that TP1 may have passed. Any graphs containing a node where TP1 was observed are associated as active, or candidate, paths, i.e. paths that TP1 may have traversed. With a depth-first search, only SRs adjacent to a location where TP1 was observed are queried. SRs issuing a positive reply are treated as starting points for candidate graphs because they have observed TP1. Next, all SRs adjacent to those that responded with a positive reply are queried. The process of moving the query/response process out one hop at a time is referred to as a round. This process is repeated until all participating routers have been queried or all SRs in a round respond with a negative reply indicating that they have not observed TP1. When a negative reply is received, it is associated as inactive path data.
  • When SS1 has determined an ingress point for TP1, it may send a message to IDS1 indicating that a solution has been found (step 420). Often it will be desirable to have the participating router closest to the ingress point close off the ingress path used by TP1. As such, SS1 may send a message to the respective participating router instructing it to close off the ingress path using known techniques (step 422). SS1 may also archive path solutions, data sent, data received, and the like either locally or remotely. Furthermore, SS1 may communicate information about source path isolation attempts to devices at remote locations coupled to a network. For example, SS1 may communicate information to a network operations center (NOC), a redundant source path isolation server, or to a data analysis facility for post processing.
  • Here it is noted that as SS1 attempts to build a trace of the path taken by TP1, multiple paths may emerge as a result of hash collisions occurring in participating routers. When collisions occur, they act as false positives in the sense that SS1 interprets the collision as an indication that a desired TP1 has been observed. Fortunately the occurrences of hash collisions can be mitigated. One mechanism for reducing hash collisions is to compute large hash values over the packets since the chances of collisions rise as the number of bits comprising the hash value decreases. Another mechanism for reducing collisions is to control the density of the hash tables in the memories of participating routers. That is, rather than computing a single hash value and setting a single bit for an observed packet, a plurality of hash values are computed for each observed packet using several unique hash functions. This produces a corresponding number of unique hash values for each observed packet. While this approach fills the router's hash table at a faster rate, the reduction in the number of hash collisions makes the tradeoff worthwhile in many instances.
  • FIG. 5 Exemplary Data Structure for Storing Trace Information
  • FIG. 5 illustrates an exemplary data structure 500 stored in a database (not shown) in a memory on a source path isolation server. Data structure 500 stores information used in conjunction with performing source path isolation of a target packet. While FIG. 5 illustrates one data structure, it will be obvious to those skilled in the relevant arts that a plurality of data structures may be employed and that the data structures may include additional parameters and take on different forms from those of the exemplary data structure discussed herein.
  • Data structure 500 is comprised of a record R(1) containing attributes, or parameters, having data associated therewith. In the upper left portion of FIG. 5 are three parameters associated with the entire record R(1), namely a target packet attribute, shown as Target ID, a time attribute, shown as Time, and a source attribute, shown as Source. These attributes together serve as a handle for R(1) to facilitate storage into, and recall from, a machine-readable memory (not shown). Here Target ID is associated with unique information associated with a particular target packet (TP) received from a detection device such as an IDS or firewall. Time may be used to identify either the time at which TP was received at an SS, the time that TP was received at a detection device, or the time that R(1) was opened. Source may be used to identify the link that TP was detected on by the detection device, or alternatively, source may be used to uniquely identify the detection device that forwarded TP to SS.
  • Within 500 are exemplary column headings indicating still other attributes that may be used to facilitate source path isolation of TP. For example, a network component identification attribute, shown as node ID, may be used to identify particular nodes, such as routers, switches, bridges, or the like, within a network that have been queried by SS. Link may be used to identify the particular link on which TP was observed. A reply packet attribute, shown as Node Response, may be used to indicate if a queried node has observed TP. Node time may indicate the time, preferably using some common reference, at which a respective node observed TP. Time is useful for assessing how long TP has been in the network and for performing comparisons with fields such as time-to-live (TTL). The attribute Transformed is used to track variants of TP in the event it has undergone a transformation. If TP has been transformed, it may he useful to have multiple entries associated the respective TP. For example in FIG. 5, node 04 has two entries for tracing an untransformed and a transformed version of TP. Status may be used to monitor network links associated with queried nodes. For example, a status of “ON” may indicate that a link is still active, i.e. carrying data traffic, while a status of “OFF” may indicate that a link has been disabled to exclude data traffic.
  • FIG. 5 illustrates one exemplary embodiment of a data structure that may be used for facilitating source path isolation; however, variations of the data structure format and number of records may be readily employed without departing from the spirit of the invention. For example, the terms “YES/NO” and “ON/OFF” used in conjunction with node response, transformed, and status may be desirable when conveying information to an operator; however, flags such as 1 or 0 may also be used to indicate the status of various attributes. In addition, a plurality of records may be generated when performing source path isolation. Additionally, other column entries may be used in conjunction with, or in place of, those shown in FIG. 5. For example, it may be desirable to associate the hash value, or alternatively, the contents of TP with each record. It may also be desirable to have a record associated with each target packet encountered or, alternatively, with each detection device employed within a network. And, it may be desirable to have still other data structures or records associated with source path solutions that have been generated in response to detected TPs.
  • FIG. 6 Exemplary System for Performing Method
  • FIG. 6 illustrates a system 620 comprising a general-purpose computer that can be configured to practice disclosed embodiments. System 620 executes machine-readable code to perform the methods heretofore disclosed and includes a processor 602, main memory 604, read only memory (ROM) 606, storage device 608, bus 610, display 612, keyboard 614, cursor control 616, and communication interface 618.
  • Processor 602 may be any type of conventional processing device that interprets and executes instructions. Main memory 604 may be a random access memory (RAM) or a similar dynamic storage device. Main memory 604 stores information and instructions to be executed by processor 602. Main memory 604 may also be used for storing temporary variables or other intermediate information during execution of instructions by processor 602. ROM 606 stores static information and instructions for processor 602. It will be appreciated that ROM 606 may be replaced with some other type of static storage device. Storage device 608, also referred to as data storage device, may include any type of magnetic or optical media and their corresponding interfaces and operational hardware. Storage device 608 stores information and instructions for use by processor 602. Bus 610 includes a set of hardware lines (conductors, optical fibers, or the like) that allow for data transfer among the components of system 620.
  • Display device 612 may be a cathode ray tube (CRT), liquid crystal display (LCD) or the like, for displaying information in an operator or machine-readable form. Keyboard 614 and cursor control 616 allow the operator to interact with system 620. Cursor control 616 may be, for example, a mouse. In an alternative configuration, keyboard 614 and cursor control 616 can be replaced with a microphone and voice recognition means to enable an operator or machine to interact with system 620.
  • Communication interface 618 enables system 620 to communicate with other devices/systems via any communications medium. For example, communication interface 618 may be a modem, an Ethernet interface to a LAN, an interface to the Internet, a printer interface, etc. Alternatively, communication interface 618 can be any other interface that enables communication between system 620 and other devices, systems or networks. Communication interface 618 can be used in lieu of keyboard 614 and cursor control 616 to facilitate operator or machine remote control and communication with system 620.
  • As will be described in detail below, system 620 may provide SS1 operating within AS1 with the ability to perform source path isolation for a given TP. SS1 may receive MP1 from IDS1 and generate QM1 in response to processor 602 executing sequences of instructions contained in, for example, memory 604. Such instructions may be read into memory 604 from another computer-readable medium, such as storage device 608, or from another device coupled to bus 610 or coupled via communication interface 618. Execution of sequences of instructions contained in memory 604 causes processor 602 to perform the method described in conjunction with FIG. 4. For example, processor 602 may execute instructions to perform the functions of receiving a target packet (step 402), receiving replies from queried routers (step 408), and building a trace of the path traveled by TP (step 416). Alternatively, hard-wired circuitry may be used in place of or in combination with software instructions to implement the functions of SS1. Thus, the disclosed embodiments of SS1 are not limited to any specific combination of hardware circuitry and software. For example, the functionality may be implemented in an application specific integrated circuit (ASIC), a field-programmable gate array (FPGA), or the like, either alone or in combination with other devices to provide desired functionality.
  • Conclusion
  • As can be seen, the disclosed embodiments provide the functionality necessary to facilitate source path isolation of malicious packets in a network. While the preceding disclosure is directed to an Internet Protocol (IP) network, disclosed embodiments can be used in conjunction with other network protocols such as frame relay, asynchronous transfer mode (ATM), synchronous optical network (SONET), and the like. In addition, disclosed embodiments may be adapted to operate within different layers of a network such as the data link layer, network layer, transport layer or the like. Furthermore, the disclosed embodiments are not limited to particular network topologies or architectures.
  • Furthermore the disclosed methods for implementing a source path isolation server (SS) are not limited to a single programming language or hardware architecture. For example, software for performing the functions of SS may be implemented in a high level programming language such as C, C++, LISP, or the like. Alternatively, software may be implemented in a lower level language such as assembly language, or a device specific language, where requirements such as speed must be met. Furthermore, SS may be configured to communicate with, and make information available to, other devices operatively connected to a network using known programming languages and techniques. For example, it may be desirable to have SS make source path isolation solutions available to an operator responsible for monitoring network security. In addition, SS can be implemented in a distributed fashion either by employing multiple processors or by having various components physically separated and coupled by a communication means such as a distributed bus, network, or the like. Also, it may be desirable to have SS communicate with one or more SRs over a dedicated network instead of using the network carrying data traffic among the SRs. For example, using a dedicated network may provide additional security, reliable bandwidth, or communication redundancy in the event that one or more links to an SR is disabled.
  • Query messages (QMs) and replies are not limited, to a single network protocol or packet type. In many instances, it will be desirable to have QMs and replies transported using readily known protocols; however, customized protocols and message types can be used. For example, it may be desirable to employ a smart packet for sending QMs to participating routers. A smart packet is one that may contain a standard message, such as the data from a target packet, along with machine-readable instructions for instructing a receiving device, such as an SR, to modify its operation in response to the contents of the executable instructions contained therein. Smart packets facilitate rapid responses to network intrusions by allowing an SR to modify operation soon after receiving a QM from as SS, or a forwarded QM from a participating router.
  • Furthermore, the disclosed methods can operate on encapsulated data such as would be encountered if network data were encrypted, converted from one network protocol to another, or a packet was split for transmission over more than one link. As can be seen, many variations of the disclosed embodiments are possible without departing from the spirit of the invention.
  • Therefore, the present embodiments are to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes within the meaning and range of equivalency of the claims are therefore intended to be embraced therein.

Claims (19)

1. A system for determining a point of entry of a malicious packet into a network using a representation of the malicious packet, the system comprising:
an intrusion detection system for detecting the malicious packet in the network; and
an isolation server responsive to operation of the intrusion detection system, for isolating the malicious packet;
wherein the system is operable such that the point of entry of the malicious packet is determined.
2. The system of claim 1 and wherein the isolation server further comprises: computer code for generating a message containing identification information about the malicious packet.
3. The system of claim 2 and wherein the isolation server further comprises: computer code for forwarding the message to certain of a plurality of routers displaced one hop away from the server.
4. The system of claim 3 and wherein the certain of the plurality of routers comprises:
computer code for generating a hash value of the identification information;
computer code for establishing a bit map of hash values representative of those of packets which are transmitted through the certain of the plurality of routers; and
computer code for comparing the hash value against the hash values.
5. A computer program product embodied on a computer readable medium for determining whether a target packet has been encountered in a network, comprising:
computer code for sending a message identifying the target packet to at least one network component;
computer code for receiving a reply containing information associated with the target packet from the at least one network component; and
computer code for processing the reply to extract the information; and
computer code for using the information, wherein the computer program product is operable such that it is determined whether the target packet has been encountered in the network.
6. The computer program product of claim 5 and wherein a detection device is incorporated into a server including at least a portion of the computer code.
7. The computer program product of claim 5 and wherein the network further includes a host, the host including capability for placing packets onto the network.
8. The computer program product of claim 5 and wherein the computer code for sending operates to include the target packet into the message.
9. The computer program product of claim 5 and wherein the message comprises a representation of the target packet.
10. The computer program product of claim 9 and wherein the representation is a hash of at least a portion of the target packet.
11. The computer program product of claim 5 and wherein the at least one network component is located one hop away from a server.
12. The computer program product of claim 5 and wherein the at least one network component is located more than one hop away from a server.
13. The computer program product of claim 5 and wherein a first component of the at least one network component forwards the reply to another of the at least one network component.
14. The computer program product of claim 13 and wherein the first component is a router.
15. The computer program product of claim 5 and wherein the information is hash information derived from hashing at least a portion of the message to obtain a query hash value.
16. The computer program product of claim 5 and wherein the computer code for determining is accomplished using a source path isolation technique.
17. The computer program product of claim 16 and wherein the source path isolation technique includes a breadth-first search.
18. The computer program product of claim 16 and wherein the source path isolation technique includes a depth-first search.
19. A method for determining whether a target packet has been encountered in a network, comprising:
sending a message identifying the target packet to at least one network component;
receiving a reply containing information associated with the target packet from the at least one network component; and
processing the reply to extract the information; and
using the information, wherein it is determined whether the target packet has been encountered in the network.
US12/762,366 2000-06-19 2010-04-18 Method and apparatus for tracing packets Abandoned US20100205670A1 (en)

Priority Applications (9)

Application Number Priority Date Filing Date Title
US21242500P true 2000-06-19 2000-06-19
US88114501A true 2001-06-14 2001-06-14
US09/881,074 US6981158B1 (en) 2000-06-19 2001-06-14 Method and apparatus for tracing packets
US34146201P true 2001-12-14 2001-12-14
US40797502P true 2002-09-05 2002-09-05
US10/251,403 US7328349B2 (en) 2001-12-14 2002-09-20 Hash-based systems and methods for detecting, preventing, and tracing network worms and viruses
US10/654,771 US20040073617A1 (en) 2000-06-19 2003-09-04 Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail
US12/249,804 US20090313339A1 (en) 2000-06-19 2008-10-10 Method and apparatus for tracing packets
US12/762,366 US20100205670A1 (en) 2000-06-19 2010-04-18 Method and apparatus for tracing packets

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US12/762,366 US20100205670A1 (en) 2000-06-19 2010-04-18 Method and apparatus for tracing packets

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US12/249,804 Continuation US20090313339A1 (en) 2000-06-19 2008-10-10 Method and apparatus for tracing packets

Publications (1)

Publication Number Publication Date
US20100205670A1 true US20100205670A1 (en) 2010-08-12

Family

ID=46204947

Family Applications (13)

Application Number Title Priority Date Filing Date
US10/654,771 Abandoned US20040073617A1 (en) 2000-06-19 2003-09-04 Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail
US12/243,778 Abandoned US20090031136A1 (en) 2000-06-19 2008-10-01 Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail
US12/243,785 Abandoned US20090031129A1 (en) 2000-06-19 2008-10-01 Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail
US12/248,790 Expired - Fee Related US8204945B2 (en) 2000-06-19 2008-10-09 Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail
US12/249,804 Abandoned US20090313339A1 (en) 2000-06-19 2008-10-10 Method and apparatus for tracing packets
US12/249,803 Abandoned US20090158435A1 (en) 2000-06-19 2008-10-10 Hash-based systems and methods for detecting, preventing, and tracing network worms and viruses
US12/249,823 Abandoned US20090158046A1 (en) 2000-06-19 2008-10-10 Hash-based systems and methods for detecting and preventing transmission of polymorphic network worms and viruses
US12/249,832 Abandoned US20090182867A1 (en) 2000-06-19 2008-10-10 Method and apparatus for identifying a packet
US12/762,366 Abandoned US20100205670A1 (en) 2000-06-19 2010-04-18 Method and apparatus for tracing packets
US12/762,365 Abandoned US20100205672A1 (en) 2000-06-19 2010-04-18 Hash-based systems and methods for detecting, preventing, and tracing network worms and viruses
US12/762,367 Expired - Fee Related US8272060B2 (en) 2000-06-19 2010-04-18 Hash-based systems and methods for detecting and preventing transmission of polymorphic network worms and viruses
US12/762,368 Abandoned US20100205265A1 (en) 2000-06-19 2010-04-19 Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail
US13/620,692 Abandoned US20130014261A1 (en) 2000-06-19 2012-09-14 Hash-based systems and methods for detecting and preventing transmission of polymorphic network worms and viruses

Family Applications Before (8)

Application Number Title Priority Date Filing Date
US10/654,771 Abandoned US20040073617A1 (en) 2000-06-19 2003-09-04 Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail
US12/243,778 Abandoned US20090031136A1 (en) 2000-06-19 2008-10-01 Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail
US12/243,785 Abandoned US20090031129A1 (en) 2000-06-19 2008-10-01 Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail
US12/248,790 Expired - Fee Related US8204945B2 (en) 2000-06-19 2008-10-09 Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail
US12/249,804 Abandoned US20090313339A1 (en) 2000-06-19 2008-10-10 Method and apparatus for tracing packets
US12/249,803 Abandoned US20090158435A1 (en) 2000-06-19 2008-10-10 Hash-based systems and methods for detecting, preventing, and tracing network worms and viruses
US12/249,823 Abandoned US20090158046A1 (en) 2000-06-19 2008-10-10 Hash-based systems and methods for detecting and preventing transmission of polymorphic network worms and viruses
US12/249,832 Abandoned US20090182867A1 (en) 2000-06-19 2008-10-10 Method and apparatus for identifying a packet

Family Applications After (4)

Application Number Title Priority Date Filing Date
US12/762,365 Abandoned US20100205672A1 (en) 2000-06-19 2010-04-18 Hash-based systems and methods for detecting, preventing, and tracing network worms and viruses
US12/762,367 Expired - Fee Related US8272060B2 (en) 2000-06-19 2010-04-18 Hash-based systems and methods for detecting and preventing transmission of polymorphic network worms and viruses
US12/762,368 Abandoned US20100205265A1 (en) 2000-06-19 2010-04-19 Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail
US13/620,692 Abandoned US20130014261A1 (en) 2000-06-19 2012-09-14 Hash-based systems and methods for detecting and preventing transmission of polymorphic network worms and viruses

Country Status (1)

Country Link
US (13) US20040073617A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9853885B1 (en) 2014-03-18 2017-12-26 Amazon Technologies, Inc. Using packet duplication in a packet-switched network to increase reliability
US9871720B1 (en) * 2014-03-18 2018-01-16 Amazon Technologies, Inc. Using packet duplication with encapsulation in a packet-switched network to increase reliability

Families Citing this family (314)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6628194B1 (en) * 1999-08-31 2003-09-30 At&T Wireless Services, Inc. Filtered in-box for voice mail, e-mail, pages, web-based information, and faxes
EP1085396A1 (en) 1999-09-17 2001-03-21 Hewlett-Packard Company Operation of trusted state in computing platform
US7032023B1 (en) 2000-05-16 2006-04-18 America Online, Inc. Throttling electronic communications from one or more senders
GB0020441D0 (en) 2000-08-18 2000-10-04 Hewlett Packard Co Performance of a service on a computing platform
GB0102516D0 (en) * 2001-01-31 2001-03-21 Hewlett Packard Co Trusted gateway system
WO2002065316A1 (en) * 2001-02-12 2002-08-22 Legato Systems, Inc. System and method of indexing unique electronic mail messages and uses for the same
GB2372345A (en) * 2001-02-17 2002-08-21 Hewlett Packard Co Secure email handling using a compartmented operating system
GB2372592B (en) 2001-02-23 2005-03-30 Hewlett Packard Co Information system
GB2372595A (en) * 2001-02-23 2002-08-28 Hewlett Packard Co Method of and apparatus for ascertaining the status of a data processing environment.
GB2376765B (en) 2001-06-19 2004-12-29 Hewlett Packard Co Multiple trusted computing environments with verifiable environment identities
GB2376761A (en) * 2001-06-19 2002-12-24 Hewlett Packard Co An arrangement in which a process is run on a host operating system but may be switched to a guest system if it poses a security risk
GB2376763B (en) * 2001-06-19 2004-12-15 Hewlett Packard Co Demonstrating integrity of a compartment of a compartmented operating system
US8056131B2 (en) * 2001-06-21 2011-11-08 Cybersoft, Inc. Apparatus, methods and articles of manufacture for intercepting, examining and controlling code, data and files and their transfer
US7673342B2 (en) * 2001-07-26 2010-03-02 Mcafee, Inc. Detecting e-mail propagated malware
US7487544B2 (en) * 2001-07-30 2009-02-03 The Trustees Of Columbia University In The City Of New York System and methods for detection of new malicious executables
US20030079140A1 (en) * 2001-10-24 2003-04-24 Yosuke Ura Multiple protecting system to protect personal computer data from burglary utilized flash memory drive
US20030084323A1 (en) * 2001-10-31 2003-05-01 Gales George S. Network intrusion detection system and method
EP1315066A1 (en) * 2001-11-21 2003-05-28 BRITISH TELECOMMUNICATIONS public limited company Computer security system
GB2382419B (en) * 2001-11-22 2005-12-14 * Hewlett-Packard Company Apparatus and method for creating a trusted environment
US7155608B1 (en) * 2001-12-05 2006-12-26 Bellsouth Intellectual Property Corp. Foreign network SPAM blocker
US7194464B2 (en) 2001-12-07 2007-03-20 Websense, Inc. System and method for adapting an internet filter
US8046832B2 (en) * 2002-06-26 2011-10-25 Microsoft Corporation Spam detector with challenges
AT403197T (en) * 2002-12-03 2008-08-15 Research In Motion Ltd Procedure, system and computer software product for preferred folder for one message
US20040111531A1 (en) * 2002-12-06 2004-06-10 Stuart Staniford Method and system for reducing the rate of infection of a communications network by a software worm
US7219131B2 (en) * 2003-01-16 2007-05-15 Ironport Systems, Inc. Electronic message delivery using an alternate source approach
US7461263B2 (en) * 2003-01-23 2008-12-02 Unspam, Llc. Method and apparatus for a non-revealing do-not-contact list system
US7249162B2 (en) * 2003-02-25 2007-07-24 Microsoft Corporation Adaptive junk message filtering system
US7219148B2 (en) * 2003-03-03 2007-05-15 Microsoft Corporation Feedback loop for spam prevention
US7543053B2 (en) * 2003-03-03 2009-06-02 Microsoft Corporation Intelligent quarantining for spam prevention
US7676546B2 (en) * 2003-03-25 2010-03-09 Verisign, Inc. Control and management of electronic messaging
US8606860B2 (en) * 2003-03-31 2013-12-10 Affini, Inc. System and method for providing filtering email messages
US20040193691A1 (en) * 2003-03-31 2004-09-30 Chang William I. System and method for providing an open eMail directory
US7680886B1 (en) 2003-04-09 2010-03-16 Symantec Corporation Suppressing spam using a machine learning based spam filter
US7650382B1 (en) 2003-04-24 2010-01-19 Symantec Corporation Detecting spam e-mail with backup e-mail server traps
US7366919B1 (en) 2003-04-25 2008-04-29 Symantec Corporation Use of geo-location data for spam detection
US7739494B1 (en) 2003-04-25 2010-06-15 Symantec Corporation SSL validation and stripping using trustworthiness factors
US7483947B2 (en) * 2003-05-02 2009-01-27 Microsoft Corporation Message rendering for identification of content features
US20050108340A1 (en) * 2003-05-15 2005-05-19 Matt Gleeson Method and apparatus for filtering email spam based on similarity measures
US7272853B2 (en) 2003-06-04 2007-09-18 Microsoft Corporation Origination/destination features and lists for spam prevention
US7293063B1 (en) 2003-06-04 2007-11-06 Symantec Corporation System utilizing updated spam signatures for performing secondary signature-based analysis of a held e-mail to improve spam email detection
US7287060B1 (en) * 2003-06-12 2007-10-23 Storage Technology Corporation System and method for rating unsolicited e-mail
US8145710B2 (en) 2003-06-18 2012-03-27 Symantec Corporation System and method for filtering spam messages utilizing URL filtering module
US7711779B2 (en) * 2003-06-20 2010-05-04 Microsoft Corporation Prevention of outgoing spam
US7519668B2 (en) * 2003-06-20 2009-04-14 Microsoft Corporation Obfuscation of spam filter
US8533270B2 (en) * 2003-06-23 2013-09-10 Microsoft Corporation Advanced spam detection techniques
US7155484B2 (en) 2003-06-30 2006-12-26 Bellsouth Intellectual Property Corporation Filtering email messages corresponding to undesirable geographical regions
US7814545B2 (en) 2003-07-22 2010-10-12 Sonicwall, Inc. Message classification using classifiers
US8112483B1 (en) * 2003-08-08 2012-02-07 Emigh Aaron T Enhanced challenge-response
US7503070B1 (en) * 2003-09-19 2009-03-10 Marshall Van Alstyne Methods and systems for enabling analysis of communication content while preserving confidentiality
US7203964B1 (en) * 2003-10-07 2007-04-10 Elmer V. Pass Method of stopping internet viruses
US7610341B2 (en) * 2003-10-14 2009-10-27 At&T Intellectual Property I, L.P. Filtered email differentiation
US20050080642A1 (en) * 2003-10-14 2005-04-14 Daniell W. Todd Consolidated email filtering user interface
US7921159B1 (en) 2003-10-14 2011-04-05 Symantec Corporation Countering spam that uses disguised characters
US7930351B2 (en) * 2003-10-14 2011-04-19 At&T Intellectual Property I, L.P. Identifying undesired email messages having attachments
US7451184B2 (en) * 2003-10-14 2008-11-11 At&T Intellectual Property I, L.P. Child protection from harmful email
US7664812B2 (en) * 2003-10-14 2010-02-16 At&T Intellectual Property I, L.P. Phonetic filtering of undesired email messages
US7548956B1 (en) * 2003-12-30 2009-06-16 Aol Llc Spam control based on sender account characteristics
US20050154601A1 (en) * 2004-01-09 2005-07-14 Halpern Joshua I. Information security threat identification, analysis, and management
JP4297345B2 (en) * 2004-01-14 2009-07-15 Kddi株式会社 Mass mail detection method and mail server
US8301702B2 (en) * 2004-01-20 2012-10-30 Cloudmark, Inc. Method and an apparatus to screen electronic communications
CA2457478A1 (en) * 2004-02-12 2005-08-12 Opersys Inc. System and method for warranting electronic mail using a hybrid public key encryption scheme
WO2005081477A1 (en) 2004-02-17 2005-09-01 Ironport Systems, Inc. Collecting, aggregating, and managing information relating to electronic messages
US8214438B2 (en) * 2004-03-01 2012-07-03 Microsoft Corporation (More) advanced spam detection features
US7644127B2 (en) * 2004-03-09 2010-01-05 Gozoom.Com, Inc. Email analysis using fuzzy matching of text
US20050204005A1 (en) * 2004-03-12 2005-09-15 Purcell Sean E. Selective treatment of messages based on junk rating
US20050204006A1 (en) * 2004-03-12 2005-09-15 Purcell Sean E. Message junk rating interface
US7966658B2 (en) * 2004-04-08 2011-06-21 The Regents Of The University Of California Detecting public network attacks using signatures and fast content analysis
US8171549B2 (en) * 2004-04-26 2012-05-01 Cybersoft, Inc. Apparatus, methods and articles of manufacture for intercepting, examining and controlling code, data, files and their transfer
US7941490B1 (en) * 2004-05-11 2011-05-10 Symantec Corporation Method and apparatus for detecting spam in email messages and email attachments
US7912905B2 (en) * 2004-05-18 2011-03-22 Computer Associates Think, Inc. System and method for filtering network messages
US7756930B2 (en) * 2004-05-28 2010-07-13 Ironport Systems, Inc. Techniques for determining the reputation of a message sender
US20060101680A1 (en) * 2004-05-28 2006-05-18 Smith Michael J Container contents identifier
US8166310B2 (en) 2004-05-29 2012-04-24 Ironport Systems, Inc. Method and apparatus for providing temporary access to a network device
US7917588B2 (en) * 2004-05-29 2011-03-29 Ironport Systems, Inc. Managing delivery of electronic messages using bounce profiles
US7849142B2 (en) * 2004-05-29 2010-12-07 Ironport Systems, Inc. Managing connections, messages, and directory harvest attacks at a server
US7870200B2 (en) * 2004-05-29 2011-01-11 Ironport Systems, Inc. Monitoring the flow of messages received at a server
US7873695B2 (en) * 2004-05-29 2011-01-18 Ironport Systems, Inc. Managing connections and messages at a server by associating different actions for both different senders and different recipients
US8161122B2 (en) * 2005-06-03 2012-04-17 Messagemind, Inc. System and method of dynamically prioritized electronic mail graphical user interface, and measuring email productivity and collaboration trends
US7941491B2 (en) * 2004-06-04 2011-05-10 Messagemind, Inc. System and method for dynamic adaptive user-based prioritization and display of electronic messages
US7748038B2 (en) * 2004-06-16 2010-06-29 Ironport Systems, Inc. Method and apparatus for managing computer virus outbreaks
US7565445B2 (en) 2004-06-18 2009-07-21 Fortinet, Inc. Systems and methods for categorizing network traffic content
US7664819B2 (en) 2004-06-29 2010-02-16 Microsoft Corporation Incremental anti-spam lookup and update service
GB2415854B (en) * 2004-07-01 2006-12-27 Ericsson Telefon Ab L M Email spam reduction method
US9154511B1 (en) 2004-07-13 2015-10-06 Dell Software Inc. Time zero detection of infectious messages
US7343624B1 (en) 2004-07-13 2008-03-11 Sonicwall, Inc. Managing infectious messages as identified by an attachment
US7904517B2 (en) * 2004-08-09 2011-03-08 Microsoft Corporation Challenge response systems
US7660865B2 (en) * 2004-08-12 2010-02-09 Microsoft Corporation Spam filtering with probabilistic secure hashes
US20060036695A1 (en) * 2004-08-12 2006-02-16 Rolnik Robert C Timed delivery of alert notifications based on user set criteria
FR2875317A1 (en) * 2004-09-10 2006-03-17 France Telecom Method for monitoring electronic courieres issued and / or received by a client of an internet access provider within a telecommunication network
US7490244B1 (en) 2004-09-14 2009-02-10 Symantec Corporation Blocking e-mail propagation of suspected malicious computer code
US7555524B1 (en) 2004-09-16 2009-06-30 Symantec Corporation Bulk electronic message detection by header similarity analysis
US9398037B1 (en) * 2004-09-27 2016-07-19 Radix Holdings, Llc Detecting and processing suspicious network communications
US8056128B1 (en) * 2004-09-30 2011-11-08 Google Inc. Systems and methods for detecting potential communications fraud
US8495144B1 (en) * 2004-10-06 2013-07-23 Trend Micro Incorporated Techniques for identifying spam e-mail
US7546349B1 (en) 2004-11-01 2009-06-09 Symantec Corporation Automatic generation of disposable e-mail addresses
US7197539B1 (en) 2004-11-01 2007-03-27 Symantec Corporation Automated disablement of disposable e-mail addresses based on user actions
FR2877528B1 (en) * 2004-11-02 2007-02-02 Bruno Decarpigny System and method for sending messages in an electronic messaging communication network, based on the use of a sending filter
US8010685B2 (en) * 2004-11-09 2011-08-30 Cisco Technology, Inc. Method and apparatus for content classification
US7936682B2 (en) * 2004-11-09 2011-05-03 Cisco Technology, Inc. Detecting malicious attacks using network behavior and header analysis
US20060161989A1 (en) * 2004-12-13 2006-07-20 Eran Reshef System and method for deterring rogue users from attacking protected legitimate users
US7756933B2 (en) * 2004-12-13 2010-07-13 Collactive Ltd. System and method for deterring rogue users from attacking protected legitimate users
US7640590B1 (en) 2004-12-21 2009-12-29 Symantec Corporation Presentation of network source and executable characteristics
US20060212523A1 (en) * 2005-03-21 2006-09-21 International Business Machines Corporation Policy based control of multiple message forwards
EP1866825A1 (en) 2005-03-22 2007-12-19 Hewlett-Packard Development Company, L.P. Methods, devices and data structures for trusted data
US7975010B1 (en) 2005-03-23 2011-07-05 Symantec Corporation Countering spam through address comparison
US20060227772A1 (en) * 2005-03-30 2006-10-12 Fujitsu Limited Method and system for packet data communication between networks
US8316446B1 (en) * 2005-04-22 2012-11-20 Blue Coat Systems, Inc. Methods and apparatus for blocking unwanted software downloads
JP4559295B2 (en) * 2005-05-17 2010-10-06 株式会社エヌ・ティ・ティ・ドコモ Data communication system and data communication method
US7757288B1 (en) 2005-05-23 2010-07-13 Symantec Corporation Malicious e-mail attack inversion filter
US7873998B1 (en) * 2005-07-19 2011-01-18 Trustwave Holdings, Inc. Rapidly propagating threat detection
US7930353B2 (en) * 2005-07-29 2011-04-19 Microsoft Corporation Trees of classifiers for detecting email spam
US7856090B1 (en) 2005-08-08 2010-12-21 Symantec Corporation Automatic spim detection
US8201254B1 (en) 2005-08-30 2012-06-12 Symantec Corporation Detection of e-mail threat acceleration
US7617285B1 (en) 2005-09-29 2009-11-10 Symantec Corporation Adaptive threshold based spam classification
US20070118759A1 (en) * 2005-10-07 2007-05-24 Sheppard Scott K Undesirable email determination
US7912907B1 (en) 2005-10-07 2011-03-22 Symantec Corporation Spam email detection based on n-grams with feature selection
US8065370B2 (en) 2005-11-03 2011-11-22 Microsoft Corporation Proofs to filter spam
US8191105B2 (en) * 2005-11-18 2012-05-29 Research In Motion Limited System and method for handling electronic messages
US8413245B2 (en) * 2005-12-16 2013-04-02 Cisco Technology, Inc. Methods and apparatus providing computer and network security for polymorphic attacks
US9286469B2 (en) * 2005-12-16 2016-03-15 Cisco Technology, Inc. Methods and apparatus providing computer and network security utilizing probabilistic signature generation
US7882560B2 (en) * 2005-12-16 2011-02-01 Cisco Technology, Inc. Methods and apparatus providing computer and network security utilizing probabilistic policy reposturing
US8495743B2 (en) * 2005-12-16 2013-07-23 Cisco Technology, Inc. Methods and apparatus providing automatic signature generation and enforcement
US7810160B2 (en) * 2005-12-28 2010-10-05 Microsoft Corporation Combining communication policies into common rules store
US8495037B1 (en) * 2006-02-21 2013-07-23 Symantec Operating Corporation Efficient isolation of backup versions of data objects affected by malicious software
US7627641B2 (en) * 2006-03-09 2009-12-01 Watchguard Technologies, Inc. Method and system for recognizing desired email
WO2007117582A2 (en) * 2006-04-06 2007-10-18 Smobile Systems Inc. Malware detection system and method for mobile platforms
US8028026B2 (en) * 2006-05-31 2011-09-27 Microsoft Corporation Perimeter message filtering with extracted user-specific preferences
US8332947B1 (en) 2006-06-27 2012-12-11 Symantec Corporation Security threat reporting in light of local security tools
US8020206B2 (en) 2006-07-10 2011-09-13 Websense, Inc. System and method of analyzing web content
US8615800B2 (en) 2006-07-10 2013-12-24 Websense, Inc. System and method for analyzing web content
US20080052284A1 (en) * 2006-08-05 2008-02-28 Terry Stokes System and Method for the Capture and Archival of Electronic Communications
US20080059588A1 (en) * 2006-09-01 2008-03-06 Ratliff Emily J Method and System for Providing Notification of Nefarious Remote Control of a Data Processing System
US20080059590A1 (en) * 2006-09-05 2008-03-06 Ecole Polytechnique Federale De Lausanne (Epfl) Method to filter electronic messages in a message processing system
US8856920B2 (en) * 2006-09-18 2014-10-07 Alcatel Lucent System and method of securely processing lawfully intercepted network traffic
US7788576B1 (en) * 2006-10-04 2010-08-31 Trend Micro Incorporated Grouping of documents that contain markup language code
GB2456107A (en) * 2006-11-06 2009-07-08 Dell Marketing Usa L P A system and method for managing data across multiple environments
KR100859664B1 (en) * 2006-11-13 2008-09-23 삼성에스디에스 주식회사 Method for detecting a virus pattern of email
US9654495B2 (en) 2006-12-01 2017-05-16 Websense, Llc System and method of analyzing web addresses
US8224905B2 (en) 2006-12-06 2012-07-17 Microsoft Corporation Spam filtration utilizing sender activity data
JP2008146517A (en) * 2006-12-13 2008-06-26 Hitachi Ltd System for distributing data and apparatus for maintaining index
US8577680B2 (en) * 2006-12-30 2013-11-05 Emc Corporation Monitoring and logging voice traffic on data network
US9152706B1 (en) 2006-12-30 2015-10-06 Emc Corporation Anonymous identification tokens
GB2458094A (en) 2007-01-09 2009-09-09 Surfcontrol On Demand Ltd URL interception and categorization in firewalls
US20130246378A1 (en) * 2007-04-30 2013-09-19 Stephen Owen Hearnden Partial hash system, method, and computer program product
US8423616B2 (en) * 2007-05-03 2013-04-16 Microsoft Corporation Identifying and correlating electronic mail messages
GB0709527D0 (en) 2007-05-18 2007-06-27 Surfcontrol Plc Electronic messaging system, message processing apparatus and message processing method
US20080313708A1 (en) * 2007-06-12 2008-12-18 Alcatel Lucent Data content matching
US20090077182A1 (en) * 2007-09-17 2009-03-19 Iconix, Inc System and method for identifying email campaigns
US20090083413A1 (en) * 2007-09-24 2009-03-26 Levow Zachary S Distributed frequency data collection via DNS
US7769485B2 (en) * 2007-09-29 2010-08-03 Pitney Bowes Inc. Systems and methods for segregating undesired mail
JP4444998B2 (en) * 2007-10-12 2010-03-31 富士通株式会社 E-mail information management program, e-mail information management apparatus, and e-mail information management method
US20090164506A1 (en) * 2007-12-19 2009-06-25 Casdex, Inc. System and Method for Content-Based Email Authentication
US8316442B2 (en) * 2008-01-15 2012-11-20 Microsoft Corporation Preventing secure data from leaving the network perimeter
US8392511B2 (en) * 2008-01-17 2013-03-05 International Business Machines Corporation Embedding a unique serial number into the content of an email for tracking information dispersion
US8489610B2 (en) * 2008-03-28 2013-07-16 Nec Corporation Method, system and program for information re-organization
US8161188B2 (en) * 2008-05-04 2012-04-17 Check Point Software Technologies, Ltd Devices and methods for providing network access control utilizing traffic-regulation hardware
US9456054B2 (en) 2008-05-16 2016-09-27 Palo Alto Research Center Incorporated Controlling the spread of interests and content in a content centric network
US9497205B1 (en) * 2008-05-19 2016-11-15 Emc Corporation Global commonality and network logging
US8214977B2 (en) * 2008-05-21 2012-07-10 Symantec Corporation Centralized scanner database with optimal definition distribution using network queries
US8732825B2 (en) * 2008-05-28 2014-05-20 Symantec Corporation Intelligent hashes for centralized malware detection
WO2009146536A1 (en) 2008-06-02 2009-12-10 Corporation De L'ecole Polytechnique De Montreal File presence detection and monitoring
US8806590B2 (en) * 2008-06-22 2014-08-12 Microsoft Corporation Signed ephemeral email addresses
US9378282B2 (en) 2008-06-30 2016-06-28 Raytheon Company System and method for dynamic and real-time categorization of webpages
US7530106B1 (en) * 2008-07-02 2009-05-05 Kaspersky Lab, Zao System and method for security rating of computer processes
US8180838B2 (en) * 2008-08-29 2012-05-15 Microsoft Corporation Efficiently managing modular data storage systems
US9177144B2 (en) * 2008-10-30 2015-11-03 Mcafee, Inc. Structural recognition of malicious code patterns
CN101415159B (en) * 2008-12-02 2010-06-02 腾讯科技(深圳)有限公司 Method and apparatus for intercepting junk mail
US9461930B2 (en) 2009-04-27 2016-10-04 Intel Corporation Modifying data streams without reordering in a multi-thread, multi-flow network processor
US8515965B2 (en) * 2010-05-18 2013-08-20 Lsi Corporation Concurrent linked-list traversal for real-time hash processing in multi-core, multi-thread network processors
US9208475B2 (en) * 2009-06-11 2015-12-08 Hewlett-Packard Development Company, L.P. Apparatus and method for email storage
US20100325372A1 (en) * 2009-06-17 2010-12-23 Housty Oswin E Parallel training of dynamic random access memory channel controllers
US8489685B2 (en) 2009-07-17 2013-07-16 Aryaka Networks, Inc. Application acceleration as a service system and method
US8874663B2 (en) * 2009-08-28 2014-10-28 Facebook, Inc. Comparing similarity between documents for filtering unwanted documents
CN102045305B (en) * 2009-10-20 2015-06-10 中兴通讯股份有限公司 Method and system for monitoring and tracking multimedia resource transmission
US8923293B2 (en) 2009-10-21 2014-12-30 Palo Alto Research Center Incorporated Adaptive multi-interface use for content networking
US8463938B2 (en) * 2009-10-23 2013-06-11 Comcast Cable Communications, Llc Address couplet communication filtering
US8751808B2 (en) * 2009-11-12 2014-06-10 Roy Gelbard Method and system for sharing trusted contact information
US8683216B2 (en) * 2010-07-13 2014-03-25 F-Secure Corporation Identifying polymorphic malware
KR20120066465A (en) * 2010-12-14 2012-06-22 한국전자통신연구원 Method for blocking denial-of-service attack
US9336380B2 (en) 2010-12-15 2016-05-10 Microsoft Technology Licensing Llc Applying activity actions to frequent activities
US9058492B1 (en) * 2011-02-14 2015-06-16 Symantec Corporation Techniques for reducing executable code vulnerability
US8458796B2 (en) * 2011-03-08 2013-06-04 Hewlett-Packard Development Company, L.P. Methods and systems for full pattern matching in hardware
US8462781B2 (en) 2011-04-06 2013-06-11 Anue Systems, Inc. Systems and methods for in-line removal of duplicate network packets
US9116879B2 (en) 2011-05-25 2015-08-25 Microsoft Technology Licensing, Llc Dynamic rule reordering for message classification
US9224000B1 (en) 2011-06-14 2015-12-29 Ionic Security, Inc. Systems and methods for providing information security using context-based keys
US8621630B2 (en) * 2011-06-17 2013-12-31 Microsoft Corporation System, method and device for cloud-based content inspection for mobile devices
US9553817B1 (en) * 2011-07-14 2017-01-24 Sprint Communications Company L.P. Diverse transmission of packet content
US9811664B1 (en) 2011-08-15 2017-11-07 Trend Micro Incorporated Methods and systems for detecting unwanted web contents
US8543543B2 (en) * 2011-09-13 2013-09-24 Microsoft Corporation Hash-based file comparison
US8700913B1 (en) 2011-09-23 2014-04-15 Trend Micro Incorporated Detection of fake antivirus in computers
US20130184878A1 (en) * 2012-01-13 2013-07-18 General Electric Company Systems and Methods for Tracing Nodes in an Electrical Network
US8954519B2 (en) 2012-01-25 2015-02-10 Bitdefender IPR Management Ltd. Systems and methods for spam detection using character histograms
US9130778B2 (en) * 2012-01-25 2015-09-08 Bitdefender IPR Management Ltd. Systems and methods for spam detection using frequency spectra of character strings
US9497149B2 (en) * 2012-02-03 2016-11-15 Richard Kramer System and method for reducing unsolicited E-mails
CN102664875B (en) * 2012-03-31 2014-12-17 华中科技大学 Malicious code type detection method based on cloud mode
US8719356B2 (en) 2012-04-17 2014-05-06 Return Path, Inc Methods, systems, and computer readable media for monitoring deliverability of electronic mail based on subscriber and seed deliverability data
US8347391B1 (en) * 2012-05-23 2013-01-01 TrustPipe LLC System and method for detecting network activity of interest
US20140007229A1 (en) * 2012-06-29 2014-01-02 Christopher T. Smith System and method for identifying installed software products
US9491069B2 (en) 2012-07-29 2016-11-08 Verint Systems Ltd. System and method of high volume rule engine
KR101336278B1 (en) 2012-09-19 2013-12-03 충북대학교 산학협력단 Light-weight hash algorithm for data security in wireless sensor networks
US10346369B2 (en) * 2012-10-11 2019-07-09 Delphix Corp. Retrieving point-in-time copies of a source database for creating virtual databases
EP2720416A1 (en) * 2012-10-12 2014-04-16 Anam Technologies Limited Method for user reporting of spam mobile messages and filter node
US9241259B2 (en) 2012-11-30 2016-01-19 Websense, Inc. Method and apparatus for managing the transfer of sensitive information to mobile devices
US9202050B1 (en) * 2012-12-14 2015-12-01 Symantec Corporation Systems and methods for detecting malicious files
JP2017503222A (en) 2013-01-25 2017-01-26 レムテクス, インコーポレイテッド Network security system, method and apparatus
US9525700B1 (en) 2013-01-25 2016-12-20 REMTCS Inc. System and method for detecting malicious activity and harmful hardware/software modifications to a vehicle
US8856324B2 (en) 2013-01-28 2014-10-07 TrustPipe LLC System and method for detecting a compromised computing system
US8935783B2 (en) 2013-03-08 2015-01-13 Bitdefender IPR Management Ltd. Document classification using multiscale text fingerprints
US8959595B2 (en) 2013-03-15 2015-02-17 Bullaproof, Inc. Methods and systems for providing secure transactions
US9792436B1 (en) * 2013-04-29 2017-10-17 Symantec Corporation Techniques for remediating an infected file
RU2583713C2 (en) 2013-06-06 2016-05-10 Закрытое акционерное общество "Лаборатория Касперского" System and method of eliminating shingles from insignificant parts of messages when filtering spam
EP2811699B1 (en) * 2013-06-06 2015-11-25 Kaspersky Lab, ZAO System and method for spam filtering using shingles
US9544256B2 (en) * 2013-06-28 2017-01-10 Td Ameritrade Ip Company, Inc. Crowdsourcing e-mail filtering
US9319425B2 (en) * 2013-07-23 2016-04-19 Crypteia Networks S.A. Systems and methods for self-tuning network intrusion detection and prevention
US10075460B2 (en) 2013-10-16 2018-09-11 REMTCS Inc. Power grid universal detection and countermeasure overlay intelligence ultra-low latency hypervisor
US9392007B2 (en) 2013-11-04 2016-07-12 Crypteia Networks S.A. System and method for identifying infected networks and systems from unknown attacks
US10098051B2 (en) 2014-01-22 2018-10-09 Cisco Technology, Inc. Gateways and routing in software-defined manets
US9223971B1 (en) * 2014-01-28 2015-12-29 Exelis Inc. User reporting and automatic threat processing of suspicious email
US10469510B2 (en) * 2014-01-31 2019-11-05 Juniper Networks, Inc. Intermediate responses for non-html downloads
US9954678B2 (en) 2014-02-06 2018-04-24 Cisco Technology, Inc. Content-based transport security
US9264418B1 (en) * 2014-02-20 2016-02-16 Amazon Technologies, Inc. Client-side spam detection and prevention
US9836540B2 (en) 2014-03-04 2017-12-05 Cisco Technology, Inc. System and method for direct storage access in a content-centric network
US9626413B2 (en) 2014-03-10 2017-04-18 Cisco Systems, Inc. System and method for ranking content popularity in a content-centric network
US9473405B2 (en) * 2014-03-10 2016-10-18 Palo Alto Research Center Incorporated Concurrent hashes and sub-hashes on data streams
EP3120589B1 (en) * 2014-03-21 2017-08-09 Telefonaktiebolaget LM Ericsson (publ) Addressing for device to device communications
US10057850B2 (en) * 2014-03-24 2018-08-21 Acer Incorporated Methods for deferring communications between a mobile communication device and a service network
US9716622B2 (en) 2014-04-01 2017-07-25 Cisco Technology, Inc. System and method for dynamic name configuration in content-centric networks
US9473576B2 (en) 2014-04-07 2016-10-18 Palo Alto Research Center Incorporated Service discovery using collection synchronization with exact names
US20150295869A1 (en) * 2014-04-14 2015-10-15 Microsoft Corporation Filtering Electronic Messages
US10333877B2 (en) * 2014-04-29 2019-06-25 At&T Intellectual Property I, L.P. Methods of generating signatures from groups of electronic messages and related methods and systems for identifying spam messages
US9992281B2 (en) 2014-05-01 2018-06-05 Cisco Technology, Inc. Accountable content stores for information centric networks
US9928465B2 (en) * 2014-05-20 2018-03-27 Oath Inc. Machine learning and validation of account names, addresses, and/or identifiers
US9609014B2 (en) 2014-05-22 2017-03-28 Cisco Systems, Inc. Method and apparatus for preventing insertion of malicious content at a named data network router
US9443108B1 (en) * 2014-06-27 2016-09-13 Amazon Technologies, Inc. Secure timestamping
US9699198B2 (en) 2014-07-07 2017-07-04 Cisco Technology, Inc. System and method for parallel secure content bootstrapping in content-centric networks
US9621354B2 (en) 2014-07-17 2017-04-11 Cisco Systems, Inc. Reconstructable content objects
US9729616B2 (en) 2014-07-18 2017-08-08 Cisco Technology, Inc. Reputation-based strategy for forwarding and responding to interests over a content centric network
US9590887B2 (en) 2014-07-18 2017-03-07 Cisco Systems, Inc. Method and system for keeping interest alive in a content centric network
US9882964B2 (en) 2014-08-08 2018-01-30 Cisco Technology, Inc. Explicit strategy feedback in name-based forwarding
US9729662B2 (en) 2014-08-11 2017-08-08 Cisco Technology, Inc. Probabilistic lazy-forwarding technique without validation in a content centric network
US9800637B2 (en) 2014-08-19 2017-10-24 Cisco Technology, Inc. System and method for all-in-one content stream in content-centric networks
US9363280B1 (en) 2014-08-22 2016-06-07 Fireeye, Inc. System and method of detecting delivery of malware using cross-customer data
US9876806B2 (en) * 2014-09-25 2018-01-23 Mcafee, Llc Behavioral detection of malware agents
US10069933B2 (en) 2014-10-23 2018-09-04 Cisco Technology, Inc. System and method for creating virtual interfaces based on network characteristics
US9942182B2 (en) * 2014-11-17 2018-04-10 At&T Intellectual Property I, L.P. System and method for cloud based IP mobile messaging spam detection and defense
US9160680B1 (en) 2014-11-18 2015-10-13 Kaspersky Lab Zao System and method for dynamic network resource categorization re-assignment
US10044625B2 (en) 2014-11-25 2018-08-07 Keysight Technologies Singapore (Holdings) Pte Ltd Hash level load balancing for deduplication of network packets
US9590948B2 (en) 2014-12-15 2017-03-07 Cisco Systems, Inc. CCN routing using hardware-assisted hash tables
US10237189B2 (en) 2014-12-16 2019-03-19 Cisco Technology, Inc. System and method for distance-based interest forwarding
US10003520B2 (en) 2014-12-22 2018-06-19 Cisco Technology, Inc. System and method for efficient name-based content routing using link-state information in information-centric networks
US9660825B2 (en) 2014-12-24 2017-05-23 Cisco Technology, Inc. System and method for multi-source multicasting in content-centric networks
US9954795B2 (en) 2015-01-12 2018-04-24 Cisco Technology, Inc. Resource allocation using CCN manifests
US9916457B2 (en) 2015-01-12 2018-03-13 Cisco Technology, Inc. Decoupled name security binding for CCN objects
US9946743B2 (en) 2015-01-12 2018-04-17 Cisco Technology, Inc. Order encoded manifests in a content centric network
US9832291B2 (en) 2015-01-12 2017-11-28 Cisco Technology, Inc. Auto-configurable transport stack
US9608810B1 (en) 2015-02-05 2017-03-28 Ionic Security Inc. Systems and methods for encryption and provision of information security using platform services
US10333840B2 (en) 2015-02-06 2019-06-25 Cisco Technology, Inc. System and method for on-demand content exchange with adaptive naming in information-centric networks
US10075401B2 (en) 2015-03-18 2018-09-11 Cisco Technology, Inc. Pending interest table behavior
US9646159B2 (en) * 2015-03-31 2017-05-09 Juniper Networks, Inc. Multi-file malware analysis
US9781131B2 (en) * 2015-04-22 2017-10-03 Aktiebolaget Skf Systems and methods for securing remote configuration
US9641543B2 (en) * 2015-04-22 2017-05-02 Aktiebolaget AKF Systems and methods for securing remote configuration
US9473438B1 (en) 2015-05-27 2016-10-18 OTC Systems Ltd. System for analyzing email for compliance with rules
US10075402B2 (en) 2015-06-24 2018-09-11 Cisco Technology, Inc. Flexible command and control in content centric networks
RU2629444C2 (en) * 2015-06-30 2017-08-29 Общество С Ограниченной Ответственностью "Яндекс" Method and server for determining spam activity in cloud system
US9986034B2 (en) 2015-08-03 2018-05-29 Cisco Technology, Inc. Transferring state in content centric network stacks
CN105160268B (en) * 2015-08-06 2018-06-01 武汉亚星电子技术有限责任公司 Data tracking and monitoring system, intelligent router and its data tracking monitoring method
US9832123B2 (en) 2015-09-11 2017-11-28 Cisco Technology, Inc. Network named fragments in a content centric network
US10355999B2 (en) 2015-09-23 2019-07-16 Cisco Technology, Inc. Flow control with network named fragments
US9977809B2 (en) 2015-09-24 2018-05-22 Cisco Technology, Inc. Information and data framework in a content centric network
US10313227B2 (en) 2015-09-24 2019-06-04 Cisco Technology, Inc. System and method for eliminating undetected interest looping in information-centric networks
US10454820B2 (en) 2015-09-29 2019-10-22 Cisco Technology, Inc. System and method for stateless information-centric networking
US10263965B2 (en) 2015-10-16 2019-04-16 Cisco Technology, Inc. Encrypted CCNx
US9912776B2 (en) 2015-12-02 2018-03-06 Cisco Technology, Inc. Explicit content deletion commands in a content centric network
US10097346B2 (en) 2015-12-09 2018-10-09 Cisco Technology, Inc. Key catalogs in a content centric network
US20170169251A1 (en) * 2015-12-15 2017-06-15 Yahoo! Inc. Enforcing anonymity in the auditing of electronic documents
US10503730B1 (en) 2015-12-28 2019-12-10 Ionic Security Inc. Systems and methods for cryptographically-secure queries using filters generated by multiple parties
US10257271B2 (en) 2016-01-11 2019-04-09 Cisco Technology, Inc. Chandra-Toueg consensus in a content centric network
US10305864B2 (en) 2016-01-25 2019-05-28 Cisco Technology, Inc. Method and system for interest encryption in a content centric network
US10187400B1 (en) * 2016-02-23 2019-01-22 Area 1 Security, Inc. Packet filters in security appliances with modes and intervals
US10043016B2 (en) 2016-02-29 2018-08-07 Cisco Technology, Inc. Method and system for name encryption agreement in a content centric network
US10003507B2 (en) 2016-03-04 2018-06-19 Cisco Technology, Inc. Transport session state protocol
US10038633B2 (en) 2016-03-04 2018-07-31 Cisco Technology, Inc. Protocol to query for historical network information in a content centric network
US10051071B2 (en) 2016-03-04 2018-08-14 Cisco Technology, Inc. Method and system for collecting historical network information in a content centric network
US9832116B2 (en) 2016-03-14 2017-11-28 Cisco Technology, Inc. Adjusting entries in a forwarding information base in a content centric network
US10212196B2 (en) 2016-03-16 2019-02-19 Cisco Technology, Inc. Interface discovery and authentication in a name-based network
US10067948B2 (en) 2016-03-18 2018-09-04 Cisco Technology, Inc. Data deduping in content centric networking manifests
US10091330B2 (en) 2016-03-23 2018-10-02 Cisco Technology, Inc. Interest scheduling by an information and data framework in a content centric network
US10033639B2 (en) 2016-03-25 2018-07-24 Cisco Technology, Inc. System and method for routing packets in a content centric network using anonymous datagrams
US10320760B2 (en) 2016-04-01 2019-06-11 Cisco Technology, Inc. Method and system for mutating and caching content in a content centric network
US9930146B2 (en) 2016-04-04 2018-03-27 Cisco Technology, Inc. System and method for compressing content centric networking messages
US10425503B2 (en) 2016-04-07 2019-09-24 Cisco Technology, Inc. Shared pending interest table in a content centric network
US10027578B2 (en) 2016-04-11 2018-07-17 Cisco Technology, Inc. Method and system for routable prefix queries in a content centric network
US10404450B2 (en) 2016-05-02 2019-09-03 Cisco Technology, Inc. Schematized access control in a content centric network
US10320675B2 (en) 2016-05-04 2019-06-11 Cisco Technology, Inc. System and method for routing packets in a stateless content centric network
US10063414B2 (en) 2016-05-13 2018-08-28 Cisco Technology, Inc. Updating a transport stack in a content centric network
US10084764B2 (en) 2016-05-13 2018-09-25 Cisco Technology, Inc. System for a secure encryption proxy in a content centric network
US10103989B2 (en) 2016-06-13 2018-10-16 Cisco Technology, Inc. Content object return messages in a content centric network
US10305865B2 (en) 2016-06-21 2019-05-28 Cisco Technology, Inc. Permutation-based content encryption with manifests in a content centric network
RU2634180C1 (en) 2016-06-24 2017-10-24 Акционерное общество "Лаборатория Касперского" System and method for determining spam-containing message by topic of message sent via e-mail
US10148572B2 (en) 2016-06-27 2018-12-04 Cisco Technology, Inc. Method and system for interest groups in a content centric network
US10009266B2 (en) 2016-07-05 2018-06-26 Cisco Technology, Inc. Method and system for reference counted pending interest tables in a content centric network
US9992097B2 (en) 2016-07-11 2018-06-05 Cisco Technology, Inc. System and method for piggybacking routing information in interests in a content centric network
US10241847B2 (en) 2016-07-19 2019-03-26 2236008 Ontario Inc. Anomaly detection using sequences of system calls
US10122624B2 (en) 2016-07-25 2018-11-06 Cisco Technology, Inc. System and method for ephemeral entries in a forwarding information base in a content centric network
US10069729B2 (en) 2016-08-08 2018-09-04 Cisco Technology, Inc. System and method for throttling traffic based on a forwarding information base in a content centric network
US10033642B2 (en) 2016-09-19 2018-07-24 Cisco Technology, Inc. System and method for making optimal routing decisions based on device-specific parameters in a content centric network
US10212248B2 (en) 2016-10-03 2019-02-19 Cisco Technology, Inc. Cache management on high availability routers in a content centric network
US10447805B2 (en) 2016-10-10 2019-10-15 Cisco Technology, Inc. Distributed consensus in a content centric network
US10511563B2 (en) * 2016-10-28 2019-12-17 Micro Focus Llc Hashes of email text
US10135948B2 (en) 2016-10-31 2018-11-20 Cisco Technology, Inc. System and method for process migration in a content centric network
US10243851B2 (en) 2016-11-21 2019-03-26 Cisco Technology, Inc. System and method for forwarder connection information in a content centric network
US10142263B2 (en) 2017-02-21 2018-11-27 Keysight Technologies Singapore (Holdings) Pte Ltd Packet deduplication for network packet monitoring in virtual processing environments
US20190036965A1 (en) * 2017-07-27 2019-01-31 Cypress Semiconductor Corporation Generating and analyzing network profile data
US20190129924A1 (en) * 2017-10-27 2019-05-02 International Business Machines Corporation Displaying electronic text-based messages according to their typographic features

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5905859A (en) * 1997-01-09 1999-05-18 International Business Machines Corporation Managed network device security method and apparatus
US6119236A (en) * 1996-10-07 2000-09-12 Shipley; Peter M. Intelligent network security device and method
US6215763B1 (en) * 1997-10-29 2001-04-10 Lucent Technologies Inc. Multi-phase process for distributed precomputation of network signal paths
US6609205B1 (en) * 1999-03-18 2003-08-19 Cisco Technology, Inc. Network intrusion detection signature analysis using decision graphs
US6678270B1 (en) * 1999-03-12 2004-01-13 Sandstorm Enterprises, Inc. Packet interception system including arrangement facilitating authentication of intercepted packets
US6981158B1 (en) * 2000-06-19 2005-12-27 Bbnt Solutions Llc Method and apparatus for tracing packets

Family Cites Families (872)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2258112A5 (en) 1973-11-30 1975-08-08 Honeywell Bull Soc Ind
US3956615A (en) 1974-06-25 1976-05-11 Ibm Corporation Transaction execution system with secure data storage and communications
US4104721A (en) 1976-12-30 1978-08-01 International Business Machines Corporation Hierarchical security mechanism for dynamically assigning security levels to object programs
US4200770A (en) 1977-09-06 1980-04-29 Stanford University Cryptographic apparatus and method
US4405829A (en) 1977-12-14 1983-09-20 Massachusetts Institute Of Technology Cryptographic communications system and method
US4289930A (en) 1978-11-30 1981-09-15 The General Electric Company Limited Electronic apparatus for the display of information received over a line
US4386416A (en) 1980-06-02 1983-05-31 Mostek Corporation Data compression, encryption, and in-line transmission system
US4384325A (en) 1980-06-23 1983-05-17 Sperry Corporation Apparatus and method for searching a data base using variable search criteria
US4386233A (en) 1980-09-29 1983-05-31 Smid Miles E Crytographic key notarization methods and apparatus
US4442484A (en) 1980-10-14 1984-04-10 Intel Corporation Microprocessor memory management and protection mechanism
US4648031A (en) 1982-06-21 1987-03-03 International Business Machines Corporation Method and apparatus for restarting a computing system
US4532588A (en) 1982-11-09 1985-07-30 International Business Machines Corporation Electronic document distribution network with uniform data stream
US4641274A (en) * 1982-12-03 1987-02-03 International Business Machines Corporation Method for communicating changes made to text form a text processor to a remote host
NL8301458A (en) 1983-04-26 1984-11-16 Philips Nv A method for the distribution and use of encryption keys.
US4870571A (en) 1983-05-04 1989-09-26 The Johns Hopkins University Intercomputer communications based on message broadcasting with receiver selection
US4590470A (en) 1983-07-11 1986-05-20 At&T Bell Laboratories User authentication system employing encryption functions
US4926480A (en) 1983-08-22 1990-05-15 David Chaum Card-computer moderated systems
US4584639A (en) 1983-12-23 1986-04-22 Key Logic, Inc. Computer security system
US4621321A (en) 1984-02-16 1986-11-04 Honeywell Inc. Secure data processing system architecture
US4710763A (en) 1984-10-19 1987-12-01 Texas Instruments Incorporated Method for generating and displaying tree structures in a limited display area
US4713753A (en) 1985-02-21 1987-12-15 Honeywell Inc. Secure data processing system architecture with format control
US4754428A (en) 1985-04-15 1988-06-28 Express Communications, Inc. Apparatus and method of distributing documents to remote terminals with different formats
US4713780A (en) 1985-04-15 1987-12-15 Express Communications, Inc. Electronic mail
US4837798A (en) 1986-06-02 1989-06-06 American Telephone And Telegraph Company Communication system having unified messaging
NL8602418A (en) 1986-09-25 1988-04-18 Philips Nv An apparatus for reproducing a PCM modulated signal, is provided with a mute circuit.
US4914568A (en) 1986-10-24 1990-04-03 National Instruments, Inc. Graphical system for modelling a process and associated method
JP2702927B2 (en) 1987-06-15 1998-01-26 株式会社日立製作所 String search device
DE3851724T2 (en) 1987-07-08 1995-05-04 Matsushita Electric Ind Co Ltd Method and apparatus for the protection of copy signals.
FR2618002B1 (en) 1987-07-10 1991-07-05 Schlumberger Ind Sa Method and card authentication system has electronic memory
US4947430A (en) 1987-11-23 1990-08-07 David Chaum Undeniable signature systems
US6272632B1 (en) 1995-02-21 2001-08-07 Network Associates, Inc. System and method for controlling access to a user secret using a key recovery field
US4853961A (en) 1987-12-18 1989-08-01 Pitney Bowes Inc. Reliable document authentication system
US4885789A (en) 1988-02-01 1989-12-05 International Business Machines Corporation Remote trusted path mechanism for telnet
US4868877A (en) 1988-02-12 1989-09-19 Fischer Addison M Public key/signature cryptosystem with enhanced digital signature certification
US5005200A (en) 1988-02-12 1991-04-02 Fischer Addison M Public key/signature cryptosystem with enhanced digital signature certification
US5214702A (en) 1988-02-12 1993-05-25 Fischer Addison M Public key/signature cryptosystem with enhanced digital signature certification
CA1314101C (en) 1988-02-17 1993-03-02 Henry Shao-Lin Teng Expert system for security inspection of a digital computer system in a network environment
US4951196A (en) 1988-05-04 1990-08-21 Supply Tech, Inc. Method and apparatus for electronic data interchange
US5008814A (en) 1988-08-15 1991-04-16 Network Equipment Technologies, Inc. Method and apparatus for updating system software for a plurality of data processing units in a communication network
US5144660A (en) 1988-08-31 1992-09-01 Rose Anthony M Securing a computer against undesired write operations to or read operations from a mass storage device
US5054096A (en) 1988-10-24 1991-10-01 Empire Blue Cross/Blue Shield Method and apparatus for converting documents into electronic data for transaction processing
US4975950A (en) 1988-11-03 1990-12-04 Lentz Stephen A System and method of protecting integrity of computer data and software
US5313637A (en) 1988-11-29 1994-05-17 Rose David K Method and apparatus for validating authorization to access information in an information processing system
US5167011A (en) 1989-02-15 1992-11-24 W. H. Morris Method for coodinating information storage and retrieval
US5210824A (en) 1989-03-03 1993-05-11 Xerox Corporation Encoding-format-desensitized methods and means for interchanging electronic document as appearances
US5020059A (en) 1989-03-31 1991-05-28 At&T Bell Laboratories Reconfigurable signal processor
US5191611A (en) 1989-04-03 1993-03-02 Lang Gerald S Method and apparatus for protecting material on storage media and for transferring material on storage media to various recipients
US5144659A (en) 1989-04-19 1992-09-01 Richard P. Jones Computer file protection system
US5119465A (en) 1989-06-19 1992-06-02 Digital Equipment Corporation System for selectively converting plurality of source data structures through corresponding source intermediate structures, and target intermediate structures into selected target structure
US4996711A (en) * 1989-06-21 1991-02-26 Chaum David L Selected-exponent signature systems
GB8918553D0 (en) 1989-08-15 1989-09-27 Digital Equipment Int Message control system
US5105184B1 (en) 1989-11-09 1997-06-17 Noorali Pirani Methods for displaying and integrating commercial advertisements with computer software
US5495610A (en) * 1989-11-30 1996-02-27 Seer Technologies, Inc. Software distribution system to build and distribute a software release
GB8927623D0 (en) * 1989-12-06 1990-02-07 Bicc Plc Repeaters for secure local area networks
US5159685A (en) * 1989-12-06 1992-10-27 Racal Data Communications Inc. Expert system for communications network
EP0432333B1 (en) 1989-12-13 1996-02-14 International Business Machines Corporation Computer system security device
US5093914A (en) 1989-12-15 1992-03-03 At&T Bell Laboratories Method of controlling the execution of object-oriented programs
DE69031614D1 (en) * 1990-01-29 1997-11-27 Security Techn Corp Optionally, moderated transaction systems
US5263157A (en) 1990-02-15 1993-11-16 International Business Machines Corporation Method and system for providing user access control within a distributed data processing system by the exchange of access control profiles
JP3080382B2 (en) 1990-02-21 2000-08-28 株式会社日立製作所 Encrypted communication system
EP0451384B1 (en) 1990-04-10 1997-09-24 International Business Machines Corporation Hypertext data processing system and method
US5319776A (en) 1990-04-19 1994-06-07 Hilgraeve Corporation In transit detection of computer virus with safeguard
US5210825A (en) 1990-04-26 1993-05-11 Teknekron Communications Systems, Inc. Method and an apparatus for displaying graphical data received from a remote computer by a local computer
US5822527A (en) 1990-05-04 1998-10-13 Digital Equipment Corporation Method and apparatus for information stream filtration using tagged information access and action registration
US5226080A (en) 1990-06-22 1993-07-06 Grid Systems Corporation Method and apparatus for password protection of a computer
US5204961A (en) 1990-06-25 1993-04-20 Digital Equipment Corporation Computer network operating with multilevel hierarchical security with selectable common trust realms and corresponding security protocols
US5070528A (en) 1990-06-29 1991-12-03 Digital Equipment Corporation Generic encryption technique for communication networks
GB9015799D0 (en) 1990-07-18 1991-06-12 Plessey Telecomm A data communication system
US5124984A (en) 1990-08-07 1992-06-23 Concord Communications, Inc. Access controller for local area network
US5144557A (en) 1990-08-13 1992-09-01 International Business Machines Corporation Method and system for document distribution by reference to a first group and particular document to a second group of user in a data processing system
US5247661A (en) 1990-09-10 1993-09-21 International Business Machines Corporation Method and apparatus for automated document distribution in a data processing system
US5790198A (en) 1990-09-10 1998-08-04 Starsight Telecast, Inc. Television schedule information transmission and utilization system and process
US5276869A (en) * 1990-09-10 1994-01-04 International Business Machines Corporation System for selecting document recipients as determined by technical content of document and for electronically corroborating receipt of document
US5315657A (en) 1990-09-28 1994-05-24 Digital Equipment Corporation Compound principals in access control lists
US5224163A (en) 1990-09-28 1993-06-29 Digital Equipment Corporation Method for delegating authorization from one entity to another through the use of session encryption keys
US5239466A (en) 1990-10-04 1993-08-24 Motorola, Inc. System for selectively routing and merging independent annotations to a document at remote locations
US5153918A (en) 1990-11-19 1992-10-06 Vorec Corporation Security system for data communications
JP3161725B2 (en) * 1990-11-21 2001-04-25 株式会社日立製作所 Workstations and co-processing system
US5283887A (en) * 1990-12-19 1994-02-01 Bull Hn Information Systems Inc. Automatic document format conversion in an electronic mail system based upon user preference
US5263147A (en) 1991-03-01 1993-11-16 Hughes Training, Inc. System for providing high security for personal computers and workstations
JP3177684B2 (en) 1991-03-14 2001-06-18 株式会社日立製作所 E-mail system
US5424724A (en) 1991-03-27 1995-06-13 International Business Machines Corporation Method and apparatus for enhanced electronic mail distribution
US5272754A (en) 1991-03-28 1993-12-21 Secure Computing Corporation Secure computer interface
US5513323A (en) 1991-06-14 1996-04-30 International Business Machines Corporation Method and apparatus for multistage document format transformation in a data processing system
US5228083A (en) 1991-06-28 1993-07-13 Digital Equipment Corporation Cryptographic processing in a communication network, using a single cryptographic engine
US5577209A (en) 1991-07-11 1996-11-19 Itt Corporation Apparatus and method for providing multi-level security for communication among computers and terminals on a network
US5379340A (en) * 1991-08-02 1995-01-03 Betterprize Limited Text communication system
US5621579A (en) 1991-08-19 1997-04-15 Index Systems, Inc. Method for selectively playing back programs recorded on a video tape
US5367621A (en) 1991-09-06 1994-11-22 International Business Machines Corporation Data processing method to provide a generalized link from a reference point in an on-line book to an arbitrary multimedia object which can be dynamically updated
JPH06102822A (en) 1991-09-26 1994-04-15 Rooreru Intelligent Syst:Kk File security system
US5355474A (en) 1991-09-27 1994-10-11 Thuraisngham Bhavani M System for multilevel secure database management using a knowledge base with release-based and other security constraints for query, response and update modification
US5200999A (en) 1991-09-27 1993-04-06 International Business Machines Corporation Public key cryptosystem key management based on control vectors
US5177788A (en) 1991-10-15 1993-01-05 Ungermann-Bass, Inc. Network message security method and apparatus
US5265164A (en) 1991-10-31 1993-11-23 International Business Machines Corporation Cryptographic facility environment backup/restore and replication in a public key cryptosystem
US5164988A (en) 1991-10-31 1992-11-17 International Business Machines Corporation Method to establish and enforce a network cryptographic security policy in a public key cryptosystem
US5325370A (en) 1991-11-12 1994-06-28 Storage Technology Corporation Method and apparatus for recording data on magnetic tape media
US5276901A (en) * 1991-12-16 1994-01-04 International Business Machines Corporation System for controlling group access to objects using group access control folder and group identification as individual user
US5210795A (en) 1992-01-10 1993-05-11 Digital Equipment Corporation Secure user authentication from personal computer
FR2686755B1 (en) 1992-01-28 1995-02-03 Electricite De France
GB9205774D0 (en) 1992-03-17 1992-04-29 Int Computers Ltd Computer security system
US5333266A (en) 1992-03-27 1994-07-26 International Business Machines Corporation Method and apparatus for message handling in computer systems
US5649095A (en) 1992-03-30 1997-07-15 Cozza; Paul D. Method and apparatus for detecting computer viruses through the use of a scan information cache
US5278460A (en) 1992-04-07 1994-01-11 Micron Technology, Inc. Voltage compensating CMOS input buffer
US5280527A (en) * 1992-04-14 1994-01-18 Kamahira Safe Co., Inc. Biometric token for authorizing access to a host system
US5313521A (en) 1992-04-15 1994-05-17 Fujitsu Limited Key distribution protocol for file transfer in the local area network
US5276735A (en) * 1992-04-17 1994-01-04 Secure Computing Corporation Data enclave and trusted path system
US5276737B1 (en) * 1992-04-20 1995-09-12 Silvio Micali Fair cryptosystems and methods of use
US5315658B1 (en) 1992-04-20 1995-09-12 Silvio Micali Fair cryptosystems and methods of use
DK170490B1 (en) 1992-04-28 1995-09-18 Multi Inform As Data Processing Plant
US5485409A (en) * 1992-04-30 1996-01-16 International Business Machines Corporation Automated penetration analysis system and method
US5278901A (en) * 1992-04-30 1994-01-11 International Business Machines Corporation Pattern-oriented intrusion-detection system and method
US5311593A (en) 1992-05-13 1994-05-10 Chipcom Corporation Security system for a network concentrator
US5412717A (en) 1992-05-15 1995-05-02 Fischer; Addison M. Computer system security method and apparatus having program authorization information data structures
US5241594A (en) 1992-06-02 1993-08-31 Hughes Aircraft Company One-time logon means and methods for distributed computing systems
GB9212655D0 (en) 1992-06-15 1992-07-29 Digital Equipment Int Communications system
WO1993026109A1 (en) 1992-06-17 1993-12-23 The Trustees Of The University Of Pennsylvania Apparatus for providing cryptographic support in a network
US5359659A (en) 1992-06-19 1994-10-25 Doren Rosenthal Method for securing software against corruption by computer viruses
GB9213169D0 (en) 1992-06-22 1992-08-05 Ncr Int Inc Cryptographic key management apparatus and method
US5235642A (en) 1992-07-21 1993-08-10 Digital Equipment Corporation Access control subsystem and method for distributed computer system using locally cached authentication credentials
IL102843A (en) 1992-08-17 1996-06-18 Zisapel Yehuda Carrier sensing multiple access/collision detection local area networks
US5418908A (en) 1992-10-15 1995-05-23 International Business Machines Corporation System for automatically establishing a link between an electronic mail item and a remotely stored reference through a place mark inserted into the item
US5432932A (en) 1992-10-23 1995-07-11 International Business Machines Corporation System and method for dynamically controlling remote processes from a performance monitor
JP3553987B2 (en) * 1992-11-13 2004-08-11 株式会社日立製作所 Client server system
US5675733A (en) 1992-11-30 1997-10-07 International Business Machines Corporation Statistical analysis and display of reception status of electronic messages
US5666530A (en) 1992-12-02 1997-09-09 Compaq Computer Corporation System for automatic synchronization of common file between portable computer and host computer via communication channel selected from a plurality of usable channels there between
US5410326A (en) 1992-12-04 1995-04-25 Goldstein; Steven W. Programmable remote control device for interacting with a plurality of remotely controlled devices
US5341426A (en) 1992-12-15 1994-08-23 Motorola, Inc. Cryptographic key management apparatus and method
WO1994013797A1 (en) 1992-12-15 1994-06-23 Commonwealth Scientific & Industrial Research Organisation Dna molecules encoding inducible plant promoters and tomato adh2 enzyme
US5828893A (en) 1992-12-24 1998-10-27 Motorola, Inc. System and method of communicating between trusted and untrusted computer systems
US5544320A (en) 1993-01-08 1996-08-06 Konrad; Allan M. Remote information service access system based on a client-server-service model
US5440723A (en) 1993-01-19 1995-08-08 International Business Machines Corporation Automatic immune system for computers and computer networks
US5406557A (en) 1993-02-01 1995-04-11 National Semiconductor Corporation Interenterprise electronic mail hub
US5351293A (en) 1993-02-01 1994-09-27 Wave Systems Corp. System method and apparatus for authenticating an encrypted signal
US5586260A (en) 1993-02-12 1996-12-17 Digital Equipment Corporation Method and apparatus for authenticating a client to a server in computer systems which support different security mechanisms
US5299263A (en) 1993-03-04 1994-03-29 Bell Communications Research, Inc. Two-way public key authentication and key agreement for low-cost terminals
US5479411A (en) 1993-03-10 1995-12-26 At&T Corp. Multi-media integrated message arrangement
US5414650A (en) 1993-03-24 1995-05-09 Compression Research Group, Inc. Parsing information onto packets using context-insensitive parsing rules based on packet characteristics
US5404231A (en) 1993-05-24 1995-04-04 Audiofax, Inc. Sender-based facsimile store and forward facility
FR2706652B1 (en) 1993-06-09 1995-08-18 Alsthom Cge Alcatel Device for detecting intrusion and suspect users for data processing system and security system comprising such a device.
JPH0764788A (en) 1993-06-14 1995-03-10 Mitsubishi Electric Corp Micro computer
JPH0737087A (en) 1993-07-19 1995-02-07 Matsushita Electric Ind Co Ltd Picture processor
JPH0779298A (en) 1993-09-08 1995-03-20 Hitachi Ltd Facsimile server system
US5983012A (en) 1993-09-28 1999-11-09 Bull Hn Information Systems Inc. Executing programs of a first system on a second system
US5436972A (en) 1993-10-04 1995-07-25 Fischer; Addison M. Method for preventing inadvertent betrayal by a trustee of escrowed digital secrets
US5657461A (en) 1993-10-04 1997-08-12 Xerox Corporation User interface for defining and automatically transmitting data according to preferred communication channels
US5513126A (en) 1993-10-04 1996-04-30 Xerox Corporation Network having selectively accessible recipient prioritized communication channel profiles
US5414833A (en) 1993-10-27 1995-05-09 International Business Machines Corporation Network security system and method using a parallel finite state machine adaptive active monitor and responder
US5371794A (en) 1993-11-02 1994-12-06 Sun Microsystems, Inc. Method and apparatus for privacy and authentication in wireless networks
US5771354A (en) * 1993-11-04 1998-06-23 Crawford; Christopher M. Internet online backup system provides remote storage for customers using IDs and passwords which were interactively established when signing up for backup services
US5499294A (en) 1993-11-24 1996-03-12 The United States Of America As Represented By The Administrator Of The National Aeronautics And Space Administration Digital camera with apparatus for authentication of images produced from an image file
FR2713419B1 (en) 1993-12-02 1996-07-05 Gemplus Card Int The process of DSA signature generation with portable devices at low cost.
AU1265195A (en) 1993-12-06 1995-06-27 Telequip Corporation Secure computer memory card
DE69330065T2 (en) 1993-12-08 2001-08-09 Ibm Method and system for key distribution and authentication in a data transmission system
US5606668A (en) * 1993-12-15 1997-02-25 Checkpoint Software Technologies Ltd. System for securing inbound and outbound data packet flow in a computer network
US5491750A (en) * 1993-12-30 1996-02-13 International Business Machines Corporation Method and apparatus for three-party entity authentication and key distribution using message authentication codes
NZ279622A (en) * 1994-01-13 1998-04-27 Certco Llc Encrypted secure and verifiable communication: cryptographic keys escrowed
US5509074A (en) 1994-01-27 1996-04-16 At&T Corp. Method of protecting electronically published materials using cryptographic protocols
US5485455A (en) * 1994-01-28 1996-01-16 Cabletron Systems, Inc. Network having secure fast packet switching and guaranteed quality of service
US6381694B1 (en) 1994-02-18 2002-04-30 Apple Computer, Inc. System for automatic recovery from software problems that cause computer failure
US5557742A (en) 1994-03-07 1996-09-17 Haystack Labs, Inc. Method and system for detecting intrusion into and misuse of a data processing system
US5572590A (en) 1994-04-12 1996-11-05 International Business Machines Corporation Discrimination of malicious changes to digital information using multiple signatures
US5481613A (en) * 1994-04-15 1996-01-02 Northern Telecom Limited Computer network cryptographic key distribution system
US5627977A (en) 1994-04-19 1997-05-06 Orchid Systems, Inc. Trainable user interface translator
US5541993A (en) 1994-05-10 1996-07-30 Fan; Eric Structure and method for secure image transmission
US5511122A (en) 1994-06-03 1996-04-23 The United States Of America As Represented By The Secretary Of The Navy Intermediate network authentication
US5416842A (en) 1994-06-10 1995-05-16 Sun Microsystems, Inc. Method and apparatus for key-management scheme for use with internet protocols at site firewalls
US5561703A (en) 1994-07-06 1996-10-01 Rolm Company System and method for integration of a paging server into a private branch exchange environment
US5615340A (en) 1994-07-21 1997-03-25 Allied Telesyn Int'l Corp. Network interfacing apparatus and method using repeater and cascade interface with scrambling
US5537533A (en) 1994-08-11 1996-07-16 Miralink Corporation System and method for remote mirroring of digital data from a primary network server to a remote network server
US5557765A (en) 1994-08-11 1996-09-17 Trusted Information Systems, Inc. System and method for data recovery
US5557346A (en) 1994-08-11 1996-09-17 Trusted Information Systems, Inc. System and method for key escrow encryption
WO1996005674A1 (en) 1994-08-12 1996-02-22 Frank Thomson Leighton Failsafe key escrow system
US5485460A (en) * 1994-08-19 1996-01-16 Microsoft Corporation System and method for running multiple incompatible network protocol stacks
US5604490A (en) * 1994-09-09 1997-02-18 International Business Machines Corporation Method and system for providing a user access to multiple secured subsystems
US5481312A (en) * 1994-09-12 1996-01-02 At&T Corp. Method of and apparatus for the transmission of high and low priority segments of a video bitstream over packet networks
US5548646A (en) 1994-09-15 1996-08-20 Sun Microsystems, Inc. System for signatureless transmission and reception of data packets between computer networks
US5740231A (en) 1994-09-16 1998-04-14 Octel Communications Corporation Network-based multimedia communications and directory system and method of operation
US5933478A (en) 1994-09-28 1999-08-03 Hitachi, Ltd. Data transfer system and handheld terminal device used therefor
US5794047A (en) 1994-09-29 1998-08-11 International Business Machines Corporation Method of walking-up a call stack for a client/server program that uses remote procedure call
JPH0897159A (en) 1994-09-29 1996-04-12 Handotai Process Kenkyusho:Kk Method and system for epitaxial growth
US5974141A (en) 1995-03-31 1999-10-26 Mitsubishi Corporation Data management system
US5864683A (en) * 1994-10-12 1999-01-26 Secure Computing Corporartion System for providing secure internetwork by connecting type enforcing secure computers to external network for limiting access to data based on user and process access rights
US5535276A (en) 1994-11-09 1996-07-09 Bell Atlantic Network Services, Inc. Yaksha, an improved system and method for securing communications using split private key asymmetric cryptography
GB2295299B (en) 1994-11-16 1999-04-28 Network Services Inc Enterpris Enterprise network management method and apparatus
US5623601A (en) 1994-11-18 1997-04-22 Milkway Networks Corporation Apparatus and method for providing a secure gateway for communication and data exchanges between networks
US5623598A (en) 1994-11-22 1997-04-22 Hewlett-Packard Company Method for identifying ways to improve performance in computer data storage systems
US5805719A (en) 1994-11-28 1998-09-08 Smarttouch Tokenless identification of individuals
US6154879A (en) * 1994-11-28 2000-11-28 Smarttouch, Inc. Tokenless biometric ATM access system
US5758257A (en) 1994-11-29 1998-05-26 Herz; Frederick System and method for scheduling broadcast of and access to video programs and other data using customer profiles
US5619648A (en) 1994-11-30 1997-04-08 Lucent Technologies Inc. Message filtering techniques
US5608874A (en) 1994-12-02 1997-03-04 Autoentry Online, Inc. System and method for automatic data file format translation and transmission having advanced features
US5550984A (en) 1994-12-07 1996-08-27 Matsushita Electric Corporation Of America Security system for preventing unauthorized communications between networks by translating communications received in ip protocol to non-ip protocol to remove address and routing services information
US5646997A (en) 1994-12-14 1997-07-08 Barton; James M. Method and apparatus for embedding authentication information within digital data
US5530852A (en) 1994-12-20 1996-06-25 Sun Microsystems, Inc. Method for extracting profiles and topics from a first file written in a first markup language and generating files in different markup languages containing the profiles and topics for use in accessing data described by the profiles and topics
US5566170A (en) 1994-12-29 1996-10-15 Storage Technology Corporation Method and apparatus for accelerated packet forwarding
US5694616A (en) 1994-12-30 1997-12-02 International Business Machines Corporation Method and system for prioritization of email items by selectively associating priority attribute with at least one and fewer than all of the recipients
US5638487A (en) 1994-12-30 1997-06-10 Purespeech, Inc. Automatic speech recognition
US5878230A (en) 1995-01-05 1999-03-02 International Business Machines Corporation System for email messages wherein the sender designates whether the recipient replies or forwards to addresses also designated by the sender
US5583995A (en) 1995-01-30 1996-12-10 Mrj, Inc. Apparatus and method for data storage and retrieval using bandwidth allocation
US5504454A (en) 1995-01-30 1996-04-02 Westinghouse Elec. Corp. Demodulator for powerline carrier communications
US6658568B1 (en) 1995-02-13 2003-12-02 Intertrust Technologies Corporation Trusted infrastructure support system, methods and techniques for secure electronic commerce transaction and rights management
US5835758A (en) 1995-02-28 1998-11-10 Vidya Technologies, Inc. Method and system for respresenting and processing physical and conceptual entities
US5655081A (en) 1995-03-08 1997-08-05 Bmc Software, Inc. System for monitoring and managing computer resources and applications across a distributed computing environment using an intelligent autonomous agent architecture
US5564106A (en) 1995-03-09 1996-10-08 Motorola, Inc. Method for providing blind access to an encryption key
US5710883A (en) * 1995-03-10 1998-01-20 Stanford University Hypertext document transport mechanism for firewall-compatible distributed world-wide web publishing
US5553145A (en) 1995-03-21 1996-09-03 Micali; Silvia Simultaneous electronic transactions with visible trusted parties
US5699513A (en) 1995-03-31 1997-12-16 Motorola, Inc. Method for secure network access via message intercept
US5790793A (en) 1995-04-04 1998-08-04 Higley; Thomas Method and system to create, transmit, receive and process information, including an address to further information
IL113259A (en) * 1995-04-05 2001-03-19 Diversinet Corp Apparatus and method for safe communication handshake and data transfer
US5677955A (en) 1995-04-07 1997-10-14 Financial Services Technology Consortium Electronic funds transfer instruments
US5852665A (en) 1995-04-13 1998-12-22 Fortress U & T Ltd. Internationally regulated system for one to one cryptographic communications with national sovereignty without key escrow
US5724512A (en) 1995-04-17 1998-03-03 Lucent Technologies Inc. Methods and apparatus for storage and retrieval of name space information in a distributed computing system
US6119142A (en) 1995-04-25 2000-09-12 Canon Kabushiki Kaisha Data communication apparatus for managing information indicating that data has reached its destination
US5675507A (en) 1995-04-28 1997-10-07 Bobo, Ii; Charles R. Message storage and delivery system
US5790856A (en) 1995-05-08 1998-08-04 Apple Computer, Inc. Methods, apparatus, and data structures for data driven computer patches and static analysis of same
JP3338585B2 (en) * 1995-05-16 2002-10-28 富士通株式会社 Conversion apparatus and method of presentation data
US5632011A (en) 1995-05-22 1997-05-20 Sterling Commerce, Inc. Electronic mail management system for operation on a host computer system
AT492088T (en) 1995-06-05 2011-01-15 Cqrcert Llc Method and device for the digital signature in several steps
US5708780A (en) * 1995-06-07 1998-01-13 Open Market, Inc. Internet server access control and monitoring systems
US5812776A (en) 1995-06-07 1998-09-22 Open Market, Inc. Method of providing internet pages by mapping telephone number provided by client to URL and returning the same in a redirect command by server
US5636371A (en) 1995-06-07 1997-06-03 Bull Hn Information Systems Inc. Virtual network mechanism to access well known port application programs running on a single host system
US5689565A (en) 1995-06-29 1997-11-18 Microsoft Corporation Cryptography system and method for providing cryptographic services for a computer application
US5761531A (en) 1995-06-30 1998-06-02 Fujitsu Limited Input/output control apparatus and method for transfering track data from cache module to channel unit during the staging of the data track from device adapter
US5706507A (en) * 1995-07-05 1998-01-06 International Business Machines Corporation System and method for controlling access to data located on a content server
GB2303947A (en) 1995-07-31 1997-03-05 Ibm Boot sector virus protection in computer systems
JPH0954699A (en) 1995-08-11 1997-02-25 Fujitsu Ltd Process scheduler of the computer
US5742759A (en) 1995-08-18 1998-04-21 Sun Microsystems, Inc. Method and system for facilitating access control to system resources in a distributed computer system
EP0762337A3 (en) 1995-09-08 2000-01-19 Francotyp-Postalia Aktiengesellschaft & Co. Method and device for enhancing manipulation-proof of critical data
US6134551A (en) 1995-09-15 2000-10-17 Intel Corporation Method of caching digital certificate revocation lists
US5631961A (en) 1995-09-15 1997-05-20 The United States Of America As Represented By The Director Of The National Security Agency Device for and method of cryptography that allows third party access
US5623600A (en) 1995-09-26 1997-04-22 Trend Micro, Incorporated Virus detection and removal apparatus for computer networks
US5889943A (en) 1995-09-26 1999-03-30 Trend Micro Incorporated Apparatus and method for electronic mail virus detection and elimination
US5826013A (en) 1995-09-28 1998-10-20 Symantec Corporation Polymorphic virus detection module
US5854916A (en) 1995-09-28 1998-12-29 Symantec Corporation State-based cache for antivirus software
US5696822A (en) 1995-09-28 1997-12-09 Symantec Corporation Polymorphic virus detection module
US6487658B1 (en) 1995-10-02 2002-11-26 Corestreet Security, Ltd. Efficient certificate revocation
US5859966A (en) * 1995-10-10 1999-01-12 Data General Corporation Security system for computer systems
US5572643A (en) 1995-10-19 1996-11-05 Judson; David H. Web browser with dynamic display of information objects during linking
US6766450B2 (en) 1995-10-24 2004-07-20 Corestreet, Ltd. Certificate revocation system
US5666416A (en) 1995-10-24 1997-09-09 Micali; Silvio Certificate revocation system
US5689566A (en) 1995-10-24 1997-11-18 Nguyen; Minhtam C. Network with secure communications sessions
US5687235A (en) 1995-10-26 1997-11-11 Novell, Inc. Certificate revocation performance optimization
US5948062A (en) 1995-10-27 1999-09-07 Emc Corporation Network file server using a cached disk array storing a network file directory including file locking information and data mover computers each having file system software for shared read-write file access
US5826029A (en) 1995-10-31 1998-10-20 International Business Machines Corporation Secured gateway interface
US5724428A (en) 1995-11-01 1998-03-03 Rsa Data Security, Inc. Block encryption algorithm with data-dependent rotations
US6097811A (en) 1995-11-02 2000-08-01 Micali; Silvio Tree-based certificate revocation system
US5717758A (en) * 1995-11-02 1998-02-10 Micall; Silvio Witness-based certificate revocation system
US5793763A (en) 1995-11-03 1998-08-11 Cisco Technology, Inc. Security system for network address translation systems
US5923846A (en) 1995-11-06 1999-07-13 Microsoft Corporation Method of uploading a message containing a file reference to a server and downloading a file from the server using the file reference
US5764906A (en) 1995-11-07 1998-06-09 Netword Llc Universal electronic resource denotation, request and delivery system
US5671279A (en) 1995-11-13 1997-09-23 Netscape Communications Corporation Electronic commerce using a secure courier system
US5699431A (en) 1995-11-13 1997-12-16 Northern Telecom Limited Method for efficient management of certificate revocation lists and update information
JPH09153050A (en) 1995-11-29 1997-06-10 Hitachi Ltd Method and device for gathering document information
JP3688830B2 (en) 1995-11-30 2005-08-31 株式会社東芝 Packet transfer method and packet processing apparatus
US5937164A (en) 1995-12-07 1999-08-10 Hyperlock Technologies, Inc. Method and apparatus of secure server control of local media via a trigger through a network for instant local access of encrypted data on local media within a platform independent networking system
US5812844A (en) 1995-12-07 1998-09-22 Microsoft Corporation Method and system for scheduling the execution of threads using optional time-specific scheduling constraints
US5758343A (en) 1995-12-08 1998-05-26 Ncr Corporation Apparatus and method for integrating multiple delegate directory service agents
US5745574A (en) 1995-12-15 1998-04-28 Entegrity Solutions Corporation Security infrastructure for electronic transactions
US5793954A (en) 1995-12-20 1998-08-11 Nb Networks System and method for general purpose network analysis
US5706442A (en) * 1995-12-20 1998-01-06 Block Financial Corporation System for on-line financial services using distributed objects
US5903723A (en) 1995-12-21 1999-05-11 Intel Corporation Method and apparatus for transmitting electronic mail attachments with attachment references
US5781901A (en) 1995-12-21 1998-07-14 Intel Corporation Transmitting electronic mail attachment over a network using a e-mail page
US5602918A (en) * 1995-12-22 1997-02-11 Virtual Open Network Environment Corp. Application level security system and method
CA2242596C (en) 1996-01-11 2012-06-19 Mrj, Inc. System for controlling access and distribution of digital property
US5801700A (en) 1996-01-19 1998-09-01 Silicon Graphics Incorporated System and method for an iconic drag and drop interface for electronic file transfer
US5826014A (en) 1996-02-06 1998-10-20 Network Engineering Software Firewall system for protecting network elements connected to a public network
JP3165366B2 (en) 1996-02-08 2001-05-14 株式会社日立製作所 Network security system
US6067410A (en) 1996-02-09 2000-05-23 Symantec Corporation Emulation repair system
US5963915A (en) 1996-02-21 1999-10-05 Infoseek Corporation Secure, convenient and efficient system and method of performing trans-internet purchase transactions
US5855020A (en) 1996-02-21 1998-12-29 Infoseek Corporation Web scan process
US5751956A (en) 1996-02-21 1998-05-12 Infoseek Corporation Method and apparatus for redirection of server external hyper-link references
US5790664A (en) 1996-02-26 1998-08-04 Network Engineering Software, Inc. Automated system for management of licensed software
US6075863A (en) 1996-02-28 2000-06-13 Encanto Networks Intelligent communication device
US5862325A (en) * 1996-02-29 1999-01-19 Intermind Corporation Computer-based communication system and method using metadata defining a control structure
US5768388A (en) 1996-03-01 1998-06-16 Goldwasser; Shafi Time delayed key escrow
US5684951A (en) 1996-03-20 1997-11-04 Synopsys, Inc. Method and system for user authorization over a multi-user computer system
US5673322A (en) 1996-03-22 1997-09-30 Bell Communications Research, Inc. System and method for providing protocol translation and filtering to access the world wide web from wireless or low-bandwidth networks
US5850442A (en) 1996-03-26 1998-12-15 Entegrity Solutions Corporation Secure world wide electronic commerce over an open network
US5826022A (en) 1996-04-05 1998-10-20 Sun Microsystems, Inc. Method and apparatus for receiving electronic mail
US5815573A (en) 1996-04-10 1998-09-29 International Business Machines Corporation Cryptographic key recovery system
US5727156A (en) 1996-04-10 1998-03-10 Hotoffice Technologies, Inc. Internet-based automatic publishing system
US5778372A (en) 1996-04-18 1998-07-07 Microsoft Corporation Remote retrieval and display management of electronic document with incorporated images
US5845084A (en) 1996-04-18 1998-12-01 Microsoft Corporation Automatic data display formatting with a networking application
US5815657A (en) 1996-04-26 1998-09-29 Verifone, Inc. System, method and article of manufacture for network electronic authorization utilizing an authorization instrument
US5864852A (en) * 1996-04-26 1999-01-26 Netscape Communications Corporation Proxy server caching mechanism that provides a file directory structure and a mapping mechanism within the file directory structure
US5793972A (en) 1996-05-03 1998-08-11 Westminster International Computers Inc. System and method providing an interactive response to direct mail by creating personalized web page based on URL provided on mail piece
US5842216A (en) 1996-05-03 1998-11-24 Mitsubishi Electric Information Technology Center America, Inc. System for sending small positive data notification messages over a network to indicate that a recipient node should obtain a particular version of a particular data item
US5742769A (en) 1996-05-06 1998-04-21 Banyan Systems, Inc. Directory with options for access to and display of email addresses
US5903651A (en) 1996-05-14 1999-05-11 Valicert, Inc. Apparatus and method for demonstrating and confirming the status of a digital certificates and other data
US5892825A (en) 1996-05-15 1999-04-06 Hyperlock Technologies Inc Method of secure server control of local media via a trigger through a network for instant local access of encrypted data on local media
US6085320A (en) 1996-05-15 2000-07-04 Rsa Security Inc. Client/server protocol for proving authenticity
US5884033A (en) 1996-05-15 1999-03-16 Spyglass, Inc. Internet filtering system for filtering data transferred over the internet utilizing immediate and deferred filtering actions
US5768528A (en) 1996-05-24 1998-06-16 V-Cast, Inc. Client-server system for delivery of online information
US6092067A (en) 1996-05-30 2000-07-18 Microsoft Corporation Desktop information manager for recording and viewing important events data structure
US5918013A (en) 1996-06-03 1999-06-29 Webtv Networks, Inc. Method of transcoding documents in a network environment using a proxy server
US5822526A (en) 1996-06-03 1998-10-13 Microsoft Corporation System and method for maintaining and administering email address names in a network
US6151643A (en) 1996-06-07 2000-11-21 Networks Associates, Inc. Automatic updating of diverse software products on multiple client computer systems by downloading scanning application to client computer and generating software list on client computer
US6078929A (en) 1996-06-07 2000-06-20 At&T Internet file system
US5812398A (en) 1996-06-10 1998-09-22 Sun Microsystems, Inc. Method and system for escrowed backup of hotelled world wide web sites
US6108688A (en) 1996-06-12 2000-08-22 Sun Microsystems, Inc. System for reminding a sender of an email if recipient of the email does not respond by a selected time set by the sender
US6178509B1 (en) * 1996-06-13 2001-01-23 Intel Corporation Tamper resistant methods and apparatus
US6373950B1 (en) 1996-06-17 2002-04-16 Hewlett-Packard Company System, method and article of manufacture for transmitting messages within messages utilizing an extensible, flexible architecture
US5798706A (en) 1996-06-18 1998-08-25 Raptor Systems, Inc. Detecting unauthorized network communication
US5901227A (en) 1996-06-20 1999-05-04 Novell, Inc. Method and apparatus for implementing partial and complete optional key escrow
US5991807A (en) 1996-06-24 1999-11-23 Nortel Networks Corporation System for controlling users access to a distributive network in accordance with constraints present in common access distributive network interface separate from a server
US5781857A (en) 1996-06-28 1998-07-14 Motorola, Inc. Method of establishing an email monitor responsive to a wireless communications system user
JP3531367B2 (en) 1996-07-04 2004-05-31 株式会社日立製作所 Translator
US5765030A (en) 1996-07-19 1998-06-09 Symantec Corp Processor emulator module having a variable pre-fetch queue size for program execution
US5796830A (en) 1996-07-29 1998-08-18 International Business Machines Corporation Interoperable cryptographic key recovery system
US5828832A (en) 1996-07-30 1998-10-27 Itt Industries, Inc. Mixed enclave operation in a computer network with multi-level network security
US5802178A (en) 1996-07-30 1998-09-01 Itt Industries, Inc. Stand alone device for providing security within computer networks
US5790789A (en) 1996-08-02 1998-08-04 Suarez; Larry Method and architecture for the creation, control and deployment of services within a distributed computer environment
US5943422A (en) 1996-08-12 1999-08-24 Intertrust Technologies Corp. Steganographic techniques for securely delivering electronic digital rights management control information over insecure communication channels
US5872931A (en) * 1996-08-13 1999-02-16 Veritas Software, Corp. Management agent automatically executes corrective scripts in accordance with occurrences of specified events regardless of conditions of management interface and management engine
US5711348A (en) * 1996-08-14 1998-01-27 Moog Inc. Hot gas control valve
US5907620A (en) 1996-08-23 1999-05-25 Cheyenne Property Trust Method and apparatus for enforcing the use of cryptography in an international cryptography framework
US5799083A (en) 1996-08-26 1998-08-25 Brothers; Harlan Jay Event verification system
US5793868A (en) 1996-08-29 1998-08-11 Micali; Silvio Certificate revocation system
US5717757A (en) * 1996-08-29 1998-02-10 Micali; Silvio Certificate issue lists
US5832208A (en) 1996-09-05 1998-11-03 Cheyenne Software International Sales Corp. Anti-virus agent for use with databases and mail servers
US5892903A (en) 1996-09-12 1999-04-06 Internet Security Systems, Inc. Method and apparatus for detecting and identifying security vulnerabilities in an open network computer communication system
US6072942A (en) 1996-09-18 2000-06-06 Secure Computing Corporation System and method of electronic mail filtering using interconnected nodes
US5950195A (en) 1996-09-18 1999-09-07 Secure Computing Corporation Generalized security policy management system and method
US5937066A (en) 1996-10-02 1999-08-10 International Business Machines Corporation Two-phase cryptographic key recovery system
US5951698A (en) 1996-10-02 1999-09-14 Trend Micro, Incorporated System, apparatus and method for the detection and removal of viruses in macros
JPH10111727A (en) 1996-10-03 1998-04-28 Toshiba Corp Information equipment having telephone function and security rearising method therefor
US6012144A (en) * 1996-10-08 2000-01-04 Pickett; Thomas E. Transaction security method and apparatus
US5835090A (en) 1996-10-16 1998-11-10 Etma, Inc. Desktop manager for graphical user interface based system with enhanced desktop
US5898830A (en) 1996-10-17 1999-04-27 Network Engineering Software Firewall providing enhanced network security and user transparency
US5930479A (en) 1996-10-21 1999-07-27 At&T Corp Communications addressing system
US6192407B1 (en) * 1996-10-24 2001-02-20 Tumbleweed Communications Corp. Private, trackable URLs for directed document delivery
US5790790A (en) 1996-10-24 1998-08-04 Tumbleweed Software Corporation Electronic document delivery system in which notification of said electronic document is sent to a recipient thereof
US6385655B1 (en) 1996-10-24 2002-05-07 Tumbleweed Communications Corp. Method and apparatus for delivering documents over an electronic network
AU5094398A (en) 1996-10-30 1998-05-22 Theodor Holm Nelson Many-to-many payment system for network content materials
US5923885A (en) 1996-10-31 1999-07-13 Sun Microsystems, Inc. Acquisition and operation of remotely loaded software using applet modification of browser software
US6453345B2 (en) 1996-11-06 2002-09-17 Datadirect Networks, Inc. Network security and surveillance system
US5991881A (en) 1996-11-08 1999-11-23 Harris Corporation Network surveillance system
US6167520A (en) 1996-11-08 2000-12-26 Finjan Software, Inc. System and method for protecting a client during runtime from hostile downloadables
US6154844A (en) 1996-11-08 2000-11-28 Finjan Software, Ltd. System and method for attaching a downloadable security profile to a downloadable
US5796948A (en) 1996-11-12 1998-08-18 Cohen; Elliot D. Offensive message interceptor for computers
US5872844A (en) * 1996-11-18 1999-02-16 Microsoft Corporation System and method for detecting fraudulent expenditure of transferable electronic assets
US5796942A (en) 1996-11-21 1998-08-18 Computer Associates International, Inc. Method and apparatus for automated network-wide surveillance and security breach intervention
JPH10164124A (en) 1996-12-04 1998-06-19 Canon Inc Communication device
US6367012B1 (en) 1996-12-06 2002-04-02 Microsoft Corporation Embedding certifications in executable files for network transmission
US5892904A (en) 1996-12-06 1999-04-06 Microsoft Corporation Code certification for network transmission
US5959976A (en) 1996-12-09 1999-09-28 Kuo; Yung-Tien Method and device for filtering transmission
US5968119A (en) 1996-12-09 1999-10-19 Wall Data Incorporated Method of accessing information of an SNA host computer from a client computer using a specific terminal emulation
US5903882A (en) 1996-12-13 1999-05-11 Certco, Llc Reliance server for electronic transaction system
US6009274A (en) 1996-12-13 1999-12-28 3Com Corporation Method and apparatus for automatically updating software components on end systems over a network
US6285991B1 (en) 1996-12-13 2001-09-04 Visa International Service Association Secure interactive electronic account statement delivery system
KR100385239B1 (en) 1996-12-16 2003-07-16 삼성전자주식회사 Method and apparatus for transmitting e-mail messages from the local area network.
US5911776A (en) 1996-12-18 1999-06-15 Unisys Corporation Automatic format conversion system and publishing methodology for multi-user network
US6061722A (en) 1996-12-23 2000-05-09 T E Network, Inc. Assessing network performance without interference with normal network operations
US5951644A (en) 1996-12-24 1999-09-14 Apple Computer, Inc. System for predicting and managing network performance by managing and monitoring resourse utilization and connection of network
US5907618A (en) 1997-01-03 1999-05-25 International Business Machines Corporation Method and apparatus for verifiably providing key recovery information in a cryptographic system
US5805801A (en) 1997-01-09 1998-09-08 International Business Machines Corporation System and method for detecting and preventing security
US5898836A (en) 1997-01-14 1999-04-27 Netmind Services, Inc. Change-detection tool indicating degree and location of change of internet documents by comparison of cyclic-redundancy-check(CRC) signatures
US5933647A (en) 1997-01-24 1999-08-03 Cognet Corporation System and method for software distribution and desktop management in a computer network environment
US6119137A (en) 1997-01-30 2000-09-12 Tumbleweed Communications Corp. Distributed dynamic document conversion server
US5978799A (en) 1997-01-30 1999-11-02 Hirsch; G. Scott Search engine including query database, user profile database, information templates and email facility
US5956481A (en) 1997-02-06 1999-09-21 Microsoft Corporation Method and apparatus for protecting data files on a computer from virus infection
US6178242B1 (en) * 1997-02-07 2001-01-23 Nds Limited Digital recording protection system
US5953502A (en) * 1997-02-13 1999-09-14 Helbig, Sr.; Walter A Method and apparatus for enhancing computer system security
US6502191B1 (en) 1997-02-14 2002-12-31 Tumbleweed Communications Corp. Method and system for binary data firewall delivery
JPH10232875A (en) 1997-02-19 1998-09-02 Hitachi Ltd Data base managing method and parallel data base managing system
US5896499A (en) 1997-02-21 1999-04-20 International Business Machines Corporation Embedded security processor
US5920630A (en) 1997-02-25 1999-07-06 United States Of America Method of public key cryptography that includes key escrow
US5922074A (en) 1997-02-28 1999-07-13 Xcert Software, Inc. Method of and apparatus for providing secure distributed directory services and public key infrastructure
US6408336B1 (en) 1997-03-10 2002-06-18 David S. Schneider Distributed administration of access to information
GB2324892B (en) * 1997-03-14 1999-12-01 Interactuality Limited Process monitoring system
US5960170A (en) 1997-03-18 1999-09-28 Trend Micro, Inc. Event triggered iterative virus detection
US5987606A (en) 1997-03-19 1999-11-16 Bascom Global Internet Services, Inc. Method and system for content filtering information retrieved from an internet computer network
US5958010A (en) 1997-03-20 1999-09-28 Firstsense Software, Inc. Systems and methods for monitoring distributed applications including an interface running in an operating system kernel
US6539430B1 (en) 1997-03-25 2003-03-25 Symantec Corporation System and method for filtering data received by a computer system
US5996011A (en) 1997-03-25 1999-11-30 Unified Research Laboratories, Inc. System and method for filtering data received by a computer system
US6304904B1 (en) 1997-03-27 2001-10-16 Intel Corporation Method and apparatus for collecting page-level performance statistics from a network device
IL132060D0 (en) 1997-03-31 2001-03-19 Broadband Associates Method and system for providing a presentation on a network
US6061448A (en) 1997-04-01 2000-05-09 Tumbleweed Communications Corp. Method and system for dynamic server document encryption
US5964889A (en) 1997-04-16 1999-10-12 Symantec Corporation Method to analyze a program for presence of computer viruses by examining the opcode for faults before emulating instruction in emulator
US6243815B1 (en) 1997-04-25 2001-06-05 Anand K. Antur Method and apparatus for reconfiguring and managing firewalls and security devices
US6108786A (en) 1997-04-25 2000-08-22 Intel Corporation Monitor network bindings for computer security
US6123737A (en) 1997-05-21 2000-09-26 Symantec Corporation Push deployment of software packages using notification transports
US6167438A (en) 1997-05-22 2000-12-26 Trustees Of Boston University Method and system for distributed caching, prefetching and replication
US5948104A (en) 1997-05-23 1999-09-07 Neuromedical Systems, Inc. System and method for automated anti-viral file update
TW338865B (en) * 1997-06-03 1998-08-21 Philips Eloctronics N V Authentication system
US6314190B1 (en) 1997-06-06 2001-11-06 Networks Associates Technology, Inc. Cryptographic system with methods for user-controlled message recovery
US6070243A (en) 1997-06-13 2000-05-30 Xylan Corporation Deterministic user authentication service for communication network
US5996077A (en) 1997-06-16 1999-11-30 Cylink Corporation Access control system and method using hierarchical arrangement of security devices
US6009462A (en) 1997-06-16 1999-12-28 Digital Equipment Corporation Replacing large bit component of electronic mail (e-mail) message with hot-link in distributed computer system
US6449640B1 (en) 1997-06-19 2002-09-10 International Business Machines Corporation Web server with unique identification of linked objects
US6226666B1 (en) 1997-06-27 2001-05-01 International Business Machines Corporation Agent-based management system having an open layered architecture for synchronous and/or asynchronous messaging handling
US6144744A (en) 1997-06-30 2000-11-07 International Business Machines Corporation Method and apparatus for the secure transfer of objects between cryptographic processors
US6453352B1 (en) 1997-07-14 2002-09-17 Electronic Data Systems Corporation Integrated electronic commerce system and method
US6230194B1 (en) 1997-07-14 2001-05-08 Freegate Corporation Upgrading a secure network interface
US5958005A (en) 1997-07-17 1999-09-28 Bell Atlantic Network Services, Inc. Electronic mail security
US7162738B2 (en) 1998-11-03 2007-01-09 Tumbleweed Communications Corp. E-mail firewall with stored key encryption/decryption
US7127741B2 (en) 1998-11-03 2006-10-24 Tumbleweed Communications Corp. Method and system for e-mail message transmission
US20050081059A1 (en) * 1997-07-24 2005-04-14 Bandini Jean-Christophe Denis Method and system for e-mail filtering
US7117358B2 (en) * 1997-07-24 2006-10-03 Tumbleweed Communications Corp. Method and system for filtering communication
EP1010283B1 (en) 1997-07-24 2006-11-29 Tumbleweed Communications Corp. E-mail firewall with stored key encryption/decryption
US5941998A (en) 1997-07-25 1999-08-24 Samsung Electronics Co., Ltd. Disk drive incorporating read-verify after write method
US6073140A (en) 1997-07-29 2000-06-06 Acxiom Corporation Method and system for the creation, enhancement and update of remote data using persistent keys
US5946679A (en) 1997-07-31 1999-08-31 Torrent Networking Technologies, Corp. System and method for locating a route in a route table using hashing and compressed radix tree searching
US5919257A (en) 1997-08-08 1999-07-06 Novell, Inc. Networked workstation intrusion detection system
US6006329A (en) 1997-08-11 1999-12-21 Symantec Corporation Detection of computer viruses spanning multiple data streams
US5999967A (en) * 1997-08-17 1999-12-07 Sundsted; Todd Electronic mail filtering by electronic stamp
US6199102B1 (en) 1997-08-26 2001-03-06 Christopher Alan Cobb Method and system for filtering electronic messages
US6442688B1 (en) 1997-08-29 2002-08-27 Entrust Technologies Limited Method and apparatus for obtaining status of public key certificate updates
US6357008B1 (en) 1997-09-23 2002-03-12 Symantec Corporation Dynamic heuristic method for detecting computer viruses using decryption exploration and evaluation phases
US6598167B2 (en) 1997-09-26 2003-07-22 Worldcom, Inc. Secure customer interface for web based data management
US6119230A (en) 1997-10-01 2000-09-12 Novell, Inc. Distributed dynamic security capabilities
US6185678B1 (en) * 1997-10-02 2001-02-06 Trustees Of The University Of Pennsylvania Secure and reliable bootstrap architecture
US6055519A (en) 1997-10-11 2000-04-25 I2 Technologies, Inc. Framework for negotiation and tracking of sale of goods
US6393568B1 (en) 1997-10-23 2002-05-21 Entrust Technologies Limited Encryption and decryption system and method with content analysis provision
US5991879A (en) 1997-10-23 1999-11-23 Bull Hn Information Systems Inc. Method for gradual deployment of user-access security within a data processing system
US6496979B1 (en) 1997-10-24 2002-12-17 Microsoft Corporation System and method for managing application installation for a mobile device
US6092102A (en) 1997-10-24 2000-07-18 University Of Pittsburgh Of The Commonwealth System Of Higher Education System and method for notifying users about information or events of an enterprise
US6092201A (en) 1997-10-24 2000-07-18 Entrust Technologies Method and apparatus for extending secure communication operations via a shared list
US6223172B1 (en) 1997-10-31 2001-04-24 Nortel Networks Limited Address routing using address-sensitive mask decimation scheme
US6119231A (en) 1997-10-31 2000-09-12 Cisco Technologies, Inc. Data scanning network security technique
US6275937B1 (en) 1997-11-06 2001-08-14 International Business Machines Corporation Collaborative server processing of content and meta-information with application to virus checking in a server network
US6112181A (en) 1997-11-06 2000-08-29 Intertrust Technologies Corporation Systems and methods for matching, selecting, narrowcasting, and/or classifying based on rights management and/or other information
US6362836B1 (en) 1998-04-06 2002-03-26 The Santa Cruz Operation, Inc. Universal application server for providing applications on a variety of client devices in a client/server network
US6119165A (en) 1997-11-17 2000-09-12 Trend Micro, Inc. Controlled distribution of application programs in a computer network
US6003027A (en) 1997-11-21 1999-12-14 International Business Machines Corporation System and method for determining confidence levels for the results of a categorization system
US6021510A (en) * 1997-11-24 2000-02-01 Symantec Corporation Antivirus accelerator
US6094731A (en) 1997-11-24 2000-07-25 Symantec Corporation Antivirus accelerator for computer networks
US6393465B2 (en) * 1997-11-25 2002-05-21 Nixmail Corporation Junk electronic mail detector and eliminator
US5860068A (en) * 1997-12-04 1999-01-12 Petabyte Corporation Method and system for custom manufacture and delivery of a data product
US6202157B1 (en) 1997-12-08 2001-03-13 Entrust Technologies Limited Computer network security system and method having unilateral enforceable security policy provision
JPH11175329A (en) 1997-12-08 1999-07-02 Hitachi Ltd Application linking method and device therefor
US7055173B1 (en) 1997-12-19 2006-05-30 Avaya Technology Corp. Firewall pooling in a network flowswitch
US6023723A (en) * 1997-12-22 2000-02-08 Accepted Marketing, Inc. Method and system for filtering unwanted junk e-mail utilizing a plurality of filtering mechanisms
US6009103A (en) 1997-12-23 1999-12-28 Mediaone Group, Inc. Method and system for automatic allocation of resources in a network
US6052709A (en) * 1997-12-23 2000-04-18 Bright Light Technologies, Inc. Apparatus and method for controlling delivery of unsolicited electronic mail
KR100403270B1 (en) 1997-12-29 2003-10-14 삼성전자주식회사 Method and device for protecting copyright of digital recording medium, and the digital recording medium thereof
US6088803A (en) 1997-12-30 2000-07-11 Intel Corporation System for virus-checking network data during download to a client device
US6035423A (en) 1997-12-31 2000-03-07 Network Associates, Inc. Method and system for providing automated updating and upgrading of antivirus applications using a computer network
US6279133B1 (en) 1997-12-31 2001-08-21 Kawasaki Steel Corporation Method and apparatus for significantly improving the reliability of multilevel memory architecture
US6029256A (en) * 1997-12-31 2000-02-22 Network Associates, Inc. Method and system for allowing computer programs easy access to features of a virus scanning engine
US6088804A (en) 1998-01-12 2000-07-11 Motorola, Inc. Adaptive system and method for responding to computer network security attacks
US5999932A (en) 1998-01-13 1999-12-07 Bright Light Technologies, Inc. System and method for filtering unsolicited electronic mail messages using data matching and heuristic processing
US6138254A (en) 1998-01-22 2000-10-24 Micron Technology, Inc. Method and apparatus for redundant location addressing using data compression
CA2228687A1 (en) 1998-02-04 1999-08-04 Gabor Solymar Secured virtual private networks
US6385596B1 (en) 1998-02-06 2002-05-07 Liquid Audio, Inc. Secure online music distribution system
US5987610A (en) 1998-02-12 1999-11-16 Ameritech Corporation Computer virus screening methods and systems
US6233577B1 (en) 1998-02-17 2001-05-15 Phone.Com, Inc. Centralized certificate management system for two-way interactive communication devices in data networks
US20030023695A1 (en) * 1999-02-26 2003-01-30 Atabok Japan, Inc. Modifying an electronic mail system to produce a secure delivery system
AT484054T (en) 1998-02-27 2010-10-15 Doug Carson & Associates Inc Individual adjustment of pitch and country transition sites in an optical drive master process
US6026414A (en) * 1998-03-05 2000-02-15 International Business Machines Corporation System including a proxy client to backup files in a distributed computing environment
US6279113B1 (en) 1998-03-16 2001-08-21 Internet Tools, Inc. Dynamic signature inspection-based network intrusion detection
US6134550A (en) 1998-03-18 2000-10-17 Entrust Technologies Limited Method and apparatus for use in determining validity of a certificate in a communication system employing trusted paths
US6453419B1 (en) 1998-03-18 2002-09-17 Secure Computing Corporation System and method for implementing a security policy
US6182226B1 (en) * 1998-03-18 2001-01-30 Secure Computing Corporation System and method for controlling interactions between networks
US6738814B1 (en) 1998-03-18 2004-05-18 Cisco Technology, Inc. Method for blocking denial of service and address spoofing attacks on a private network
US6052531A (en) 1998-03-25 2000-04-18 Symantec Corporation Multi-tiered incremental software updating
US6154769A (en) 1998-03-27 2000-11-28 Hewlett-Packard Company Scheduling server requests to decrease response time and increase server throughput
US6249585B1 (en) 1998-04-08 2001-06-19 Network Associates, Inc Publicly verifiable key recovery
US6430184B1 (en) 1998-04-10 2002-08-06 Top Layer Networks, Inc. System and process for GHIH-speed pattern matching for application-level switching of data packets
US6092114A (en) 1998-04-17 2000-07-18 Siemens Information And Communication Networks, Inc. Method and system for determining the location for performing file-format conversions of electronics message attachments
US6145083A (en) 1998-04-23 2000-11-07 Siemens Information And Communication Networks, Inc. Methods and system for providing data and telephony security
US6529498B1 (en) * 1998-04-28 2003-03-04 Cisco Technology, Inc. Routing support for point-to-multipoint connections
US6104500A (en) 1998-04-29 2000-08-15 Bcl, Computer Inc. Networked fax routing via email
US6298445B1 (en) 1998-04-30 2001-10-02 Netect, Ltd. Computer security
US6119157A (en) 1998-05-14 2000-09-12 Sun Microsystems, Inc. Protocol for exchanging configuration data in a computer network
JP3017712B2 (en) 1998-05-15 2000-03-13 松下電送システム株式会社 Internet facsimile
US6275942B1 (en) 1998-05-20 2001-08-14 Network Associates, Inc. System, method and computer program product for automatic response to computer system misuse using active response modules
US6058482A (en) 1998-05-22 2000-05-02 Sun Microsystems, Inc. Apparatus, method and system for providing network security for executable code in computer and communications networks
US6330589B1 (en) 1998-05-26 2001-12-11 Microsoft Corporation System and method for using a client database to manage conversation threads generated from email or news messages
GB2337903B (en) 1998-05-28 2000-06-07 3Com Corp Methods and apparatus for collecting storing processing and using network traffic data
CA2239060A1 (en) 1998-05-28 1999-11-28 Newbridge Networks Corporation Rate monitoring of connections in a communications network using history buffer
US6289214B1 (en) 1998-05-29 2001-09-11 Ericsson Inc. Systems and methods for deactivating a cellular radiotelephone system using an ANSI-41 short message service email
US6397259B1 (en) 1998-05-29 2002-05-28 Palm, Inc. Method, system and apparatus for packet minimized communications
US6167407A (en) 1998-06-03 2000-12-26 Symantec Corporation Backtracked incremental updating
US6347374B1 (en) 1998-06-05 2002-02-12 Intrusion.Com, Inc. Event detection
US6240401B1 (en) 1998-06-05 2001-05-29 Digital Video Express, L.P. System and method for movie transaction processing
US6216175B1 (en) 1998-06-08 2001-04-10 Microsoft Corporation Method for upgrading copies of an original file with same update data after normalizing differences between copies created during respective original installations
WO1999066383A2 (en) * 1998-06-15 1999-12-23 Dmw Worldwide, Inc. Method and apparatus for assessing the security of a computer system
US6317829B1 (en) 1998-06-19 2001-11-13 Entrust Technologies Limited Public key cryptography based security system to facilitate secure roaming of users
US6161130A (en) 1998-06-23 2000-12-12 Microsoft Corporation Technique which utilizes a probabilistic classifier to detect "junk" e-mail by automatically updating a training and re-training the classifier based on the updated training set
US6266337B1 (en) 1998-06-23 2001-07-24 Expand Network Ltd. Packet retransmission eliminator
US6192360B1 (en) * 1998-06-23 2001-02-20 Microsoft Corporation Methods and apparatus for classifying text and for building a text classifier
US6185689B1 (en) * 1998-06-24 2001-02-06 Richard S. Carson & Assoc., Inc. Method for network self security assessment
US6049789A (en) 1998-06-24 2000-04-11 Mentor Graphics Corporation Software pay per use licensing system
US6587949B1 (en) 1998-06-26 2003-07-01 Fotonation Holdings, Llc Secure storage device for transfer of data via removable storage
US6446109B2 (en) 1998-06-29 2002-09-03 Sun Microsystems, Inc. Application computing environment
US6141778A (en) 1998-06-29 2000-10-31 Mci Communications Corporation Method and apparatus for automating security functions in a computer system
US6324656B1 (en) 1998-06-30 2001-11-27 Cisco Technology, Inc. System and method for rules-driven multi-phase network vulnerability assessment
JP2000023116A (en) 1998-07-01 2000-01-21 Hitachi Ltd Object identifier processing method and recording medium for providing the same
US6442686B1 (en) 1998-07-02 2002-08-27 Networks Associates Technology, Inc. System and methodology for messaging server-based management and enforcement of crypto policies
SE513828C2 (en) * 1998-07-02 2000-11-13 Effnet Group Ab Firewall apparatus and method for controlling network data packet traffic between internal and external networks
US6347375B1 (en) 1998-07-08 2002-02-12 Ontrack Data International, Inc Apparatus and method for remote virus diagnosis and repair
US6182142B1 (en) * 1998-07-10 2001-01-30 Encommerce, Inc. Distributed access management of information resources
US6292833B1 (en) 1998-07-17 2001-09-18 Openwave Systems Inc. Method and apparatus for providing access control to local services of mobile devices
US6269447B1 (en) 1998-07-21 2001-07-31 Raytheon Company Information security analysis system
US6253337B1 (en) 1998-07-21 2001-06-26 Raytheon Company Information security analysis system
US6151675A (en) 1998-07-23 2000-11-21 Tumbleweed Software Corporation Method and apparatus for effecting secure document format conversion
GB2340344A (en) 1998-07-29 2000-02-16 Nokia Mobile Phones Ltd Bilateral Data Transfer Verification for Programming a Cellular Phone
US6223213B1 (en) 1998-07-31 2001-04-24 Webtv Networks, Inc. Browser-based email system with user interface for audio/video capture
US6711127B1 (en) 1998-07-31 2004-03-23 General Dynamics Government Systems Corporation System for intrusion detection and vulnerability analysis in a telecommunications signaling network
US20010011253A1 (en) 1998-08-04 2001-08-02 Christopher D. Coley Automated system for management of licensed software
US6266668B1 (en) 1998-08-04 2001-07-24 Dryken Technologies, Inc. System and method for dynamic data-mining and on-line communication of customized information
US6304973B1 (en) 1998-08-06 2001-10-16 Cryptek Secure Communications, Llc Multi-level security network system
US6330551B1 (en) 1998-08-06 2001-12-11 Cybersettle.Com, Inc. Computerized dispute resolution system and method
US6169969B1 (en) * 1998-08-07 2001-01-02 The United States Of America As Represented By The Director Of The National Security Agency Device and method for full-text large-dictionary string matching using n-gram hashing
US6356935B1 (en) * 1998-08-14 2002-03-12 Xircom Wireless, Inc. Apparatus and method for an authenticated electronic userid
US6442588B1 (en) 1998-08-20 2002-08-27 At&T Corp. Method of administering a dynamic filtering firewall
US6223094B1 (en) 1998-08-21 2001-04-24 Sap Aktiengesellschaft Multi-tiered structure for storing and displaying product and process variants
US6269380B1 (en) 1998-08-31 2001-07-31 Xerox Corporation Property based mechanism for flexibility supporting front-end and back-end components having different communication protocols
US6438612B1 (en) 1998-09-11 2002-08-20 Ssh Communications Security, Ltd. Method and arrangement for secure tunneling of data between virtual routers
US6324569B1 (en) 1998-09-23 2001-11-27 John W. L. Ogilvie Self-removing email verified or designated as such by a message distributor for the convenience of a recipient
US6401210B1 (en) 1998-09-23 2002-06-04 Intel Corporation Method of managing computer virus infected files
US6687732B1 (en) 1998-09-28 2004-02-03 Inktomi Corporation Adaptive traffic bypassing in an intercepting network driver
US6338141B1 (en) * 1998-09-30 2002-01-08 Cybersoft, Inc. Method and apparatus for computer virus detection, analysis, and removal in real time
US6577920B1 (en) 1998-10-02 2003-06-10 Data Fellows Oyj Computer virus screening
US6256733B1 (en) 1998-10-08 2001-07-03 Entrust Technologies Limited Access and storage of secure group communication cryptographic keys
US6230190B1 (en) 1998-10-09 2001-05-08 Openwave Systems Inc. Shared-everything file storage for clustered system
US6219706B1 (en) 1998-10-16 2001-04-17 Cisco Technology, Inc. Access control for networks
US6330670B1 (en) 1998-10-26 2001-12-11 Microsoft Corporation Digital rights management operating system
US6327652B1 (en) 1998-10-26 2001-12-04 Microsoft Corporation Loading and identifying a digital rights management operating system
US6460141B1 (en) 1998-10-28 2002-10-01 Rsa Security Inc. Security and access management system for web-enabled and non-web-enabled applications and content on a computer network
US6260043B1 (en) 1998-11-06 2001-07-10 Microsoft Corporation Automatic file format converter
US6820202B1 (en) 1998-11-09 2004-11-16 First Data Corporation Account authority digital signature (AADS) system
US6321338B1 (en) 1998-11-09 2001-11-20 Sri International Network surveillance
US6282565B1 (en) 1998-11-17 2001-08-28 Kana Communications, Inc. Method and apparatus for performing enterprise email management
US6249807B1 (en) 1998-11-17 2001-06-19 Kana Communications, Inc. Method and apparatus for performing enterprise email management
US6272532B1 (en) 1998-12-02 2001-08-07 Harold F. Feinleib Electronic reminder system with universal email input
US6438549B1 (en) 1998-12-03 2002-08-20 International Business Machines Corporation Method for storing sparse hierarchical data in a relational database
JP4218099B2 (en) * 1998-12-03 2009-02-04 ソニー株式会社 Database, customer information search method, and customer information search device
US6341369B1 (en) * 1998-12-03 2002-01-22 International Business Machines Corporation Method and data processing system for specifying and applying rules to classification-based decision points in an application system
US6571245B2 (en) 1998-12-07 2003-05-27 Magically, Inc. Virtual desktop in a computer network
US6370648B1 (en) 1998-12-08 2002-04-09 Visa International Service Association Computer network intrusion detection
US6266774B1 (en) 1998-12-08 2001-07-24 Mcafee.Com Corporation Method and system for securing, managing or optimizing a personal computer
US6546416B1 (en) 1998-12-09 2003-04-08 Infoseek Corporation Method and system for selectively blocking delivery of bulk electronic mail
US6400804B1 (en) 1998-12-10 2002-06-04 At&T Corp. On-hold activity selection apparatus and method
US6249575B1 (en) 1998-12-11 2001-06-19 Securelogix Corporation Telephony security system
US6550012B1 (en) 1998-12-11 2003-04-15 Network Associates, Inc. Active firewall system and methodology
US6510466B1 (en) * 1998-12-14 2003-01-21 International Business Machines Corporation Methods, systems and computer program products for centralized management of application programs on a network
US6367009B1 (en) 1998-12-17 2002-04-02 International Business Machines Corporation Extending SSL to a multi-tier environment using delegation of authentication and authority
US6430688B1 (en) 1998-12-22 2002-08-06 International Business Machines Corporation Architecture for web-based on-line-off-line digital certificate authority
US6574737B1 (en) 1998-12-23 2003-06-03 Symantec Corporation System for penetrating computer or computer network
US6664666B2 (en) 1998-12-23 2003-12-16 Engineering Matters, Inc. Motor assembly allowing output in multiple degrees of freedom
US6434536B1 (en) 1998-12-23 2002-08-13 Timothy S. Geiger Methods and systems for commerce
US6615242B1 (en) * 1998-12-28 2003-09-02 At&T Corp. Automatic uniform resource locator-based message filter
US6118856A (en) 1998-12-28 2000-09-12 Nortel Networks Corporation Method and apparatus for automatically forwarding an email message or portion thereof to a remote device
US6499107B1 (en) 1998-12-29 2002-12-24 Cisco Technology, Inc. Method and system for adaptive network security using intelligent packet analysis
US6301668B1 (en) 1998-12-29 2001-10-09 Cisco Technology, Inc. Method and system for adaptive network security using network vulnerability assessment
US6654787B1 (en) 1998-12-31 2003-11-25 Brightmail, Incorporated Method and apparatus for filtering e-mail
US6266692B1 (en) 1999-01-04 2001-07-24 International Business Machines Corporation Method for blocking all unwanted e-mail (SPAM) using a header-based password
US6477651B1 (en) 1999-01-08 2002-11-05 Cisco Technology, Inc. Intrusion detection system and method having dynamically loaded signatures
US6715082B1 (en) 1999-01-14 2004-03-30 Cisco Technology, Inc. Security server token caching
US6578147B1 (en) 1999-01-15 2003-06-10 Cisco Technology, Inc. Parallel intrusion detection sensors with load balancing for high speed networks
US6954775B1 (en) 1999-01-15 2005-10-11 Cisco Technology, Inc. Parallel intrusion detection sensors with load balancing for high speed networks
US6487666B1 (en) 1999-01-15 2002-11-26 Cisco Technology, Inc. Intrusion detection signature analysis using regular expressions and logical operators
US6327594B1 (en) 1999-01-29 2001-12-04 International Business Machines Corporation Methods for shared data management in a pervasive computing environment
US6230266B1 (en) 1999-02-03 2001-05-08 Sun Microsystems, Inc. Authentication system and process
US7917744B2 (en) 1999-02-03 2011-03-29 Cybersoft, Inc. Apparatus and methods for intercepting, examining and controlling code, data and files and their transfer in instant messaging and peer-to-peer applications
US6424650B1 (en) 1999-02-09 2002-07-23 3Com Corporation Network address filter device
US6405318B1 (en) 1999-03-12 2002-06-11 Psionic Software, Inc. Intrusion detection system
US6725377B1 (en) 1999-03-12 2004-04-20 Networks Associates Technology, Inc. Method and system for updating anti-intrusion software
US6301699B1 (en) 1999-03-18 2001-10-09 Corekt Security Systems, Inc. Method for detecting buffer overflow for computer security
JP4779183B2 (en) 1999-03-26 2011-09-28 ソニー株式会社 Playback apparatus and playback method
US6438576B1 (en) 1999-03-29 2002-08-20 International Business Machines Corporation Method and apparatus of a collaborative proxy system for distributed deployment of object rendering
US6711679B1 (en) 1999-03-31 2004-03-23 International Business Machines Corporation Public key infrastructure delegation
US6732149B1 (en) 1999-04-09 2004-05-04 International Business Machines Corporation System and method for hindering undesired transmission or receipt of electronic messages
JP2000293587A (en) * 1999-04-09 2000-10-20 Sony Corp Information processor, information processing method, management device and method, and providing medium
US6584488B1 (en) 1999-04-12 2003-06-24 International Business Machines Corporation Controlling allocation of system resources with an enhanced priority calculation
US6804778B1 (en) 1999-04-15 2004-10-12 Gilian Technologies, Ltd. Data quality assurance
US6681331B1 (en) * 1999-05-11 2004-01-20 Cylant, Inc. Dynamic software system intrusion detection
US6981146B1 (en) 1999-05-17 2005-12-27 Invicta Networks, Inc. Method of communications and communication network intrusion protection methods and intrusion attempt detection system
US6578025B1 (en) 1999-06-11 2003-06-10 Abuzz Technologies, Inc. Method and apparatus for distributing information to users
US6901402B1 (en) * 1999-06-18 2005-05-31 Microsoft Corporation System for improving the performance of information retrieval-type tasks by identifying the relations of constituents
US6731756B1 (en) 1999-06-21 2004-05-04 Elisar Software Corporation, Inc. Method for securing video images
US6804237B1 (en) 1999-06-23 2004-10-12 Nortel Networks Limited Method, devices and signals for multiplexing payload data for transport in a data network
US6484176B1 (en) 1999-06-25 2002-11-19 Baynet World, Inc. System and process for providing remote interactive access to a real estate information database using a portable computing device
US6510431B1 (en) * 1999-06-28 2003-01-21 International Business Machines Corporation Method and system for the routing of requests using an automated classification and profile matching in a networked environment
US6895436B1 (en) 1999-07-01 2005-05-17 International Business Machines Corporation Method and system for evaluating network security
US6675153B1 (en) * 1999-07-06 2004-01-06 Zix Corporation Transaction authorization system
US6910135B1 (en) 1999-07-07 2005-06-21 Verizon Corporate Services Group Inc. Method and apparatus for an intruder detection reporting and response system
US6560632B1 (en) 1999-07-16 2003-05-06 International Business Machines Corporation System and method for managing files in a distributed system using prioritization
US6772346B1 (en) 1999-07-16 2004-08-03 International Business Machines Corporation System and method for managing files in a distributed system using filtering
US6675209B1 (en) * 1999-07-19 2004-01-06 Hewlett-Packard Development Company, L.P. Method and system for assigning priority among network segments
US6845449B1 (en) * 1999-07-23 2005-01-18 Networks Associates Technology, Inc. System and method for fast nested message authentication codes and error correction codes
US6842860B1 (en) * 1999-07-23 2005-01-11 Networks Associates Technology, Inc. System and method for selectively authenticating data
US6976168B1 (en) 1999-07-23 2005-12-13 Mcafee, Inc. System and method for adaptive cryptographically synchronized authentication
US6915426B1 (en) 1999-07-23 2005-07-05 Networks Associates Technology, Inc. System and method for enabling authentication at different authentication strength-performance levels
US7886008B2 (en) * 1999-07-28 2011-02-08 Rpost International Limited System and method for verifying delivery and integrity of electronic messages
US6684335B1 (en) * 1999-08-19 2004-01-27 Epstein, Iii Edwin A. Resistance cell architecture
US6647400B1 (en) 1999-08-30 2003-11-11 Symantec Corporation System and method for analyzing filesystems to detect intrusions
US6742015B1 (en) 1999-08-31 2004-05-25 Accenture Llp Base services patterns in a netcentric environment
US6324647B1 (en) 1999-08-31 2001-11-27 Michel K. Bowman-Amuah System, method and article of manufacture for security management in a development architecture framework
US7853989B2 (en) 2000-02-08 2010-12-14 Katsikas Peter L System for eliminating unauthorized electronic mail
US6332163B1 (en) 1999-09-01 2001-12-18 Accenture, Llp Method for providing communication services over a computer network system
US6952776B1 (en) 1999-09-22 2005-10-04 International Business Machines Corporation Method and apparatus for increasing virus detection speed using a database
US6389419B1 (en) 1999-10-06 2002-05-14 Cisco Technology, Inc. Storing and retrieving connection information using bidirectional hashing of connection identifiers
US6304898B1 (en) 1999-10-13 2001-10-16 Datahouse, Inc. Method and system for creating and sending graphical email
JP3843667B2 (en) 1999-10-15 2006-11-08 セイコーエプソン株式会社 Data transfer control device and electronic device
US6789202B1 (en) 1999-10-15 2004-09-07 Networks Associates Technology, Inc. Method and apparatus for providing a policy-driven intrusion detection system
US6662230B1 (en) 1999-10-20 2003-12-09 International Business Machines Corporation System and method for dynamically limiting robot access to server data
US6611869B1 (en) 1999-10-28 2003-08-26 Networks Associates, Inc. System and method for providing trustworthy network security concern communication in an active security management environment
US7181768B1 (en) * 1999-10-28 2007-02-20 Cigital Computer intrusion detection system and method based on application monitoring
JP3463803B2 (en) 1999-11-09 2003-11-05 松下電器産業株式会社 Cluster server device
US6990591B1 (en) 1999-11-18 2006-01-24 Secureworks, Inc. Method and system for remotely configuring and monitoring a communication device
US7363361B2 (en) 2000-08-18 2008-04-22 Akamai Technologies, Inc. Secure content delivery system
US6321267B1 (en) 1999-11-23 2001-11-20 Escom Corporation Method and apparatus for filtering junk email
US6363489B1 (en) 1999-11-29 2002-03-26 Forescout Technologies Inc. Method for automatic intrusion detection and deflection in a network
US6851057B1 (en) 1999-11-30 2005-02-01 Symantec Corporation Data driven detection of viruses
US6728886B1 (en) 1999-12-01 2004-04-27 Trend Micro Incorporated Distributed virus scanning arrangements and methods therefor
US6510464B1 (en) * 1999-12-14 2003-01-21 Verizon Corporate Services Group Inc. Secure gateway having routing feature
FR2802667B1 (en) 1999-12-21 2002-01-25 Bull Sa Method and device configuration firewall in a computer system
US6460050B1 (en) * 1999-12-22 2002-10-01 Mark Raymond Pace Distributed content identification system
US6775657B1 (en) 1999-12-22 2004-08-10 Cisco Technology, Inc. Multilayered intrusion detection system and method
US6697950B1 (en) 1999-12-22 2004-02-24 Networks Associates Technology, Inc. Method and apparatus for detecting a macro computer virus using static analysis
GB2353372B (en) 1999-12-24 2001-08-22 F Secure Oyj Remote computer virus scanning
US20010034839A1 (en) 1999-12-24 2001-10-25 Guenter Karjoth Method and apparatus for secure transmission of data and applications
US6928550B1 (en) 2000-01-06 2005-08-09 International Business Machines Corporation Method and system for generating and using a virus free file certificate
US6701440B1 (en) 2000-01-06 2004-03-02 Networks Associates Technology, Inc. Method and system for protecting a computer using a remote e-mail scanning device
US6976271B1 (en) 2000-01-06 2005-12-13 International Business Machines Corporation Method and system for retrieving an anti-virus signature from one or a plurality of virus-free certificate authorities
US6735700B1 (en) 2000-01-11 2004-05-11 Network Associates Technology, Inc. Fast virus scanning using session stamping
US6802002B1 (en) 2000-01-14 2004-10-05 Hewlett-Packard Development Company, L.P. Method and apparatus for providing field confidentiality in digital certificates
US6785818B1 (en) 2000-01-14 2004-08-31 Symantec Corporation Thwarting malicious registry mapping modifications and map-loaded module masquerade attacks
IL134066A (en) 2000-01-16 2004-07-25 Eluv Holdings Ltd Key encrypted e-mail system
JP2001209584A (en) 2000-01-26 2001-08-03 Nec Niigata Ltd Data encryption device and its method
US6883101B1 (en) 2000-02-08 2005-04-19 Harris Corporation System and method for assessing the security posture of a network using goal oriented fuzzy logic decision rules
US20020016910A1 (en) * 2000-02-11 2002-02-07 Wright Robert P. Method for secure distribution of documents over electronic networks
US7117246B2 (en) 2000-02-22 2006-10-03 Sendmail, Inc. Electronic mail system with methodology providing distributed message store
US6452613B1 (en) 2000-03-01 2002-09-17 First Usa Bank, N.A. System and method for an automated scoring tool for assessing new technologies
US6691156B1 (en) 2000-03-10 2004-02-10 International Business Machines Corporation Method for restricting delivery of unsolicited E-mail
US6971019B1 (en) 2000-03-14 2005-11-29 Symantec Corporation Histogram-based virus detection
US7159237B2 (en) * 2000-03-16 2007-01-02 Counterpane Internet Security, Inc. Method and system for dynamic network intrusion monitoring, detection and response
US6842861B1 (en) 2000-03-24 2005-01-11 Networks Associates Technology, Inc. Method and system for detecting viruses on handheld computers
US6892237B1 (en) 2000-03-28 2005-05-10 Cisco Technology, Inc. Method and apparatus for high-speed parsing of network messages
US6748531B1 (en) 2000-03-28 2004-06-08 Koninklijke Philips Electronics N.V Method and apparatus for confirming and revoking trust in a multi-level content distribution system
US7177421B2 (en) * 2000-04-13 2007-02-13 Broadcom Corporation Authentication engine architecture and method
US6519703B1 (en) 2000-04-14 2003-02-11 James B. Joyce Methods and apparatus for heuristic firewall
US6584564B2 (en) * 2000-04-25 2003-06-24 Sigaba Corporation Secure e-mail system
US7921459B2 (en) * 2000-04-28 2011-04-05 International Business Machines Corporation System and method for managing security events on a network
US7089428B2 (en) 2000-04-28 2006-08-08 Internet Security Systems, Inc. Method and system for managing computer security information
US6742124B1 (en) 2000-05-08 2004-05-25 Networks Associates Technology, Inc. Sequence-based anomaly detection using a distance matrix
US6735703B1 (en) 2000-05-08 2004-05-11 Networks Associates Technology, Inc. Multi-platform sequence-based anomaly detection wrapper
US6968336B1 (en) 2000-05-18 2005-11-22 International Business Machines Corporation Method for generating, organizing table codes either code is highest code level or code is linked to parent code in hierarchical structure
US6950933B1 (en) 2000-05-19 2005-09-27 Networks Associates Technology, Inc. Method and system for management and notification of electronic certificate changes
US6922776B2 (en) 2000-05-19 2005-07-26 Networks Associates Technology, Inc. Scalable system and method for management and notification of electronic certificate changes
US20030159070A1 (en) 2001-05-28 2003-08-21 Yaron Mayer System and method for comprehensive general generic protection for computers against malicious programs that may steal information and/or cause damages
JP2002056176A (en) 2000-06-01 2002-02-20 Asgent Inc Method and device for structuring security policy and method and device for supporting security policy structuring
US6892178B1 (en) 2000-06-02 2005-05-10 Open Ratings Inc. Method and system for ascribing a reputation to an entity from the perspective of another entity
US6892179B1 (en) 2000-06-02 2005-05-10 Open Ratings Inc. System and method for ascribing a reputation to an entity
US6895385B1 (en) 2000-06-02 2005-05-17 Open Ratings Method and system for ascribing a reputation to an entity as a rater of other entities
US20020023140A1 (en) * 2000-06-08 2002-02-21 Hile John K. Electronic document delivery system
US7134141B2 (en) 2000-06-12 2006-11-07 Hewlett-Packard Development Company, L.P. System and method for host and network based intrusion detection and response
US7007301B2 (en) 2000-06-12 2006-02-28 Hewlett-Packard Development Company, L.P. Computer architecture for an intrusion detection system
US6985923B1 (en) * 2000-06-13 2006-01-10 International Business Machines Corporation Method, article of manufacture and apparatus for processing redundant electronic mail messages
US6611925B1 (en) 2000-06-13 2003-08-26 Networks Associates Technology, Inc. Single point of entry/origination item scanning within an enterprise or workgroup
US6721721B1 (en) 2000-06-15 2004-04-13 International Business Machines Corporation Virus checking and reporting for computer database search results
US6732101B1 (en) 2000-06-15 2004-05-04 Zix Corporation Secure message forwarding system detecting user's preferences including security preferences
US20040103315A1 (en) * 2001-06-07 2004-05-27 Geoffrey Cooper Assessment tool
US20030061506A1 (en) 2001-04-05 2003-03-27 Geoffrey Cooper System and method for security policy
US7058974B1 (en) 2000-06-21 2006-06-06 Netrake Corporation Method and apparatus for preventing denial of service attacks
US20020046041A1 (en) 2000-06-23 2002-04-18 Ken Lang Automated reputation/trust service
US7127743B1 (en) 2000-06-23 2006-10-24 Netforensics, Inc. Comprehensive security structure platform for network managers
EP1295454B1 (en) 2000-06-30 2005-05-11 BRITISH TELECOMMUNICATIONS public limited company Packet data communications
US6870849B1 (en) 2000-07-06 2005-03-22 Ross W. Callon Apparatus and method for efficient hashing in networks
US6988199B2 (en) * 2000-07-07 2006-01-17 Message Secure Secure and reliable document delivery
US8661539B2 (en) 2000-07-10 2014-02-25 Oracle International Corporation Intrusion threat detection
US6738462B1 (en) 2000-07-19 2004-05-18 Avaya Technology Corp. Unified communications automated personal name addressing
US6757675B2 (en) 2000-07-24 2004-06-29 The Regents Of The University Of California Method and apparatus for indexing document content and content comparison with World Wide Web search service
DE60134255D1 (en) 2000-07-25 2008-07-10 Juniper Networks Inc Network architecture and method for transparent online cross section coding and transmission of network communication data
US6687687B1 (en) 2000-07-26 2004-02-03 Zix Scm, Inc. Dynamic indexing information retrieval or filtering system
US6687696B2 (en) 2000-07-26 2004-02-03 Recommind Inc. System and method for personalized search, information filtering, and for generating recommendations utilizing statistical latent class models
US7085934B1 (en) 2000-07-27 2006-08-01 Mcafee, Inc. Method and system for limiting processor utilization by a virus scanner
GB2365158A (en) 2000-07-28 2002-02-13 Content Technologies Ltd File analysis using byte distributions
AU8498701A (en) 2000-08-16 2002-02-25 Filestream Inc End-to-end secure file transfer method and system
US6910134B1 (en) 2000-08-29 2005-06-21 Netrake Corporation Method and device for innoculating email infected with a virus
US6799197B1 (en) 2000-08-29 2004-09-28 Networks Associates Technology, Inc. Secure method and system for using a public network or email to administer to software on a plurality of client computers
GB2368233B (en) 2000-08-31 2002-10-16 F Secure Oyj Maintaining virus detection software
US6772334B1 (en) 2000-08-31 2004-08-03 Networks Associates, Inc. System and method for preventing a spoofed denial of service attack in a networked computing environment
US7278159B2 (en) 2000-09-07 2007-10-02 Mazu Networks, Inc. Coordinated thwarting of denial of service attacks
US7043759B2 (en) 2000-09-07 2006-05-09 Mazu Networks, Inc. Architecture to thwart denial of service attacks
US20020038339A1 (en) 2000-09-08 2002-03-28 Wei Xu Systems and methods for packet distribution
US6944673B2 (en) 2000-09-08 2005-09-13 The Regents Of The University Of Michigan Method and system for profiling network flows at a measurement point within a computer network
US20020032871A1 (en) 2000-09-08 2002-03-14 The Regents Of The University Of Michigan Method and system for detecting, tracking and blocking denial of service attacks over a computer network
US6785732B1 (en) 2000-09-11 2004-08-31 International Business Machines Corporation Web server apparatus and method for virus checking
US6826698B1 (en) 2000-09-15 2004-11-30 Networks Associates Technology, Inc. System, method and computer program product for rule based network security policies
US6650890B1 (en) 2000-09-29 2003-11-18 Postini, Inc. Value-added electronic messaging services and transparent implementation thereof using intermediate server
US6757830B1 (en) 2000-10-03 2004-06-29 Networks Associates Technology, Inc. Detecting unwanted properties in received email messages
US6968461B1 (en) 2000-10-03 2005-11-22 Networks Associates Technology, Inc. Providing break points in a malware scanning operation
US20020069263A1 (en) 2000-10-13 2002-06-06 Mark Sears Wireless java technology
US20030097439A1 (en) 2000-10-23 2003-05-22 Strayer William Timothy Systems and methods for identifying anomalies in network data streams
US20020129002A1 (en) 2000-10-27 2002-09-12 Alberts Douglas Wesley eMediaCarts
US7082536B2 (en) 2000-11-13 2006-07-25 Globalcerts, Lc System and method for computerized global messaging encryption
US20040181462A1 (en) * 2000-11-17 2004-09-16 Bauer Robert D. Electronic communication service
US6934857B1 (en) 2000-11-27 2005-08-23 Networks Associates Technology, Inc. Security system and method for handheld computers
US6782503B1 (en) 2000-11-28 2004-08-24 Nortel Networks Limited Generating a signature to add to a test packet to achieve a target check value
US20020078382A1 (en) 2000-11-29 2002-06-20 Ali Sheikh Scalable system for monitoring network system and components and methodology therefore
AU2002230541B2 (en) 2000-11-30 2007-08-23 Cisco Technology, Inc. Flow-based detection of network intrusions
CA2327211A1 (en) 2000-12-01 2002-06-01 Nortel Networks Limited Management of log archival and reporting for data network security systems
US7844666B2 (en) 2000-12-12 2010-11-30 Microsoft Corporation Controls and displays for acquiring preferences, inspecting behavior, and guiding the learning and decision policies of an adaptive communications prioritization and routing system
US6622150B1 (en) 2000-12-18 2003-09-16 Networks Associates Technology, Inc. System and method for efficiently managing computer virus definitions using a structured virus database
US20020083342A1 (en) 2000-12-21 2002-06-27 Webb Brian T. Systems, methods and computer program products for accessing devices on private networks via clients on a public network
US6738932B1 (en) 2000-12-22 2004-05-18 Sun Microsystems, Inc. Method and system for identifying software revisions from memory images
US6725223B2 (en) * 2000-12-22 2004-04-20 International Business Machines Corporation Storage format for encoded vector indexes
US20020080888A1 (en) 2000-12-22 2002-06-27 Li Shu Message splitting and spatially diversified message routing for increasing transmission assurance and data security over distributed networks
US6779033B1 (en) 2000-12-28 2004-08-17 Networks Associates Technology, Inc. System and method for transacting a validated application session in a networked computing environment
US6775704B1 (en) 2000-12-28 2004-08-10 Networks Associates Technology, Inc. System and method for preventing a spoofed remote procedure call denial of service attack in a networked computing environment
US7818249B2 (en) 2001-01-02 2010-10-19 Verizon Patent And Licensing Inc. Object-oriented method, system and medium for risk management by creating inter-dependency between objects, criteria and metrics
US6965939B2 (en) 2001-01-05 2005-11-15 International Business Machines Corporation Method and apparatus for processing requests in a network data processing system based on a trust association between servers
GB2371125A (en) 2001-01-13 2002-07-17 Secr Defence Computer protection system
US20020133586A1 (en) 2001-01-16 2002-09-19 Carter Shanklin Method and device for monitoring data traffic and preventing unauthorized access to a network
US20030051026A1 (en) 2001-01-19 2003-03-13 Carter Ernst B. Network surveillance and security system
US7168093B2 (en) 2001-01-25 2007-01-23 Solutionary, Inc. Method and apparatus for verifying the integrity and security of computer networks and implementation of counter measures
US6983380B2 (en) 2001-02-06 2006-01-03 Networks Associates Technology, Inc. Automatically generating valid behavior specifications for intrusion detection
US8219620B2 (en) 2001-02-20 2012-07-10 Mcafee, Inc. Unwanted e-mail filtering system including voting feedback
US7281267B2 (en) 2001-02-20 2007-10-09 Mcafee, Inc. Software audit system
AU2002240526A1 (en) * 2001-02-26 2002-09-12 Eprivacy Group, Inc. System and method for controlling distribution of network communications
US20020120853A1 (en) 2001-02-27 2002-08-29 Networks Associates Technology, Inc. Scripted distributed denial-of-service (DDoS) attack discrimination using turing tests
US7363657B2 (en) 2001-03-12 2008-04-22 Emc Corporation Using a virus checker in one file server to check for viruses in another file server
US20020143963A1 (en) 2001-03-15 2002-10-03 International Business Machines Corporation Web server intrusion detection method and apparatus
US7313822B2 (en) * 2001-03-16 2007-12-25 Protegrity Corporation Application-layer security method and system
US20020133365A1 (en) 2001-03-19 2002-09-19 William Grey System and method for aggregating reputational information
US20040193482A1 (en) 2001-03-23 2004-09-30 Restaurant Services, Inc. System, method and computer program product for user-specific advertising in a supply chain management framework
US20020138759A1 (en) 2001-03-26 2002-09-26 International Business Machines Corporation System and method for secure delivery of a parcel or document
US7080000B1 (en) 2001-03-30 2006-07-18 Mcafee, Inc. Method and system for bi-directional updating of antivirus database
US7010696B1 (en) 2001-03-30 2006-03-07 Mcafee, Inc. Method and apparatus for predicting the incidence of a virus
US7007169B2 (en) 2001-04-04 2006-02-28 International Business Machines Corporation Method and apparatus for protecting a web server against vandals attacks without restricting legitimate access
WO2002093334A2 (en) 2001-04-06 2002-11-21 Symantec Corporation Temporal access control for computer virus outbreaks
US20020147734A1 (en) 2001-04-06 2002-10-10 Shoup Randall Scott Archiving method and system
US20020147780A1 (en) 2001-04-09 2002-10-10 Liu James Y. Method and system for scanning electronic mail to detect and eliminate computer viruses using a group of email-scanning servers and a recipient's email gateway
US7089589B2 (en) 2001-04-10 2006-08-08 Lenovo (Singapore) Pte. Ltd. Method and apparatus for the detection, notification, and elimination of certain computer viruses on a network using a promiscuous system as bait
US6941478B2 (en) 2001-04-13 2005-09-06 Nokia, Inc. System and method for providing exploit protection with message tracking
US20020194161A1 (en) 2001-04-12 2002-12-19 Mcnamee J. Paul Directed web crawler with machine learning
EP1388068B1 (en) * 2001-04-13 2015-08-12 Nokia Technologies Oy System and method for providing exploit protection for networks
US6947936B1 (en) 2001-04-30 2005-09-20 Hewlett-Packard Development Company, L.P. Method for a topic hierarchy classification system
US7603709B2 (en) 2001-05-03 2009-10-13 Computer Associates Think, Inc. Method and apparatus for predicting and preventing attacks in communications networks
US7769845B2 (en) 2001-05-04 2010-08-03 Whale Communications Ltd Method and system for terminating an authentication session upon user sign-off
US7228565B2 (en) 2001-05-15 2007-06-05 Mcafee, Inc. Event reporting between a reporting computer and a receiving computer
US6768991B2 (en) 2001-05-15 2004-07-27 Networks Associates Technology, Inc. Searching for sequences of character data
CA2386491A1 (en) 2001-05-16 2002-11-16 Kasten Chase Applied Research Limited System for secure electronic information transmission
US7325252B2 (en) * 2001-05-18 2008-01-29 Achilles Guard Inc. Network security testing
US20030028803A1 (en) 2001-05-18 2003-02-06 Bunker Nelson Waldo Network vulnerability assessment system and method
US20020178227A1 (en) 2001-05-25 2002-11-28 International Business Machines Corporation Routing instant messages using configurable, pluggable delivery managers
US20030009698A1 (en) * 2001-05-30 2003-01-09 Cascadezone, Inc. Spam avenger
US7380126B2 (en) 2001-06-01 2008-05-27 Logan James D Methods and apparatus for controlling the transmission and receipt of email messages
US7458094B2 (en) 2001-06-06 2008-11-25 Science Applications International Corporation Intrusion prevention system
US7350234B2 (en) 2001-06-11 2008-03-25 Research Triangle Institute Intrusion tolerant communication networks and associated methods
US20020186698A1 (en) 2001-06-12 2002-12-12 Glen Ceniza System to map remote lan hosts to local IP addresses
US7308715B2 (en) * 2001-06-13 2007-12-11 Mcafee, Inc. Protocol-parsing state machine and method of using same
EP1267545B1 (en) 2001-06-14 2008-08-20 International Business Machines Corporation Intrusion detection in data processing system
US20020194490A1 (en) 2001-06-18 2002-12-19 Avner Halperin System and method of virus containment in computer networks
US20030005326A1 (en) * 2001-06-29 2003-01-02 Todd Flemming Method and system for implementing a security application services provider
EP1271283B1 (en) * 2001-06-29 2007-05-23 Stonesoft Corporation An intrusion detection method and system
US6928549B2 (en) * 2001-07-09 2005-08-09 International Business Machines Corporation Dynamic intrusion detection for computer systems
US7356689B2 (en) * 2001-07-09 2008-04-08 Lucent Technologies Inc. Method and apparatus for tracing packets in a communications network
US7380279B2 (en) * 2001-07-16 2008-05-27 Lenel Systems International, Inc. System for integrating security and access for facilities and information systems
US7023861B2 (en) * 2001-07-26 2006-04-04 Mcafee, Inc. Malware scanning using a network bridge
US7673342B2 (en) * 2001-07-26 2010-03-02 Mcafee, Inc. Detecting e-mail propagated malware
US6769016B2 (en) 2001-07-26 2004-07-27 Networks Associates Technology, Inc. Intelligent SPAM detection system using an updateable neural analysis engine
JP2003046576A (en) * 2001-07-27 2003-02-14 Fujitsu Ltd Message delivery system, message delivery management server, message distribution management program, and computer-readable recording medium with the program recorded thereon
US7181015B2 (en) 2001-07-31 2007-02-20 Mcafee, Inc. Method and apparatus for cryptographic key establishment using an identity based symmetric keying technique
US7117533B1 (en) 2001-08-03 2006-10-03 Mcafee, Inc. System and method for providing dynamic screening of transient messages in a distributed computing environment
US6993660B1 (en) * 2001-08-03 2006-01-31 Mcafee, Inc. System and method for performing efficient computer virus scanning of transient messages using checksums in a distributed computing environment
US6745192B1 (en) 2001-08-03 2004-06-01 Networks Associates Technology Inc. System and method for providing a multi-tiered hierarchical transient message store accessed using multiply hashed unique filenames
US7243374B2 (en) 2001-08-08 2007-07-10 Microsoft Corporation Rapid application security threat analysis
US7245632B2 (en) 2001-08-10 2007-07-17 Sun Microsystems, Inc. External storage for modular computer systems
US7278160B2 (en) 2001-08-16 2007-10-02 International Business Machines Corporation Presentation of correlated events as situation classes
US7120252B1 (en) 2001-08-16 2006-10-10 Mcafee, Inc. System and method for automatically protecting private video content using cryptographic security for legacy systems
US7657935B2 (en) * 2001-08-16 2010-02-02 The Trustees Of Columbia University In The City Of New York System and methods for detecting malicious email transmission
US20030037141A1 (en) 2001-08-16 2003-02-20 Gary Milo Heuristic profiler software features
US6928556B2 (en) 2001-08-30 2005-08-09 International Business Machines Corporation Method and apparatus in a data processing system for managing situations from correlated events
US6978223B2 (en) 2001-09-06 2005-12-20 Bbnt Solutions Llc Systems and methods for network performance measurement using packet signature collection
US20030051163A1 (en) 2001-09-13 2003-03-13 Olivier Bidaud Distributed network architecture security system
US20030055931A1 (en) 2001-09-18 2003-03-20 Cravo De Almeida Marcio Managing a remote device
US7107618B1 (en) 2001-09-25 2006-09-12 Mcafee, Inc. System and method for certifying that data received over a computer network has been checked for viruses
US7266844B2 (en) 2001-09-27 2007-09-04 Mcafee, Inc. Heuristic detection of polymorphic computer viruses based on redundancy in viral code
US20030065943A1 (en) 2001-09-28 2003-04-03 Christoph Geis Method and apparatus for recognizing and reacting to denial of service attacks on a computerized network
US6892241B2 (en) 2001-09-28 2005-05-10 Networks Associates Technology, Inc. Anti-virus policy enforcement system and method
US7010608B2 (en) 2001-09-28 2006-03-07 Intel Corporation System and method for remotely accessing a home server while preserving end-to-end security
US6907430B2 (en) 2001-10-04 2005-06-14 Booz-Allen Hamilton, Inc. Method and system for assessing attacks on computer networks using Bayesian networks
US7310818B1 (en) 2001-10-25 2007-12-18 Mcafee, Inc. System and method for tracking computer viruses
US8261059B2 (en) 2001-10-25 2012-09-04 Verizon Business Global Llc Secure file transfer and secure file transfer protocol
US7444679B2 (en) 2001-10-31 2008-10-28 Hewlett-Packard Development Company, L.P. Network, method and computer readable medium for distributing security updates to select nodes on a network
US20030135749A1 (en) 2001-10-31 2003-07-17 Gales George S. System and method of defining the security vulnerabilities of a computer system
US20030084323A1 (en) 2001-10-31 2003-05-01 Gales George S. Network intrusion detection system and method
JP2003150748A (en) 2001-11-09 2003-05-23 Asgent Inc Risk evaluation method
US7315944B2 (en) 2001-11-13 2008-01-01 Ericsson Inc. Secure handling of stored-value data objects
US20030093695A1 (en) 2001-11-13 2003-05-15 Santanu Dutta Secure handling of stored-value data objects
US7487262B2 (en) 2001-11-16 2009-02-03 At & T Mobility Ii, Llc Methods and systems for routing messages through a communications network based on message content
US20030095555A1 (en) 2001-11-16 2003-05-22 Mcnamara Justin System for the validation and routing of messages
US20030101381A1 (en) * 2001-11-29 2003-05-29 Nikolay Mateev System and method for virus checking software
US6546493B1 (en) 2001-11-30 2003-04-08 Networks Associates Technology, Inc. System, method and computer program product for risk assessment scanning based on detected anomalous events
WO2003048960A1 (en) 2001-11-30 2003-06-12 A New Voice, Inc. Method and system for contextual prioritization of unified messages
US20030126464A1 (en) 2001-12-04 2003-07-03 Mcdaniel Patrick D. Method and system for determining and enforcing security policy in a communication session
US7093002B2 (en) 2001-12-06 2006-08-15 Mcafee, Inc. Handling of malware scanning of files stored within a file storage device of a computer network
US7150042B2 (en) 2001-12-06 2006-12-12 Mcafee, Inc. Techniques for performing malware scanning of files stored within a file storage device of a computer network
US20030110392A1 (en) 2001-12-06 2003-06-12 Aucsmith David W. Detecting intrusions
US7150043B2 (en) 2001-12-12 2006-12-12 International Business Machines Corporation Intrusion detection method and signature table
US7328349B2 (en) 2001-12-14 2008-02-05 Bbn Technologies Corp. Hash-based systems and methods for detecting, preventing, and tracing network worms and viruses
KR100427449B1 (en) 2001-12-14 2004-04-14 한국전자통신연구원 Intrusion detection method using adaptive rule estimation in nids
US7096500B2 (en) 2001-12-21 2006-08-22 Mcafee, Inc. Predictive malware scanning of internet data
US6754705B2 (en) 2001-12-21 2004-06-22 Networks Associates Technology, Inc. Enterprise network analyzer architecture framework
US7400729B2 (en) 2001-12-28 2008-07-15 Intel Corporation Secure delivery of encrypted digital content
AU2002360844A1 (en) 2001-12-31 2003-07-24 Citadel Security Software Inc. Automated computer vulnerability resolution system
JP4152108B2 (en) 2002-01-18 2008-09-17 株式会社コムスクエア Vulnerability monitoring method and system
US7222366B2 (en) 2002-01-28 2007-05-22 International Business Machines Corporation Intrusion event filtering
US7076803B2 (en) 2002-01-28 2006-07-11 International Business Machines Corporation Integrated intrusion detection services
US7743415B2 (en) 2002-01-31 2010-06-22 Riverbed Technology, Inc. Denial of service attacks characterization
US7268899B2 (en) 2002-01-31 2007-09-11 Hewlett-Packard Development Company, L.P. Secure system for delivery of a fax to a remote user
US7174566B2 (en) 2002-02-01 2007-02-06 Intel Corporation Integrated network intrusion detection
US20030149887A1 (en) 2002-02-01 2003-08-07 Satyendra Yadav Application-specific network intrusion detection
US8370936B2 (en) 2002-02-08 2013-02-05 Juniper Networks, Inc. Multi-method gateway-based network security systems and methods
US6760845B1 (en) 2002-02-08 2004-07-06 Networks Associates Technology, Inc. Capture file format system and method for a network analyzer
US7287280B2 (en) 2002-02-12 2007-10-23 Goldman Sachs & Co. Automated security management
US7073074B2 (en) 2002-02-13 2006-07-04 Microsoft Corporation System and method for storing events to enhance intrusion detection
JP4593926B2 (en) 2002-02-19 2010-12-08 ポスティーニ インク Email management service
KR100468232B1 (en) 2002-02-19 2005-01-26 한국전자통신연구원 Network-based Attack Tracing System and Method Using Distributed Agent and Manager Systems
US7124438B2 (en) 2002-03-08 2006-10-17 Ciphertrust, Inc. Systems and methods for anomaly detection in patterns of monitored communications
US7694128B2 (en) 2002-03-08 2010-04-06 Mcafee, Inc. Systems and methods for secure communication delivery
US20030172291A1 (en) 2002-03-08 2003-09-11 Paul Judge Systems and methods for automated whitelisting in monitored communications
US7458098B2 (en) 2002-03-08 2008-11-25 Secure Computing Corporation Systems and methods for enhancing electronic communication security
US6941467B2 (en) 2002-03-08 2005-09-06 Ciphertrust, Inc. Systems and methods for adaptive message interrogation through multiple queues
US20030233328A1 (en) 2002-04-23 2003-12-18 Scott David A. Method and system for securely communicating data in a communications network
AUPS193202A0 (en) 2002-04-23 2002-05-30 Pickup, Robert Barkley Mr A method and system for authorising electronic mail
US6741595B2 (en) 2002-06-11 2004-05-25 Netrake Corporation Device for enabling trap and trace of internet protocol communications
EP1376420A1 (en) 2002-06-19 2004-01-02 Pitsos Errikos Method and system for classifying electronic documents
US20040203589A1 (en) 2002-07-11 2004-10-14 Wang Jiwei R. Method and system for controlling messages in a communication network
US7222157B1 (en) * 2002-07-15 2007-05-22 Aol Llc Identification and filtration of digital communications
US8924484B2 (en) * 2002-07-16 2014-12-30 Sonicwall, Inc. Active e-mail filter with challenge-response
US7017186B2 (en) 2002-07-30 2006-03-21 Steelcloud, Inc. Intrusion detection system using self-organizing clusters
US6847888B2 (en) * 2002-08-07 2005-01-25 Hrl Laboratories, Llc Method and apparatus for geographic shape preservation for identification
US6742128B1 (en) 2002-08-28 2004-05-25 Networks Associates Technology Threat assessment orchestrator system and method
JP3831696B2 (en) 2002-09-20 2006-10-11 株式会社日立製作所 Network management apparatus and network management method
US7200658B2 (en) * 2002-11-12 2007-04-03 Movielink, Llc Network geo-location system
US20040111531A1 (en) 2002-12-06 2004-06-10 Stuart Staniford Method and system for reducing the rate of infection of a communications network by a software worm
US6732157B1 (en) 2002-12-13 2004-05-04 Networks Associates Technology, Inc. Comprehensive anti-spam system, method, and computer program product for filtering unwanted e-mail messages
US6859793B1 (en) 2002-12-19 2005-02-22 Networks Associates Technology, Inc. Software license reporting and control system and method
US7401141B2 (en) * 2003-01-07 2008-07-15 International Business Machines Corporation Method and system for monitoring performance of distributed applications
US7171450B2 (en) 2003-01-09 2007-01-30 Microsoft Corporation Framework to enable integration of anti-spam technologies
US8266215B2 (en) 2003-02-20 2012-09-11 Sonicwall, Inc. Using distinguishing properties to classify messages
US20040177120A1 (en) 2003-03-07 2004-09-09 Kirsch Steven T. Method for filtering e-mail messages
JP2004284241A (en) 2003-03-24 2004-10-14 Pioneer Electronic Corp Optical recording medium and sputtering target for optical recording medium
US20060168006A1 (en) * 2003-03-24 2006-07-27 Mr. Marvin Shannon System and method for the classification of electronic communication
US7676546B2 (en) 2003-03-25 2010-03-09 Verisign, Inc. Control and management of electronic messaging
GB0307913D0 (en) 2003-04-05 2003-05-14 Hewlett Packard Development Co Management of peer-to-peer network using reputation services
US7483947B2 (en) * 2003-05-02 2009-01-27 Microsoft Corporation Message rendering for identification of content features
CA2529314A1 (en) * 2003-06-20 2005-07-07 Amgen Inc. Piperazine derivatives and methods of use
US7051077B2 (en) 2003-06-30 2006-05-23 Mx Logic, Inc. Fuzzy logic voting method and system for classifying e-mail using inputs from multiple spam classifiers
US7769594B2 (en) 2003-09-05 2010-08-03 France Telecom Evaluation of reputation of an entity by a primary evaluation centre
US7415018B2 (en) 2003-09-17 2008-08-19 Alcatel Lucent IP Time to Live (TTL) field used as a covert channel
US20050086526A1 (en) 2003-10-17 2005-04-21 Panda Software S.L. (Sociedad Unipersonal) Computer implemented method providing software virus infection information in real time
US20050102366A1 (en) 2003-11-07 2005-05-12 Kirsch Steven T. E-mail filter employing adaptive ruleset
US7624274B1 (en) * 2004-02-11 2009-11-24 AOL LLC, a Delaware Limited Company Decreasing the fragility of duplicate document detecting algorithms
US7644127B2 (en) 2004-03-09 2010-01-05 Gozoom.Com, Inc. Email analysis using fuzzy matching of text
US8918466B2 (en) 2004-03-09 2014-12-23 Tonny Yu System for email processing and analysis
US20050204159A1 (en) * 2004-03-09 2005-09-15 International Business Machines Corporation System, method and computer program to block spam
US7366764B1 (en) * 2004-06-23 2008-04-29 Chelonia Llc Method for the identification and management of mass unsolicited e-mail
US7693945B1 (en) * 2004-06-30 2010-04-06 Google Inc. System for reclassification of electronic messages in a spam filtering system
US7660865B2 (en) * 2004-08-12 2010-02-09 Microsoft Corporation Spam filtering with probabilistic secure hashes
US7933985B2 (en) 2004-08-13 2011-04-26 Sipera Systems, Inc. System and method for detecting and preventing denial of service attacks in a communications system
US20060047794A1 (en) 2004-09-02 2006-03-02 Microsoft Corporation Application of genetic algorithms to computer system tuning
US8010460B2 (en) 2004-09-02 2011-08-30 Linkedin Corporation Method and system for reputation evaluation of online users in a social networking scheme
US20060095404A1 (en) 2004-10-29 2006-05-04 The Go Daddy Group, Inc Presenting search engine results based on domain name related reputation
US20060095966A1 (en) * 2004-11-03 2006-05-04 Shawn Park Method of detecting, comparing, blocking, and eliminating spam emails
US7574409B2 (en) * 2004-11-04 2009-08-11 Vericept Corporation Method, apparatus, and system for clustering and classification
US20060168017A1 (en) * 2004-11-30 2006-07-27 Microsoft Corporation Dynamic spam trap accounts
US20060123083A1 (en) 2004-12-03 2006-06-08 Xerox Corporation Adaptive spam message detector
US20060149820A1 (en) * 2005-01-04 2006-07-06 International Business Machines Corporation Detecting spam e-mail using similarity calculations
US20060230039A1 (en) 2005-01-25 2006-10-12 Markmonitor, Inc. Online identity tracking
US20060212925A1 (en) 2005-03-02 2006-09-21 Markmonitor, Inc. Implementing trust policies
US7822620B2 (en) 2005-05-03 2010-10-26 Mcafee, Inc. Determining website reputations using automatic testing
US20060259551A1 (en) * 2005-05-12 2006-11-16 Idalis Software Detection of unsolicited electronic messages
US20090064329A1 (en) * 2007-06-25 2009-03-05 Google Inc. Zero-hour quarantine of suspect electronic messages
US20090083413A1 (en) * 2007-09-24 2009-03-26 Levow Zachary S Distributed frequency data collection via DNS
US8364766B2 (en) * 2008-12-04 2013-01-29 Yahoo! Inc. Spam filtering based on statistics and token frequency modeling

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6119236A (en) * 1996-10-07 2000-09-12 Shipley; Peter M. Intelligent network security device and method
US5905859A (en) * 1997-01-09 1999-05-18 International Business Machines Corporation Managed network device security method and apparatus
US6215763B1 (en) * 1997-10-29 2001-04-10 Lucent Technologies Inc. Multi-phase process for distributed precomputation of network signal paths
US6678270B1 (en) * 1999-03-12 2004-01-13 Sandstorm Enterprises, Inc. Packet interception system including arrangement facilitating authentication of intercepted packets
US6609205B1 (en) * 1999-03-18 2003-08-19 Cisco Technology, Inc. Network intrusion detection signature analysis using decision graphs
US6981158B1 (en) * 2000-06-19 2005-12-27 Bbnt Solutions Llc Method and apparatus for tracing packets

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9853885B1 (en) 2014-03-18 2017-12-26 Amazon Technologies, Inc. Using packet duplication in a packet-switched network to increase reliability
US9871720B1 (en) * 2014-03-18 2018-01-16 Amazon Technologies, Inc. Using packet duplication with encapsulation in a packet-switched network to increase reliability

Also Published As

Publication number Publication date
US20090158046A1 (en) 2009-06-18
US20090031136A1 (en) 2009-01-29
US20100205672A1 (en) 2010-08-12
US8204945B2 (en) 2012-06-19
US20090132669A1 (en) 2009-05-21
US20130014261A1 (en) 2013-01-10
US20040073617A1 (en) 2004-04-15
US20090158435A1 (en) 2009-06-18
US20100205671A1 (en) 2010-08-12
US8272060B2 (en) 2012-09-18
US20090031129A1 (en) 2009-01-29
US20100205265A1 (en) 2010-08-12
US20090182867A1 (en) 2009-07-16
US20090313339A1 (en) 2009-12-17

Similar Documents

Publication Publication Date Title
Kumar Survey of current network intrusion detection techniques
US9455956B2 (en) Load balancing in a network with session information
CN1656731B (en) Multi-method gateway-based network security systems and methods
US7509681B2 (en) Interoperability of vulnerability and intrusion detection systems
US7171683B2 (en) Protecting against distributed denial of service attacks
US7464407B2 (en) Attack defending system and attack defending method
CA2470294C (en) Network service zone locking
US6954775B1 (en) Parallel intrusion detection sensors with load balancing for high speed networks
US8726016B2 (en) Intelligent integrated network security device
KR100456635B1 (en) Method and system for defensing distributed denial of service
US7752324B2 (en) Real-time packet traceback and associated packet marking strategies
US6578147B1 (en) Parallel intrusion detection sensors with load balancing for high speed networks
EP1905197B1 (en) System and method for detecting abnormal traffic based on early notification
US8176553B1 (en) Secure gateway with firewall and intrusion detection capabilities
US7234163B1 (en) Method and apparatus for preventing spoofing of network addresses
KR100468232B1 (en) Network-based Attack Tracing System and Method Using Distributed Agent and Manager Systems
US8892725B2 (en) Method for network anomaly detection in a network architecture based on locator/identifier split
US7058821B1 (en) System and method for detection of intrusion attacks on packets transmitted on a network
US9628498B1 (en) System and method for bot detection
US8272054B2 (en) Computer network intrusion detection system and method
JP2008011537A (en) Packet classification for network security device
Marin Network security basics
US20030084321A1 (en) Node and mobile device for a mobile telecommunications network providing intrusion detection
US9667589B2 (en) Logical / physical address state lifecycle management
US7409712B1 (en) Methods and apparatus for network message traffic redirection

Legal Events

Date Code Title Description
STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION