Patent application number | Description | Published |
20080232583 | Vehicle Segment Certificate Management Using Shared Certificate Schemes - The present invention advantageously provides techniques to solve problems with combinatorial anonymous certificate management by addressing critical issues concerning its feasibility, scalability, and performance. Methods and procedures to manage IEEE 1609.2 anonymous and identifying cryptographic keys and certificates in the Vehicle Infrastructure Integration (VII) system are presented, along with methods for management of identifying and anonymous certificates in a partitioned Certificate Authority architecture designed to enhance vehicle privacy. Novel methods for vehicles to dynamically change an anonymous certificate for use while maintaining vehicle privacy are given. Refinements to basic combinatorial schemes are presented including probabilistic key replacement, rekey counter decrement, dynamic rekey threshold, geographic attack isolation and proofs of geographic position. | 09-25-2008 |
20080311855 | INTELLIGENT CONNECTIVITY FRAMEWORK FOR THE SIMULTANEOUS USE OF MULTIPLE INTERFACES - A system and method comprising a framework configured to enable wireless devices to intelligently and simultaneously use multiple wireless interfaces of the wireless devices. | 12-18-2008 |
20090019505 | STREAMING VIDEO OVER MULTIPLE NETWORK INTERFACES - The preferred embodiments provide a system and/or method that exploits the presence of multiple interfaces to provide high quality video streaming (or real time streaming). The proposed solution includes three specific strategies 1) receiver buffer management, 2) selective re-transmission of packets and 3) dynamic load balancing across interfaces to achieve high quality video streaming across multiple interfaces. | 01-15-2009 |
20090285142 | REDUCING POWER CONSUMPTION OF WI-FI ENABLED MOBILE DEVICES - A system and method for maximizing the standby time of mobile communication devices that have WiFi or other high energy-consuming network interfaces, by predicting in real time actionable silent periods (ASPs) of the interface and shutting the interface down during these ASPs. Standby times are significantly increased, resulting in longer periods of operation before battery charging is required, while keeping minimal the probabilities of missing incoming data packets when the interface is turned off. | 11-19-2009 |
20090328185 | Detecting exploit code in network flows - Disclosed is a method and apparatus for detecting exploit code in network flows. Network data packets are intercepted by a flow monitor which generates data flows from the intercepted data packets. A content filter filters out legitimate programs from the data flows, and the unfiltered portions are provided to a code recognizer which detects executable code. Any embedded executable code in the unfiltered data flow portions is identified as a suspected exploit in the network flow. The executable code recognizer recognizes executable code by performing convergent binary disassembly on the unfiltered portions of the data flows. The executable code recognizer then constructs a control flow graph and performs control flow analysis, data flow analysis, and constraint enforcement in order to detect executable code. In addition to identifying detected executable code as a potential exploit, the detected executable code may then be used in order to generate a signature of the potential exploit, for use by other systems in detecting the exploit. | 12-31-2009 |
20100031025 | Method and system to authorize and assign digital certificates without loss of privacy, and/or to enhance privacy key selection - A method and system for public key infrastructure key and certificate management provides anonymity to certificate holders and protects the privacy of certificate holders from the compromise of a certificate authority. Functional separation is provided in the authorization of a certificate request and the assignment of certificates and key pairs. The authorizing certificate authority approves or denies each certificate request from a requestor whose identity is not made available to the assigning certificate authority. The assigning certificate authority, upon approval from the authorizing certificate authority, issues one or more certificates and optionally generates and provides the associated key pairs to the requester without disclosing these certificates and key pairs to the authorizing certificate authority. In another aspect, a distributed method is disclosed that allows individual nodes and/or units in a network to select certificates for broadcasting messages to a community of interest with a non-unique key. | 02-04-2010 |
20110035094 | SYSTEM AND METHOD FOR AUTOMATIC FAULT DETECTION OF A MACHINE - A system and method for automatic fault detection of a machine is described. In one embodiment, a semantic structure is constructed using the words and values associated with the parameter identification numbers used by the on-board diagnostic system in a vehicle. The semantic structure is enhanced, analyzed, and reduced to determine the number and arrangement of the clusters that should be independently analyzed in order to produce the most reliable results in a computationally efficient manner. Each cluster is then used to detect outliers that are used to detect vehicle malfunctions. | 02-10-2011 |
20110085463 | REAL-TIME COMPARISON OF QUALITY OF INTERFACES - In some embodiments, a system and method for substantially real-time comparison of quality of interfaces by mobile devices over heterogeneous networks is disclosed. The method can be performed using a dynamic and rapid comparison by distributed hosts, using a minimal number of injected network packets, using minimal path quality metrics, which path quality metrics are independent of how a Qol is measured, and in a manner suitable for both wireline and wireless networks. | 04-14-2011 |
20110214178 | System and Method for Detecting and Evicting Malicious Vehicles in a Vehicle Communications Network - In a vehicle communication network, some vehicles may be used by attackers to send false information to other vehicles which may jeopardize the safety of other vehicles. Vehicles should be able to detect malicious communications activities and to mitigate the impact of malicious vehicles by evicting (eliminating) suspected malicious vehicles from the system. Evicting a vehicle is to ignore the messages sent from the vehicle for a specified time period. Voting and sacrifice principles are combined using a mathematical model based on the “Mafia Game”. The Mafia Game model focuses on the relative size of the group of attackers within a neighborhood necessary to dominate the entire network in the neighborhood (i.e., to eventually evict all the innocent vehicles). | 09-01-2011 |
20120030758 | Automated Diversity Using Return Oriented Programming - A method of automatically creating functionally and structurally diverse equivalent copies of software executables using return oriented programming for the purpose of passing through a filter and other purposes includes starting with a program and a target runtime environment, creating a return oriented instruction library having a plurality of code fragments which end in a ‘return’ instruction from the program and chaining fragments together to automatically form diverse equivalent copies of software executables using return oriented programming. | 02-02-2012 |
20130088955 | Method and System for Distributed, Prioritized Bandwidth Allocation in Networks - An apparatus, system and method are introduced for prioritizing allocation of communication bandwidth in a network. In one embodiment, the apparatus includes memory including computer program code configured to, with a processor, cause the apparatus to assign a value to a prioritization parameter at an endpoint communication device dependent on a priority of an information flow in a network, and update a communication bandwidth for the information flow dependent on the value of the prioritization parameter after a round-trip time for the information flow. | 04-11-2013 |
20130179869 | Adaptive Diversity for Compressible Return Oriented Programs - A method of transforming return oriented programming executables into functionally equivalent yet different forms with specific structural and/or functional characteristics that can assist in the use of such executables. A method automatically biases the structural and/or functional diversity of the return oriented programming software executables to achieve specific program representation objectives while preserving the programmatic capabilities of the original executable. | 07-11-2013 |
20140098794 | DYNAMIC NETWORK SELECTION USING KERNELS - A method for determining whether to perform vertical handoff between multiple network. The method comprises obtaining a plurality of selection metrics for each network, calculating, for each of the other communication networks, a predicted utility value from at least the corresponding plurality of selection metrics using a variable kernel regression function, obtaining, for the current communication network, a second plurality of selection metrics; calculating a second predicted utility value for the current communication network from at least the corresponding second plurality of selection metrics using a second variable kernel regression function, comparing each of the predicted utility values for each of the plurality of other communication networks with the second predicted utility value and switching to one of the other communication networks having the highest predicted utility value, if the highest predicted utility value is greater than the second predicted utility value. | 04-10-2014 |