Patents by Inventor Arthur L. Zaifman
Arthur L. Zaifman has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11582254Abstract: Facilitating web page spectroscopy in a communications network is provided herein. A system can comprise a processor and a memory that stores executable instructions that, when executed by the processor, facilitate performance of operations. The operations can comprise receiving first data that describes a first communication packet flow and second data that describes a second communication packet flow. The operations can also comprise training a model based on the first data and the second data, as a result of which the model is trained to detect respective behaviors represented by the first data and the second. Further, the operations can comprise extracting a common parameter from third data that describes a third communication packet flow and fourth data that describes a fourth communication packet flow based on the model.Type: GrantFiled: October 1, 2020Date of Patent: February 14, 2023Assignee: AT&T Intellectual Property I, L.P.Inventors: Arthur L. Zaifman, John Mark Mocenigo
-
Patent number: 11570108Abstract: In one example, a processor may receive network traffic from a demultiplexer via a first network interface card and place portions of the network traffic into a plurality of hash buckets. The processor may further process a first portion of the portions of the network traffic in at least a first hash bucket of the plurality of hash buckets and forward a second portion of the portions of the network traffic in at least a second hash bucket of the plurality of hash buckets to a switch via a second network interface card. In one example, the switch distributes the second portion of the network traffic to one of a plurality of overflow probes. In one example, the plurality of overflow probes comprises a network function virtualization infrastructure for processing the second portion of the network traffic.Type: GrantFiled: February 15, 2021Date of Patent: January 31, 2023Assignee: AT&T Intellectual Property I, L.P.Inventors: Arthur L. Zaifman, John M. Mocenigo
-
Publication number: 20230006937Abstract: In one example, a processing system including at least one processor may obtain a first packet, determine a first tunnel identifier from a tunnel identifier field and a first source port identifier from a source port identifier field of the header of the first packet, and assign the first packet to a first flow. The processing system may further obtain a second packet, extract a first value from a tunnel identifier field and a second value from a source port identifier field of a header of the second packet, determine that the first value matches the first tunnel identifier and that the second value matches the first source port identifier, and assign the second packet to the first flow in response to the determining that the first value matches the first tunnel identifier and that the second value matches the first source port identifier.Type: ApplicationFiled: September 12, 2022Publication date: January 5, 2023Inventors: Arthur L. Zaifman, John Mark Mocenigo
-
Patent number: 11444877Abstract: In one example, a processing system including at least one processor may obtain a first packet, determine a first tunnel identifier from a tunnel identifier field and a first source port identifier from a source port identifier field of the header of the first packet, and assign the first packet to a first flow. The processing system may further obtain a second packet, extract a first value from a tunnel identifier field and a second value from a source port identifier field of a header of the second packet, determine that the first value matches the first tunnel identifier and that the second value matches the first source port identifier, and assign the second packet to the first flow in response to the determining that the first value matches the first tunnel identifier and that the second value matches the first source port identifier.Type: GrantFiled: March 18, 2019Date of Patent: September 13, 2022Assignee: AT&T Intellectual Property I, L.P.Inventors: Arthur L. Zaifman, John Mark Mocenigo
-
Patent number: 11411935Abstract: In one example, the present disclosure describes a device, computer-readable medium, and method for extracting data from encrypted packet flows. For instance, in one example, a method includes detecting a data packet that belongs to an encrypted data flow traversing a network, determining whether the encrypted data flow is a new encrypted data flow or an existing encrypted data flow, based on an inspection of payloads of data packets belonging to the encrypted data flow for evidence of a transport control protocol handshake, forwarding the data packet to a first server pool that will truncate the data packet, when the encrypted data flow is an existing encrypted data flow, and forwarding the data packet to a second server pool that will inspect a payload of the data packet for a secure sockets layer certificate, when the encrypted data flow is a new encrypted data flow.Type: GrantFiled: March 16, 2020Date of Patent: August 9, 2022Assignee: AT&T Intellectual Property I, L.P.Inventors: Arthur L. Zaifman, John M. Mocenigo
-
Publication number: 20220124185Abstract: In one example, the present disclosure describes a device, computer-readable medium, and method for organizing terabit-scale packet volumes into flows for downstream processing stages. For instance, in one example, a method includes extracting a first flow key from a first data packet, inputting the first flow key into a hash function to obtain a first output value, selecting a first partition in a memory to which to store the first data packet, wherein the first partition is selected based on the first output value, and storing the first data packet to the first partition.Type: ApplicationFiled: December 30, 2021Publication date: April 21, 2022Inventors: Arthur L. Zaifman, John M. Mocenigo
-
Patent number: 11240354Abstract: In one example, the present disclosure describes a device, computer-readable medium, and method for organizing terabit-scale packet volumes into flows for downstream processing stages. For instance, in one example, a method includes extracting a first flow key from a first data packet, inputting the first flow key into a hash function to obtain a first output value, selecting a first partition in a memory to which to store the first data packet, wherein the first partition is selected based on the first output value, and storing the first data packet to the first partition.Type: GrantFiled: June 8, 2020Date of Patent: February 1, 2022Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.Inventors: Arthur L. Zaifman, John M. Mocenigo
-
Patent number: 11195123Abstract: The present disclosure describes a device, computer-readable medium, and method for using singular group actions in a network to train a machine learning system. In one example, the method includes detecting a singular group action in data traversing a telecommunication service provider network, wherein the singular group action is characterized by multiple customers of the network performing a same action with their respective computing devices within a defined window of time while the multiple customers are within a threshold physical proximity to each other, labeling a subset of the data that is associated with the singular group action to generate labeled training data, and training a machine learning system using the labeled training data.Type: GrantFiled: July 26, 2018Date of Patent: December 7, 2021Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.Inventors: Arthur L. Zaifman, John M. Mocenigo
-
Publication number: 20210184975Abstract: In one example, a processor may receive network traffic from a demultiplexer via a first network interface card and place portions of the network traffic into a plurality of hash buckets. The processor may further process a first portion of the portions of the network traffic in at least a first hash bucket of the plurality of hash buckets and forward a second portion of the portions of the network traffic in at least a second hash bucket of the plurality of hash buckets to a switch via a second network interface card. In one example, the switch distributes the second portion of the network traffic to one of a plurality of overflow probes. In one example, the plurality of overflow probes comprises a network function virtualization infrastructure for processing the second portion of the network traffic.Type: ApplicationFiled: February 15, 2021Publication date: June 17, 2021Inventors: Arthur L. Zaifman, John M. Mocenigo
-
Patent number: 10924412Abstract: In one example, a processor may receive network traffic from a demultiplexer via a first network interface card and place portions of the network traffic into a plurality of hash buckets. The processor may further process a first portion of the portions of the network traffic in at least a first hash bucket of the plurality of hash buckets and forward a second portion of the portions of the network traffic in at least a second hash bucket of the plurality of hash buckets to a switch via a second network interface card. In one example, the switch distributes the second portion of the network traffic to one of a plurality of overflow probes. In one example, the plurality of overflow probes comprises a network function virtualization infrastructure for processing the second portion of the network traffic.Type: GrantFiled: June 3, 2019Date of Patent: February 16, 2021Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.Inventors: Arthur L. Zaifman, John M. Mocenigo
-
Publication number: 20210021626Abstract: Facilitating web page spectroscopy in a communications network is provided herein. A system can comprise a processor and a memory that stores executable instructions that, when executed by the processor, facilitate performance of operations. The operations can comprise receiving first data that describes a first communication packet flow and second data that describes a second communication packet flow. The operations can also comprise training a model based on the first data and the second data, as a result of which the model is trained to detect respective behaviors represented by the first data and the second. Further, the operations can comprise extracting a common parameter from third data that describes a third communication packet flow and fourth data that describes a fourth communication packet flow based on the model.Type: ApplicationFiled: October 1, 2020Publication date: January 21, 2021Inventors: Arthur L. Zaifman, John Mark Mocenigo
-
Patent number: 10834112Abstract: Facilitating web page spectroscopy in a communications network is provided herein. A system can comprise a processor and a memory that stores executable instructions that, when executed by the processor, facilitate performance of operations. The operations can comprise receiving first data that describes a first communication packet flow and second data that describes a second communication packet flow. The operations can also comprise training a model based on the first data and the second data, as a result of which the model is trained to detect respective behaviors represented by the first data and the second. Further, the operations can comprise extracting a common parameter from third data that describes a third communication packet flow and fourth data that describes a fourth communication packet flow based on the model.Type: GrantFiled: April 24, 2018Date of Patent: November 10, 2020Assignee: AT&T Intellectual Property I, L.P.Inventors: Arthur L. Zaifman, John Mark Mocenigo
-
Publication number: 20200304609Abstract: In one example, the present disclosure describes a device, computer-readable medium, and method for organizing terabit-scale packet volumes into flows for downstream processing stages. For instance, in one example, a method includes extracting a first flow key from a first data packet, inputting the first flow key into a hash function to obtain a first output value, selecting a first partition in a memory to which to store the first data packet, wherein the first partition is selected based on the first output value, and storing the first data packet to the first partition.Type: ApplicationFiled: June 8, 2020Publication date: September 24, 2020Inventors: Arthur L. Zaifman, John M. Mocenigo
-
Publication number: 20200304415Abstract: In one example, a processing system including at least one processor may obtain a first packet, determine a first tunnel identifier from a tunnel identifier field and a first source port identifier from a source port identifier field of the header of the first packet, and assign the first packet to a first flow. The processing system may further obtain a second packet, extract a first value from a tunnel identifier field and a second value from a source port identifier field of a header of the second packet, determine that the first value matches the first tunnel identifier and that the second value matches the first source port identifier, and assign the second packet to the first flow in response to the determining that the first value matches the first tunnel identifier and that the second value matches the first source port identifier.Type: ApplicationFiled: March 18, 2019Publication date: September 24, 2020Inventors: Arthur L. Zaifman, John Mark Mocenigo
-
Publication number: 20200220849Abstract: In one example, the present disclosure describes a device, computer-readable medium, and method for extracting data from encrypted packet flows. For instance, in one example, a method includes detecting a data packet that belongs to an encrypted data flow traversing a network, determining whether the encrypted data flow is a new encrypted data flow or an existing encrypted data flow, based on an inspection of payloads of data packets belonging to the encrypted data flow for evidence of a transport control protocol handshake, forwarding the data packet to a first server pool that will truncate the data packet, when the encrypted data flow is an existing encrypted data flow, and forwarding the data packet to a second server pool that will inspect a payload of the data packet for a secure sockets layer certificate, when the encrypted data flow is a new encrypted data flow.Type: ApplicationFiled: March 16, 2020Publication date: July 9, 2020Inventors: Arthur L. Zaifman, John M. Mocenigo
-
Patent number: 10681189Abstract: In one example, the present disclosure describes a device, computer-readable medium, and method for organizing terabit-scale packet volumes into flows for downstream processing stages. For instance, in one example, a method includes extracting a first flow key from a first data packet, inputting the first flow key into a hash function to obtain a first output value, selecting a first partition in a memory to which to store the first data packet, wherein the first partition is selected based on the first output value, and storing the first data packet to the first partition.Type: GrantFiled: May 18, 2017Date of Patent: June 9, 2020Assignee: AT&T Intellectual Property I, L.P.Inventors: Arthur L. Zaifman, John M. Mocenigo
-
Patent number: 10645030Abstract: A processor may apply data blocks of a training data set to a pattern matching algorithm to identify whether the data blocks match a pattern, determine points of divergence between the data blocks and the pattern, count a number of times that each of a plurality of positions in the pattern is determined to be a point of divergence, and determine a position with a highest count of a number of times that the position is determined to be a point of divergence. The processor may further receive an incoming data block, compare a data value at the position in the pattern with the highest count to a data value at a corresponding position in the incoming data block, and determine a mismatch when the data value at the position in the pattern and the data value at the corresponding position in the incoming data block are different.Type: GrantFiled: July 8, 2019Date of Patent: May 5, 2020Assignee: AT&T Intellectual Property, I, L.P.Inventors: Arthur L. Zaifman, John M. Mocenigo, Glen Zdroik
-
Patent number: 10594664Abstract: In one example, the present disclosure describes a device, computer-readable medium, and method for extracting data from encrypted packet flows. For instance, in one example, a method includes detecting a data packet that belongs to an encrypted data flow traversing a network, determining whether the encrypted data flow is a new encrypted data flow or an existing encrypted data flow, based on an inspection of payloads of data packets belonging to the encrypted data flow for evidence of a transport control protocol handshake, forwarding the data packet to a first server pool that will truncate the data packet, when the encrypted data flow is an existing encrypted data flow, and forwarding the data packet to a second server pool that will inspect a payload of the data packet for a secure sockets layer certificate, when the encrypted data flow is a new encrypted data flow.Type: GrantFiled: March 13, 2017Date of Patent: March 17, 2020Assignee: AT&T Intellectual Property I, L.P.Inventors: Arthur L. Zaifman, John M. Mocenigo
-
Publication number: 20200034748Abstract: The present disclosure describes a device, computer-readable medium, and method for using singular group actions in a network to train a machine learning system. In one example, the method includes detecting a singular group action in data traversing a telecommunication service provider network, wherein the singular group action is characterized by multiple customers of the network performing a same action with their respective computing devices within a defined window of time while the multiple customers are within a threshold physical proximity to each other, labeling a subset of the data that is associated with the singular group action to generate labeled training data, and training a machine learning system using the labeled training data.Type: ApplicationFiled: July 26, 2018Publication date: January 30, 2020Inventors: Arthur L. Zaifman, John M. Mocenigo
-
Publication number: 20190334839Abstract: A processor may apply data blocks of a training data set to a pattern matching algorithm to identify whether the data blocks match a pattern, determine points of divergence between the data blocks and the pattern, count a number of times that each of a plurality of positions in the pattern is determined to be a point of divergence, and determine a position with a highest count of a number of times that the position is determined to be a point of divergence. The processor may further receive an incoming data block, compare a data value at the position in the pattern with the highest count to a data value at a corresponding position in the incoming data block, and determine a mismatch when the data value at the position in the pattern and the data value at the corresponding position in the incoming data block are different.Type: ApplicationFiled: July 8, 2019Publication date: October 31, 2019Inventors: Arthur L. Zaifman, John M. Mocenigo, Glen Zdroik