公开(公告)号：US20100157840A1

公开(公告)日：2010-06-24

申请号：US12317420

申请日：2008-12-22

Applicant: Subhabrata Sen ,  Lee Breslau ,  Nicholas Duffield ,  Yu Gu

Inventor： Subhabrata Sen ,  Lee Breslau ,  Nicholas Duffield ,  Yu Gu

IPC: G06F11/30

CPC classification number: H04L43/0835 ,  H04L41/0213 ,  H04L41/142 ,  H04L41/5009 ,  H04L43/026 ,  H04L43/103 ,  Y02D50/30

Abstract: A packet loss estimation technique is disclosed that utilizes the sampled flow level statistics that are routinely collected in operational networks, thereby obviating the need for any new router features or measurement infrastructure. The technique is specifically designed to handle the challenges of sampled flow-level aggregation such as information loss resulting from packet sampling, and generally comprises: receiving a first record of sampled packets for a flow from a first network element; receiving a second record of sampled packets for the flow from a second network element communicating with the first network element; correlating sampled packets from the flow at the first network element and the second network element to a measurement interval; and estimating the packet loss using a count of the sampled packets correlated to the measurement interval.

Abstract translation: 公开了一种利用在操作网络中常规收集的采样流量统计信息的分组丢失估计技术，从而避免了对任何新的路由器特征或测量基础设施的需要。 该技术专门设计用于处理采样流级聚合的挑战，例如由分组采样导致的信息丢失，并且通常包括：从第一网络元件接收流的第一采样分组记录; 从与第一网络元件通信的第二网络元件接收用于流的采样分组的第二记录; 将来自第一网元和第二网元的流的采样分组相关联到测量间隔; 以及使用与测量间隔相关联的采样分组的计数来估计分组丢失。

公开(公告)号：US20100064131A1

公开(公告)日：2010-03-11

申请号：US12619620

申请日：2009-11-16

Applicant: Oliver Spatscheck ,  Subhabrata Sen ,  Dongmei Wang

Inventor： Oliver Spatscheck ,  Subhabrata Sen ,  Dongmei Wang

IPC: H04L29/06

CPC classification number: H04L47/10 ,  H04L47/2441 ,  H04L69/22

Abstract: The present invention relates to a method and system for the automated construction of application signatures. In one example, an approach for automatically constructing accurate signatures for individual applications, with minimal human involvement or application domain knowledge, is provided. Given a training data set containing the application traffic, the Automated Construction of Application Signatures (ACAS) system uses a combination of statistical, information theoretic and combinatorial optimization techniques, to derive application-layer signatures from the payload of packets, e.g., IP packets. Evaluations with a range of applications demonstrate that the derived signatures are very accurate and scale to identifying a large number of flows in real time on high-speed links.

Abstract translation: 本发明涉及一种用于自动构建应用签名的方法和系统。 在一个示例中，提供了一种用于以最小的人为参与或应用领域知识为个体应用自动构建准确签名的方法。 给定包含应用流量的训练数据集，自动构建应用签名（ACAS）系统使用统计，信息理论和组合优化技术的组合来从分组的有效载荷（例如IP分组）中导出应用层签名。 使用一系列应用程序的评估表明，派生的签名非常准确，可扩展到在高速链路上实时识别大量的流量。

公开(公告)号：US20090190487A1

公开(公告)日：2009-07-30

申请号：US12022733

申请日：2008-01-30

Applicant: Lee Breslau ,  Nicholas Duffield ,  Yu Gu ,  Subhabrata Sen

Inventor： Lee Breslau ,  Nicholas Duffield ,  Yu Gu ,  Subhabrata Sen

IPC: H04L12/26

CPC classification number: H04L12/4633 ,  H04L43/0864

Abstract: A method and apparatus for providing performance measurements on network tunnels in packet networks are disclosed. For example, the method establishes two tunnels between a first measurement host and a first router, and establishes a tunnel between the first router and a second measurement host. The method also establishes a multicast group having a plurality of members, and sends one or more packets addressed to the multicast group from the first measurement host. The method measures the frequencies of directly and/or indirectly received responses from the plurality of members of the multicast group, and provides a plurality of estimated values for a plurality of packet transmission rates from measurement of the frequencies for one or more of said tunnels.

Abstract translation: 公开了一种用于在分组网络中的网络隧道上提供性能测量的方法和装置。 例如，该方法在第一测量主机和第一路由器之间建立两个隧道，并在第一路由器和第二测量主机之间建立隧道。 该方法还建立具有多个成员的多播组，并且从第一测量主机发送寻址到多播组的一个或多个分组。 该方法测量来自多播组的多个成员的直接和/或间接接收的响应的频率，并从测量一个或多个所述隧道的频率提供多个分组传输速率的多个估计值。

公开(公告)号：US07467224B2

公开(公告)日：2008-12-16

申请号：US10781542

申请日：2004-02-17

Applicant: Kartikeya Chandrayana ,  Matthew Roughan ,  Subhabrata Sen ,  Yin Zhang

Inventor： Kartikeya Chandrayana ,  Matthew Roughan ,  Subhabrata Sen ,  Yin Zhang

IPC: G06F15/16

CPC classification number: H04L45/125 ,  H04L45/04 ,  H04L45/124 ,  H04L45/22 ,  H04L45/24 ,  H04L45/70 ,  H04L47/10 ,  H04L47/11 ,  H04L47/122 ,  H04L47/125 ,  H04L47/20

Abstract: A method for balancing traffic across paths connecting a network to the Internet using a fractional allocation strategy for distributing the traffic from a congested selected path. The strategy includes: (a) associating the paths j with a counter i; (b) calculating the total initial selected path overload; (c) calculating the selected path load, wherein the load is equal to the initial selected path overload less the sum of the low capacity boundary for i path(s); (d) calculating the portion of the traffic on the selected path to be distributed using a bi-sectional search strategy; (e) distributing a portion of the traffic on the selected path to the other paths; and (f) stopping if there are no more paths (i=j), otherwise increasing the numerical value of the counter by one (1) and go to step (c).

Abstract translation: 一种用于使用分数分配策略来平衡通过连接网络到因特网的路径之间的流量的方法，用于分配来自拥塞的所选路径的流量。 该策略包括：（a）将路径j与计数器i相关联; （b）计算总初始选择路径过载; （c）计算所选择的路径负载，其中负载等于初始选择的路径过载，减去i路径的低容量边界的和; （d）使用双向搜索策略计算要分配的所选路径上的业务部分; （e）将所选路径上的一部分业务分发到其他路径; 和（f）如果没有更多的路径（i = j）停止，否则将计数器的数值增加1（1）并转到步骤（c）。

公开(公告)号：US20060239219A1

公开(公告)日：2006-10-26

申请号：US11321054

申请日：2005-12-30

Applicant: Patrick Haffner ,  Subhabrata Sen ,  Oliver Spatscheck ,  Dongmei Wang

Inventor： Patrick Haffner ,  Subhabrata Sen ,  Oliver Spatscheck ,  Dongmei Wang

IPC: H04B7/212

CPC classification number: H04L41/142 ,  H04L43/028 ,  H04L43/0823 ,  H04L63/0227

Abstract: A method for identifying traffic to an application including the steps of monitoring communication traffic in a network, identifying data from communication traffic content, and constructing a model for mapping the communication traffic for an application derived from data identified from the communication traffic content is described. A related system and computer readable medium for performing the method is also described. The described method and system has utility in a wide array of networks including IP networks.

Abstract translation: 一种用于识别对应用的业务的方法，包括以下步骤：监视网络中的通信业务，从通信业务内容识别数据，以及构建用于映射从通信业务内容识别的数据导出的应用的通信业务的模型。 还描述了用于执行该方法的相关系统和计算机可读介质。 所描述的方法和系统在包括IP网络的广泛网络中具有实用性。

公开(公告)号：US20060190998A1

公开(公告)日：2006-08-24

申请号：US11290976

申请日：2005-11-30

Applicant: William Aiello ,  Charles Kalmanek ,  William Leighton ,  Patrick McDaniel ,  Subhabrata Sen ,  Oliver Spatscheck ,  Jacobus Van der Merwe

Inventor： William Aiello ,  Charles Kalmanek ,  William Leighton ,  Patrick McDaniel ,  Subhabrata Sen ,  Oliver Spatscheck ,  Jacobus Van der Merwe

IPC: G06F15/16

CPC classification number: H04W28/00 ,  H04L43/16 ,  H04L63/0236 ,  H04L63/0254 ,  H04L63/0263 ,  H04L63/029

Abstract: A reverse firewall for removing undesirable traffic from a computing network, such as a virtual private network (VPN), is disclosed. The reverse firewall uses firewall rules that may be determined and maintained within the enterprise network to control communication sent between computers in the computing network. The reverse firewall rules may be used to identify the communications between computers in the network that are undesirable and/or intrusive. For example, a computer in a network that is infected with a worm or that is surreptitiously hosting a denial-of-service attack may be identified by the reverse firewall and quarantined. The reverse firewall may be implemented in hardware and/or software.

Abstract translation: 公开了用于从诸如虚拟专用网（VPN）的计算网络去除不期望的业务的反向防火墙。 反向防火墙使用可以在企业网络内确定和维护的防火墙规则来控制计算网络中计算机之间发送的通信。 反向防火墙规则可用于识别网络中不希望的和/或侵入的计算机之间的通信。 例如，网络中受感染蠕虫或暗中托管拒绝服务攻击的计算机可能由反向防火墙识别，并被隔离。 反向防火墙可以在硬件和/或软件中实现。

公开(公告)号：US09264872B2

公开(公告)日：2016-02-16

申请号：US13528423

申请日：2012-06-20

Applicant: Subhabrata Sen ,  Oliver Spatscheck ,  Alexandre Gerber ,  Zhuoqing Morley Mao ,  Feng Qian ,  Zhaoguang Wang

Inventor： Subhabrata Sen ,  Oliver Spatscheck ,  Alexandre Gerber ,  Zhuoqing Morley Mao ,  Feng Qian ,  Zhaoguang Wang

IPC: H04M3/42 ,  H04W4/18 ,  H04W4/06

CPC classification number: H04W72/0493 ,  H04L65/4069 ,  H04W4/06 ,  H04W4/18

Abstract: Techniques for using controlling traffic transmissions to manage radio resource utilization are presented herein. When content is being streamed to user equipment (UE) and is at least initially intended to be streamed in real time at a constant bitrate, a communication management component can determine whether the content being transmitted to the UE can be delayed, instead of being transmitted in real time. In response to determining that the content can be delayed, the communication management component can facilitate buffering data and periodically streaming the data to the UE in data bursts to reduce use of UE power and radio resources. When transmitting a visual image to a UE, the communication management component can adjust resolution of a visual image to correspond to screen dimensions of the UE based on information indicating screen dimensions of the UE that can be received from the UE.

Abstract translation: 本文介绍了使用控制业务传输来管理无线电资源利用的技术。 当内容被流传输到用户设备（UE）并且至少最初打算以恒定比特率实时流式传输时，通信管理组件可以确定正在发送到UE的内容是否可以被延迟而不是被发送 实时。 响应于确定内容可以被延迟，通信管理组件可以促进缓冲数据并且周期性地以数据突发方式将数据流传输到UE，以减少对UE功率和无线电资源的使用。 当向UE发送可视图像时，通信管理部件可以基于指示可以从UE接收到的UE的屏幕尺寸的信息来调整视觉图像的分辨率以对应于UE的屏幕尺寸。

公开(公告)号：US20150327057A1

公开(公告)日：2015-11-12

申请号：US14801793

申请日：2015-07-16

Applicant: Alexandre Gerber ,  Zhuoqing Mao ,  Feng Qian ,  Subhabrata Sen ,  Oliver Spatscheck ,  Zhaoguang Wang

Inventor： Alexandre Gerber ,  Zhuoqing Mao ,  Feng Qian ,  Subhabrata Sen ,  Oliver Spatscheck ,  Zhaoguang Wang

IPC: H04W8/20 ,  H04L29/06 ,  H04L29/08

CPC classification number: H04W72/1252 ,  H04L65/80 ,  H04L67/1095 ,  H04L67/26 ,  H04W4/12 ,  H04W8/20 ,  H04W24/08 ,  H04W52/0238 ,  H04W52/0251 ,  Y02D30/40 ,  Y02D70/00 ,  Y02D70/1224 ,  Y02D70/1226 ,  Y02D70/1242 ,  Y02D70/1244 ,  Y02D70/1246 ,  Y02D70/1262 ,  Y02D70/1264 ,  Y02D70/142 ,  Y02D70/144 ,  Y02D70/146

Abstract: To facilitate increasing power and resource efficiency of a mobile device, in the mobile device, with regard to periodic or one-time data transfers, a communication management component can analyze information comprising data transfer parameter information, including jitter information, associated with each application of a subset of applications used by the device and can desirably schedule and/or bundle data transfers associated with the applications to reduce the number of separate data bursts to transfer that data to thereby reduce use of wireless resources and power consumption by the device. A push notification system can receive respective jitter information associated with each application from the mobile device, and the push notification system can desirably schedule and/or bundle push notifications to reduce the number of separate data bursts sent to the device to reduce use of wireless resources and power consumption by the device.

Abstract translation: 为了促进移动设备的功率和资源效率的提高，在移动设备中，关于周期性或一次性数据传输，通信管理组件可以分析包括与每个应用相关联的数据传输参数信息（包括抖动信息）的信息 该设备使用的应用的子集，并且可以期望地调度和/或捆绑与应用相关联的数据传输，以减少分离的数据突发的数量以传送该数据，从而减少无线资源的使用和该设备的功耗。 推送通知系统可以从移动设备接收与每个应用相关联的各自的抖动信息，并且推送通知系统可以期望地调度和/或捆绑推送通知以减少发送到设备的单独的数据突发的数量，以减少无线资源的使用 和设备的功耗。

公开(公告)号：US09003017B2

公开(公告)日：2015-04-07

申请号：US13172925

申请日：2011-06-30

Applicant: Alexandre Gerber ,  Zhuaqing Mao ,  Feng Qian ,  Subhabrata Sen ,  Oliver Spatscheck ,  Zhaoguang Wang

Inventor： Alexandre Gerber ,  Zhuaqing Mao ,  Feng Qian ,  Subhabrata Sen ,  Oliver Spatscheck ,  Zhaoguang Wang

IPC: G06F15/16 ,  G06F11/30

CPC classification number: G06F1/28 ,  G06F9/54 ,  G06F11/302 ,  G06F11/3062

Abstract: A rating is provided for a computing application. Traffic data, power data, and/or network signaling load data is collected for a computing application and compared with other similar data. A rating for the computing application is provided based on the comparison.

Abstract translation: 为计算应用程序提供了评级。 为计算应用收集交通数据，电力数据和/或网络信令负载数据，并与其他类似数据进行比较。 基于比较提供了计算应用的评级。

公开(公告)号：US08948043B2

公开(公告)日：2015-02-03

申请号：US12874702

申请日：2010-09-02

Applicant: Alexandre Gerber ,  Zhuoqing Mao ,  Feng Qian ,  Subhabrata Sen ,  Oliver Spatscheck ,  Zhaoguang Wang

Inventor： Alexandre Gerber ,  Zhuoqing Mao ,  Feng Qian ,  Subhabrata Sen ,  Oliver Spatscheck ,  Zhaoguang Wang

IPC: H04L12/26 ,  H04W76/04

CPC classification number: H04L43/04 ,  H04L43/106 ,  H04W76/27

Abstract: A method, computer readable medium and apparatus for normalizing cellular communications network data are disclosed. For example, the method collects a data packet from the cellular communications network, modifies a time stamp of the data packet in accordance with a promotion delay time from the time stamp of the data packet to create a normalized data packet and processes the normalized data packet to optimize state machine configurations.

Abstract translation: 公开了一种用于规范化蜂窝通信网络数据的方法，计算机可读介质和装置。 例如，该方法从蜂窝通信网络收集数据分组，根据数据分组的时间戳根据促销延迟时间修改数据分组的时间戳，以创建归一化数据分组，并处理归一化数据分组 以优化状态机配置。