Patents Assigned to SANGFOR TECHNOLOGIES COMPANY LIMITED
-
Patent number: 9948540Abstract: A method for detecting proxy internet access includes intercepting an access request from a proxied terminal of a same internet account; and sending a redirection packet to the proxied terminal sending the access request. The redirection packet carries a first timestamp indicating when the redirection packet is sent. The method also includes receiving a reported timestamp difference between the first timestamp and a second timestamp. The second timestamp is a system time of the proxied terminal acquired after the proxied terminal receives the redirection packet. Further, the method includes executing a clustering process on the reported timestamp difference to obtain a clustering result; and based on the clustering result, detecting whether the same internet account is a proxy account.Type: GrantFiled: October 22, 2015Date of Patent: April 17, 2018Assignee: Sangfor Technologies Company LimitedInventors: Zhiliang Zhang, Jingbo Liang
-
Patent number: 9811369Abstract: The present disclosure provides a physical computer virtualization method. The method includes receiving a virtualization instruction inputted by a user on a physical computer; restarting the physical computer; and loading the physical computer with a virtual machine management system mirror image file after restarting the physical computer to boot the physical computer into a virtual machine management system. The method also include obtaining physical disks of the physical computer; and creating a virtual machine through the virtual machine management system and using the physical disks of the physical computer.Type: GrantFiled: September 30, 2015Date of Patent: November 7, 2017Assignee: SANGFOR TECHNOLOGIES COMPANY LIMITEDInventors: Xing Li, Linchun He
-
Patent number: 9800594Abstract: A method is provided for detecting unauthorized access attack. The detecting method includes obtaining at least one HTTP request and at least one URL address of the HTTP request by parsing the HTTP request; determining whether there exist one or more protection rules corresponding to the URL address; and, when it is determined that the protection rules corresponding to the URL address exit, obtaining access data of the HTTP request. The detecting method also includes determining whether the access data satisfies the protection rules; and, when it is determined that the access data does not satisfy the protection rules, determining the corresponding HTTP request of the URL address to be an unauthorized access attack.Type: GrantFiled: September 10, 2015Date of Patent: October 24, 2017Assignee: SANGFOR TECHNOLOGIES COMPANY LIMITEDInventor: Xin Zhou
-
Patent number: 9473407Abstract: The present disclosure provides a traffic controlling method based on remote applications, comprising the following steps: evaluating a current network bandwidth; detecting a bitmap updating frequency of each area in a current screen, identifying a multimedia area, and judging whether the multimedia area is valid or not to obtain a judging result; and controlling data traffic according to the current network bandwidth and the judging result. By evaluating the current network bandwidth, detecting the updating frequency of each area in the current screen and identifying whether the multimedia area is valid, and dynamically controlling the data traffic according to the current network bandwidth and according to whether the multimedia area is valid, the present disclosure is capable of ensuring the unblocked transmission of the critical business and preventing the display quality of the multimedia area from being affected to improve the system performance and the user experience.Type: GrantFiled: October 21, 2013Date of Patent: October 18, 2016Assignee: SANGFOR TECHNOLOGIES COMPANY LIMITEDInventors: Zhengwen Jiang, Xin Mao
-
Patent number: 9112828Abstract: The present disclosure provides a method for defending against session hijacking attacks, including: receiving a first access request transmitted from a legal client side and transmitting the first access request to a server; receiving a first response comprising a first authentication token returned from the server; generating a first sequence value according to a network address of the legal client side and an identification code of the legal client side, and recombining the first authentication token and the first sequence value to form a second authentication token; and replacing the first authentication token in the first response with the second authentication token, and transmitting the first response comprising the second authentication token to the legal client side.Type: GrantFiled: November 22, 2013Date of Patent: August 18, 2015Assignee: Sangfor Technologies Company LimitedInventor: Pengtao Wang
-
Patent number: 8806001Abstract: The present invention provides a method for detecting proxy at the gateway, comprising decomposing the access request from the IP need to be proxy-monitored into an access request to original address and an access request to gateway-specified address to access the original address and the gateway-specified separately; determining whether a specific cookie information is included in said access request to gateway-specified address or not to obtain a second determining result; responding to the access request to said gateway-specified address and embedding the cookie information with the time stamp into the client PC by the gateway when said second determining result is no, and reading said cookie information when said second determining result is yes; determining whether said IP is using proxy or not on the basis of said cookie information. Accordingly, the present invention also provides a device and gateway server for detecting proxy at the gateway.Type: GrantFiled: January 12, 2011Date of Patent: August 12, 2014Assignee: Sangfor Technologies Company LimitedInventor: Cheng Ma
-
Publication number: 20140189842Abstract: The present disclosure provides a method for defending against session hijacking attacks, including: receiving a first access request transmitted from a legal client side and transmitting the first access request to a server; receiving a first response comprising a first authentication token returned from the server; generating a first sequence value according to a network address of the legal client side and an identification code of the legal client side, and recombining the first authentication token and the first sequence value to form a second authentication token; and replacing the first authentication token in the first response with the second authentication token, and transmitting the first response comprising the second authentication token to the legal client side.Type: ApplicationFiled: November 22, 2013Publication date: July 3, 2014Applicant: Sangfor Technologies Company LimitedInventor: Pengtao Wang
-
Publication number: 20140112129Abstract: The present disclosure provides a traffic controlling method based on remote applications, comprising the following steps: evaluating a current network bandwidth; detecting a bitmap updating frequency of each area in a current screen, identifying a multimedia area, and judging whether the multimedia area is valid or not to obtain a judging result; and controlling data traffic according to the current network bandwidth and the judging result. By evaluating the current network bandwidth, detecting the updating frequency of each area in the current screen and identifying whether the multimedia area is valid, and dynamically controlling the data traffic according to the current network bandwidth and according to whether the multimedia area is valid, the present disclosure is capable of ensuring the unblocked transmission of the critical business and preventing the display quality of the multimedia area from being affected to improve the system performance and the user experience.Type: ApplicationFiled: October 21, 2013Publication date: April 24, 2014Applicant: Sangfor Technologies Company LimitedInventors: Zhengwen JIANG, Xin MAO
-
Patent number: 8667176Abstract: The present invention includes a network service access method. In one embodiment, such a method comprises: forwarding the domain name resolution requests to a local domain name server of each Internet service provider providing services through access link corresponding with the Internet service provider; receiving Internet Protocol address on the domain name resolution requests which the local domain name server of each Internet service provider returned from the corresponding access link; selecting the Internet Protocol address according to line state of the access link of each Internet service provider providing services and returning the selected Internet Protocol address to the user equipments; and visiting network services by the access link of the Internet service provider returning the selected Internet Protocol address.Type: GrantFiled: January 6, 2011Date of Patent: March 4, 2014Assignee: Sangfor Technologies Company LimitedInventor: Zhouting Zhang
-
Publication number: 20110173318Abstract: The present invention provides a method for detecting proxy at the gateway, comprising decomposing the access request from the IP need to be proxy-monitored into an access request to original address and an access request to gateway-specified address to access the original address and the gateway-specified separately; determining whether a specific cookie information is included in said access request to gateway-specified address or not to obtain a second determining result; responding to the access request to said gateway-specified address and embedding the cookie information with the time stamp into the client PC by the gateway when said second determining result is no, and reading said cookie information when said second determining result is yes; determining whether said IP is using proxy or not on the basis of said cookie information. Accordingly, the present invention also provides a device and gateway server for detecting proxy at the gateway.Type: ApplicationFiled: January 12, 2011Publication date: July 14, 2011Applicant: SANGFOR TECHNOLOGIES COMPANY LIMITEDInventor: CHENG MA
-
Publication number: 20110173339Abstract: The present invention includes a network service access method. In one embodiment, such a method comprises: forwarding the domain name resolution requests to a local domain name server of each Internet service provider providing services through access link corresponding with the Internet service provider; receiving Internet Protocol address on the domain name resolution requests which the local domain name server of each Internet service provider returned from the corresponding access link; selecting the Internet Protocol address according to line state of the access link of each Internet service provider providing services and returning the selected Internet Protocol address to the user equipments; and visiting network services by the access link of the Internet service provider returning the selected Internet Protocol address.Type: ApplicationFiled: January 6, 2011Publication date: July 14, 2011Applicant: SANGFOR TECHNOLOGIES COMPANY LIMITEDInventor: ZHOUTING ZHANG