-
公开(公告)号:US20190230046A1
公开(公告)日:2019-07-25
申请号:US16251394
申请日:2019-01-18
申请人: Ciena Corporation
发明人: Petar Djukic , Todd Morris , Emil Janulewicz , David Jordan Krauss , Kaniz Mahdi , Paul Littlewood
IPC分类号: H04L12/911 , H04L12/24 , H04L12/927 , G06N3/08 , G06F9/50
摘要: System and methods for autonomous resource partitioning in a network include a resource controller configured to provision resources which are any of virtual resources and physical resources in one or more layers in the network and monitor availability of the resources in the network; a resource manager configured to determine the any of virtual resources and physical resources as required for Quality of Service (QoS) in the network; a resource broker configured to advertise and assign resource requests to corresponding resources; and a partition manager configured to track the utilization of the resources provided by the one or more layers and to adjust resource usage of the resources in negotiation with the resource broker to minimize a cost of implementation.
-
公开(公告)号:US20220330027A1
公开(公告)日:2022-10-13
申请号:US17838735
申请日:2022-06-13
申请人: Ciena Corporation
发明人: Petar Djukic , David Jordan Krauss , James P'ford't Carnes, III , William Kaufmann , Balaji Subramaniam
IPC分类号: H04W12/128 , H04L9/40
摘要: Systems and methods for monitoring a network slice are provided. A method, according to one implementation, include extracting information from network traffic received from one or more User Plane Function (UPF) components of a network slice; examining the extracted information using Machine Learning (ML), and, in response to detecting of one or more malicious threats based on the examined extracted information by the ML, causing one or more actions to isolate the network traffic to protect at least the network slice from the one or more malicious threats.
-
公开(公告)号:US10581914B2
公开(公告)日:2020-03-03
申请号:US15173434
申请日:2016-06-03
申请人: Ciena Corporation
发明人: David Jordan Krauss , Loudon Blair
IPC分类号: H04L29/06
摘要: A method for mitigating network attacks includes receiving traffic status information from sentries distributed in a network, and analyzing the traffic status information to detect an attack on the network. In response to the attack, an isolated network slice is created. For the isolated network slice, a deceptive network resource is created in isolated network slice. The method further includes transmitting instructions to route malicious traffic to the deceptive network resource.
-
公开(公告)号:US20220294781A1
公开(公告)日:2022-09-15
申请号:US17197634
申请日:2021-03-10
申请人: Ciena Corporation
摘要: Systems, methods, and computer-readable media are provided for protecting a network from network discovery by an unknown or unauthenticated device. A network element, according to one implementation, is arranged in a communication network and includes an interface device configured to enable communication with an unknown network device. The network element also includes a memory system configured to store first and second sets of network information. The first set of network information includes fake information about the network and is configured to deceive the unknown network device before a procedure is performed for analyzing the authentication of the unknown network device. The second set of network information includes real information about the network. In some cases, the first set of network information may be provided to the unknown network device via the interface device before performing the procedure for analyzing the authentication of the unknown network device.
-
公开(公告)号:US20220200894A1
公开(公告)日:2022-06-23
申请号:US17126130
申请日:2020-12-18
申请人: Ciena Corporation
IPC分类号: H04L12/707 , H04L12/721 , H04L12/26
摘要: Systems and methods include receiving a request for a path in a network including a plurality of network elements interconnected to one another via links, wherein the request includes values for a plurality of criteria, wherein the plurality of criteria include one or more of trust, privacy, and secrecy; utilizing a multi-criteria path selection process to determine the path through the plurality of network elements over the links based on the plurality of criteria and the associated values; and providing a display of the determined path in a network map. The trust quantifies trustworthiness of each link in the network and the values of trust are any of a rating and a selection for inclusion or exclusion, the privacy quantifies a number of the links the network path is routed over for network obfuscation, and the secrecy quantifies a level of encryption utilized on the links.
-
公开(公告)号:US09838272B2
公开(公告)日:2017-12-05
申请号:US14684530
申请日:2015-04-13
申请人: Ciena Corporation
发明人: Petar Djukic , Todd Morris , David Jordan Krauss
CPC分类号: H04L41/5009 , H04L41/5051 , H04L41/5058 , H04L43/08
摘要: Systems and methods for service enhancement discovery in a Software Defined Networking (SDN) network include obtaining network measurements for one or more candidate services in the network; utilizing the network measurements to determine one or more service enhancements for the one or more candidate services; determining a cost and a benefit for each of the service enhancements for the one or more candidate services; and providing the service enhancements for the one or more candidate services based on associated cost and associated benefit of each of the service enhancements.
-
公开(公告)号:US11316755B2
公开(公告)日:2022-04-26
申请号:US15806416
申请日:2017-11-08
申请人: Ciena Corporation
发明人: Petar Djukic , Todd Morris , David Jordan Krauss
IPC分类号: H04L41/5009 , H04L41/50 , H04L41/5051 , H04L43/08
摘要: Systems and methods of service enhancement in a Software Defined Networking (SDN) network include performing an evaluation of one or more services in the SDN network for service enhancements; performing a scoring of the service enhancements of the one or more services; and causing implementation of at least one of the service enhancements in the SDN network. The evaluation can be based on temporarily implementing the service enhancements and measuring a benefit thereof. The evaluation can also be based on estimating the service enhancements based on historical measurements from the SDN network.
-
公开(公告)号:US11153229B2
公开(公告)日:2021-10-19
申请号:US16251394
申请日:2019-01-18
申请人: Ciena Corporation
发明人: Petar Djukic , Todd Morris , Emil Janulewicz , David Jordan Krauss , Kaniz Mahdi , Paul Littlewood
IPC分类号: H04L12/911 , H04L12/24 , G06N3/08 , G06F9/50 , H04L12/927 , H04L12/917
摘要: System and methods for autonomous resource partitioning in a network include a resource controller configured to provision resources which are any of virtual resources and physical resources in one or more layers in the network and monitor availability of the resources in the network; a resource manager configured to determine the any of virtual resources and physical resources as required for Quality of Service (QoS) in the network; a resource broker configured to advertise and assign resource requests to corresponding resources; and a partition manager configured to track the utilization of the resources provided by the one or more layers and to adjust resource usage of the resources in negotiation with the resource broker to minimize a cost of implementation.
-
公开(公告)号:US20200162511A1
公开(公告)日:2020-05-21
申请号:US16748967
申请日:2020-01-22
申请人: Ciena Corporation
发明人: David Jordan Krauss , Loudon Blair
IPC分类号: H04L29/06
摘要: Systems and methods for mitigating network attacks include, responsive to detection of malicious traffic in a network, causing creation of an isolated network slice in the network where the isolated network slice is a set of connection resources that are allocated to a flow of traffic and that spans a plurality of network devices in the network; and causing rerouting of the malicious traffic from a source node of the malicious traffic to a deceptive network resource along the isolated network slice.
-
-
-
-
-
-
-
-