公开(公告)号：US12063228B2

公开(公告)日：2024-08-13

申请号：US17559164

申请日：2021-12-22

Applicant: Cisco Technology, Inc.

Inventor： Akram Ismail Sheriff ,  Rajiv Asati ,  Nagendra Kumar Nainar ,  Ariel Shuper ,  Hendrikus G. P. Bosch

IPC: H04L9/40 ,  H04L41/22

CPC classification number: H04L63/1416 ,  H04L41/22 ,  H04L63/1425 ,  H04L63/1466

Abstract: In one embodiment, a method comprises: receiving, by a process, an executed function flow of a daisy chained serverless function-as-a-service (FaaS) function, the executed function flow having been injected with a particular trace identifier in response to an initial event trigger and span identifiers having been injected by each service that was executed; generating, by the process, a serverless flow graph associated with the particular trace identifier based on linking a path of serverless functions according to correlation of the span identifiers between the serverless functions; performing, by the process, a trace-based analysis of the serverless flow graph through comparison to a baseline of expectation; detecting, by the process, one or more anomalies in the serverless flow graph according to the trace-based analysis; and mitigating, by the process, the one or more anomalies in the serverless flow graph.

公开(公告)号：US11809548B2

公开(公告)日：2023-11-07

申请号：US17077592

申请日：2020-10-22

Applicant: Cisco Technology, Inc.

Inventor： Akram Ismail Sheriff ,  Timothy David Keanini

IPC: G06F21/52 ,  G06N20/00 ,  G06F21/56

CPC classification number: G06F21/52 ,  G06F21/566 ,  G06N20/00 ,  G06F2221/033

Abstract: Runtime security threats are detected and analyzed for serverless functions developed for hybrid clouds or other cloud-based deployment environments. One or more serverless functions may be received and executed within a container instance executing in a controlled and monitored environment. The execution of the serverless functions is monitored, using a monitoring layer in the controlled environment to capture runtime data including container application context statistics, serverless function input and output data, and runtime parameter snapshots of the serverless functions. Execution data associated with the serverless functions may be analyzed and provided to various supervised and/or unsupervised machine-learning models configured to detect and analyze runtime security threats.

公开(公告)号：US20220254509A1

公开(公告)日：2022-08-11

申请号：US17169392

申请日：2021-02-05

Applicant: Cisco Technology, Inc.

Inventor： Akram Ismail Sheriff ,  Hazim Hashim Dahir ,  Thomas Szigeti

IPC: G16H50/80 ,  G16H40/67 ,  G16H10/60 ,  G16H15/00 ,  G06K19/07 ,  G06Q10/10 ,  G16H40/20 ,  G05B15/02 ,  F24F11/30 ,  H04W4/029 ,  H04W4/021 ,  G08B21/24

Abstract: This disclosure describes techniques for identifying and reporting a space or individual that has been exposed to an infectious disease. An example method includes identifying sensor data related to one or more individuals in a space; determining, based on the sensor data, that a particular individual among the one or more individuals is infected with an infectious disease; generating a report requesting that the space be disinfected; and outputting the report to a computing device.

公开(公告)号：US11362837B2

公开(公告)日：2022-06-14

申请号：US16685058

申请日：2019-11-15

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Huimin She ,  Patrick Wetterwald ,  Akram Ismail Sheriff ,  Eric Michel Levy-Abegnoli

IPC: H04L9/32 ,  H04L45/30

Abstract: In one embodiment, a method comprises: identifying, by a root network device of a directed acyclic graph (DAG) in a low power and lossy network, a child network device in the DAG, including identifying a first rank associated with the child network device; allocating, by the root network device, an allocated rank for the child network device, the allocated rank different from the first rank; and outputting, by the root network device, a message to the child network device specifying the allocated rank, the message causing the child network device to implement the allocated rank in the DAG, including causing the child network device to generate and output a Destination Oriented Directed Acyclic Graph (DODAG) information object (DIO) message specifying the child network device is using the allocated rank.

公开(公告)号：US10904805B1

公开(公告)日：2021-01-26

申请号：US16659630

申请日：2019-10-22

Applicant: Cisco Technology, Inc.

Inventor： Akram Ismail Sheriff ,  Xiaoguang Jason Chen ,  Jun Liu ,  Robert Edgar Barton ,  Jerome Henry

IPC: H04W24/02 ,  H04W36/00 ,  H04W36/32 ,  H04W36/38 ,  H04W4/40

Abstract: In one embodiment, a device in a wireless network receives telemetry data from a plurality of autonomous vehicles. The telemetry data is indicative of radio signal quality metrics experienced by the vehicles at a particular location over time. The device forms an array of wireless roaming thresholds by applying regression to the telemetry data. The device computes an optimum roaming threshold from the array of wireless roaming thresholds to be used by the vehicles when approaching the location. The device triggers, based on the computed optimum threshold, one or more of the autonomous vehicles to initiate access point roaming when approaching the particular location.

公开(公告)号：US10904778B1

公开(公告)日：2021-01-26

申请号：US16808887

申请日：2020-03-04

Applicant: Cisco Technology, Inc.

Inventor： Lele Zhang ,  Akram Ismail Sheriff ,  Chuanwei Li ,  Wenjia Wu

IPC: H04M11/04 ,  H04W24/04 ,  H04W4/12 ,  H04W40/22 ,  G06F1/30 ,  G06N20/00 ,  H04W8/00 ,  H04W40/24 ,  H04W84/18 ,  G06Q50/06

Abstract: Techniques and mechanisms for detecting and deducing of urgent messages in low-power and lossy networks (LLNs) using a correlation analysis of the nodes within a network and machine learning (ML) models. Utilizing these techniques, a field network director (FND) of the network can determine neighboring devices within the network. ML models may be utilized to determine that based upon receipt of a power outage notification (PON) message and/or a power restoration notification (PRN) message from nodes, neighboring nodes of the nodes may also have suffered a power outage and/or a subsequent power restoration, even if the FND did not receive a corresponding PON message and/or a corresponding PRN message from the neighboring nodes of the network. Thus, loss of power and subsequent power restoration may be handled for large numbers of neighboring nodes within the network, even when only a few PON messages and/or subsequent PRN messages are received.

公开(公告)号：US20250004914A1

公开(公告)日：2025-01-02

申请号：US18344079

申请日：2023-06-29

Applicant: Cisco Technology, Inc.

Inventor： Akram Ismail Sheriff ,  Rajiv Asati

IPC: G06F11/36 ,  H04L67/025

Abstract: A method is provided that includes injecting a trace agent within a side-car container on a first microservice that runs in a point-of-delivery (POD) on a compute device; when an API request is made from the first microservice to a second microservice the trace agent adds traceability metadata in a header within application data of the API request and within an application-layer protocol header of the API request. A mapping table is generated or updated, the mapping table including entries for identification information associated with the API request. When an API reply is received at the first microservice from the second microservice, the identification information in the mapping table is updated. The mapping table may be exported to a collector device that is configured to reconcile API communications between the first microservice and the second microservice using contents of the mapping table.

公开(公告)号：US20230208855A1

公开(公告)日：2023-06-29

申请号：US17559164

申请日：2021-12-22

Applicant: Cisco Technology, Inc.

Inventor： Akram Ismail Sheriff ,  Rajiv Asati ,  Nagendra Kumar Nainar ,  Ariel Shuper ,  Hendrikus G.P. Bosch

IPC: H04L9/40 ,  H04L41/22

CPC classification number: H04L63/1416 ,  H04L41/22 ,  H04L63/1425 ,  H04L63/1466

Abstract: In one embodiment, a method comprises: receiving, by a process, an executed function flow of a daisy chained serverless function-as-a-service (FaaS) function, the executed function flow having been injected with a particular trace identifier in response to an initial event trigger and span identifiers having been injected by each service that was executed; generating, by the process, a serverless flow graph associated with the particular trace identifier based on linking a path of serverless functions according to correlation of the span identifiers between the serverless functions; performing, by the process, a trace-based analysis of the serverless flow graph through comparison to a baseline of expectation; detecting, by the process, one or more anomalies in the serverless flow graph according to the trace-based analysis; and mitigating, by the process, the one or more anomalies in the serverless flow graph.

公开(公告)号：US11558927B2

公开(公告)日：2023-01-17

申请号：US16862738

申请日：2020-04-30

Applicant: Cisco Technology, Inc.

Inventor： Shankar Ramanathan ,  M. David Hanes ,  Muhilan Natarajan ,  Gonzalo Salgueiro ,  Robert Edgar Barton ,  Jerome Henry ,  Akram Ismail Sheriff

IPC: H04W84/02 ,  H04B17/318 ,  G06N20/00 ,  G01S15/89 ,  G06K9/62 ,  H04B7/06 ,  H04W88/06 ,  H04W88/08

Abstract: In one embodiment, a supervisory service for a wireless network obtains frequency-time Doppler profile information for an endpoint node attached to a first access point in the wireless network. The supervisory service uses the frequency-time Doppler profile information for the endpoint node as input to a machine learning model. The machine learning model is trained to output an action for the endpoint node with respect to the wireless network. The supervisory service causes the action for the endpoint node with respect to the wireless network to be performed.

公开(公告)号：US20220294806A1

公开(公告)日：2022-09-15

申请号：US17832159

申请日：2022-06-03

Applicant: Cisco Technology, Inc.

Inventor： Nagendra Kumar Nainar ,  Carlos M. Pignataro ,  Akram Ismail Sheriff

IPC: H04L9/40 ,  H04L9/32 ,  H04L45/00

Abstract: Techniques and mechanisms for providing integrity verified paths using only integrity validated pods of nodes. A network service mesh (NSM) associated with a first pod may locally generate a nonce and provide the nonce to the first pod, where the request includes a request for an attestation token. Using the nonce, the first pod may generate the attestation token and reply back to the NSM. The NSM may generate a second request for an attestation token and forward it to a NSE pod, where the request includes a second locally generated nonce generated by the NSM. The NSE pod may generate the second attestation token using the second nonce and reply back to the NSM. The NSM may then have the attestation tokens verified or validated by a certificate authority (CA) server. The NSM may thus instantiate an integrity verified path between the first pod and the NSE pod.