It is shown that, particularly for terrestrial cellular telephony, the interference-suppression feature of CDMA (code division multiple access) can result in a many-fold increase in capacity over analog and even over competing digital techniques. A single-cell system, such as a hubbed satellite network, is addressed, and the basic expression for capacity is developed. The corresponding expressions for a multiple-cell system are derived. and the distribution on the number of users supportable per cell is determined. It is concluded that properly augmented and power-controlled multiple-cell CDMA promises a quantum increase in current cellular capacity. >

On the capacity of a cellular CDMA system

A coated implantable medical device 10 includes a structure 12 adapted for introduction into the vascular system, esophagus, trachea, colon, biliary tract, or urinary tract; at least one layer 18 of a bioactive material positioned over the structure 12; and at least one porous layer 20 positioned over the bioactive material layer 18. Preferably, the structure 12 is a coronary stent, and the bioactive material is at least one of heparin, dexamethasone or a dexamethasone derivative. The device 10 includes layers 18 and 22 of heparin and dexamethasone, the layer 22 of dexamethasone being positioned above the layer 18 of heparin. The layers of bioactive material also can be individual materials or a combination of different materials. Unexpectedly, the more soluble heparin markedly promotes the release of the less soluble dexamethasone above it. The porous layer 20 is composed of a polymer applied by vapor or plasma deposition and provides a controlled release of the bioactive material. It is particularly preferred that the polymer is a polyimide, parylene or a parylene derivative, which is deposited without solvents, heat or catalysts, merely by condensation of a monomer vapor.

Coated implantable medical device

This document provides updates to IEEE Std 802.16's MIB for the MAC, PHY and asso- ciated management procedures in order to accommodate recent extensions to the standard.

IEEE Standard for Local and Metropolitan Area Networks Part 16: Air Interface for Fixed Broadband Wireless Access Systems Draft Amendment: Management Information Base Extensions

The Transmission Control Protocol.

Molecular beam epitaxy

A port profiling system (155) detects unauthorized network usage (110). The port profiling system analyzes network communications (101, 199)to determine the service ports being used (181, 182, 183, 184, 185, 186). The system collects flow data (101, 162) from packet headers (162) between two hosts or Internet Protocol (IP) addresses. The collected flow data (160) is analyzed to determin e the associated network service provided (166). A host data structure (160, 166) is maintained containing a profile of the network services normally associated with the host (162). If the observed network service is not one of the normal network services performed as defined by the port profile (160, 166) for that host, an alarm signal is generated (630) and action (642) can be taken based upon the detection of an Out of Profile network service (610). An Out of Profile operation can indicate the operation of a Trojan Horse program (120) on the host, a scanning probe, or the existence of a non-approved network application that has been installed (160, 162, 120).

Network port profiling

A flow-based intrusion detection sy stem ( 150) for detecting intrusions in computer communication networks ( 199) Data packets (101 ) representing communications between hosts in a computer-to-computer communication network (199) are processed and assigned to various client/server flows (160, 162) Statistics are collected for each flow (160, 162) Then, the flow statistics are analyzed to determine if the flow appears to be legitimate traffic or possible suspicious activity A concern index value is assigned to each flow that appears suspicious (166) By assigning a value to each flow that appears suspicious and adding that value to the total concern index ( 162, 166)of the responsible host, it is possible to identify hosts that are engaged in intrusion activity When the concern index value (166) of a host exceeds a preset alarm value, an alert is issued and appropriate action can be taken.

Packet sampling flow-based detection of network intrusions

A flow-based intrusion detection system for detecting intrusions in computer communication networks. Data packets representing communications between hosts in a computer-to-computer communication network are processed and assigned to various client/server flows. Statistics are collected for each flow. Then, the flow statistics are analyzed to determine if the flow appears to be legitimate traffic or possible suspicious activity. A concern index value is assigned to each flow that appears suspicious. By assigning a value to each flow that appears suspicious and adding that value to the total concern index of the responsible host, it is possible to identify hosts that are engaged in intrusion activity. When the concern index value of a host exceeds a preset alarm value, an alert is issued and appropriate action can be taken.

Flow-based detection of network intrusions

As the trend of successful network attacks continue to rise, better forms of intrusion detection and prevention are needed. This paper addresses network traffic visualization techniques that aid an administrator in recognizing attacks in real time. Our approach improves upon current techniques that lack effectiveness due to an overemphasis on flow, nodes, or assumed familiarity with the attack tool, causing either late reaction or missed detection. A port-based overview of network activity produces a improved representation for detecting and responding to malicious activity. We have found that presenting an overview using stacked histograms of aggregate port activity, combined with the ability to drill-down for finer details allows small, yet important details to be noticed and investigated without being obscured by large, usual traffic. Due to the amount of traffic as well as the range of possible port numbers and IP addresses, scaling techniques are necessary to help provide this overview. We provide graphs with examples of forensic findings. Finally, we describe our future plans for using live traffic in addition to our forensic visualization techniques.

/pdf/visualizing-network-data-for-intrusion-detection-3fq0sgzik6.pdf

Visualizing network data for intrusion detection

A zone locking system detects unauthorized network usage internal to a firewall. The system determines unauthorized network usage by classifying internal hosts inside a firewall into zones. Certain specified zones are unauthorized to initiate client communications with other selected zones. However, zone override services can be designated for each associated internal zone, and thus, authorizing selected network services. An alarm or other appropriate action is taken upon the detection of unauthorized network usage.

John A. Copeland

Papers

Network port profiling

Packet sampling flow-based detection of network intrusions

Flow-based detection of network intrusions

Visualizing network data for intrusion detection

Network service zone locking