公开(公告)号：US10581976B2

公开(公告)日：2020-03-03

申请号：US14825096

申请日：2015-08-12

Applicant: A10 Networks, Inc.

Inventor： Micheal Thompson ,  Martin Grimm ,  Vernon Richard Groves ,  Rajkumar Jalan

IPC: H04L29/06 ,  H04L29/08

Abstract: Provided are methods and systems for a Transmission Control Protocol (TCP) state handoff of a data traffic flow. A method for a TCP state handoff of a data traffic flow comprises determining a TCP state at predetermined times by a state machine unit. The TCP state includes data concerning a session between a client and a server. The TCP state for the predetermined times is stored to a database. A request to apply a predetermined policy to the session is received by a transaction processing unit and, based on the request, a session request associated with the session between the client and the server is sent to an access control unit. The session request is processed by the access control unit based on the TCP state and according to the predetermined policy.

公开(公告)号：US20210152576A1

公开(公告)日：2021-05-20

申请号：US17140159

申请日：2021-01-04

Applicant: A10 Networks, Inc.

Inventor： Vernon Richard Groves ,  Vishnu Vasanth Radja ,  Diptanshu Purwar ,  Micheal Thompson

IPC: H04L29/06 ,  G06N5/02 ,  G06N20/00

Abstract: Provided are methods and systems for cluster-based mitigation of a network attack. A method for cluster-based mitigation of a network attack may commence with detecting an unusual pattern in network data traffic associated with data sources. The method may further include extracting signature parameters associated with the network data traffic. The signature parameters may be indicative of the network attack. The method may continue with assigning importance weights to the signature parameters based on historical signature data to generate weighted signature parameters. The method may further include building a decision tree for the data sources based on the weighted signature parameters. The method may continue with creating an optimal number of clusters for the data sources based on an analysis of the decision tree. The method may further include selectively taking at least one mitigating action with regard to the data sources within the clusters.

公开(公告)号：US09825943B2

公开(公告)日：2017-11-21

申请号：US15207190

申请日：2016-07-11

Applicant: A10 Networks, Inc.

Inventor： Micheal Thompson

IPC: H04L29/06 ,  G06F21/00 ,  G06F21/31 ,  H04W4/02 ,  H04W12/06 ,  H04L29/08

CPC classification number: H04L63/083 ,  G06F21/31 ,  G06F2221/2111 ,  H04L63/08 ,  H04L63/0876 ,  H04L63/102 ,  H04L63/107 ,  H04L63/108 ,  H04L67/02 ,  H04L67/18 ,  H04L2463/121 ,  H04W4/02 ,  H04W12/06

Abstract: User authentication techniques based on geographical locations associated with a client device is provided. A network connection can be established between two or more host machines and a client device. Upon a request received from the client device by one of these host machines, round trip times of test messages may be measured between the client device and each of the host machines. The round trip times can be utilized to determine the current geographical location of the client device. If the location is within a tolerance geographical area, the client device may be authenticated. Otherwise, the authentication may fail or additional security procedures may be implemented. In some examples, a travel time from a historical geographical location to current geographical location can be determined. This data may be also utilized in the user authentication process.

公开(公告)号：US20160134655A1

公开(公告)日：2016-05-12

申请号：US14979937

申请日：2015-12-28

Applicant: A10 Networks, Inc.

Inventor： Micheal Thompson ,  Vernon Richard Groves

IPC: H04L29/06

CPC classification number: H04L63/1458 ,  H04L63/1416

Abstract: Provided are methods and systems for mitigating a DDoS event. The method may comprise receiving an indication of a collapse of a collapsible virtual data circuit associated with network data traffic. In response to the received indication of the collapse, the collapse may be attributed to the DDoS event. Furthermore, the method may comprise redirecting the network data traffic to one or more DDoS mitigation services. The method may further comprise mitigating the DDoS event by the one or more DDoS mitigation services.

Abstract translation: 提供了减轻DDoS事件的方法和系统。 该方法可以包括接收与网络数据业务相关联的可折叠虚拟数据电路的崩溃的指示。 响应收到的崩溃指示，崩溃可能归因于DDoS事件。 此外，该方法可以包括将网络数据流量重定向到一个或多个DDoS缓解服务。 该方法还可以包括通过一个或多个DDoS缓解服务减轻DDoS事件。

公开(公告)号：US10911490B2

公开(公告)日：2021-02-02

申请号：US15856456

申请日：2017-12-28

Applicant: A10 Networks, Inc.

Inventor： Micheal Thompson ,  Richard Groves

IPC: G06F15/16 ,  H04L29/06 ,  G06K9/62 ,  G06N20/00

Abstract: A security platform running on a server includes (a) protocol stacks each configured to receive and to transmit IP data packets over a network interface, wherein the protocol stacks have predetermined performance characteristics that are different from each other and wherein each protocol stack includes one or more program interfaces to allow changes to its performance characteristics; (b) application programs each configured to receive and transmit payloads of the IP data packets, wherein at least two of the application programs are customized to handle different content types in the payloads and wherein each application program accesses the program interface of at least one protocol stack to tune performance characteristics of the protocol stack; (c) classifiers configured to inspect at a given time IP data packets then received in the network interface to select one of the protocol stack and one of the application programs to service the data packets; and (d) a control program to load and run the selected protocol stack and the selected application program.

公开(公告)号：US10158627B2

公开(公告)日：2018-12-18

申请号：US15814653

申请日：2017-11-16

Applicant: A10 NETWORKS, INC.

Inventor： Micheal Thompson

IPC: G06F21/00 ,  H04L29/06 ,  G06F21/31 ,  H04W4/02 ,  H04L29/08 ,  H04W12/06

Abstract: User authentication techniques based on geographical locations associated with a client device are provided. An example method for authentication of the client device includes receiving an authentication request from the client device. The method may include establishing current geographical location of the client device based on metadata received from the client device. The method may further include establishing a trusted tolerance geographical area based on historical location area associated with the client device. After establishing the trusted tolerance geographical area, the method may proceed with determining whether the current geographical location of the client device is within the trusted tolerance geographical area. The method may further include authenticating the client device based on the determination that the current geographical location of the client device is within the trusted tolerance geographical area.

公开(公告)号：US09398011B2

公开(公告)日：2016-07-19

申请号：US14834278

申请日：2015-08-24

Applicant: A10 Networks, Inc.

Inventor： Micheal Thompson

IPC: G06F21/00 ,  H04L29/06 ,  G06F21/31 ,  H04W4/02 ,  H04W12/06 ,  H04L29/08

CPC classification number: H04L63/083 ,  G06F21/31 ,  G06F2221/2111 ,  H04L63/08 ,  H04L63/0876 ,  H04L63/102 ,  H04L63/107 ,  H04L63/108 ,  H04L67/02 ,  H04L67/18 ,  H04L2463/121 ,  H04W4/02 ,  H04W12/06

Abstract: User authentication techniques based on geographical locations associated with a client device is provided. A network connection can be established between two or more host machines and a client device. Upon a request received from the client device by one of these host machines, round trip times of test messages may be measured between the client device and each of the host machines. The round trip times can be utilized to determine the current geographical location of the client device. If the location is within a tolerance geographical area, the client device may be authenticated. Otherwise, the authentication may fail or additional security procedures may be implemented. In some examples, a travel time from a historical geographical location to current geographical location can be determined. This data may be also utilized in the user authentication process.

公开(公告)号：US20150365410A1

公开(公告)日：2015-12-17

申请号：US14834278

申请日：2015-08-24

Applicant: A10 Networks, Inc.

Inventor： Micheal Thompson

IPC: H04L29/06 ,  H04W12/06 ,  H04L29/08 ,  H04W4/02

CPC classification number: H04L63/083 ,  G06F21/31 ,  G06F2221/2111 ,  H04L63/08 ,  H04L63/0876 ,  H04L63/102 ,  H04L63/107 ,  H04L63/108 ,  H04L67/02 ,  H04L67/18 ,  H04L2463/121 ,  H04W4/02 ,  H04W12/06

Abstract: User authentication techniques based on geographical locations associated with a client device is provided. A network connection can be established between two or more host machines and a client device. Upon a request received from the client device by one of these host machines, round trip times of test messages may be measured between the client device and each of the host machines. The round trip times can be utilized to determine the current geographical location of the client device. If the location is within a tolerance geographical area, the client device may be authenticated. Otherwise, the authentication may fail or additional security procedures may be implemented. In some examples, a travel time from a historical geographical location to current geographical location can be determined. This data may be also utilized in the user authentication process.

Abstract translation: 提供了基于与客户端设备相关联的地理位置的用户认证技术。 可以在两台或多台主机和客户端设备之间建立网络连接。 在通过这些主机之一从客户端设备接收到请求时，可以在客户端设备和每个主机之间测量测试消息的往返时间。 可以利用往返时间来确定客户端设备的当前地理位置。 如果位置在公差地理区域内，则客户端设备可以被认证。 否则，认证可能失败或可能实施其他安全程序。 在一些示例中，可以确定从历史地理位置到当前地理位置的旅行时间。 该数据也可以用在用户认证过程中。

公开(公告)号：US11115481B2

公开(公告)日：2021-09-07

申请号：US16805881

申请日：2020-03-02

Applicant: A10 Networks, Inc.

Inventor： Micheal Thompson ,  Martin Grimm ,  Vernon Richard Groves ,  Rajkumar Jalan

IPC: H04L29/08 ,  H04L29/06

Abstract: Provided are methods and systems for a Transmission Control Protocol (TCP) state handoff of a data traffic flow. A method for a TCP state handoff of a data traffic flow comprises determining a TCP state at predetermined times by a state machine unit. The TCP state includes data concerning a session between a client and a server. The TCP state for the predetermined times is stored to a database. A request to apply a predetermined policy to the session is received by a transaction processing unit and, in response to the request, a session request associated with the session between the client and the server is sent to an access control unit. The session request is processed by the access control unit based on the TCP state and according to the predetermined policy.

公开(公告)号：US10938783B2

公开(公告)日：2021-03-02

申请号：US16124699

申请日：2018-09-07

Applicant: A10 NETWORKS, INC.

Inventor： Micheal Thompson ,  Vishnu Vasanth Radja ,  Vernon Richard Groves ,  Diptanshu Purwar

IPC: H04L29/06

Abstract: Provided are methods and systems for cluster-based determination of signatures for detection of anomalous data traffic. An example method may include capturing, by a network module, data packets routed to a destination. The method may further include grouping, by at least one processor in communication with the network module, the data packets into clusters. The method may also include detecting, by the processor, an anomaly in the data packets and, in response to the detection, determining, by the processor and based on the clusters, one or more signatures associated with the data packets. The method may further include generating, by the processor and based on the signatures, one or more rules for allowing the data packets. The method may further include providing, by the processor, the one or more rules to a policy enforcement point associated with the destination.