公开(公告)号：EP3186932A1

公开(公告)日：2017-07-05

申请号：EP15835856.4

申请日：2015-08-21

申请人： NEC Laboratories America, Inc.

发明人： LUMEZANU, Cristian ,  JIN, Cheng ,  ZHANG, Hui ,  SHARMA, Abhishek ,  XU, Qiang ,  ARORA, Nipun ,  JIANG, Guofei

IPC分类号： H04L12/721 ,  H04L12/761 ,  H04L12/937 ,  H04L12/64

摘要： Systems and methods for controlling legacy switch routing in one or more hybrid networks of interconnected computers and switches, including generating a network underlay for the one or more hybrid networks by generating a minimum spanning tree (MST) and a forwarding graph (FWG) over a physical network topology of the one or more hybrid networks, determining an optimal path between hosts on the FWG by optimizing an initial path with a minimum cost mapping, and adjusting the initial path to enforce the optimal path by generating and installing special packets in one or more programmable switches to trigger installation of forwarding rules for one or more legacy switches.

摘要翻译： 用于控制互连计算机和交换机的一个或多个混合网络中的传统交换机路由的系统和方法，包括通过在一个或多个混合网络上生成最小生成树（MST）和转发图（FWG）来生成一个或多个混合网络的网络底层 一个或多个混合网络的物理网络拓扑，通过使用最小成本映射优化初始路径来确定FWG上的主机之间的最佳路径，并且通过在一个或多个混合网络中生成并安装特定分组来调整初始路径以实施最佳路径，或 更多可编程交换机来触发安装一个或多个传统交换机的转发规则。

公开(公告)号：EP3183848A1

公开(公告)日：2017-06-28

申请号：EP15833008.4

申请日：2015-08-20

申请人： NEC Laboratories America, Inc.

发明人： XU, Qiang ,  LUMEZANU, Cristian ,  LIU, Zhuotao ,  ARORA, Nipun ,  SHARMA, Abhishek ,  ZHANG, Hui ,  JIANG, Guofei

IPC分类号： H04L12/751 ,  G06F9/455

CPC分类号： H04L41/12 ,  G06F9/45533 ,  H04L41/083 ,  H04L43/087 ,  H04L45/02 ,  H04L45/121 ,  H04L45/123 ,  H04L45/124

摘要： Systems and methods for decoupled searching and optimization for one or more data centers, including determining a network topology for one or more networks of interconnected computer systems embedded in the one or more data center, searching for routing candidates based on a network topology determined, and updating and applying one or more objective functions to the routing candidates to determine an optimal routing candidate to satisfy embedding goals based on tenant requests, and to embed the optimal routing candidate in the one or more data centers.

摘要翻译： 用于对一个或多个数据中心进行解耦搜索和优化的系统和方法，包括确定嵌入在一个或多个数据中心中的互连计算机系统的一个或多个网络的网络拓扑，基于确定的网络拓扑搜索路由候选，以及 更新并将一个或多个目标函数应用于路由候选者以基于租户请求确定最佳路由候选者以满足嵌入目标，并且将最佳路由候选者嵌入到一个或多个数据中心中。

公开(公告)号：EP3085022A1

公开(公告)日：2016-10-26

申请号：EP14870677.3

申请日：2014-12-19

申请人： NEC Laboratories America, Inc.

发明人： ZHANG, Hui ,  RHEE, Junghwan ,  ARORA, Nipun ,  LUMEZANU, Cristian ,  JIANG, Guofei

IPC分类号： H04L12/26

CPC分类号： H04L41/0631 ,  H04L41/069 ,  H04L41/14 ,  H04L43/0858

摘要： A computer implemented method for network monitoring includes providing network packet event characterization and analysis for network monitoring that includes supporting summarization and characterization of network packet traces collected across multiple processing elements of different types in a virtual network, including a trace slicing to organize individual packet events into path-based trace slices, a trace characterization to extract at least 2 types of feature matrix describing those trace slices, and a trace analysis to cluster, rank and query packet traces based on metrics of the feature matrix.

摘要翻译： 一种用于网络监测的计算机实现方法包括为网络监测提供网络分组事件表征和分析，其包括支持在虚拟网络中跨越不同类型的多个处理元件收集的网络分组跟踪的摘要和表征，包括用于组织各个分组事件的跟踪分片 基于路径的跟踪片，跟踪表征，以提取描述这些跟踪片段的至少2种类型的特征矩阵，以及基于特征矩阵的度量的集群，排序和查询分组跟踪的跟踪分析。

公开(公告)号：EP3031174A1

公开(公告)日：2016-06-15

申请号：EP14834489.8

申请日：2014-08-07

申请人： NEC Laboratories America, Inc.

发明人： ARORA, Nipun ,  ZHANG, Hui ,  LUMEZANU, Cristian ,  RHEE, Junghwan ,  JIANG, Guofei ,  LU, Hui

IPC分类号： H04L12/24 ,  H04L12/64

CPC分类号： H04L41/082 ,  H04L12/4675 ,  H04L41/0226 ,  H04L41/0803 ,  H04L41/12 ,  H04L41/20

摘要： Method and systems for controlling a hybrid network having software-defined network (SDN) switches and legacy switches include initializing a hybrid network topology by retrieving information on a physical and virtual infrastructure of the hybrid network; generating a path between two nodes on the hybrid network based on the physical and virtual infrastructure of the hybrid network; generating a virtual local area network by issuing remote procedure call instructions to legacy switches in accordance with a network configuration request; and generating an SDN network slice by issuing SDN commands to SDN switches in accordance with the network configuration request.

摘要翻译： 用于控制具有软件定义网络（SDN）交换机和传统交换机的混合网络的方法和系统包括：通过检索混合网络的物理和虚拟基础设施上的信息来初始化混合网络拓扑; 基于混合网络的物理和虚拟基础设施，在混合网络上的两个节点之间生成路径; 通过根据网络配置请求向传统交换机发出远程过程呼叫指令来产生虚拟局域网; 以及根据网络配置请求向SDN交换机发出SDN命令来生成SDN网络切片。

公开(公告)号：EP2208146A1

公开(公告)日：2010-07-21

申请号：EP08743687.9

申请日：2008-03-05

申请人： NEC Laboratories America, Inc.

发明人： CHEN, Haifeng ,  JIANG, Guofei ,  YOSHIHIRA, Kenji ,  ZHANG, Hui ,  MENG, Xiaoqiao

IPC分类号： G06F17/00 ,  G06F19/00

CPC分类号： G06F9/44505 ,  G06F11/3409 ,  G06F11/3447 ,  G06F11/3452 ,  G06F2201/885

摘要： A system and method for optimizing system performance includes applying (160) sampling based optimization to identify optimal configurations of a computing system by selecting (162) a number of configuration samples and evaluating (166) system performance based on the samples. Based on feedback of evaluated samples, a location of an optimal configuration is inferred (170). Additional samples are generated (176) towards the location of the inferred optimal configuration to further optimize a system configuration.

摘要翻译： 用于优化系统性能的系统和方法包括通过基于样本选择（162）多个配置样本并且评估（166）系统性能来应用（160）基于采样的优化以识别计算系统的最优配置。 基于评估样本的反馈，推断出最佳配置的位置（170）。 生成（176）朝向推断的最佳配置的位置的附加采样以进一步优化系统配置。

公开(公告)号：EP3123669A1

公开(公告)日：2017-02-01

申请号：EP15770097.2

申请日：2015-03-24

申请人： NEC Laboratories America, Inc.

发明人： ZHANG, Hui ,  LUMEZANU, Cristian ,  RHEE, Junghwan ,  ARORA, Nipun ,  XU, Qiang ,  JIANG, Guofei

IPC分类号： H04L12/26 ,  H04L12/937

CPC分类号： H04L45/02 ,  H04L43/12 ,  H04L45/64 ,  H04L45/70

摘要： A computer implemented method for network monitoring includes providing network packet event characterization and analysis for network monitoring that includes supporting summarization and characterization of network packet traces collected across multiple processing elements of different types in a virtual network, including a trace slicing to organize individual packet events into path-based trace slices, a trace characterization to extract at least 2 types of feature matrix describing those trace slices, and a trace analysis to cluster, rank and query packet traces based on metrics of the feature matrix.

摘要翻译： 一种用于网络监测的计算机实现方法包括为网络监测提供网络分组事件表征和分析，其包括支持在虚拟网络中跨越不同类型的多个处理元件收集的网络分组跟踪的摘要和表征，包括用于组织各个分组事件的跟踪分片 基于路径的跟踪片，跟踪表征，以提取描述这些跟踪片段的至少2种类型的特征矩阵，以及基于特征矩阵的度量的集群，排序和查询分组跟踪的跟踪分析。

公开(公告)号：EP3085030A1

公开(公告)日：2016-10-26

申请号：EP14873041.9

申请日：2014-12-17

申请人： NEC Laboratories America, Inc.

发明人： ZHANG, Hui ,  ARZANI, Behnaz ,  IVANCIC, Franjo ,  RHEE, Junghwan ,  ARORA, Nipun ,  JIANG, Guofei

IPC分类号： H04L12/701 ,  H04L12/841

摘要： Methods and systems for finding a packet's routing path in a network includes intercepting control messages sent by a controller to one or more switches in a software defined network (SDN). A state of the SDN at a requested time is emulated and one or more possible routing paths through the emulated SDN is identified by replaying the intercepted control messages to one or more emulated switches in the emulated SDN. The one or more possible routing paths correspond to a requested packet injected into the SDN at the requested time.

摘要翻译： 用于在网络中查找分组的路由路径的方法和系统包括将由控制器发送的控制消息拦截到软件定义网络（SDN）中的一个或多个交换机。 仿真所请求时间的SDN的状态，并且通过在被仿真的SDN中重放截取的控制消息给一个或多个仿真开关来识别通过仿真SDN的一个或多个可能的路由路径。 一个或多个可能的路由路径对应于在所请求的时间被注入到SDN中的请求的分组。

公开(公告)号：EP3175386A1

公开(公告)日：2017-06-07

申请号：EP15827986.9

申请日：2015-07-30

申请人： NEC Laboratories America, Inc.

发明人： RHEE, Junghwan ,  FU, Yangchun ,  WU, Zhenyu ,  ZHANG, Hui ,  LI, Zhichun ,  JIANG, Guofei

IPC分类号： G06F21/56 ,  G06F21/50

CPC分类号： G06F21/52 ,  G06F21/554 ,  G06F21/60 ,  G06F2221/033

摘要： Systems and methods for detection and prevention of Return-Oriented-Programming (ROP) attacks in one or more applications, including an attack detection device and a stack inspection device for performing stack inspection to detect ROP gadgets in a stack. The stack inspection includes stack walking from a stack frame at a top of the stack toward a bottom of the stack to detect one or more failure conditions, determining whether a valid stack frame and return code address is present; and determining a failure condition type if no valid stack frame and return code is present, with Type III failure conditions indicating an ROP attack. The ROP attack is contained using a containment device, and the ROP gadgets detected in the stack during the ROP attack are analyzed using an attack analysis device.

摘要翻译： 用于在一个或多个应用中检测和防止返回导向编程（ROP）攻击的系统和方法，包括用于执行堆栈检查以检测堆栈中的ROP小配件的攻击检测设备和堆栈检查设备。 堆栈检查包括堆栈从堆栈顶部的堆栈帧向堆栈底部行进以检测一个或多个故障条件，确定是否存在有效的堆栈帧和返回码地址; 如果不存在有效的堆栈帧和返回码，则确定故障条件类型，III类故障条件指示ROP攻击。 使用遏制设备来包含ROP攻击，并且使用攻击分析设备分析在ROP攻击期间在堆栈中检测到的ROP小配件。

公开(公告)号：EP3126960A1

公开(公告)日：2017-02-08

申请号：EP15774396.4

申请日：2015-03-24

申请人： NEC Laboratories America, Inc.

发明人： ARORA, Nipun ,  RHEE, Junghwan ,  ZHANG, Hui ,  JIANG, Guofei

IPC分类号： G06F9/30 ,  G06F9/445

CPC分类号： G06F11/3466

摘要： The present invention enables capturing API level calls using a combination of dynamic instrumentation and library overriding. The invention allows event level tracing of API function calls and returns, and is able to generate an execution trace. The instrumentation is lightweight and relies on dynamic library/shared library linking mechanisms in most operating systems. Hence we need no source code modification or binary injection. The tool can be used to capture parameter values, and return values, which can be used to correlate traces across API function calls to generate transaction flow logic.

摘要翻译： 本发明能够使用动态仪器和库覆盖的组合捕获API级别的调用。 本发明允许API函数调用和返回的事件级别跟踪，并且能够生成执行跟踪。 仪器是轻量级的，并且在大多数操作系统中都依赖于动态库/共享库链接机制。 因此，我们不需要源代码修改或二进制注入。 该工具可用于捕获参数值和返回值，这些值可用于在API函数调用之间关联跟踪以生成事务流逻辑。

公开(公告)号：EP3058465A1

公开(公告)日：2016-08-24

申请号：EP14854428.1

申请日：2014-10-14

申请人： NEC Laboratories America, Inc.

发明人： RHEE, Junqhwan ,  ZHANG, Hui ,  ARORA, Nipun ,  JIANG, Guofei ,  KIM, Chung Hwan

IPC分类号： G06F11/36

CPC分类号： G06F11/3636 ,  G06F11/3419

摘要： Methods and systems for performance inference include inferring an internal application status based on a unified call stack trace that includes both user and kernel information by inferring user function instances. A calling context encoding is generated that includes information regarding function calling paths. The analysis includes performing a top-down latency breakdown and ranking calling contexts according to how costly each function calling path is.