| Targeted Patent: Patent: US7594009B2 Filed: 2000-09-13 Issued: 2009-09-22 Patent Holder: (Original Assignee) Triulzi Arrigo G B; Joubert Adriaan W (Current Assignee) Datamonitor Systems LLC Inventor(s): Arrigo G. B. Triulzi, Adriaan W. Joubert Title: Monitoring network activity | Cross Reference / Shared Meaning between the Lines |
Charted Against: Patent: US6094643A Filed: 1996-06-14 Issued: 2000-07-25 Patent Holder: (Original Assignee) Card Alert Services Inc (Current Assignee) Fair Isaac Corp Inventor(s): Douglas D. Anderson, Michael J. Urban, Eric L. Deterding, Richard H. Urban Title: System for detecting counterfeit financial card fraud |
| [FEATURE ID: 1] system | distributed system, subsystem, computer system, network, detection system, systems, processing system | [FEATURE ID: 1] system |
| [TRANSITIVE ID: 2] analyzing, detecting, creating, analysis, data processing, initial filtering stage, respect, types | monitoring, processing, detection, identifying, filtering, determining, capturing | [TRANSITIVE ID: 2] detecting, scoring, event scoring |
| [FEATURE ID: 3] network traffic, traffic, details, suspect packets | information, transactions, events, records, data, activity, fraud | [FEATURE ID: 3] potential counterfeit financial cards, financial card transaction data, individual transactions, suspicious transactions, transaction scores, card scores, financial cards, standard industrial codes |
| [TRANSITIVE ID: 4] comprising, including | by, having, comprises, involving, providing, containing, wherein | [TRANSITIVE ID: 4] comprising |
| [TRANSITIVE ID: 5] using | providing, applying, defining | [TRANSITIVE ID: 5] assigning |
| [FEATURE ID: 6] means, adapter | apparatus, algorithm, mechanism, agent, unit, processing means, device | [FEATURE ID: 6] means |
| [FEATURE ID: 7] packets | areas, blocks, segments, cells, locations, territories, city | [FEATURE ID: 7] event groups, states, regions, same first digits |
| [FEATURE ID: 8] packet, unique identifier, time stamp | label, value, flag, tag, signature, suffix, prefix | [FEATURE ID: 8] score |
| [TRANSITIVE ID: 9] selected, accessible | provided, received, retrieved, generated, taken, resulting, obtained | [TRANSITIVE ID: 9] reported, involved, assigned |
| [FEATURE ID: 10] data packets, adapters | cards, those, elements, devices, items, files, values | [FEATURE ID: 10] particular cards |
| [FEATURE ID: 11] criteria, indicative, part, different parts | attributes, characteristics, parameters, properties, data, features, details | [FEATURE ID: 11] weights |
| [FEATURE ID: 12] functions | processors, devices, databases, entities | [FEATURE ID: 12] financial institutions |
| [FEATURE ID: 13] network | system, computer, server | [FEATURE ID: 13] computer database |
| [FEATURE ID: 14] conjunction | sequence, series, combination | [FEATURE ID: 14] group |
| [FEATURE ID: 15] claim | figure, preceding claim, requirement, need, step, paragraph, clair | [FEATURE ID: 15] claim |
| [FEATURE ID: 16] static buffer | database, first, pool | [FEATURE ID: 16] cluster |
| 1 . A system [FEATURE ID: 1] for analyzing [TRANSITIVE ID: 2] network traffic [FEATURE ID: 3] , comprising [TRANSITIVE ID: 4] the steps of : using [TRANSITIVE ID: 5] detecting [TRANSITIVE ID: 2] means [FEATURE ID: 6] including [TRANSITIVE ID: 4] a tap which receives and selects packets [FEATURE ID: 7] of data from network traffic and packet [FEATURE ID: 8] creating [TRANSITIVE ID: 2] means which , for each packet selected [TRANSITIVE ID: 9] by the tap , creates a modified selected packet for analysis [FEATURE ID: 2] which consists of the selected packet and a unique identifier [FEATURE ID: 8] for the selected packet which distinguishes that selected packet from all other selected packets , wherein the detecting means analyzes the modified selected packets to detect suspect modified data packets [FEATURE ID: 10] which meet criteria [FEATURE ID: 11] defined by one or more functions [FEATURE ID: 12] in the detecting means , the criteria being indicative [FEATURE ID: 11] of potentially damaging traffic [FEATURE ID: 3] on the network [FEATURE ID: 13] ; forwarding details [FEATURE ID: 3] of each detected suspect modified data packet to data processing [FEATURE ID: 2] means ; storing details of each detected suspect modified data packet so as to be accessible [FEATURE ID: 9] for use in analysis by the data processing means in conjunction [FEATURE ID: 14] with the details of other detected modified suspect packets [FEATURE ID: 3] ; and using the data processing means to analyze the stored suspect modified data packets . 2 . A system as claimed in claim [FEATURE ID: 15] 1 wherein the unique identifier includes an identifier for the tap and a time stamp [FEATURE ID: 8] . 3 . A system as claimed in claim 1 wherein the tap carries out an initial filtering stage [FEATURE ID: 2] in respect [FEATURE ID: 2] of types [FEATURE ID: 2] of network traffic in order to select packets of data . 4 . A system as claimed in claim 1 wherein the modified selected packets for analysis are filtered in order to detect packets which meet the defined criteria , by means of an adapter [FEATURE ID: 6] which enables the application of a function to part [FEATURE ID: 11] of a packet . 5 . A system as claimed in claim 4 wherein a plurality of adapters [FEATURE ID: 10] are provided which enable the application of functions to different parts [FEATURE ID: 11] of a packet . 6 . A system as claimed in claim 1 wherein packets received and selected by the tap are placed in a static buffer [FEATURE ID: 16] |
1 . A computer - implemented system [FEATURE ID: 1] for detecting [TRANSITIVE ID: 2] potential counterfeit financial cards [FEATURE ID: 3] , comprising [TRANSITIVE ID: 4] : a computer database [FEATURE ID: 13] comprising financial card transaction data [FEATURE ID: 3] reported [TRANSITIVE ID: 9] from a plurality of financial institutions [FEATURE ID: 12] ; scoring [TRANSITIVE ID: 2] means [FEATURE ID: 6] for assigning [TRANSITIVE ID: 5] weights [FEATURE ID: 11] to individual transactions [FEATURE ID: 3] to identify suspicious transactions [FEATURE ID: 3] , the suspicious transactions and particular cards [FEATURE ID: 10] involved [TRANSITIVE ID: 9] in the suspicious transactions being assigned [TRANSITIVE ID: 9] a score [FEATURE ID: 8] ; means for categorizing said suspicious transactions into event groups [FEATURE ID: 7] based on a geographic region where said suspicious transactions occurred and a time when said suspicious transactions occurred ; event scoring [FEATURE ID: 2] means for scoring said event groups based on transaction scores [FEATURE ID: 3] and card scores [FEATURE ID: 3] in said event groups to identify financial cards [FEATURE ID: 3] involved in a suspicious transaction in a same geographic region during a common time period to identify a cluster [FEATURE ID: 16] of potential counterfeit financial cards . 2 . A computer - implemented system for detecting potential counterfeit financial cards as recited in claim [FEATURE ID: 15] 1 wherein said common time period comprises one hour . 3 . A computer - implemented system for detecting potential counterfeit financial cards as recited in claim 1 wherein said geographic region comprises one of a continent , a country , a region , a group [FEATURE ID: 14] of states [FEATURE ID: 7] , a county , a zip code , a census tract , a block group and a block . 4 . A computer - implemented system for detecting potential counterfeit financial cards as recited in claim 1 wherein said geographic region comprises regions [FEATURE ID: 7] having same first digits [FEATURE ID: 7] of a zip code region . 5 . A computer - implemented system for detecting potential counterfeit financial cards as recited in claim 1 wherein said suspicious transactions are determined by analyzing standard industrial codes [FEATURE ID: 3] |
| Targeted Patent: Patent: US7594009B2 Filed: 2000-09-13 Issued: 2009-09-22 Patent Holder: (Original Assignee) Triulzi Arrigo G B; Joubert Adriaan W (Current Assignee) Datamonitor Systems LLC Inventor(s): Arrigo G. B. Triulzi, Adriaan W. Joubert Title: Monitoring network activity | Cross Reference / Shared Meaning between the Lines |
Charted Against: Patent: US6091956A Filed: 1997-06-12 Issued: 2000-07-18 Patent Holder: (Original Assignee) Hollenberg; Dennis D. (Current Assignee) LBS INNOVATIONS LLC Inventor(s): Dennis D. Hollenberg Title: Situation information system |
| [FEATURE ID: 1] system, suspect, network, adapter | apparatus, interface, program, database, data, information, architecture | [FEATURE ID: 1] situation information system, automated |
| [FEATURE ID: 2] network traffic, packets, part, different parts | data, information, messages, content, instructions, advertising, advertisements | [FEATURE ID: 2] location data, situation information, telephone numbers, services, merchandise, triangulation systems, location information, proximate information, other information, entertainment |
| [TRANSITIVE ID: 3] comprising, using, detecting, including, packet, data processing | having, providing, with, incorporating, containing, and, of | [TRANSITIVE ID: 3] comprising, transmitting, including, receiving |
| [FEATURE ID: 4] steps, adapters | elements, functions, components, methods, units, processes, applications | [FEATURE ID: 4] updates, means |
| [FEATURE ID: 5] means | mechanism, system, device | [FEATURE ID: 5] telephone |
| [FEATURE ID: 6] data, data packets, criteria, details, data packet, types | packets, traffic, portions, characteristics, the, metadata, parameters | [FEATURE ID: 6] information |
| [TRANSITIVE ID: 7] selected | provided, produced, generated | [TRANSITIVE ID: 7] imposed |
| [FEATURE ID: 8] analysis, application, function | use, transmission, processing, operation, output, delivery, service | [FEATURE ID: 8] obligatory answering, purposes |
| [FEATURE ID: 9] functions | programs, applications, devices, databases, means, processors | [FEATURE ID: 9] users, radio sources |
| [FEATURE ID: 10] traffic | locations, devices, transmitters, communications, changes, said, areas | [FEATURE ID: 10] selectable execution, buildings, mobile computers |
| [FEATURE ID: 11] suspect packets | data, results, information | [FEATURE ID: 11] derivable |
| 1 . A system [FEATURE ID: 1] for analyzing network traffic [FEATURE ID: 2] , comprising [TRANSITIVE ID: 3] the steps [FEATURE ID: 4] of : using [TRANSITIVE ID: 3] detecting [TRANSITIVE ID: 3] means [FEATURE ID: 5] including [TRANSITIVE ID: 3] a tap which receives and selects packets [FEATURE ID: 2] of data [FEATURE ID: 6] from network traffic and packet [FEATURE ID: 3] creating means which , for each packet selected [TRANSITIVE ID: 7] by the tap , creates a modified selected packet for analysis [FEATURE ID: 8] which consists of the selected packet and a unique identifier for the selected packet which distinguishes that selected packet from all other selected packets , wherein the detecting means analyzes the modified selected packets to detect suspect [FEATURE ID: 1] modified data packets [FEATURE ID: 6] which meet criteria [FEATURE ID: 6] defined by one or more functions [FEATURE ID: 9] in the detecting means , the criteria being indicative of potentially damaging traffic [FEATURE ID: 10] on the network [FEATURE ID: 1] ; forwarding details [FEATURE ID: 6] of each detected suspect modified data packet [FEATURE ID: 6] to data processing [FEATURE ID: 3] means ; storing details of each detected suspect modified data packet so as to be accessible for use in analysis by the data processing means in conjunction with the details of other detected modified suspect packets [FEATURE ID: 11] ; and using the data processing means to analyze the stored suspect modified data packets . 2 . A system as claimed in claim 1 wherein the unique identifier includes an identifier for the tap and a time stamp . 3 . A system as claimed in claim 1 wherein the tap carries out an initial filtering stage in respect of types [FEATURE ID: 6] of network traffic in order to select packets of data . 4 . A system as claimed in claim 1 wherein the modified selected packets for analysis are filtered in order to detect packets which meet the defined criteria , by means of an adapter [FEATURE ID: 1] which enables the application [FEATURE ID: 8] of a function [FEATURE ID: 8] to part [FEATURE ID: 2] of a packet . 5 . A system as claimed in claim 4 wherein a plurality of adapters [FEATURE ID: 4] are provided which enable the application of functions to different parts [FEATURE ID: 2] |
1 . A scalable , openly accessible , dispatcher obviating , situation information system [FEATURE ID: 1] comprising [TRANSITIVE ID: 3] : a. mobile computers with radios severally operated by users [FEATURE ID: 9] substantially transmitting [TRANSITIVE ID: 3] information [FEATURE ID: 6] including [TRANSITIVE ID: 3] location data [FEATURE ID: 2] , receiving [TRANSITIVE ID: 3] situation information [FEATURE ID: 2] of selectable execution [FEATURE ID: 10] , including audible , visual , and tactile execution , and continually receiving telephone numbers [FEATURE ID: 2] of diverse providers of services [FEATURE ID: 2] and merchandise [FEATURE ID: 2] while obviating the resulting interference imposed [TRANSITIVE ID: 7] by the obligatory answering [FEATURE ID: 8] of a ringing telephone [FEATURE ID: 5] as automated [TRANSITIVE ID: 1] updates [FEATURE ID: 4] occur , and conducting shopping functions in shopping areas including stores and malls , b. radio locating means [FEATURE ID: 4] by which , from said location data including triangulation systems [FEATURE ID: 2] installed within and among buildings [FEATURE ID: 10] , the location of each of said mobile computers [FEATURE ID: 10] is determined and processed into location information [FEATURE ID: 2] including information pertaining to , and derivable [FEATURE ID: 11] from , the change in location of each of said mobile computers , and c. one or more radio sources [FEATURE ID: 9] of said situation information , including said location information , proximate information [FEATURE ID: 2] and other information [FEATURE ID: 2] , for purposes [FEATURE ID: 8] including presenting entertainment [FEATURE ID: 2] |
| Targeted Patent: Patent: US7594009B2 Filed: 2000-09-13 Issued: 2009-09-22 Patent Holder: (Original Assignee) Triulzi Arrigo G B; Joubert Adriaan W (Current Assignee) Datamonitor Systems LLC Inventor(s): Arrigo G. B. Triulzi, Adriaan W. Joubert Title: Monitoring network activity | Cross Reference / Shared Meaning between the Lines |
Charted Against: Patent: US6057757A Filed: 1995-03-29 Issued: 2000-05-02 Patent Holder: (Original Assignee) Cabletron Systems Inc (Current Assignee) Google LLC ; Concord Communications LLC Inventor(s): Russell Arrowsmith, William Tracy Title: Method and apparatus for policy-based alarm notification in a distributed network management environment |
| [FEATURE ID: 1] system, function | process, program, service, network, protocol, procedure, technique | [FEATURE ID: 1] method, user |
| [TRANSITIVE ID: 2] analyzing, detecting, creating, data processing | monitoring, processing, filtering, collecting, identifying, capturing, examining | [TRANSITIVE ID: 2] alarm notification, receiving |
| [FEATURE ID: 3] network traffic, traffic, details, types, different parts | data, information, characteristics, events, content, signals, attributes | [FEATURE ID: 3] alarms, parameters |
| [TRANSITIVE ID: 4] comprising, including | implementing, using, by, employing, containing, incorporating, providing | [TRANSITIVE ID: 4] comprising, applying, includes |
| [FEATURE ID: 5] steps, part | characteristics, elements, process, procedure, components, features, automated steps | [FEATURE ID: 5] steps, step |
| [TRANSITIVE ID: 6] using | establishing, creating, defining, constructing, obtaining, initiating, building | [TRANSITIVE ID: 6] assigning, generating |
| [FEATURE ID: 7] means | system, device, equipment, apparatus | [FEATURE ID: 7] network management server |
| [TRANSITIVE ID: 8] selected, other, accessible | provided, received, possible, determined, stored, appropriate, retrieved | [TRANSITIVE ID: 8] assigned |
| [FEATURE ID: 9] analysis | data, communication, detection, transmission | [FEATURE ID: 9] same |
| [FEATURE ID: 10] unique identifier, time stamp | flag, value, parameter, field, label, type, token | [FEATURE ID: 10] filter, filter parameter, tag, user name |
| [FEATURE ID: 11] data packets | requests, protocols, ones, values, flows | [FEATURE ID: 11] filters |
| [FEATURE ID: 12] criteria, indicative | attributes, parameters, metadata, indicia, data, properties, characteristics | [FEATURE ID: 12] time values, applications, information |
| [FEATURE ID: 13] functions, adapters | applications, agents, entities, devices, filters, users, modules | [FEATURE ID: 13] multiple network management servers, associated network management applications, servers, network management applications |
| [FEATURE ID: 14] network, adapter | server, interface, apparatus, host, system, program, user | [FEATURE ID: 14] associated network management application, application, graphical user interface |
| [FEATURE ID: 15] suspect packets | networks, faults, events, flows | [FEATURE ID: 15] multiple associated network management applications |
| [FEATURE ID: 16] claim | item, requirement, step, paragraph, clair, fig, claims | [FEATURE ID: 16] claim |
| [FEATURE ID: 17] identifier | entry, association, indicator, output, input | [FEATURE ID: 17] alarm clear message |
| [FEATURE ID: 18] static buffer | cache, memory, buffer, stack, register, queue, table | [FEATURE ID: 18] database |
| 1 . A system [FEATURE ID: 1] for analyzing [TRANSITIVE ID: 2] network traffic [FEATURE ID: 3] , comprising [TRANSITIVE ID: 4] the steps [FEATURE ID: 5] of : using [TRANSITIVE ID: 6] detecting [TRANSITIVE ID: 2] means [FEATURE ID: 7] including [TRANSITIVE ID: 4] a tap which receives and selects packets of data from network traffic and packet creating [TRANSITIVE ID: 2] means which , for each packet selected [TRANSITIVE ID: 8] by the tap , creates a modified selected packet for analysis [FEATURE ID: 9] which consists of the selected packet and a unique identifier [FEATURE ID: 10] for the selected packet which distinguishes that selected packet from all other [FEATURE ID: 8] selected packets , wherein the detecting means analyzes the modified selected packets to detect suspect modified data packets [FEATURE ID: 11] which meet criteria [FEATURE ID: 12] defined by one or more functions [FEATURE ID: 13] in the detecting means , the criteria being indicative [FEATURE ID: 12] of potentially damaging traffic [FEATURE ID: 3] on the network [FEATURE ID: 14] ; forwarding details [FEATURE ID: 3] of each detected suspect modified data packet to data processing [FEATURE ID: 2] means ; storing details of each detected suspect modified data packet so as to be accessible [FEATURE ID: 8] for use in analysis by the data processing means in conjunction with the details of other detected modified suspect packets [FEATURE ID: 15] ; and using the data processing means to analyze the stored suspect modified data packets . 2 . A system as claimed in claim [FEATURE ID: 16] 1 wherein the unique identifier includes an identifier [FEATURE ID: 17] for the tap and a time stamp [FEATURE ID: 10] . 3 . A system as claimed in claim 1 wherein the tap carries out an initial filtering stage in respect of types [FEATURE ID: 3] of network traffic in order to select packets of data . 4 . A system as claimed in claim 1 wherein the modified selected packets for analysis are filtered in order to detect packets which meet the defined criteria , by means of an adapter [FEATURE ID: 14] which enables the application of a function [FEATURE ID: 1] to part [FEATURE ID: 5] of a packet . 5 . A system as claimed in claim 4 wherein a plurality of adapters [FEATURE ID: 13] are provided which enable the application of functions to different parts [FEATURE ID: 3] of a packet . 6 . A system as claimed in claim 1 wherein packets received and selected by the tap are placed in a static buffer [FEATURE ID: 18] |
1 . A method [FEATURE ID: 1] of alarm notification [FEATURE ID: 2] comprising [TRANSITIVE ID: 4] the steps [FEATURE ID: 5] of : ( a ) receiving [TRANSITIVE ID: 2] alarms [FEATURE ID: 3] from multiple network management servers [FEATURE ID: 13] ; ( b ) assigning [TRANSITIVE ID: 6] policy - based filters [FEATURE ID: 11] to associated network management applications [FEATURE ID: 13] ; and ( c ) applying [TRANSITIVE ID: 4] the assigned [TRANSITIVE ID: 8] policy - based filters to the alarms and for the alarms which pass the filters , generating [TRANSITIVE ID: 6] an alarm notification and forwarding the same [FEATURE ID: 9] to the associated network management application [FEATURE ID: 14] . 2 . The method of claim [FEATURE ID: 16] 1 , wherein : the assigning step [FEATURE ID: 5] includes [TRANSITIVE ID: 4] assigning a plurality of filters comprising a policy to the associated network management application . 3 . The method of claim 2 , wherein : each filter [FEATURE ID: 10] comprises at least one filter parameter [FEATURE ID: 10] ; and the applying step comprises performing a logical AND of all parameters [FEATURE ID: 3] within one filter and performing a logical OR between all filters within one policy . 4 . The method of claim 3 , wherein : the generating step includes specifying real - time values [FEATURE ID: 12] of each filter parameter in the alarm notification . 5 . The method of claim 2 , wherein : the assigning step includes storing a policy name and the associated applications [FEATURE ID: 12] in a database accessible to all servers [FEATURE ID: 13] . 6 . The method of claim 1 , wherein : the assigning step includes assigning a tag [FEATURE ID: 10] to each filter . 7 . The method of claim 6 , wherein : the generating step includes specifying the tag for the filter which the alarm passed in the alarm notification . 8 . The method of claim 1 , wherein : the assigning step includes storing the filters in a database [FEATURE ID: 18] . 9 . The method of claim 1 , wherein : the generating step further includes specifying a user name [FEATURE ID: 10] in the alarm notification to enable the application [FEATURE ID: 14] which receives the alarm notification to notify a user [FEATURE ID: 1] having the specified user name . 10 . The method of claim 1 , wherein : the assigning step includes scheduling the assigning to occur at a specified time . 11 . The method of claim 1 , further comprising : ( d ) following resolution of an alarm , forwarding an alarm clear message [FEATURE ID: 17] to the associated network management application . 12 . The method of claim 1 , wherein : the assigning step includes assigning the same filters to multiple associated network management applications [FEATURE ID: 15] . 13 . The method of claim 1 , wherein : the assigning step is performed by a user via a graphical user interface [FEATURE ID: 14] . 14 . The method of claim 1 , wherein : the generating step includes generating an alarm notification which contains information [FEATURE ID: 12] about the device which generated the alarm . 15 . The method of claim 1 , further comprising : one or more of the network management applications [FEATURE ID: 13] generating an alarm clear message and forwarding the same to the network management server [FEATURE ID: 7] |
| Targeted Patent: Patent: US7594009B2 Filed: 2000-09-13 Issued: 2009-09-22 Patent Holder: (Original Assignee) Triulzi Arrigo G B; Joubert Adriaan W (Current Assignee) Datamonitor Systems LLC Inventor(s): Arrigo G. B. Triulzi, Adriaan W. Joubert Title: Monitoring network activity | Cross Reference / Shared Meaning between the Lines |
Charted Against: Patent: US6026233A Filed: 1997-05-27 Issued: 2000-02-15 Patent Holder: (Original Assignee) Microsoft Corp (Current Assignee) Microsoft Technology Licensing LLC Inventor(s): Matthew Shulman, Matthew James Curland, Martin Cibulka, David Anthony Sobeski Title: Method and apparatus for presenting and selecting options to modify a programming language statement |
| [FEATURE ID: 1] system | procedure, process, program, step, scheme, technique, command | [FEATURE ID: 1] evaluation, editing task |
| [TRANSITIVE ID: 2] analyzing, data processing | monitoring, processing, identifying, detecting, scanning, examining, capturing | [TRANSITIVE ID: 2] determining |
| [TRANSITIVE ID: 3] comprising, detecting, including | by, providing, containing, employing, and, of, implementing | [TRANSITIVE ID: 3] comprising, enabling, having, being |
| [FEATURE ID: 4] steps | procedure, stage, action, process | [FEATURE ID: 4] step |
| [TRANSITIVE ID: 5] using | generating, creating, arranging, incorporating, identifying, assembling | [TRANSITIVE ID: 5] resolving |
| [FEATURE ID: 6] packets, details, suspect packets, respect, types, part, different parts | each, portions, data, segments, parts, the, fragments | [FEATURE ID: 6] symbolic portions, available ones |
| [FEATURE ID: 7] data, indicative | instructions, details, representations, parameters, information, attributes, indicia | [FEATURE ID: 7] identifiable tokens |
| [FEATURE ID: 8] packet | tag, data, identification, identifier | [FEATURE ID: 8] partial compilation |
| [TRANSITIVE ID: 9] creating | control, selection, management, creation | [TRANSITIVE ID: 9] execution |
| [TRANSITIVE ID: 10] selected | input, selecting, selectable, chosen | [TRANSITIVE ID: 10] selection |
| [TRANSITIVE ID: 11] creates | defines, stores, determines, produces, provides | [TRANSITIVE ID: 11] generates |
| [FEATURE ID: 12] analysis | output, data, modification, entry | [FEATURE ID: 12] input |
| [FEATURE ID: 13] criteria | parameters, metadata, is, indicia, attributes | [FEATURE ID: 13] information |
| [FEATURE ID: 14] functions | instructions, modules, routines, variables | [FEATURE ID: 14] programming language statements |
| [FEATURE ID: 15] use | using, aid, application, usage, employment, processing | [FEATURE ID: 15] means |
| [FEATURE ID: 16] conjunction | contrast, accordance, parallel, comparison, connection | [FEATURE ID: 16] response |
| [FEATURE ID: 17] initial filtering stage | analysis, identification, order, interpretation, evaluation | [FEATURE ID: 17] identity |
| [FEATURE ID: 18] function | procedure, program, parameter, statement, code, task, structure | [FEATURE ID: 18] programming language statement, partial program compilation, menu item |
| [FEATURE ID: 19] static buffer | list, block, pool, window | [FEATURE ID: 19] finite set |
| 1 . A system [FEATURE ID: 1] for analyzing [TRANSITIVE ID: 2] network traffic , comprising [TRANSITIVE ID: 3] the steps [FEATURE ID: 4] of : using [TRANSITIVE ID: 5] detecting [TRANSITIVE ID: 3] means including [TRANSITIVE ID: 3] a tap which receives and selects packets [FEATURE ID: 6] of data [FEATURE ID: 7] from network traffic and packet [FEATURE ID: 8] creating [TRANSITIVE ID: 9] means which , for each packet selected [TRANSITIVE ID: 10] by the tap , creates [TRANSITIVE ID: 11] a modified selected packet for analysis [FEATURE ID: 12] which consists of the selected packet and a unique identifier for the selected packet which distinguishes that selected packet from all other selected packets , wherein the detecting means analyzes the modified selected packets to detect suspect modified data packets which meet criteria [FEATURE ID: 13] defined by one or more functions [FEATURE ID: 14] in the detecting means , the criteria being indicative [FEATURE ID: 7] of potentially damaging traffic on the network ; forwarding details [FEATURE ID: 6] of each detected suspect modified data packet to data processing [FEATURE ID: 2] means ; storing details of each detected suspect modified data packet so as to be accessible for use [FEATURE ID: 15] in analysis by the data processing means in conjunction [FEATURE ID: 16] with the details of other detected modified suspect packets [FEATURE ID: 6] ; and using the data processing means to analyze the stored suspect modified data packets . 2 . A system as claimed in claim 1 wherein the unique identifier includes an identifier for the tap and a time stamp . 3 . A system as claimed in claim 1 wherein the tap carries out an initial filtering stage [FEATURE ID: 17] in respect [FEATURE ID: 6] of types [FEATURE ID: 6] of network traffic in order to select packets of data . 4 . A system as claimed in claim 1 wherein the modified selected packets for analysis are filtered in order to detect packets which meet the defined criteria , by means of an adapter which enables the application of a function [FEATURE ID: 18] to part [FEATURE ID: 6] of a packet . 5 . A system as claimed in claim 4 wherein a plurality of adapters are provided which enable the application of functions to different parts [FEATURE ID: 6] of a packet . 6 . A system as claimed in claim 1 wherein packets received and selected by the tap are placed in a static buffer [FEATURE ID: 19] |
1 . A real - time method for assisting a user to modify a programming language statement [FEATURE ID: 18] in a computer program , the real - time method comprising [TRANSITIVE ID: 3] : enabling [TRANSITIVE ID: 3] a programming language editor having [TRANSITIVE ID: 3] a character position cursor ; automatically determining [TRANSITIVE ID: 2] an identity [FEATURE ID: 17] of input [FEATURE ID: 12] to the programming language editor by the user ; automatically resolving [TRANSITIVE ID: 5] symbolic portions [FEATURE ID: 6] of available ones [FEATURE ID: 6] of a plurality of programming language statements [FEATURE ID: 14] by means [FEATURE ID: 15] of a reverse parse evaluation [FEATURE ID: 1] into a partial program compilation [FEATURE ID: 18] that generates [TRANSITIVE ID: 11] identifiable tokens [FEATURE ID: 7] for each of the at least one segment therein in response [FEATURE ID: 16] to the input being [TRANSITIVE ID: 3] an on - demand request by the user ; identifying a present programming language statement and at least one segment of the present programming language statement based on a location of the character position cursor ; determining a finite set [FEATURE ID: 19] of information [FEATURE ID: 13] related to the present programming language statement and at least one segment of the present programming language statement based on the automatically generated partial compilation [FEATURE ID: 8] ; automatically generating an assist window of the finite set of information ; receiving a representation of a selection [FEATURE ID: 10] by the computer programmer from the finite set of information ; and modifying the present programming language statement based at least in part on the selected information ; enabling execution [FEATURE ID: 9] of a editing task [FEATURE ID: 1] in response to the input being a programming language editor command ; enabling a first type of commit of an identified menu item [FEATURE ID: 18] from a selection menu assist window in response to the input being a commit key , wherein the step [FEATURE ID: 4] |
| Targeted Patent: Patent: US7594009B2 Filed: 2000-09-13 Issued: 2009-09-22 Patent Holder: (Original Assignee) Triulzi Arrigo G B; Joubert Adriaan W (Current Assignee) Datamonitor Systems LLC Inventor(s): Arrigo G. B. Triulzi, Adriaan W. Joubert Title: Monitoring network activity | Cross Reference / Shared Meaning between the Lines |
Charted Against: Patent: US5974572A Filed: 1996-10-15 Issued: 1999-10-26 Patent Holder: (Original Assignee) Mercury Interactive LLC (Current Assignee) Micro Focus LLC Inventor(s): Amir Weinberg, Eduardo Alperin Title: Software system and methods for generating a load test using a server access log |
| [FEATURE ID: 1] system, function | program, technique, mechanism, service, procedure, computer system, process | [FEATURE ID: 1] method, site |
| [TRANSITIVE ID: 2] analyzing, detecting, data processing | collecting, identifying, monitoring, sampling, receiving, determining, filtering | [TRANSITIVE ID: 2] processing |
| [FEATURE ID: 3] network traffic, packets, data, details, suspect packets, part, different parts | traffic, messages, content, information, results, each, portions | [FEATURE ID: 3] site access information, informational content, informational requests |
| [TRANSITIVE ID: 4] comprising, including | containing, by, having, comprises, involving, using, implementing | [TRANSITIVE ID: 4] comprising |
| [FEATURE ID: 5] steps | action, methods, operational steps, sub steps, functions, process, activities | [FEATURE ID: 5] steps, step |
| [TRANSITIVE ID: 6] using | executing, generating, operating, running, utilizing | [TRANSITIVE ID: 6] processing |
| [TRANSITIVE ID: 7] creating, analysis, initial filtering stage, application | examination, operation, monitoring, use, assignment, inspection, testing | [TRANSITIVE ID: 7] load testing |
| [TRANSITIVE ID: 8] selected | collected, captured, provided, maintained, output, supplied, held | [TRANSITIVE ID: 8] stored, generated |
| [TRANSITIVE ID: 9] creates | make, construct, create, form | [TRANSITIVE ID: 9] generate |
| [FEATURE ID: 10] unique identifier | representation, property, value, characteristic, parameter | [FEATURE ID: 10] general load distribution |
| [FEATURE ID: 11] data packets | addresses, communications, changes, traffic, requests | [FEATURE ID: 11] accesses |
| [FEATURE ID: 12] criteria, indicative | attributes, parameters, properties, links, representations, locations, metrics | [FEATURE ID: 12] addresses, visitor identifiers |
| [FEATURE ID: 13] traffic | behaviors, activity, patterns, changes | [FEATURE ID: 13] actual usage patterns |
| [FEATURE ID: 14] network | server, client, browser, host, system, website, database | [FEATURE ID: 14] web site, computer, server application, computer system, network, access timestamps |
| [FEATURE ID: 15] conjunction | accordance, correspondence, parallel, connection | [FEATURE ID: 15] response |
| [FEATURE ID: 16] claim | item, preceding claim, step, paragraph, clair, clause, figure | [FEATURE ID: 16] claim |
| [FEATURE ID: 17] identifier | entry, index, account, interface | [FEATURE ID: 17] access log |
| [FEATURE ID: 18] types | sources, elements, the, portions | [FEATURE ID: 18] informational content entities |
| 1 . A system [FEATURE ID: 1] for analyzing [TRANSITIVE ID: 2] network traffic [FEATURE ID: 3] , comprising [TRANSITIVE ID: 4] the steps [FEATURE ID: 5] of : using [TRANSITIVE ID: 6] detecting [TRANSITIVE ID: 2] means including [TRANSITIVE ID: 4] a tap which receives and selects packets [FEATURE ID: 3] of data [FEATURE ID: 3] from network traffic and packet creating [TRANSITIVE ID: 7] means which , for each packet selected [TRANSITIVE ID: 8] by the tap , creates [TRANSITIVE ID: 9] a modified selected packet for analysis [FEATURE ID: 7] which consists of the selected packet and a unique identifier [FEATURE ID: 10] for the selected packet which distinguishes that selected packet from all other selected packets , wherein the detecting means analyzes the modified selected packets to detect suspect modified data packets [FEATURE ID: 11] which meet criteria [FEATURE ID: 12] defined by one or more functions in the detecting means , the criteria being indicative [FEATURE ID: 12] of potentially damaging traffic [FEATURE ID: 13] on the network [FEATURE ID: 14] ; forwarding details [FEATURE ID: 3] of each detected suspect modified data packet to data processing [FEATURE ID: 2] means ; storing details of each detected suspect modified data packet so as to be accessible for use in analysis by the data processing means in conjunction [FEATURE ID: 15] with the details of other detected modified suspect packets [FEATURE ID: 3] ; and using the data processing means to analyze the stored suspect modified data packets . 2 . A system as claimed in claim [FEATURE ID: 16] 1 wherein the unique identifier includes an identifier [FEATURE ID: 17] for the tap and a time stamp . 3 . A system as claimed in claim 1 wherein the tap carries out an initial filtering stage [FEATURE ID: 7] in respect of types [FEATURE ID: 18] of network traffic in order to select packets of data . 4 . A system as claimed in claim 1 wherein the modified selected packets for analysis are filtered in order to detect packets which meet the defined criteria , by means of an adapter which enables the application [FEATURE ID: 7] of a function [FEATURE ID: 1] to part [FEATURE ID: 3] of a packet . 5 . A system as claimed in claim 4 wherein a plurality of adapters are provided which enable the application of functions to different parts [FEATURE ID: 3] |
1 . A method [FEATURE ID: 1] of load testing [FEATURE ID: 7] of a web site [FEATURE ID: 14] , the method comprising [TRANSITIVE ID: 4] the computer [FEATURE ID: 14] - implemented steps [FEATURE ID: 5] of : processing [TRANSITIVE ID: 2] site access information [FEATURE ID: 3] stored [TRANSITIVE ID: 8] within an access log [FEATURE ID: 17] to generate [TRANSITIVE ID: 9] at least one test script , the access log generated [TRANSITIVE ID: 8] by a server application [FEATURE ID: 14] that runs on a computer system [FEATURE ID: 14] of the web site , the server application configured to serve informational content [FEATURE ID: 3] over a network [FEATURE ID: 14] in response [FEATURE ID: 15] to requests by visitors of the site [FEATURE ID: 1] and to record visitor accesses [TRANSITIVE ID: 11] to the site within the access log , the site access information representing accesses to the site by multiple different visitors during ordinary , post-deployment usage of the web site , the test script including addresses [FEATURE ID: 12] of informational content entities [FEATURE ID: 18] of the site ; and running the at least one test script to exercise the site , the step [FEATURE ID: 5] of running comprising submitting informational requests [FEATURE ID: 3] to the server application . 2 . The method of claim [FEATURE ID: 16] 1 , wherein the step of processing [FEATURE ID: 6] comprises preserving a general load distribution [FEATURE ID: 10] represented by the access log , so that the step of running produces a load that reflects actual usage patterns [FEATURE ID: 13] of visitors . 3 . The method of claim 1 , wherein the step of processing is performed such that the step of running produces a load on the site that has generally the same distribution as a load represented within the access log . 4 . The method of claim 3 , further comprising prompting a user to enter a control parameter , wherein the load has a magnitude which is specified by the control parameter . 5 . The method of claim 1 , wherein the step of processing comprises identifying a plurality of routes taken by visitors to the site . 6 . The method of claim 5 , wherein the step of identifying a plurality of routes comprises using access timestamps [FEATURE ID: 14] and visitor identifiers [FEATURE ID: 12] |
| Targeted Patent: Patent: US7594009B2 Filed: 2000-09-13 Issued: 2009-09-22 Patent Holder: (Original Assignee) Triulzi Arrigo G B; Joubert Adriaan W (Current Assignee) Datamonitor Systems LLC Inventor(s): Arrigo G. B. Triulzi, Adriaan W. Joubert Title: Monitoring network activity | Cross Reference / Shared Meaning between the Lines |
Charted Against: Patent: EP0910197A2 Filed: 1997-09-12 Issued: 1999-04-21 Patent Holder: (Original Assignee) Lucent Technologies Inc (Current Assignee) Nokia of America Corp Inventor(s): Michael John Coss, Ronald L. Sharp, David L. Majette Title: Methods and apparatus for a computer network firewall with dynamic rule processing |
| [FEATURE ID: 1] system, tap, function | protocol, service, network, rule, node, firewall, filter | [FEATURE ID: 1] firewall service, packet, single network session, proxy, application |
| [TRANSITIVE ID: 2] analyzing | managing, controlling, processing | [TRANSITIVE ID: 2] providing |
| [FEATURE ID: 3] network traffic, selects, packets, data, data packets, indicative, data packet, conjunction, suspect packets, types, adapters | traffic, messages, protocols, transactions, streams, flows, samples | [FEATURE ID: 3] rules, connections, packets, other domains, access rules, information, connection |
| [TRANSITIVE ID: 4] comprising, detecting, including | by, having, providing, using, containing, comprises, involving | [TRANSITIVE ID: 4] comprising, loading, expunging |
| [FEATURE ID: 5] steps, functions, part, different parts | characteristics, features, elements, operations, properties, components, process | [FEATURE ID: 5] steps, method, step, contents, operation |
| [TRANSITIVE ID: 6] using | running, extending, applying, having, operating, implementing, forming | [TRANSITIVE ID: 6] modifying, existing |
| [FEATURE ID: 7] packet, time stamp | feature, variable, filter, value, flag, entry, label | [FEATURE ID: 7] rule |
| [TRANSITIVE ID: 8] selected | transmitted, obtained, received, generated, supplied | [TRANSITIVE ID: 8] provided |
| [FEATURE ID: 9] analysis, initial filtering stage | inspection, examination, evaluation, treatment, processing, operation, communication | [FEATURE ID: 9] transmission |
| [FEATURE ID: 10] unique identifier | parameter, value, property, mask, policy, token, filter | [FEATURE ID: 10] dynamic rule, time condition |
| [FEATURE ID: 11] suspect, details | the, any, all, each, such | [FEATURE ID: 11] said |
| [FEATURE ID: 12] criteria | terms, parameters, rules, requirements, attributes, characteristics | [FEATURE ID: 12] conditions |
| [FEATURE ID: 13] traffic | activity, action, operations | [FEATURE ID: 13] lifetime |
| [FEATURE ID: 14] network | computer, router, gateway, host, client, proxy, service | [FEATURE ID: 14] computer network, firewall, remote proxy, destination |
| [FEATURE ID: 15] data processing, static buffer | database, memory, buffer, register, queue, packet, pipeline | [FEATURE ID: 15] cache |
| [FEATURE ID: 16] accessible | retained, provided, applicable, stored, usable | [FEATURE ID: 16] operative |
| [FEATURE ID: 17] use | application, instance, access | [FEATURE ID: 17] FTP data channel |
| [FEATURE ID: 18] claim | item, step, paragraph, fig, clause, figure | [FEATURE ID: 18] claim |
| [FEATURE ID: 19] identifier, adapter | engine, application, arrangement, entry, extension, interface, algorithm | [FEATURE ID: 19] initial set |
| 1 . A system [FEATURE ID: 1] for analyzing [TRANSITIVE ID: 2] network traffic [FEATURE ID: 3] , comprising [TRANSITIVE ID: 4] the steps [FEATURE ID: 5] of : using [TRANSITIVE ID: 6] detecting [TRANSITIVE ID: 4] means including [TRANSITIVE ID: 4] a tap [FEATURE ID: 1] which receives and selects [TRANSITIVE ID: 3] packets [FEATURE ID: 3] of data [FEATURE ID: 3] from network traffic and packet [FEATURE ID: 7] creating means which , for each packet selected [TRANSITIVE ID: 8] by the tap , creates a modified selected packet for analysis [FEATURE ID: 9] which consists of the selected packet and a unique identifier [FEATURE ID: 10] for the selected packet which distinguishes that selected packet from all other selected packets , wherein the detecting means analyzes the modified selected packets to detect suspect [FEATURE ID: 11] modified data packets [FEATURE ID: 3] which meet criteria [FEATURE ID: 12] defined by one or more functions [FEATURE ID: 5] in the detecting means , the criteria being indicative [FEATURE ID: 3] of potentially damaging traffic [FEATURE ID: 13] on the network [FEATURE ID: 14] ; forwarding details [FEATURE ID: 11] of each detected suspect modified data packet [FEATURE ID: 3] to data processing [FEATURE ID: 15] means ; storing details of each detected suspect modified data packet so as to be accessible [FEATURE ID: 16] for use [FEATURE ID: 17] in analysis by the data processing means in conjunction [FEATURE ID: 3] with the details of other detected modified suspect packets [FEATURE ID: 3] ; and using the data processing means to analyze the stored suspect modified data packets . 2 . A system as claimed in claim [FEATURE ID: 18] 1 wherein the unique identifier includes an identifier [FEATURE ID: 19] for the tap and a time stamp [FEATURE ID: 7] . 3 . A system as claimed in claim 1 wherein the tap carries out an initial filtering stage [FEATURE ID: 9] in respect of types [FEATURE ID: 3] of network traffic in order to select packets of data . 4 . A system as claimed in claim 1 wherein the modified selected packets for analysis are filtered in order to detect packets which meet the defined criteria , by means of an adapter [FEATURE ID: 19] which enables the application of a function [FEATURE ID: 1] to part [FEATURE ID: 5] of a packet . 5 . A system as claimed in claim 4 wherein a plurality of adapters [FEATURE ID: 3] are provided which enable the application of functions to different parts [FEATURE ID: 5] of a packet . 6 . A system as claimed in claim 1 wherein packets received and selected by the tap are placed in a static buffer [FEATURE ID: 15] |
1 A method for providing [TRANSITIVE ID: 2] a firewall service [FEATURE ID: 1] in a computer network [FEATURE ID: 14] , comprising [TRANSITIVE ID: 4] the steps [FEATURE ID: 5] of : loading [TRANSITIVE ID: 4] an initial set [FEATURE ID: 19] of rules [FEATURE ID: 3] ; and modifying [TRANSITIVE ID: 6] the set of rules without expunging [TRANSITIVE ID: 4] said [TRANSITIVE ID: 11] initial set of rules . 2 The method [FEATURE ID: 5] of claim [FEATURE ID: 18] 1 wherein said firewall service is provided [TRANSITIVE ID: 8] by a firewall [FEATURE ID: 14] and wherein said modifying step [FEATURE ID: 5] is performed without losing any connections [FEATURE ID: 3] existing [TRANSITIVE ID: 6] through said firewall when said modifying step is executed . 3 The method of claim 1 wherein said firewall service is provided by a firewall and wherein said modifying step is performed without losing a majority of connections existing through said firewall when said modifying step is executed . 4 The method of claim 1 wherein said firewall service is provided by a firewall and said firewall employs a cache [FEATURE ID: 15] to process packets [FEATURE ID: 3] through said firewall , and wherein contents [FEATURE ID: 5] of said cache remain unchanged by said modifying step . 5 The method of claim 1 wherein said firewall service is provided by a firewall servicing multiple domains , said modifying step modifies the set of rules associated with one of the multiple domains , and the other domains [FEATURE ID: 3] continue to operate without losing any connections existing through said firewall when said modifying step is executed . 6 The method of claim 1 wherein said firewall service is provided by a firewall servicing multiple domains , said modifying step modifies the set of rules associated with one of the multiple domains , and the other domains continue to operate without losing a majority of connections existing through said firewall when said modifying step is executed . 7 A method for providing a firewall service in a computer network , comprising the steps of : forming an augmented set of rules by including , in a set of access rules [FEATURE ID: 3] , at least one rule [FEATURE ID: 7] which acts to alter the operation [FEATURE ID: 5] of the set of rules under specified conditions [FEATURE ID: 12] ; and using the augmented set of rules in validating a packet [FEATURE ID: 1] . 8 The method of claim 7 wherein the at least one rule is a dynamic rule [FEATURE ID: 10] . 9 The method of claim 8 wherein the dynamic rule comprises a time condition [FEATURE ID: 10] which the packet must satisfy for transmission [FEATURE ID: 9] . 10 The method of claim 8 wherein the dynamic rule is deleted at the end of its lifetime [FEATURE ID: 13] if it has a specified lifetime . 11 The method of claim 8 wherein the dynamic rule is operative [FEATURE ID: 16] for a single network session [FEATURE ID: 1] . 12 The method of claim 8 wherein the dynamic rule comprises information [FEATURE ID: 3] which relates to a connection [FEATURE ID: 3] from a remote proxy [FEATURE ID: 14] to a destination [FEATURE ID: 14] . 13 The method of claim 8 wherein the dynamic rule is applied by a proxy [FEATURE ID: 1] in an file transfer protocol ( FTP ) application [FEATURE ID: 1] to determine whether an FTP data channel [FEATURE ID: 17] |
| Targeted Patent: Patent: US7594009B2 Filed: 2000-09-13 Issued: 2009-09-22 Patent Holder: (Original Assignee) Triulzi Arrigo G B; Joubert Adriaan W (Current Assignee) Datamonitor Systems LLC Inventor(s): Arrigo G. B. Triulzi, Adriaan W. Joubert Title: Monitoring network activity | Cross Reference / Shared Meaning between the Lines |
Charted Against: Patent: US5892900A Filed: 1996-08-30 Issued: 1999-04-06 Patent Holder: (Original Assignee) Intertrust Technologies Corp (Current Assignee) Intertrust Technologies Corp Inventor(s): Karl L. Ginter, Victor H. Shear, W. Olin Sibert, Francis J. Spahn, David M. Van Wie Title: Systems and methods for secure transaction management and electronic rights protection |
| [FEATURE ID: 1] system | bus, mechanism, unit, process, transmitter, program, means | [FEATURE ID: 1] source, trqansmission circuitry |
| [TRANSITIVE ID: 2] analyzing, detecting, creating, use | processing, monitoring, analysis, storage, filtering, examining, capturing | [TRANSITIVE ID: 2] use |
| [FEATURE ID: 3] network traffic, data, criteria, traffic, details, suspect packets, application, different parts | information, content, transactions, messages, the, events, processing | [FEATURE ID: 3] security, functions, unauthorized interference, contents, operations, signals, time information, time |
| [TRANSITIVE ID: 4] comprising, using, including | providing, incorporating, implementing, having, involving, employing, containing | [TRANSITIVE ID: 4] comprising, including |
| [FEATURE ID: 5] steps, packets, data packets, functions, types, part, adapters | elements, portions, means, characteristics, units, parts, features | [FEATURE ID: 5] components, barrier, gating circuitry |
| [FEATURE ID: 6] means, data processing | device, unit, memory, apparatus, controller, hardware, logic | [FEATURE ID: 6] secure processing unit, CPU, port, transmission circuitry, selective release circuitry, clock, circuitry |
| [TRANSITIVE ID: 7] receives, selects | samples, passes, filters, reads, processes, examines, removes | [TRANSITIVE ID: 7] evaluates, blocks |
| [TRANSITIVE ID: 8] selected, accessible | retrieved, provided, selectable, taken, sent, available, obtained | [TRANSITIVE ID: 8] received |
| [TRANSITIVE ID: 9] creates | prepares, generates, produces, provides, outputs | [TRANSITIVE ID: 9] updates |
| [FEATURE ID: 10] analysis | use, forwarding, output, communication | [FEATURE ID: 10] transmission |
| [FEATURE ID: 11] network | port, bus, link, device, monitor, circuit, connector | [FEATURE ID: 11] secure bus interface unit, bus external, external bus |
| [FEATURE ID: 12] initial filtering stage | analysis, assessment, evaluation | [FEATURE ID: 12] evaluation circuitry |
| [FEATURE ID: 13] order | turn, response, use | [FEATURE ID: 13] part |
| [FEATURE ID: 14] adapter | attachment, interface, adaptation, application | [FEATURE ID: 14] connection |
| 1 . A system [FEATURE ID: 1] for analyzing [TRANSITIVE ID: 2] network traffic [FEATURE ID: 3] , comprising [TRANSITIVE ID: 4] the steps [FEATURE ID: 5] of : using [TRANSITIVE ID: 4] detecting [TRANSITIVE ID: 2] means [FEATURE ID: 6] including [TRANSITIVE ID: 4] a tap which receives [TRANSITIVE ID: 7] and selects [TRANSITIVE ID: 7] packets [FEATURE ID: 5] of data [FEATURE ID: 3] from network traffic and packet creating [TRANSITIVE ID: 2] means which , for each packet selected [TRANSITIVE ID: 8] by the tap , creates [TRANSITIVE ID: 9] a modified selected packet for analysis [FEATURE ID: 10] which consists of the selected packet and a unique identifier for the selected packet which distinguishes that selected packet from all other selected packets , wherein the detecting means analyzes the modified selected packets to detect suspect modified data packets [FEATURE ID: 5] which meet criteria [FEATURE ID: 3] defined by one or more functions [FEATURE ID: 5] in the detecting means , the criteria being indicative of potentially damaging traffic [FEATURE ID: 3] on the network [FEATURE ID: 11] ; forwarding details [FEATURE ID: 3] of each detected suspect modified data packet to data processing [FEATURE ID: 6] means ; storing details of each detected suspect modified data packet so as to be accessible [FEATURE ID: 8] for use [FEATURE ID: 2] in analysis by the data processing means in conjunction with the details of other detected modified suspect packets [FEATURE ID: 3] ; and using the data processing means to analyze the stored suspect modified data packets . 2 . A system as claimed in claim 1 wherein the unique identifier includes an identifier for the tap and a time stamp . 3 . A system as claimed in claim 1 wherein the tap carries out an initial filtering stage [FEATURE ID: 12] in respect of types [FEATURE ID: 5] of network traffic in order [FEATURE ID: 13] to select packets of data . 4 . A system as claimed in claim 1 wherein the modified selected packets for analysis are filtered in order to detect packets which meet the defined criteria , by means of an adapter [FEATURE ID: 14] which enables the application [FEATURE ID: 3] of a function to part [FEATURE ID: 5] of a packet . 5 . A system as claimed in claim 4 wherein a plurality of adapters [FEATURE ID: 5] are provided which enable the application of functions to different parts [FEATURE ID: 3] |
1 . A secure processing unit [FEATURE ID: 6] comprising [TRANSITIVE ID: 4] a CPU [FEATURE ID: 6] , microprocessor or microcontroller and components [FEATURE ID: 5] designed to perform security [FEATURE ID: 3] - related functions [FEATURE ID: 3] , said components including [TRANSITIVE ID: 4] : a secure , tamper - resistant barrier operating to render unauthorized interference [FEATURE ID: 3] with or access to the contents [FEATURE ID: 3] or operations [FEATURE ID: 3] of the secure processing unit more difficult ; said barrier [FEATURE ID: 5] including : a secure bus interface unit [FEATURE ID: 11] , comprising : a port [FEATURE ID: 6] designed for connection [FEATURE ID: 14] to a bus external [FEATURE ID: 11] to the secure processing unit ; signal - evaluation circuitry [FEATURE ID: 12] which evaluates [TRANSITIVE ID: 7] signals [FEATURE ID: 3] received [TRANSITIVE ID: 8] from said external bus [FEATURE ID: 11] to determine whether said signals were generated by a trusted source [FEATURE ID: 1] ; and transmission circuitry [FEATURE ID: 6] which transmits signals between said secure processing unit and said external bus , said transmission circuitry comprising gating circuitry [FEATURE ID: 5] operatively connected to said signal - evaluation circuitry ; said gating circuitry including selective release circuitry [FEATURE ID: 6] which selectively releases signals from said external bus for transmission [FEATURE ID: 10] by said trqansmission circuitry [FEATURE ID: 1] to said secure processing unit or blocks [FEATURE ID: 7] said signals ; said selective release circuitry being controlled , at least in part [FEATURE ID: 13] , by signals received from said signal - evaluation circuitry , a clock [FEATURE ID: 6] , including ; circuitry [FEATURE ID: 6] which stores time information [FEATURE ID: 3] ; circuitry which updates [FEATURE ID: 9] said time information to reflect the passage of time [FEATURE ID: 3] ; circuitry designed to output said time information for use [FEATURE ID: 2] |
| Targeted Patent: Patent: US7594009B2 Filed: 2000-09-13 Issued: 2009-09-22 Patent Holder: (Original Assignee) Triulzi Arrigo G B; Joubert Adriaan W (Current Assignee) Datamonitor Systems LLC Inventor(s): Arrigo G. B. Triulzi, Adriaan W. Joubert Title: Monitoring network activity | Cross Reference / Shared Meaning between the Lines |
Charted Against: Patent: US5870559A Filed: 1996-10-15 Issued: 1999-02-09 Patent Holder: (Original Assignee) Mercury Interactive LLC (Current Assignee) Hewlett Packard Development Co LP Inventor(s): Eran Leshem, Amir Weinberg Title: Software system and associated methods for facilitating the analysis and management of web sites |
| [TRANSITIVE ID: 1] analyzing, detecting, data processing | monitoring, identifying, processing, receiving, determining, capturing, examining | [TRANSITIVE ID: 1] scanning |
| [TRANSITIVE ID: 2] comprising, including | having, involving, using, implementing, incorporating, providing, employing | [TRANSITIVE ID: 2] comprising |
| [FEATURE ID: 3] steps | methods, components, functions, elements, means, capabilities | [FEATURE ID: 3] executable code |
| [TRANSITIVE ID: 4] using | defining, assembling, preparing, implementing, creating, forming, establishing | [TRANSITIVE ID: 4] generating |
| [TRANSITIVE ID: 5] creating | monitoring, selection, management, processing, manipulation | [TRANSITIVE ID: 5] analysis |
| [FEATURE ID: 6] analysis | investigation, use, processing, display, monitoring, inspection | [FEATURE ID: 6] mapping |
| [FEATURE ID: 7] criteria, indicative, details | attributes, metadata, characteristics, parameters, properties, objects, tags | [FEATURE ID: 7] display attributes, information, custom attributes, status information |
| [FEATURE ID: 8] functions | modules, features, routines, operations, rules, applications, instructions | [FEATURE ID: 8] methods |
| [FEATURE ID: 9] traffic, suspect packets | information, communications, files, contents, networks, network traffic, events | [FEATURE ID: 9] web sites |
| [FEATURE ID: 10] network | device, host, system, hardware, memory, client, server | [FEATURE ID: 10] computer, readable medium, web site, user, software architecture |
| [FEATURE ID: 11] conjunction | correspondence, context, cooperation, accordance, communication, relationship | [FEATURE ID: 11] association |
| [FEATURE ID: 12] claim | item, requirement, preceding claim, step, paragraph, clair, any | [FEATURE ID: 12] claim |
| [FEATURE ID: 13] adapter | interface, agent, assembly, architecture, application, identifier, algorithm | [FEATURE ID: 13] extensible software architecture, application program interface |
| [FEATURE ID: 14] part, different parts | content, properties, attributes, aspects, fragments, features, sections | [FEATURE ID: 14] content objects, menu options |
| [FEATURE ID: 15] adapters | modules, interfaces, extensions, components, drivers, agents, devices | [FEATURE ID: 15] applications |
| [FEATURE ID: 16] static buffer | list, database, cache, registry, structure, stack, memory | [FEATURE ID: 16] user menu, scanning status information |
| 1 . A system for analyzing [TRANSITIVE ID: 1] network traffic , comprising [TRANSITIVE ID: 2] the steps [FEATURE ID: 3] of : using [TRANSITIVE ID: 4] detecting [TRANSITIVE ID: 1] means including [TRANSITIVE ID: 2] a tap which receives and selects packets of data from network traffic and packet creating [TRANSITIVE ID: 5] means which , for each packet selected by the tap , creates a modified selected packet for analysis [FEATURE ID: 6] which consists of the selected packet and a unique identifier for the selected packet which distinguishes that selected packet from all other selected packets , wherein the detecting means analyzes the modified selected packets to detect suspect modified data packets which meet criteria [FEATURE ID: 7] defined by one or more functions [FEATURE ID: 8] in the detecting means , the criteria being indicative [FEATURE ID: 7] of potentially damaging traffic [FEATURE ID: 9] on the network [FEATURE ID: 10] ; forwarding details [FEATURE ID: 7] of each detected suspect modified data packet to data processing [FEATURE ID: 1] means ; storing details of each detected suspect modified data packet so as to be accessible for use in analysis by the data processing means in conjunction [FEATURE ID: 11] with the details of other detected modified suspect packets [FEATURE ID: 9] ; and using the data processing means to analyze the stored suspect modified data packets . 2 . A system as claimed in claim [FEATURE ID: 12] 1 wherein the unique identifier includes an identifier for the tap and a time stamp . 3 . A system as claimed in claim 1 wherein the tap carries out an initial filtering stage in respect of types of network traffic in order to select packets of data . 4 . A system as claimed in claim 1 wherein the modified selected packets for analysis are filtered in order to detect packets which meet the defined criteria , by means of an adapter [FEATURE ID: 13] which enables the application of a function to part [FEATURE ID: 14] of a packet . 5 . A system as claimed in claim 4 wherein a plurality of adapters [FEATURE ID: 15] are provided which enable the application of functions to different parts [FEATURE ID: 14] of a packet . 6 . A system as claimed in claim 1 wherein packets received and selected by the tap are placed in a static buffer [FEATURE ID: 16] |
1 . An extensible software architecture [FEATURE ID: 13] for facilitating the mapping [FEATURE ID: 6] and analysis [FEATURE ID: 5] of web sites [FEATURE ID: 9] , comprising [TRANSITIVE ID: 2] , on a computer [FEATURE ID: 10] - readable medium [FEATURE ID: 10] : a mapping component which has executable code [FEATURE ID: 3] for scanning [TRANSITIVE ID: 1] a web site [FEATURE ID: 10] and for generating [TRANSITIVE ID: 4] a graphical site map of the web site , the graphical map represented by the mapping component as a map data structure which comprises a collection of node objects and link objects , the node objects representing content objects [FEATURE ID: 14] of the web site and the link objects representing links within the web site between the content objects , the node and link objects stored within the map data structure in association [FEATURE ID: 11] with display attributes [FEATURE ID: 7] which specify how the content objects and links are graphically displayed on a display screen within the graphical map ; and an application program interface [FEATURE ID: 13] ( API ) which includes methods [FEATURE ID: 8] that enable plug - in applications [FEATURE ID: 15] of the mapping component to access the node and link objects of the map data structure to obtain information [FEATURE ID: 7] about the web site , and which includes methods that enable the plug - in applications to modify the display attributes of at least the node and link objects to convey site - related information to a user [FEATURE ID: 10] via the graphical site map . 2 . The software architecture [FEATURE ID: 10] according to claim [FEATURE ID: 12] 1 , wherein the API includes one or more methods that enable the plug - in applications to selectively modify the respective colors of the content objects and links within the graphical map . 3 . The software architecture according to claim 1 , wherein the API includes one or more methods that enable the plug - in applications to selectively modify the respective visibilities of the content objects and links within the graphical map . 4 . The software architecture according to claim 1 , wherein the API includes one or more methods that enable the plug - in applications to add menu options [FEATURE ID: 14] to a user menu [FEATURE ID: 16] of the mapping component . 5 . The software architecture according to claim 1 , wherein the API includes one or more methods that enable the plug - in applications to attach custom attributes [FEATURE ID: 7] to the node and link objects . 6 . The software architecture according to claim 1 , wherein the mapping component stores scanning status information [FEATURE ID: 7] in the map data structure in association with the node objects , and the API includes one or more methods that enable the plug - in applications to access the scanning status information [FEATURE ID: 16] |
| Targeted Patent: Patent: US7594009B2 Filed: 2000-09-13 Issued: 2009-09-22 Patent Holder: (Original Assignee) Triulzi Arrigo G B; Joubert Adriaan W (Current Assignee) Datamonitor Systems LLC Inventor(s): Arrigo G. B. Triulzi, Adriaan W. Joubert Title: Monitoring network activity | Cross Reference / Shared Meaning between the Lines |
Charted Against: Patent: US5845300A Filed: 1996-06-05 Issued: 1998-12-01 Patent Holder: (Original Assignee) Microsoft Corp (Current Assignee) Microsoft Technology Licensing LLC Inventor(s): Ross Ward Comer, Adam Brett Stein, David Russell Williams, Jr. Title: Method and apparatus for suggesting completions for a partially entered data item based on previously-entered, associated data items |
| [FEATURE ID: 1] system, steps, functions | process, procedure, means, elements, features, methods, program | [FEATURE ID: 1] method, partial data entry, steps, step |
| [TRANSITIVE ID: 2] analyzing, detecting, data processing | monitoring, processing, receiving, selecting, storing, collecting, sampling | [TRANSITIVE ID: 2] completing, identifying, filtering |
| [FEATURE ID: 3] network traffic, data, data packets, traffic, suspect packets | information, messages, transactions, events, content, viruses, packets | [FEATURE ID: 3] data items, data item |
| [TRANSITIVE ID: 4] comprising | including, containing, comprises, of, using, with, and | [TRANSITIVE ID: 4] having, defining, comprising |
| [TRANSITIVE ID: 5] using | providing, creating, initiating, identifying, defining, establishing, activating | [TRANSITIVE ID: 5] invoking |
| [TRANSITIVE ID: 6] including | comprising, within, containing, defining | [TRANSITIVE ID: 6] encompassing |
| [FEATURE ID: 7] packets | cells, values, elements, blocks, characters, fields, addresses | [FEATURE ID: 7] rows, columns, contiguous cells |
| [FEATURE ID: 8] packet, unique identifier | entry, record, input, data, parameter, value, identifier | [FEATURE ID: 8] contiguous data, acceptance command, partial data item |
| [TRANSITIVE ID: 9] creating | control, selection, modification, manipulation | [TRANSITIVE ID: 9] command pertinent |
| [FEATURE ID: 10] other | received, processed, selected | [FEATURE ID: 10] completed |
| [FEATURE ID: 11] criteria, indicative, details, types, part, different parts | attributes, characteristics, parameters, data, indicia, fields, elements | [FEATURE ID: 11] cells, empty cells |
| [FEATURE ID: 12] conjunction | correspondence, conformity, parallel, concert, context, compliance, line | [FEATURE ID: 12] list, association, response, accordance |
| [FEATURE ID: 13] claim | item, preceding claim, requirement, step, paragraph, clair, clause | [FEATURE ID: 13] claim |
| [FEATURE ID: 14] identifier, initial filtering stage, adapter | input, entry, interface, algorithm, activity, attribute, index | [FEATURE ID: 14] active cell, edit mode, associated list |
| [FEATURE ID: 15] time stamp | value, type, field | [FEATURE ID: 15] containing |
| [FEATURE ID: 16] respect | each, one, the | [FEATURE ID: 16] said |
| [FEATURE ID: 17] function | response, result, query, protocol, message, operation, request | [FEATURE ID: 17] command, user response |
| [FEATURE ID: 18] static buffer | list, structure, database, memory, grid, map, zone | [FEATURE ID: 18] spreadsheet, search region, table |
| 1 . A system [FEATURE ID: 1] for analyzing [TRANSITIVE ID: 2] network traffic [FEATURE ID: 3] , comprising [TRANSITIVE ID: 4] the steps [FEATURE ID: 1] of : using [TRANSITIVE ID: 5] detecting [TRANSITIVE ID: 2] means including [TRANSITIVE ID: 6] a tap which receives and selects packets [FEATURE ID: 7] of data [FEATURE ID: 3] from network traffic and packet [FEATURE ID: 8] creating [TRANSITIVE ID: 9] means which , for each packet selected by the tap , creates a modified selected packet for analysis which consists of the selected packet and a unique identifier [FEATURE ID: 8] for the selected packet which distinguishes that selected packet from all other [FEATURE ID: 10] selected packets , wherein the detecting means analyzes the modified selected packets to detect suspect modified data packets [FEATURE ID: 3] which meet criteria [FEATURE ID: 11] defined by one or more functions [FEATURE ID: 1] in the detecting means , the criteria being indicative [FEATURE ID: 11] of potentially damaging traffic [FEATURE ID: 3] on the network ; forwarding details [FEATURE ID: 11] of each detected suspect modified data packet to data processing [FEATURE ID: 2] means ; storing details of each detected suspect modified data packet so as to be accessible for use in analysis by the data processing means in conjunction [FEATURE ID: 12] with the details of other detected modified suspect packets [FEATURE ID: 3] ; and using the data processing means to analyze the stored suspect modified data packets . 2 . A system as claimed in claim [FEATURE ID: 13] 1 wherein the unique identifier includes an identifier [FEATURE ID: 14] for the tap and a time stamp [FEATURE ID: 15] . 3 . A system as claimed in claim 1 wherein the tap carries out an initial filtering stage [FEATURE ID: 14] in respect [FEATURE ID: 16] of types [FEATURE ID: 11] of network traffic in order to select packets of data . 4 . A system as claimed in claim 1 wherein the modified selected packets for analysis are filtered in order to detect packets which meet the defined criteria , by means of an adapter [FEATURE ID: 14] which enables the application of a function [FEATURE ID: 17] to part [FEATURE ID: 11] of a packet . 5 . A system as claimed in claim 4 wherein a plurality of adapters are provided which enable the application of functions to different parts [FEATURE ID: 11] of a packet . 6 . A system as claimed in claim 1 wherein packets received and selected by the tap are placed in a static buffer [FEATURE ID: 18] |
1 . A method [FEATURE ID: 1] for completing [TRANSITIVE ID: 2] a partial data entry [FEATURE ID: 1] for an active cell [FEATURE ID: 14] of a spreadsheet [FEATURE ID: 18] having [TRANSITIVE ID: 4] a plurality of cells [FEATURE ID: 11] defining [TRANSITIVE ID: 4] a grid of rows [FEATURE ID: 7] and columns [FEATURE ID: 7] , comprising [TRANSITIVE ID: 4] the steps [FEATURE ID: 1] of : invoking [TRANSITIVE ID: 5] an edit mode [FEATURE ID: 14] for said [TRANSITIVE ID: 16] active cell ; identifying [TRANSITIVE ID: 2] a list [FEATURE ID: 12] of completed [TRANSITIVE ID: 10] data items [FEATURE ID: 3] from a search region [FEATURE ID: 18] within said spreadsheet comprising a table [FEATURE ID: 18] of contiguous data [FEATURE ID: 8] - containing [TRANSITIVE ID: 15] cells encompassing [TRANSITIVE ID: 6] said active cell and bordered by empty cells [FEATURE ID: 11] ; defining a partial data entry within said active cell ; identifying a matching completed data item [FEATURE ID: 3] from within said list of completed data items that corresponds to said partial data entry ; displaying said matching completed data item as a suggested completion for said partial data entry ; receiving an acceptance command [FEATURE ID: 8] in association [FEATURE ID: 12] with said suggested completion ; and in response [FEATURE ID: 12] to said acceptance command , storing said partial data entry with said suggested completion within the active cell . 2 . The method of claim [FEATURE ID: 13] 1 further comprising the steps of : receiving a command pertinent [FEATURE ID: 9] to said suggested completion ; and operating on said suggested completion in accordance [FEATURE ID: 12] with said command [FEATURE ID: 17] . 3 . The method of claim 2 , wherein said command is a user response [FEATURE ID: 17] and said operating step [FEATURE ID: 1] further comprises the steps of : if said response contains a modified partial data item [FEATURE ID: 8] , verifying said suggested completion comprises said modified partial data item ; if said response is a rejection of said suggested completion , displaying said partial data entry ; and if said response is a command to exit said edit mode , clearing said active cell . 4 . The method of claim 1 , wherein said identifying step further comprises the steps of : retrieving a plurality of completed data items from said search region within said spreadsheet to form an associated list [FEATURE ID: 14] of completed data items ; filtering [FEATURE ID: 2] said associated list of completed data items to generate a filtered list ; and sorting said filtered list to generate said list of completed data items . 5 . The method of claim 4 , wherein said search region within said spreadsheet is positionally based on said active cell and said identifying step further comprises the step of selecting a block of contiguous cells [FEATURE ID: 7] |
| Targeted Patent: Patent: US7594009B2 Filed: 2000-09-13 Issued: 2009-09-22 Patent Holder: (Original Assignee) Triulzi Arrigo G B; Joubert Adriaan W (Current Assignee) Datamonitor Systems LLC Inventor(s): Arrigo G. B. Triulzi, Adriaan W. Joubert Title: Monitoring network activity | Cross Reference / Shared Meaning between the Lines |
Charted Against: Patent: US5835726A Filed: 1993-12-15 Issued: 1998-11-10 Patent Holder: (Original Assignee) Check Point Software Technologies Ltd (Current Assignee) Check Point Software Technologies Ltd Inventor(s): Gil Shwed, Shlomo Kramer, Nir Zuk, Gil Dogon, Ehud Ben-Reuven Title: System for securing the flow of and selectively modifying packets in a computer network |
| [FEATURE ID: 1] system, means, part, different parts | mechanism, network, procedure, technique, program, step, process | [FEATURE ID: 1] method, security rule, steps, module, packet filter module, machine, compiler |
| [TRANSITIVE ID: 2] analyzing, detecting, packet, creating, analysis, data processing, use, initial filtering stage, application | processing, monitoring, filtering, examining, identifying, transmission, handling | [TRANSITIVE ID: 2] inspecting, modifying, inspection, selective modification, generating, controlling |
| [FEATURE ID: 3] network traffic, traffic, details, adapters | data, information, transactions, network, content, devices, transmissions | [FEATURE ID: 3] data packets, packet filter language instructions, virtual packet, passage, network computer, network objects, network services, object |
| [TRANSITIVE ID: 4] comprising, including | implementing, providing, by, having, comprises, involving, defining | [TRANSITIVE ID: 4] comprising, operating |
| [FEATURE ID: 5] steps, packets, indicative | characteristics, features, elements, parameters, attributes, requirements, details | [FEATURE ID: 5] aspect definitions, aspects, object definitions, filter language instructions, step |
| [TRANSITIVE ID: 6] using | providing, establishing, directing, adapting, incorporating, generating, mapping | [TRANSITIVE ID: 6] converting, coupling |
| [FEATURE ID: 7] data | traffic, packet data, packets | [FEATURE ID: 7] packet |
| [TRANSITIVE ID: 8] selected | provided, determined, generated | [TRANSITIVE ID: 8] occurring |
| [FEATURE ID: 9] other, suspect | selected, such, those, the, received | [FEATURE ID: 9] said |
| [FEATURE ID: 10] data packets, data packet, suspect packets, types | traffic, data, packets, flows, protocols, portions, streams | [FEATURE ID: 10] inbound, outbound data packets |
| [FEATURE ID: 11] criteria, time stamp | attributes, properties, characteristics, name, type, size | [FEATURE ID: 11] address |
| [FEATURE ID: 12] functions | operations, programs, rules | [FEATURE ID: 12] instructions |
| [FEATURE ID: 13] network | computer, web, system, server, circuit, lan, packet | [FEATURE ID: 13] computer network |
| [FEATURE ID: 14] conjunction, respect, order | response, association, advance, sequence, correspondence, comparison, light | [FEATURE ID: 14] accordance, terms |
| [FEATURE ID: 15] claim | item, requirement, need, step, paragraph, clair, fig | [FEATURE ID: 15] claim |
| [FEATURE ID: 16] identifier, adapter | interface, apparatus, instance, element, algorithm, extension, attribute | [FEATURE ID: 16] operation |
| [FEATURE ID: 17] function | feature, parameter, property, operation | [FEATURE ID: 17] aspect |
| [FEATURE ID: 18] static buffer | file, block, stream, list | [FEATURE ID: 18] set |
| 1 . A system [FEATURE ID: 1] for analyzing [TRANSITIVE ID: 2] network traffic [FEATURE ID: 3] , comprising [TRANSITIVE ID: 4] the steps [FEATURE ID: 5] of : using [TRANSITIVE ID: 6] detecting [TRANSITIVE ID: 2] means [FEATURE ID: 1] including [TRANSITIVE ID: 4] a tap which receives and selects packets [FEATURE ID: 5] of data [FEATURE ID: 7] from network traffic and packet [FEATURE ID: 2] creating [TRANSITIVE ID: 2] means which , for each packet selected [TRANSITIVE ID: 8] by the tap , creates a modified selected packet for analysis [FEATURE ID: 2] which consists of the selected packet and a unique identifier for the selected packet which distinguishes that selected packet from all other [FEATURE ID: 9] selected packets , wherein the detecting means analyzes the modified selected packets to detect suspect [FEATURE ID: 9] modified data packets [FEATURE ID: 10] which meet criteria [FEATURE ID: 11] defined by one or more functions [FEATURE ID: 12] in the detecting means , the criteria being indicative [FEATURE ID: 5] of potentially damaging traffic [FEATURE ID: 3] on the network [FEATURE ID: 13] ; forwarding details [FEATURE ID: 3] of each detected suspect modified data packet [FEATURE ID: 10] to data processing [FEATURE ID: 2] means ; storing details of each detected suspect modified data packet so as to be accessible for use [FEATURE ID: 2] in analysis by the data processing means in conjunction [FEATURE ID: 14] with the details of other detected modified suspect packets [FEATURE ID: 10] ; and using the data processing means to analyze the stored suspect modified data packets . 2 . A system as claimed in claim [FEATURE ID: 15] 1 wherein the unique identifier includes an identifier [FEATURE ID: 16] for the tap and a time stamp [FEATURE ID: 11] . 3 . A system as claimed in claim 1 wherein the tap carries out an initial filtering stage [FEATURE ID: 2] in respect [FEATURE ID: 14] of types [FEATURE ID: 10] of network traffic in order [FEATURE ID: 14] to select packets of data . 4 . A system as claimed in claim 1 wherein the modified selected packets for analysis are filtered in order to detect packets which meet the defined criteria , by means of an adapter [FEATURE ID: 16] which enables the application [FEATURE ID: 2] of a function [FEATURE ID: 17] to part [FEATURE ID: 1] of a packet . 5 . A system as claimed in claim 4 wherein a plurality of adapters [FEATURE ID: 3] are provided which enable the application of functions to different parts [FEATURE ID: 1] of a packet . 6 . A system as claimed in claim 1 wherein packets received and selected by the tap are placed in a static buffer [FEATURE ID: 18] |
1 . A method [FEATURE ID: 1] of inspecting [TRANSITIVE ID: 2] and selectively modifying [TRANSITIVE ID: 2] inbound [FEATURE ID: 10] and outbound data packets [FEATURE ID: 10] in a computer network [FEATURE ID: 13] , the inspection [FEATURE ID: 2] and selective modification [FEATURE ID: 2] of said [TRANSITIVE ID: 9] data packets [FEATURE ID: 3] occurring [TRANSITIVE ID: 8] in accordance [FEATURE ID: 14] with a security rule [FEATURE ID: 1] , the method comprising [TRANSITIVE ID: 4] the steps [FEATURE ID: 1] of : generating [TRANSITIVE ID: 2] a definition of each aspect [FEATURE ID: 17] of the computer network inspected by said security rule ; generating said security rule in terms [FEATURE ID: 14] of said aspect definitions [FEATURE ID: 5] , said security rule controlling [TRANSITIVE ID: 2] at least one of said aspects [FEATURE ID: 5] ; converting [TRANSITIVE ID: 6] said security rule into a set [FEATURE ID: 18] of packet filter language instructions [FEATURE ID: 3] for controlling an operation [FEATURE ID: 16] of a packet [FEATURE ID: 7] filtering module [FEATURE ID: 1] which inspects and selectively modifies said data packets in accordance with said security rule ; coupling [FEATURE ID: 6] said packet filter module [FEATURE ID: 1] to said computer network for inspecting and selectively modifying said data packets in accordance with said security rule , said packet filter module implementing a virtual packet [FEATURE ID: 3] filtering machine [FEATURE ID: 1] ; and said packet filter module executing said packet filter language instructions for operating [FEATURE ID: 4] said virtual packet filtering machine to either accept or reject the passage [FEATURE ID: 3] of said data packets into and out of said network computer [FEATURE ID: 3] and selectively modify said data packets so accepted . 2 . The method according to claim [FEATURE ID: 15] 1 , wherein said aspects include network objects [FEATURE ID: 3] . 3 . The method according to claim 1 , wherein said aspects include network services [FEATURE ID: 3] . 4 . The method according to claim 2 , wherein said aspects include network services . 5 . The method according to claim 4 , wherein said object definitions [FEATURE ID: 5] include the address [FEATURE ID: 11] of said object [FEATURE ID: 3] . 6 . The method according to claim 1 , wherein the filter language instructions [FEATURE ID: 5] of said step [FEATURE ID: 5] of converting are in the form of script and further comprising a compiler [FEATURE ID: 1] to compile said script into said instructions [FEATURE ID: 12] |
| Targeted Patent: Patent: US7594009B2 Filed: 2000-09-13 Issued: 2009-09-22 Patent Holder: (Original Assignee) Triulzi Arrigo G B; Joubert Adriaan W (Current Assignee) Datamonitor Systems LLC Inventor(s): Arrigo G. B. Triulzi, Adriaan W. Joubert Title: Monitoring network activity | Cross Reference / Shared Meaning between the Lines |
Charted Against: Patent: US5819226A Filed: 1992-09-08 Issued: 1998-10-06 Patent Holder: (Original Assignee) HNC Software Inc (Current Assignee) Fair Isaac Corp Inventor(s): Krishna M. Gopinathan, Louis S. Biafore, William M. Ferguson, Michael A. Lazarus, Anu K. Pathria, Allen Jost Title: Fraud detection using predictive modeling |
| [FEATURE ID: 1] system, data processing | program, procedure, method, processor, computing, processing, database | [FEATURE ID: 1] computer, process, step |
| [TRANSITIVE ID: 2] analyzing, detecting, use, application | monitoring, sampling, identifying, receiving, determining, reading, handling | [TRANSITIVE ID: 2] detecting, obtaining, processing, pre-processing |
| [FEATURE ID: 3] network traffic, creating, data packets, criteria, indicative, traffic, details, suspect packets | information, data, transactions, events, signals, attributes, parameters | [FEATURE ID: 3] storage, past transaction data, variables, fraud, computer signal, general customer data, customer transactional pattern data, elements |
| [TRANSITIVE ID: 4] comprising, including | incorporating, by, involving, containing, using, implementing, employing | [TRANSITIVE ID: 4] having, comprising |
| [FEATURE ID: 5] steps, packets, functions, types, part, adapters, different parts | elements, characteristics, components, features, segments, units, means | [FEATURE ID: 5] steps, iterative steps |
| [TRANSITIVE ID: 6] using | constructing, preparing, building, creating, forming, establishing, providing | [TRANSITIVE ID: 6] generating, storing |
| [FEATURE ID: 7] means | medium, system, device, memory, computer, repository, server | [FEATURE ID: 7] computer storage, profile computer database record |
| [FEATURE ID: 8] data | instructions, date, information | [FEATURE ID: 8] current transaction data |
| [FEATURE ID: 9] analysis | storage, data, recording | [FEATURE ID: 9] profile computer database record further |
| [FEATURE ID: 10] unique identifier | reference, value, parameter, characteristic, response, measurement, component | [FEATURE ID: 10] relative contribution, preset threshold value, performance metric, performance level |
| [FEATURE ID: 11] network, static buffer | database, host, storage, device, server, computer, system | [FEATURE ID: 11] processor, customer account, computer database |
| [FEATURE ID: 12] claim | step, paragraph, clair, clause, figure, item, preceding claim | [FEATURE ID: 12] claim |
| [FEATURE ID: 13] time stamp | value, time, variable | [FEATURE ID: 13] cascade threshold value |
| [FEATURE ID: 14] respect | anticipation, detection, recognition, degree, occurrence, amount, extent | [FEATURE ID: 14] likelihood, determined likelihood |
| [FEATURE ID: 15] function | result, parameter, value | [FEATURE ID: 15] representation |
| 1 . A system [FEATURE ID: 1] for analyzing [TRANSITIVE ID: 2] network traffic [FEATURE ID: 3] , comprising [TRANSITIVE ID: 4] the steps [FEATURE ID: 5] of : using [TRANSITIVE ID: 6] detecting [TRANSITIVE ID: 2] means [FEATURE ID: 7] including [TRANSITIVE ID: 4] a tap which receives and selects packets [FEATURE ID: 5] of data [FEATURE ID: 8] from network traffic and packet creating [TRANSITIVE ID: 3] means which , for each packet selected by the tap , creates a modified selected packet for analysis [FEATURE ID: 9] which consists of the selected packet and a unique identifier [FEATURE ID: 10] for the selected packet which distinguishes that selected packet from all other selected packets , wherein the detecting means analyzes the modified selected packets to detect suspect modified data packets [FEATURE ID: 3] which meet criteria [FEATURE ID: 3] defined by one or more functions [FEATURE ID: 5] in the detecting means , the criteria being indicative [FEATURE ID: 3] of potentially damaging traffic [FEATURE ID: 3] on the network [FEATURE ID: 11] ; forwarding details [FEATURE ID: 3] of each detected suspect modified data packet to data processing [FEATURE ID: 1] means ; storing details of each detected suspect modified data packet so as to be accessible for use [FEATURE ID: 2] in analysis by the data processing means in conjunction with the details of other detected modified suspect packets [FEATURE ID: 3] ; and using the data processing means to analyze the stored suspect modified data packets . 2 . A system as claimed in claim [FEATURE ID: 12] 1 wherein the unique identifier includes an identifier for the tap and a time stamp [FEATURE ID: 13] . 3 . A system as claimed in claim 1 wherein the tap carries out an initial filtering stage in respect [FEATURE ID: 14] of types [FEATURE ID: 5] of network traffic in order to select packets of data . 4 . A system as claimed in claim 1 wherein the modified selected packets for analysis are filtered in order to detect packets which meet the defined criteria , by means of an adapter which enables the application [FEATURE ID: 2] of a function [FEATURE ID: 15] to part [FEATURE ID: 5] of a packet . 5 . A system as claimed in claim 4 wherein a plurality of adapters [FEATURE ID: 5] are provided which enable the application of functions to different parts [FEATURE ID: 5] of a packet . 6 . A system as claimed in claim 1 wherein packets received and selected by the tap are placed in a static buffer [FEATURE ID: 11] |
1 . In a computer [FEATURE ID: 1] having [TRANSITIVE ID: 4] a processor [FEATURE ID: 11] and storage [FEATURE ID: 3] , a computer - implemented process [FEATURE ID: 1] for detecting [TRANSITIVE ID: 2] a fraudulent transaction in a customer account [FEATURE ID: 11] , comprising [TRANSITIVE ID: 4] the steps [FEATURE ID: 5] of : obtaining [TRANSITIVE ID: 2] past transaction data [FEATURE ID: 3] for processing [FEATURE ID: 2] by the computer pre-processing [TRANSITIVE ID: 2] the past transaction data to derive past fraud related variables [FEATURE ID: 3] ; generating [TRANSITIVE ID: 6] a predictive model with the processor from the past fraud related variables ; storing [TRANSITIVE ID: 6] a representation [FEATURE ID: 15] of the predictive model in the computer storage [FEATURE ID: 7] ; receiving current transaction data [FEATURE ID: 8] for processing by the processor ; receiving customer data for processing by the processor ; and generating a computer signal indicative of the likelihood [FEATURE ID: 14] of fraud [FEATURE ID: 3] in the current transaction , wherein the processor generates the computer signal [FEATURE ID: 3] by applying the current transaction data and the customer data to the stored predictive model . 2 . The computer - implemented process of claim [FEATURE ID: 12] 1 , wherein the step [FEATURE ID: 1] of obtaining customer data comprises accessing a computer database [FEATURE ID: 11] containing general customer data [FEATURE ID: 3] and a computer database containing customer transactional pattern data [FEATURE ID: 3] . 3 . The computer - implemented process of claim 1 , wherein the step of obtaining customer data comprises accessing no more than one profile computer database record [FEATURE ID: 7] containing customer transactional pattern data . 4 . The computer - implemented process of claim 3 , wherein the profile computer database record further [FEATURE ID: 9] contains general customer data . 5 . The computer - implemented process of claim 1 , wherein the current transaction data and the customer data each comprise a plurality of elements [FEATURE ID: 3] and the computer processes each element by : determining a relative contribution [FEATURE ID: 10] of the element to the determined likelihood [FEATURE ID: 14] of fraud ; determining from each relative contribution thus determined a reason code value ; and generating a computer signal indicative of the reason code value . 6 . The computer - implemented process of claim 1 , further comprising the steps of : comparing the computer signal indicative of the likelihood of fraud with a preset threshold value [FEATURE ID: 10] ; and responsive to the computer signal exceeding the preset threshold value , generating a computer signal indicating fraud . 7 . The computer - implemented process of claim 1 , further comprising the iterative steps [FEATURE ID: 5] of : determining a cascade threshold value [FEATURE ID: 13] ; comparing the computer signal indicative of the likelihood of fraud with the cascade threshold value ; and responsive to the computer signal exceeding the cascade threshold value , generating another computer signal indicative of the likelihood of fraud in the current transaction by applying the current transaction data and the customer data to another predictive model . 8 . The computer - implemented process of claim 1 , further comprising the steps of : monitoring a performance metric [FEATURE ID: 10] of the computer generated predictive model , wherein the processor monitors the performance metric ; comparing the performance metric with a predetermined performance level [FEATURE ID: 10] |
| Targeted Patent: Patent: US7594009B2 Filed: 2000-09-13 Issued: 2009-09-22 Patent Holder: (Original Assignee) Triulzi Arrigo G B; Joubert Adriaan W (Current Assignee) Datamonitor Systems LLC Inventor(s): Arrigo G. B. Triulzi, Adriaan W. Joubert Title: Monitoring network activity | Cross Reference / Shared Meaning between the Lines |
Charted Against: Patent: US5798769A Filed: 1996-08-15 Issued: 1998-08-25 Patent Holder: (Original Assignee) Xerox Corp (Current Assignee) Xerox Corp Inventor(s): Patrick Chiu, Thomas P. Moran, William J. vanMelle Title: Method and apparatus for maintaining links between graphic objects in a free-form graphics display system |
| [FEATURE ID: 1] system, means, function | procedure, mechanism, process, operation, technique, program, subsequent step | [FEATURE ID: 1] method, step, substep |
| [TRANSITIVE ID: 2] analyzing, data processing | collecting, identifying, monitoring, detecting, receiving, memory, capturing | [TRANSITIVE ID: 2] storing |
| [TRANSITIVE ID: 3] comprising, using, including | providing, incorporating, comprises, employing, containing, involving, implementing | [TRANSITIVE ID: 3] having, comprising, including |
| [FEATURE ID: 4] steps, functions, indicative, traffic, details, types, part, different parts | characteristics, elements, features, attributes, data, components, segments | [FEATURE ID: 4] steps, link segment information, substeps |
| [TRANSITIVE ID: 5] detecting | detection, identifying, computing, sensing, receiving, determining, monitoring | [TRANSITIVE ID: 5] detecting |
| [FEATURE ID: 6] packets | addresses, points, values, segments | [FEATURE ID: 6] displacement values |
| [FEATURE ID: 7] unique identifier | representation, reference, placeholder | [FEATURE ID: 7] third attachment point |
| [FEATURE ID: 8] other, use | later, subsequent, stored, selected, previously, reference, further | [FEATURE ID: 8] previous |
| [FEATURE ID: 9] criteria | parameters, values, the, information, data | [FEATURE ID: 9] link displacement data, transformation factors |
| [FEATURE ID: 10] network | link, path, connection, device, system, segment, location | [FEATURE ID: 10] link responsive, node, third attachment points |
| [FEATURE ID: 11] claim | point, requirement, step, paragraph, clause, figure, item | [FEATURE ID: 11] claim |
| [FEATURE ID: 12] identifier | offset, address, endpoint, index, axis, elongation, end | [FEATURE ID: 12] same location, arclength, origin, X dimension transformation factor |
| [FEATURE ID: 13] time stamp | value, size, type | [FEATURE ID: 13] length |
| 1 . A system [FEATURE ID: 1] for analyzing [TRANSITIVE ID: 2] network traffic , comprising [TRANSITIVE ID: 3] the steps [FEATURE ID: 4] of : using [TRANSITIVE ID: 3] detecting [TRANSITIVE ID: 5] means [FEATURE ID: 1] including [TRANSITIVE ID: 3] a tap which receives and selects packets [FEATURE ID: 6] of data from network traffic and packet creating means which , for each packet selected by the tap , creates a modified selected packet for analysis which consists of the selected packet and a unique identifier [FEATURE ID: 7] for the selected packet which distinguishes that selected packet from all other [FEATURE ID: 8] selected packets , wherein the detecting means analyzes the modified selected packets to detect suspect modified data packets which meet criteria [FEATURE ID: 9] defined by one or more functions [FEATURE ID: 4] in the detecting means , the criteria being indicative [FEATURE ID: 4] of potentially damaging traffic [FEATURE ID: 4] on the network [FEATURE ID: 10] ; forwarding details [FEATURE ID: 4] of each detected suspect modified data packet to data processing [FEATURE ID: 2] means ; storing details of each detected suspect modified data packet so as to be accessible for use [FEATURE ID: 8] in analysis by the data processing means in conjunction with the details of other detected modified suspect packets ; and using the data processing means to analyze the stored suspect modified data packets . 2 . A system as claimed in claim [FEATURE ID: 11] 1 wherein the unique identifier includes an identifier [FEATURE ID: 12] for the tap and a time stamp [FEATURE ID: 13] . 3 . A system as claimed in claim 1 wherein the tap carries out an initial filtering stage in respect of types [FEATURE ID: 4] of network traffic in order to select packets of data . 4 . A system as claimed in claim 1 wherein the modified selected packets for analysis are filtered in order to detect packets which meet the defined criteria , by means of an adapter which enables the application of a function [FEATURE ID: 1] to part [FEATURE ID: 4] of a packet . 5 . A system as claimed in claim 4 wherein a plurality of adapters are provided which enable the application of functions to different parts [FEATURE ID: 4] |
1 . A method [FEATURE ID: 1] for curve transformation of an arbitrarily shaped link responsive [FEATURE ID: 10] to moving a node [FEATURE ID: 10] in a node - link diagram , said node - link diagram having [TRANSITIVE ID: 3] a first node linked to a second node via a link , said link attached to said first node at a first attachment point and to said second node at a second attachment point , said method comprising [TRANSITIVE ID: 3] the steps [FEATURE ID: 4] of : a ) storing [TRANSITIVE ID: 2] link shape information , said link shape information including [TRANSITIVE ID: 3] link segment information [FEATURE ID: 4] ; b ) detecting [TRANSITIVE ID: 5] that said second node has been moved ; c ) identifying a third attachment point [FEATURE ID: 7] for said second node at the destination of said moved second node , said third attachment point at the same location [FEATURE ID: 12] on said second node as said second attachment point ; d ) generating link displacement data [FEATURE ID: 9] for said link based on said stored link shape information ; e ) transforming each segment of said link whereby said link is curve transformed , said transforming of each segment accomplished by performing the substeps [FEATURE ID: 4] of : e1 ) determining an arclength [FEATURE ID: 12] for said segment ; e2 ) determining transformation factors [FEATURE ID: 9] based on the length [FEATURE ID: 13] of said segment and said arclength for said segment ; e3 ) determining a transformed segment location and length based on said transformation factors , link displacement data and the original segment endpoint location ; and e4 ) displaying said transformed segment between said transformed segment endpoint location and a previous [FEATURE ID: 8] transformed segment endpoint . 2 . The method as recited in claim [FEATURE ID: 11] 1 wherein said step [FEATURE ID: 1] of generating link displacement data for said link is further comprised of the steps of : b1 ) defining an X-Y coordinate system having said first attachment point as an origin [FEATURE ID: 12] ; b2 ) determining displacement values [FEATURE ID: 6] in X and Y dimensions based on said second and third attachment points [FEATURE ID: 10] . 3 . The method as recited in claim 2 wherein said substep [FEATURE ID: 1] of determining transformation factors based on the length of said segment and said arclength for said segment is further comprised of the substeps of : determining the length of said segment in the X dimension ; determining the X-arclength of said segment as the length of said link up to said segment in the X dimension ; calculating an X dimension transformation factor [FEATURE ID: 12] |