Abstract: In one embodiment, a device obtains data indicative of quality of experience for an online application. The device predicts, based on the data, path performances of network paths between an endpoint and the online application for different traffic loads. The device selects traffic loads for the network paths between the endpoint and the online application, based on the path performances predicted by the device. The device causes application traffic to be load balanced across the network paths between the endpoint and the online application, in accordance with those traffic loads selected by the device.

Abstract: In one embodiment, a device instruments an application to generate OpenTelemetry trace data during execution of the application. The device identifies, based on where the application was instrumented, a particular method of the application. The device determines that a circuit breaker is to be inserted for the particular method of the application. The device inserts a circuit breaker for the particular method.

Abstract: Systems, methods, and computer-readable media for generating counterexamples for equivalence failures between models of network intents. A listing of conflict rules corresponding to an equivalence failure between at least first and seconds model of networks intents describing the operation and communication of network devices in a network is obtained. A logical exclusive disjunction between first conflict rules from the first model and corresponding second conflict rules from the second model is calculated. One or more counterexamples corresponding to the equivalence failure are generated based at least in part on the logical exclusive disjunction, such that a given counterexample comprises network and packet conditions that cause the first conflict rules to trigger a first action and cause the second conflict rules to trigger a second action that is different from the first action. Hot fields that are more likely to be associated with the equivalence failure are identified in the counterexample.

Abstract: Systems and methods are described herein for logging system events within an electronic machine using an event log structured as a collection of tree-like cause and effect graphs. An event to be logged may be received. A new event node may be created within the event log for the received event. One or more existing event nodes within the event log may be identified as having possibly caused the received event. One or more causal links may be created within the event log between the new event node and the one or more identified existing event nodes. The new event node may be stored as an unattached root node in response to not identifying an existing event node that may have caused the received event.

Abstract: In one embodiment, a computing device maintains a component list of a plurality of measurable computer network characteristics for a plurality of computer networks, and assigns a component weighting factor to each characteristic within the component list. The computing device may then adjust the component weighting factor within the component list for each particular characteristic over time based at least in part on a measurable effect that particular network characteristic has over one or more of the plurality of computer networks in response to a change to that particular characteristic.

Abstract: The present invention provides improved methods and devices for managing network congestion. Preferred implementations of the invention allow congestion to be pushed from congestion points in the core of a network to reaction points, which may be edge devices, host devices or components thereof. Preferably, rate limiters shape individual flows of the reaction points that are causing congestion. Parameters of these rate limiters are preferably tuned based on feedback from congestion points, e.g., in the form of backward congestion notification (“BCN”) messages. In some implementations, such BCN messages include congestion change information and at least one instantaneous measure of congestion. The instantaneous measure(s) of congestion may be relative to a threshold of a particular queue and/or relative to a threshold of a buffer that includes a plurality of queues.

Abstract: A virtual network is overlaid upon physical networks. The virtual network is a layer-2 network that expands an organization's LAN using virtual MAC addresses. A VN device driver shim intercepts LAN packets and their virtual MAC and IP addresses and encapsulates them with physical packets. As new nodes are created, a VN switch table is expanded so that all nodes on the virtual network can reach the new node. A copy of the VN switch table is stored on each node by a virtual network management daemon on the node. A VN configuration controller in a central server updates the VN switch tables. Organizations can expand their virtual network as nodes are created at remote cloud computing providers without action by the staff at the cloud computing provider. Hybrid cloud virtual networks include on-premises physical and virtual-machine nodes, and off-premises guest nodes and instances.

Abstract: A Core Service Platform (CSP) system is integrated with an operator network and IT system to provide services to subscribers and operators. Based on information collected from the operator network and IT system, the CSP system delivers alerts to a subscriber's device and provides offers to resolve the condition causing the alerts. The CSP system provides customized contextual offers to the subscriber's device based on contextual assessments of a subscriber's current context, such as time in contract, loyalty status, data and voice usage, value of customer, time, location and purchase history. The CSP system also provides an operator a suite of tools for the operator to manage its pricing, offers, campaigns and other subscriber-related issues.

Abstract: In one embodiment, a method includes receiving training data, the training data including training video data representing video of a location in a quiescent state, training a neural network using the training data to obtain a plurality of metrics, receiving current data, the current data including current video data representing video of the location at a current time period, generating a reconstruction error based on the plurality of metrics and the current video data in the embedded space, and generating, in response to determining that the reconstruction error is greater than a threshold, a notification indicative of the location being in a non-quiescent state.

Abstract: An example method is provided in one example embodiment and may include receiving a session request for a user equipment (UE) at a node, wherein the session request includes a timestamp for the UE and a retry count; determining if the session request is a stray session request; and maintaining session information for an existing session for the UE at the node if the session request is a stray session request. The method can include identifying the received session request as a stray request if the timestamp received in the request is less than a timestamp stored for an existing session for the UE. The method can also include identifying the received request as a stray request if the timestamp received is equal to the timestamp stored for the existing session and if the retry count received is less than or equal to a retry count stored for the session.

Abstract: Presented herein are vulnerability assessment techniques for highlighting an organization's information technology (IT) infrastructure security vulnerabilities. For example, a vulnerability assessment system obtains application metadata for each of a plurality of executable applications observed at one or more devices forming part of an organization's IT infrastructure. The application metadata includes unique software identifiers for each of the plurality of executable applications. The vulnerability assessment system obtains global security risk metadata for executable applications observed at the one or more devices. The vulnerability assessment system maps one or more unique software identifiers in the application metadata to global security risk metadata that corresponds to applications identified by the one or more unique software identifiers, thereby generating a vulnerable application dataset.

Abstract: A method for verifying interconnection of a PSE and PD with 4-pair PoE capabilities includes performing a first classification event on first and second pairs, respectively, and detecting a first predetermined class current on first and second sets of twisted pairs, respectively. The method includes performing a second classification event on first and second pairs, respectively, and detecting first and second predetermined class currents on first and second pairs, respectively. After expiration of a first variable delay period related to a first pseudo-random variable of the PSE, the method includes performing a third classification event on the first pair and detecting a first derived class current on the first pair. After expiration of a second variable delay period related to a second pseudo-random variable of the PD, the method includes performing the third classification event on the second pair and detecting a second derived class current on the second pair.

Abstract: A method and system are disclosed for use of segment routing in monitoring of a network path. In one embodiment, the method includes selecting a plurality of segment identifiers and assembling the segment identifiers into a segment identifier stack, where the segment identifier stack encodes a test path within the network for attempted routing of a test message. The method may further include inserting the segment identifier stack into a header associated with the test message, and forwarding the test message according to an entry in a forwarding table corresponding to the segment identifier at the top of the segment identifier stack. Interior gateway protocol advertisements may be used to communicate segment identifiers for creating or updating of the data structure or the forwarding table. In an embodiment, the system includes one or more network interfaces and a processor configured to perform the steps of the method.

Abstract: An upstream multiplexer multiplexes data into first and second serialized data streams based on first and second low frequency clocks each derived from a high frequency clock. A downstream multiplexer multiplexes the first and second serialized data streams into a third serialized data stream based on the high frequency clock. A timing error detector derives an error signal indicative of a phase-misalignment between the high frequency clock and the first and second serialized data bit streams based on the high frequency clock and the first and second low frequency clocks. A phase adjuster adjusts phases of the first and second low frequency clocks relative to the high frequency clock based on the error signal so as to reduce the phase-misalignment.

Abstract: The present invention relates to the security of general purpose computing devices, such as laptop or desktop PCs, and more specifically to the detection of malicious software (malware) on a general purpose computing device. A challenge in detecting malicious software is that files are typically scanned for the presence of malicious intent only once (and subsequent rescanning is typically performed in a simplistic manner). Existing methods in the art do not address how to most effectively rescan collections of files in a way that tries to optimize performance and efficacy. Accordingly we present novel methods, components, and systems for intelligently rescanning file collections and thereby enabling retroactive detection of malicious software and also retroactive identification of clean software. These methods may also be useful if additional information is now available regarding a file that might be useful to an end-user or an administrator, even though the file's core disposition might not have changed.

Abstract: Techniques are presented to determine a location of a wireless client device operating in a wireless local area network. A beacon report request action frame is sent to a wireless client device, where the request frame is configured to cause the wireless client device to transmit a broadcast probe request frame. A beacon report response message is received from the wireless client device and includes one or more probe response frames transmitted by one or more wireless access points that receive the broadcast probe request frame. The wireless client device location is determined based in part on signal strength information in the probe response frames sent by the one or more wireless access points and which signal strength information indicates the signal strength observed by the one or more wireless access points with respect to the broadcast probe request frame transmitted by the wireless client device.

Abstract: Techniques are provided for up-converting a downstream set-top box control signal to a frequency that is above a cable television system upstream communications band. The downstream set-top box control signal is down-converted to a frequency in a set-top box control band and injected into a set-top box communications pathway. The downstream set-top box control signal may be up-converted from baseband or from the set-top box control band to a frequency in cable television system downstream communications band and transmitted on a DOCSIS RF channel.

Abstract: Techniques are presented for distributed processing Distributed-Input Distributed-Output (DIDO) wireless communication. A plurality of base stations (e.g., APs) are provided, each configured to wirelessly serve one or more wireless devices (e.g., clients). At least first and second base stations are configured to transmit simultaneously at an agreed upon time. The first and second base stations are each configured to locally generate steering matrix information used to spatially precode their respective data transmissions in order to steer their respective data transmissions to their one or more wireless devices while nulling to the one or more client devices of the other base station. Moreover, the first and second base stations are each configured to locally generate a transmit waveform by applying the steering matrix information to their respective data transmissions.

Abstract: Presented herein are techniques for enhancing pre-equalization operations in a telecommunications network. In one example, a cable modem termination system (CMTS) determines the coherent bandwidth for pre-equalization coefficients associated with upstream transmissions received from a cable modem. The CMTS uses the coherent bandwidth of the pre-equalization coefficients to calculate a time constant for a time domain filter that may be applied to the pre-equalization coefficients. The CMTS also calculates, based on the time constant, filter coefficients for the time domain filter and applies the time domain filter to the pre-equalization coefficients to generate signal-to-noise ratio (SNR)-enhanced pre-equalization coefficients. The CMTS then sends the SNR-enhanced pre-equalization coefficients to the cable modem.

Abstract: Techniques are presented to summarize the Media Access Control (MAC) addresses behind a single edge port so that the Datacenter Ethernet edge devices do not learn the MAC addresses of individual end hosts connected to the Datacenter Ethernet network. At a line card of an Ethernet networking device connected to a DCE network, information is generated that summarizes Media Access Control (MAC) addresses of remote hosts reachable through a Datacenter Ethernet networking device of the Datacenter Ethernet network. A packet is received at the Ethernet networking device, wherein the packet is directed to one of the remote hosts. The packet is forwarded to one of the remote hosts using the information summarizing the MAC addresses of the remote hosts.