公开(公告)号：US20200004954A1

公开(公告)日：2020-01-02

申请号：US16150679

申请日：2018-10-03

Applicant: Cisco Technology, Inc.

Inventor： Andrew Zawadowskiy ,  Vincent E. Parla ,  Alok Mittal

IPC: G06F21/54 ,  G06F21/56 ,  G06F21/64 ,  G06F9/30 ,  G06F9/38

Abstract: In one example embodiment, a computing device has a processor that executes a processor instruction stream that causes the processor to perform one or more operations for the computing device. The computing device generates one or more trace data packets including a first instruction pointer of the processor instruction stream, a second instruction pointer of the processor instruction stream subsequent to the first instruction pointer, and a string of characters derived from instructions associated with a control flow transfer between the first instruction pointer of the processor instruction stream and the second instruction pointer of the processor instruction stream. The computing device determines whether the one or more trace data packets are consistent with a secure processor instruction stream known or determined to be secure from malicious processor instructions and, if not, generates an indication that the processor instruction stream is not secure.

公开(公告)号：US09369435B2

公开(公告)日：2016-06-14

申请号：US14041107

申请日：2013-09-30

Applicant: Cisco Technology, Inc.

Inventor： Todd Short ,  Andrew Zawadowskiy ,  Antonio Martin ,  Vincent E. Parla

IPC: H04L12/721 ,  H04L29/06 ,  H04L12/725

CPC classification number: H04L63/0227 ,  H04L45/306 ,  H04L45/566 ,  H04L63/0245 ,  H04L63/08 ,  H04L63/10 ,  H04L67/02

Abstract: A method for providing authoritative application-based routing and an improved application firewall, as well as a method for application classification, is described. The first embodiment, which provides a method for authoritative application-based routing, comprises tagging packets with an application identifier, and pushing the tagged packets to the network to enable the application identifier to be used in routing and priority decisions. In the second embodiment, a method for improving application firewall comprises using the application identifier to minimize the amount of processing required by the firewall when analyzing packet information.

Abstract translation: 描述了一种用于提供权威的基于应用的路由和改进的应用防火墙的方法以及应用分类的方法。 提供用于基于权威应用的路由的方法的第一实施例包括使用应用标识符来标记分组，并且将标记的分组推送到网络以使应用标识符能够用于路由和优先级决策。 在第二实施例中，用于改进应用防火墙的方法包括使用应用标识符来最小化防火墙在分析分组信息时所需的处理量。