| Patent application number | Description | Published |
|---|
| 20080222724 | PREVENTION OF DENIAL OF SERVICE (DoS) ATTACKS ON SESSION INITIATION PROTOCOL (SIP)-BASED SYSTEMS USING RETURN ROUTABILITY CHECK FILTERING - A device receives an attack on a Session Initiation Protocol (SIP)-based device, determines a type of the attack, and applies, based on the determined type of the attack, a return routability check filter to the attack. | 09-11-2008 |
| 20090006841 | SYSTEM AND METHOD FOR TESTING NETWORK FIREWALL FOR DENIAL-OF-SERVICE (DOS) DETECTION AND PREVENTION IN SIGNALING CHANNEL - A device may measure a first performance, associated with legitimate traffic without attack traffic, of a Session Initiation Protocol (SIP)-based protection device implementing authentication; measure a second performance, associated with legitimate traffic and attack traffic, of the SIP-based protection device implementing authentication; and measure a third performance, associated with legitimate traffic and attack traffic, of the SIP-based protection device implementing authentication and return routability filtering. The device may also measure a first performance associated with legitimate traffic of a Session Initiation Protocol (SIP)-based protection device implementing rate-limiting filtering; measure a second performance associated with legitimate traffic and attack traffic of the SIP-based protection device implementing scheme filtering; and measure a third performance associated with legitimate traffic of the SIP-based protection device not implementing rate-limiting filtering without attack traffic. | 01-01-2009 |
| 20090007220 | THEFT OF SERVICE ARCHITECTURAL INTEGRITY VALIDATION TOOLS FOR SESSION INITIATION PROTOCOL (SIP)-BASED SYSTEMS - A device prevents theft of service attacks on a Session Initiation Protocol (SIP)-based device using an identity assurance protection mechanism, a multiple end-points protection mechanism, and an intrusion detecting protection mechanism. | 01-01-2009 |
| 20090083845 | NETWORK FIREWALL TEST METHODS AND APPARATUS - A test method for Internet-Protocol packet networks that verifies the proper functioning of a dynamic pinhole filtering implementation as well as quantifying network vulnerability statistically, as pinholes are opened and closed is described. Specific potential security vulnerabilities that may be addressed through testing include: 1) excessive delay in opening pinholes, resulting in an unintentional denial of service; 2) excessive delay in closing pinholes, creating a closing delay window of vulnerability; 3) measurement of the length of various windows of vulnerability; 4) setting a threshold on a window of vulnerability such that it triggers an alert when a predetermined value is exceeded; 5) determination of incorrectly allocated pinholes, resulting in a denial of service; 6) determining the opening of extraneous pinhole/IP address combinations through a firewall which increase the network vulnerability through unrecognized backdoors; and 7) determining the inability to correlate call state information with dynamically established rules in the firewall. | 03-26-2009 |
| 20090205039 | SECURITY MANAGEMENT SYSTEM FOR MONITORING FIREWALL OPERATION - A test method for Internet-Protocol packet networks that verifies the proper functioning of a dynamic pinhole filtering implementation as well as quantifying network vulnerability statistically, as pinholes are opened and closed is described. Specific potential security vulnerabilities that may be addressed through testing include: 1) excessive delay in opening pinholes, resulting in an unintentional denial of service; 2) excessive delay in closing pinholes, creating a closing delay window of vulnerability; 3) measurement of the length of various windows of vulnerability; 4) setting a threshold on a window of vulnerability such that it triggers an alert when a predetermined value is exceeded; 5) determination of incorrectly allocated pinholes, resulting in a denial of service; 6) determining the opening of extraneous pinhole/IP address combinations through a firewall which increase the network vulnerability through unrecognized backdoors; and 7) determining the inability to correlate call state information with dynamically established rules in the firewall. | 08-13-2009 |
| 20100058457 | Methodology, Measurements and Analysis of Performance and Scalability of Stateful Border Gateways - Methods and apparatus for testing of Internet-Protocol packet network perimeter protection devices, e.g., Border Gateways such as Session Border Controllers, including 5 dynamic pinhole capable firewalls are discussed. Analysis and testing of these network perimeter protection devices is performed to evaluate the ability of such device to perform at carrier class levels. The efficiency of state look table functions as well as call signaling processing capacity, implemented in a particular perimeter protection device, are determined and evaluated. Proper performance and efficiency of such perimeter protection devices are evaluated as a function of incoming call rate and as a function of total pre-existing active calls. Various different network perimeter protection devices, e.g., of different types and/or from different manufactures, can be benchmarked for suitability to carrier class environments and comparatively evaluated. Test equipment devices, e.g., enhanced Integrated Intelligent End Points (IIEPs), for fault testing, 15 evaluating and stressing the network perimeter protection devices in a system environment are described. Typically these specialized test devices are used in pairs, one on each side of the firewall under test. These test equipment devices include a heavy duty traffic generator module, monitoring and analysis capability including a utilization analysis module, and a graphical output capability. | 03-04-2010 |
| 20100238810 | Methodology for Measurements and Analysis of Protocol Conformance, Performance and Scalability of Stateful Border Gateways - Testing of Internet-Protocol packet network perimeter protection devices, e.g., Border Gateways such as Session Border Controllers, including dynamic pinhole capable firewalls are discussed. Analysis and testing of these network perimeter protection devices is performed to evaluate the ability of such device to perform at carrier class levels while being subjected to many different protocol test cases. The efficiency of state look table functions as well as call signaling processing capacity, implemented in a particular perimeter protection device, are determined and evaluated. Proper performance and efficiency of such perimeter protection devices are evaluated as a function of: incoming call rate, total pre-existing active calls, and different protocol test cases. Various different network perimeter protection devices, e.g., of different types and/or from different manufactures, can be benchmarked for degree of protocol stack implementation/suitability to carrier class environments and comparatively evaluated. Test equipment devices, e.g., Integrated Intelligent End Points (IIEPs), for fault testing, evaluating and stressing the network perimeter protection devices in a system environment are described. Typically these specialized test devices are used in pairs, one on each side of the firewall under test. These test equipment devices include a traffic generator module, a protocol compliance testing module, monitoring and analysis capability including a CPU utilization analysis module, a protocol analysis module, and a graphical output capability. | 09-23-2010 |
| 20110138456 | SECURITY MANAGEMENT SYSTEM FOR MONITORING FIREWALL OPERATION - A test method for Internet-Protocol packet networks that verifies the proper functioning of a dynamic pinhole filtering implementation as well as quantifying network vulnerability statistically, as pinholes are opened and closed is described. Specific potential security vulnerabilities that may be addressed through testing include: 1) excessive delay in opening pinholes, resulting in an unintentional denial of service; 2) excessive delay in closing pinholes, creating a closing delay window of vulnerability; 3) measurement of the length of various windows of vulnerability; 4) setting a threshold on a window of vulnerability such that it triggers an alert when a predetermined value is exceeded; 5) determination of incorrectly allocated pinholes, resulting in a denial of service; 6) determining the opening of extraneous pinhole/IP address combinations through a firewall which increase the network vulnerability through unrecognized backdoors; and 7) determining the inability to correlate call state information with dynamically established rules in the firewall. | 06-09-2011 |
