Increasing access point throughput by exceeding A-MPDU buffer size limitation in a 802.11 compliant station
Granted: May 10, 2022
Patent Number:
11330469
An 802.11-compliant device for high throughput is disclosed. A plurality of TCP packets received in a buffer for transmission are stored. The plurality of TCP packets can be aggregated as A-MSDU sub-frames to form a A-MSDU frame in accordance with an IEEE 802.11 standard. Additionally, a plurality of A-MSDU frames can be aggregated as A-MPDU sub-frames to form a A-MPDU frame. The A-MPDU frame is compliant with a number of allowable sub-frames and a maximum size in accordance with an…
Cooperative access points for quality of service (QoS) requirements in wireless local access networking (WLAN)
Granted: May 10, 2022
Patent Number:
11330461
For QoS (quality of service) requirements of a session at a first access point and a wireless station, a cost function value is calculated for the specific session based on a number of network packets to be processed in the queue and the identified QoS requirement. It is determined whether another of the plurality of access points within range of the specific session can better serve the identified QoS requirement than the first access point by comparing the cost function value for the…
Detecting data exfiltration using machine learning on personal e-mail account display names
Granted: May 10, 2022
Patent Number:
11330437
An e-mail application is identified by parsing a network packet from the network packets. Responsive to the e-mail application identification, a display name associated with the user is extracted and the display name is stored among a plurality of display names in association with the company e-mail address of the user. Responsive to one of the plurality of display names matching a display name of a private e-mail address of the user as a destination of e-mail along with surpassing a…
TCP (transmission control protocol) fast open for classification acceleration of cache misses in a network processor
Granted: May 10, 2022
Patent Number:
11330074
A packet parser generates a key from TCP metadata of a data packet for a specific session. A packet cache stores recent network policy identifiers associated with a plurality of network sessions, wherein the key is used as an index to search the packet cache. The packet cache responsive to a cache miss, checks a TFO cookie field for a rule ID stored by the client during a previous session as generated by the network processor. If there is no rule ID, a classification pipeline is…
Detecting malicious web pages by analyzing elements of hypertext markup language (HTML) files
Granted: May 10, 2022
Patent Number:
11330010
Systems and methods are described for detecting compromised web pages and domains by analyzing of elements of hypertext markup language (HTML) files of a domain. In one embodiment, a security service receives a request including a potentially malicious uniform resource locator (URL) and retrieves a first HTML file to which the potentially malicious URL points and a second HTML file to which a host URL corresponding to the potentially malicious URL points. The security service determines…
Accelerating data communication using tunnels
Granted: May 10, 2022
Patent Number:
11329961
Methods and systems are provided for increasing application performance and accelerating data communications in a WAN environment. According to one embodiment, packets are received at a flow classification module operating at the Internet Protocol (IP) layer of a first wide area network (WAN) acceleration device via a private tunnel, which is operable to convey application layer data for connection-oriented applications between WAN acceleration devices. The packets are passed to a WAN…
Two-stage hash based logic for application layer distributed denial of service (DDoS) attack attribution
Granted: April 26, 2022
Patent Number:
11316889
Methods and systems for a two-stage attribution of application layer DDoS attack are provided. In a first table just a hash index is maintained whereas the second stage table keeps the string parameter corresponding to the application layer attribute under attack. A linked list maintains a plurality of rows if there is hash collision in the first table. The second table is aged out and reported periodically with details of large strings.
Providing a secure communication channel between kernel and user mode components
Granted: April 26, 2022
Patent Number:
11314662
Systems and methods for implementing a secure communication channel between kernel and user mode components are provided. According to an embodiment, a shared memory is provided through which a kernel mode process and a user mode process communicate. The kernel mode process is assigned read-write access to the shared memory. The user mode process is assigned read-only access to the shared memory. An offset-based linked list is implemented within the shared memory. Kernel-to-user messages…
Breached website detection and notification
Granted: April 19, 2022
Patent Number:
11310278
System and methods for a cloud-based approach to breached website detection and notification as a security service are provided. According to one embodiment, a network security device protecting a private network of an enterprise, intercepts information associated with an interaction with a website by a browser of a client device associated with the private network. The network security device, based on the information, proactively determines whether the website or a domain with which…
AI-DFS (artificial intelligence enabled dynamic frequency selection) for steering downgraded wireless stations on 160 MHz bandwidth supported wireless data communication networks
Granted: April 5, 2022
Patent Number:
11297511
A station with a 160 MHz channel connection at a first access point is downgraded by an access point in response to being displaced off of a channel status changing to NOP (non occupancy period). This can be caused by ambient radar signals. The downgrade is addressed by redistributing the 160 MHz stations to other access points with available 160 MHz channels. Stations are steered to a network-wide best available bandwidth channel across different access points.
Automatic tagging of cloud resources for implementing security policies
Granted: March 29, 2022
Patent Number:
11290527
Systems and methods for automatically tagging cloud resources that are spread across multiple cloud platforms are provided. According to one embodiment, information regarding each cloud provider of multiple cloud providers associated with a cloud environment used by a private network is received by a cloud-tagging orchestrator service of the private network. For each cloud resource of a plurality of cloud resources hosted by the cloud providers on behalf of the private network: (i)…
Mitigating malware impact by utilizing sandbox insights
Granted: March 15, 2022
Patent Number:
11277438
Systems and methods for mitigating the impact of malware by reversing malware related modifications in a computing device are provided. According to an embodiment, a sandbox service running within a network security platform protecting an enterprise network receives a file containing malware and associated contextual information from an endpoint security solution running on an endpoint device, which has been infected by the malware. The sandbox service captures information regarding a…
Automated testing of network security policies against a desired set of security controls
Granted: March 1, 2022
Patent Number:
11265347
Systems and methods for automated testing of network security controls are provided. According to one embodiment, information regarding multiple desired security controls for a protected network are received by a network device. Network traffic configured to validate an extent of conformance by the protected network with the desired security controls is generated by the network device. The generated network traffic is transmitted by the network device onto the protected network. An…
Fan vibration damping devices, systems and/or methods
Granted: February 22, 2022
Patent Number:
11255347
Vibration damping devices and methods utilizing the same for damping vibrations in a fan. A vibration damping device for a fan, the fan having an inlet side of a frame and an exhaust side of the frame and the frame retains a fan mechanism. The vibration damping device includes a mass mT which may include either: a block with a total mass mT; or a finger guard and at least one resilient attachment member having a first spring characteristic, wherein resilient attachment member is…
Conditional hardware acceleration of secure forward error correction (FEC) processing
Granted: February 15, 2022
Patent Number:
11251906
It is determined whether hardware acceleration is available for the incoming data packet. Responsive to hardware acceleration availability, and based on the received FEC conditions, it is determined, for a session associated with the incoming data packet, whether to hardware decrypt the incoming data packet before decoding the incoming data packet or to hardware decrypt after decoding the incoming data packet.
System and methods for detection of cryptoware
Granted: February 8, 2022
Patent Number:
11244051
A computer implemented method for protecting data stored in at least one file from being overwritten by malicious code, comprises: monitoring at least one file stored in a storage device location to detect a request to perform an overwrite operation at least a portion of data of the at least one file; redirecting the overwrite operation to a memory location designated as safe for being overwritten; analyzing the overwrite operation at the memory location to identify an association with…
Providing secure data replication among nodes of a hierarchical multitenant security orchestration and automated response (SOAR) architecture
Granted: February 1, 2022
Patent Number:
11240110
Systems and methods for facilitating secure and reliable communications among nodes of different tiers of a multi-tenant SOAR deployment are provided. According to one embodiment, data flow propagation within a hierarchy of nodes of the SOAR deployment is controlled. Responsive to creation of a record by a node: (i) when there exists a parent node in the hierarchy, setting a PID of the record to a TID of the parent node; otherwise, to a TID of the node; (ii) when there exists a child…
Selectively processing packets based on their classification by a counting bloom filter as a first packet or a subsequent packet of a transport protocol connection
Granted: January 11, 2022
Patent Number:
11223562
Systems and methods for selectively processing packets based on their classification by a CBF are provided. According to one embodiment, a network device receives a packet, extracts n-tuple values from the header of the packet that are indicative of a particular transport protocol connection with which the packet is associated, determines whether the particular transport protocol connection represents an active transport protocol connection represented within the CBF by searching the CBF…
Endpoint network traffic analysis
Granted: January 11, 2022
Patent Number:
11223639
Systems and methods for an agent-based approach that facilitates endpoint network traffic analysis are provided. According to an embodiment, an agent running on an endpoint device associated with an enterprise network collects network communication metadata from the endpoint device responsive to receiving callbacks from a kernel-level tracing facility implemented within an OS of the endpoint device and locally stores the collected network communication metadata. Further, the agent…
Inception of suspicious network traffic for enhanced network security
Granted: January 11, 2022
Patent Number:
11223635
Systems and methods are described for inception of suspicious network traffic to allow detection of the beginning of common attacks by network security devices, such as NGFWs, UTM appliances and IPS appliances. According to one embodiment, inception engine running on network security appliance protecting a private network monitors a session between an external computing device and a server device associated with the private network. In response to receipt of suspicious traffic from…
