-
公开(公告)号:US10742486B2
公开(公告)日:2020-08-11
申请号:US15864565
申请日:2018-01-08
Applicant: Cisco Technology, Inc.
Inventor: Grégory Mermoud , Abhishek Kumar , Jean-Philippe Vasseur
IPC: H04L12/24
Abstract: In one embodiment, a network assurance system discretizes parameter values of a plurality of time series of measurements obtained from a monitored network by assigning tags to the parameter values. The network assurance system detects occurrences of a particular type of failure event in the monitored network. The network assurance system identifies a set of the assigned tags that frequently co-occur with the occurrences of the particular type of failure event. The network assurance system determines, using a Bayesian framework, rankings for the tags in the identified set based on how well each of the tags acts as a predictor of the failure event. The network assurance system initiates performance of a corrective measure for the failure event based in part on the determined rankings for the tags in the identified set.
-
公开(公告)号:US10735274B2
公开(公告)日:2020-08-04
申请号:US15880992
申请日:2018-01-26
Applicant: Cisco Technology, Inc.
Inventor: Sharon Shoshana Wulff , Grégory Mermoud , Jean-Philippe Vasseur
Abstract: In one embodiment, a network assurance service applies labels to feature vectors of network characteristics associated with a plurality of wireless access points in the network. An applied label for a feature vector indicates whether the access point associated with the feature vector experienced a threshold number of onboarding delays within a given time window. The service, based on the feature vectors and labels, trains a plurality of machine learning-based classifiers to predict onboarding delays, and uses one or more of the trained plurality of classifiers to predict onboarding delays for a particular access point. The service calculates one or more classifier performance metrics for the one or more classifiers based on the predicted onboarding delays for the particular access point. The service selects a particular one of the classifiers to monitor the network characteristics associated with the particular access point, based on the one or more classifier performance metrics.
-
公开(公告)号:US20200162425A1
公开(公告)日:2020-05-21
申请号:US16194666
申请日:2018-11-19
Applicant: Cisco Technology, Inc.
Inventor: Jean-Philippe Vasseur , Grégory Mermoud , Pierre-André Savalle
IPC: H04L29/12 , H04L12/26 , H04L12/24 , H04L12/851
Abstract: In one embodiment, a labeling service receives telemetry data for a cluster of endpoint devices in a first network environment. The endpoint devices in the cluster are clustered by a device classification service based on their telemetry data and labeled by a device type classifier of the device classification service as being of an unknown device type. The labeling service obtains a first device type label for the cluster of endpoint devices via a first user interface. The labeling service identifies one or more other network environments in which endpoint devices are located that have similar telemetry data as that of the cluster of endpoint devices. The labeling service obtains device type labels for the cluster of endpoint devices via a selected set of user interfaces from the identified one or more other network environments. The labeling service validates the first device type label for the cluster using the device type labels obtained via the selected set of user interfaces from the identified one or more other network environments.
-
公开(公告)号:US20200151616A1
公开(公告)日:2020-05-14
申请号:US16185086
申请日:2018-11-09
Applicant: Cisco Technology, Inc.
Inventor: Grégory Mermoud , Jean-Philippe Vasseur , Pierre-André Savalle
Abstract: In one embodiment, a device classification service receives a plurality of device classification rulesets, each ruleset associating a set of device characteristics with a device type label. The device classification service forms a unified ruleset by resolving a conflict between conflicting device characteristics from two or more of the device classification rulesets. The device classification service trains a machine learning-based device classifier using the unified ruleset. The device classification service classifies, using telemetry data for a device in a network as input to the trained device classifier, the device with the device type label.
-
公开(公告)号:US10484406B2
公开(公告)日:2019-11-19
申请号:US14990064
申请日:2016-01-07
Applicant: Cisco Technology, Inc.
Inventor: Jean-Philippe Vasseur , Grégory Mermoud , Sukrit Dasgupta , Xav Laumonier
Abstract: In one embodiment, a first device in a network maintains raw traffic flow information for the network. The first device provides a compressed summary of the raw traffic flow information to a second device in the network. The second device is configured to transform the compressed summary for presentation to a user interface. The first device detects an anomalous traffic flow based on an analysis of the raw traffic flow information using a machine learning-based anomaly detector. The first device provides at least a portion of the raw traffic flow information related to the anomalous traffic flow to the second device for presentation to the user interface.
-
Patent Agency Ranking
116.发明授权公开(公告)号:US10484255B2
公开(公告)日:2019-11-19
申请号:US15626412
申请日:2017-06-19
Applicant: Cisco Technology, Inc.
Inventor: Andrea Di Pietro , Grégory Mermoud , Jean-Philippe Vasseur , Sukrit Dasgupta
IPC: H04L12/26 , H04L29/06 , G06F16/2457 , H04L12/24 , G06N20/00
Abstract: In one embodiment, a device receives health status data indicative of a health status of a data source in a network that provides collected telemetry data from the network for analysis by a machine learning-based network analyzer. The device maintains a performance model for the data source that models the health of the data source. The device computes a trustworthiness index for the telemetry data provided by the data source based on the received health status data and the performance model for the data source. The device adjusts, based on the computed trustworthiness index for the telemetry data provided by the data source, one or more parameters used by the machine learning-based network analyzer to analyze the telemetry data provided by the data source.
-
公开(公告)号:US10469511B2
公开(公告)日:2019-11-05
申请号:US15211093
申请日:2016-07-15
Applicant: Cisco Technology, Inc.
Inventor: Jean-Philippe Vasseur , Grégory Mermoud , Javier Cruz Mota , Laurent Sartran , Sébastien Gay
Abstract: In one embodiment, a device in a network receives feedback regarding an anomaly reporting mechanism used by the device to report network anomalies detected by a plurality of distributed learning agents to a user interface. The device determines an anomaly assessment rate at which a user of the user interface is expected to assess reported anomalies based in part on the feedback. The device receives an anomaly notification regarding a particular anomaly detected by a particular one of the distributed learning agents. The device reports, via the anomaly reporting mechanism, the particular anomaly to the user interface based on the determined anomaly assessment rate.
-
公开(公告)号:US10404727B2
公开(公告)日:2019-09-03
申请号:US15176678
申请日:2016-06-08
Applicant: Cisco Technology, Inc.
Inventor: Jean-Philippe Vasseur , Sébastien Gay , Grégory Mermoud , Pierre-André Savalle , Alexandre Honoré , Fabien Flacher
Abstract: In one embodiment, a networking device at an edge of a network generates a first set of feature vectors using information regarding one or more characteristics of host devices in the network. The networking device forms the host devices into device clusters dynamically based on the first set of feature vectors. The networking device generates a second set of feature vectors using information regarding traffic associated with the device clusters. The networking device models interactions between the device clusters using a plurality of anomaly detection models that are based on the second set of feature vectors.
-
公开(公告)号:US10389606B2
公开(公告)日:2019-08-20
申请号:US15211158
申请日:2016-07-15
Applicant: Cisco Technology, Inc.
Inventor: Laurent Sartran , Grégory Mermoud
IPC: H04L12/26 , H04L12/723 , H04L29/06 , H04L29/12 , H04L12/24
Abstract: In one embodiment, a device in a network identifies a plurality of traffic records as anomalous. The device matches each of the plurality of traffic records to one or more anomalies using one or more anomaly graphs. A particular anomaly graph represents hosts in the network as vertices in the graph and communications between hosts as edges in the graph. The device applies one or more ordering rules to the traffic records, to uniquely associate each traffic record to an anomaly in the one or more anomalies. The device sends an anomaly notification for a particular anomaly that is based on the traffic records associated with the particular anomaly.
-
公开(公告)号:US10346277B2
公开(公告)日:2019-07-09
申请号:US15782088
申请日:2017-10-12
Applicant: Cisco Technology, Inc.
Inventor: Grégory Mermoud , Jean-Philippe Vasseur , Pierre-André Savalle
Abstract: In one embodiment, a node in a network reports, to a supervisory service, histograms of application-specific throughput metrics measured from the network. The node receives, from the supervisory service, a merged histogram of application-specific throughput metrics. The supervisory service generated the merged histogram based on a plurality of histograms reported to the supervisory service by a plurality of nodes. The node performs, using the merged histogram, application throughput anomaly detection on traffic in the network. The node causes performance of a mitigation action in the network when an application throughput anomaly is detected. The node adjusts, based on a control command sent by the supervisory service, a histogram reporting strategy used by the node to report the histograms of application-specific throughput metrics to the supervisory service.
-
-
-
-
-
-
-
-
-
Search Results
401
records
(took 0.026 seconds)
