公开(公告)号：US12149548B2

公开(公告)日：2024-11-19

申请号：US17515014

申请日：2021-10-29

Applicant: Cisco Technology, Inc.

Inventor： Lele Zhang ,  Li Zhao ,  Chuanwei Li ,  Feiliang Wang

IPC: H04L9/40 ,  G06F18/214 ,  G06N20/00 ,  H04L45/00 ,  H04L45/02 ,  H04W12/121 ,  H04W12/00

Abstract: The present disclosure provides a hierarchical method of identifying unauthorized network traffic in a network by applying, at one of a first plurality of nodes of a network, a first level of network traffic analysis to identify received network traffic as one of authorized or suspicious network traffic, the one of the first plurality of nodes having a first path for traffic routing and a second path to one of a second plurality of nodes of the network, the second path being used for forwarding the suspicious network traffic to the one of the second plurality of nodes; tagging the received network traffic as the suspicious network traffic; and sending the suspicious network traffic to the one of the second plurality of nodes over the second path, the second network node applying a second level of network analysis to determine if the received network traffic is authorized, unauthorized or remains suspicious.

公开(公告)号：US11159409B2

公开(公告)日：2021-10-26

申请号：US16419124

申请日：2019-05-22

Applicant: Cisco Technology, Inc.

Inventor： Lele Zhang ,  Li Zhao ,  Chuanwei Li ,  Feiliang Wang

IPC: H04L12/26 ,  H04W84/18 ,  H04L12/751 ,  H04L12/24 ,  H04W4/06

Abstract: In one embodiment, a method comprises: determining, by a network device in a wireless data network, a past throughput of broadcast data packets transmitted at broadcast transmission intervals of a prescribed broadcast schedule over a selected measurement interval, the broadcast transmission intervals each adjacent to unicast transmission intervals allocated in the wireless data network, each of the broadcast transmission intervals in the prescribed broadcast schedule initially set at a prescribed duration; predicting, by the network device, a predicted throughput of a future broadcast transmission interval of the prescribed broadcast schedule, for transmission of at least a future broadcast data packet, based on executing a trendline prediction of the predicted throughput using the past throughput over the selected measurement interval; and adjusting the corresponding prescribed duration of the future broadcast transmission interval, relative to the corresponding adjacent unicast transmission interval following the future broadcast transmission interval, based on the predicted throughput.

公开(公告)号：US11677630B2

公开(公告)日：2023-06-13

申请号：US17246301

申请日：2021-04-30

Applicant: Cisco Technology, Inc.

Inventor： Lele Zhang ,  Li Zhao ,  Haibo Dong ,  Yihua Dai

IPC: H04L41/12 ,  H04L9/40

CPC classification number: H04L41/12 ,  H04L63/062 ,  H04L63/065 ,  H04L63/0892

Abstract: Techniques are described for managing devices using multiple virtual personal area networks (VPANs). A border router can receive a first request to join a network from a first device. The first device may be assigned to a first virtual personal area network (VPAN), which has an associated first group temporal key (GTK). The first GTK can be distributed to the first virtual device. The border router can also receive a second request to join a network from a second device. The second device may be assigned to a second VPAN, which has an associated second GTK. The second GTK can be distributed to the second virtual device.

公开(公告)号：US20210297342A1

公开(公告)日：2021-09-23

申请号：US16825171

申请日：2020-03-20

Applicant: Cisco Technology, Inc.

Inventor： Huimin She ,  Lele Zhang ,  Shiwei Gao ,  Xiaoguang Jason Chen ,  Chuanwei Li

IPC: H04L12/721 ,  H04L12/24 ,  H04L12/751

Abstract: Techniques for utilizing Software-Defined Field-Area Network (SD-FAN) controllers to receive a geographic location and transmission power of individual nodes and generate a geographic location topology of a Field-Area Network (FAN) to provide nodes with location-aware route paths for data transmission. One or more SD-FAN controller(s) may maintain a geographic location database to store the geographic location and transmission power of the individual nodes. Each node may utilize a Destination Address Object to advertise its geographic location and transmission power to the SD-FAN controller. The SD-FAN controller(s) may utilize the geographic location table to generate the geographic location topology of the FAN and determine a location-aware route path for optimized data transmission between nodes in the FAN.

公开(公告)号：US11050619B1

公开(公告)日：2021-06-29

申请号：US16782958

申请日：2020-02-05

Applicant: Cisco Technology, Inc.

Inventor： Li Zhao ,  Pascal Thubert ,  Huimin She ,  Lele Zhang

IPC: H04L12/24 ,  H04L29/12 ,  H04L12/753 ,  H04W84/18 ,  H04L29/08 ,  H04W8/00 ,  H04W4/70 ,  H04W4/80 ,  H04W4/38

Abstract: In one embodiment, a method comprises: detecting, by a root network device in a low power and lossy network (LLN) operating in a downward-routing mode, an outage among at least a substantial number of LLN devices in the LLN; initiating, by the root network device, a dynamic suspension of network operations in the LLN during the outage, including causing existing Internet Protocol (IP) addresses of all the LLN devices to be maintained during the outage, and causing all the LLN devices to limit transmissions to Power Outage Notification (PON) messages, Power Restoration Notification (PRN) messages, or minimal-bandwidth data packets, based on the root network device switching the LLN from the downward-routing mode to a collection-only mode; and selectively restoring, by the root network device, the LLN to the downward-routing mode in response to detecting PRN messages from at least substantially all the substantial number of LLN devices.

公开(公告)号：US10904778B1

公开(公告)日：2021-01-26

申请号：US16808887

申请日：2020-03-04

Applicant: Cisco Technology, Inc.

Inventor： Lele Zhang ,  Akram Ismail Sheriff ,  Chuanwei Li ,  Wenjia Wu

IPC: H04M11/04 ,  H04W24/04 ,  H04W4/12 ,  H04W40/22 ,  G06F1/30 ,  G06N20/00 ,  H04W8/00 ,  H04W40/24 ,  H04W84/18 ,  G06Q50/06

Abstract: Techniques and mechanisms for detecting and deducing of urgent messages in low-power and lossy networks (LLNs) using a correlation analysis of the nodes within a network and machine learning (ML) models. Utilizing these techniques, a field network director (FND) of the network can determine neighboring devices within the network. ML models may be utilized to determine that based upon receipt of a power outage notification (PON) message and/or a power restoration notification (PRN) message from nodes, neighboring nodes of the nodes may also have suffered a power outage and/or a subsequent power restoration, even if the FND did not receive a corresponding PON message and/or a corresponding PRN message from the neighboring nodes of the network. Thus, loss of power and subsequent power restoration may be handled for large numbers of neighboring nodes within the network, even when only a few PON messages and/or subsequent PRN messages are received.

公开(公告)号：US10856170B1

公开(公告)日：2020-12-01

申请号：US16438669

申请日：2019-06-12

Applicant: Cisco Technology, Inc.

Inventor： Yajun Xia ,  Chuanwei Li ,  Lele Zhang ,  Yinfang Wang

IPC: H04W28/02 ,  H04L29/08 ,  H04L29/06 ,  H04W12/06 ,  H04W84/18

Abstract: In one embodiment, a method comprises: forwarding, by a root network device in a low power and lossy network, an authentication message to a constrained child network device having attached to the root network device, the authentication message generated by an authenticator device and specifying a certificate associated with the authenticator device; receiving a second authentication message destined for a second constrained network device via the constrained child network device; removing, from the second authentication message, the certificate; and outputting, by the root network device, the modified second authentication message that does not include the certificate toward the second constrained network device via the constrained child network device, the modified second authentication message causing the constrained child network device to restore the second authentication message for delivery to the second constrained network device, based on insertion of the certificate back into the modified second authentication message.

公开(公告)号：US20230362654A1

公开(公告)日：2023-11-09

申请号：US18353772

申请日：2023-07-17

Applicant: Cisco Technology, Inc.

Inventor： Lele Zhang ,  Yajun Xia ,  Chuanwei Li ,  Li Zhao

IPC: H04W12/122 ,  H04W4/70 ,  G16Y30/10 ,  H04L9/40 ,  H04W24/08 ,  H04W64/00 ,  H04L43/0829 ,  H04L43/16

CPC classification number: H04W12/122 ,  H04W4/70 ,  G16Y30/10 ,  H04L63/1416 ,  H04W24/08 ,  H04W64/00 ,  H04L43/0829 ,  H04L43/16 ,  H04W84/18

Abstract: A method includes determining a number of drops of a plurality of messages sent to a first node of a plurality of nodes within a mesh network. Based at least in part on the number of drops of the plurality of messages exceeding a threshold number of drops for a time period, decrementing a first rating assigned to the first node to a second rating assigned to the first node. Based at least in part on the second rating being below a rating threshold, determining that the first node is a potentially malicious node. Based at least in part on a first distance to the first node being larger than a distance threshold, identifying that the first node is a malicious node. The method may further include ending communications with the first node.

公开(公告)号：US11811648B2

公开(公告)日：2023-11-07

申请号：US17903615

申请日：2022-09-06

Applicant: Cisco Technology, Inc.

Inventor： Li Zhao ,  Chuanwei Li ,  Lele Zhang ,  Haibo Dong ,  Akram Ismail Sheriff

IPC: H04L45/24 ,  H04L45/02 ,  H04L47/122 ,  H04W28/10 ,  H04W84/18

CPC classification number: H04L45/24 ,  H04L45/02 ,  H04L47/122 ,  H04W28/10 ,  H04W84/18

Abstract: Techniques for distributed sub-controller permission for control of data-traffic flow within software-defined networking (SDN) mesh networks to limit control plane traffic of the network are described herein. A technique described herein includes a network node of a data-traffic path of an SDN mesh network obtaining SDN sub-controller permission from a border controller of the SDN mesh network. Further, the technique includes suppression of data traffic from sibling and children nodes of data-traffic path allied nodes to the data-traffic path allied nodes. The data-traffic path allied nodes include network nodes that are part of the data-traffic path of the SDN mesh network. Further still, the technique includes the transmission of data across the data-traffic path.

公开(公告)号：US11706625B2

公开(公告)日：2023-07-18

申请号：US17011792

申请日：2020-09-03

Applicant: Cisco Technology, Inc.

Inventor： Lele Zhang ,  Yajun Xia ,  Chuanwei Li ,  Li Zhao

IPC: H04W12/122 ,  H04W4/70 ,  G16Y30/10 ,  H04L9/40 ,  H04W24/08 ,  H04W64/00 ,  H04L43/0829 ,  H04L43/16 ,  H04W84/18

CPC classification number: H04W12/122 ,  G16Y30/10 ,  H04L43/0829 ,  H04L43/16 ,  H04L63/1416 ,  H04W4/70 ,  H04W24/08 ,  H04W64/00 ,  H04L2463/143 ,  H04W84/18

Abstract: A method includes identifying a potentially malicious node using a rating assigned to nodes within the network and decrementing the rating based on detected dropped messages to identify a potentially malicious node. The malicious node is identified based on location information obtained from the nodes within the network and comparable distances from the potentially malicious node. The method further includes ending communications with the malicious node and selecting a new parent node based on a presumption that any of the plurality of nodes other than the malicious node are non-malicious.