Patents by Inventor Dennis Cox

Dennis Cox has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20220083387
    Abstract: Methods and systems for context-aware distributed computing. In one aspect, a system includes a work administrator system; an API; a worker module; and a work administrator. One or more worker modules register with one or more work administrators. The worker modules may inform the work administrators of their processing capabilities and capacity. The work administration system receives a request for processing via the API. A work administrator parses a request into one or more discrete work requests and publishes each work request to the worker modules. The worker modules notify the work administrator whether they can perform the work, along with load and capabilities. The work administrator a worker module to perform each work request. When a worker module completes the work, it notifies the work administrator. The work administration system may aggregate the results from one or more worker modules and provide a response via the API.
    Type: Application
    Filed: September 8, 2021
    Publication date: March 17, 2022
    Inventors: Thomas F. Guevin, Dennis Cox, Sjohn Chambers
  • Patent number: 7836296
    Abstract: A method is provided for blocking attacks on a private network (12). The method is implemented by a routing device (10) interconnecting the private network (12) to a public network (14). The method includes analyzing an incoming data packet from the public network (14). The incoming data packet is then matched against known patterns where the known patterns are associated with known forms of attack on the private network (12). A source of the data packet is then identified as malicious or non-malicious based upon the matching. In one embodiment, one of the known forms of attack is a denial of service attack and an associated known pattern is unacknowledged data packets. In another embodiment, one of the known forms of attack is an address spoofing attack and an associated known pattern is a data packet having a source address matching an internal address of the private network (12).
    Type: Grant
    Filed: March 24, 2004
    Date of Patent: November 16, 2010
    Assignee: Cisco Technology, Inc.
    Inventors: Dennis Cox, Kip McClanahan
  • Patent number: 7773516
    Abstract: A network processor is enabled to retrieve a packet transmission data structure (PTD) from a memory. The NP parses packet data from the PTD and transmits the data over the network as a network packet. The PTD may include repetition information used by the NP to transmit a plurality of packets. The PTD use transmission interval information to control transmission timing of consecutive network packets. The PTD may include modification information used to modify the data packet portion. The modification may include incrementing, decrementing, or storing a random number into any portion of the data packet. The PTD may include flow control information to determine the next PTD to process. The flow control information may include criteria including acknowledgement criteria and time delay criteria. The packet data portion preferably includes all formatting information applicable to the network.
    Type: Grant
    Filed: November 16, 2006
    Date of Patent: August 10, 2010
    Assignee: Breakingpoint Systems, Inc.
    Inventors: Dennis Cox, Michael Moriarty
  • Patent number: 7454792
    Abstract: An active network defense system is provided that is operable to monitor and block traffic in an automated fashion. This active network defense system is placed in-line with respect to the packet traffic data flow as a part of the network infrastructure. In this configuration, inspection and manipulation of every passing packet is possible. An algorithmic filtering operation applies statistical threshold filtering to the data flow in order to identify threats existing across multiple sessions. A trigger filtering operation applies header and content match filtering to the data flow in order to identify threats existing within individual sessions. Threatening packet traffic is blocked and threatening sessions are terminated. Suspicious traffic is extracted from the data flow for further examination with more comprehensive content matching as well as asset risk analysis. A flow control mechanism is provided to control passage rate for packets passing through the data flow.
    Type: Grant
    Filed: August 31, 2004
    Date of Patent: November 18, 2008
    Assignee: TippingPoint Technologies, Inc.
    Inventors: Craig Cantrell, Marc Willebeek-Lemair, Dennis Cox, John McHale, Brian Smith, Donovan Kolbly
  • Patent number: 7454499
    Abstract: An active network defense system is provided that is operable to monitor and block traffic in an automated fashion. This active network defense system is placed in-line with respect to the packet traffic data flow as a part of the network infrastructure. In this configuration, inspection and manipulation of every passing packet is possible. An algorithmic filtering operation applies statistical threshold filtering to the data flow in order to identify threats existing across multiple sessions. A trigger filtering operation applies header and content match filtering to the data flow in order to identify threats existing within individual sessions. Threatening packet traffic is blocked and threatening sessions are terminated. Suspicious traffic is extracted from the data flow for further examination with more comprehensive content matching as well as asset risk analysis. A flow control mechanism is provided to control passage rate for packets passing through the data flow.
    Type: Grant
    Filed: November 7, 2002
    Date of Patent: November 18, 2008
    Assignee: Tippingpoint Technologies, Inc.
    Inventors: Craig Cantrell, Marc Willebeek-LeMair, Dennis Cox, John McHale, Brian Smith, Donovan Kolbly
  • Patent number: 7451489
    Abstract: An active network defense system is provided that is operable to monitor and block traffic in an automated fashion. This active network defense system is placed in-line with respect to the packet traffic data flow as a part of the network infrastructure. In this configuration, inspection and manipulation of every passing packet is possible. An algorithmic filtering operation applies statistical threshold filtering to the data flow in order to identify threats existing across multiple sessions. A trigger filtering operation applies header and content match filtering to the data flow in order to identify threats existing within individual sessions. Threatening packet traffic is blocked and threatening sessions are terminated. Suspicious traffic is extracted from the data flow for further examination with more comprehensive content matching as well as asset risk analysis. A flow control mechanism is provided to control passage rate for packets passing through the data flow.
    Type: Grant
    Filed: August 31, 2004
    Date of Patent: November 11, 2008
    Assignee: TippingPoint Technologies, Inc.
    Inventors: Craig Cantrell, Marc Willebeek-Lemair, Dennis Cox, John McHale, Brian Smith, Donovan Kolbly
  • Publication number: 20080117818
    Abstract: A network processor is enabled to retrieve a packet transmission data structure (PTD) from a memory. The NP parses packet data from the PTD and transmits the data over the network as a network packet. The PTD may include repetition information used by the NP to transmit a plurality of packets. The PTD use transmission interval information to control transmission timing of consecutive network packets. The PTD may include modification information used to modify the data packet portion. The modification may include incrementing, decrementing, or storing a random number into any portion of the data packet. The PTD may include flow control information to determine the next PTD to process. The flow control information may include criteria including acknowledgement criteria and time delay criteria. The packet data portion preferably includes all formatting information applicable to the network.
    Type: Application
    Filed: November 16, 2006
    Publication date: May 22, 2008
    Inventors: Dennis Cox, Michael Moriarty
  • Publication number: 20080103708
    Abstract: Methods and apparatus provide for estimating leakage power as a function of delay times. Delay times and leakage power values may be measured for a test circuit of a given circuit design. A statistical sampling of the measurements may be obtained for the test circuit. The delay data and leakage power data may be correlated to express and estimate leakage power as a function of delay distribution. The test circuit may include a proposed circuit that is simulated, and the method and apparatus also may provide for: creating a schematic design of the test circuit, having, for example, defined poly gate lengths, on-chip devices, and power sources; incorporating a delay chain into the schematic design to get delay distribution data; and utilizing the schematic design, wherein the utilitzation may be a simulation.
    Type: Application
    Filed: October 13, 2006
    Publication date: May 1, 2008
    Applicants: Sony Computer Entertainment Inc., International Business Machines Corporation
    Inventors: Takeshi Inoue, James D. Warnock, Douglas H. Bradley, Noah Zamdmer, Dennis Cox, Edward Nowak
  • Patent number: 7359962
    Abstract: A network discovery functionality, intrusion detector functionality and firewalling functionality are integrated together to form a network security system presenting a self-deploying and self-hardening security defense for a network.
    Type: Grant
    Filed: April 30, 2002
    Date of Patent: April 15, 2008
    Assignee: 3Com Corporation
    Inventors: Marc Willebeek-LeMair, Craig Cantrell, Dennis Cox, John McHale, Brian Smith
  • Publication number: 20070252088
    Abstract: A method, device and system for monitoring ionizing radiation. The method including: collecting an ionizing radiation induced charge collected by the depletion region of a diode formed in a silicon layer below an oxide layer buried below a surface of a silicon substrate; and coupling a cathode of the diode to a precharged node of a clocked logic circuit such that the ionizing radiation induced charge collected by a depletion region of the diode will discharge the precharged node and change an output state of the clocked logic circuit.
    Type: Application
    Filed: April 28, 2006
    Publication date: November 1, 2007
    Inventors: Wagdi Abadeer, Ethan Cannon, Dennis Cox, William Tonti
  • Publication number: 20070226483
    Abstract: A method of encoding network packets for storage and later transmitting emulated packets includes determining a protocol for the packet and validating the protocol as belonging to a list of recognized protocols. Upon validating the packet, a protocol attribute value from the packet is parsed and a dictionary is referenced using the protocol attribute value to obtain a binary encoding, which is stored as an encoded packet. The packet, for example, may be an HTTP protocol request packet and parsing may include parsing a TYPE attribute value where the TYPE attribute value indicates whether the packet is a GET, POST, PUT or OTHER type of HTTP request. The method may further include modifying environmental data in the packet when the packet is later generated for transmission on a network. The method may further include, for packets of unrecognized protocols, learning and creating an encoding for new protocols.
    Type: Application
    Filed: March 24, 2006
    Publication date: September 27, 2007
    Inventors: Dennis Cox, William Brewer, Craig Cantrell, Brent Cook, H.D. Moore
  • Publication number: 20070168531
    Abstract: A system for identifying a subscriber includes an access server coupled to a number of subscribers using a first communication network and further coupled to a second communication network, a memory coupled to the access server, and a processor coupled to the memory. The access server receives a communication from a particular subscriber using a particular one of a number of virtual circuits associated with the first communication network. The memory stores path information that identifies a virtual circuit assigned to the particular subscriber. The processor identifies the particular subscriber for connection to the second communication network based upon the path information and the particular virtual circuit used to receive the communication from the particular subscriber.
    Type: Application
    Filed: March 30, 2007
    Publication date: July 19, 2007
    Applicant: Cisco Technology, Inc.
    Inventors: Aravind Sitaraman, Aziz Abdul, Bernard James, Dennis Cox, John Joyce, Peter Heitman, Shujin Zhang, Rene Tio
  • Publication number: 20060239273
    Abstract: A system and method provides a broadband network node for a best effort network such as the Internet or intranets which supports the inexpensive and rapid deployment of services to the best efforts network. Separate data path and control path mechanisms allow high-speed data transfers with parallel processing flows for the data path that are controlled across data flows by the control path. Packets are classified, modified and shaped to enable the service on the network with an accountant to track packet traffic for control and billing purposes. A series of processing blades perform a modification function for each blade that processes packets according to classifications. The processing blades are modular and scalable for insertion in the broad band switch to rapidly adapt the broadband network node for new services.
    Type: Application
    Filed: June 23, 2006
    Publication date: October 26, 2006
    Inventors: Charles Buckman, Dennis Cox, Donovan Kolbly, Craig Cantrell, Brian Smith, Jon Werner, Marc Willebeek-LeMair, Joe Blackard, Francis Webster
  • Patent number: 6983323
    Abstract: A packet filtering operation implements a hierarchical technique. Received packet traffic is first filtered with a first filtering criteria. This first filtering action generates a first pass traffic portion and a fail traffic portion from the received packet traffic. The fail traffic portion is then second filtered with a second filtering criteria. This second filtering action generates a second pass traffic portion and a reject traffic portion. The first filtering criteria provide for higher throughput, lower accuracy processing while the second filtering criteria provide for lower throughput, higher accuracy processing. Dynamic adjustments may be made to the first and second filtering criteria to achieve better overall packet filtering performance. For example, load is measured and the filtering criteria adjusted to better balance load between the hierarchical filtering actions.
    Type: Grant
    Filed: August 12, 2002
    Date of Patent: January 3, 2006
    Assignee: TippingPoint Technologies, Inc.
    Inventors: Craig Cantrell, Marc Willebeek-LeMair, Dennis Cox, Donovan Kolbly, Brian Smith
  • Publication number: 20050044422
    Abstract: An active network defense system is provided that is operable to monitor and block traffic in an automated fashion. This active network defense system is placed in-line with respect to the packet traffic data flow as a part of the network infrastructure. In this configuration, inspection and manipulation of every passing packet is possible. An algorithmic filtering operation applies statistical threshold filtering to the data flow in order to identify threats existing across multiple sessions. A trigger filtering operation applies header and content match filtering to the data flow in order to identify threats existing within individual sessions. Threatening packet traffic is blocked and threatening sessions are terminated. Suspicious traffic is extracted from the data flow for further examination with more comprehensive content matching as well as asset risk analysis. A flow control mechanism is provided to control passage rate for packets passing through the data flow.
    Type: Application
    Filed: August 31, 2004
    Publication date: February 24, 2005
    Inventors: Craig Cantrell, Marc Willebeek-Lemair, Dennis Cox, John McHale, Brian Smith, Donovan Kolbly
  • Publication number: 20050028013
    Abstract: An active network defense system is provided that is operable to monitor and block traffic in an automated fashion. This active network defense system is placed in-line with respect to the packet traffic data flow as a part of the network infrastructure. In this configuration, inspection and manipulation of every passing packet is possible. An algorithmic filtering operation applies statistical threshold filtering to the data flow in order to identify threats existing across multiple sessions. A trigger filtering operation applies header and content match filtering to the data flow in order to identify threats existing within individual sessions. Threatening packet traffic is blocked and threatening sessions are terminated. Suspicious traffic is extracted from the data flow for further examination with more comprehensive content matching as well as asset risk analysis. A flow control mechanism is provided to control passage rate for packets passing through the data flow.
    Type: Application
    Filed: August 31, 2004
    Publication date: February 3, 2005
    Inventors: Craig Cantrell, Marc Willebeek-LeMair, Dennis Cox, John McHale, Brian Smith, Donovan Kolbly
  • Publication number: 20040181694
    Abstract: A method is provided for blocking attacks on a private network (12). The method is implemented by a routing device (10) interconnecting the private network (12) to a public network (14). The method includes analyzing an incoming data packet from the public network (14). The incoming data packet is then matched against known patterns where the known patterns are associated with known forms of attack on the private network (12). A source of the data packet is then identified as malicious or non-malicious based upon the matching. In one embodiment, one of the known forms of attack is a denial of service attack and an associated known pattern is unacknowledged data packets. In another embodiment, one of the known forms of attack is an address spoofing attack and an associated known pattern is a data packet having a source address matching an internal address of the private network (12).
    Type: Application
    Filed: March 24, 2004
    Publication date: September 16, 2004
    Applicant: Cisco Technology, Inc., a California Corporation
    Inventors: Dennis Cox, Kip McClanahan
  • Patent number: 6738814
    Abstract: A method is provided for blocking attacks on a private network (12). The method is implemented by a routing device (10) interconnecting the private network (12) to a public network (14). The method includes analyzing an incoming data packet from the public network (14). The incoming data packet is then matched against known patterns where the known patterns are associated with known forms of attack on the private network (12). A source of the data packet is then identified as malicious or non-malicious based upon the matching. In one embodiment, one of the known forms of attack is a denial of service attack and an associated known pattern is unacknowledged data packets. In another embodiment, one of the known forms of attack is an address spoofing attack and an associated known pattern is a data packet having a source address matching an internal address of the private network (12).
    Type: Grant
    Filed: March 18, 1998
    Date of Patent: May 18, 2004
    Assignee: Cisco Technology, Inc.
    Inventors: Dennis Cox, Kip McClanahan
  • Publication number: 20040093513
    Abstract: An active network defense system is provided that is operable to monitor and block traffic in an automated fashion. This active network defense system is placed in-line with respect to the packet traffic data flow as a part of the network infrastructure. In this configuration, inspection and manipulation of every passing packet is possible. An algorithmic filtering operation applies statistical threshold filtering to the data flow in order to identify threats existing across multiple sessions. A trigger filtering operation applies header and content match filtering to the data flow in order to identify threats existing within individual sessions. Threatening packet traffic is blocked and threatening sessions are terminated. Suspicious traffic is extracted from the data flow for further examination with more comprehensive content matching as well as asset risk analysis. A flow control mechanism is provided to control passage rate for packets passing through the data flow.
    Type: Application
    Filed: November 7, 2002
    Publication date: May 13, 2004
    Applicant: TippingPoint Technologies, Inc.
    Inventors: Craig Cantrell, Marc Willebeek-LeMair, Dennis Cox, John McHale, Brian Smith, Donovan Kolbly
  • Publication number: 20040064053
    Abstract: Systems and methods are described for improved diagnostic fluorescence and reflectance. A method of detecting tissue abnormality in a tissue sample in vivo detects a set of reflectance spectra emitted from a tissue sample as a result of illumination with an excitation light from a fiber optic probe that has at least one collection fiber positioned at a source-detector separation, and determining if the tissue sample is normal or abnormal based on the resulting reflectance spectra. Another method of detecting tissue abnormality in a tissue sample in vivo includes illuminating the tissue sample in vivo with at least one electromagnetic radiation wavelength selected to cause the tissue sample to produce a set of fluorescence intensity spectra indicative of tissue abnormality, detecting the resulting fluorescence intensity spectra, and determining if the tissue sample is normal or abnormal based on the resulting fluorescence intensity spectra.
    Type: Application
    Filed: September 30, 2002
    Publication date: April 1, 2004
    Inventors: Sung K. Chang, Yvette Mirabal, Michele Follen, Anais Malpica, Urs Utzinger, Gregg Staerkel, Dennis Cox, E. Neely Atkinson, Calum MacAulay, Rebecca Richards-Kortum