中科微点-全球专利检索

  1. Login
  2. Sign Up

Search Results

58 records (took 0.028 seconds)

    Scalable traffic classifier and classifier training system
    1.
    发明授权
    Scalable traffic classifier and classifier training system 有权
    可扩展流量分类器和分类器训练系统

    公开(公告)号:US08311956B2

    公开(公告)日:2012-11-13

    申请号:US12539430

    申请日:2009-08-11

    Applicant: Subhabrata Sen Nicholas Duffield Patrick Haffner Jeffrey Erman Yu Jin

    Inventor: Subhabrata Sen Nicholas Duffield Patrick Haffner Jeffrey Erman Yu Jin

    IPC: G06F15/18

    CPC classification number: G06N99/005

    Abstract: A traffic classifier has a plurality of binary classifiers, each associated with one of a plurality of calibrators. Each calibrator trained to translate an output score of the associated binary classifier into an estimated class probability value using a fitted logistic curve, each estimated class probability value indicating a probability that the packet flow on which the output score is based belongs to the traffic class associated with the binary classifier associated with the calibrator. The classifier training system configured to generate a training data based on network information gained using flow and packet sampling methods. In some embodiments, the classifier training system configured to generate reduced training data sets, one for each traffic class, reducing the training data related to traffic not associated with the traffic class.

    Abstract translation: 流量分类器具有多个二进制分类器,每个二进制分类器与多个校准器之一相关联。 每个校准器被训练成使用拟合的逻辑曲线将相关联的二进制分类器的输出得分转换成估计的类概率值,每个估计的类概率值指示输出得分所基于的分组流的概率属于相关联的流量类别 与校准器相关联的二进制分类器。 分类器训练系统被配置为基于使用流和分组采样方法获得的网络信息生成训练数据。 在一些实施例中,分类器训练系统被配置为生成减少的训练数据集,每个业务类别一个,减少与业务类别不相关的业务相关的训练数据。

    METHOD AND APPARATUS FOR PROVIDING A MEASUREMENT OF PERFORMANCE FOR A NETWORK
    2.
    发明申请
    METHOD AND APPARATUS FOR PROVIDING A MEASUREMENT OF PERFORMANCE FOR A NETWORK 审中-公开
    提供网络性能测量的方法和装置

    公开(公告)号:US20120106377A1

    公开(公告)日:2012-05-03

    申请号:US13283194

    申请日:2011-10-27

    Applicant: Joel SOMMERS Nicholas DUFFIELD Paul BARFORD Amos RON

    Inventor: Joel SOMMERS Nicholas DUFFIELD Paul BARFORD Amos RON

    IPC: H04L12/26

    CPC classification number: H04L43/12 H04L43/0829 H04L43/0852

    Abstract: Performance for a network is measured by sending multi-objective probes on a path, receiving at least one of the multi-objective probes for the path, and determining performance measurements for at least two parameters of the path determined from the at least one of the multi-objective probes. Separate algorithms are simultaneously executed to measure the at least two parameters of the path determined from the at least one of the multi-objective probes.

    Abstract translation: 通过在路径上发送多目标探测器来测量网络的性能,接收用于路径的多目标探测器中的至少一个,以及确定从至少一个所述路径确定的路径的至少两个参数的性能测量, 多目标探针。 同时执行单独的算法来测量从至少一个多目标探测器确定的路径的至少两个参数。

    Variance-optimal sampling-based estimation of subset sums
    3.
    发明授权
    Variance-optimal sampling-based estimation of subset sums 失效
    基于方差最优采样的子集合估计

    公开(公告)号:US08005949B2

    公开(公告)日:2011-08-23

    申请号:US12325340

    申请日:2008-12-01

    Applicant: Nicholas Duffield Carsten Lund Mikkel Thorup Edith Cohen Haim Kaplan

    Inventor: Nicholas Duffield Carsten Lund Mikkel Thorup Edith Cohen Haim Kaplan

    IPC: G06F15/173

    CPC classification number: G06F17/18 H04L41/142 H04L43/024 H04L43/16

    Abstract: The present invention relates to a method of obtaining a generic sample of an input stream. The method is designated as VAROPTk. The method comprises receiving an input stream of items arriving one at a time, and maintaining a sample S of items i. The sample S has a capacity for at most k items i. The sample S is filled with k items i. An nth item i is received. It is determined whether the nth item i should be included in sample S. If the nth item i is included in sample S, then a previously included item i is dropped from sample S. The determination is made based on weights of items without distinguishing between previously included items i and the nth item i. The determination is implemented thereby updating weights of items i in sample S. The method is repeated until no more items are received.

    Abstract translation: 本发明涉及一种获得输入流的通用样本的方法。 该方法被指定为VAROPTk。 该方法包括一次接收一个物品的输入流,并且保持项目i的样本S. 样本S具有最多k个项目i的容量。 样本S填充有k个项目i。 收到第n项。 确定第n个项目i是否应该包含在样本S中。如果第n个项目i包括在样本S中,则先前包括的项目i从样本S中丢弃。根据项目的权重进行确定,而不区分 以前包括项目i和第n项目i。 由此实现确定,从而更新样本S中的项目i的权重。重复该方法,直到不再收到项目。

    Algorithms and estimators for summarization of unaggregated data streams
    6.
    发明授权
    Algorithms and estimators for summarization of unaggregated data streams 失效
    用于汇总未分类数据流的算法和估计

    公开(公告)号:US07764625B2

    公开(公告)日:2010-07-27

    申请号:US12136705

    申请日:2008-06-10

    Applicant: Nicholas Duffield Edith Cohen Haim Kaplan Carsten Lund Mikkel Thorup

    Inventor: Nicholas Duffield Edith Cohen Haim Kaplan Carsten Lund Mikkel Thorup

    IPC: H04L12/26

    CPC classification number: H04L47/10 H04L43/024 H04L43/026 H04L43/045 H04L47/22 H04L47/41 Y02D50/30

    Abstract: The invention relates to streaming algorithms useful for obtaining summaries over unaggregated packet streams and for providing unbiased estimators for characteristics, such as, the amount of traffic that belongs to a specified subpopulation of flows. Packets are sampled from a packet stream and aggregated into flows and counted by implementation of: (a) Adaptive Sampled NetFlow (ANF), and adjusted weight (AANF) of a flow (f) is calculated as follows: AANF(f)=i(f)/p′; i(f) being the number of packets counted for a flow f, and p′ being the sampling rate at end of a measurement period; or (b) Adaptive Sample-and-Hold (ASH), and adjusted weight (AASH) of a flow (f) is calculated as follows: AASH(f)=i(f)+(1−p′)/p′; i(f) being the number of packets counted for a flow f, and p′ being the sampling rate at end of a measurement period.

    Abstract translation: 本发明涉及用于在未分组的分组流上获得摘要的用于提供用于特征的无偏估计器的流式传输算法,例如属于指定的流量子群的业务量。 分组从分组流中采样并聚合成流,并通过实现计算:(a)自适应采样NetFlow(ANF)和流(f)的调整权重(AANF)计算如下:AANF(f)= i (f)/ p'; i(f)是流f计数的分组数,p'是测量周期结束时的采样率; 或(b)自适应采样保持(ASH)和流(f)的调整权重(AASH)如下计算:AASH(f)= i(f)+(1-p')/ p' ; i(f)是流f计数的分组数,p'是测量周期结束时的采样率。

    SYSTEM AND METHOD FOR INFERRING TRAFFIC LEGITIMACY THROUGH SELECTIVE IMPAIRMENT
    7.
    发明申请
    SYSTEM AND METHOD FOR INFERRING TRAFFIC LEGITIMACY THROUGH SELECTIVE IMPAIRMENT 有权
    通过选择性损害感染交通事故的系统和方法

    公开(公告)号:US20100088549A1

    公开(公告)日:2010-04-08

    申请号:US12632716

    申请日:2009-12-07

    Applicant: Nicholas Duffield Balachaner Krishnamurthy

    Inventor: Nicholas Duffield Balachaner Krishnamurthy

    IPC: G06F11/36 G06N5/02

    CPC classification number: H04L47/2475 G06Q10/063 H04L43/10 H04L43/50 H04L67/025

    Abstract: Described is a system and method for determining a classification of an application that includes initiating a stress test on the application, the stress test including a predetermined number of stress events, wherein the stress events are based on a network impairment. A response by the application to each stress event is identified and the application is classified as a function of the response into one of a first classification and a second classification, the first classification indicative of a normal application and the second classification indicative of an undesired application. If, the application is in the second classification, a network response procedure is executed.

    Abstract translation: 描述了一种用于确定应用程序分类的系统和方法,包括启动对应用程序的压力测试,压力测试包括预定数量的压力事件,其中应力事件基于网络损伤。 识别应用程序对每个压力事件的响应,将应用程序分类为响应于第一分类和第二分类之一的函数,第一分类指示正常应用,第二分类指示不期望的应用 。 如果应用程序处于第二分类中,则执行网络响应过程。

    Method and apparatus for large-scale automated distributed denial of service attack detection
    9.
    发明申请
    Method and apparatus for large-scale automated distributed denial of service attack detection 有权
    用于大规模自动分布式拒绝服务攻击检测的方法和装置

    公开(公告)号:US20070283436A1

    公开(公告)日:2007-12-06

    申请号:US11452623

    申请日:2006-06-14

    Applicant: Nicholas Duffield Jacobus Van Der Merwe Vyas Sekar Oliver Spatscheck

    Inventor: Nicholas Duffield Jacobus Van Der Merwe Vyas Sekar Oliver Spatscheck

    IPC: G06F12/14

    CPC classification number: H04L63/1425 H04L63/1458

    Abstract: A multi-staged framework for detecting and diagnosing Denial of Service attacks is disclosed in which a low-cost anomaly detection mechanism is first used to collect coarse data, such as may be obtained from Simple Network Management Protocol (SNMP) data flows. Such data is analyzed to detect volume anomalies that could possibly be indicative of a DDoS attack. If such an anomaly is suspected, incident reports are then generated and used to trigger the collection and analysis of fine grained data, such as that available in Netflow data flows. Both types of collection and analysis are illustratively conducted at edge routers within the service provider network that interface customers and customer networks to the service provider. Once records of the more detailed information have been retrieved, they are examined to determine whether the anomaly represents a distributed denial of service attack, at which point an alarm is generated.

    Abstract translation: 公开了一种用于检测和诊断拒绝服务攻击的多阶段框架,其中首先使用低成本异常检测机制来收集粗略数据,例如可以从简单网络管理协议(SNMP)数据流中获得。 分析这些数据以检测可能表示DDoS攻击的体积异常。 如果怀疑出现这种异常,则会生成事件报告,并用于触发对Netflow数据流中可用的细粒度数据的收集和分析。 这两种类型的收集和分析在服务提供商网络中的边缘路由器上进行说明性地进行,其将客户和客户网络接入服务提供商。 一旦检索到更详细信息的记录,就检查它们以确定异常是否表示分布式拒绝服务攻击,此时产生警报。

Patent Agency Ranking