-
公开(公告)号:US20240028704A1
公开(公告)日:2024-01-25
申请号:US18375149
申请日:2023-09-29
Applicant: Cisco Technology, Inc.
Inventor: Akram Sheriff , Timothy David Keanini
CPC classification number: G06F21/52 , G06N20/00 , G06F21/566 , G06F2221/033
Abstract: Runtime security threats are detected and analyzed for serverless functions developed for hybrid clouds or other cloud-based deployment environments. One or more serverless functions may be received and executed within a container instance executing in a controlled and monitored environment. The execution of the serverless functions is monitored, using a monitoring layer in the controlled environment to capture runtime data including container application context statistics, serverless function input and output data, and runtime parameter snapshots of the serverless functions. Execution data associated with the serverless functions may be analyzed and provided to various supervised and/or unsupervised machine-learning models configured to detect and analyze runtime security threats.
-
公开(公告)号:US20190199753A1
公开(公告)日:2019-06-27
申请号:US15854879
申请日:2017-12-27
Applicant: Cisco Technology, Inc.
Inventor: Matthew Scott Robertson , David McGrew , Timothy David Keanini , Sunil Amin , Ellie Marie Daw
IPC: H04L29/06
Abstract: In one embodiment, a service receives captured traffic flow data regarding a traffic flow sent via a network between a first device assigned to a first network zone and a second device assigned to a second network zone. The service identifies, from the captured traffic flow data, one or more cryptographic parameters of the traffic flow. The service determines whether the one or more cryptographic parameters of the traffic flow satisfy an inter-zone policy associated with the first and second network zones. The service causes performance of a mitigation action in the network when the one or more cryptographic parameters of the traffic flow do not satisfy the inter-zone policy associated with the first and second network zones.
-
3.发明申请公开(公告)号:US20200019889A1
公开(公告)日:2020-01-16
申请号:US16031206
申请日:2018-07-10
Applicant: Cisco Technology, Inc.
Inventor: Timothy David Keanini , Jeffrey Markey , Jesse Craig-Goodell
Abstract: In one example embodiment, a server compares derived values of a plurality of machine learning features with specified values of the plurality of machine learning features according to an ontology that defines a relationship between the plurality of machine learning features and a corresponding higher-order behavior for the specified values of the plurality of machine learning features. When the derived values of the plurality of machine learning features match the specified values of the plurality of machine learning features, the server aggregates the weights of the plurality of machine learning features to produce an aggregated weight. The server assigns the aggregated weight to the higher-order behavior so as to indicate a significance of the higher-order behavior in producing the machine learning result.
-
公开(公告)号:US11809548B2
公开(公告)日:2023-11-07
申请号:US17077592
申请日:2020-10-22
Applicant: Cisco Technology, Inc.
Inventor: Akram Ismail Sheriff , Timothy David Keanini
CPC classification number: G06F21/52 , G06F21/566 , G06N20/00 , G06F2221/033
Abstract: Runtime security threats are detected and analyzed for serverless functions developed for hybrid clouds or other cloud-based deployment environments. One or more serverless functions may be received and executed within a container instance executing in a controlled and monitored environment. The execution of the serverless functions is monitored, using a monitoring layer in the controlled environment to capture runtime data including container application context statistics, serverless function input and output data, and runtime parameter snapshots of the serverless functions. Execution data associated with the serverless functions may be analyzed and provided to various supervised and/or unsupervised machine-learning models configured to detect and analyze runtime security threats.
-
5.发明授权公开(公告)号:US11157834B2
公开(公告)日:2021-10-26
申请号:US16031206
申请日:2018-07-10
Applicant: Cisco Technology, Inc.
Inventor: Timothy David Keanini , Jeffrey Markey , Jesse Craig-Goodell
Abstract: In one example embodiment, a server compares derived values of a plurality of machine learning features with specified values of the plurality of machine learning features according to an ontology that defines a relationship between the plurality of machine learning features and a corresponding higher-order behavior for the specified values of the plurality of machine learning features. When the derived values of the plurality of machine learning features match the specified values of the plurality of machine learning features, the server aggregates the weights of the plurality of machine learning features to produce an aggregated weight. The server assigns the aggregated weight to the higher-order behavior so as to indicate a significance of the higher-order behavior in producing the machine learning result.
-
Patent Agency Ranking
公开(公告)号:US12277210B2
公开(公告)日:2025-04-15
申请号:US18375149
申请日:2023-09-29
Applicant: Cisco Technology, Inc.
Inventor: Akram Sheriff , Timothy David Keanini
Abstract: Runtime security threats are detected and analyzed for serverless functions developed for hybrid clouds or other cloud-based deployment environments. One or more serverless functions may be received and executed within a container instance executing in a controlled and monitored environment. The execution of the serverless functions is monitored, using a monitoring layer in the controlled environment to capture runtime data including container application context statistics, serverless function input and output data, and runtime parameter snapshots of the serverless functions. Execution data associated with the serverless functions may be analyzed and provided to various supervised and/or unsupervised machine-learning models configured to detect and analyze runtime security threats.
-
公开(公告)号:US11888900B2
公开(公告)日:2024-01-30
申请号:US16857607
申请日:2020-04-24
Applicant: Cisco Technology, Inc.
Inventor: Matthew Scott Robertson , David McGrew , Timothy David Keanini , Sunil Amin , Ellie Marie Daw
CPC classification number: H04L63/20 , H04L9/088 , H04L9/0825 , H04L9/0844 , H04L9/3268 , H04L63/105 , H04L9/0643
Abstract: In one embodiment, a service receives captured traffic flow data regarding a traffic flow sent via a network between a first device assigned to a first network zone and a second device assigned to a second network zone. The service identifies, from the captured traffic flow data, one or more cryptographic parameters of the traffic flow. The service determines whether the one or more cryptographic parameters of the traffic flow satisfy an inter-zone policy associated with the first and second network zones. The service causes performance of a mitigation action in the network when the one or more cryptographic parameters of the traffic flow do not satisfy the inter-zone policy associated with the first and second network zones.
-
公开(公告)号:US20220129540A1
公开(公告)日:2022-04-28
申请号:US17077592
申请日:2020-10-22
Applicant: Cisco Technology, Inc.
Inventor: Akram Ismail Sheriff , Timothy David Keanini
Abstract: Runtime security threats are detected and analyzed for serverless functions developed for hybrid clouds or other cloud-based deployment environments. One or more serverless functions may be received and executed within a container instance executing in a controlled and monitored environment. The execution of the serverless functions is monitored, using a monitoring layer in the controlled environment to capture runtime data including container application context statistics, serverless function input and output data, and runtime parameter snapshots of the serverless functions. Execution data associated with the serverless functions may be analyzed and provided to various supervised and/or unsupervised machine-learning models configured to detect and analyze runtime security threats.
-
公开(公告)号:US20200252435A1
公开(公告)日:2020-08-06
申请号:US16857607
申请日:2020-04-24
Applicant: Cisco Technology, Inc.
Inventor: Matthew Scott Robertson , David McGrew , Timothy David Keanini , Sunil Amin , Ellie Marie Daw
Abstract: In one embodiment, a service receives captured traffic flow data regarding a traffic flow sent via a network between a first device assigned to a first network zone and a second device assigned to a second network zone. The service identifies, from the captured traffic flow data, one or more cryptographic parameters of the traffic flow. The service determines whether the one or more cryptographic parameters of the traffic flow satisfy an inter-zone policy associated with the first and second network zones. The service causes performance of a mitigation action in the network when the one or more cryptographic parameters of the traffic flow do not satisfy the inter-zone policy associated with the first and second network zones.
-
公开(公告)号:US10673901B2
公开(公告)日:2020-06-02
申请号:US15854879
申请日:2017-12-27
Applicant: Cisco Technology, Inc.
Inventor: Matthew Scott Robertson , David McGrew , Timothy David Keanini , Sunil Amin , Ellie Marie Daw
Abstract: In one embodiment, a service receives captured traffic flow data regarding a traffic flow sent via a network between a first device assigned to a first network zone and a second device assigned to a second network zone. The service identifies, from the captured traffic flow data, one or more cryptographic parameters of the traffic flow. The service determines whether the one or more cryptographic parameters of the traffic flow satisfy an inter-zone policy associated with the first and second network zones. The service causes performance of a mitigation action in the network when the one or more cryptographic parameters of the traffic flow do not satisfy the inter-zone policy associated with the first and second network zones.
-
-
-
-
-
-
-
-
-
Search Results
10
records
(took 0.019 seconds)
