Abstract: Methods and apparatus for supporting secure packet communications, e.g., sRTP/sRTCP, which are resistant to denial of service attacks are described. A received packet is identified to correspond to a particular stream being received, the stream having a current expected set of packet sequence numbers, e.g., a current window including a next expected packet sequence number and at least one packet sequence number in the expected packet window on each side of the expected packet sequence number. Unencrypted information from the received packet, e.g., a received packet sequence number, is used to determine at least one of: to drop the received packet, or to assign the packet to one of a plurality of policing levels. If the packet passes policing at its assigned policing level, the packet may undergo authentication and decryption to determine if it is a valid packet.

Abstract: Methods and apparatus for supporting secure packet communications, e.g., sRTP/sRTCP, which are resistant to denial of service attacks are described. A received packet is identified to correspond to a particular stream being received, the stream having a current expected set of packet sequence numbers, e.g., a current window including a next expected packet sequence number and at least one packet sequence number in the expected packet window on each side of the expected packet sequence number. Unencrypted information from the received packet, e.g., a received packet sequence number, is used to determine at least one of: to drop the received packet, or to assign the packet to one of a plurality of policing levels. If the packet passes policing at its assigned policing level, the packet may undergo authentication and decryption to determine if it is a valid packet.

Abstract: A software installation method, device and system. The method includes: downloading a software installation package; detecting type of the software installation package; installing the software installation package in a parallel software installation mode if the type of the software installation package is not Microsoft Installer (MSI) type; and installing the software installation package in a serial software installation mode if the type of the software installation package is the MSI type.

Abstract: The invention features a computer-implemented method for playing back an announcement message to a user device. The method includes initiating, by a computing device, an announcement session in response to a user device establishing communication with the computing device and determining, by the computing device, the announcement message to be played back to the user device. The method includes loading, by the computing device, into a queue associated with the announcement session, a descriptor referencing a memory buffer on the computing device. The memory buffer includes a plurality of memory partitions, each memory partition storing at least one portion of the announcement message encoded at a different rate. The method includes the computing device scheduling play back of the announcement message, playing the announcement message to the user device at a first rate and receiving a request from the user device for playback at a second rate.

Abstract: A method for controlling closing of a terminal including: intercepting a shutdown operation; carrying out corresponding safety detection according to preset safety detection items; and processing potential safety hazards and closing the terminal after the processing. According to the method, the potential safety hazards of the terminal are processed before the terminal is closed, so that the terminal safety is improved. In addition, a system for controlling closing of a terminal and a computer storage medium are provided.

Abstract: The disclosure provides a method, a device and a terminal for improving the speed of an application relating to the computer field. The method may include collecting local data information corresponding to a missing-page interruption during execution of the application. The local data information may include a name of a file in which the local data is contained, an offset in the file and the size of the local data. The method may further include acquiring the local data corresponding to the local data information in response to receiving an instruction to improve the running speed of the application and loading the acquired local data. This may reduce the time spent by the application on accessing I/O operations. Thus, the running speed of the application may be improved by loading the acquired local data according to the local data information corresponding to the missing-page interruption while the application is running.

Abstract: Described are an operating system startup acceleration method and device, a terminal and a computer readable medium. The method comprises: acquiring prefetch information corresponding to at least one process to be accelerated in a procedure of operating system startup, wherein the prefetch information comprises a file path, a shift value and a length value of a data block required by the process to be accelerated; and reading a corresponding data block into a system cache according to the acquired prefetch information, and completing a startup procedure of the process to be accelerated using the data block in the system cache.

Abstract: A computer-implemented method for inserting an out-of-band signaling packet into a real-time protocol (RTP) stream is provided. The method includes receiving the out-of-band signaling packet intended for transmission to a user device and forming a synthesized packet based on payload information from the out-of-band signaling packet and header information stored in a data structure describing the RTP stream. The method also includes inserting the synthesized packet into the RTP stream. The method further includes receiving an RTP packet intended for transmission to the user device via the RTP stream, analyzing an insertion sequence number and an insertion flag maintained in the data structure, and discarding or forwarding the RTP packet via the RTP stream based on the analyzing.

Abstract: A computer-implemented method for inserting an out-of-band signaling packet into a real-time protocol (RTP) stream is provided. The method includes receiving the out-of-band signaling packet intended for transmission to a user device and forming a synthesized packet based on payload information from the out-of-band signaling packet and header information stored in a data structure describing the RTP stream. The method also includes inserting the synthesized packet into the RTP stream. The method further includes receiving an RTP packet intended for transmission to the user device via the RTP stream, analyzing an insertion sequence number and an insertion flag maintained in the data structure, and discarding or forwarding the RTP packet via the RTP stream based on the analyzing.

Abstract: The invention features a computer-implemented method for playing back an announcement message to a user device. The method includes initiating, by a computing device, an announcement session in response to a user device establishing communication with the computing device and determining, by the computing device, the announcement message to be played back to the user device. The method includes loading, by the computing device, into a queue associated with the announcement session, a descriptor referencing a memory buffer on the computing device. The memory buffer includes a plurality of memory partitions, each memory partition storing at least one portion of the announcement message encoded at a different rate. The method includes the computing device scheduling play back of the announcement message, playing the announcement message to the user device at a first rate and receiving a request from the user device for playback at a second rate.

Abstract: Described are computer-based methods and apparatuses, including computer program products, for identifying attackers on a network. A data packet is filtered by a multi-tiered filtering and transmission system. Data packets matching the first tier filter are discarded. Data packets matching the second tier filter are transmitted to an output module based on a criterion. Data packets in the third tier filter are hashed into bins and data packets matching an entry in the bin are transmitted to the output module based on a criterion for the bin. Data packets in the fourth tier transmission system are transmitted to the output module based on a criterion. Data packets that do not meet the criterion for transmission to the output module are transmitted to an attack identification module which analyzes the data packets to identify attacks.

Abstract: The present invention provides a method, system and apparatus for extracting a video abstract. The method includes: A: receiving an input video, dividing the video and obtaining a jump time point sequence; B: filtering out a jump time point sequence from candidate time point sequences by using a shot dividing algorithm; C: extracting a video segment corresponding to each jump time point according to the jump time point sequence, and merging the extracted video segments into a video abstract. In the procedure of extracting the video abstract in the present invention, an eigenvector of each video frame is calculated firstly, a jump time point sequence is filtered out through a hierarchical clustering mode, and then video frames are extracted according to the jump time point sequence to be merged into the video abstract.

Abstract: Described are computer-based methods and apparatuses, including computer program products, for scalable filtering and policing mechanism for protecting user traffic in a network. A data packet is filtered by a multi-tiered filtering and transmission system. Data packets matching the first tier filter are discarded. Data packets matching the second tier filter are transmitted to an output module based on a criterion. Data packets in the third tier filter are hashed into bins and data packets matching an entry in the bin are transmitted to the output module based on a criterion for the bin. Data packets in the fourth tier transmission system are transmitted to the output module based on a criterion. Data packets that do not meet the criterion for transmission to the output module are transmitted to an attack identification module which analyzes the data packets to identify attacks.

Abstract: Described are computer-based methods and apparatuses, including computer program products, for filtering and policing for defending against denial of service attacks on a network. A data packet is filtered by a multi-tiered filtering and transmission system. Data packets matching the first tier filter are discarded. Data packets matching the second tier filter are transmitted to an output module based on a criterion. Data packets in the third tier filter are hashed into bins and data packets matching an entry in the bin are transmitted to the output module based on a criterion for the bin. Data packets in the fourth tier transmission system are transmitted to the output module based on a criterion. Data packets that do not meet the criterion for transmission to the output module are transmitted to an attack identification module which analyzes the data packets to identify attacks.

Abstract: A gateway apparatus includes multiple network server cards which are synchronized with each other to allow time slot switching of synchronous data across an asynchronous medium between source and destination server cards. The gateway includes synchronization logic and a data adaptation layer which implements a protocol for formatting of synchronous serial data. The data undergoes serial to parallel conversion and is formed into per time slot subpackets which are further packetized along with context and synchronization data. The packet is transmitted through an asynchronous switch after which the packet is disassembled into its constituent subpackets and queued into play-out buffers according to each subpackets' associated context and synchronization data. The apparatus allows synchronous data to be switched from a source time slot to a destination time slot across the asynchronous switch with a known, fixed delay.

Abstract: Described are computer-based methods and apparatuses, including computer program products, for filtering and policing for defending against denial of service attacks on a network. A data packet is filtered by a multi-tiered filtering and transmission system. Data packets matching the first tier filter are discarded. Data packets matching the second tier filter are transmitted to an output module based on a criterion. Data packets in the third tier filter are hashed into bins and data packets matching an entry in the bin are transmitted to the output module based on a criterion for the bin. Data packets in the fourth tier transmission system are transmitted to the output module based on a criterion. Data packets that do not meet the criterion for transmission to the output module are transmitted to an attack identification module which analyzes the data packets to identify attacks.

Abstract: Described are computer-based methods and apparatuses, including computer program products, for scalable filtering and policing mechanism for protecting user traffic in a network. A data packet is filtered by a multi-tiered filtering and transmission system. Data packets matching the first tier filter are discarded. Data packets matching the second tier filter are transmitted to an output module based on a criterion. Data packets in the third tier filter are hashed into bins and data packets matching an entry in the bin are transmitted to the output module based on a criterion for the bin. Data packets in the fourth tier transmission system are transmitted to the output module based on a criterion. Data packets that do not meet the criterion for transmission to the output module are transmitted to an attack identification module which analyzes the data packets to identify attacks.

Abstract: Described are computer-based methods and apparatuses, including computer program products, for identifying attackers on a network. A data packet is filtered by a multi-tiered filtering and transmission system. Data packets matching the first tier filter are discarded. Data packets matching the second tier filter are transmitted to an output module based on a criterion. Data packets in the third tier filter are hashed into bins and data packets matching an entry in the bin are transmitted to the output module based on a criterion for the bin. Data packets in the fourth tier transmission system are transmitted to the output module based on a criterion. Data packets that do not meet the criterion for transmission to the output module are transmitted to an attack identification module which analyzes the data packets to identify attacks.

Abstract: A gateway apparatus includes multiple network server cards which are synchronized with each other to allow time slot switching of synchronous data across an asynchronous medium between source and destination server cards. The gateway includes synchronization logic and a data adaptation layer which implements a protocol for formatting of synchronous serial data. The data undergoes serial to parallel conversion and is formed into per time slot subpackets which are further packetized along with context and synchronization data. The packet is transmitted through an asynchronous switch after which the packet is disassembled into its constituent subpackets and queued into play-out buffers according to each subpackets' associated context and synchronization data. The apparatus allows synchronous data to be switched from a source time slot to a destination time slot across the asynchronous switch with a known, fixed delay.

Abstract: A gateway apparatus includes multiple network server cards which are synchronized with each other to allow time slot switching of synchronous data across an asynchronous medium between source and destination server cards. The gateway includes synchronization logic and a data adaptation layer which implements a protocol for formatting of synchronous serial data. The data undergoes serial to parallel conversion and is formed into per time slot subpackets which are further packetized along with context and synchronization data. The packet is transmitted through an asynchronous switch after which the packet is disassembled into its constituent subpackets and queued into play-out buffers according to each subpackets' associated context and synchronization data. The apparatus allows synchronous data to be switched from a source time slot to a destination time slot across the asynchronous switch with a known, fixed delay.