Data traffic filtering indicator

US 7,818,794 B2
Filed: 06/09/2003
Issued: 10/19/2010
Est. Priority Date: 06/12/2002
Status: Expired due to Fees

First Claim

Patent Images

1. An apparatus adapted to communicate via a network, comprising:

a firewall including a set of rules for identifying packets associated with inappropriate activity, the rules in the set being separated into a plurality of classes; and

an indicator device for providing a plurality of user discernable indicators, wherein each of the plurality of user discernable indicators is associated with a different one of the plurality of classes and is visually discernable, and wherein a respective one of said plurality of user discernable indicators is triggered if one or more of the rules corresponding to one of said plurality of classes associated with the respective one of said plurality of user discernable indicators is violated,wherein the rules in the set are prioritized such that each of the plurality of classes represents a respective different one of a plurality of priority levels,wherein each of the plurality of user discernable indicators except a particular one is associated with the respective different one of the plurality of classes, the particular one of the plurality of user discernable indicators being associated with an affirmative status that filtering is being contemporaneously performed for any of the packets that violate the one or more rules, and wherein the particular one of the plurality of user discernable indicators along with the respective one of the plurality of user discernable indicators are concurrently triggered, only when a number of the packets that violate the one or more rules exceeds a pre-specified threshold to indicate that the filtering any of the packets that violate the one or more rules is being contemporaneously performed.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed are a method and bi-directional communication device, such as a cable modem, router, bridge, or other communication device adapted to communicate via a network and having a firewall, for identifying those packets associated with inappropriate activity. The communication device includes at least one user discernable indicator associated with the firewall. The at least one user discernable indicator contemporaneously indicates that a number of packets associated with the inappropriate activity has exceeded a threshold level.

Citations

18 Claims

1. An apparatus adapted to communicate via a network, comprising:
- a firewall including a set of rules for identifying packets associated with inappropriate activity, the rules in the set being separated into a plurality of classes; and
  
  an indicator device for providing a plurality of user discernable indicators, wherein each of the plurality of user discernable indicators is associated with a different one of the plurality of classes and is visually discernable, and wherein a respective one of said plurality of user discernable indicators is triggered if one or more of the rules corresponding to one of said plurality of classes associated with the respective one of said plurality of user discernable indicators is violated,wherein the rules in the set are prioritized such that each of the plurality of classes represents a respective different one of a plurality of priority levels,wherein each of the plurality of user discernable indicators except a particular one is associated with the respective different one of the plurality of classes, the particular one of the plurality of user discernable indicators being associated with an affirmative status that filtering is being contemporaneously performed for any of the packets that violate the one or more rules, and wherein the particular one of the plurality of user discernable indicators along with the respective one of the plurality of user discernable indicators are concurrently triggered, only when a number of the packets that violate the one or more rules exceeds a pre-specified threshold to indicate that the filtering any of the packets that violate the one or more rules is being contemporaneously performed.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The apparatus of claim 1, wherein the plurality of user discernable indicators comprises a highlighted icon displayed on a computing device.
  - 3. The apparatus of claim 1, wherein the firewall filters any of the packets that violate the one or more rules irrespective of a number of the packets that violate the one or more rules, but only triggers the respective one of the plurality of user discernable indicators when the number of the packets that violate the one or more rules exceeds a pre-specified threshold.
  - 4. The apparatus of claim 1, wherein only the particular one of the plurality of user discernable indicators is triggered if the one or more of the rules is violated, the filtering is performed by the firewall program, and the number of the packets that violate the one or more rules does not exceed the pre-specified threshold.
  - 5. The apparatus of claim 1, wherein whether the respective one of the plurality of user discernable indicators is triggered or not is based on which of the plurality of priority levels is involved with respect to a corresponding rule violation.
  - 6. The apparatus of claim 1, where each of the plurality of classes uses a different one of a plurality of thresholds with respect to how many violating ones of the packets must be detected before filtering is commenced, the plurality of thresholds being end-user settable.

7. A method, comprising:
- defining a set of rules to detect inappropriate communication activity on a computer or network;
  
  separating the rules in the set into a plurality of classes;
  
  associating each of the plurality of classes with a different one of a plurality of user discernable indicators that are each visually discernable;
  
  examining data traffic to determine whether at least one of the rules has been violated; and
  
  in the case that at least one of the rules of a first one of said plurality of classes has been violated, filtering said data traffic violating the at least one of the rules of the first one of said plurality of classes, providing a user discernable notification of said violation by triggering a respective one of the plurality of user discernable indicators associated with the first one of said plurality of classes, and wherein the rules in the set are prioritized such that each of the plurality of classes represents a respective different one of a plurality of priority levels,wherein each of the plurality of user discernable indicators except a particular one is associated with the different one of the plurality of classes, and the method further comprises;
  
  associating the particular one of the plurality of user discernable indicators with an affirmative status that filtering is being contemporaneously performed for any of the packets that violate at least one of the rules; and
  
  in the case of the rule of at least a first class from among the plurality of classes being violated and a number of packets violating the rule of at least the first class exceeding a pre-specified threshold, providing a user discernable notification of the filtering being contemporaneously performed by triggering, concurrently with the triggering of the respective one of the plurality of user discernable indicators, the particular one of the plurality of user discernable indicators associated with the affirmative status that the filtering is being contemporaneously performed.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The method of claim 7, further comprising:
    - determining if a first threshold level of rule violation has been exceeded prior to filtering said data traffic.
  - 9. The method of claim 7, further comprising:
    - determining if a first threshold level of rule violation has been exceeded prior to triggering the user discernable indicator.
  - 10. The method of claim 7, wherein the data traffic includes a number of packets that violate the at least one of the rules of the first one of the plurality of classes, and wherein the method filters the packets that violate the at least one of the rules of the first one of the plurality of classes, irrespective of the number of packets that violate the one or more rules, but only triggers the respective one of the plurality of user discernable indicators when the number of packets that violate the at least one of the rules of the first one of the plurality of classes exceeds a pre-specified threshold.
  - 11. The method of claim 7, wherein in the case of the rule of at least the first class being violated and the number of packets violating the rule of at least the first class not exceeding the pre-specified threshold, only providing the user discernable notification of the filtering without providing the user discernable notification of the violation.
  - 12. The method of claim 7, wherein whether the respective one of the plurality of user discernable indicators is triggered or not is based on which of the plurality of priority levels is involved with respect to a corresponding rule violation.

13. A cable modem, comprising:
- downstream processing circuitry;
  
  upstream processing circuitry;
  
  a controller in communication with said downstream circuits, upstream circuitry, and a memory;
  
  a firewall program including a set of rules for identifying packets associated with inappropriate activity, the rules being separated into a plurality of classes, said firewall program being resident in said memory and executable by said controller to cause examining data of packets from said downstream and upstream circuitry; and
  
  a plurality of user discernable indicators that are each visually discernable, wherein each of the plurality of user discernable indicators is associated with a different one of the plurality of classes and wherein a respective one of said plurality of user discernable indicators is triggered if one or more of the rules corresponding to one of said plurality of classes associated with the respective one of said plurality of user discernable indicators is violated, and wherein the rules in the set are prioritized such that each of the plurality of classes represents a respective different one of a plurality of priority levels,wherein the firewall program is executable by said controller to cause filtering any of the packets that violate at least one of the rules, and wherein each of the plurality of user discernable indicators other than a particular one is respectively associated with the different ones of the plurality of classes, the particular one of the plurality of user discernable indicators being associated with an affirmative status that filtering is being contemporaneously performed, and wherein the particular one of the plurality of user discernable indicators is triggered, concurrently with the triggering of the respective one of the plurality of user discernable indicators, if the one or more of the rules is violated, the filtering is performed by the firewall program, and a number of the packets that violate the one or more rules exceeds a pre-specified threshold.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The cable modem of claim 13, wherein said plurality of user discernable indicators comprises a first LED for signifying a filtering event and a second LED for signifying filtering data packets deemed pernicious in said set of rules.
  - 15. The cable modem of claim 13, wherein said plurality of user discernable indicators comprises a highlighted icon displayed on a computer device.
  - 16. The cable modem of claim 13, wherein the firewall program is executable by said controller to cause filtering of any of the packets that violate the one or more rules irrespective of a number of the packets that violate the one or more rules, but wherein the respective one of the plurality of user discernable indicators is triggered only when the number of packets that violate the one or more rules exceeds a pre-specified threshold.
  - 17. The cable modem of claim 13, wherein only the particular one of the plurality of user discernable indicators is triggered if the one or more of the rules is violated, the filtering is performed by the firewall program, and the number of the packets that violate the one or more rules does not exceed a pre-specified threshold.
  - 18. The cable modem of claim 13, wherein whether the respective one of the plurality of user discernable indicators is triggered or not is based on which of the plurality of priority levels is involved with respect to a corresponding rule violation.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
InterDigital Patent Holdings, Inc. (InterDigital, Inc.)
Original Assignee
Thomson Licensing (Vantiva SA)
Inventors
Wittman, Brian Albert
Primary Examiner(s)
Korzuch; William R
Assistant Examiner(s)
Vaughan; Michael R

Application Number

US10/517,574
Publication Number

US 20050169282A1
Time in Patent Office

2,689 Days
Field of Search

713150-167, 713200-201, 370400-406
US Class Current

726/13
CPC Class Codes

G06F 21/554   involving event detection a...

H04L 63/0227   Filtering policies mail mes...

H04L 63/1408   by monitoring network traff...

H04L 63/1416   Event detection, e.g. attac...

H04L 67/75   Indicating network or usage...

Data traffic filtering indicator

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Data traffic filtering indicator

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links