Patent application number | Description | Published |
20080313737 | Stateful and Cross-Protocol Intrusion Detection for Voice Over IP - A method for detecting intrusions that employ messages of two or more protocols is disclosed. Such intrusions might occur in Voice over Internet Protocol (VoIP) systems, as well as in systems in which two or more protocols support some service other than VoIP. In the illustrative embodiment of the present invention, a stateful intrusion-detection system is capable of employing rules that have cross-protocol pre-conditions. The illustrative embodiment can use such rules to recognize a variety of VoIP-based intrusion attempts, such as call hijacking, BYE attacks, etc. In addition, the illustrative embodiment is capable of using such rules to recognize other kinds of intrusion attempts in which two or more protocols support a service other than VoIP. The illustrative embodiment also comprises a stateful firewall that is capable of employing rules with cross-protocol pre-conditions. | 12-18-2008 |
20080319940 | Message Log Analysis for System Behavior Evaluation - A technique is disclosed that enables the run-time behavior of a data-processing system to be analyzed and, in many cases, to be predicted. In particular, the illustrative embodiment of the present invention comprises i) transforming the messages that constitute an unstructured log into a numerical series and ii) applying a time-series analysis on the resultant series for the purpose of pattern detection. Indeed, it is recognized in the illustrative embodiment that the problem really is to detect patterns that depict aspects of system behavior, regardless of the textual content of the individual log messages. In other words, by analyzing the totality of the messages in the log or logs—as opposed to looking for pre-defined patterns of the individual messages—system behavior can be mapped and understood. The mapping helps in characterizing the system for the purposes of predicting failure, determining the time required to reach stability during failure recovery, and so forth. | 12-25-2008 |
20090070874 | Signature-Free Intrusion Detection - An apparatus and method are disclosed for detecting intrusions in Voice over Internet Protocol systems, without the use of an attack signature database. In particular, the illustrative embodiment is based on the observation that some VoIP-related protocols (e.g., the Session Initiation Protocol [SIP], etc.) are simple enough to be represented by a finite-state machine (FSM) of compact size. A finite-state machine is maintained for each session/node/protocol combination, and any illegal state or state transition—which might be the result of a malicious attack—is flagged as a potential intrusion. | 03-12-2009 |
20090070875 | Distributed Stateful Intrusion Detection for Voice Over IP - An apparatus and method are disclosed for detecting intrusions in Voice over Internet Protocol systems without an attack signature database. The illustrative embodiment is based on two observations: (1) various VoIP-related protocols are simple enough to be represented by a finite-state machine (FSM) of compact size, thereby avoiding the disadvantages inherent in signature-based intrusion-detection systems.; and (2) there exist intrusions that might not be detectable locally by the individual finite-state machines (FSMs) but that can be detected with a global (or distributed) view of all the FSMs. The illustrative embodiment maintains a FSM for each session/node/protocol combination representing the allowed (or “legal”) states and state transitions for the protocol at that node in that session, as well as a “global” FSM for the entire session that enforces constraints on the individual FSMs and is capable of detecting intrusions that elude the individual FSMs. | 03-12-2009 |
20090103701 | Call Screening Via Observing Called-Party Behavior - A method is disclosed that enables the screening of unwanted telephone calls, such as voice or video calls, for one or more called parties. In accordance with the illustrative embodiment of the present invention, an anti-SPAM system receives signaling information for one or more telephone calls made to one or more called parties by a calling party. Although the calling party can be a human caller, in a SPAM-over-Internet-Telephony context the calling party can alternatively be a server or other network element that originates SPAM voice calls for advertising purposes; both possibilities are accounted for in the illustrative embodiment. The anti-SPAM system then observes the behavior of the called party or parties that is exhibited in response to receiving the telephone calls. Based on the observed behavior, the anti-SPAM system then updates one or more rules for handling future telephone calls made to the protected called parties. | 04-23-2009 |
20090274143 | State Machine Profiling for Voice Over IP Calls - An apparatus and method for detecting potentially-improper call behavior (e.g., SPIT, etc.) are disclosed. The illustrative embodiment of the present invention is based on finite-state machines (FSMs) that represent the legal states and state transitions of a communications protocol at a node during a Voice over Internet Protocol (VoIP) call. In accordance with the illustrative embodiment, a library of FSM execution profiles associated with improper call behavior is maintained. When there is a match between the behavior of a finite-state machine during a call and an execution profile in the library, an alert is generated. | 11-05-2009 |
20090274144 | Multi-Node and Multi-Call State Machine Profiling for Detecting SPIT - An apparatus and method for detecting potentially-improper call behavior (e.g., SPIT, etc.) are disclosed. The illustrative embodiment of the present invention is based on finite-state machines (FSMs) that represent the legal states and state transitions of communications protocols at nodes during Voice over Internet Protocol (VoIP) calls. In accordance with the illustrative embodiment, a library of FSM execution profiles associated with improper call behavior and a set of rules (or rule base) associated with improper FSM behavior over one or more calls are maintained. When the behavior of one or more finite-state machines during one or more calls matches either an execution profile in the library or a rule in the rule base, an alert is generated. | 11-05-2009 |
20100241486 | REDUCING REVENUE RISK IN ADVERTISEMENT ALLOCATION - Methods, systems, and apparatuses are provided for selecting advertisements in an advertisement auction. A plurality of bids for an advertisement placement is received. An average expected payout for each bid of the plurality of bids is calculated to determine a plurality of average expected payouts. A plurality of possible allocations of the advertisements is determined. An expected revenue value for each of the possible allocations is calculated based on the calculated average expected payouts to generate a plurality of expected revenue values. A risk value is calculated for each of the possible allocations to generate a plurality of risk values. A bid of the plurality of bids is enabled to be selected based on the calculated expected revenue values and risk values. | 09-23-2010 |
20100250362 | System and Method for an Online Advertising Exchange with Submarkets Formed by Portfolio Optimization - A system and method to distribute computation for an exchange in which advertisers buy online advertising space from publishers. The exchange maintains submarkets, each containing a subset of the ad calls supplied by publishers and a subset of the offers and budgets representing demand from advertisers. Portfolio optimization techniques allocate the supply of ad calls from publishers over the submarkets, with the goal of maximizing profits for publishers while limiting the volatility of those profits. Portfolio optimization techniques allocate the demand from advertisers over the submarkets, with the goal of maximizing return on investment for advertisers. The exchange re-allocates supply and demand over submarkets periodically. Also, periodically, the most effective submarkets are replicated and the least effective submarkets are eliminated. | 09-30-2010 |
20110166927 | Dynamic Pricing Model For Online Advertising - The present invention provides methods and systems for use in association with an online advertising auction. Advertiser bid information may be obtained, including a maximum amount per impression and a target click through rate (“CTR”). Following serving, if a delivered CTR is equal to or greater than the target CTR, then pricing per impression is at the maximum amount. If, however, the delivered CTR is less than the target CTR, then pricing per impression is at an amount equal to the maximum amount per impression multiplied by the ratio of the delivered CTR to the target CTR. | 07-07-2011 |
20130013421 | METHODS AND SYSTEMS FOR COLLABORATIVE ADVERTISING - Methods and systems are disclosed in which a guaranteed delivery advertisement may be appended with a non-guaranteed delivery advertisement. The guaranteed delivery advertisement may be, for example, a manufacturer or brand advertisement, and the non-guaranteed delivery advertisement may be, for example, a retailer advertisement. The guaranteed delivery advertisement may relate to a particular brand and/or product and the non-guaranteed delivery advertisement may relate to a purchasing opportunity for that particular brand and/or product. The guaranteed delivery advertisement may be selected based on targeting information and the non-guaranteed delivery advertisement may be selected based on factors such as, for example, the manufacturer name, the product name, the product type, a related product, price, availability of the product, discount, location of the retailer, etc. | 01-10-2013 |
20130197984 | Socially Shared Ads - Promoting on-line advertisements in a social network context includes steps of: selecting a parameter on whose value to base a discount to an on-line user; selecting a discount level to use; incentivizing advertisement sharing behavior of the on-line user by offering the discount level to the user along with the on-line advertisement association with the discount; computing a value of the discount; and providing the discount value to the on-line user. | 08-01-2013 |