公开(公告)号：US20140241360A1

公开(公告)日：2014-08-28

申请号：US14192556

申请日：2014-02-27

Applicant: Citrix Systems, Inc. ,  Citrix Systems, Inc.

Inventor： Steve Jackowski ,  Steve Jackowski ,  Seth Keith ,  Seth Keith ,  Daljit Singh ,  Daljit Singh ,  Ralph Wondra

IPC: H04L12/851 ,  H04L29/08 ,  H04L29/06

CPC classification number: H04L47/2441 ,  H04L41/0213 ,  H04L41/046 ,  H04L43/0829 ,  H04L43/0864 ,  H04L67/2819 ,  H04L69/22 ,  H04L69/32

Abstract: The present invention is directed towards systems and methods for providing multi-level classification of a network packet. In some embodiments, network performance may be enhanced and optimized by providing QoS and acceleration engines with packet- or data-specific information. In addition to source and destination IP addresses and port numbers, packet- or data-specific information can include direction of traffic (client to host or server; server or host to client; or both), Virtual LAN (VLAN) ID, source or destination application or associated application, service class, ICA priority, type of service, differentiated service code point (DSCP), or other information. Some or all of this information may be used to classify the network packet at a plurality of layers of a network stack, allowing for deep inspection of the packet and multiple levels of granularity of classification.

Abstract translation: 本发明涉及用于提供网络分组的多级分类的系统和方法。 在一些实施例中，可以通过向QoS和加速引擎提供分组或数据特定信息来增强和优化网络性能。 除了源和目标IP地址和端口号之外，数据包或数据特定信息可以包括流量方向（客户端到主机或服务器;服务器或主机到客户端;或两者），虚拟LAN（VLAN）ID，源或 目标应用程序或相关应用程序，服务类别，ICA优先级，服务类型，差异化服务代码点（DSCP）或其他信息。 这些信息中的一些或全部可以用于在网络堆栈的多个层对网络分组进行分类，允许对分组的深度检查和分级的多个级别的级别。

公开(公告)号：US12225071B2

公开(公告)日：2025-02-11

申请号：US17747558

申请日：2022-05-18

Applicant: Citrix Systems, Inc.

Inventor： Anuj Magazine ,  Praveen Raja Dhanabalan ,  Anudeep Athlur

IPC: H04L67/06 ,  H04L65/61 ,  H04L67/63

Abstract: Described embodiments provide systems and methods for selecting between modes for delivering or providing access to a file. A server can be configured to deliver the file via a plurality of modes of delivery including. A first mode of delivery can include downloading the file and a second mode of delivery can include delivering the file via a virtualized stream. The server can receive a request and initiate downloading of the file for a length of time. The server can identify an amount of available bandwidth and size of the file and determine a first time for the first mode of delivery. The first time can be compared to a second time to deliver the file via the second mode of delivery. The server can select between the first mode of delivery and the second mode of delivery and provide the file via the selected mode of delivery.

公开(公告)号：US12225021B2

公开(公告)日：2025-02-11

申请号：US17321847

申请日：2021-05-17

Applicant: Citrix Systems, Inc.

Inventor： Andreas Varnavas ,  Ananthaneni Sai Teja Chowdary ,  Nikolaos Tsapakis ,  Premkumar S J ,  Manikam Muthiah

IPC: H04L9/40 ,  G06F21/50 ,  H04W12/12

Abstract: A system and method that detects malicious account creation in a web-based platform. A method includes detecting suspicious events associated with an account creation process using a username classifier that evaluates a username used to create a new account, an IP address classifier that evaluates an IP address used to create the new account, and a domain classifier that evaluates a domain from an email address used to create the new account; analyzing each detected suspicious event with a density analysis classifier to determine if each detected suspicious event comprises a malicious event based on a density of detected suspicious events from a collections of account creation processes; and determining an alert condition based on at least one malicious event detection.

公开(公告)号：US12219022B2

公开(公告)日：2025-02-04

申请号：US17366220

申请日：2021-07-02

Applicant: Citrix Systems, Inc.

Inventor： Juan Rivera

IPC: H04L67/148 ,  H04L67/02 ,  H04L67/142 ,  H04L67/146

Abstract: Methods, systems, and computer-readable media for transferring hosted web browser sessions between browser servers are described herein. In various embodiments, a broker service may create a browser server pool from a plurality of browser servers. The broker service may connect a client agent with a first web browser session in a first browser server in the browser server pool. The broker service, responsive to a determination that the first web browser session needs to be transferred to a second browser server in the browser server pool, may request and receive a session context from the first web browser session, launch a second web browser session in the second browser server, initialize the second web browser session with the session context from the first web browser session, transfer the client agent from the first web browser session to the second web browser session, and terminate the first web browser session.

公开(公告)号：US12218897B2

公开(公告)日：2025-02-04

申请号：US17809150

申请日：2022-06-27

Applicant: Citrix Systems, Inc.

Inventor： Sai Xu ,  Xin Liu ,  Yimin Liu

IPC: H04L51/07 ,  H04L51/21 ,  H04L51/42

Abstract: A system and method for dynamically transforming email signatures. A method includes: receiving an email from an email client prior to delivery to an intended recipient, the email including an original signature; analyzing the email to obtain information associated with the intended recipient of the email; predicting a preferred language of the intended recipient based on the information; converting the original signature to a revised signature, wherein the revised signature utilizes the preferred language; and forwarding the email with the revised signature to the intended recipient.

公开(公告)号：US12199953B2

公开(公告)日：2025-01-14

申请号：US17540883

申请日：2021-12-02

Applicant: Citrix Systems, Inc.

Inventor： Christopher Fleck ,  Abhishek Chauhan

IPC: H04L29/06 ,  G06F12/14 ,  H04L9/40

Abstract: Embodiments described include systems and methods of an encrypted cache. An embedded browser of a client application executing on a client device may provide access to a network application accessed via the client application. The embedded browser may detect an event at the client device that causes the network application to send or request application data. The embedded browser may access a copy of the application data from encrypted cache of the embedded browser. The encrypted cache may be maintained for the user and store application data for network application(s) accessed by the user. The embedded browser may use the cached application data for establishing or updating a user interface of the network application for display at the client device.

公开(公告)号：US12192237B2

公开(公告)日：2025-01-07

申请号：US17236233

申请日：2021-04-21

Applicant: Citrix Systems, Inc.

Inventor： Andrew Penner ,  Tushar Kanekar

IPC: H04L9/40 ,  H04L67/63

Abstract: Systems and methods for detecting attacks using a handshake request are provided. A plurality of devices can receive a plurality of handshake requests to establish TLS connections that include a respective application request. At least one of the plurality of handshake requests can include a first application request. The plurality of devices can record each of the respective application requests to a registry of application requests. A first device of the plurality of devices can receive a subsequent handshake request to establish a subsequent TLS connection that includes the first application request. The first device can query, prior to accepting the first application request, the registry for the first application request. The first device can determine whether to accept or reject the first application request responsive to identifying from the query that the first application request has not been or has been recorded in the registry.

公开(公告)号：US12095822B2

公开(公告)日：2024-09-17

申请号：US17403558

申请日：2021-08-16

Applicant: Citrix Systems, Inc.

Inventor： Abhishek Chauhan

IPC: H04L9/40 ,  G06F21/62

CPC classification number: H04L63/205 ,  G06F21/6245 ,  H04L63/0471 ,  H04L63/10 ,  H04L63/0263

Abstract: Embodiments described include a method for implementing a privacy policy by a device intermediary to a plurality of clients and one or more servers. The method can include identifying, by a device intermediary to a plurality of clients and one or more servers, network traffic of a user that has not selected an option of a plurality of options of a privacy policy managed by the device. The method can include receiving, by the device, an indicator of a selection by the user of the option from the plurality of options of the privacy policy. The method can include handling, by the device, network traffic of the user according to the selected option of the privacy policy.

公开(公告)号：US12093157B2

公开(公告)日：2024-09-17

申请号：US17740016

申请日：2022-05-09

Applicant: Citrix Systems, Inc.

Inventor： Sharine Xia

IPC: G06F11/00 ,  G06F11/07 ,  G06F11/30 ,  G06F11/32

CPC classification number: G06F11/3075 ,  G06F11/076 ,  G06F11/0787 ,  G06F11/3006 ,  G06F11/324

Abstract: Aspects of the disclosure relate to various systems and techniques that provide methods and systems for identifying log event for computing systems. For example, a computing device may receive a log event of an application, and determine a value representative of an inverse relationship between a frequency of the log event and a criticality of the log event. The computing device may initiate an action to address the event indicated by the log event based on a comparison between the determined value and a threshold.

公开(公告)号：US12028338B2

公开(公告)日：2024-07-02

申请号：US17503852

申请日：2021-10-18

Applicant: Citrix Systems, Inc.

Inventor： Abhishek Chauhan

IPC: H04L29/06 ,  H04L9/40 ,  H04L67/146 ,  H04L67/02

CPC classification number: H04L63/0853 ,  H04L63/20 ,  H04L67/146 ,  H04L67/02

Abstract: Systems and methods discussed for redirection of launch requests for local applications to corresponding remote applications, such as SaaS or network applications provided by an application server, and access of the corresponding remote application via an embedded browser of a client application. A client application executed by a client device may detect a request of a user to launch a local application of the client device. The client application may determine that the local application corresponds to a network application provided by an application server. The client application may intercept the request to launch the local application, responsive to the determination. An embedded browser of the client application may access the network application from the application server, responsive to interception of the request.