Abstract: A trench-gate metal oxide semiconductor field-effect transistor includes a field plate that extends into a drift region of the transistor. The field plate is configured to deplete the drift region when the transistor is in the OFF-state. The field plate is formed in a field plate trench. The field plate trench may be formed using a self-aligned etch process. The conductive material of the field plate and gate of the transistor may be deposited in the same deposition process step. The conductive material may be etched thereafter to form the field plate and the gate in the same etch process step.

Abstract: A trench-gate metal oxide semiconductor field-effect transistor (MOSFET) includes a field plate that extends into a drift region of the MOSFET. The field plate, which is electrically coupled to a source region, is configured to deplete the drift region when the MOSFET is in the OFF-state. The field plate extends from a top surface of a device substrate, which comprises an epitaxial layer formed on a silicon substrate. The field plate has a depth greater than 50% of a thickness of the epitaxial layer. For example, the field plate may extend to a full depth of the drift region. The field plate allows for relatively easy interconnection from the top surface of the device substrate, simplifying the fabrication process.

Abstract: A blog website may register with a trackback spam filtering service to receive a trackback URL pointed to a computer of the track back spam filtering service. The trackback URL may be posted on the blog to allow readers to trackback to the blog. Trackback pings for linking to the blog may be received by the trackback spam filtering service for evaluation. The trackback spam filtering service may extract comment links from the trackback pings, and provide the comment links to a web reputation service to determine characteristics of the comment links. The trackback spam filtering service may consult a rules database that includes deterministic rules, heuristic rule, or both to determine if a comment link having particular characteristics is pointed to a spammer website. If so, the trackback spam filtering service may block the trackback to the blog.

Abstract: A system for detecting real-time system file intrusions in a user computer that is coupled to an administrator computer and includes an operating system and system files. At a boot time of the user computer, an application program interface (API) of the operating system receives a list of vital system files that consists of at least two directory files. At the boot time, one of more daemons are launched, after which the API detects one or more system calls made to one or more vital system files. The API raises an automatic interrupt ‘I’ command that awakens a daemon from a sleep mode. The awakened daemon catches the interrupt ‘I’ command and sends an alert message to the administrator computer to alert the administrator computer of the detecting of the system call made to the one or more vital system files.

Abstract: In one embodiment, a portable storage device includes a removable device interface and a non-volatile memory having a read-only partition and a regular storage partition. The read-only partition may include a protection program for scanning data in the regular storage partition for viruses. Upon connection of the portable storage device into a computer, the protection program may be read from the read-only partition for loading and running in the main memory of the computer. The protection program may be configured to stop running in the main memory upon removal of the portable storage device from the computer. The device interface may comprise the Universal Serial Bus (USB) interface, for example.

Abstract: One embodiment disclosed relates to a method of fault recovery by a switch in a local area network. A link failure is detected at a port of the switch. In response to the link failure detection, a MAC address table of the switch is cleared. Clearing the address table causes a discovery process to fill the table to begin immediately. In addition, a link on another port of the switch may be dropped to propagate the link failure.

Abstract: In one embodiment, incremental backups containing information on modified addressable portions of a data storage device are evaluated for presence of malicious codes (“malwares”). Each modified addressable portion may be individually accessed and scanned for malicious codes. Each modified addressable portion may also be mapped to its associated file, allowing the associated file to be scanned for malicious codes. These allow an incremental backup to be evaluated even when it only contains portions, rather than the entirety, of several different files. A clean incremental backup may be selected for restoring the data storage device in the event of malicious code infection.

Abstract: An error amplifier of a low dropout regulator includes a compensation network configured to adapt the error amplifier to varying load currents. The compensation network may be coupled to an amplifier stage of the error amplifier. For example, the compensation network may be coupled across an input and an output of the amplifier stage in a Miller connection. As another example, one end of compensation network may be coupled to an input of the amplifier stage with another end coupled to ground. The compensation network may have several resistors and capacitors that have corresponding parameter switches for switching the resistors and capacitors in and out of the compensation network to change a parameter of the compensation network based on load current.

Abstract: Protecting computer users from online frauds, such as phishing and pharming. A client computer may include a page signature extractor and a policy enforcer. The page signature extractor may encode a web page to generate its signature, which may be provided to a remote server computer for comparison with signatures of phishing pages. The client computer and the server computer may communicate using the DNS protocol. The policy enforcer may perform one or more predetermined actions when a match is found. Examples of such actions include replacing the web page with a blocking page, displaying a warning message, or both. The policy enforcer may be configured to determine if the web page is part of a phishing or pharming attack by comparing the URL of the web page to URLs of legitimate web pages.

Abstract: A photovoltaic (“PV”) array includes a plurality of interconnected PV modules. A PV array perimeter assembly may be positioned along the perimeter of the PV array to restrain horizontal movement of the array. For improved wind performance, the PV array perimeter assembly may include curbs that come with pre-attached flexible wind deflectors configured to prevent wind from penetrating underneath the PV array. The flexible wind deflectors may be made of a flexible membrane and may include water drainage holes to allow water to flow out of the PV array. The curbs do not necessarily have to be fixedly attached to a rooftop, and may include ballasts to prevent array movement. Embodiments of the invention may be employed on PV arrays installed on flat rooftops, and are especially advantageous when used on uneven roof surfaces.

Abstract: A system (and a method) is disclosed for fingerprinting based entity extraction using a rolling hash technique. The system is configured to receive an input stream of a predetermined length comprising characters, and a hash table having indexed entries. The system isolates, through a defined fixed window length, a set of characters of the input stream. A hash key is generated and used to index into the hash table. The system compares the isolated set of characters of the input stream with the entry corresponding to the index into the hash table to determine whether there is an exact match with the entry. The system slides the fixed window length one character to isolate another set of characters of the input stream in response to no exact match from the comparison. Alternatively, the system stores the input stream in response to an exact match from the comparison.

Abstract: Authentication of an unknown party in a secure computer communication may be performed even without consulting a public whitelist of trusted parties. A digital certificate from an unknown party not authenticated by a trusted certificate authority may be locally processed to determine if the digital certificate is a trusted, non-trusted, or unknown digital certificate. For example, a model may be created by training a support vector machine to classify a digital certificate. The model may be provided to a computer involved in secure computer communication. The computer may receive an incoming digital certificate, extract fields from the incoming digital certificate, and take a hash of the extracted fields perform input data that may be employed by the model to determine if the incoming digital certificate is a trusted, non-trusted, or unknown digital certificate.

Abstract: In one embodiment, an online financial account has an associated telephone registered to the account. The financial account may be accessed over a computer network, such as the Internet. Upon receipt of a request to access the account, a text message containing a dynamic password is forwarded to the telephone over a telephone network. The user trying to access the account may use the telephone to reply to the text message with another text message that includes the dynamic password. The request to access the account may be granted if the reply includes a portion that corresponds to the dynamic password.

Abstract: A method, apparatus and program product initiate generation of a metafile at a client computer. The metafile is evaluated at a network server for a potential viral risk. Program code executing at the server may correlate the evaluated potential risk to a risk level stored in a database. The program code may attach a color designator or other assignment indicative of the assessed risk level to the data. A user at the client computer may act on the data based on the attached risk level.

Abstract: In one embodiment, an authentication protocol used in a network security service is performed over non-secure connection, such as HTTP. A router subscribing to the service may send a service request for information about a URL to a server computer providing the service. The service request may be included in a first data set posted by the router to the server computer. The first data set may be described by an HTML form and include an encrypted device authenticator used by the server computer to validate the router. The first data set may further include a server authentication code. In responding to the service request, the server computer returns the server authentication code to the router along with information about the URL. The response may be in a second data set, such as an XML document sent by the server computer to the router over an HTTP connection.

Abstract: In one embodiment, a transparent relay receives diverted e-mail communications between an e-mail client and an e-mail server. The transparent relay may be configured to examine the e-mail communications for network security policy violations. E-mail communications that do not violate a network security policy may be relayed to their intended destination. Policy actions, such as discarding or redirection, may be performed on those that violate one or more network security policies. The transparent relay may include a pair of communications interfaces running in promiscuous mode, one for downstream communications and another for upstream communications. The transparent relay may decompose a network communication protocol to look network security policy violations.

Abstract: One embodiment relates to a computer-implemented method for the automated extraction of objects from a video stream. The method includes an automated procedure for creating a temporal graph, and an automated procedure for cutting the graph into graph partitions. The method further includes an automated procedure for mapping the graph partitions to pixels in frames of the video stream. Other features, aspects and embodiments are also disclosed.

Abstract: The present invention relates a diagnosis device for detecting an end of lamp life of a lamp, a diagnosis method, and a lamp ballast circuit using the same. The diagnosis device generates a reference lamp voltage by adding a predetermined reference voltage to a distributed voltage corresponding to a lamp voltage applied to a lamp and generates an integrated lamp voltage by integrating the reference lamp voltage. The diagnosis device compares the integrated lamp voltage with a normal range that an integrated lamp voltage has when the lamp is in a normal state.

Abstract: In one embodiment, an instant messaging screener is configured to (a) intercept an instant message destined to a user account, (b) parse the instant message to identify any universal resource locators (URLs) in the instant message, (c) check any URLs identified in the instant message against a URL ratings database to generate reputation data; and (d) perform a protective action if the reputation data indicates a bad reputation. In another embodiment, the instant messaging screener is configured to (a) monitor outgoing instant messages to identify any universal resource locators (URLs) therein which are associated with bad reputation web sites, (b) track historical results of said monitoring, and (c) determining whether said identified instant are being sent to all members, or a substantial portion of the members, of a contact list for a user account. Other embodiments, aspects and features are also disclosed.

Abstract: A method and apparatus for estimating the motion of an image region (the “center” region) from a source video frame to a target video frame. The motion estimation is locally constrained in that the estimated motion of the “center region” is affected by the estimated motion of neighboring regions. Advantageously, this may reduce common motion matching problems such as false and ambiguous matches. In one embodiment, the locally-constrained motion estimation may be implemented by biasing an error map of the center region using error maps of the neighboring regions.