Patent number 8566444 is assigned to
The following quote was obtained by the news editors from the background information supplied by the inventors: "With the widespread use of web-based applications and the Internet in general, concerns have been raised with the availability of server protection against malicious content sent through seemingly innocuous packets requesting access to server-based applications. Such packets may include viruses, data sniffers, or other undesirable and unauthorized requests to the application server. Some of the most serious network security threats come from attacks that target vulnerabilities in enterprise applications. In order to prevent the introduction of undesirable packets, networks implement so-called firewalls that examine incoming packets according to different rules that detect undesirable data in packets.
"The application of different rules to examine incoming packets for content that has a undesirable effect is known as negative security. Negative security may be defined as a security approach that detects undesirable content (such as a virus, an attack, exploitation of a vulnerability, etc.) by maintaining a list of indicators such as patterns and signatures of the undesirable content. A rule includes a given representation of the undesirable content provided to a matching agent in order to check whether or not an item such as a packet contains the content that is represented in the list. An advantage of this approach is that if the undesirable content is known and how to find the content is known, then negative security is an easy and simple way to find undesirable content through the application of rules. The disadvantage to such an approach is that network protection is limited to existing rules and does not detect malicious packets that are written to circumvent existing rules. Network administrators therefore constantly update and add rules to detect new known threats. However, the application of multiple rules requires multiple passes over an incoming packet to check the rule, as each pass of the packet must be performed for each different rule. The use of more rules to detect new threats therefore increases computational overhead to the application of such rules for negative security."
In addition to the background information obtained for this patent, VerticalNews journalists also obtained the inventor's summary information for this patent: "According to one example, a method for checking data against a plurality of rules simultaneously is disclosed. A data string having keywords in the data string is received. All of the keywords in the data string are simultaneously examined against rule keywords. The rule keywords represent at least one rule of the plurality of rules. Which of the plurality of rules are satisfied by the data string is determined based on whether each keyword matches the rule keywords.
"Another example is a machine readable medium having stored thereon instructions for simultaneous checking whether a data string satisfies multiple rules. The machine readable medium includes machine executable code which when executed by at least one machine, causes the machine to receive the data string having keywords in the data string. The instructions further cause the machine to simultaneously examine all of the keywords in the data string against rule keywords, the rule keywords representing at least one rule of the plurality of rules. The instructions further cause the machine to determine which of the plurality of rules are satisfied by the data string based on whether each keyword matches the rule keywords.
"Another example is a network traffic appliance for coupling to a network and allowing connection by a client computer to a device. The network traffic appliance includes a network interface for receiving a data string from the client computer. A network access module includes a finite state machine coupled to the network interface. A memory stores an array of keyword data structures and an array of rules data structures, the rules data structures including rule keywords associated with a plurality of rules. The network access module receives the data string having keywords in the data string. The network access module simultaneously examines all of the keywords in the data string against rule keywords, the rule keywords representing at least one rule of the plurality of rules. The network access module further determines which of the plurality of rules are satisfied by the data string based on whether each keyword matches the rule keywords. The network access module provides access to the device if certain of the plurality of rules is satisfied by the data string.
"Additional aspects will be apparent to those of ordinary skill in the art in view of the detailed description of various embodiments, which is made with reference to the drawings, a brief description of which is provided below."
URL and more information on this patent, see: Yona, Shlomo. Methods and System for Simultaneous Multiple Rules Checking. U.S. Patent Number 8566444, filed
Keywords for this news article include:
Our reports deliver fact-based news of research and discoveries from around the world. Copyright 2013, NewsRx LLC
Most Popular Stories
- Slow Week Ahead of December FOMC Meeting
- Hispanics Seek to Grow School Board Members
- GM Bailout Saved 1.2 Million U.S. Jobs, Report Says
- Bitcoin Used to Buy Tesla Car
- U.S. Companies Eager for Iranian Business
- 'Knockout Game': Myth or Menace?
- Banks Fret as Volcker Vote Approaches
- Questions Remain in Jenni Rivera's Death
- Yellen Set to Become One of World's Most Powerful Women
- Paul Walker Fans Pay Respects