US Patent No: 7,948,988

Number of patents in Portfolio can not be more than 2000

Device, system and method for analysis of fragments in a fragment train

ALSO PUBLISHED AS: 20080127342
1 Status Updates

Stats

ATTORNEY / AGENT: (SPONSORED)

Importance

Loading Importance Indicators... loading....

Abstract

See full text

Fragment trains in a communication network are analyzed. A fragment train includes fragments in the same fragment train and associated with the same target system. One or more fragment reassembly policies are identified out of several fragment reassembly policies, where the fragment reassembly policy corresponds to a target system associated with fragments in a fragment train. The data in the fragments in the fragment train are provided in an order indicated by the fragment reassembly policy. The fragment reassembly policy can include determining the order responsive to an offset and a more fragments indication in the fragments, and/or indicating an order specific to overlapped fragments such as comprehensively overlapped fragments.

Loading the Abstract Image... loading....

First Claim

See full text

Family

Loading Family data... loading....

Patent Owner(s)

Patent OwnerAddressTotal Patents
CISCO TECHNOLOGY, INC.SAN JOSE, CA12120

International Classification(s)

  • [Classification Symbol]
  • [Patents Count]

Inventor(s)

Inventor Name Address # of filed Patents Total Citations
Novak, Judy Hollis Marriotsville, US 3 31
Roesch, Martin Frederick Eldersburg, US 5 43
Sturges, Steven Ellicott City, US 4 33

Cited Art Landscape

Patent Info (Count) # Cites Year
 
Other [Check patent profile for assignment information] (5)
* 2002/0087,716 System and method for transmitting customized multi priority services on a single or multiple links over data link layer frames 96 2000
2002/0165,707 Methods and apparatus for storing and processing natural language text data as a sequence of fixed length integers 69 2001
2002/0066,034 Distributed network security deception system 140 2001
2004/0093,582 Method for allowing a computer to be used as an information kiosk while locked 46 2003
2009/0028,147 Segmenting data packets for over-network transmission at adjustable fragment boundary 25 2008
 
ZENO SECURITY CORPORATION (1)
2005/0005,169 System for real-time network-based vulnerability assessment of a host/device via real-time tracking, vulnerability assessment of services and a method thereof 53 2004
 
TREND MICRO INCORPORATED (2)
7,076,803 Integrated intrusion detection services 75 2002
2008/0168,561 HOST INTRUSION PREVENTION SERVER 31 2007
 
MISSION FOUNDSTONE, INC. (1)
7,257,630 System and method for network vulnerability detection and reporting 100 2003
 
NEXUS NABOT RESEARCH L.L.C. (1)
2005/0160,095 System, method and computer program product for guaranteeing electronic transactions 37 2005
 
CA, INC. (1)
5,796,942 Method and apparatus for automated network-wide surveillance and security breach intervention 325 1996
 
Bull HN Information Systems Inc. (1)
5,497,463 Ally mechanism for interconnecting non-distributed computing environment (DCE) and DCE systems to operate in a network system 221 1992
 
HITACHI, LTD. (2)
5,604,910 Method of and vector processor for searching text for key words based on candidate character strings obtained from the text using parallel processing 40 1990
4,985,863 Document storage and retrieval system 188 1990
 
VIRGINIA COMMONWEALTH UNIVERSITY (1)
6,334,121 Usage pattern based user authenticator 96 1999
 
Baan Development, B.V. (1)
5,987,473 Interactive configuration via network 50 1997
 
NETWORK SECURITY SYSTEMS, INC. (1)
2001/0034,847 Internet/network security method and system for checking security of a client from a remote facility 148 2001
 
AKAMAI TECHNOLOGIES, INC. (1)
2009/0132,648 CONTENT DELIVERY AND GLOBAL TRAFFIC MANAGEMENT NETWORK SYSTEM 41 2009
 
ORACLE INTERNATIONAL CORPORATION (1)
2002/0112,185 Intrusion threat detection 140 2001
 
APPLE INC. (1)
6,477,648 Trusted workstation in a networked client/server computing system 127 1997
 
AVAYA INC. (1)
2009/0041,020 CLOCK MANAGEMENT BETWEEN TWO ENDPOINTS 18 2007
 
SOORIYA NETWORKS, INC. (1)
2002/0083,344 Integrated intelligent inter/intra networking device 97 2001
 
LOCKHEED MARTIN CORPORATION (1)
2004/0172,234 Hardware accelerator personality compiler 50 2003
 
BELL TELEPHONE LABORATORIES, INCORPORATED (1)
4,550,436 Parallel text matching methods and apparatus 100 1983
 
SPYDER NAVIGATIONS L.L.C. (1)
2005/0268,332 Extensions to filter on IPv6 header 29 2004
 
INTERNATIONAL BUSINESS MACHINES CORPORATION (12)
5,404,488 Realtime data feed engine for updating an application with the most currently received data from multiple data feeds 124 1993
5,901,307 Processor having a selectively configurable branch prediction unit that can access a branch prediction utilizing bits derived from a plurality of sources 35 1996
5,999,937 System and method for converting data between data sets 93 1997
6,684,332 Method and system for the exchange of digitally signed objects over an insecure network 26 1998
2004/0010,684 METHOD AND SYSTEM FOR THE EXCHANGE OF DIGITALLY SIGNED OBJECTS OVER AN INSECURE NETWORK 37 1998
6,199,181 Method and system for maintaining restricted operating environments for application programs or operating systems 184 1998
6,754,826 Data processing system and method including a network access connector for limiting access to the network 39 1999
6,993,706 Method, apparatus, and program for a state machine framework 48 2002
2005/0076,066 Method, system, and program for retaining versions of files 74 2003
2005/0108,393 Host-based network intrusion detection systems 36 2003
2006/0174,337 System, method and program product to identify additional firewall rules that may be needed 46 2005
2006/0294,588 System, method and program for identifying and preventing malicious intrusions 45 2005
 
HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P. (10)
* 5,430,842 Insertion of network data checksums by a network adapter 71 1992
6,393,474 Dynamic policy management apparatus and method using active network devices 175 1998
6,320,848 Methods of altering dynamic decision trees 36 1999
7,134,141 System and method for host and network based intrusion detection and response 88 2001
6,999,998 Shared memory coupling of network infrastructure devices 34 2001
2003/0083,847 User interface for presenting data for an intrusion protection system 31 2001
2003/0101,353 Method, computer-readable medium, and node for detecting exploits based on an inbound signature of the exploit and an outbound signature in response thereto 66 2001
6,983,323 Multi-level packet screening with dynamically selected filtering criteria 39 2002
2004/0064,726 Vulnerability management and tracking system (VMTS) 50 2002
2005/0172,019 Network management 30 2005
 
AT&T IPM CORP. (1)
5,459,841 Finite state machine with minimized vector processing 31 1993
 
BLUE COAT SYSTEMS, INC. (1)
2007/0192,863 SYSTEMS AND METHODS FOR PROCESSING DATA FLOWS 146 2006
 
LUCENT TECHNOLOGIES INC. (1)
6,678,824 Application usage time limiter 61 1999
 
BELLSOUTH INTELLECTUAL PROPERTY CORPORATION (1)
7,113,789 Method and system for tracking facilities related information 35 2001
 
CISCO TECHNOLOGY, INC. (11)
6,324,656 System and method for rules-driven multi-phase network vulnerability assessment 286 1998
6,415,321 Domain mapping method and system 136 1998
6,499,107 Method and system for adaptive network security using intelligent packet analysis 292 1998
6,487,666 Intrusion detection signature analysis using regular expressions and logical operators 292 1999
7,054,930 System and method for propagating filters 54 2000
2003/0212,910 Method and system for reducing the false alarm rate of network intrusion detection systems 29 2003
7,350,077 802.11 using a compressed reassociation exchange to facilitate fast handoff 96 2003
7,305,708 Methods and systems for intrusion detection 40 2004
7,313,695 Systems and methods for dynamic threat assessment 27 2004
7,317,693 Systems and methods for determining the network topology of a network 60 2004
2007/0195,797 Network device that determines application-level network latency by monitoring option values in a transport layer message 29 2006
 
Check Point Software Technologies Inc. (1)
2005/0273,857 System and Methodology for Intrusion Detection and Prevention 46 2005
 
AIRDEFENSE, INC. (1)
2003/0217,283 Method and system for encrypted network management and intrusion detection 50 2002
 
GLOBALFOUNDRIES INC. (1)
5,870,554 Server selection method where a client selects a server according to address, operating system and found frame for remote booting 55 1996
 
LUCID SECURITY CORPORATION (1)
2004/0073,800 Adaptive intrusion detection system 54 2003
 
FUJITSU LIMITED (5)
5,963,942 Pattern search apparatus and method 76 1996
5,995,963 Apparatus and method of multi-string matching based on sparse state transition list 107 1997
2005/0210,098 Storage management system and method 5 2004
2005/0210,098 Storage management system and method 5 2004
2005/0210,098 Storage management system and method 5 2004
 
MOTOROLA, INC. (1)
5,222,081 Method of performing an autobaud function using a state flow machine 44 1991
 
HIGH TOWER SOFTWARE, INC. (1)
2004/0193,943 Multiparameter network fault detection system using probabilistic and aggregation analysis 66 2004
 
INTELLECTUAL VENTURES I LLC (2)
6,590,885 IP-flow characterization in a wireless point to multi-point (PTMP) transmission system 197 1999
2005/0268,331 Extension to the firewall configuration protocols and features 37 2004
 
SurfControl, Inc. (1)
6,219,786 Method and system for monitoring and controlling network access 222 1998
 
INVENSYS SYSTEMS, INC. (1)
2007/0027,913 System and method for retrieving information from a supervisory control manufacturing/production database 37 2005
 
INTEL CORPORATION (2)
6,587,876 Grouping targets of management policies 164 1999
7,174,566 Integrated network intrusion detection 80 2002
 
INSIDE SECURE (1)
6,678,734 Method for intercepting network packets in a computing device 93 1999
 
The United States of America as represented by the Secretary of the Navy (1)
4,857,912 Intelligent security assessment system 306 1988
 
MORGAN STANLEY & CO., INCORPORATED (1)
5,193,192 Vectorized LR parsing of computer programs 46 1990
 
SYMANTEC CORPORATION (2)
7,032,114 System and method for using signatures to detect computer intrusions 106 2000
7,065,657 Extensible intrusion detection system 79 2000
 
Covelight Systems, Inc. (1)
2005/0188,079 Methods, systems and computer program products for monitoring usage of a server application 60 2004
 
SRI INTERNATIONAL (2)
6,321,338 Network surveillance 441 1998
2004/0179,477 Method and apparatus for processing network packets 43 2004
 
Arbor Networks, Inc. (1)
7,596,807 Method and system for reducing scope of self-propagating attack code in network 22 2003
 
SITKA SPRUCE SECURITY LLC (1)
6,002,427 Security system with proximity sensing for an electronic device 190 1997
 
Tripwire, Inc. (3)
7,073,198 Method and system for detecting a vulnerability in a network 89 2000
6,957,348 Interoperability of vulnerability and intrusion detection systems 95 2001
7,181,769 Network security system having a device profiler communicatively coupled to a traffic monitor 88 2003
 
TENABLE NETWORK SECURITY, INC. (1)
2005/0229,255 System and method for scanning a network 61 2004
 
SYTEX, INC. (1)
2004/0221,176 Methodology, system and computer readable medium for rating computer system vulnerabilities 54 2003
 
RIVERBED TECHNOLOGY, INC. (1)
7,363,656 Event detection/anomaly correlation heuristics 52 2003
 
MICROSOFT TECHNOLOGY LICENSING, LLC (4)
* 6,766,320 Search engine with natural language-based robust parsing for user query and relevance feedback learning 270 2000
7,644,275 Pass-thru for client authentication 37 2003
2004/0210,756 Pass-thru for client authentication 63 2003
2004/0268,358 Network load balancing with host status information 139 2003
 
SPONTANEOUS NETWORKS, INC. (1)
2002/0035,639 Systems and methods for a packet director 66 2001
 
GOOGLE INC. (2)
2002/0133,481 Methods and apparatus for providing search results in response to an ambiguous search query 73 2000
2002/0133,481 Methods and apparatus for providing search results in response to an ambiguous search query 73 2000
 
KABUSHIKIGAISHA TEAMGIA (1)
2003/0140,250 Method and system of monitoring vulnerabilities 103 2002
 
Uro Denshi Kogyo Kabushiki Kaisha (1)
4,570,157 Infrared intrusion alarm system capable of preventing false signals 41 1983
 
VERIZON PATENT AND LICENSING INC. (1)
5,666,293 Downloading operating system software through a broadcast channel 622 1995
 
IPOLICY NETWORKS PRIVATE LTD. (1)
* 7,058,821 System and method for detection of intrusion attacks on packets transmitted on a network 52 2002
 
WYSE TECHNOLOGY INC. (1)
2003/0229,726 Default device configuration system and method for thin devices 25 2003
 
ALCATEL-LUCENT CANADA INC. (1)
5,917,821 Look-up engine for packet-based network 193 1996
 
CIENA CORPORATION (1)
7,310,688 Relative addressing for network elements 48 2000
 
Sensory Networks, Inc. (1)
2005/0114,700 Integrated circuit apparatus and method for high throughput signature based network applications 64 2003
 
COMPUTER ASSOCIATES THINK, INC. (1)
2005/0273,673 Systems and methods for minimizing security logs 24 2005
 
PROOFPOINT, INC. (1)
6,772,196 Electronic mail filtering system and methods 188 2000
 
GENERAL DYNAMICS GOVERNMENT SYSTEMS CORPORATION (1)
6,711,127 System for intrusion detection and vulnerability analysis in a telecommunications signaling network 140 1998
 
NOVELL INTELLECTUAL PROPERTY HOLDING, INC. (2)
5,919,257 Networked workstation intrusion detection system 334 1997
6,539,381 System and method for synchronizing database information 149 1999
 
CITRIX SYSTEMS, INC. (1)
6,141,686 Client-side application-classifier gathering network-traffic statistics and application and user names using extensible-service provider plugin for policy-based network control 438 1998
 
MATSUSHITA ELECTRIC WORKS, LTD. (1)
4,912,748 Infrared intrusion detector with a plurality of infrared ray detecting elements 59 1988
 
MATSUSHITA ELECTRIC INDUSTRIAL CO., LTD. (1)
5,495,409 Constructing method of finite-state machine performing transitions according to a partial type of success function and a failure function 32 1994
 
McAfee, Inc. (8)
6,343,362 System and method providing custom attack simulation language for testing networks 58 1999
6,789,202 Method and apparatus for providing a policy-driven intrusion detection system 165 1999
7,315,801 Network security modeling system and method 98 2000
6,851,061 System and method for intrusion detection data collection using a network protocol stack multiplexor 80 2000
7,096,503 Network-based risk-assessment tool for remotely detecting local computer vulnerabilities 66 2001
6,546,493 System, method and computer program product for risk assessment scanning based on detected anomalous events 158 2001
7,152,105 System and method for network vulnerability detection and reporting 134 2002
2003/0009,699 Method and apparatus for detecting intrusions on a computer system 114 2002
 
ETELEMETRY, INC. (2)
7,133,916 Asset tracker for identifying user of current internet protocol addresses within an organization's communications network 38 2003
2007/0288,579 NETWORK ASSET TRACKER FOR IDENTIFYING USERS OF NETWORKED COMPUTERS 41 2006
* Cited By Examiner

Patent Citation Ranking

Forward Cite Landscape

Patent Info (Count) # Cites Year
 
CISCO TECHNOLOGY, INC. (2)
9,055,094 Target-based SMB and DCE/RPC processing for an intrusion detection system or intrusion prevention system 0 2012
9,110,905 System and method for assigning network blocks to sensors 0 2013
* Cited By Examiner

Maintenance Fees

Fee Large entity fee small entity fee micro entity fee due date
7.5 Year Payment $3600.00 $1800.00 $900.00 Nov 24, 2018
11.5 Year Payment $7400.00 $3700.00 $1850.00 Nov 24, 2022
Fee Large entity fee small entity fee micro entity fee
Surcharge - 7.5 year - Late payment within 6 months $160.00 $80.00 $40.00
Surcharge - 11.5 year - Late payment within 6 months $160.00 $80.00 $40.00
Surcharge after expiration - Late payment is unavoidable $700.00 $350.00 $175.00
Surcharge after expiration - Late payment is unintentional $1,640.00 $820.00 $410.00