公开(公告)号：US20190124045A1

公开(公告)日：2019-04-25

申请号：US16169012

申请日：2018-10-24

Applicant: NEC Laboratories America, Inc.

Inventor： Bo Zong ,  Daeki Cho ,  Cristian Lumezanu ,  Haifeng Chen ,  Qi Song

IPC: H04L29/06 ,  G06N3/08 ,  G06N3/04

Abstract: Systems and methods for preventing cyberattacks using a Density Estimation Network (DEN) for unsupervised anomaly detection, including constructing the DEN using acquired network traffic data by performing end-to-end training. The training includes generating low-dimensional vector representations of the network traffic data by performing dimensionality reduction of the network traffic data, predicting mixture membership distribution parameters for each of the low-dimensional representations by performing density estimation using a Gaussian Mixture Model (GMM) framework, and formulating an objective function to estimate an energy and determine a density level of the low-dimensional representations for anomaly detection, with an anomaly being identified when the energy exceeds a pre-defined threshold. Cyberattacks are prevented by blocking transmission of network flows with identified anomalies by directly filtering out the flows using a network traffic monitor.

公开(公告)号：US20190098049A1

公开(公告)日：2019-03-28

申请号：US16101815

申请日：2018-08-13

Applicant: NEC Laboratories America, Inc.

Inventor： Cristian Lumezanu ,  Nipun Arora ,  Haifeng Chen ,  Bo Zong ,  Daeki Cho ,  Mingda Li

IPC: H04L29/06 ,  H04L12/733 ,  H04L12/751 ,  H04L12/893

Abstract: Endpoint security systems and methods include a distance estimation module configured to calculate a travel distance between a source Internet Protocol (IP) address and an IP address for a target network endpoint system from a received packet received by the target network endpoint system based on time-to-live (TTL) information from the received packet. A machine learning model is configured to estimate an expected travel distance between the source IP address and the target network endpoint system IP address based on a sparse set of known source/target distances. A spoof detection module is configured to determine that the received packet has a spoofed source IP address based on a comparison between the calculated travel distance and the expected travel distance. A security module is configured to perform a security action at the target network endpoint system responsive to the determination that the received packet has a spoofed source IP address.

公开(公告)号：US10110458B2

公开(公告)日：2018-10-23

申请号：US15264706

申请日：2016-09-14

Applicant: NEC Laboratories America, Inc.

Inventor： Qiang Xu ,  Cristian Lumezanu ,  Cheng Jin ,  Hyun-Wook Baek ,  Guofei Jiang

IPC: H04L12/26 ,  H04L12/707 ,  H04L12/741 ,  H04L12/721 ,  H04L12/815 ,  H04L12/24

Abstract: Methods and systems for network management include performing path regression to determine an end-to-end path across physical links for each data flow in a network. A per-flow utilization of each physical link in the network is estimated based on the determined end-to-end paths. A management action is performed in the network based on the estimated per-flow utilization.

公开(公告)号：US09253042B2

公开(公告)日：2016-02-02

申请号：US14041102

申请日：2013-09-30

Applicant: NEC Laboratories America, Inc.

Inventor： Cristian Lumezanu ,  Curtis Yu ,  Vishal Kumar Singh ,  Yueping Zhang ,  Guofei Jiang

IPC: G01R31/08 ,  H04L12/24 ,  H04L12/26

CPC classification number: H04L41/12 ,  H04L43/0876 ,  H04L43/10 ,  Y02D30/30

Abstract: A method implemented in a network apparatus used in a network is disclosed. The method includes sensing network topology and network utilization, receiving a request from an application, deciding path setup requirement using network state information obtained from the network topology and the network utilization, and translating the path setup requirement into a rule to be installed. Other methods, apparatuses, and systems also are disclosed.

Abstract translation: 公开了一种在网络中使用的网络装置中实现的方法。 该方法包括感知网络拓扑和网络利用率，从应用接收请求，使用从网络拓扑获得的网络状态信息和网络利用率确定路径设置要求，以及将路径设置要求转换为要安装的规则。 还公开了其它方法，装置和系统。

公开(公告)号：US20130185438A1

公开(公告)日：2013-07-18

申请号：US13740229

申请日：2013-01-13

Applicant: NEC Laboratories America, Inc.

Inventor： Cristian Lumezanu ,  Guofei Jiang ,  Kai Chen ,  Yueping Zhang ,  Vishal Singh

IPC: H04L12/56

CPC classification number: H04L45/302 ,  H04L12/4641 ,  H04L41/084 ,  H04L41/0896 ,  H04L45/306 ,  H04L47/70

Abstract: A method for policy-aware mapping of an enterprise virtual tenant network includes receiving inputs from a hosting network and tenants, translating resource demand and policies of the tenants into a network topology and bandwidth demand on each link in the network; pre-arranging a physical resource of a physical topology for clustering servers on the network to form an allocation unit before a VTN allocation; allocating resources of the hosting network to satisfy demand of the tenants in response to a VTN demand request; and conducting a policy aware VTN mapping for enumerating all feasibly resource mappings, bounded by a predetermined counter for outputting optimal mapping with policy-compliant routing paths in the hosting network.

Abstract translation: 一种用于企业虚拟租户网络的策略感知映射的方法包括从主机网络和租户接收输入，将租户的资源需求和策略转换为网络中每个链路上的网络拓扑和带宽需求; 预先布置物理拓扑的物理资源，用于网络上的聚类服务器，以在VTN分配之前形成分配单元; 分配主机网络的资源以满足VTN需求请求响应租户的需求; 以及执行策略感知VTN映射，用于枚举所有可行的资源映射，其由预定计数器限定，用于在主机网络中输出具有策略兼容路由路径的最佳映射。

公开(公告)号：US12242542B2

公开(公告)日：2025-03-04

申请号：US17408852

申请日：2021-08-23

Applicant: NEC Laboratories America, Inc.

Inventor： Cristian Lumezanu ,  Yuncong Chen ,  Takehiko Mizoguchi ,  Dongjin Song ,  Haifeng Chen ,  Jurijs Nazarovs

IPC: G06F16/906

Abstract: A method classifies missing labels. The method computes, using a neural network model trained on training data, rank-based statistics of a feature of a time series segment to attempt to select two candidate labels from the training data that the segment most likely belongs to. The method classifies the segment using k-NN-based classification applied to the training data, responsive to the two candidate labels being present in the training data. The method classifies the segment by hypothesis testing, responsive to only one candidate label being present in the training data. The method classifies the segment into a class with higher values of the rank-based statistics from among a plurality of classes with different values of the rank-based statistics, responsive to no candidate labels being present in the training data. The method corrects a prediction by an applicable one of the classifying steps by majority voting with time windows.

公开(公告)号：US11520993B2

公开(公告)日：2022-12-06

申请号：US16918353

申请日：2020-07-01

Applicant: NEC Laboratories America, Inc. ,  NEC Corporation

Inventor： Yuncong Chen ,  Hao Yuan ,  Dongjin Song ,  Cristian Lumezanu ,  Haifeng Chen ,  Takehiko Mizoguchi

IPC: G06N3/08 ,  G06F16/00 ,  G06F16/33 ,  G06F17/00 ,  G06F40/10 ,  G06F40/20 ,  G06F40/211 ,  G06F40/40 ,  G06F40/30 ,  G06F17/16 ,  G06K9/62

Abstract: A system for cross-modal data retrieval is provided that includes a neural network having a time series encoder and text encoder which are jointly trained using an unsupervised training method which is based on a loss function. The loss function jointly evaluates a similarity of feature vectors of training sets of two different modalities of time series and free-form text comments and a compatibility of the time series and the free-form text comments with a word-overlap-based spectral clustering method configured to compute pseudo labels for the unsupervised training method. The computer processing system further includes a database for storing the training sets with feature vectors extracted from encodings of the training sets. The encodings are obtained by encoding a training set of the time series using the time series encoder and encoding a training set of the free-form text comments using the text encoder.

公开(公告)号：US20220318593A1

公开(公告)日：2022-10-06

申请号：US17711553

申请日：2022-04-01

Applicant: NEC Laboratories America, Inc.

Inventor： Yuncong Chen ,  Cristian Lumezanu ,  Wei Cheng ,  Takehiko Mizoguchi ,  Masanao Natsumeda ,  Haifeng Chen

IPC: G06N3/04 ,  G06N3/063 ,  G06N3/08 ,  G06F40/284

Abstract: A method for explaining sensor time series data in natural language is presented. The method includes training a neural network model with text-annotated time series data, the neural network model including a time series encoder and a text generator, allowing a human operator to select a time series segment from the text-annotated time series data, the time series segment processed by the time series encoder, outputting, from the time series encoder, a sequence of hidden state vectors, one for each timestep, and generating readable explanatory texts for the human operator based on the selected time series segment, the readable explanatory texts being a set of comment texts explaining and interpreting the selected time series segment in a plurality of different ways.

公开(公告)号：US20220012538A1

公开(公告)日：2022-01-13

申请号：US17364125

申请日：2021-06-30

Applicant: NEC Laboratories America, Inc.

Inventor： Takehiko Mizoguchi ,  Dongjin Song ,  Yuncong Chen ,  Cristian Lumezanu ,  Haifeng Chen

IPC: G06K9/62 ,  G06N3/08 ,  G06N3/04

Abstract: Systems and methods for retrieving similar multivariate time series segments are provided. The systems and methods include extracting a long feature vector and a short feature vector from a time series segment, converting the long feature vector into a long binary code, and converting the short feature vector into a short binary code. The systems and methods further include obtaining a subset of long binary codes from a binary dictionary storing dictionary long codes based on the short binary codes, and calculating similarity measure for each pair of the long feature vector with each dictionary long code. The systems and methods further include identifying a predetermined number of dictionary long codes having the similarity measures indicting a closest relationship between the long binary codes and dictionary long codes, and retrieving a predetermined number of time series segments associated with the predetermined number of dictionary long codes.

公开(公告)号：US20210027157A1

公开(公告)日：2021-01-28

申请号：US16918484

申请日：2020-07-01

Applicant: NEC Laboratories America, Inc. ,  NEC Corporation

Inventor： Yuncong Chen ,  Hao Yuan ,  Dongjin Song ,  Cristian Lumezanu ,  Haifeng Chen ,  Takehiko Mizoguchi

IPC: G06N3/08

Abstract: A system for cross-modal data retrieval is provided. The system includes a database for storing training sets of two different modalities of time series and free-form text comments as pairs of mixed modality data. The computer processing system further includes a neural network having a time series encoder and text encoder which are jointly trained using a canonical correlation analysis that finds transformations of feature vectors from among the pairs of mixed modality data such that correlated mixed modality data is emphasized in the two different modalities and uncorrelated mixed modality data is minimized. The feature vectors are obtained by encoding a training set of the time series using the time series encoder and encoding a training set of the free-form text comments using the text encoder.