-
公开(公告)号:US20120216274A1
公开(公告)日:2012-08-23
申请号:US13212068
申请日:2011-08-17
申请人: Abhishek Chauhan , Rajiv Mirani , Prince Kohli , Namit Sikka
发明人: Abhishek Chauhan , Rajiv Mirani , Prince Kohli , Namit Sikka
CPC分类号: H04L63/0263 , H04L63/0236
摘要: A method of a device for filtering messages routing across a network includes extracting, by a filter configured on the device, a plurality of message components from messages received via a network. The plurality of message components is identified as having at least a field name in common, including a first field name. A learning engine configured on the device creates a list of data types for values of the first field name. The list includes one or more data types of a value of the first field name identified for each of the plurality of message components. The learning engine determines a most restrictive data type from the list of data types for the values of the first field name of the plurality of message components.
摘要翻译: 用于过滤通过网络的消息路由的设备的方法包括通过经由网络接收的消息从设备上配置的过滤器提取多个消息组件。 多个消息组件被识别为具有至少一个共同的字段名称,包括第一字段名称。 在设备上配置的学习引擎为第一个字段名称的值创建数据类型的列表。 列表包括为多个消息组件中的每一个标识的第一字段名称的值的一个或多个数据类型。 学习引擎从多个消息组件的第一字段名称的值的数据类型列表中确定最严格的数据类型。
-
2.发明申请USING STATISTICAL ANALYSIS TO GENERATE EXCEPTION RULES THAT ALLOW LEGITIMATE MESSAGES TO PASS THROUGH APPLICATION PROXIES AND GATEWAYS 有权使用统计分析来生成例外规则,允许通过应用程序和网关通过消息传递消息公开(公告)号:US20100132029A1
公开(公告)日:2010-05-27
申请号:US12694902
申请日:2010-01-27
申请人: Abhishek Chauhan , Rajiv Mirani , Prince Kohli
发明人: Abhishek Chauhan , Rajiv Mirani , Prince Kohli
IPC分类号: G06F17/00
CPC分类号: H04L63/0227 , H04L63/029
摘要: A security gateway receives messages rejected by a message filter based on a set of rules. The security gateway also receives attributes of the rejected messages that triggered the rules. The security gateway maintains frequencies with which the messages with a particular attribute were rejected by the rules. The security gateway finds rejected messages or attributes having a high frequency of occurrence. Since messages or attributes having a high frequency of occurrences are more likely to represent legitimate requests rather than malicious attacks, the security gateway generates exception rules, which would allow messages that have similar attributes to pass through the gateway.
摘要翻译: 安全网关基于一组规则接收消息过滤器拒绝的消息。 安全网关还接收触发规则的被拒绝消息的属性。 安全网关维护具有特定属性的消息被规则拒绝的频率。 安全网关发现具有高频率发生的被拒绝的消息或属性。 由于具有高频率出现的消息或属性更有可能代表合法请求而不是恶意攻击,因此安全网关将生成异常规则,这将允许具有类似属性的消息通过网关。
-
公开(公告)号:US20100017869A1
公开(公告)日:2010-01-21
申请号:US12569006
申请日:2009-09-29
申请人: Abhishek Chauhan , Rajiv Mirani , Prince Kohli , Namit Sikka
发明人: Abhishek Chauhan , Rajiv Mirani , Prince Kohli , Namit Sikka
CPC分类号: H04L63/0263 , H04L63/0236
摘要: A method of a device for filtering messages routing across a network includes extracting, by a filter configured on the device, a plurality of message components from messages received via a network. The plurality of message components is identified as having at least a field name in common, including a first field name. A learning engine configured on the device creates a list of data types for values of the first field name. The list includes one or more data types of a value of the first field name identified for each of the plurality of message components. The learning engine determines a most restrictive data type from the list of data types for the values of the first field name of the plurality of message components.
摘要翻译: 用于过滤通过网络的消息路由的设备的方法包括通过经由网络接收的消息从设备上配置的过滤器提取多个消息组件。 多个消息组件被识别为具有至少一个共同的字段名称,包括第一字段名称。 在设备上配置的学习引擎为第一个字段名称的值创建数据类型的列表。 列表包括为多个消息组件中的每一个标识的第一字段名称的值的一个或多个数据类型。 学习引擎从多个消息组件的第一字段名称的值的数据类型列表中确定最严格的数据类型。
-
公开(公告)号:US08695084B2
公开(公告)日:2014-04-08
申请号:US13212068
申请日:2011-08-17
申请人: Abhishek Chauhan , Rajiv Mirani , Prince Kohli , Namit Sikka
发明人: Abhishek Chauhan , Rajiv Mirani , Prince Kohli , Namit Sikka
IPC分类号: H04L29/06
CPC分类号: H04L63/0263 , H04L63/0236
摘要: A method of a device for filtering messages routing across a network includes extracting, by a filter configured on the device, a plurality of message components from messages received via a network. The plurality of message components is identified as having at least a field name in common, including a first field name. A learning engine configured on the device creates a list of data types for values of the first field name. The list includes one or more data types of a value of the first field name identified for each of the plurality of message components. The learning engine determines a most restrictive data type from the list of data types for the values of the first field name of the plurality of message components.
摘要翻译: 用于过滤通过网络的消息路由的设备的方法包括通过经由网络接收的消息从设备上配置的过滤器提取多个消息组件。 多个消息组件被识别为具有至少一个共同的字段名称,包括第一字段名称。 在设备上配置的学习引擎为第一个字段名称的值创建数据类型的列表。 列表包括为多个消息组件中的每一个标识的第一字段名称的值的一个或多个数据类型。 学习引擎从多个消息组件的第一字段名称的值的数据类型列表中确定最严格的数据类型。
-
公开(公告)号:US08695083B2
公开(公告)日:2014-04-08
申请号:US12827415
申请日:2010-06-30
申请人: Abhishek Chauhan , Rajiv Mirani , Prince Kohli , Priya Nanduri
发明人: Abhishek Chauhan , Rajiv Mirani , Prince Kohli , Priya Nanduri
IPC分类号: H04L29/06
CPC分类号: H04L63/0263 , H04L63/0236 , H04L63/1425
摘要: A security gateway receives messages, such as URL requests, rejected by a message filter based on a set of rules. The security gateway maintains frequencies with which the messages were rejected by the rules. The security gateway finds rejected messages having a high frequency of occurrence. Since messages having a high frequency of occurrences are more likely to represent legitimate requests rather than malicious attacks, the security gateway generates exception rules, which would allow similar messages to pass through the gateway.
摘要翻译: 安全网关接收基于一组规则的消息过滤器拒绝的消息,例如URL请求。 安全网关维护消息被规则拒绝的频率。 安全网关发现具有高频率发生的被拒绝消息。 由于具有高频率发生的消息更有可能代表合法请求而不是恶意攻击,因此安全网关将生成异常规则,这将允许类似的消息通过网关。
-
6.发明授权Using application gateways to protect unauthorized transmission of confidential data via web applications 有权使用应用网关通过Web应用保护未经授权的机密数据传输公开(公告)号:US08458783B2
公开(公告)日:2013-06-04
申请号:US12351199
申请日:2009-01-09
IPC分类号: G06F9/00
CPC分类号: H04L63/0245 , H04L63/0263 , H04L63/168
摘要: A security gateway receives messages transmitted between a server and a client device on a network and parses the messages into a plurality of data objects, such as strings and name-value pairs. The data objects may represent user personal identification information, such as user name, social security number, credit card number, patient code, driver's license number, and other personal identification information. The security gateway uses rules to recognize data objects and validate the data objects to determine whether the recognized data objects are appropriately included within the context. The security gateway may also perform an action on the data objects. Data objects that are not appropriately included in the context may be transformed, suppressed or disallowed.
摘要翻译: 安全网关接收网络上的服务器和客户端设备之间传输的消息,并将消息解析成多个数据对象,如字符串和名称 - 值对。 数据对象可以表示用户个人识别信息,例如用户名,社会安全号码,信用卡号,病人码,驾驶执照号码和其他个人识别信息。 安全网关使用规则来识别数据对象并验证数据对象,以确定识别的数据对象是否被适当地包含在上下文中。 安全网关还可以对数据对象执行动作。 未被适当地包括在上下文中的数据对象可能被转换,抑制或不允许。
-
公开(公告)号:US20100269170A1
公开(公告)日:2010-10-21
申请号:US12827415
申请日:2010-06-30
申请人: Abhishek Chauhan , Rajiv Mirani , Prince Kohli , Priya Nanduri
发明人: Abhishek Chauhan , Rajiv Mirani , Prince Kohli , Priya Nanduri
CPC分类号: H04L63/0263 , H04L63/0236 , H04L63/1425
摘要: A security gateway receives messages, such as URL requests, rejected by a message filter based on a set of rules. The security gateway maintains frequencies with which the messages were rejected by the rules. The security gateway finds rejected messages having a high frequency of occurrence. Since messages having a high frequency of occurrences are more likely to represent legitimate requests rather than malicious attacks, the security gateway generates exception rules, which would allow similar messages to pass through the gateway.
摘要翻译: 安全网关接收基于一组规则的消息过滤器拒绝的消息,例如URL请求。 安全网关维护消息被规则拒绝的频率。 安全网关发现具有高频率发生的被拒绝消息。 由于具有高频率发生的消息更有可能代表合法请求而不是恶意攻击,所以安全网关产生异常规则,这将允许类似的消息通过网关。
-
8.发明授权Using statistical analysis to generate exception rules that allow legitimate messages to pass through application proxies and gateways 有权使用统计分析来生成允许合法消息通过应用程序代理和网关的异常规则公开(公告)号:US08261340B2
公开(公告)日:2012-09-04
申请号:US12694902
申请日:2010-01-27
申请人: Abhishek Chauhan , Rajiv Mirani , Prince Kohli
发明人: Abhishek Chauhan , Rajiv Mirani , Prince Kohli
IPC分类号: H04L29/06
CPC分类号: H04L63/0227 , H04L63/029
摘要: A security gateway receives messages rejected by a message filter based on a set of rules. The security gateway also receives attributes of the rejected messages that triggered the rules. The security gateway maintains frequencies with which the messages with a particular attribute were rejected by the rules. The security gateway finds rejected messages or attributes having a high frequency of occurrence. Since messages or attributes having a high frequency of occurrences are more likely to represent legitimate requests rather than malicious attacks, the security gateway generates exception rules, which would allow messages that have similar attributes to pass through the gateway.
摘要翻译: 安全网关基于一组规则接收消息过滤器拒绝的消息。 安全网关还接收触发规则的被拒绝消息的属性。 安全网关维护具有特定属性的消息被规则拒绝的频率。 安全网关发现具有高频率发生的被拒绝的消息或属性。 由于具有高频率出现的消息或属性更有可能代表合法请求而不是恶意攻击,因此安全网关将生成异常规则,这将允许具有类似属性的消息通过网关。
-
公开(公告)号:US08011009B2
公开(公告)日:2011-08-30
申请号:US12569006
申请日:2009-09-29
申请人: Abhishek Chauhan , Rajiv Mirani , Prince Kohli , Namit Sikka
发明人: Abhishek Chauhan , Rajiv Mirani , Prince Kohli , Namit Sikka
CPC分类号: H04L63/0263 , H04L63/0236
摘要: A method of a device for filtering messages routing across a network includes extracting, by a filter configured on the device, a plurality of message components from messages received via a network. The plurality of message components is identified as having at least a field name in common, including a first field name. A learning engine configured on the device creates a list of data types for values of the first field name. The list includes one or more data types of a value of the first field name identified for each of the plurality of message components. The learning engine determines a most restrictive data type from the list of data types for the values of the first field name of the plurality of message components.
摘要翻译: 用于过滤通过网络的消息路由的设备的方法包括通过经由网络接收的消息从设备上配置的过滤器提取多个消息组件。 多个消息组件被识别为具有至少一个共同的字段名称,包括第一字段名称。 在设备上配置的学习引擎为第一个字段名称的值创建数据类型的列表。 列表包括为多个消息组件中的每一个标识的第一字段名称的值的一个或多个数据类型。 学习引擎从多个消息组件的第一字段名称的值的数据类型列表中确定最严格的数据类型。
-
10.发明授权Using statistical analysis to generate exception rules that allow legitimate messages to pass through application proxies and gateways 有权使用统计分析来生成允许合法消息通过应用程序代理和网关的异常规则公开(公告)号:US07890996B1
公开(公告)日:2011-02-15
申请号:US10782739
申请日:2004-02-18
申请人: Abhishek Chauhan , Rajiv Mirani , Prince Kohli
发明人: Abhishek Chauhan , Rajiv Mirani , Prince Kohli
CPC分类号: H04L63/0227 , H04L63/029
摘要: A security gateway receives messages rejected by a message filter based on a set of rules. The security gateway also receives attributes of the rejected messages that triggered the rules. The security gateway maintains frequencies with which the messages with a particular attribute were rejected by the rules. The security gateway finds rejected messages or attributes having a high frequency of occurrence. Since messages or attributes having a high frequency of occurrences are more likely to represent legitimate requests rather than malicious attacks, the security gateway generates exception rules, which would allow messages that have similar attributes to pass through the gateway.
摘要翻译: 安全网关基于一组规则接收消息过滤器拒绝的消息。 安全网关还接收触发规则的被拒绝消息的属性。 安全网关维护具有特定属性的消息被规则拒绝的频率。 安全网关发现具有高频率发生的被拒绝的消息或属性。 由于具有高频率出现的消息或属性更有可能代表合法请求而不是恶意攻击,因此安全网关将生成异常规则,这将允许具有类似属性的消息通过网关。
-
-
-
-
-
-
-
-
-
搜索结果
13 条记录 (耗时 0.012 秒)
