-
公开(公告)号:US12008444B2
公开(公告)日:2024-06-11
申请号:US17225873
申请日:2021-04-08
IPC分类号: H04L29/06 , G06F18/214 , G06F18/23 , G06F18/23213 , G06F18/2413 , G06N20/00 , H04L9/40
CPC分类号: G06N20/00 , G06F18/214 , G06F18/23 , G06F18/23213 , G06F18/24137 , H04L63/0236 , H04L63/1416 , H04L63/1425 , H04L63/20
摘要: Examples include detection of unclassified traffic in a network. Some examples use an unsupervised machine learning mechanism for generating a first set of clusters of a first set of samples associated with a first set of time intervals, based at least in part on network traffic over a network, in a first predetermined period of time. Each sample associated with the respective time interval includes distribution of packets based on their packet lengths. In response to retrieving a second set of samples associated with a second set of time intervals, based at least in part on network traffic, a second set of clusters of the second set of samples is generated. It is determined whether one or more features of the second set of clusters vary as compared to one or more features of the first set of clusters of the first set of samples to detect unclassified traffic in the second set of samples.
-
公开(公告)号:US20230120510A1
公开(公告)日:2023-04-20
申请号:US17506663
申请日:2021-10-20
IPC分类号: H04L12/851 , H04L12/801
摘要: Systems and methods are provided for monitoring traffic flow using a trained machine learning (ML) model. For example, in order to maintain a stable level of connectivity and network experience for the devices in a network, the ML model can monitor the data flow of each device and label each data flow based on its behavior and properties. The system can take various actions based on the labeled data flow, including generate an alert, automatically change network settings, or otherwise adjust the data flow from the device.
-
公开(公告)号:US11184254B2
公开(公告)日:2021-11-23
申请号:US16358084
申请日:2019-03-19
摘要: A device may determine sample points associated with network routes within a network during a time interval, wherein each sample point that is associated with a respective network route comprises an amount of uptime for the respective network route during the time interval and a total frequency of state changes for the respective network route during the time interval. The device may generate, using an unsupervised machine learning mechanism, clusters of the sample points and may label the network routes with route stability labels based at least in part on the clusters. The device may generate, using a supervised machine learning mechanism, a route stability classifier based at least in part on the route stability labels for the network routes, and may determine, using the route stability classifier, a route stability of a new network route within the network.
-
公开(公告)号:US20210064600A1
公开(公告)日:2021-03-04
申请号:US16551354
申请日:2019-08-26
发明人: Krishna Mohan Elluru , Madhusoodhana Chari Sesha , Esteban Rodriguez Betancourt , Rangaprasad Sampath
摘要: One embodiment of the present invention provides a switch. The switch includes a storage device, a processing module, and a database module. The storage device can maintain a database storing configuration information for the switch. During operation, the processing module produces a piece of data associated with operations of the switch based on the configuration information. The database module then stores the piece of data in a database table of the database without caching the piece of data in a memory of the switch after the piece of data is stored in the database. In this way, the database module can reduce the memory occupancy of the processing module in comparison with the storage occupancy of a schema corresponding to the database table. Subsequently, the processing module can program a hardware module of the switch with the piece of data prior to receiving an acknowledgment from the database module.
-
公开(公告)号:US11755660B2
公开(公告)日:2023-09-12
申请号:US17544078
申请日:2021-12-07
IPC分类号: G06F16/906 , G06N20/00
CPC分类号: G06F16/906 , G06N20/00
摘要: An example method can include tracking, by a network device, a plurality of database operations performed and a plurality of expected database operations for an event that executes for a time period, generating, by the network device, a plurality of clusters based on a ratio of the database operations performed compared to the plurality of expected database operations and the time period for the event, classifying, by the network device, the clusters based on performance, and evaluating, by the network device, a system performance metric based on a classification of real time data into the clusters.
-
公开(公告)号:US20230162094A1
公开(公告)日:2023-05-25
申请号:US18158651
申请日:2023-01-24
CPC分类号: G06N20/00 , H04L67/535 , H04L2101/622
摘要: An example method can include tracking, by a network device, a plurality of attributes associated with a plurality of unique client device identifiers stored in a tracking table; deriving, by the network device, a training data set based on the plurality of attributes; and generating, by the network device, a plurality of clusters by inputting the derived training data set to an unsupervised machine learning mechanism. The example method can include receiving, by the network device, a labeling of the plurality of unique client device identifiers in the tracking table based at least on the plurality of clusters; generating, by the network device, a plurality of classifiers by inputting the labelled tracking table to a supervised machine learning mechanism; and classifying, by the network device, a new unique client device identifier in the tracking table based at least on the plurality of classifiers.
-
公开(公告)号:US20230130705A1
公开(公告)日:2023-04-27
申请号:US17512609
申请日:2021-10-27
IPC分类号: H04L29/06
摘要: Systems and methods are provided for implementing pattern detection as a first step for security improvements of a computer network. The pattern detection may utilize a machine learning (ML) model for predicting network tuple parameters. The ML model can be trained on labelled data flow information and deployed by a central server for preventing network-wide cyber-security challenges (e.g., including DNS flux, etc.). Networking devices (e.g. switches, etc.) can monitor the data flow traffic that it receives from the networking devices and classify network tuple parameters based on the flow behavior. The system can compare the output of the ML model (e.g., a classification of the data flow traffic, etc.) to an implicit label (e.g., the network tuple parameter included with the data flow traffic, etc.). When the classification matches a particular network tuple parameter, the system can generate an alert and/or otherwise identify potential network intrusions and other abnormalities.
-
公开(公告)号:US11586971B2
公开(公告)日:2023-02-21
申请号:US16039676
申请日:2018-07-19
IPC分类号: H04L67/50 , G06N20/00 , H04L101/622 , H04L67/52
摘要: An example method can include tracking, by a network device, a plurality of attributes associated with a plurality of unique client device identifiers stored in a tracking table; deriving, by the network device, a training data set based on the plurality of attributes; and generating, by the network device, a plurality of clusters by inputting the derived training data set to an unsupervised machine learning mechanism. The example method can include receiving, by the network device, a labeling of the plurality of unique client device identifiers in the tracking table based at least on the plurality of clusters; generating, by the network device, a plurality of classifiers by inputting the labelled tracking table to a supervised machine learning mechanism; and classifying, by the network device, a new unique client device identifier in the tracking table based at least on the plurality of classifiers.
-
公开(公告)号:US11153213B2
公开(公告)日:2021-10-19
申请号:US16866690
申请日:2020-05-05
IPC分类号: H04L12/803 , H04L12/851 , H04J3/06 , H04L12/727 , H04L12/707
摘要: Examples include generating a Precision Time Protocol (PTP) packet for a first nexthop in an Equal Cost Multi-Path set and sending the PTP packet to the first nexthop. Examples also include receiving a response from the first nexthop that identifies a time delay associated with a route to the first nexthop and updating the ECMP based on the time delay.
-
公开(公告)号:US12021755B2
公开(公告)日:2024-06-25
申请号:US17661088
申请日:2022-04-28
CPC分类号: H04L47/2441 , G06N5/022 , H04L41/16 , H04L43/16 , H04L47/805 , H04L63/0236 , H04L63/1425
摘要: Examples described herein relate to selectively forwarding traffic flows based on traffic flow classification. Examples include classifying a traffic flow into a first traffic class by a first machine learning (ML) model based on flow characteristics of the traffic flow. A second traffic class is determined based on a deviation between the flow characteristics of the traffic flow and average flow characteristics of each of the plurality of traffic classes. A quality metric for the first ML model is updated based on whether the first traffic class and the second traffic class match. The traffic flow is selectively forwarded based on the quality metric.
-
-
-
-
-
-
-
-
-
搜索结果
36 条记录 (耗时 0.021 秒)
