Bigoted IPv6 Filtering Apparatus
First Claim
1. A system comprising client devices and servers communicatively coupled on a network:
- the client devices configured to receive aggregated filter results in a data structure, to receive a request to connect with an Internet Protocol (IP) address, to perform a filter process to determine a plurality of locations within the data structure, and to accept or deny the connection based on the values in said locations within the data structure;
the client devices further configured to determine if the IP address is associated with malicious or undesired content and, if true, to transmit such IP address to a cloud service.
1 Assignment
0 Petitions
Accused Products
Abstract
An apparatus accesses many locations of a store for information about a specific Internet Protocol address. A filter concentrates and condenses a diffuse population widely dispersed in a ginormous address range into a smaller storage space with controllable error rate. A cloud service acquires, aggregates, and distributes IP address data structure records from and to globally distributed network access devices. A system of filter elements operating in parallel determines a plurality of storage addresses in memory to represent Internet Protocol addresses categorized for security. A method determines a plurality of storage addresses from each Internet Protocol address so characteristics of the IP address can be accessed at the storage addresses.
-
Citations
20 Claims
-
1. A system comprising client devices and servers communicatively coupled on a network:
-
the client devices configured to receive aggregated filter results in a data structure, to receive a request to connect with an Internet Protocol (IP) address, to perform a filter process to determine a plurality of locations within the data structure, and to accept or deny the connection based on the values in said locations within the data structure; the client devices further configured to determine if the IP address is associated with malicious or undesired content and, if true, to transmit such IP address to a cloud service. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A filter apparatus to determine access addresses for a storage device to record data about an Internet Protocol address, the filter apparatus comprising:
-
an input register for reception of an Internet Protocol address; an output register for emission of a plurality of s-addresses for accessing a non-transitory store; a C stage filter comprising an array of sequentially coupled filter elements; wherein each of C stages has b filter elements in parallel; wherein each filter element of a stage is configured with the same IP address, bitmask and the same Modulus; - View Dependent Claims (12, 13, 14, 15, 16)
-
-
17. A method for operation of a filter element which has a processor and memory, the method comprising:
-
receiving a modulus and a bit mask; receiving an Internet Protocol (IP) address; applying the bit mask to the least significant bits of the IP address; receiving a first succinct suffix; transforming said first succinct suffix, wherein transforming includes performing a hash using the masked IP address, the received first succinct suffix, and the modulus; and providing the transformed first succinct suffix as a second succinct suffix. - View Dependent Claims (18, 19, 20)
-
Specification