-
公开(公告)号:US20240259422A1
公开(公告)日:2024-08-01
申请号:US18535021
申请日:2023-12-11
CPC分类号: H04L63/1458 , G06N20/00 , H04L63/1425 , H04L2463/144
摘要: In one embodiment, a device in a network receives an attack mitigation request regarding traffic in the network. The device causes an assessment of the traffic, in response to the attack mitigation request. The device determines that an attack detector associated with the attack mitigation request incorrectly assessed the traffic, based on the assessment of the traffic. The device causes an update to an attack detection model of the attack detector, in response to determining that the attack detector incorrectly assessed the traffic.
-
公开(公告)号:US11700275B2
公开(公告)日:2023-07-11
申请号:US17360910
申请日:2021-06-28
发明人: David McGrew , Andrew Zawadowskiy , Donovan O'Hara , Saravanan Radhakrishnan , Tomas Pevny , Daniel G. Wing
CPC分类号: H04L63/145 , H04L63/1408 , H04L63/166 , H04L69/16 , H04L2463/121
摘要: A method comprises receiving, at a network infrastructure device, a flow of packets, determining, using the network infrastructure device and for a first subset of the packets, that the first subset corresponds to a first datagram and determining a first length of the first datagram, determining, using the network infrastructure device and for a second subset of the packets, that the second subset corresponds to a second datagram that was received after the first datagram, and determining a second length of the second datagram, determining, using the network infrastructure device, a duration value between a first arrival time of the first datagram and a second arrival time of the second datagram, sending, to a collector device that is separate from the network infrastructure device, the first length, the second length, and the duration value for analysis.
-
公开(公告)号:US11611579B2
公开(公告)日:2023-03-21
申请号:US17715284
申请日:2022-04-07
IPC分类号: H04L9/40 , H04L61/4511
摘要: In one embodiment, a device in a network captures domain name system (DNS) response data from a DNS response sent by a DNS service to a client in the network. The device captures session data for an encrypted session of the client. The device makes a determination that the encrypted session is malicious by using the captured DNS response data and the captured session data as input to a machine learning-based or rule-based classifier. The device performs a mediation action in response to the determination that the encrypted session is malicious.
-
公开(公告)号:US20220038494A1
公开(公告)日:2022-02-03
申请号:US17395264
申请日:2021-08-05
摘要: In one embodiment, a device in a network receives an attack mitigation request regarding traffic in the network. The device causes an assessment of the traffic, in response to the attack mitigation request. The device determines that an attack detector associated with the attack mitigation request incorrectly assessed the traffic, based on the assessment of the traffic. The device causes an update to an attack detection model of the attack detector, in response to determining that the attack detector incorrectly assessed the traffic.
-
公开(公告)号:US11165819B2
公开(公告)日:2021-11-02
申请号:US16906302
申请日:2020-06-19
摘要: In one embodiment, a device in a network receives an attack mitigation request regarding traffic in the network. The device causes an assessment of the traffic, in response to the attack mitigation request. The device determines that an attack detector associated with the attack mitigation request incorrectly assessed the traffic, based on the assessment of the traffic. The device causes an update to an attack detection model of the attack detector, in response to determining that the attack detector incorrectly assessed the traffic.
-
公开(公告)号:US10257214B2
公开(公告)日:2019-04-09
申请号:US15191152
申请日:2016-06-23
发明人: David McGrew , Blake Harrell Anderson , K. Tirumaleswar Reddy , Prashanth Patil , Daniel G. Wing
IPC分类号: G06F17/00 , G06F12/14 , H04L9/32 , G06F11/30 , G06F7/00 , G06F15/18 , H04L29/06 , H04L12/833 , H04L12/851 , H04L12/46 , G06N99/00 , H04L12/24 , H04L12/26
摘要: In one embodiment, a device in a network receives traffic data regarding one or more traffic flows in the network. The device applies a machine learning classifier to the traffic data. The device determines a priority for the traffic data based in part on an output of the machine learning classifier. The output of the machine learning classifier comprises a probability of the traffic data belonging to a particular class. The device stores the traffic data for a period of time that is a function of the determined priority for the traffic data.
-
公开(公告)号:US10104704B2
公开(公告)日:2018-10-16
申请号:US14175079
申请日:2014-02-07
发明人: Shivangi Sharma , Daniel G. Wing , Parameswaran Kumarasamy , Parag Pritam Thakore , Anand Oswal , Vamsidhar Valluri
摘要: In one embodiment, a method for the prioritized transmission of messages includes monitoring a network link of a mobile device to determine performance characteristics of the network link, establishing a network association between the mobile device and a routing network node, receiving a connection request from an application that is directed to a connection between the mobile device and a destination server, determining a relative priority of the connection, mapping the connection to a stream of the network association that is associated with the relative priority of the connection and identifies the destination server, and transmitting messages for the stream to the routing network node interlaced with messages of other streams of the network association based on the performance characteristics of the network link and the relative priority associated with the stream in comparison to relative priorities associated with the other streams of the network association.
-
公开(公告)号:US10015208B2
公开(公告)日:2018-07-03
申请号:US14734164
申请日:2015-06-09
CPC分类号: H04L65/1069 , H04L63/0281 , H04L63/0471 , H04L63/166 , H04L67/141 , H04L67/28
摘要: A first service node receives a message configured to set up a secure communication session between a client and a server, in which the first service node acts as a proxy. Data packets in the secure communication session are subject to multiple service functions that require decryption of the data packets. A service function chain assigns a service node to each of the service functions. A service header is generated including metadata instructing the service nodes other than the first service node not to act as proxies in the secure communication session. The message and the service header are transmitted to a second service node in the service function chain.
-
公开(公告)号:US09866383B2
公开(公告)日:2018-01-09
申请号:US14925033
申请日:2015-10-28
CPC分类号: H04L9/3066 , H04L9/30 , H04L9/3213 , H04L9/3247 , H04L12/1822 , H04L63/06 , H04L63/068 , H04L63/126 , H04L65/403 , H04L65/608 , H04W12/04
摘要: In one embodiment, a device in a network establishes a trust relationship between the device and a key management service. The device receives keying information from the key management service based on the established trust relationship. The device applies a digital signature to media data for a conference using the keying information, whereby the device is designated as a speaker of the conference. The device provides the signed media data to one or more conference participant devices. The one or more conference participant devices use the signed media data to validate that the media data was signed by the designated speaker of the conference.
-
公开(公告)号:US20170331780A1
公开(公告)日:2017-11-16
申请号:US15152841
申请日:2016-05-12
IPC分类号: H04L29/12 , H04L29/08 , H04L12/851
CPC分类号: H04L47/2483 , H04L45/306 , H04L45/66 , H04L61/1511 , H04L61/6009 , H04L61/6013 , H04L67/02 , H04L69/16
摘要: An optimized approach to whitelisting includes, at a domain name service server, determining whether a first domain and a second domain resolve to a same Internet Protocol (IP) address, and in response to a request from a domain name service proxy as to whether the first domain resolves to an IP address shared by another domain, notifying the domain name service proxy that the first domain resolves to an IP address shared by another domain. The method further includes the domain name service proxy receiving from the domain name service server a response that indicates that the first domain resolves to an IP address shared by another domain, and storing, in memory, the IP address and an indication that the IP address is shared by another domain. A data flow associated with a shared IP address is subjected to further scrutiny even if the IP address is on a whitelist.
-
-
-
-
-
-
-
-
-
搜索结果
90 条记录 (耗时 0.026 秒)
