-
公开(公告)号:US09230104B2
公开(公告)日:2016-01-05
申请号:US14273676
申请日:2014-05-09
Applicant: Cisco Technology, Inc.
Inventor: Jean-Philippe Vasseur , Andrea Di Pietro , Javier Cruz Mota
CPC classification number: G06F21/554 , H04L63/1408 , H04W12/12 , H04W84/18
Abstract: In one embodiment, a network node receives a voting request from a neighboring node that indicates a potential network attack. The network node determines a set of feature values to be used as input to a classifier based on the voting request. The network node also determines whether the potential network attack is present by using the set of feature values as input to the classifier. The network node further sends a vote to the neighboring node that indicates whether the potential network attack was determined to be present.
Abstract translation: 在一个实施例中,网络节点从指示潜在网络攻击的相邻节点接收投票请求。 网络节点基于投票请求确定要用作分类器的输入的一组特征值。 网络节点还通过使用一组特征值作为分类器的输入来确定潜在的网络攻击是否存在。 网络节点还向相邻节点发送表示是否确定潜在网络攻击存在的投票。
-
公开(公告)号:US20150334123A1
公开(公告)日:2015-11-19
申请号:US14278532
申请日:2014-05-15
Applicant: Cisco Technology, Inc.
Inventor: Andrea Di Pietro , Jean-Philippe Vasseur , Javier Cruz Mota
CPC classification number: H04L43/04 , H04L41/30 , H04L63/1408 , H04L63/1458 , H04L67/04 , H04L67/12 , H04L2463/141
Abstract: In one embodiment, attack observations by a first node are provided to a user interface device regarding an attack detected by the node. Input from the user interface device is received that confirms that a particular attack observation by the first node indicates that the attack was detected correctly by the first node. Attack observations by one or more other nodes are provided to the user interface device. Input is received from the user interface device that confirms whether the attack observations by the first node and the attack observations by the one or more other nodes are both related to the attack. The one or more other nodes are identified as potential voters for the first node in a voting-based attack detection mechanism based on the attack observations from the first node and the one or more other nodes being related.
Abstract translation: 在一个实施例中,第一节点的攻击观察被提供给用户接口设备关于由该节点检测到的攻击。 接收到来自用户界面设备的输入,其确认第一节点的特定攻击观察指示第一节点正确地检测到攻击。 一个或多个其他节点的攻击观察被提供给用户界面设备。 从用户接口设备接收输入,确认第一节点的攻击观察和一个或多个其他节点的攻击观察是否与攻击有关。 基于来自第一节点和一个或多个其他相关节点的攻击观察,基于投票的攻击检测机制中的一个或多个其他节点被识别为第一节点的潜在选民。
-
公开(公告)号:US20150326450A1
公开(公告)日:2015-11-12
申请号:US14275344
申请日:2014-05-12
Applicant: Cisco Technology, Inc.
Inventor: Javier Cruz Mota , Jean-Philippe Vasseur , Andrea Di Pietro
CPC classification number: H04L41/5054 , G06N20/00 , H04L63/1408 , H04L63/1466 , H04L67/10 , H04L67/16
Abstract: In one embodiment, voting optimization requests that identify a validation data set are sent to a plurality of network nodes. Voting optimization data is received from the plurality of network nodes that was generated by executing classifiers using the validation data set. A set of one or more voting classifiers is then selected from among the classifiers based on the voting optimization data. One or more network nodes that host a voting classifier in the set of one or more selected voting classifiers is then notified of the selection.
Abstract translation: 在一个实施例中,将识别验证数据集的投票优化请求发送到多个网络节点。 从通过使用验证数据集执行分类器生成的多个网络节点接收投票优化数据。 然后基于投票优化数据从分类器中选择一组一个或多个投票分类器。 然后通知一个或多个所选投票分类器的集合中的投票分类器的一个或多个网络节点。
-
公开(公告)号:US20150193697A1
公开(公告)日:2015-07-09
申请号:US14164482
申请日:2014-01-27
Applicant: Cisco Technology, Inc.
Inventor: Jean-Philippe Vasseur , Javier Cruz Mota , Andrea Di Pietro
CPC classification number: H04L63/1425 , G06N3/02 , G06N3/08 , G06N3/084 , G06N99/005 , H04L41/16 , H04L43/0876 , H04L45/48 , H04L47/127 , H04L47/2466 , H04L47/41
Abstract: In one embodiment, a first network device receives a notification that the first network device has been selected to validate a machine learning model for a second network device. The first network device receives model parameters for the machine learning model that were generated by the second network device using training data on the second network device. The model parameters are used with local data on the first network device to determine performance metrics for the model parameters. The performance metrics are then provided to the second network device.
Abstract translation: 在一个实施例中,第一网络设备接收第一网络设备已经被选择以验证第二网络设备的机器学习模型的通知。 第一网络设备接收由第二网络设备使用第二网络设备上的训练数据生成的机器学习模型的模型参数。 模型参数与第一个网络设备上的本地数据一起使用,以确定模型参数的性能指标。 然后将性能度量提供给第二网络设备。
-
公开(公告)号:US20210067430A1
公开(公告)日:2021-03-04
申请号:US16560748
申请日:2019-09-04
Applicant: Cisco Technology, Inc.
Inventor: Javier Cruz Mota , Erwan Barry Tarik Zerhouni , Abhishek Kumar
IPC: H04L12/26
Abstract: The present technology pertains to a system, method, and non-transitory computer-readable medium for evaluating the impact of network changes. The technology can detect a temporal event, wherein the temporal event is associated with a change in a network configuration, implementation, or utilization. The technology defines, based on a nature of the temporal event, a first period prior to the temporal event or a second period posterior to the temporal event. The technology compares network data collected in the first period and network data collected in the second period.
-
Patent Agency Ranking
公开(公告)号:US10691082B2
公开(公告)日:2020-06-23
申请号:US15831482
申请日:2017-12-05
Applicant: Cisco Technology, Inc.
Inventor: Andrea Di Pietro , Jean-Philippe Vasseur , Javier Cruz Mota
Abstract: In one embodiment, a network assurance service receives data regarding a monitored network. The service analyzes the received data using a machine learning-based model, to perform a network assurance function for the monitored network. The service detects a lowered performance of the machine learning-based model when a performance metric of the machine learning-based model is below a threshold for the performance metric. When it is determined that the lowered performance of the machine-learning based model is correlated with the sample rate of the received data, the service adjusts the sample rate of the data.
-
公开(公告)号:US20200007412A1
公开(公告)日:2020-01-02
申请号:US16564176
申请日:2019-09-09
Applicant: Cisco Technology, Inc.
Inventor: Javier Cruz Mota , Jean-Philippe Vasseur , Andrea Di Pietro
Abstract: In one embodiment, possible voting nodes in a network are identified. The possible voting nodes each execute a classifier that is configured to select a label from among a plurality of labels based on a set of input features. A set of one or more eligible voting nodes is selected from among the possible voting nodes based on a network policy. Voting requests are then provided to the one or more eligible voting nodes that cause the one or more eligible voting nodes to select labels from among the plurality of labels. Votes are received from the eligible voting nodes that include the selected labels and are used to determine a voting result.
-
公开(公告)号:US10469511B2
公开(公告)日:2019-11-05
申请号:US15211093
申请日:2016-07-15
Applicant: Cisco Technology, Inc.
Inventor: Jean-Philippe Vasseur , Grégory Mermoud , Javier Cruz Mota , Laurent Sartran , Sébastien Gay
Abstract: In one embodiment, a device in a network receives feedback regarding an anomaly reporting mechanism used by the device to report network anomalies detected by a plurality of distributed learning agents to a user interface. The device determines an anomaly assessment rate at which a user of the user interface is expected to assess reported anomalies based in part on the feedback. The device receives an anomaly notification regarding a particular anomaly detected by a particular one of the distributed learning agents. The device reports, via the anomaly reporting mechanism, the particular anomaly to the user interface based on the determined anomaly assessment rate.
-
公开(公告)号:US20180359648A1
公开(公告)日:2018-12-13
申请号:US15617444
申请日:2017-06-08
Applicant: Cisco Technology, Inc.
Inventor: Pierre-André Savalle , Grégory Mermoud , Jean-Philippe Vasseur , Javier Cruz Mota
CPC classification number: H04W24/02 , H04W36/00835 , H04W36/32 , H04W64/00 , H04W84/12
Abstract: In one embodiment, a device receives data regarding usage of access points in a network by a plurality of clients in the network. The device maintains an access point graph that represents the access points in the network as vertices of the access point graph. The device generates, for each of the plurality of clients, client trajectories as trajectory subgraphs of the access point graph. A particular client trajectory for a particular client comprises a set of edges between a subset of the vertices of the access point graph and represents transitions between access points in the network performed by the particular client. The device identifies a transition pattern from the client trajectories by deconstructing the trajectory subgraphs. The device uses the identified transition pattern to effect a configuration change in the network.
-
公开(公告)号:US10038713B2
公开(公告)日:2018-07-31
申请号:US14270759
申请日:2014-05-06
Applicant: Cisco Technology, Inc.
Inventor: Jean-Philippe Vasseur , Javier Cruz Mota , Andrea Di Pietro
CPC classification number: H04L63/1458 , H04L63/10 , H04L63/1433 , H04L63/1441 , H04L63/20
Abstract: In one embodiment, attack detectability metrics are received from nodes along a path in a network. The attack detectability metrics from the nodes along the path are used to compute a path attack detectability value. A determination is made as to whether the path attack detectability value satisfies a network policy and one or more routing paths in the network are adjusted based on the path attack detectability value not satisfying the network policy.
-
-
-
-
-
-
-
-
-
Search Results
102
records
(took 0.017 seconds)
