ATE504148T1 - Verfahren, aufzeichnungsmedium und netzwerkleitungskarte zum ausführen der inhaltsinspektion über mehrere pakete hinweg - Google Patents

Verfahren, aufzeichnungsmedium und netzwerkleitungskarte zum ausführen der inhaltsinspektion über mehrere pakete hinweg

Info

Publication number
ATE504148T1
ATE504148T1 AT06850502T AT06850502T ATE504148T1 AT E504148 T1 ATE504148 T1 AT E504148T1 AT 06850502 T AT06850502 T AT 06850502T AT 06850502 T AT06850502 T AT 06850502T AT E504148 T1 ATE504148 T1 AT E504148T1
Authority
AT
Austria
Prior art keywords
packet
content inspection
state
employed
pattern data
Prior art date
Application number
AT06850502T
Other languages
English (en)
Inventor
Santosh Balakrishnan
Venkatraman Ramakrishna
Original Assignee
Intel Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Intel Corp filed Critical Intel Corp
Application granted granted Critical
Publication of ATE504148T1 publication Critical patent/ATE504148T1/de

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0245Filtering by information in the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/02Capturing of monitoring data
    • H04L43/026Capturing of monitoring data using flow identification
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0263Rule management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/50Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Testing, Inspecting, Measuring Of Stereoscopic Televisions And Televisions (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
AT06850502T 2005-06-30 2006-06-30 Verfahren, aufzeichnungsmedium und netzwerkleitungskarte zum ausführen der inhaltsinspektion über mehrere pakete hinweg ATE504148T1 (de)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US11/174,373 US7784094B2 (en) 2005-06-30 2005-06-30 Stateful packet content matching mechanisms
PCT/US2006/026069 WO2007120165A2 (en) 2005-06-30 2006-06-30 Stateful packet content matching mechanisms

Publications (1)

Publication Number Publication Date
ATE504148T1 true ATE504148T1 (de) 2011-04-15

Family

ID=37619733

Family Applications (1)

Application Number Title Priority Date Filing Date
AT06850502T ATE504148T1 (de) 2005-06-30 2006-06-30 Verfahren, aufzeichnungsmedium und netzwerkleitungskarte zum ausführen der inhaltsinspektion über mehrere pakete hinweg

Country Status (7)

Country Link
US (1) US7784094B2 (de)
EP (1) EP1905213B1 (de)
JP (1) JP4598127B2 (de)
CN (1) CN101258721B (de)
AT (1) ATE504148T1 (de)
DE (1) DE602006021028D1 (de)
WO (1) WO2007120165A2 (de)

Families Citing this family (157)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
AU2003255288A1 (en) * 2002-09-12 2004-04-30 International Business Machines Corporation A method and apparatus for deep packet processing
US8560475B2 (en) 2004-09-10 2013-10-15 Cavium, Inc. Content search mechanism that uses a deterministic finite automata (DFA) graph, a DFA state machine, and a walker process
US7784094B2 (en) 2005-06-30 2010-08-24 Intel Corporation Stateful packet content matching mechanisms
US7430560B1 (en) * 2005-07-22 2008-09-30 X-Engines, Inc. Multi-level compressed lock-up tables formed by logical operations to compress selected index bits
JP4810915B2 (ja) * 2005-07-28 2011-11-09 日本電気株式会社 データ検索装置及び方法、並びにコンピュータ・プログラム
US7778250B2 (en) * 2005-08-11 2010-08-17 Ericsson Ab Method and apparatus for securing a layer II bridging switch/switch for subscriber aggregation
US7984180B2 (en) * 2005-10-20 2011-07-19 Solarflare Communications, Inc. Hashing algorithm for network receive filtering
GB2416891B (en) * 2005-11-09 2006-11-01 Streamshield Networks Ltd A network implemented content processing system
US7725573B2 (en) * 2005-11-29 2010-05-25 Intel Corporation Methods and apparatus for supporting agile run-time network systems via identification and execution of most efficient application code in view of changing network traffic conditions
JP4767057B2 (ja) * 2006-03-27 2011-09-07 富士通株式会社 ハッシュ値生成プログラム、ストレージ管理プログラム、判定プログラム及びデータ変更検証装置
US8009566B2 (en) * 2006-06-26 2011-08-30 Palo Alto Networks, Inc. Packet classification in a network security device
US8234706B2 (en) * 2006-09-08 2012-07-31 Microsoft Corporation Enabling access to aggregated software security information
US9147271B2 (en) 2006-09-08 2015-09-29 Microsoft Technology Licensing, Llc Graphical representation of aggregated data
US7644080B2 (en) * 2006-09-19 2010-01-05 Netlogic Microsystems, Inc. Method and apparatus for managing multiple data flows in a content search system
US7529746B2 (en) * 2006-09-19 2009-05-05 Netlogic Microsystems, Inc. Search circuit having individually selectable search engines
US7624105B2 (en) * 2006-09-19 2009-11-24 Netlogic Microsystems, Inc. Search engine having multiple co-processors for performing inexact pattern search operations
US7539032B2 (en) 2006-09-19 2009-05-26 Netlogic Microsystems, Inc. Regular expression searching of packet contents using dedicated search circuits
US7539031B2 (en) * 2006-09-19 2009-05-26 Netlogic Microsystems, Inc. Inexact pattern searching using bitmap contained in a bitcheck command
US8051474B1 (en) * 2006-09-26 2011-11-01 Avaya Inc. Method and apparatus for identifying trusted sources based on access point
US8191142B2 (en) * 2006-10-26 2012-05-29 Polytechnic Institute Of New York University Detecting whether an arbitrary-length bit string input matches one of a plurality of known arbitrary-length bit strings using a hierarchical data structure
US7827218B1 (en) 2006-11-18 2010-11-02 X-Engines, Inc. Deterministic lookup using hashed key in a multi-stride compressed trie structure
WO2008067743A1 (en) 2006-12-08 2008-06-12 Hangzhou H3C Technologies Co., Ltd. A pattern matching method and apparatus
US7860849B1 (en) 2007-01-18 2010-12-28 Netlogic Microsystems, Inc. Optimizing search trees by increasing success size parameter
US7630982B2 (en) 2007-02-24 2009-12-08 Trend Micro Incorporated Fast identification of complex strings in a data stream
US20080219261A1 (en) * 2007-03-06 2008-09-11 Lin Yeejang James Apparatus and method for processing data streams
US8594085B2 (en) * 2007-04-11 2013-11-26 Palo Alto Networks, Inc. L2/L3 multi-mode switch including policy processing
US20080320596A1 (en) * 2007-06-22 2008-12-25 Feng Chi Wang Distributed digital rights management system and methods for use therewith
US8302197B2 (en) * 2007-06-28 2012-10-30 Microsoft Corporation Identifying data associated with security issue attributes
US8250651B2 (en) * 2007-06-28 2012-08-21 Microsoft Corporation Identifying attributes of aggregated data
US9270641B1 (en) * 2007-07-31 2016-02-23 Hewlett Packard Enterprise Development Lp Methods and systems for using keywords preprocessing, Boyer-Moore analysis, and hybrids thereof, for processing regular expressions in intrusion-prevention systems
US20090041013A1 (en) * 2007-08-07 2009-02-12 Mitchell Nathan A Dynamically Assigning A Policy For A Communication Session
US20090041014A1 (en) * 2007-08-08 2009-02-12 Dixon Walter G Obtaining Information From Tunnel Layers Of A Packet At A Midpoint
US8819217B2 (en) * 2007-11-01 2014-08-26 Cavium, Inc. Intelligent graph walking
US20100262684A1 (en) * 2007-11-16 2010-10-14 France Telecom Method and device for packet classification
US8885644B2 (en) 2008-02-28 2014-11-11 Alcatel Lucent Compressed IP flow recognition for in-line, integrated mobile DPI
US8386461B2 (en) * 2008-06-16 2013-02-26 Qualcomm Incorporated Method and apparatus for generating hash mnemonics
WO2010038019A2 (en) * 2008-09-30 2010-04-08 Clearpace Software Limited System and method for data storage
US8473523B2 (en) 2008-10-31 2013-06-25 Cavium, Inc. Deterministic finite automata graph traversal with nodal bit mapping
US8873556B1 (en) * 2008-12-24 2014-10-28 Palo Alto Networks, Inc. Application based packet forwarding
ATE536030T1 (de) * 2008-12-24 2011-12-15 Mitsubishi Electric Corp Partieller wiederzusammenbau zum mustervergleich
CN101771627B (zh) 2009-01-05 2015-04-08 武汉邮电科学研究院 互联网实时深度包解析和控制节点设备和方法
CN101478551B (zh) * 2009-01-19 2011-12-28 清华大学 基于多核处理器的多域网包分类方法
US8769664B1 (en) 2009-01-30 2014-07-01 Palo Alto Networks, Inc. Security processing in active security devices
US8051167B2 (en) * 2009-02-13 2011-11-01 Alcatel Lucent Optimized mirror for content identification
IL199616A0 (en) * 2009-06-28 2010-05-17 Chaim Shen Orr Pattern-free encryption
KR101292887B1 (ko) * 2009-12-21 2013-08-02 한국전자통신연구원 패킷 동일성 검사를 이용한 라우터의 패킷 스트림 모니터링 장치 및 방법
US9264321B2 (en) 2009-12-23 2016-02-16 Juniper Networks, Inc. Methods and apparatus for tracking data flow based on flow state values
IT1398339B1 (it) * 2010-03-09 2013-02-22 Dainotti Metodo e sistema per la classificazione di flussi di traffico in una rete di comunicazione dati che utilizza firme basate sul contenuto del traffico
EP2393030A3 (de) * 2010-06-07 2012-02-29 Samsung SDS Co. Ltd. System gegen Malware und Betriebsverfahren davon
EP2400424B8 (de) * 2010-06-18 2016-05-18 Samsung SDS Co., Ltd. Anti-Malware-System und Betriebsverfahren dafür
US8365287B2 (en) 2010-06-18 2013-01-29 Samsung Sds Co., Ltd. Anti-malware system and operating method thereof
US8930618B2 (en) 2010-08-24 2015-01-06 Futurewei Technologies, Inc. Smart memory
US8862603B1 (en) 2010-11-03 2014-10-14 Netlogic Microsystems, Inc. Minimizing state lists for non-deterministic finite state automatons
CN102143148B (zh) * 2010-11-29 2014-04-02 华为技术有限公司 用于通用协议解析的参数获取和通用协议解析方法及装置
KR20120066465A (ko) * 2010-12-14 2012-06-22 한국전자통신연구원 서비스 거부 공격 차단 방법
CN102546363A (zh) * 2010-12-21 2012-07-04 深圳市恒扬科技有限公司 一种报文处理方法、装置及设备
US9465836B2 (en) * 2010-12-23 2016-10-11 Sap Se Enhanced business object retrieval
IL210900A (en) 2011-01-27 2015-08-31 Verint Systems Ltd System and method for efficient classification and processing of network traffic
GB201101875D0 (en) * 2011-02-03 2011-03-23 Roke Manor Research A method and apparatus for communications analysis
EP2500838A1 (de) 2011-03-16 2012-09-19 Samsung SDS Co. Ltd. SOC-basierte Vorrichtung zum Paketfiltern und Paketfilterverfahren dafür
US8909813B2 (en) * 2011-03-22 2014-12-09 Ramot At Tel-Aviv University Ltd. Efficient processing of compressed communication traffic
US8695096B1 (en) 2011-05-24 2014-04-08 Palo Alto Networks, Inc. Automatic signature generation for malicious PDF files
US9047441B2 (en) 2011-05-24 2015-06-02 Palo Alto Networks, Inc. Malware analysis system
US9525630B2 (en) 2011-08-02 2016-12-20 Cavium, Inc. Method and apparatus for assigning resources used to manage transport operations between clusters within a processor
US8918375B2 (en) * 2011-08-31 2014-12-23 Microsoft Corporation Content aware chunking for achieving an improved chunk size distribution
US9154335B2 (en) * 2011-11-08 2015-10-06 Marvell Israel (M.I.S.L) Ltd. Method and apparatus for transmitting data on a network
KR102019104B1 (ko) * 2012-01-20 2019-09-06 한국전자통신연구원 다중 네트워크 인터페이스 카드를 이용한 트래픽 처리방법 및 네트워크 디바이스
CN103226551B (zh) * 2012-01-31 2016-05-25 中国科学技术大学 基于tcam的非确定性有限自动机的匹配方法和装置
CN103248530B (zh) * 2012-02-09 2015-12-16 深圳市恒扬科技股份有限公司 一种基于浮动位置的特征字分流检测方法及装置
EP2817761B1 (de) 2012-02-24 2024-10-23 Missing Link Electronics, Inc. In mehreren domänen angewendete partitionierungssysteme
US9798588B1 (en) 2012-04-25 2017-10-24 Significs And Elements, Llc Efficient packet forwarding using cyber-security aware policies
US9634945B2 (en) * 2012-08-30 2017-04-25 Hughes Network Systems, Llc Apparatus and method for staged traffic classification among terminal and aggregation nodes of a broadband communications system
CN103023883A (zh) * 2012-11-26 2013-04-03 清华大学 基于ac自动机和后缀树的字符串匹配方法
CN103873317B (zh) * 2012-12-18 2017-04-12 中国科学院空间科学与应用研究中心 一种ccsds空间链路协议检测方法及系统
CN103441889B (zh) * 2013-01-25 2017-05-03 刘俊 一种统计信息生成方法和系统
US9130819B2 (en) * 2013-03-15 2015-09-08 Cavium, Inc. Method and apparatus for scheduling rule matching in a processor
CN104253786B (zh) * 2013-06-26 2017-07-07 北京思普崚技术有限公司 一种基于正则表达式的深度包检测方法
CN103354522B (zh) 2013-06-28 2016-08-10 华为技术有限公司 一种多级流表查找方法和装置
JP6351363B2 (ja) * 2013-08-01 2018-07-04 キヤノン株式会社 通信装置およびそのデータ処理方法
CN104426768B (zh) * 2013-09-05 2018-06-15 华为技术有限公司 一种数据报文转发方法及装置
US9923870B2 (en) * 2013-12-12 2018-03-20 Nec Corporation Method and system for analyzing a data flow
US10635719B2 (en) * 2013-12-23 2020-04-28 British Telecommunications Plc Pattern matching machine with mapping table
EP3087508A1 (de) * 2013-12-23 2016-11-02 British Telecommunications Public Limited Company Verbesserte musterabgleichmaschine
EP3087510A1 (de) 2013-12-23 2016-11-02 British Telecommunications Public Limited Company Verbesserte musterabgleichmaschine für sich wiederholende symbole
US9544402B2 (en) 2013-12-31 2017-01-10 Cavium, Inc. Multi-rule approach to encoding a group of rules
US9667446B2 (en) 2014-01-08 2017-05-30 Cavium, Inc. Condition code approach for comparing rule and packet data that are provided in portions
CN105900065A (zh) * 2014-01-13 2016-08-24 华为技术有限公司 模式处理方法
US9588923B2 (en) 2014-01-24 2017-03-07 Applied Micro Circuits Corporation Flow pinning in a server on a chip
US10789227B2 (en) * 2014-03-31 2020-09-29 Nec Solution Innovators, Ltd Data structure, information processing device, information processing method, and program recording medium
US9237129B2 (en) 2014-05-13 2016-01-12 Dell Software Inc. Method to enable deep packet inspection (DPI) in openflow-based software defined network (SDN)
US9680797B2 (en) * 2014-05-28 2017-06-13 Oracle International Corporation Deep packet inspection (DPI) of network packets for keywords of a vocabulary
US9729512B2 (en) 2014-06-04 2017-08-08 Nicira, Inc. Use of stateless marking to speed up stateful firewall rule processing
US9825913B2 (en) * 2014-06-04 2017-11-21 Nicira, Inc. Use of stateless marking to speed up stateful firewall rule processing
US9742881B2 (en) * 2014-06-30 2017-08-22 Nicira, Inc. Network virtualization using just-in-time distributed capability for classification encoding
US10375087B2 (en) * 2014-07-21 2019-08-06 Honeywell International Inc. Security architecture for the connected aircraft
US9537872B2 (en) 2014-12-31 2017-01-03 Dell Software Inc. Secure neighbor discovery (SEND) using pre-shared key
US9998425B2 (en) 2015-01-27 2018-06-12 Sonicwall Inc. Dynamic bypass of TLS connections matching exclusion list in DPI-SSL in a NAT deployment
CN104901829B (zh) * 2015-04-09 2018-06-22 清华大学 基于动作编码的路由数据转发行为一致性验证方法及装置
WO2016171690A1 (en) * 2015-04-23 2016-10-27 Hewlett Packard Enterprise Development Lp Pre-filter rules for network infrastructure devices
WO2016171691A1 (en) * 2015-04-23 2016-10-27 Hewlett Packard Enterprise Development Lp Network infrastructure device to implement pre-filter rules
US9596215B1 (en) * 2015-04-27 2017-03-14 Juniper Networks, Inc. Partitioning a filter to facilitate filtration of packets
US10944695B2 (en) 2015-04-30 2021-03-09 Hewlett Packard Enterprise Development Lp Uplink port oversubscription determination
US9787641B2 (en) 2015-06-30 2017-10-10 Nicira, Inc. Firewall rule management
WO2017018980A1 (en) * 2015-07-24 2017-02-02 Applied Micro Circuits Corporation Flow pinning in a server on a chip
US11277383B2 (en) * 2015-11-17 2022-03-15 Zscaler, Inc. Cloud-based intrusion prevention system
US11038845B2 (en) 2016-02-23 2021-06-15 Nicira, Inc. Firewall in a virtualized computing environment using physical network interface controller (PNIC) level firewall rules
US10419321B2 (en) 2016-10-31 2019-09-17 Nicira, Inc. Managing resource consumption for distributed services
US10298619B2 (en) * 2016-12-16 2019-05-21 Nicira, Inc. Application template generation and deep packet inspection approach for creation of micro-segmentation policy for network applications
US10567440B2 (en) 2016-12-16 2020-02-18 Nicira, Inc. Providing application visibility for micro-segmentation of a network deployment
US11258681B2 (en) * 2016-12-16 2022-02-22 Nicira, Inc. Application assessment and visibility for micro-segmentation of a network deployment
US10673816B1 (en) * 2017-04-07 2020-06-02 Perspecta Labs Inc. Low delay network intrusion prevention
US10454965B1 (en) * 2017-04-17 2019-10-22 Symantec Corporation Detecting network packet injection
US10819683B2 (en) * 2017-11-20 2020-10-27 Forcepoint Llc Inspection context caching for deep packet inspection
US10742673B2 (en) 2017-12-08 2020-08-11 Nicira, Inc. Tracking the dynamics of application-centric clusters in a virtualized datacenter
US20190215306A1 (en) * 2018-01-11 2019-07-11 Nicira, Inc. Rule processing and enforcement for interleaved layer 4, layer 7 and verb based rulesets
US11431677B2 (en) * 2018-01-11 2022-08-30 Nicira, Inc. Mechanisms for layer 7 context accumulation for enforcing layer 4, layer 7 and verb-based rules
US11296960B2 (en) 2018-03-08 2022-04-05 Nicira, Inc. Monitoring distributed applications
ES2917448T3 (es) * 2018-03-16 2022-07-08 Acklio Método y aparato para procesar datos de mensaje
US10747819B2 (en) 2018-04-20 2020-08-18 International Business Machines Corporation Rapid partial substring matching
US10782968B2 (en) * 2018-08-23 2020-09-22 International Business Machines Corporation Rapid substring detection within a data element string
US10732972B2 (en) 2018-08-23 2020-08-04 International Business Machines Corporation Non-overlapping substring detection within a data element string
US10911335B1 (en) 2019-07-23 2021-02-02 Vmware, Inc. Anomaly detection on groups of flows
US11140090B2 (en) 2019-07-23 2021-10-05 Vmware, Inc. Analyzing flow group attributes using configuration tags
US11349876B2 (en) 2019-07-23 2022-05-31 Vmware, Inc. Security policy recommendation generation
US11176157B2 (en) 2019-07-23 2021-11-16 Vmware, Inc. Using keys to aggregate flows at appliance
US11188570B2 (en) 2019-07-23 2021-11-30 Vmware, Inc. Using keys to aggregate flow attributes at host
US11436075B2 (en) 2019-07-23 2022-09-06 Vmware, Inc. Offloading anomaly detection from server to host
US11340931B2 (en) 2019-07-23 2022-05-24 Vmware, Inc. Recommendation generation based on selection of selectable elements of visual representation
US11398987B2 (en) 2019-07-23 2022-07-26 Vmware, Inc. Host-based flow aggregation
US11288256B2 (en) 2019-07-23 2022-03-29 Vmware, Inc. Dynamically providing keys to host for flow aggregation
US11743135B2 (en) 2019-07-23 2023-08-29 Vmware, Inc. Presenting data regarding grouped flows
US10996951B2 (en) 2019-09-11 2021-05-04 International Business Machines Corporation Plausibility-driven fault detection in string termination logic for fast exact substring match
US11042371B2 (en) 2019-09-11 2021-06-22 International Business Machines Corporation Plausability-driven fault detection in result logic and condition codes for fast exact substring match
US11520738B2 (en) * 2019-09-20 2022-12-06 Samsung Electronics Co., Ltd. Internal key hash directory in table
US11588854B2 (en) 2019-12-19 2023-02-21 Vmware, Inc. User interface for defining security groups
US11321213B2 (en) 2020-01-16 2022-05-03 Vmware, Inc. Correlation key used to correlate flow and con text data
US12200016B2 (en) 2020-08-31 2025-01-14 Palo Alto Networks, Inc. Security platform with external inline processing of assembled selected traffic
US11875172B2 (en) 2020-09-28 2024-01-16 VMware LLC Bare metal computer for booting copies of VM images on multiple computing devices using a smart NIC
US11792134B2 (en) 2020-09-28 2023-10-17 Vmware, Inc. Configuring PNIC to perform flow processing offload using virtual port identifiers
KR102447130B1 (ko) * 2020-11-05 2022-09-26 국민대학교산학협력단 네트워크 패킷 분석 기반의 대상파일 검출 장치 및 방법
CN112100361B (zh) * 2020-11-12 2021-02-26 南京中孚信息技术有限公司 一种基于ac自动机的字符串多模模糊匹配方法
US11991187B2 (en) 2021-01-22 2024-05-21 VMware LLC Security threat detection based on network flow analysis
US11785032B2 (en) 2021-01-22 2023-10-10 Vmware, Inc. Security threat detection based on network flow analysis
CN113539405B (zh) * 2021-06-24 2024-03-19 北京天健源达科技股份有限公司 电子病历表格运算控件的处理方法
US11997120B2 (en) 2021-07-09 2024-05-28 VMware LLC Detecting threats to datacenter based on analysis of anomalous events
US11831667B2 (en) 2021-07-09 2023-11-28 Vmware, Inc. Identification of time-ordered sets of connections to identify threats to a datacenter
US11792151B2 (en) 2021-10-21 2023-10-17 Vmware, Inc. Detection of threats based on responses to name resolution requests
US12015591B2 (en) 2021-12-06 2024-06-18 VMware LLC Reuse of groups in security policy
US12229578B2 (en) 2021-12-22 2025-02-18 VMware LLC Teaming of smart NICs
US11995024B2 (en) 2021-12-22 2024-05-28 VMware LLC State sharing between smart NICs
US12034702B2 (en) * 2022-01-31 2024-07-09 Bank Of America Corporation Enhancing kernel security in cloud environment by performing a rules-based analysis of incoming data packets before routing them to the kernel
US12373237B2 (en) 2022-05-27 2025-07-29 VMware LLC Logical memory addressing by smart NIC across multiple devices
US12432211B2 (en) * 2022-06-09 2025-09-30 Marvell Israel (M.I.S.L) Ltd. Interleaved exact-match lookup table for multiple packet processing applications in a network device
US11928062B2 (en) 2022-06-21 2024-03-12 VMware LLC Accelerating data message classification with smart NICs
US11899594B2 (en) 2022-06-21 2024-02-13 VMware LLC Maintenance of data message classification cache on smart NIC
US12481444B2 (en) 2022-06-21 2025-11-25 VMware LLC Smart NIC responding to requests from client device
US12609946B2 (en) 2023-05-26 2026-04-21 Palo Alto Networks, Inc. Inline exploit detection via loose condition forwarding and cloud analysis

Family Cites Families (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH11161677A (ja) * 1997-11-28 1999-06-18 Ricoh Co Ltd 辞書照合装置
US6631466B1 (en) * 1998-12-31 2003-10-07 Pmc-Sierra Parallel string pattern searches in respective ones of array of nanocomputers
US6738846B1 (en) * 1999-02-23 2004-05-18 Sun Microsystems, Inc. Cooperative processing of tasks in a multi-threaded computing system
US6493698B1 (en) * 1999-07-26 2002-12-10 Intel Corporation String search scheme in a distributed architecture
JP2001168911A (ja) * 1999-12-09 2001-06-22 Hitachi Cable Ltd パケットフィルタ装置
AU2001232784A1 (en) 2000-01-30 2001-08-07 Celox Networks, Inc. Device and method for packet inspection
US7107265B1 (en) * 2000-04-06 2006-09-12 International Business Machines Corporation Software management tree implementation for a network processor
JP3609358B2 (ja) * 2000-08-17 2005-01-12 日本電信電話株式会社 フロー識別検索装置および方法
JP2002207630A (ja) * 2001-01-10 2002-07-26 Nec Access Technica Ltd コンテンツ閲覧システム及びそれに用いるコンテンツ閲覧方法
US20030110208A1 (en) * 2001-09-12 2003-06-12 Raqia Networks, Inc. Processing data across packet boundaries
US7181742B2 (en) * 2002-11-19 2007-02-20 Intel Corporation Allocation of packets and threads
US7305708B2 (en) * 2003-04-14 2007-12-04 Sourcefire, Inc. Methods and systems for intrusion detection
US20050108518A1 (en) * 2003-06-10 2005-05-19 Pandya Ashish A. Runtime adaptable security processor
US7463590B2 (en) 2003-07-25 2008-12-09 Reflex Security, Inc. System and method for threat detection and response
US7586851B2 (en) * 2004-04-26 2009-09-08 Cisco Technology, Inc. Programmable packet parsing processor
US7784094B2 (en) 2005-06-30 2010-08-24 Intel Corporation Stateful packet content matching mechanisms

Also Published As

Publication number Publication date
US20070011734A1 (en) 2007-01-11
EP1905213A2 (de) 2008-04-02
EP1905213B1 (de) 2011-03-30
US7784094B2 (en) 2010-08-24
JP2008544728A (ja) 2008-12-04
JP4598127B2 (ja) 2010-12-15
WO2007120165A2 (en) 2007-10-25
CN101258721B (zh) 2012-10-10
CN101258721A (zh) 2008-09-03
DE602006021028D1 (de) 2011-05-12
WO2007120165A3 (en) 2007-12-27

Similar Documents

Publication Publication Date Title
ATE504148T1 (de) Verfahren, aufzeichnungsmedium und netzwerkleitungskarte zum ausführen der inhaltsinspektion über mehrere pakete hinweg
DE602007002447D1 (de) Verfahren zum Erlernen und Weiterleiten von Ethernetdatenrahmen, Ethernet-Netzwerk und Brücke
ATE537645T1 (de) Inspektionsmechanismus für mehrstrukturpaketinhalt mit eigenschaftswerten
WO2008094433A3 (en) Method and apparatus to store data patterns
ATE535868T1 (de) Verfahren und vorrichtung zur aufzeichnung von datenadressen
DE602006012095D1 (de) Verfahren zum Betrieb von mehreren virtuellen Netzwerken
WO2008144964A8 (en) Detecting name entities and new words
DE502006001849D1 (de) Verfahren zum zugriff von einer datenstation auf ein elektronisches gerät
GB2460773A (en) Methods and apparatus for characterizing media
ATE514255T1 (de) Verfahren zum rekonfigurieren eines kommunikationsnetzwerks
EP4100851C0 (de) System, verfahren und computerprogramm zum einspeisen, verarbeiten, speichern und suchen von technologiewertdaten
DE602006001753D1 (de) Verfahren und Vorrichtung zum Extrahieren, basierend auf SNMP, von Zustandsinformationen von Netzwerkgeräten
NO20090572L (no) Prosessering av seismiske data
DE602006012370D1 (de) Einrichtung und verfahren zum verarbeiten eines audio-datenstroms
DE602005004045D1 (de) Vorrichtung, Verfahren und Computerprogramm zur Vermeidung von Datenverfälschung bei Schreibvorgängen
ATE366492T1 (de) Verfahren und vorrichtung zur unterstützung von transaktionen
ATE476803T1 (de) Tabellenteilung für kryptografische verfahren
CN104077422B (zh) 下载apk的去重方法及装置
DE602006015827D1 (de) Verfahren und Vorrichtung zur Erkennung der IP-Adresse eines Computers und damit verbundene Standortinformation
EP1942225A4 (de) Behandlung für papier und verfahren zur behandlung von papier
ATE476068T1 (de) Verfahren und vorrichtung zum umkonfigurieren eines gemeinsamen kanals
DE602006013666D1 (de) Verfahren und vorrichtung zum automatischen erstellung einer abspielliste durch segmentweisen merkmalsvergleich
GB0522941D0 (en) Method, apparatus and computer program product for determining a destination at which a group of devices can store data associated with the devices
CN102710542A (zh) 一种声音处理的方法及系统
TW200802076A (en) Method for handling hash collision of hash searching and apparatus using the same

Legal Events

Date Code Title Description
RER Ceased as to paragraph 5 lit. 3 law introducing patent treaties