Abstract: Embodiments of the invention reduce the probability of success of a DOS attack on a node receiving packets by decreasing the probability of random collisions of packets sent by a malicious user with those sent by honest users. The probability of random collisions may be reduced in one class of embodiments of the invention by supplementing the identification field of the IP header of each transmitted packet with at least one bit from another field of the header. The probability of random collisions may be reduced in another class of embodiments of the invention by ensuring that packets sent from a transmitting IPsec node to a receiving IPsec node are not fragmented.

Abstract: A method (38) and system (56) evaluate the accuracy of an Automatic Location Identification (ALI) system (36) deployed within an environment (20) and configured to location a wireless communication device (24) originating an emergency call (22) through a wireless communication network (26). The method (38) includes a subprocesses that identify a validation region (144) in which a service area (106) of a public service answering point (PSAP) (32) and an RF coverage area (129) overlap, classify sub-regions within the validation region (144) according to a predetermined set of test scenarios (148) representing unique calling environments, and select test points (200) within the validation region (144) from which test calls, that simulate emergency calls, will be performed.

Abstract: Disclosed are methods and systems for routing T-37 E-mail over an H 323 (VOIP) network. The methods and systems facilitate the obtaining and utilization of data from Gatekeepers with respect to the utilization of Gateways to be utilized to transmit the E-mail from the network over a conventional telephone network to the recipient. They thereby facilitate the choice of a Gateway which is less heavily utilized.

Abstract: A system facilitates communication among nodes in a wireless network. A timeslot is assigned to each of a group of nodes (201) in the wireless network (400, 800, 1200, 1300). The timeslot is a time for a corresponding node to receive messages transmitted by other nodes (201). A modulation scheme is assigned to each of the nodes (201). A message is transmitted from at least one of the nodes (201), using the assigned modulation scheme, to at least one destination node during a timeslot assigned to the at least one destination node. The messages are received at the at least one destination node from the at least one of the nodes (201).

Abstract: Methods and systems can reduce the spread of computer files or data on a network by obtaining and tracking times of arrival for chunks of data transmitted on the network. The times of arrival for a node can be transformed into time-series and periodograms computed from the time-series. Successive periodograms can be compared to determine changes in the strongest peaks of the periodograms. If a new peak is identified, a search for the occurrence of the peak in previous periodograms can be conducted. If no peak having a matching frequency is found, a search for the peak in the periodograms for neighboring nodes can be performed. If matching peaks are found, the associated data stream can be classified. Predictions of the timing and length of associated data packets can be used to randomly interrupt transmission of associated data packets resulting in reducing the spread of the classified data stream.

Abstract: Kernel-based intrusion detection using Bloom filters is disclosed. In one of many possible embodiments for detecting an intrusion attack, a Bloom filter is provided and used to generate a Bloom filter data object. The Bloom filter data object contains data representative of expected system-call behavior associated with a computer program. The Bloom filter data object is embedded in an operating system (“OS”) kernel upon an invocation of the computer program. Actual system-call behavior is compared with the data in the Bloom filter data object.

Abstract: A device receives a request associated with a process, and determines one or more current states of one or more process resources used to execute the process request. The device also calculates a power consumption associated with execution of the process request by the one or more process resources, and assigns an urgency for the process request, where the urgency corresponds to a time-variant parameter that indicates a measure of necessity for the execution of the process request. The device further determines whether the execution of the process request can be delayed to a future time based on the one or more current states, the power consumption, and the urgency, and causes, based on the determination, the process request to be executed or delayed to the future time.

Abstract: The invention relates to topic classification systems in which text intervals are represented as proposition trees. Free-text queries and candidate responses are transformed into proposition trees, and a particular candidate response can be matched to a free-text query by transforming the proposition trees of the free-text query into the proposition trees of the candidate responses. Because proposition trees are able to capture semantic information of text intervals, the topic classification system accounts for the relative importance of topic words, for paraphrases and re-wordings, and for omissions and additions. Redundancy of two text intervals can also be identified.

Abstract: A system for exchanging routing information over a communications network constructs a connectivity graph that indicates connectivity between a first node and a first set of nodes in the network. The system constructs an adjacency graph that indicates a second set of nodes with which the first node will exchange routing data, where the adjacency graph is distinct from the connectivity graph. The system exchanges routing data between the first node and each node of the second set of nodes based on the adjacency graph.

Abstract: A remote control device (140, 600) controls the operation of an appliance. The remote control device (140, 600) includes a receiver (320) or transceiver (620), a controller (330, 630), and a transmitter (350, 650). The receiver (320) or transceiver (620) receives a network packet that includes at least one command. The controller (330, 630) analyzes the network packet to determine whether the packet is intended for the remote control device (140, 600). The transmitter (350, 650) outputs a signal to control operation of the appliance based on the command when the controller (330, 630) determines that the packet is intended for the remote control device (140, 600).

Abstract: A method and system is provided for detecting correlated connections in an extended connection. A plurality of stepping stone detection algorithms are executed in parallel (400), each of the plurality of stepping stone detection algorithms generating a result. The results are scored for each of the plurality of stepping stone detection algorithms (402). A consensus attack path is generated based upon the scored results (404).

Abstract: A method (200) and program (100) for inhibiting attack upon a computer (120) is provided. The address (104) of a process (106) is produced (612), and encrypted (616) to produce an encrypted address (518), which is then stored in memory (128). When needed, the encrypted address (518) is retrieved (702) from memory (128) and decrypted (704) to reproduce the original process address (104). The reproduced process address (104) is then verified (708). If the process address (104) is determined (708) to be valid, i.e., there was no attack, then the process address (104) is placed (712) in the program counter (318), and a valid process (106) is executed. If the process address (104) is determined (708) to be invalid, i.e., there was an attack, then the address (108) of a crash and terminate process (110) is placed (716) in the program counter (318) and the computer (120) crashes. A nonce value (512) may be generated (602) and encrypted (616) and decrypted (704) in conjunction with the process address (104).

Abstract: The disclosed technology provides a system and method of securely communicating data. An encryptor located at a transmitter can provide encrypted data to the transmitter. The transmitter can maintain a packet number indicating a particular packet for carrying the encrypted data and a sub-packet number indicating a position within the packet where the encrypted data is to be stored. The encryptor can produce the encrypted data using an encryptor seed generated based on the packet number and sub-packet number. A receiver can maintain a receiver packet number indicating a number of previously received packets and can compute a receiver sub-packet number. The receiver can receive a packet containing encrypted data and can decrypt the encrypted data using a decryptor seed generated based on the receiver packet number and sub-packet number.

Abstract: A system for mapping and translating address information in a network is provided. The system includes a client-side address translator (120) and a server-side address translator (140). The client-side address translator (120) is configured to receive a data packet from a client (110). The data packet includes a first destination address representing the real destination address. The client-side address translator (120) maps the first destination address to another address using a mapping algorithm and transmits the data packet with the via the network (160). The server-side address translator (140) receives the data packet, translates the mapped address information back to the real destination address and forwards the data packet using the real destination address.

Abstract: A system and method for determining the point of entry of a malicious packet into a network is disclosed. An intrusion detection system detects entry of the malicious packet into the network (500). A stepping stone detection system identifies stepping stones in extended connections within the network (524). A traceback engine isolates the malicious packet in response to operation of the intrusion detection system (528), wherein the traceback engine utilizes the identified stepping stones to determine the point of entry of the malicious packet.

Abstract: Presented herein are systems and methods for generating an adaptive noise codebook for use with electronic speech systems. The noise codebook includes a plurality of entries which may be updated based on environmental noise sounds. The speech system includes a speech codebook and the adaptive noise codebook. The system identifies speech sounds in an audio signal using the speech and noise codebooks.

Abstract: Methods for building arbitrarily large language models are presented herein. The methods provide a scalable solution to estimating a language model using a large data set by breaking the language model estimation process into sub-processes and parallelizing computation of various portions of the process.

Abstract: A system comprising a plurality of nodes forming a network, the plurality of nodes comprising source nodes and destination nodes; wherein a propagation limit restricts the travel of link-state information transmitted by the sources nodes to a subset of destination nodes within the network. A network-layer protocol provided at a layer above that of the network facilitates communication between nodes within and outside of this subset of nodes.