초록 ▼

A processor configured to identify message contents is provided. The processor includes a message characterization block configured to characterize a message through analysis of header information associated with the message. A semantic processing block configured to translate the message into toke

A processor configured to identify message contents is provided. The processor includes a message characterization block configured to characterize a message through analysis of header information associated with the message. A semantic processing block configured to translate the message into tokens associated with segments of the message is included. The semantic processing block identifies rules associated with each of the tokens and the semantic processing block is configured to apply the identified rules to the message. A queuing block configured to queue the message to be transmitted from the processor is included. A method for providing content based security, a computer readable media, an adapter card and a network device configured to provide content based security and an intrusion protection system are provided.

대표청구항 ▼

What is claimed is: 1. A method for performing semantic operations with contents of a message, comprising: receiving, at a processor, a message defined by message segments, wherein the message segments comprise packets in a packet-switched network; identifying a grammar associated with the message

What is claimed is: 1. A method for performing semantic operations with contents of a message, comprising: receiving, at a processor, a message defined by message segments, wherein the message segments comprise packets in a packet-switched network; identifying a grammar associated with the message segments; converting the message segments into a token stream; creating a substructure from tokens of the token stream; identifying rules associated with the tokens, wherein the rules define actions for intrusion detection and prevention; associating each of the message segments with a meta session through the tokens, wherein the meta session is made persistent across message transactions by storing data generated by the meta session on a persistent storage medium; executing actions defined by the rules; and forwarding the message to a destination. 2. The method of claim 1, further comprising: retrieving meta session state information related to the message segments, wherein the meta session state information is invariant across different connections. 3. The method of claim 1, wherein the method operation of identifying a grammar associated with the message segments includes, evaluating header information of a packet containing one of the message segments. 4. The method of claim 1, wherein the method operation of identifying rules associated with the tokens includes, navigating through a rule index tree. 5. The method of claim 1, further including: creating a parse tree defined by the tokens. 6. The method of claim 1, wherein the method operation of converting the message segment into a token stream includes, associating a numeric with each token of the token stream. 7. The method of claim 1, wherein the substructure spans message segments. 8. A computer readable medium having program instructions for performing semantic operations with contents of a message when executed, comprising: program instructions for receiving a message defined by message segments, wherein the message segments comprise packets in a packet-switched network; program instructions for identifying a grammar associated with the message segments; program instructions for converting the message segments into a token stream; program instructions for creating a substructure from tokens of the token stream; program instructions for identifying rules associated with tokens of the token stream, wherein the rules define actions for intrusion detection and prevention; program instructions for associating each of the message segments with a meta session through the tokens, wherein the meta session is made persistent across message transactions by storing data generated by the meta session on a persistent storage medium; program instructions for executing actions defined by the rules; and program instructions for forwarding the message to a destination, wherein each of the program instructions in the computer readable medium are executed by an integrated circuit. 9. The computer readable medium of claim 8, further comprising: program instructions for retrieving meta session state information related to the message segment, wherein the meta session state information is invariant across different connections. 10. The computer readable medium of claim 8, wherein the program instructions for identifying a grammar associated with the message segments includes, program instructions for evaluating header information of a packet containing one of the message segments. 11. The computer readable medium of claim 8, wherein the program instructions for identifying rules associated with the tokens includes, program instructions for navigating through a rule index tree. 12. The computer readable medium of claim 8, wherein the program instructions for converting the message segments into a token stream includes, program instructions for associating a numeric with each token of the token stream. 13. The computer readable medium of claim 8, further comprising: program instructions for creating a parse tree defined by the tokens. 14. The computer readable medium of claim 13, wherein the program instructions for creating a parse tree defined by the tokens includes, program instructions for identifying non-terminals; and program instructions for identifying valid strings. 15. A processor having logic for performing semantic operations with contents of a message, comprising: logic for receiving a message defined by message segments, wherein the message segments comprise packets in a packet-switched network; logic for identifying a grammar associated with the message segments; logic for converting the message segments into a token stream; logic for creating a substructure from tokens of the token stream logic for identifying rules associated with tokens of the token stream, wherein the rules define actions for intrusion detection and prevention; logic for associating each of the message segments with a meta session through the tokens, wherein the meta session is made persistent across message transactions storing data generated by the meta session on a persistent storage medium; logic for executing actions defined by the rules; and logic for forwarding the message to a destination. 16. The processor of claim 15, further comprising: logic for retrieving meta session state information related to the message segments, wherein the meta session state information is invariant across different connections. 17. The processor of claim 15, wherein the logic for identifying a grammar associated with the message segments includes, logic for evaluating header information of a packet containing one of the message segments. 18. The processor of claim 15, wherein the logic for identifying rules associated with the tokens includes, logic for navigating through a rule index tree. 19. The processor of claim 15, further including: logic for creating a parse tree defined by the tokens. 20. The processor of claim 15, wherein the logic for converting the message segment into a token stream includes, logic for associating a numeric with each token of the token stream. 21. The processor of claim 15, wherein each logic element is one or a combination of hardware and software.