Patent application number | Description | Published |
20080208850 | FAST IDENTIFICATION OF COMPLEX STRINGS IN A DATA STREAM - A method for detecting and locating occurrence in a data stream of any complex string belonging to a predefined complex dictionary is disclosed. A complex string may comprise an arbitrary number of interleaving coherent strings and ambiguous strings. The method comprises a first process for transforming the complex dictionary into a simple structure to enable continuously conducting computationally efficient search, and a second process for examining received data in real time using the simple structure. The method may be realized by an article of manufacture comprising at least one processor-readable medium and instructions carried on the at least one medium. The instructions causes a processor to match examined data to an object complex string belonging to the complex dictionary, where the matching process is based on equality to constituent coherent strings, and congruence to ambiguous strings, of the object complex string. | 08-28-2008 |
20090077619 | METHOD AND SYSTEM FOR DYNAMIC PROTOCOL DECODING AND ANALYSIS - A method for dynamically decoding protocol data on a computer system is provided using a protocol decoder, which inspects and analyzes protocol data received by the computer system. A protocol decoding program controls the decoding and analysis process. The method may be used by an intrusion prevention system to identify anomalous protocol data that may cause harm to applications receiving the data. | 03-19-2009 |
20090157673 | CONDITIONAL STRING SEARCH - A method and a system for efficient search of string patterns characterized by positional relationships in a character stream are disclosed. The method is based on grouping string patterns of a dictionary into at least two string sets and performing string search processes of a text of the character stream based on individual string sets with the outcome of a search process influencing a subsequent search process. A system implementing the method comprises a dictionary processor for generating string sets with corresponding text actions and search actions, a conditional search engine for locating string patterns belonging to at least one string set in a text according to a current search state, a text operator for producing an output text according to search results, and a search operator for determining a subsequent search state. | 06-18-2009 |
20090158419 | METHOD AND SYSTEM FOR PROTECTING A COMPUTER SYSTEM DURING BOOT OPERATION - A method for protecting a computer system from malicious network traffic is provided using a driver which inspects network packets. A security profile comprising packet inspection rules is compiled and stored on the computer system. During the startup or boot operation of an operating system, the driver loads the compiled security profile and inspects network packets using the inspection rules. | 06-18-2009 |
20100036842 | Fast identification of complex strings in a data stream - A method for detecting and locating occurrence in a data stream of any complex string belonging to a predefined complex dictionary is disclosed. A complex string may comprise an arbitrary number of interleaving coherent strings and ambiguous strings. The method comprises a first process for transforming the complex dictionary into a simple structure to enable continuously conducting computationally efficient search, and a second process for examining received data in real time using the simple structure. The method may be implemented as an article of manufacture comprising at least one processor-readable medium and instructions carried on the at least one medium. The instructions causes a processor to match examined data to an object complex string belonging to the complex dictionary, where the matching process is based on equality to constituent coherent strings, and congruence to ambiguous strings, of the object complex string. | 02-11-2010 |
20110119304 | FAST IDENTIFICATION OF COMPLEX STRINGS IN A DATA STREAM - A method for detecting and locating occurrence in a data stream of any complex string belonging to a predefined complex dictionary is disclosed. A complex string may comprise an arbitrary number of interleaving coherent strings and ambiguous strings. The method comprises a first process for transforming the complex dictionary into a simple structure to enable continuously conducting computationally efficient search, and a second process for examining received data in real time using the simple structure. The method may be implemented as an article of manufacture comprising at least one processor-readable medium and instructions carried on the at least one medium. The instructions causes a processor to match examined data to an object complex string belonging to the complex dictionary, where the matching process is based on equality to constituent coherent strings, and congruence to ambiguous strings, of the object complex string. | 05-19-2011 |
20110246523 | FAST IDENTIFICATION OF COMPLEX STRINGS IN A DATA STREAM - A method of examining a data stream to detect presence of a complex string belonging to a complex dictionary is provided. The method includes associating an array of state variables and an array of reference states with the complex dictionary; detecting a simple string in the data stream, the simple string being a constituent string in the complex string in the complex dictionary; updating a state variable associated with the complex string according to all relative positions of the simple string within the complex string; and determining that the complex string is present in the data stream when the state variable attains a corresponding reference state. A corresponding system is also provided. | 10-06-2011 |
20120030222 | FAST IDENTIFICATION OF COMPLEX STRINGS IN A DATA STREAM - A method for detecting and locating occurrence in a data stream of any complex string belonging to a predefined complex dictionary is disclosed. A complex string may comprise an arbitrary number of interleaving coherent strings and ambiguous strings. The method comprises a first process for transforming the complex dictionary into a simple structure to enable continuously conducting computationally efficient search, and a second process for examining received data in real time using the simple structure. The method may be implemented as an article of manufacture comprising at least one processor-readable medium and instructions carried on the at least one medium. The instructions causes a processor to match examined data to an object complex string belonging to the complex dictionary, where the matching process is based on equality to constituent coherent strings, and congruence to ambiguous strings, of the object complex string. | 02-02-2012 |
20120143884 | FAST IDENTIFICATION OF COMPLEX STRINGS IN A DATA STREAM - An apparatus for detecting presence of a selected complex string in a data stream has a primary processor, detecting coherent strings of the selected complex string; and a secondary processor, pipelined to the primary processor, and detecting ambiguous strings interleaving said coherent strings. The primary processor is configured to determine a number of coherent strings in the selected complex string, each coherent string preceded by a prefix of indefinite characters, with a last coherent string succeeded by a suffix of indefinite characters; and to locate sequential portions of the data stream that are identical to successive coherent strings of the selected complex string. The secondary processor is configured to ascertain congruence of portions of the data stream preceding and interleaving the sequential portions to prefixes of the coherent strings; and to ascertain congruence of the suffix to a corresponding portion of said data stream following the sequential portions. | 06-07-2012 |
20120266232 | METHOD AND SYSTEM FOR PROTECTING A COMPUTER SYSTEM DURING BOOT OPERATION - A method for protecting a computer system from malicious network traffic is provided using a driver which inspects network packets. A security profile comprising packet inspection rules is compiled and stored on the computer system. During the startup or boot operation of an operating system, the driver loads the compiled security profile and inspects network packets using the inspection rules. | 10-18-2012 |
20130326621 | METHOD AND SYSTEM FOR DYNAMIC PROTOCOL DECODING AND ANALYSIS - A method for dynamically decoding protocol data on a computer system is provided using a protocol decoder, which inspects and analyzes protocol data received by the computer system. A protocol decoding program controls the decoding and analysis process. The method may be used by an intrusion prevention system to identify anomalous protocol data that may cause harm to applications receiving the data. | 12-05-2013 |
20140047541 | METHOD AND SYSTEM FOR PROTECTING A COMPUTER SYSTEM DURING BOOT OPERATION - A method for protecting a computer system from malicious network traffic is provided using a driver which inspects network packets. A security profile comprising packet inspection rules is compiled and stored on the computer system. During the startup or boot operation of an operating system, the driver loads the compiled security profile and inspects network packets using the inspection rules. | 02-13-2014 |