公开(公告)号：US20230328032A1

公开(公告)日：2023-10-12

申请号：US17714207

申请日：2022-04-06

Applicant: MELLANOX TECHNOLOGIES, LTD.

Inventor： Chen Rozenbaum ,  Shaul Arazi ,  Shahaf Shuler ,  Gary Mataev

IPC: H04L9/40 ,  H04L69/22

CPC classification number: H04L63/0236 ,  H04L63/0263 ,  H04L63/20 ,  H04L69/22

Abstract: In one embodiment, a data communication device includes a network interface controller to process packets received from at least one of a host device for sending over a network, and at least one remote device over the network, at least one processor to execute computer instructions to receive a configuration, and extract filtering rules from the configuration, and at least one hardware accelerator to receive the filtering rules from the at least one processor, and filter the packets based on the rules so that some of the packets are dropped and some of the packets are forwarded to the at least one processor to send data based on the forwarded packets to another device.

公开(公告)号：US12069069B2

公开(公告)日：2024-08-20

申请号：US17347353

申请日：2021-06-14

Applicant: Mellanox Technologies Ltd.

Inventor： Yair Chasdai ,  David Daniel Pilnik ,  Liran Daniel ,  Gary Mataev

IPC: H04L9/40 ,  G06N5/04 ,  G06N20/00

CPC classification number: H04L63/1416 ,  G06N5/04 ,  G06N20/00

Abstract: Devices and methods to identify malicious usage of a network device. In at least one embodiment, a network device comprises circuitry for performing a networking function and collecting telemetry data indicative of the performance of the networking function. The network device obtains an inference of a network traffic pattern using a machine learning model, and responds to the inference.

公开(公告)号：US20250097261A1

公开(公告)日：2025-03-20

申请号：US18369714

申请日：2023-09-18

Applicant: Mellanox Technologies, Ltd.

Inventor： Chen Rozenbaum ,  Gary Mataev ,  Ran Sandhaus ,  Hanan Shteingart

IPC: H04L9/40 ,  H04L41/16

Abstract: Apparatuses, systems, and techniques for detecting that a host device is subject to a distributed denial of service (DDOS) attack using a machine learning (ML) detection system are described. A computing system includes a switch with port interfaces, a central processing unit (CPU) that implements a machine learning (ML) detection system, and network monitoring logic. The network monitoring logic can extract features from network data and send the extracted features to the ML detection system. The ML detection system determines whether the host device is subject to a DDOS attack using the extracted features. The ML detection system can send an alert to the host device responsive to a determination that the host device is subject to the DDOS attack.

公开(公告)号：US20240039849A1

公开(公告)日：2024-02-01

申请号：US17875999

申请日：2022-07-28

Applicant: Mellanox Technologies, Ltd.

Inventor： Michael Weiner ,  Avi Urman ,  Gary Mataev ,  Idan Burstein

IPC: H04L47/125 ,  H04W28/08 ,  H04L47/32

CPC classification number: H04L47/125 ,  H04W28/08 ,  H04L47/32

Abstract: Methods, systems, and computer program products for selecting packing processing cores are provided. An example system includes a plurality of packet processing cores and a load balancing unit communicatively connected to the plurality of packet processing cores. The load balancing unit is configured to receive a workflow packet including packet description data indicative of at least a packet structure and a packet priority and receive, from the plurality of packet processing cores, state data indicative of at least a utilization state and an operating state of each of the respective packet processing cores. The load balancing unit determines a selected packet processing core from amongst the plurality of packet processing cores based on the state data of the packet processing core and the packet description data of the workflow packet and transmits the workflow packet to the selected packet processing core.

公开(公告)号：US20250097260A1

公开(公告)日：2025-03-20

申请号：US18369710

申请日：2023-09-18

Applicant: Mellanox Technologies, Ltd.

Inventor： Chen Rozenbaum ,  Gary Mataev

IPC: H04L9/40 ,  H04L41/16

Abstract: Apparatuses, systems, and techniques for detecting that a host device is subject to a distributed denial of service (DDOS) attack using a machine learning (ML) detection system are described. A computing system includes a data processing unit (DPU) with a network interface and a hardware acceleration engine. The DPU hosts a hardware-accelerated security service to extract features from network data and metadata from the hardware acceleration engine and sends the extracted features to the ML detection system. The ML detection system determines whether the host device is subject to a DDOS attack using the extracted features. The ML detection system can send an enforcement rule to the hardware acceleration engine responsive to a determination that the host device is subject to the DDOS attack.

公开(公告)号：US12231401B2

公开(公告)日：2025-02-18

申请号：US17714207

申请日：2022-04-06

Applicant: MELLANOX TECHNOLOGIES, LTD.

Inventor： Chen Rozenbaum ,  Shaul Arazi ,  Shahaf Shuler ,  Gary Mataev

IPC: H04L9/40 ,  H04L69/22

Abstract: In one embodiment, a data communication device includes a network interface controller to process packets received from at least one of a host device for sending over a network, and at least one remote device over the network, at least one processor to execute computer instructions to receive a configuration, and extract filtering rules from the configuration, and at least one hardware accelerator to receive the filtering rules from the at least one processor, and filter the packets based on the rules so that some of the packets are dropped and some of the packets are forwarded to the at least one processor to send data based on the forwarded packets to another device.

公开(公告)号：US20240340295A1

公开(公告)日：2024-10-10

申请号：US18747252

申请日：2024-06-18

Applicant: Mellanox Technologies, Ltd.

Inventor： Yair Chasdai ,  David Daniel Pilnik ,  Liran Daniel ,  Gary Mataev

IPC: H04L9/40 ,  G06N5/04 ,  G06N20/00

CPC classification number: H04L63/1416 ,  G06N5/04 ,  G06N20/00

Abstract: Devices and methods to identify malicious usage of a network device. In at least one embodiment, a network device comprises circuitry for performing a networking function and collecting telemetry data indicative of the performance of the networking function. The network device obtains an inference of a network traffic pattern using a machine learning model, and responds to the inference.

公开(公告)号：US20220400124A1

公开(公告)日：2022-12-15

申请号：US17347353

申请日：2021-06-14

Applicant: Mellanox Technologies Ltd.

Inventor： Yair Chasdai ,  David Daniel Pilnik ,  Liran Daniel ,  Gary Mataev

IPC: H04L29/06 ,  G06N20/00 ,  G06N5/04

Abstract: Devices and methods to identify malicious usage of a network device. In at least one embodiment, a network device comprises circuitry for performing a networking function and collecting telemetry data indicative of the performance of the networking function. The network device obtains an inference of a network traffic pattern using a machine learning model, and responds to the inference.