知搜-全球专利检索

  1. Login
  2. Sign Up

Search Results

102 records (took 0.02 seconds)

    Attack mitigation using learning machines
    12.
    发明授权
    Attack mitigation using learning machines 有权
    攻击缓解使用学习机

    公开(公告)号:US09398035B2

    公开(公告)日:2016-07-19

    申请号:US14165424

    申请日:2014-01-27

    Applicant: Cisco Technology, Inc.

    Inventor: Jean-Philippe Vasseur Javier Cruz Mota Andrea Di Pietro Jonathan W. Hui

    IPC: H04L29/06 H04W12/12 G06N99/00

    CPC classification number: H04L63/1416 G06N99/005 H04K3/226 H04K2203/18 H04L63/1441 H04L63/1458 H04W12/12

    Abstract: In one embodiment, techniques are shown and described relating to attack mitigation using learning machines. A node may receive network traffic data for a computer network, and then predict a probability that one or more nodes are under attack based on the network traffic data. The node may then decide to mitigate a predicted attack by instructing nodes to forward network traffic on an alternative route without altering an existing routing topology of the computer network to reroute network communication around the one or more nodes under attack, and in response, the node may communicate an attack notification message to the one or more nodes under attack.

    Abstract translation: 在一个实施例中,与使用学习机器的攻击缓解有关的技术被示出和描述。 节点可以接收计算机网络的网络流量数据,然后基于网络流量数据预测一个或多个节点受到攻击的概率。 然后,节点可以通过指示节点在替代路由上转发网络流量而不改变计算机网络的现有路由拓扑以重新路由在被攻击的一个或多个节点周围的网络通信,并且响应于节点 可以将攻击通知消息传送给被攻击的一个或多个节点。

    STEALTH MITIGATION FOR SIMULATING THE SUCCESS OF AN ATTACK
    13.
    发明申请
    STEALTH MITIGATION FOR SIMULATING THE SUCCESS OF AN ATTACK 有权
    用于模拟攻击成功的防御措施

    公开(公告)号:US20160028764A1

    公开(公告)日:2016-01-28

    申请号:US14338653

    申请日:2014-07-23

    Applicant: Cisco Technology, Inc.

    Inventor: Jean-Philippe Vasseur Andrea Di Pietro Javier Cruz Mota

    IPC: H04L29/06

    CPC classification number: H04L63/1458 H04L63/1416 H04L2463/141

    Abstract: In one embodiment, attack traffic corresponding to a detected DoS attack from one or more attacker nodes is received at a denial of service (DoS) attack management node in a network. The DoS attack management node determines attack information relating to the attack traffic, including a type of the DoS attack and an intended target of the DoS attack. Then, the DoS attack management node triggers an attack mimicking action based on the attack information, where the attack mimicking action mimics a behavior of the intended target of the DoS attack that would be expected by the one or more attacker nodes if the DoS attack were successful.

    Abstract translation: 在一个实施例中,在网络中的拒绝服务(DoS)攻击管理节点处接收与来自一个或多个攻击者节点的检测到的DoS攻击相对应的攻击流量。 DoS攻击管理节点确定与攻击流量相关的攻击信息,包括DoS攻击的类型和DoS攻击的预期目标。 然后,DoS攻击管理节点基于攻击信息触发攻击模拟动作,其中攻击模拟动作模仿DoS攻击的预期目标的行为,如果DoS攻击是由一个或多个攻击者节点预期的 成功

    Dynamic Tuning of Attack Detector Performance
    14.
    发明申请
    Dynamic Tuning of Attack Detector Performance 有权
    攻击检测器性能的动态调整

    公开(公告)号:US20160021126A1

    公开(公告)日:2016-01-21

    申请号:US14336206

    申请日:2014-07-21

    Applicant: Cisco Technology, Inc.

    Inventor: Jean-Philippe Vasseur Andrea Di Pietro Javier Cruz Mota

    IPC: H04L29/06

    CPC classification number: H04L63/1416 H04L63/1458

    Abstract: In one embodiment, a device in a network receives information regarding one or more attack detection service level agreements. The device identifies a set of attack detection classifiers as potential voters in a voting mechanism used to detect a network attack. The device determines one or more parameters for the voting mechanism based on the information regarding the one or more attack detection service level agreements. The device adjusts the voting mechanism used by the potential voters based on the one or more parameters for the voting mechanism.

    Abstract translation: 在一个实施例中,网络中的设备接收关于一个或多个攻击检测服务级别协议的信息。 该设备将一组攻击检测分类器识别为用于检测网络攻击的投票机制中的潜在选民。 该设备基于关于一个或多个攻击检测服务级别协议的信息来确定投票机制的一个或多个参数。 该设备根据投票机制的一个或多个参数调整潜在投票者使用的投票机制。

    Anomaly detection in a computer network
    15.
    发明授权
    Anomaly detection in a computer network 有权
    计算机网络中异常检测

    公开(公告)号:US09160760B2

    公开(公告)日:2015-10-13

    申请号:US14164475

    申请日:2014-01-27

    Applicant: Cisco Technology, Inc.

    Inventor: Jean-Philippe Vasseur Javier Cruz Mota Andrea Di Pietro

    IPC: G06F17/18 H04L29/06

    CPC classification number: H04L63/1425 G06N3/02 G06N3/08 G06N3/084 G06N99/005 H04L41/16 H04L43/0876 H04L45/48 H04L47/127 H04L47/2466 H04L47/41

    Abstract: In one embodiment, a training request is sent to a plurality of nodes in a network to cause the nodes to generate statistics regarding unicast and broadcast message reception rates associated with the nodes. The statistics are received from the nodes and a statistical model is generated using the received statistics and is configured to detect a network attack by comparing unicast and broadcast message reception statistics. The statistical model is then provided to the nodes and an indication that a network attack was detected by a particular node is received from the particular node.

    Abstract translation: 在一个实施例中,训练请求被发送到网络中的多个节点,以使节点产生关于与节点相关联的单播和广播消息接收速率的统计。 从节点接收统计信息,并使用接收到的统计信息生成统计模型,并配置为通过比较单播和广播消息接收统计信息来检测网络攻击。 然后将统计模型提供给节点,并且从特定节点接收到特定节点检测到网络攻击的指示。

    USING LEARNING MACHINE-BASED PREDICTION IN MULTI-HOPPING NETWORKS
    16.
    发明申请
    USING LEARNING MACHINE-BASED PREDICTION IN MULTI-HOPPING NETWORKS 有权
    在多种网络中使用基于学习机器的预测

    公开(公告)号:US20150195216A1

    公开(公告)日:2015-07-09

    申请号:US14164507

    申请日:2014-01-27

    Applicant: Cisco Technology, Inc.

    Inventor: Andrea Di Pietro Jean-Philippe Vasseur Javier Cruz Mota

    IPC: H04L12/911 H04L12/24 H04W24/02 H04L29/08 H04W72/08 H04B1/7156

    CPC classification number: H04L41/5025 H04L41/12 H04L43/0852 H04L45/02 H04L45/70 H04L47/122 H04L47/365 H04W24/02 H04W24/04 Y04S40/164

    Abstract: In one embodiment, statistical information is collected relating to one or both of communication link quality or channel quality in a frequency-hopping network, in which packets are sent according to a frequency-hopping schedule that defines one or more timeslots, each timeslot corresponding to a transmission frequency. Also, a performance metric of a particular transmission frequency corresponding to a scheduled timeslot is predicted based on the collected statistical information. Based on the predicted performance metric, it is determined whether a transmitting node in the frequency-hopping network should transmit a packet during the scheduled timeslot using the particular transmission channel or wait until a subsequent timeslot to transmit the packet using another transmission frequency.

    Abstract translation: 在一个实施例中,收集关于跳频网络中的通信链路质量或信道质量中的一个或两个的统计信息,其中根据定义一个或多个时隙的跳频调度发送分组,每个时隙对应于 传输频率。 此外,基于收集的统计信息来预测对应于调度时隙的特定传输频率的性能度量。 基于预测的性能度量,确定跳频网络中的发送节点是否应该在调度时隙期间使用特定传输信道发送分组,或者等待直到后续时隙来使用另一个传输频率来发送分组。

    DISTRIBUTED LEARNING IN A COMPUTER NETWORK
    17.
    发明申请
    DISTRIBUTED LEARNING IN A COMPUTER NETWORK 有权
    计算机网络中的分布式学习

    公开(公告)号:US20150193694A1

    公开(公告)日:2015-07-09

    申请号:US14164446

    申请日:2014-01-27

    Applicant: Cisco Technology, Inc.

    Inventor: Jean-Philippe Vasseur Javier Cruz Mota Andrea Di Pietro

    IPC: G06N99/00 H04L12/26 G06N3/08 H04L29/06

    CPC classification number: G06N99/005 G06N3/0454 G06N3/08 G06N3/084 H04L41/142 H04L41/16 H04L43/10 H04L63/14 H04L63/1408 H04L63/1416

    Abstract: In one embodiment, a first data set is received by a network device that is indicative of the statuses of a plurality of network devices when a type of network attack is not present. A second data set is also received that is indicative of the statuses of the plurality of network devices when the type of network attack is present. At least one of the plurality simulates the type of network attack by operating as an attacking node. A machine learning model is trained using the first and second data set to identify the type of network attack. A real network attack is then identified using the trained machine learning model.

    Abstract translation: 在一个实施例中,当网络攻击的类型不存在时,第一数据集由网络设备接收,其指示多个网络设备的状态。 还接收当存在网络攻击的类型时指示多个网络设备的状态的第二数据集。 多个中的至少一个通过作为攻击节点操作来模拟网络攻击的类型。 使用第一和第二数据集来训练机器学习模型以识别网络攻击的类型。 然后使用训练有素的机器学习模型识别真实的网络攻击。

    DYNAMIC OFFLOADING OF CLOUD ISSUE GENERATION TO ON-PREMISE ARTIFICIAL INTELLIGENCE
    19.
    发明申请
    DYNAMIC OFFLOADING OF CLOUD ISSUE GENERATION TO ON-PREMISE ARTIFICIAL INTELLIGENCE 有权

    公开(公告)号:US20210306224A1

    公开(公告)日:2021-09-30

    申请号:US16831200

    申请日:2020-03-26

    Applicant: Cisco Technology, Inc.

    Inventor: Andrea Di Pietro Sukrit Dasgupta

    IPC: H04L12/24 G06N20/00 H04L29/08 H04L12/26

    Abstract: The present technology allows a hybrid approach to using artificial intelligence engines to perform issue generation, leveraging both on-premise and cloud components. In the technology, a cloud-based computing device receives data associated with a computing network of devices and uses machine-learning to create a model of the computing network. The cloud-based computing device communicates the model to a computing system located on-premise with the computing network and receives data related to the issues and insights created by the on-premise computing system. The cloud-based computing device determines if the on-premise computing system is producing issues and insights below a threshold quality. If yes, the cloud-based computing device updates the model based on updated data associated with the computing network and communicates the updated model to the on-premise computing system.

Patent Agency Ranking