公开(公告)号：US20110085630A1

公开(公告)日：2011-04-14

申请号：US12575850

申请日：2009-10-08

Applicant: Alexandre Gerber ,  Zhuoqing Mao ,  Feng Qian ,  Subhabrata Sen ,  Oliver Spatscheck ,  Walter Willinger

Inventor： Alexandre Gerber ,  Zhuoqing Mao ,  Feng Qian ,  Subhabrata Sen ,  Oliver Spatscheck ,  Walter Willinger

IPC: H04L7/02

CPC classification number: H04L41/14 ,  H04L43/087 ,  H04L43/16

Abstract: A packet trace is received. The packet trace is transformed into a sequence of pulse signals in a temporal domain. The sequence of pulse signals in the temporal domain is transformed into a sequence of pulse signals in a frequency domain. Peaks are detected within relevant frequency bands in the sequence of pulse signals in the frequency domain. A fundamental frequency is identified within the peaks. The fundamental frequency, which represents the TCP flow clock, is returned.

Abstract translation: 收到数据包跟踪。 分组跟踪在时域中变换成脉冲信号序列。 时域中的脉冲信号序列被变换成频域中的脉冲信号序列。 在频域中的脉冲信号序列中的相关频带内检测峰。 在峰值内确定基本频率。 返回表示TCP流时钟的基频。

公开(公告)号：US07917650B2

公开(公告)日：2011-03-29

申请号：US12283036

申请日：2008-09-09

Applicant: Kartikeya Chandrayana ,  Matthew Roughan ,  Subhabrata Sen ,  Yin Zhang

Inventor： Kartikeya Chandrayana ,  Matthew Roughan ,  Subhabrata Sen ,  Yin Zhang

IPC: G06F15/173

CPC classification number: H04L45/125 ,  H04L45/04 ,  H04L45/124 ,  H04L45/22 ,  H04L45/24 ,  H04L45/70 ,  H04L47/10 ,  H04L47/11 ,  H04L47/122 ,  H04L47/125 ,  H04L47/20

Abstract: A method for balancing traffic across paths connecting a network to the Internet using a fractional allocation strategy for distributing the traffic from a congested selected path. The strategy includes: (a) associating the paths j with a counter i; (b) calculating the total initial selected path overload; (c) calculating the selected path load, wherein the load is equal to the initial selected path overload less the sum of the low capacity boundary for i path(s); (d) calculating the portion of the traffic on the selected path to be distributed using a bi-sectional search strategy; (e) distributing a portion of the traffic on the selected path to the other paths; and (f) stopping if there are no more paths (i=j), otherwise increasing the numerical value of the counter by one (1) and go to step (c).

Abstract translation: 一种用于使用分数分配策略来平衡通过连接网络到因特网的路径之间的流量的方法，用于分配来自拥塞的所选路径的流量。 该策略包括：（a）将路径j与计数器i相关联; （b）计算总初始选择路径过载; （c）计算所选择的路径负载，其中负载等于初始选择的路径过载，减去i路径的低容量边界的和; （d）使用双向搜索策略计算要分配的所选路径上的业务部分; （e）将所选路径上的一部分业务分发到其他路径; 和（f）如果没有更多的路径（i = j）停止，否则将计数器的数值增加1（1）并转到步骤（c）。

公开(公告)号：US20110004932A1

公开(公告)日：2011-01-06

申请号：US12387931

申请日：2009-05-08

Applicant: Oliver Spatscheck ,  Subhabrata Sen

Inventor： Oliver Spatscheck ,  Subhabrata Sen

IPC: G06F21/20

CPC classification number: H04L63/0236 ,  H04L29/12367 ,  H04L29/12575 ,  H04L61/2514 ,  H04L61/2592

Abstract: A NAT device and method implemented on the device for filtering tunneled IPv6 traffic is disclosed. The method comprises: receiving an IP traffic stream at an ingress network interface to the NAT, performing deep packet inspection on the traffic stream to detect the tunneled IPv6 packets, and applying a filter to the IPv6 packets.

Abstract translation: 公开了一种在设备上实现的用于过滤隧道IPv6业务的NAT设备和方法。 该方法包括：在到达NAT的入口网络接口接收IP业务流，对业务流执行深度报文检测，检测隧道IPv6报文，并对IPv6报文应用过滤。

公开(公告)号：US20100240618A1

公开(公告)日：2010-09-23

申请号：US12555650

申请日：2009-09-08

Applicant: Andrew M.K. Pennell ,  James B. Aggen ,  J.J. Kim Wright ,  Subhabrata Sen ,  Brian E. McMaster ,  Daniel Joseph Dairaghi ,  Wei Chen ,  Penglie Zhang

Inventor： Andrew M.K. Pennell ,  James B. Aggen ,  J.J. Kim Wright ,  Subhabrata Sen ,  Brian E. McMaster ,  Daniel Joseph Dairaghi ,  Wei Chen ,  Penglie Zhang

IPC: A61K31/655 ,  A61K31/551 ,  A61K31/5377 ,  A61K31/496 ,  A61K31/506 ,  A61K31/4709 ,  C07C245/04 ,  C07D413/14 ,  C07D473/00 ,  C07D403/14 ,  C07D401/14 ,  C07D403/12 ,  A61P37/06 ,  A61P29/00

CPC classification number: C07D403/04 ,  A61K31/496 ,  A61K31/497 ,  A61K31/501 ,  A61K31/506 ,  A61K31/52 ,  A61K31/53 ,  A61K31/5377 ,  A61K45/06 ,  C07D231/12 ,  C07D231/14 ,  C07D231/16 ,  C07D231/18 ,  C07D231/38 ,  C07D231/56 ,  C07D233/61 ,  C07D235/06 ,  C07D235/16 ,  C07D249/08 ,  C07D249/14 ,  C07D257/04 ,  C07D401/04 ,  C07D401/12 ,  C07D401/14 ,  C07D403/06 ,  C07D403/12 ,  C07D405/04 ,  C07D407/04 ,  C07D409/04 ,  C07D413/04 ,  C07D413/12 ,  C07D417/04 ,  C07D471/04 ,  C07D473/34 ,  A61K2300/00

Abstract: Compounds are provided that act as potent antagonists of the CCR1 receptor, and have in vivo anti-inflammatory activity. The compounds are generally aryl piperazine derivatives and are useful in pharmaceutical compositions, methods for the treatment of CCR1-mediated diseases, and as controls in assays for the identification of competitive CCR1 antagonists.

Abstract translation: 提供了作为CCR1受体的有效拮抗剂并具有体内抗炎活性的化合物。 化合物通常为芳基哌嗪衍生物，并且可用于药物组合物，用于治疗CCR1介导的疾病的方法，以及用于鉴定竞争性CCR1拮抗剂的测定中的对照。

公开(公告)号：US20100198959A1

公开(公告)日：2010-08-05

申请号：US11275083

申请日：2005-12-08

Applicant: Patrick McDaniel ,  Subhabrata Sen ,  Oliver Spatschek ,  Jacobus E. Van de Merwe

Inventor： Patrick McDaniel ,  Subhabrata Sen ,  Oliver Spatschek ,  Jacobus E. Van de Merwe

IPC: G06F15/173 ,  G06F15/16

CPC classification number: H04L63/14 ,  H04L63/102 ,  H04L67/306

Abstract: The current invention relates to a system and method for tracking or locating a target entity on a data network, such as the public Internet, by analyzing network traffic and communication among interacting network nodes. The invention describes a system of creating an information set of data related to the traffic patterns associated with a specific entity over a time period, and comparing the information set to other information related to the traffic patterns associated with a group of entities over the same time period. By excluding information that is common to both the specific entity and the group of entities from the information set, the information set is left with only the information that helps identify the specific entity on the network.

Abstract translation: 本发明涉及一种用于通过分析网络流量和交互网络节点之间的通信来跟踪或定位数据网络（例如公共因特网）上的目标实体的系统和方法。 本发明描述了一种在一段时间内创建与特定实体相关联的流量模式的数据信息集合的系统，并且将信息集与同一时间内与一组实体相关联的流量模式相关的其他信息进行比较 期。 通过从信息集中排除特定实体和实体组共同的信息，信息集只剩下有助于识别网络上特定实体的信息。

公开(公告)号：US20100157809A1

公开(公告)日：2010-06-24

申请号：US12343007

申请日：2008-12-23

Applicant: Nicholas Duffield ,  Lee M. Breslau ,  Cheng Ee ,  Alexandre Gerber ,  Carsten Lund ,  Subhabrata Sen

Inventor： Nicholas Duffield ,  Lee M. Breslau ,  Cheng Ee ,  Alexandre Gerber ,  Carsten Lund ,  Subhabrata Sen

IPC: G06F11/30

CPC classification number: H04L43/026 ,  H04L43/024 ,  Y02D50/30

Abstract: Disclosed herein are systems, computer-implemented methods, and computer-readable media for sampling network traffic. The method includes receiving a desired quantity of flow record to sample, receiving a plurality of network flow record each summarizing a network flow of packets, calculating a hash for each flow record of based on one or more invariant part of a respective flow, generating a quasi-random number from the calculated hash for each respective flow record, generating a priority from the calculated hash for each respective flow record, and sampling exactly the desired quantity of flow records, selecting flow records having a highest priority first. In one aspect, the method further partitions the plurality of flow records into groups based on flow origin and destination, generates an individual priority for each partitioned group, and separately samples exactly the desired quantity of flow records from each partitioned group, selecting flows having a highest individual priority first.

Abstract translation: 本文公开了系统，计算机实现的方法和用于对网络业务进行采样的计算机可读介质。 该方法包括接收所需数量的流记录到采样中，接收多个网络流记录，每个汇总分组的网络流，基于相应流的一个或多个不变部分计算每个流记录的散列， 从每个相应流记录的计算散列中产生准随机数，从每个相应流记录的计算散列生成优先级，并精确地采样所需数量的流记录，首先选择具有最高优先级的流记录。 在一个方面，该方法还基于流源和目的地进一步将多个流记录划分为组，为每个分区组生成一个单独的优先级，并且从每个分区组中分别精确地采集所需数量的流记录，选择具有 最高个人优先。

公开(公告)号：US20100150005A1

公开(公告)日：2010-06-17

申请号：US12335868

申请日：2008-12-16

Applicant: Alexandre Gerber ,  Lee Breslau ,  Subhabrata Sen ,  Nicholas Duffield ,  Carsten Lund ,  Cheng Ee ,  Amogh Dhamdhere

Inventor： Alexandre Gerber ,  Lee Breslau ,  Subhabrata Sen ,  Nicholas Duffield ,  Carsten Lund ,  Cheng Ee ,  Amogh Dhamdhere

IPC: H04L12/26 ,  H04L12/56

CPC classification number: H04L12/56 ,  H04L41/12 ,  H04L45/70

Abstract: A system and method to use network flow records to generate information about changes in network routing and to understand the impact of these changes on network traffic. The inferences made can be determinative, if sufficient information is available. If sufficient information is not available to make determinative inferences, inferences may be made that narrow the range of possible changes that may have occurred to network traffic and the underlying network.

Abstract translation: 一种使用网络流记录生成有关网络路由更改的信息并了解这些更改对网络流量的影响的系统和方法。 如果有足够的信息可用，所做的推论可以是决定性的。 如果没有足够的信息可用于作出决定性推论，可以推测可能缩小网络流量和底层网络可能发生的可能变化的范围。

公开(公告)号：US20100138555A1

公开(公告)日：2010-06-03

申请号：US12325703

申请日：2008-12-01

Applicant: Alexandre Gerber ,  Oliver Spatscheck ,  Subhabrata Sen ,  Ajay Todimala

Inventor： Alexandre Gerber ,  Oliver Spatscheck ,  Subhabrata Sen ,  Ajay Todimala

IPC: G06F15/16

CPC classification number: H04L12/66

Abstract: A method includes identifying shared content by inspecting a peer-to-peer traffic flow and identifying source peers providing the shared content, and requesting the shared content from the source peers. The method further includes receiving requests for the shared content from requesting peers, identifying requesting peers based on the requests for the shared content, and providing the shared content to a local subset of the requesting peers.

Abstract translation: 一种方法包括通过检查对等业务流和识别提供共享内容的源对等体以及从源对等体请求共享内容来识别共享内容。 该方法还包括从请求对等体接收对共享内容的请求，基于对共享内容的请求来识别请求对等体，以及将共享内容提供给请求对等体的本地子集。

公开(公告)号：US20100020688A1

公开(公告)日：2010-01-28

申请号：US12180309

申请日：2008-07-25

Applicant: Oliver Spatscheck ,  Subhabrata Sen ,  Bill Lin ,  Jerry Chou

Inventor： Oliver Spatscheck ,  Subhabrata Sen ,  Bill Lin ,  Jerry Chou

IPC: H04J1/16

CPC classification number: H04L47/10 ,  H04L47/20 ,  H04L47/31 ,  H04L47/32 ,  H04L47/521 ,  H04L63/1458 ,  H04L2463/141

Abstract: A system for protecting a network from a traffic surge includes a data collection module, an allocation module, and a traffic flow module. The data collection module is configured to obtain network utilization information for a plurality of traffic flows. The allocation module is configured to determine a bandwidth allocation to minimize a drop probability for the plurality of traffic flows. The traffic flow module is configured to preferentially drop network packets for a traffic flow exceeding the optimal bandwidth allocation.

Abstract translation: 用于保护网络免受流量波动的系统包括数据收集模块，分配模块和业务流模块。 数据采集​​模块被配置为获得多个业务流的网络利用信息。 分配模块被配置为确定带宽分配以最小化多个业务流的丢弃概率。 流量模块配置为优先丢弃超过最优带宽分配的业务流的网络报文。

公开(公告)号：US20090296714A1

公开(公告)日：2009-12-03

申请号：US12130329

申请日：2008-05-30

Applicant: Alexandre Gerber ,  Subhabrata Sen ,  Carsten Lund ,  Dan Pei ,  MohammadTaghi Hajiaghayi ,  Changhoon Kim

Inventor： Alexandre Gerber ,  Subhabrata Sen ,  Carsten Lund ,  Dan Pei ,  MohammadTaghi Hajiaghayi ,  Changhoon Kim

IPC: H04L12/66 ,  H04L12/56

CPC classification number: H04L45/00 ,  H04L12/4641 ,  H04L45/50

Abstract: Example scalable multi-protocol label switching (MPLS) based virtual private networks (VPNs) and methods to implement the same are disclosed. A disclosed example spoke provider edge (PE) router for an MPLS-based VPN includes a truncated virtual routing and forwarding (VRF) table containing a first value referencing a hub PE router and a second value referencing a first customer edge (CE) router coupled to the VPN via the PE router, and a forwarding module to forward a packet received from the first CE router to the hub PE router when the packet contains an address referencing a second CE router coupled to the VPN via a second spoke PE router.

Abstract translation: 披露了基于虚拟专用网（VPN）的可扩展多协议标签交换（MPLS）示例及其实现方法。 用于基于MPLS的VPN的公开的示例性分支提供商边缘（PE）路由器包括截断的虚拟路由和转发（VRF）表，其包含引用集线器PE路由器的第一值，以及引用耦合的第一客户边缘（CE）路由器的第二值 通过PE路由器到VPN，以及转发模块，用于当分组包含参考经由第二辐条PE路由器耦合到VPN的第二CE路由器的地址时，将从第一CE路由器接收的分组转发到集线器PE路由器。