Patents Assigned to IntruGuard Devices, Inc.
  • Patent number: 7626940
    Abstract: The present invention provides an integrated prevention of header, state, rate and content anomalies along with network policy enforcement for domain name service (DNS). A hardware-based apparatus helps identifying DNS rate-thresholds through continuous and adaptive learning. The apparatus can determine DNS header and DNS state anomalies and drop packets containing those anomalies. DNS queries and responses are inspected for known malicious contents using a Content Inspection Engine. The apparatus integrates advantageous solutions to prevent anomalous packets and enables a policy based packet filter for DNS.
    Type: Grant
    Filed: June 20, 2005
    Date of Patent: December 1, 2009
    Assignee: IntruGuard Devices, Inc.
    Inventor: Hemant Kumar Jain
  • Patent number: 7602731
    Abstract: The present invention provides an integrated prevention of header, state, rate and content anomalies along with network policy enforcement. A hardware based apparatus classifies layers 2, 3, 4 and 7 network data and maintains rate-thresholds through continuous and adaptive learning. In the process of classifying the packets, the apparatus can determine header and state anomalies and drop packets containing those anomalies. Accurate detection and prevention of layer 7 content anomalies is achieved using fragment assembly, TCP reorder and retransmission removal components, which also identify anomalies in those areas. Content inspection is achieved at high speed through a Content Inspection Engine. The apparatus integrates advantageous solutions to prevent anomalous packets and enables a policy based packet filter.
    Type: Grant
    Filed: December 22, 2004
    Date of Patent: October 13, 2009
    Assignee: IntruGuard Devices, Inc.
    Inventor: Hemant Kumar Jain
  • Patent number: 7426634
    Abstract: The present invention provides a method and apparatus for detecting and preventing a plurality of denial of service (DOS) and distributed denial of service (DDOS) attacks. The apparatus includes classifiers for parsing packets; meters storing statistics for the classified packets and detecting flood thresholds; an Ager for maintaining timeouts; a decision multiplexer for multiplexing inputs from various meters and determines whether to allow or deny the packet; and a threshold estimation means for estimating thresholds based on past data from meters, baselines, trends and seasonality. The apparatus includes a PCI interface through which a host can interact, learn continuously and set thresholds in a continuous and adaptive manner so as to prevent rate based DOS and DDOS attacks. The apparatus includes a mechanism to track culprit sources at layer 2 and layer 3 through a multiplicative increment method.
    Type: Grant
    Filed: January 15, 2004
    Date of Patent: September 16, 2008
    Assignee: IntruGuard Devices, Inc.
    Inventor: Hemant Kumar Jain
  • Patent number: 7356663
    Abstract: The present invention provides a method and apparatus for searching multiple strings within a packet data using deterministic finite automata. The apparatus includes means for updating memory tables stored in a layered memory architecture comprising a BRAM, an SRAM and a DRAM; a mechanism to strategically store the relevant data structure in the three memories based on the characteristics of data, size/capacity of the data structure, and frequency of access. The apparatus intelligently and efficiently places the associated data in different memories based on the observed fact that density of most rule-sets is around 10% for common data in typical network intrusion prevention systems. The methodology and layered memory architecture enable the apparatus implementing the present invention to achieve data processing line rates over 2 Gbps.
    Type: Grant
    Filed: November 8, 2004
    Date of Patent: April 8, 2008
    Assignee: IntruGuard Devices, Inc.
    Inventor: Hemant Kumar Jain