公开(公告)号：US12155526B1

公开(公告)日：2024-11-26

申请号：US18196705

申请日：2023-05-12

Applicant: Cisco Technology, Inc.

Inventor： Sofia Karygianni ,  Andrea Di Pietro ,  Sukrit Dasgupta

IPC: G06F15/173 ,  H04L41/0681 ,  H04L41/22

Abstract: In one embodiment, a device determines a criticality of each of a plurality of endpoints in a network, based on network telemetry data regarding the network. The device translates a plurality of anomaly detection models available for deployment to the network and their metadata into a set of adjustable resources. The device generates an anomaly detection deployment strategy for the network by selecting a set of one or more of the plurality of anomaly detection models for deployment to one or more execution points in the network, based on the criticality of each of the plurality of endpoints and on the set of adjustable resources. The device causes the set to be deployed to the one or more execution points in the network, in accordance with the anomaly detection deployment strategy.

公开(公告)号：US11580449B2

公开(公告)日：2023-02-14

申请号：US16708816

申请日：2019-12-10

Applicant: Cisco Technology, Inc.

Inventor： Grégory Mermoud ,  Jean-Philippe Vasseur ,  Sukrit Dasgupta

IPC: G06N20/00 ,  H04L43/0852 ,  H04L41/16 ,  H04L41/142

Abstract: In one embodiment, techniques are shown and described relating to traffic-based inference of influence domains in a network by using learning machines. In particular, in one embodiment, a management device computes a time-based traffic matrix indicating traffic between pairs of transmitter and receiver nodes in a computer network, and also determines a time-based quality parameter for a particular node in the computer network. By correlating the time-based traffic matrix and time-based quality parameter for the particular node, the device may then determine an influence of particular traffic of the traffic matrix on the particular node.

公开(公告)号：US11038775B2

公开(公告)日：2021-06-15

申请号：US16100451

申请日：2018-08-10

Applicant: Cisco Technology, Inc.

Inventor： Santosh Ghanshyam Pandey ,  Jean-Philippe Vasseur ,  Sukrit Dasgupta

IPC: H04L12/24 ,  H04L12/26 ,  H04W24/06 ,  H04B17/318 ,  H04W84/12 ,  G06N20/00

Abstract: In one embodiment, a network assurance service that monitors a network detects a network anomaly in the network using a machine learning-based anomaly detector. The network assurance service identifies a set of network conditions associated with the detected network anomaly. The network assurance service initiates a network test on one or more clients in the network that exhibit the identified network conditions. The network assurance service retrains the machine learning-based anomaly detector based on a result of the network test.

公开(公告)号：US20200052981A1

公开(公告)日：2020-02-13

申请号：US16100451

申请日：2018-08-10

Applicant: Cisco Technology, Inc.

Inventor： Santosh Ghanshyam Pandey ,  Jean-Philippe Vasseur ,  Sukrit Dasgupta

IPC: H04L12/24 ,  H04L12/26 ,  H04B17/318 ,  H04W24/06

Abstract: In one embodiment, a network assurance service that monitors a network detects a network anomaly in the network using a machine learning-based anomaly detector. The network assurance service identifies a set of network conditions associated with the detected network anomaly. The network assurance service initiates a network test on one or more clients in the network that exhibit the identified network conditions. The network assurance service retrains the machine learning-based anomaly detector based on a result of the network test.

公开(公告)号：US10425294B2

公开(公告)日：2019-09-24

申请号：US14164444

申请日：2014-01-27

Applicant: Cisco Technology, Inc.

Inventor： Jean-Philippe Vasseur ,  Grégory Mermoud ,  Sukrit Dasgupta

IPC: G06N99/00 ,  H04L12/24 ,  H04L12/805 ,  H04L12/803 ,  H04L12/751 ,  H04L12/721 ,  H04W24/04 ,  G06N20/00 ,  G06N5/02 ,  G06N5/00

Abstract: In one embodiment, one or more reporting nodes are selected to report network metrics in a network. From a monitoring node in the network, a trigger message is sent to the one or more reporting nodes. The trigger message may trigger the one or more reporting nodes to report one or more network metrics local to the respective reporting node. In response to the trigger message, a report of the one or more network metrics is received at the monitoring node from one of the one or more reporting nodes.

公开(公告)号：US10218726B2

公开(公告)日：2019-02-26

申请号：US15180540

申请日：2016-06-13

Applicant: Cisco Technology, Inc.

Inventor： Jean-Philippe Vasseur ,  Grégory Mermoud ,  Pierre-André Savalle ,  Andrea Di Pietro ,  Sukrit Dasgupta

IPC: H04L29/06 ,  H04L12/24 ,  H04L29/08 ,  G06N99/00

Abstract: In one embodiment, a networking device in a network causes formation of device clusters of devices in the network. The devices in a particular cluster exhibit similar characteristics. The networking device receives feedback from a device identity service regarding the device clusters. The feedback is based in part on the device identity service probing the devices. The networking device adjusts the device clusters based on the feedback from the device identity service. The networking device performs anomaly detection in the network using the adjusted device clusters.

公开(公告)号：US10003511B2

公开(公告)日：2018-06-19

申请号：US15711521

申请日：2017-09-21

Applicant: Cisco Technology, Inc.

Inventor： Jean-Philippe Vasseur ,  Sukrit Dasgupta

IPC: H04J1/16 ,  H04L12/26 ,  H04L29/06 ,  H04L12/28

CPC classification number: H04L43/062 ,  H04L12/2854 ,  H04L41/0681 ,  H04L43/0852 ,  H04L43/12 ,  H04L43/16 ,  H04L63/00 ,  H04L63/1425

Abstract: In one embodiment, a network device routes traffic along a network path and receives a performance threshold crossing alert regarding performance of the network path. The network device detects that the performance threshold crossing alert is part of a potential network attack by analyzing, by the device, the performance threshold crossing alert. The network device also provides a notification of the detected network attack.

公开(公告)号：US10003473B2

公开(公告)日：2018-06-19

申请号：US15712906

申请日：2017-09-22

Applicant: Cisco Technology, Inc.

Inventor： Jean-Philippe Vasseur ,  Sukrit Dasgupta

IPC: H04L12/26 ,  H04L12/46 ,  H04L12/801

CPC classification number: H04L12/4641 ,  H04L43/062 ,  H04L43/0882 ,  H04L43/10 ,  H04L43/12 ,  H04L47/115 ,  H04L47/12 ,  H04L47/25

Abstract: In one embodiment, a time period is identified in which probe packets are to be sent along a path in a network based on predicted user traffic along the path. The probe packets are then sent during the identified time period along the path. Conditions of the network path are monitored during the time period. The rate at which the packets are sent during the time period is dynamically adjusted based on the monitored conditions. Results of the monitored conditions are collected, to determine an available bandwidth limit along the path.

公开(公告)号：US09906425B2

公开(公告)日：2018-02-27

申请号：US14591072

申请日：2015-01-07

Applicant: Cisco Technology, Inc.

Inventor： Sukrit Dasgupta ,  Jean-Philippe Vasseur ,  Grégory Mermoud

IPC: H04L12/28 ,  H04L12/26

CPC classification number: H04L43/0894 ,  H04L43/0805 ,  H04L43/0852 ,  H04L43/103 ,  H04L43/16

Abstract: In one embodiment, a device in a network receives data indicative of traffic characteristics of traffic associated with a particular application. The device identifies one or more paths in the network via which the traffic associated with the particular application was sent, based on the traffic characteristics. The device determines a probing schedule based on the traffic characteristics. The probing schedule simulates the traffic associated with the particular application. The device sends probes along the one or more identified paths according to the determined probing schedule.

公开(公告)号：US09813259B2

公开(公告)日：2017-11-07

申请号：US14276310

申请日：2014-05-13

Applicant: Cisco Technology, Inc.

Inventor： Jean-Philippe Vasseur ,  Sukrit Dasgupta

IPC: H04L12/26 ,  H04L12/46 ,  H04L12/825 ,  H04L12/801

CPC classification number: H04L12/4641 ,  H04L43/062 ,  H04L43/0882 ,  H04L43/10 ,  H04L43/12 ,  H04L47/115 ,  H04L47/12 ,  H04L47/25

Abstract: In one embodiment, a time period is identified in which probe packets are to be sent along a path in a network based on predicted user traffic along the path. The probe packets are then sent during the identified time period along the path. Conditions of the network path are monitored during the time period. The rate at which the packets are sent during the time period is dynamically adjusted based on the monitored conditions. Results of the monitored conditions are collected, to determine an available bandwidth limit along the path.