专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08311956B2 Scalable traffic classifier and classifier training system 有权
标题翻译：可扩展流量分类器和分类器训练系统
公开(公告)号：US08311956B2
公开(公告)日：2012-11-13
申请号：US12539430
申请日：2009-08-11
申请人： Subhabrata Sen , Nicholas Duffield , Patrick Haffner , Jeffrey Erman , Yu Jin
发明人： Subhabrata Sen , Nicholas Duffield , Patrick Haffner , Jeffrey Erman , Yu Jin
IPC分类号： G06F15/18
CPC分类号： G06N99/005
摘要： A traffic classifier has a plurality of binary classifiers, each associated with one of a plurality of calibrators. Each calibrator trained to translate an output score of the associated binary classifier into an estimated class probability value using a fitted logistic curve, each estimated class probability value indicating a probability that the packet flow on which the output score is based belongs to the traffic class associated with the binary classifier associated with the calibrator. The classifier training system configured to generate a training data based on network information gained using flow and packet sampling methods. In some embodiments, the classifier training system configured to generate reduced training data sets, one for each traffic class, reducing the training data related to traffic not associated with the traffic class.
摘要翻译：流量分类器具有多个二进制分类器，每个二进制分类器与多个校准器之一相关联。每个校准器被训练成使用拟合的逻辑曲线将相关联的二进制分类器的输出得分转换成估计的类概率值，每个估计的类概率值指示输出得分所基于的分组流的概率属于相关联的流量类别与校准器相关联的二进制分类器。分类器训练系统被配置为基于使用流和分组采样方法获得的网络信息生成训练数据。在一些实施例中，分类器训练系统被配置为生成减少的训练数据集，每个业务类别一个，减少与业务类别不相关的业务相关的训练数据。

2. 发明申请

US20120106377A1 METHOD AND APPARATUS FOR PROVIDING A MEASUREMENT OF PERFORMANCE FOR A NETWORK 审中-公开
标题翻译：提供网络性能测量的方法和装置
公开(公告)号：US20120106377A1
公开(公告)日：2012-05-03
申请号：US13283194
申请日：2011-10-27
申请人： Joel SOMMERS , Nicholas DUFFIELD , Paul BARFORD , Amos RON
发明人： Joel SOMMERS , Nicholas DUFFIELD , Paul BARFORD , Amos RON
IPC分类号： H04L12/26
CPC分类号： H04L43/12 , H04L43/0829 , H04L43/0852
摘要： Performance for a network is measured by sending multi-objective probes on a path, receiving at least one of the multi-objective probes for the path, and determining performance measurements for at least two parameters of the path determined from the at least one of the multi-objective probes. Separate algorithms are simultaneously executed to measure the at least two parameters of the path determined from the at least one of the multi-objective probes.
摘要翻译：通过在路径上发送多目标探测器来测量网络的性能，接收用于路径的多目标探测器中的至少一个，以及确定从至少一个所述路径确定的路径的至少两个参数的性能测量，多目标探针。同时执行单独的算法来测量从至少一个多目标探测器确定的路径的至少两个参数。

3. 发明授权

US08005949B2 Variance-optimal sampling-based estimation of subset sums 失效
标题翻译：基于方差最优采样的子集合估计
公开(公告)号：US08005949B2
公开(公告)日：2011-08-23
申请号：US12325340
申请日：2008-12-01
申请人： Nicholas Duffield , Carsten Lund , Mikkel Thorup , Edith Cohen , Haim Kaplan
发明人： Nicholas Duffield , Carsten Lund , Mikkel Thorup , Edith Cohen , Haim Kaplan
IPC分类号： G06F15/173
CPC分类号： G06F17/18 , H04L41/142 , H04L43/024 , H04L43/16
摘要： The present invention relates to a method of obtaining a generic sample of an input stream. The method is designated as VAROPTk. The method comprises receiving an input stream of items arriving one at a time, and maintaining a sample S of items i. The sample S has a capacity for at most k items i. The sample S is filled with k items i. An nth item i is received. It is determined whether the nth item i should be included in sample S. If the nth item i is included in sample S, then a previously included item i is dropped from sample S. The determination is made based on weights of items without distinguishing between previously included items i and the nth item i. The determination is implemented thereby updating weights of items i in sample S. The method is repeated until no more items are received.
摘要翻译：本发明涉及一种获得输入流的通用样本的方法。该方法被指定为VAROPTk。该方法包括一次接收一个物品的输入流，并且保持项目i的样本S. 样本S具有最多k个项目i的容量。样本S填充有k个项目i。收到第n项。确定第n个项目i是否应该包含在样本S中。如果第n个项目i包括在样本S中，则先前包括的项目i从样本S中丢弃。根据项目的权重进行确定，而不区分以前包括项目i和第n项目i。由此实现确定，从而更新样本S中的项目i的权重。重复该方法，直到不再收到项目。

4. 发明申请

US20110122792A1 METHODS AND APPARATUS FOR DETECTION OF HIERARCHICAL HEAVY HITTERS 失效
标题翻译：用于检测分层重型HITTERS的方法和装置
公开(公告)号：US20110122792A1
公开(公告)日：2011-05-26
申请号：US13019240
申请日：2011-02-01
申请人： NICHOLAS DUFFIELD , Carsten Lund , Subhabrata Sen , Yin Zhang , Sumeet Singh
发明人： NICHOLAS DUFFIELD , Carsten Lund , Subhabrata Sen , Yin Zhang , Sumeet Singh
IPC分类号： G06F11/30
CPC分类号： H04L63/1425 , H04L29/12801 , H04L61/6004 , H04L63/1441 , H04L63/1458 , Y10S707/99945 , Y10S707/99948
摘要： An efficient streaming method and apparatus for detecting hierarchical heavy hitters from massive data streams is disclosed. In one embodiment, the method enables near real time detection of anomaly behavior in networks.
摘要翻译：公开了一种用于从海量数据流检测分层重击打者的有效的流传输方法和装置。在一个实施例中，该方法能够近似实时地检测网络中的异常行为。

5. 发明授权

US07852785B2 Sampling and analyzing packets in a network 有权
标题翻译：对网络中的数据包进行采样和分析
公开(公告)号：US07852785B2
公开(公告)日：2010-12-14
申请号：US12119939
申请日：2008-05-13
申请人： Carsten Lund , Edith Cohen , Nicholas Duffield , Alexandre Gerber , Adam Hersh , Oliver Spatscheck , Mikkel Thorup , Frederick True
发明人： Carsten Lund , Edith Cohen , Nicholas Duffield , Alexandre Gerber , Adam Hersh , Oliver Spatscheck , Mikkel Thorup , Frederick True
IPC分类号： G01R31/08
CPC分类号： H04L43/026 , H04L43/022
摘要： The preferred embodiments of the present invention can include sampling packets transmitted over a network based on the content of the packets. If a packet is sampled, the sampling unit can add one or more fields to the sampled packet that can include a field for a number of bytes contained in the packet, a packet count, a flow count, a sampling type, and the like. The sampled packets can be analyzed to discern desired information from the packets. The additional fields that are added to the sampled packets can be used during the analysis.
摘要翻译：本发明的优选实施例可以包括基于分组的内容对通过网络传输的分组进行抽样。如果分组被采样，则采样单元可以将一个或多个字段添加到采样分组，该分组可以包括分组中包含的多个字节的字段，分组计数，流量计数，采样类型等。可以分析采样的分组以从分组中辨别所需的信息。在分析过程中可以使用添加到采样数据包的附加字段。

6. 发明授权

US07764625B2 Algorithms and estimators for summarization of unaggregated data streams 失效
标题翻译：用于汇总未分类数据流的算法和估计
公开(公告)号：US07764625B2
公开(公告)日：2010-07-27
申请号：US12136705
申请日：2008-06-10
申请人： Nicholas Duffield , Edith Cohen , Haim Kaplan , Carsten Lund , Mikkel Thorup
发明人： Nicholas Duffield , Edith Cohen , Haim Kaplan , Carsten Lund , Mikkel Thorup
IPC分类号： H04L12/26
CPC分类号： H04L47/10 , H04L43/024 , H04L43/026 , H04L43/045 , H04L47/22 , H04L47/41 , Y02D50/30
摘要： The invention relates to streaming algorithms useful for obtaining summaries over unaggregated packet streams and for providing unbiased estimators for characteristics, such as, the amount of traffic that belongs to a specified subpopulation of flows. Packets are sampled from a packet stream and aggregated into flows and counted by implementation of: (a) Adaptive Sampled NetFlow (ANF), and adjusted weight (AANF) of a flow (f) is calculated as follows: AANF(f)=i(f)/p′; i(f) being the number of packets counted for a flow f, and p′ being the sampling rate at end of a measurement period; or (b) Adaptive Sample-and-Hold (ASH), and adjusted weight (AASH) of a flow (f) is calculated as follows: AASH(f)=i(f)+(1−p′)/p′; i(f) being the number of packets counted for a flow f, and p′ being the sampling rate at end of a measurement period.
摘要翻译：本发明涉及用于在未分组的分组流上获得摘要的用于提供用于特征的无偏估计器的流式传输算法，例如属于指定的流量子群的业务量。分组从分组流中采样并聚合成流，并通过实现计算：（a）自适应采样NetFlow（ANF）和流（f）的调整权重（AANF）计算如下：AANF（f）= i （f）/ p'; i（f）是流f计数的分组数，p'是测量周期结束时的采样率; 或（b）自适应采样保持（ASH）和流（f）的调整权重（AASH）如下计算：AASH（f）= i（f）+（1-p'）/ p' ; i（f）是流f计数的分组数，p'是测量周期结束时的采样率。

7. 发明申请

US20100088549A1 SYSTEM AND METHOD FOR INFERRING TRAFFIC LEGITIMACY THROUGH SELECTIVE IMPAIRMENT 有权
标题翻译：通过选择性损害感染交通事故的系统和方法
公开(公告)号：US20100088549A1
公开(公告)日：2010-04-08
申请号：US12632716
申请日：2009-12-07
申请人： Nicholas Duffield , Balachaner Krishnamurthy
发明人： Nicholas Duffield , Balachaner Krishnamurthy
IPC分类号： G06F11/36 , G06N5/02
CPC分类号： H04L47/2475 , G06Q10/063 , H04L43/10 , H04L43/50 , H04L67/025
摘要： Described is a system and method for determining a classification of an application that includes initiating a stress test on the application, the stress test including a predetermined number of stress events, wherein the stress events are based on a network impairment. A response by the application to each stress event is identified and the application is classified as a function of the response into one of a first classification and a second classification, the first classification indicative of a normal application and the second classification indicative of an undesired application. If, the application is in the second classification, a network response procedure is executed.
摘要翻译：描述了一种用于确定应用程序分类的系统和方法，包括启动对应用程序的压力测试，压力测试包括预定数量的压力事件，其中应力事件基于网络损伤。识别应用程序对每个压力事件的响应，将应用程序分类为响应于第一分类和第二分类之一的函数，第一分类指示正常应用，第二分类指示不期望的应用。如果应用程序处于第二分类中，则执行网络响应过程。

8. 发明申请

US20090016234A1 METHODS AND APPARATUS FOR DETECTION OF HIERARCHICAL HEAVY HITTERS 有权
标题翻译：用于检测分层重型HITTERS的方法和装置
公开(公告)号：US20090016234A1
公开(公告)日：2009-01-15
申请号：US12236369
申请日：2008-09-23
申请人： Nicholas Duffield , Carsten Lund , Subhabrata Sen , Yin Zhang , Sumeet Singh
发明人： Nicholas Duffield , Carsten Lund , Subhabrata Sen , Yin Zhang , Sumeet Singh
IPC分类号： G06F11/30
CPC分类号： H04L63/1425 , H04L29/12801 , H04L61/6004 , H04L63/1441 , H04L63/1458 , Y10S707/99945 , Y10S707/99948
摘要： An efficient streaming method and apparatus for detecting hierarchical heavy hitters from massive data streams is disclosed. In one embodiment, the method enables near real time detection of anomaly behavior in networks.
摘要翻译：公开了一种用于从海量数据流检测分层重击打者的有效的流传输方法和装置。在一个实施例中，该方法能够近似实时地检测网络中的异常行为。

9. 发明申请

US20070283436A1 Method and apparatus for large-scale automated distributed denial of service attack detection 有权
标题翻译：用于大规模自动分布式拒绝服务攻击检测的方法和装置
公开(公告)号：US20070283436A1
公开(公告)日：2007-12-06
申请号：US11452623
申请日：2006-06-14
申请人： Nicholas Duffield , Jacobus Van Der Merwe , Vyas Sekar , Oliver Spatscheck
发明人： Nicholas Duffield , Jacobus Van Der Merwe , Vyas Sekar , Oliver Spatscheck
IPC分类号： G06F12/14
CPC分类号： H04L63/1425 , H04L63/1458
摘要： A multi-staged framework for detecting and diagnosing Denial of Service attacks is disclosed in which a low-cost anomaly detection mechanism is first used to collect coarse data, such as may be obtained from Simple Network Management Protocol (SNMP) data flows. Such data is analyzed to detect volume anomalies that could possibly be indicative of a DDoS attack. If such an anomaly is suspected, incident reports are then generated and used to trigger the collection and analysis of fine grained data, such as that available in Netflow data flows. Both types of collection and analysis are illustratively conducted at edge routers within the service provider network that interface customers and customer networks to the service provider. Once records of the more detailed information have been retrieved, they are examined to determine whether the anomaly represents a distributed denial of service attack, at which point an alarm is generated.
摘要翻译：公开了一种用于检测和诊断拒绝服务攻击的多阶段框架，其中首先使用低成本异常检测机制来收集粗略数据，例如可以从简单网络管理协议（SNMP）数据流中获得。分析这些数据以检测可能表示DDoS攻击的体积异常。如果怀疑出现这种异常，则会生成事件报告，并用于触发对Netflow数据流中可用的细粒度数据的收集和分析。这两种类型的收集和分析在服务提供商网络中的边缘路由器上进行说明性地进行，其将客户和客户网络接入服务提供商。一旦检索到更详细信息的记录，就检查它们以确定异常是否表示分布式拒绝服务攻击，此时产生警报。

10. 发明申请

US20060291473A1 Systems, methods, and devices for monitoring networks 有权
标题翻译：用于监控网络的系统，方法和设备
公开(公告)号：US20060291473A1
公开(公告)日：2006-12-28
申请号：US11237553
申请日：2005-09-28
申请人： Christopher Chase , Nicholas Duffield , Albert Greenberg , Oliver Spatscheck , Jacobus Van der Merwe
发明人： Christopher Chase , Nicholas Duffield , Albert Greenberg , Oliver Spatscheck , Jacobus Van der Merwe
IPC分类号： H04L12/28
CPC分类号： H04L43/08 , H04L41/06 , H04L41/0631 , H04L41/0681 , H04L43/0876 , H04L43/12 , H04L43/14 , H04L43/16 , H04L45/02 , H04L45/42 , H04L45/50
摘要： Certain exemplary embodiments comprise a method comprising: for selected traffic that enters a backbone network via a predetermined ingress point and is addressed to a predetermined destination, via a dynamic tunnel, automatically diverting the selected traffic from the predetermined ingress point to a processing complex; and automatically forwarding the selected traffic from the processing complex toward the predetermined destination.
摘要翻译：某些示例性实施例包括一种方法，其包括：对于经由预定入口点进入骨干网络并且经由动态隧道寻址到预定目的地的所选业务，将所选择的业务量从所述预定入口点自动转移到处理复合体; 并且将所选择的流量自动地从处理复合体转发到预定目的地。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式