Patents by Inventor Emanuele Jones
Emanuele Jones has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 7984493Abstract: Malicious network activities do not make use of the Domain Name System (DNS) protocol to reach remote targets outside a local network. This DNS-based enforcement system for confinement and detection of network malicious activities requires that every connection toward a resource located outside the local network is blocked by default by the local enforcement box, e.g. a firewall or a proxy. Outbound connections are allowed to leave the local network only when authorized directly by an entity called the DNS Gatekeeper.Type: GrantFiled: July 22, 2005Date of Patent: July 19, 2011Assignee: Alcatel-LucentInventor: Emanuele Jones
-
Patent number: 7965707Abstract: A system and method are provided for providing multiple aliases and associated policy profiles for a user of a VoIP communication system. The user configures a multitude of aliases by the user wishes to be contacted, and associates with each alias a policy stored at a user terminal. The aliases are stored within the network so as to be associated with contact information for the user terminal. A proxy processes call requests by determining the contact information associated with an alias entered by a caller, and forwards the call request to the user terminal associated with the contact information. The user terminal determines the alias used by the caller, and processes the connection request in accordance with the policy. The invention allows users to add and delete aliases in order to effect temporary and private contact information. Calls can be handled depending on which alias was used by a caller, rather than on an identification of the device used by the caller.Type: GrantFiled: May 20, 2005Date of Patent: June 21, 2011Assignee: Alcatel LucentInventors: Emanuele Jones, Robert W. MacIntosh, Dmitri Vinokurov
-
Patent number: 7565426Abstract: A system and method of tracing network flows in an autonomous communications system are described. The Autonomous System may be formed of multiple subgroups depending on size and application. Each subgroup contains multiple, interconnected routers which participate in transporting data flow across the Autonomous System (AS). A Director within the AS has a full and complete vision of the network topology. When it is desired to trace a particular flow because of an identified attack, selected routers in key locations—through which that particular flow travels—mark packets with labels which enable the tracing of the path. These labels permit the source of the attack, at least in so far as it travels through the AS, to be identified. If the number of entry (or key) points to the AS is larger than the number of available labels, the AS will be divided into subgroups, the flow is traced from subgroup to subgroup.Type: GrantFiled: August 7, 2003Date of Patent: July 21, 2009Assignee: Alcatel LucentInventors: Emanuele Jones, Jean-Marc Robert
-
Publication number: 20080307479Abstract: An IPTV network and a method are described herein that seamlessly integrate a multicast-based file transfer mechanism with unicast IPTV middleware to enable the efficient transfer of VOD assets from a Super Headend Office (SHO) to one or more Video Hub Offices (VHOs).Type: ApplicationFiled: March 14, 2008Publication date: December 11, 2008Applicant: ALCATEL LUCENTInventors: Emanuele Jones, Mike Brehm, Jason Brown
-
Patent number: 7415018Abstract: The Time to Live (TTL) field in an IP header is used as a covert channel in a communication system. More particularly the TTL field can be used to selectively mark packets with unique identifiers as they pass through an upstream station on their way to a downstream station. In this way the source of a traffic flow at least within a particular domain can be absolutely identified. This method of performing a traceback operation doesn't utilize additional resources as it relies on functionality which already exists in the system.Type: GrantFiled: September 17, 2003Date of Patent: August 19, 2008Assignee: Alcatel LucentInventors: Emanuele Jones, Olivier Le Moigne, Jean-Marc Robert
-
Patent number: 7313141Abstract: A network monitoring system (60). The system comprises storage circuitry (32) for storing network packet information, wherein the network packet information includes a predicted identifier. The network monitoring system also comprises at least one monitoring circuit (36) coupled to a network (70) along which network traffic flows in a form of packets. The at least one monitoring circuit programmed to perform the steps (44) of receiving a packet communicated along the network and determining whether the received packet is communicated between a source and destination in a first set of network nodes. Each packet in a sequence of communications between the source and the destination comprises a packet identifier that uniquely identifies the packet from all other communications in a flow between the source and the destination.Type: GrantFiled: October 9, 2002Date of Patent: December 25, 2007Assignee: Alcatel LucentInventors: Chao Kan, Pierrick Guingo, Emanuele Jones, Hubert Ogier, Thierry Labbe
-
Publication number: 20070033645Abstract: Malicious network activities do not make use of the Domain Name System (DNS) protocol to reach remote targets outside a local network. This DNS-based enforcement system for confinement and detection of network malicious activities requires that every connection toward a resource located outside the local network is blocked by default by the local enforcement box, e.g. a firewall or a proxy. Outbound connections are allowed to leave the local network only when authorized directly by an entity called the DNS Gatekeeper.Type: ApplicationFiled: July 22, 2005Publication date: February 8, 2007Applicant: ALCATELInventor: Emanuele Jones
-
Publication number: 20060218283Abstract: A system and method are provided for providing multiple aliases and associated policy profiles for a user of a VoIP communication system. The user configures a multitude of aliases by the user wishes to be contacted, and associates with each alias a policy stored at a user terminal. The aliases are stored within the network so as to be associated with contact information for the user terminal. A proxy processes call requests by determining the contact information associated with an alias entered by a caller, and forwards the call request to the user terminal associated with the contact information. The user terminal determines the alias used by the caller, and processes the connection request in accordance with the policy. The invention allows users to add and delete aliases in order to effect temporary and private contact information. Calls can be handled depending on which alias was used by a caller, rather than on an identification of the device used by the caller.Type: ApplicationFiled: May 20, 2005Publication date: September 28, 2006Applicant: ALCATELInventors: Emanuele Jones, Robert MacIntosh, Dmitri Vinokurov
-
Publication number: 20060197702Abstract: Systems and methods of detecting, and dealing with, a man-in-the-middle attack in wireless communications systems are described. The invention operates on the principle that if a mobile terminal is stationary there should be no reason for the access point to which it communicates to hand-over the connection. A hand-over, from the legitimate access point to a rogue access point can be detected by: the occurrence of a full hand-over procedure or simply by detecting a change in signal from the access point, either signal strength or direction of arrival. This indicates the initiation of an attack. Upon detecting such a man-in-the-middle attack, appropriate alerting actions are taken.Type: ApplicationFiled: March 1, 2005Publication date: September 7, 2006Applicant: ALCATELInventor: Emanuele Jones
-
Publication number: 20050058129Abstract: The Time to Live (TTL) field in an IP header is used as a covert channel in a communication system. More particularly the TTL field can be used to selectively mark packets with unique identifiers as they pass through an upstream station on their way to a downstream station. In this way the source of a traffic flow at least within a particular domain can be absolutely identified. This method of performing a traceback operation doesn't utilize additional resources as it relies on functionality which already exists in the system.Type: ApplicationFiled: September 17, 2003Publication date: March 17, 2005Inventors: Emanuele Jones, Olivier Le Moigne, Jean-Marc Robert
-
Publication number: 20050044208Abstract: A system and method of tracing network flows in an autonomous communications system are described. The Autonomous System may be formed of multiple subgroups depending on size and application. Each subgroup contains multiple, interconnected routers which participate in transporting data flow across the Autonomous System (AS). A Director within the AS has a full and complete vision of the network topology. When it is desired to trace a particular flow because of an identified attack, selected routers in key locations—through which that particular flow travels—mark packets with labels which enable the tracing of the path. These labels permit the source of the attack, at least in so far as it travels through the AS, to be identified. If the number of entry (or key) points to the AS is larger than the number of available labels, the AS will be divided into subgroups, the flow is traced from subgroup to subgroup.Type: ApplicationFiled: August 7, 2003Publication date: February 24, 2005Inventors: Emanuele Jones, Jean-Marc Robert
-
Publication number: 20040073655Abstract: A network monitoring system (60). The system comprises storage circuitry (32) for storing network packet information, wherein the network packet information includes a predicted identifier. The network monitoring system also comprises at least one monitoring circuit (36) coupled to a network (70) along which network traffic flows in a form of packets. The at least one monitoring circuit programmed to perform the steps (44) of receiving a packet communicated along the network and determining whether the received packet is communicated between a source and destination in a first set of network nodes. Each packet in a sequence of communications between the source and the destination comprises a packet identifier that uniquely identifies the packet from all other communications in a flow between the source and the destination.Type: ApplicationFiled: October 9, 2002Publication date: April 15, 2004Inventors: Chao Kan, Pierrick Guingo, Emanuele Jones, Hubert Ogier, Thierry Labbe