Semantic processing engine
First Claim
1. A method for performing semantic operations with contents of a message, comprising:
- receiving, at a processor, a message defined by message segments, wherein the message segments comprise packets in a packet-switched network;
identifying a grammar associated with the message segments;
converting the message segments into a token stream;
creating a substructure from tokens of the token stream;
identifying rules associated with the tokens, wherein the rules define actions for intrusion detection and prevention;
associating each of the message segments with a meta session through the tokens, wherein the meta session is made persistent across message transactions by storing data generated by the meta session on a persistent storage medium;
executing actions defined by the rules; and
forwarding the message to a destination.
1 Assignment
0 Petitions
Accused Products
Abstract
A processor configured to identify message contents is provided. The processor includes a message characterization block configured to characterize a message through analysis of header information associated with the message. A semantic processing block configured to translate the message into tokens associated with segments of the message is included. The semantic processing block identifies rules associated with each of the tokens and the semantic processing block is configured to apply the identified rules to the message. A queuing block configured to queue the message to be transmitted from the processor is included. A method for providing content based security, a computer readable media, an adapter card and a network device configured to provide content based security and an intrusion protection system are provided.
-
Citations
21 Claims
-
1. A method for performing semantic operations with contents of a message, comprising:
-
receiving, at a processor, a message defined by message segments, wherein the message segments comprise packets in a packet-switched network; identifying a grammar associated with the message segments; converting the message segments into a token stream; creating a substructure from tokens of the token stream; identifying rules associated with the tokens, wherein the rules define actions for intrusion detection and prevention; associating each of the message segments with a meta session through the tokens, wherein the meta session is made persistent across message transactions by storing data generated by the meta session on a persistent storage medium; executing actions defined by the rules; and forwarding the message to a destination. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer readable medium having program instructions for performing semantic operations with contents of a message when executed, comprising:
-
program instructions for receiving a message defined by message segments, wherein the message segments comprise packets in a packet-switched network; program instructions for identifying a grammar associated with the message segments; program instructions for converting the message segments into a token stream; program instructions for creating a substructure from tokens of the token stream; program instructions for identifying rules associated with tokens of the token stream, wherein the rules define actions for intrusion detection and prevention; program instructions for associating each of the message segments with a meta session through the tokens, wherein the meta session is made persistent across message transactions by storing data generated by the meta session on a persistent storage medium; program instructions for executing actions defined by the rules; and program instructions for forwarding the message to a destination, wherein each of the program instructions in the computer readable medium are executed by an integrated circuit. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A processor having logic for performing semantic operations with contents of a message, comprising:
-
logic for receiving a message defined by message segments, wherein the message segments comprise packets in a packet-switched network; logic for identifying a grammar associated with the message segments; logic for converting the message segments into a token stream; logic for creating a substructure from tokens of the token stream logic for identifying rules associated with tokens of the token stream, wherein the rules define actions for intrusion detection and prevention; logic for associating each of the message segments with a meta session through the tokens, wherein the meta session is made persistent across message transactions storing data generated by the meta session on a persistent storage medium; logic for executing actions defined by the rules; and logic for forwarding the message to a destination. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
Specification