公开(公告)号：US20210006567A1

公开(公告)日：2021-01-07

申请号：US16459732

申请日：2019-07-02

Applicant: Cisco Technology, Inc.

Inventor： Yaron Sella ,  Kevin Holcomb ,  Raghuram S. Sudhaakar

IPC: H04L29/06 ,  H03M13/09 ,  H04L12/40

Abstract: In one embodiment, a sender node in a serial network identifies a message identifier for a packet to be sent by the sender node. The sender node selects a cyclical redundancy check (CRC) initialization vector associated with the message identifier. The sender node generates a CRC value for the packet, based on the selected initialization vector. The sender node sends the packet via the serial network. The sent packet includes the message identifier and the generated CRC value. In turn, a receiver node that receives the packet uses the generated CRC value to authenticate the sender node.

公开(公告)号：US20180024893A1

公开(公告)日：2018-01-25

申请号：US15218342

申请日：2016-07-25

Applicant: Cisco Technology, Inc.

Inventor： Yaron Sella ,  Yigal Reiss ,  Len Sundy ,  Yair Mirsky

IPC: G06F11/14 ,  G06F21/55 ,  G06N7/00

CPC classification number: G06F11/1458 ,  G06F21/554 ,  G06F21/56 ,  G06F2221/034 ,  G06N7/005

Abstract: In one embodiment, a method for ransomware-aware file backup is implemented on a computing device and includes: backing up a target population of files from a target file location in a backup transaction, computing a backup delta score for the backup transaction, where the computing comprises comparing backup data from the backup transaction with backup data from a previous backup transaction, determining whether the computer backup delta score exceeds a pre-defined threshold, and upon the computed backup delta score exceeding the pre-defined threshold: determining that the backup transaction is indicative of a ransomware infection, and performing at least one counter-measure in response to the ransomware infection.

公开(公告)号：US20170293647A1

公开(公告)日：2017-10-12

申请号：US15096297

申请日：2016-04-12

Applicant: Cisco Technology, Inc.

Inventor： Yaron Sella ,  Michal Devir ,  Harel Cain

IPC: G06F17/30 ,  H04N19/467

CPC classification number: G06F17/30336 ,  H03M7/30 ,  H03M7/3091 ,  H03M7/3093 ,  H03M7/4093 ,  H04N19/467

Abstract: In one embodiment a system, apparatus, and method for optimizing index value lengths when indexing data items in an array of data items is described, the method including producing, at a first processor, an ordered series of index values, sending the ordered series of index values to an indexing processor, receiving, at the indexing processor, a data object including the array of data items, associating, at the indexing processor, a first part of one of the index values with a first one data item of the array of data items, associating, at the indexing processor, a second part of the one of the index values with a next one data item of the array of data items, repeating the steps of associating a first part of one of the index values and associating a second part of the one of the index values until all of the data items in the array of data items are indexed.

公开(公告)号：US09713070B1

公开(公告)日：2017-07-18

申请号：US15239874

申请日：2016-08-18

Applicant: Cisco Technology, Inc.

Inventor： Harel Cain ,  Michal Devir ,  Yaron Sella ,  Andrew Sinton

IPC: H04W48/10 ,  H04W4/02

CPC classification number: H04W48/10 ,  H04W4/021

Abstract: In one embodiment, a system includes a control word processor to generate first regional-specific control word formation data items (RSCWFDI), for a first geographical sub-region of a primary geographical region which includes different geographical sub-regions, for use over cryptoperiods, the first RSCWFDI being used in generating control words in receiver-decoder devices, an encryption engine to encrypt content with the control words over the cryptoperiods yielding encrypted content, a first transmission apparatus to broadcast the first RSCWFDI and the encrypted content in the primary geographic region, and a communication interface to share data about second RSCWFDI of the first geographical sub-region with at least one regional transmission apparatus of the first geographical sub-region operative to broadcast the second RSCWFDI of the geographical sub-region in the geographical sub-region, wherein each control word may be generated in the receiver-decoder devices using one of first and one second RSCWFDI.

公开(公告)号：US09137010B2

公开(公告)日：2015-09-15

申请号：US14153387

申请日：2014-01-13

Applicant: Cisco Technology Inc.

Inventor： Yaron Sella ,  Harel Cain ,  Michal Devir

IPC: H04L9/08 ,  H04N1/32 ,  G06F21/22

CPC classification number: H04L9/0816 ,  H04L9/065 ,  H04L2209/24 ,  H04L2209/30 ,  H04L2209/608 ,  H04N1/32144 ,  H04N2201/3236 ,  H04N2201/3281 ,  H04N2201/3284

Abstract: In one embodiment, a system including a processor is operative to receive a content item including a watermark encoding a series of encrypted bits deriving from encrypting an information element multiple times, extract at least some encrypted bits from at least part of the watermark, decrypt a series of N bits using a first key yielding a first value, the series of N bits including Q bits of the encrypted bits and K, greater than, or equal to zero, guessed bits, re-encrypt the first value using a second key yielding a second value, and compare at least part of the second value to M bits of the encrypted bits to determine if at least part of the second value matches the M bits in order to provide a level of confidence that the first value is the information element which was encrypted and embedded as the watermark.

Abstract translation: 在一个实施例中，包括处理器的系统可操作以接收包含编码从多个信息元素加密得出的一系列加密比特的水印的内容项，从至少部分水印中提取至少一些加密比特，解密 使用产生第一值的第一密钥的N个比特序列，包括加密比特的Q比特的N个比特序列以及大于或等于零的猜测比特，使用第二个密钥对第一个密钥进行加密 第二值，并将第二值的至少一部分与加密比特的M比特进行比较，以确定第二值的至少一部分是否与M比特匹配，以便提供第一值是信息元素的置信度 它被加密并嵌入水印。

公开(公告)号：US20150227760A1

公开(公告)日：2015-08-13

申请号：US14176400

申请日：2014-02-10

Applicant: Cisco Technology Inc.

Inventor： Yaron Sella ,  Harel Cain ,  Michal Devir

IPC: G06F21/64 ,  G06F21/62

CPC classification number: G06F21/64 ,  G06F21/10 ,  G06F21/6209 ,  G06T1/005 ,  G06T2201/0063 ,  G09C5/00 ,  H04L9/3226 ,  H04L9/3236

Abstract: In one embodiment, a system including a processor is operative to receive a content item including a watermark encoding a series of data values of an output stream of a linear feedback shift register initialized with a seed including an information element and an assurance value, the shift register having a plurality of states each including a first and second value, identify at least part of the watermark in the content item, extract at least some of the data values from the at least part of the identified watermark, process at least some of the extracted data values yielding the initial state of shift register, and authenticate the first value of the initial state using the second value of the initial state in order to confirm that the first value is indeed the information element included in the seed processed by the shift register.

Abstract translation: 在一个实施例中，包括处理器的系统可操作以接收内容项目，该内容项目包括编码由包括信息元素和保证值的种子初始化的线性反馈移位寄存器的输出流的一系列数据值的水印， 具有多个状态的寄存器，每个状态包括第一和第二值，识别内容项中的水印的至少一部分，从所识别的水印的至少一部分中提取至少一些数据值，处理至少一些 提取的数据值产生移位寄存器的初始状态，并且使用初始状态的第二值来认证初始状态的第一值，以便确认第一值确实是包括在由移位寄存器处理的种子中的信息元素 。

公开(公告)号：US08751821B2

公开(公告)日：2014-06-10

申请号：US13774578

申请日：2013-02-22

Applicant: Cisco Technology, Inc.

Inventor： Itsik Mantin ,  Perry Smith ,  Yaron Sella ,  Erez Waisbard

IPC: H04L29/06 ,  G06F21/55 ,  G06F21/62 ,  G06F21/57 ,  G06F21/78 ,  H04L9/08 ,  H04L9/30

CPC classification number: G06F21/6218 ,  G06F21/55 ,  G06F21/554 ,  G06F21/575 ,  G06F21/62 ,  G06F21/78 ,  G06F2221/2143 ,  G11B20/00086 ,  G11B20/00666 ,  G11B20/00826 ,  H04L9/0886 ,  H04L9/0894 ,  H04L9/30 ,  H04N9/8205

Abstract: A method and system for securing a read write storage (RWS) device, the method comprising, providing the RWS device, the RWS device comprising a controller comprising a processor and a bit bucket storing data, and employing the controller to corrupt at least a portion of the data.

Abstract translation: 一种用于保护读写存储（RWS）设备的方法和系统，所述方法包括：提供所述RWS设备，所述RWS设备包括控制器，所述RWS设备包括控制器，所述控制器包括处理器和存储数据的位桶，并且使用所述控制器将至少一部分 的数据。

公开(公告)号：US11019086B2

公开(公告)日：2021-05-25

申请号：US16374932

申请日：2019-04-04

Applicant: Cisco Technology, Inc.

Inventor： Steve Epstein ,  Avi Fruchter ,  Moshe Kravchik ,  Yaron Sella ,  Itay Harush

IPC: H04L29/06 ,  G06N20/00 ,  H04L12/28 ,  H04W4/12

Abstract: A system includes a network gateway in communication with a plurality of servers, a household behavior model processor which models a household behavior model based at least on expected usage of each of a plurality of network appliances, wherein each one appliance of the plurality of network appliances is associated with one of the plurality of servers, and behavior of users associated with the network gateway, an anomaly detector which determines, on the basis of the household behavior model, if an anomalous control message which has been sent to one of the plurality of network appliances from one of the servers has been received at the network gateway, and a notification server which sends a notification to an application on an administrator's device upon receipt of the anomalous control message at the network gateway. Related systems, apparatus, and methods are also described.

公开(公告)号：US10887808B1

公开(公告)日：2021-01-05

申请号：US16739861

申请日：2020-01-10

Applicant: Cisco Technology, Inc.

Inventor： Andrew Michael McPhee ,  Kevin William Holcomb ,  Yaron Sella ,  Joel Abraham Obstfeld

IPC: H04W36/14 ,  H04W4/40 ,  G06N20/00 ,  H04W36/30 ,  H04W36/32 ,  H04W4/70 ,  H04W40/20 ,  H04W4/02 ,  H04W4/46 ,  H04W76/14 ,  H04W4/029 ,  H04W16/28 ,  H04W24/10 ,  H04W76/27 ,  H04W36/08 ,  H04L1/20 ,  H04B7/022 ,  H04B7/02 ,  H04B7/0404 ,  H04B7/0413 ,  H04B7/0408 ,  H04B7/0491 ,  H04B7/08 ,  H04B7/22 ,  H04B7/06 ,  H04B7/10 ,  H04B7/12 ,  H04W16/32 ,  H04W16/18 ,  H04W16/22 ,  H04W16/26 ,  H04W16/14 ,  H04W16/24 ,  H04W36/00 ,  H04L5/00 ,  H04L1/06

Abstract: In one embodiment, a vehicle having a plurality of network interfaces communicates with a first communication network via a first one of the network interfaces. The vehicle receives performance data regarding the first communication network and one or more other communication network, wherein the received performance data is associated with a particular location. The vehicle determines in advance of arriving at the particular location that the vehicle should switch from communicating with the first communication network to communicating with a selected one of the one or more other communication network, based on the received performance data. At the particular location, the vehicle switches from communicating with the first communication network via the first network interface to communicating with the selected communication network via a second one of the plurality of network interfaces.

公开(公告)号：US20200327232A1

公开(公告)日：2020-10-15

申请号：US16379532

申请日：2019-04-09

Applicant: Cisco Technology, Inc.

Inventor： Yaron Sella ,  Kevin Holcomb

IPC: G06F21/57 ,  G06K9/62 ,  H04L9/06

Abstract: The secure chain of trust steps to boot-up a computing device are split between the shutdown procedure of the computing device and the boot-up procedure of the computing device to reduce the time required for the computing device to boot-up. The main image associated with a central processing unit of the computing device is validated during the shutdown procedure of the computing device such that the operating system for the central processing unit is available when the computing device receives an action to power on. The boot-up time for the computing device is reduced, which allows the computing device to boot-up within an established time frame.