公开(公告)号：US20240333747A1

公开(公告)日：2024-10-03

申请号：US18360676

申请日：2023-07-27

Applicant: Cisco Technology, Inc.

Inventor： Vincent Parla ,  Andrew Zawadowskiy ,  Blake Anderson ,  Hugo Mike Latapie ,  Oleg Bessonov ,  David Arthur McGrew ,  Michael Roytman ,  Tian Bu ,  William Michael Hudson, JR. ,  Nancy Cam-Winget

IPC: H04L9/40

CPC classification number: H04L63/1433 ,  H04L63/145

Abstract: In one aspect, a method includes creating a polymorphic variant of a sample of malware, analyzing the polymorphic variant of the sample of malware by a security management service to determine if the polymorphic variant of the sample of malware evades detection by the security management service, when the security management service fails to detect the polymorphic variant during the analysis of the polymorphic variant, detonating the polymorphic variant in a virtualized environment to identify characterizations of the polymorphic variant, and training the security management service to detect the polymorphic variant based on the characterizations.

公开(公告)号：US12047418B2

公开(公告)日：2024-07-23

申请号：US16697362

申请日：2019-11-27

Applicant: Cisco Technology, Inc.

Inventor： Nancy Cam-Winget ,  Jianxin Wang ,  Dieter Derek Weber ,  Saman Taghavi Zargar ,  Robert Frederick Albach

IPC: H04L9/40

CPC classification number: H04L63/20 ,  H04L63/108 ,  H04L63/166

Abstract: Presented herein is a system, device and method that involve creating a policy model and policy rule structure for a policy enforcement point to support policies adapt to rapid changing external conditions in addition to traditional policies that are static. The system facilitates the use of attributes that are either or both dynamically (at run-time) created and/or defined as ephemeral. A new policy attribute may be created dynamically (at run-time). The policy attribute may be mapped as being static or ephemeral. The methodology further involves facilitating evaluation of an attribute as an atomic or programmed set of functions.

公开(公告)号：US20240022945A1

公开(公告)日：2024-01-18

申请号：US18476737

申请日：2023-09-28

Applicant: Cisco Technology, Inc.

Inventor： Jerome Henry ,  Nancy Cam-Winget ,  Simone Arena ,  Darrin Joseph Miller ,  Sudhir Kumar Jain ,  Einar Nilsen-Nygaard

IPC: H04W28/02 ,  H04W8/24 ,  H04W28/086

CPC classification number: H04W28/0205 ,  H04W28/0215 ,  H04W8/245 ,  H04W28/086

Abstract: Embodiments identify a station that rotates an over the air station address. As address rotation was not originally designed into wireless networks, the rotation can introduce communication challenges for the station. The embodiments derive that traffic referencing two different over the air station addresses are associated with a single common station. This is accomplished by determining a similarity between properties of two sets of traffic. A first set of traffic references the first over the air station address and a second set of traffic references the second over the air station address. If the properties common across the two sets of traffic indicate sufficient similarity, the embodiments determine that both sets of traffic are associated with a single device. Network configuration of the device is then adjusted based on the determination.

公开(公告)号：US11570213B2

公开(公告)日：2023-01-31

申请号：US16788999

申请日：2020-02-12

Applicant: Cisco Technology, Inc.

Inventor： Jianxin Wang ,  Nancy Cam-Winget ,  Donovan O'Hara ,  Richard Lee Barnes, II

IPC: H04L9/40

Abstract: A non-transitory computer readable medium comprising instructions stored thereon, the instructions effective to cause at least one processor to: establish trustworthiness of an application installed on a endpoint, the established trustworthiness is sufficient for an enterprise security infrastructure to treat the application installed on the endpoint and the endpoint as a trusted application and a trusted endpoint; negotiate with the trusted endpoint to determine a traffic inspection method for traffic flows originating at the trusted application that is destined for a service, the traffic inspection method is determined based on at least the trusted application, and the service; and instruct the trusted application of the determined traffic inspection method.

公开(公告)号：US11178540B2

公开(公告)日：2021-11-16

申请号：US16223573

申请日：2018-12-18

Applicant: Cisco Technology, Inc.

Inventor： Abhishek Bhattacharyya ,  Nancy Cam-Winget ,  Jagdish Girimaji ,  Rahul Dasgupta ,  Damodharam Ammepalli

IPC: H04W12/08 ,  H04W12/00 ,  H04W76/10 ,  H04W24/10 ,  H04W64/00 ,  H04W84/18 ,  H04W12/043

Abstract: In accordance with one aspect, presented herein is a method to encrypt beacon device telemetry broadcast packets while respecting the low power and low processing requirements inherent to wireless beacon devices and various other challenges which such an encryption scheme brings. In accordance with another aspect, a methodology is provided through which the network can identify if an unauthorized connection is being established with a beacon device and thereby prevent potential beacon device tampering.

公开(公告)号：US20240373230A1

公开(公告)日：2024-11-07

申请号：US18775256

申请日：2024-07-17

Applicant: Cisco Technology, Inc.

Inventor： Jerome Henry ,  Nancy Cam-Winget ,  Robert E. Barton

IPC: H04W12/45 ,  H04L9/40 ,  H04W12/06

Abstract: To improve adaptation of network infrastructure to address rotations performed by wireless client device, embodiments provide for an exchange of a stable machine identifier (SMI) between a network access device and an authentication service. Some embodiments define a new SMI attribute that is included in a authentication service access-request and/or access-accept message. When a network access device obtains an SMI for a particular wireless client device, the network access device passes the SMI to the authentication service. Similarly, if an authentication service obtains a SMI value for a wireless client device, this information is provided to a network access device.

公开(公告)号：US20220417755A1

公开(公告)日：2022-12-29

申请号：US17355700

申请日：2021-06-23

Applicant: Cisco Technology, Inc.

Inventor： Jerome Henry ,  Nancy Cam-Winget ,  Robert E. Barton

IPC: H04W12/45 ,  H04W12/06 ,  H04L29/06

Abstract: To improve adaptation of network infrastructure to address rotations performed by wireless client device, embodiments provide for an exchange of a stable machine identifier (SMI) between a network access device and an authentication service. Some embodiments define a new SMI attribute that is included in a authentication service access-request and/or access-accept message. When a network access device obtains an SMI for a particular wireless client device, the network access device passes the SMI to the authentication service. Similarly, if an authentication service obtains a SMI value for a wireless client device, this information is provided to a network access device.

公开(公告)号：US11443230B2

公开(公告)日：2022-09-13

申请号：US16135756

申请日：2018-09-19

Applicant: Cisco Technology, Inc.

Inventor： Nancy Cam-Winget ,  Subharthi Paul ,  Blake Anderson ,  Saman Taghavi Zargar ,  Oleg Bessonov ,  Robert Frederick Albach ,  Sanjay Kumar Agarwal ,  Mark Steven Knellinger

IPC: G06N20/00 ,  H04L9/40 ,  G06N5/04 ,  G06N20/20 ,  G06K9/62 ,  G06N7/00 ,  G06N20/10 ,  H04L67/12 ,  H04L67/00

Abstract: A trained model may be deployed to an Internet-of-Things (IOT) operational environment in order to ingest features and detect events extracted from network traffic. The model may be received and converted into a meta-language representation which is interpretable by a data plane engine. The converted model can then be deployed to the data plane and may extract features from network communications over the data plane. The extracted features may be fed to the deployed model in order to generate event classifications or device state classifications.

公开(公告)号：US11411957B2

公开(公告)日：2022-08-09

申请号：US16895548

申请日：2020-06-08

Applicant: Cisco Technology, Inc.

Inventor： Jazib Frahim ,  Haseeb Sarwar Niazi ,  Hazim Hashim Dahir ,  Aamer Saeed Akhter ,  Nancy Cam-Winget ,  Aun Raza

IPC: H04L9/40

Abstract: In one embodiment, a gateway device receives, from a centralized broker device, a data-access policy for a given computer network, the data-access policy defining which of one or more accessing entities are granted access to specific elements of data within the given computer network. When the gateway device then receives, from a particular accessing entity, a request for one or more particular elements of data from within the given computer network, it may determine, based on the data-access policy, whether the particular accessing entity has been granted access to each of the one or more particular elements of data of the request. As such, the gateway device may prevent access for the particular accessing entity to any of the one or more particular elements of the data request to which the particular accessing entity has not been granted access.

公开(公告)号：US20210360465A1

公开(公告)日：2021-11-18

申请号：US17236659

申请日：2021-04-21

Applicant: Cisco Technology, Inc.

Inventor： Jerome Henry ,  Nancy Cam-Winget ,  Simone Arena ,  Darrin Joseph Miller ,  Sudhir Kumar Jain ,  Einar Nilsen-Nygaard

IPC: H04W28/02 ,  H04W8/24 ,  H04W28/08

Abstract: Embodiments identify a station that rotates an over the air station address. As address rotation was not originally designed into wireless networks, the rotation can introduce communication challenges for the station. The embodiments derive that traffic referencing two different over the air station addresses are associated with a single common station. This is accomplished by determining a similarity between properties of two sets of traffic. A first set of traffic references the first over the air station address and a second set of traffic references the second over the air station address. If the properties common across the two sets of traffic indicate sufficient similarity, the embodiments determine that both sets of traffic are associated with a single device. Network configuration of the device is then adjusted based on the determination.