公开(公告)号：US11463305B2

公开(公告)日：2022-10-04

申请号：US17100364

申请日：2020-11-20

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Ping Wu ,  Donghui Wang

IPC: H04L41/16 ,  H04L41/0806 ,  H04L41/0893

Abstract: This application discloses a method and an apparatus for configuring a network device, and a storage medium, and belongs to the field of data transmission technologies. The method includes: determining, in a plurality of terminal groups based on a packet receiving and sending characteristic of a target terminal, a target terminal group to which the target terminal belongs, where the packet receiving and sending characteristic is determined based on a plurality of packets received and sent by the target terminal, and the plurality of terminal groups are in a one-to-one correspondence with a plurality of configurations; and configuring a to-be-configured network device based on a target configuration corresponding to the target terminal group, where the to-be-configured network device is a network device that forwards the plurality of packets. This application effectively reduces workload in a configuration process. This application is used to configure the network device.

公开(公告)号：US20210211359A1

公开(公告)日：2021-07-08

申请号：US17205357

申请日：2021-03-18

Applicant: Huawei Technologies Co., Ltd.

Inventor： Donghui Wang ,  Jinming Li

IPC: H04L12/24 ,  H04L12/46

Abstract: A software defined network (SDN) system, controller, and controlling method, where the SDN system includes at least one Nth level controller and at least two (N+1)th level controllers belonging to the Nth level controller, where the (N+1)th level controller is configured to receive a first message sent by a node belonging to the (N+1)th level controller, and when the first message is a cross-domain message according to status information of each node that is managed by the (N+1)th level controller, forward the first message to the Nth level controller to which the (N+1)th level controller belongs, and the Nth level controller receives the first message, and perform decision processing according to status information of the (N+1)th level controller that is managed by and belongs to the Nth level controller and status information of boundary nodes of the (N+1)th level controller belonging to the Nth level controller.

公开(公告)号：US20200177600A1

公开(公告)日：2020-06-04

申请号：US16786568

申请日：2020-02-10

Applicant: Huawei Technologies Co., Ltd.

Inventor： Yibin Xu ,  Donghui Wang ,  Rong Yang

IPC: H04L29/06 ,  H04W12/06 ,  H04W12/00 ,  H04L29/08

Abstract: A method and an apparatus for granting network permission to a terminal include receiving, by an authentication device, a network permission request packet sent by a terminal, granting, by the authentication device, first network permission to the terminal receiving, by the authentication device, a first authentication failure message sent by a server after granting the first network permission to the terminal, and withdrawing, by the authentication device, the first network permission of the terminal based on the first authentication failure message. Therefore, the authentication device can grant the network permission to the terminal before receiving an authentication result sent by the server, and withdraw the network permission in time when receiving the first authentication failure message sent by the server.

公开(公告)号：US12074908B2

公开(公告)日：2024-08-27

申请号：US17369057

申请日：2021-07-07

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Huazhi Yang ,  Donghui Wang

IPC: H04L29/06 ,  H04L9/40 ,  H04L45/00 ,  H04L45/745 ,  H04L61/103 ,  H04L101/622

CPC classification number: H04L63/1491 ,  H04L45/66 ,  H04L45/745 ,  H04L61/103 ,  H04L2101/622

Abstract: This application discloses a cyber threat deception method and system, and a forwarding device. The forwarding device obtains a deception target set, where the deception target set includes a deception target, and the deception target includes an unused internet protocol (IP) address or an unopened port number on a used IP address. The forwarding device receives an IP packet from a host, and determines whether a destination party that the IP packet requests to access belongs to the deception target set. If the destination party that the IP packet requests to access belongs to the deception target set, the forwarding device sends the IP packet to a honeypot management server. The forwarding device receives a response packet, returned by the honeypot management server, of the corresponding IP packet. The forwarding device sends the response packet to the host.

公开(公告)号：US20240223391A1

公开(公告)日：2024-07-04

申请号：US18608829

申请日：2024-03-18

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Donghui Wang ,  Fei Liu

IPC: H04L9/00 ,  H04L9/32

CPC classification number: H04L9/50 ,  H04L9/321

Abstract: According to a communication method, a first communication device obtains a network identifier of a second communication device, generates a query request, sends the query request to a blockchain service device, and receives first blockchain information from the blockchain service device. The query request is used to request the first blockchain information corresponding to the network identifier of the second communication device. The first blockchain information includes a first blockchain identifier, or the first blockchain information includes a first transaction identifier set. The first transaction identifier set includes one or more first transaction identifiers. The first blockchain information is used by the first communication device to query transaction data of the second communication device in a blockchain.

公开(公告)号：US20240048986A1

公开(公告)日：2024-02-08

申请号：US18491520

申请日：2023-10-20

Applicant: Huawei Technologies Co., Ltd.

Inventor： Fei Liu ,  Donghui Wang ,  Gurbakshish Singh Toor

IPC: H04W12/069 ,  H04W60/00

CPC classification number: H04W12/069 ,  H04W60/00

Abstract: A terminal device initiates a request to a first network element device in a public network core network to access a second network element device in a private network core network. If the private network core network and the public network core network are in a same trusted domain, the first network element device sends first indication information to the second network element device, where the first indication information indicates the second network element device to skip performing an authentication operation on the terminal device.

公开(公告)号：US20220329449A1

公开(公告)日：2022-10-13

申请号：US17850019

申请日：2022-06-27

Applicant: Huawei Technologies Co., Ltd.

Inventor： Shiyong Fu ,  Houcun Zhu ,  Donghui Wang ,  Xiangen Xu ,  Zhaojin Li

IPC: H04L12/10 ,  G01R27/20 ,  G06F1/3209 ,  H02J1/02

Abstract: A filtering-based power supply apparatus used in a power sourcing equipment (PSE) includes a power supply control circuit and an adaptive filter circuit. The power supply control circuit includes a power supply channel and a detection module. The power supply channel includes a control switch configured to control on and off of the power supply channel. The detection module is configured to send a detection signal to the power supply channel to detect whether a peer device connected to the power supply channel is a valid powered device. The control switch is turned off in a detection process of the power supply channel. The adaptive filter circuit is configured to filter noise in the detection signal in the detection process of the power supply channel.

公开(公告)号：US20200267074A1

公开(公告)日：2020-08-20

申请号：US16869761

申请日：2020-05-08

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Donghui Wang ,  Hongpei Li ,  Bingyang Liu

IPC: H04L12/751 ,  H04L12/715 ,  H04W40/24 ,  H04W84/18

Abstract: This application provides a secure route identification method and an apparatus. A first AS node receives a first message. The first message is used to indicate a target path for reaching a first route prefix, and the target path is used to indicate a first neighboring relationship between AS nodes on the target path. Then, the first AS node determines, based on the first neighboring relationship and neighbor information of an AS node on the target path that is stored in a blockchain, whether a security threat exists on the target path. The neighbor information of the AS node on the target path includes a second neighboring relationship between the AS node on the target path and another AS node.

公开(公告)号：US10652262B2

公开(公告)日：2020-05-12

申请号：US16130719

申请日：2018-09-13

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Donghui Wang ,  Yadong Zhou ,  Chengchen Hu

IPC: H04L29/06 ,  H04L12/755 ,  H04L12/26 ,  H04L12/721 ,  H04L12/741 ,  H04L12/891

Abstract: The present disclosure relates to a data flow forwarding abnormality detection method. In one example method, a switching device through which a to-be-detected data flow passes is determined by a controller. At least one flow entry in the switching device that matches the to-be-detected data flow is obtained. The at least one flow entry comprises actual traffic and a match field. The actual traffic is a value of a counter corresponding to the match field. An overdetermined equation set is established based on the actual traffic and theoretical traffic of a data flow in the switching device that matches the match field. Based on the overdetermined equation set, a determination is made on whether the at least one flow entry is abnormal.