Abstract: According to one or more embodiments of the disclosure, automatic personalization for speech recognition systems is provided by a method that includes detecting, by a device, unrecognized words within an automated transcript of audio from a communication session and associating, by the device, the unrecognized words with corresponding contextual data. The method further includes identifying, by the device, a subset of the unrecognized words for boosting and applying, by the device, a context-specific boosting to the subset of the unrecognized words within an automated speech recognition model when criteria, identified based on contextual data associated with the subset of the unrecognized words, are met within the audio from the communication session.

Abstract: In one embodiment, a device in a federated learning system receives a global model from an aggregation node. The device applies noise to the global model, to form a noise-augmented model. The device performs local training using the noise-augmented model and a local training dataset, to form a local model. The device provides, via a network, the local model to the aggregation node for aggregation with other local models trained in the federated learning system.

Abstract: In one embodiment, a method comprises: creating, by a root network device in a wireless data network, a perimeter topology comprising a first distance vector-protocol path of a first group of perimeter devices and a second distance vector-protocol path of a second group of the perimeter devices, the creating comprising outputting first and second advertisement messages causing the perimeter devices to attach to only one parent of only one of the first or second distance vector-protocol paths and a junction device to attach at respective ends of the first and second distance vector-protocol paths; and causing the junction device to forward, from the first distance vector-protocol path, a data packet toward the root network device via the second distance vector-protocol path.

Abstract: The presently claimed disclosure is directed to methods that may be implemented at a computer. Methods and systems consistent with the present disclosure may include extending protocols associated with authenticating client (i.e. supplicant) devices and with authorizing those supplicant devices to access a wireless network. These methods may include sending data relating to the failure of an authentication and/or an authorization process to a supplicant device attempting to access a wireless network. Methods discussed within may include securely sending failure codes or reasons to a supplicant device that identify why an authentication or authorization process failed. These methods may include sending messages between a supplicant device, an authenticator device, and an authentication and authorization server. After a first failure, the supplicant device may be able to access the wireless network after a reason or code of that failure has been reported to the supplicant device.

Abstract: Dynamic spectrum access mode based on station capabilities is provided by categorizing functionalities of Access Points (APs) and stations (STA) in a wireless network; identifying interference induced by external signaling devices on channels in the wireless network; calculating an impact factor of the interference based on proximity of the external signaling devices to the wireless network, a pattern of the external signaling devices, and an extent of overlap with frequencies used by the external signaling devices and the wireless network; and in response to identifying a given STA that is paired with a given AP in the wireless network, wherein the given STA and the given AP are both categorized as being capable of both multilink communications and preamble puncturing, assigning network resources for the given STA to communicate with the given AP via one of multilink communications or preamble puncturing based on the impact factor of the interference.

Abstract: In one embodiment, a method herein comprises: registering, by an orchestration service agent, with a central management device to receive a corresponding configuration for the orchestration service agent, wherein the central management device receives a registration from each of a plurality of orchestration service agents; self-configuring, by the orchestration service agent, based on the corresponding configuration; obtaining, by the orchestration service agent and from the central management device, an observability-agent-specific configuration package; and configuring, by the orchestration service agent and based on the observability-agent-specific configuration package, a corresponding observability agent associated with the orchestration service agent and executing on a corresponding entity.

Abstract: In one embodiment, a device obtains network telemetry and environmental telemetry associated with a physical environment. The device forecasts, based on the network telemetry and environmental telemetry, future values of the network telemetry and environmental telemetry. The device predicts, based on the future values, quality of experience metrics for an online application for different locations within the physical environment. The device provides, based on the quality of experience metrics, a recommendation to a user interface that recommends a user of the online application navigate to a particular location from among the different locations to access the online application at a future point in time.

Abstract: In one embodiment, a device forms clusters of network paths via which traffic for an online application is conveyed by applying clustering to time series of quality of experience metrics for the online application. The device calculates, for a particular cluster of network paths among the clusters of network paths, correlation metrics between path features of those network paths of that cluster. The device selects, based on the correlation metrics, a particular path feature from among the path features as a root cause of poor quality of experience metrics for the online application along the network paths of the particular cluster of network paths. The device provides, to a user interface, an indication of the particular path feature as being the root cause of poor quality of experience metrics for the online application.

Abstract: Techniques are described for managing network devices by defining a service chain that includes a plurality of network devices, such that the service chain identifies a position of each network device with respect to other network devices. The techniques further detect a new network device becoming active on a network and identify a logical model associated with the new network device. The new network device is programmed based on the service chain and other devices already active in the service chain.

Abstract: Devices and methods that incorporate sustainability data within a header of a data packet to allow for the generation of sustainable configurations for various network devices are disclosed. Power efficiency is obtained at a node-level by including metadata to existing network flows, in an in-band/in-situ configuration. This information may be used for optimum flow placement. Received data packets may be formatted with sustainability data within a metadata shim. The received data packets are processed, and a sustainable configuration is generated for the one or more network devices. The generated sustainable configuration is transmitted to the one or more network devices to enable efficient and effective management of network devices by incorporating sustainability data into the data packets.

Abstract: Techniques are provided herein for determining a routing path for application traffic based on historic application telemetry and current network telemetry. The techniques comprising determining current metrics for a set of potential paths between an edge device and an application endpoint associated with an application, generating, from the current metrics, a link score for individual paths in the set of potential paths, receiving application status data generated from historic telemetry data associated with the application and the set of potential paths, generating, from the application status data, an application score for individual paths in the set of potential paths, and determining, as a function of the link score and the application score for individual paths in the set of potential paths, a selected path to be used in communications between the edge device and the application endpoint.

Abstract: In some aspects, the techniques described herein relate to a method for detecting malicious emails, the method including: receiving an email, wherein the email is associated with a markup payload; determining, based on the markup payload, text data associated with the email; determining, using the text data and a first machine learning model, a first representation of the email representing text associated with the email; rendering the email to generate image data that represents a rendering of the email; determining, using the image data and a second machine learning model, a second representation of the email that represents at least the rendering of the email; and determining a prediction for the email based on the first representation and the second representation, wherein the prediction represents whether the email is predicted to be malicious based on the first representation and the second representation.

Abstract: Techniques for improved peer-to-peer communication are provided. A roaming peer-to-peer device may identify a new access point (AP) and initiate a transition to the new AP. Initiating transition can involve sending, to the new AP, the current peer-to-peer communication schedule for approval and/or negotiating a modified peer-to-peer communication schedule with the new AP. When the roaming peer-to-peer device and the new AP agree on the peer-to-peer communication schedule, the peer-to-peer device may notify its counterpart that it has roamed to the new AP and also notify the counterpart of any updates to the peer-to-peer communication schedule.

Abstract: Techniques described herein provide procedures for reducing MACsec Key Agreement (MKA)-related traffic and improving resource allocation for MKA protocol through an EVPN environment. Techniques include leveraging Border Gateway Protocol (BGP) signaling for MKA between Provider Edge (PE) routers instead of between Customer Edge (CE) routers, which mitigates both hardware restrictions and scalability challenges with a new Xaas enablement. A new BGP-EVPN route type is defined that can communicate a set of MKA information along with an address destination associated with a provider edge device to establish a BGP MKA session and enable MACsec encryption/decryption at the provider edge device.

Abstract: In one embodiment, a device sends data traffic to a gateway of a backhaul mesh network via a first wireless access point of the backhaul mesh network. The device maintains, while associated with the first wireless access point, an association with a second wireless access point of the backhaul mesh network by sending a frame to the first wireless access point that is relayed by the first wireless access point to the second wireless access point. The device makes a determination that additional data traffic should be sent to the gateway of the backhaul mesh network via the second wireless access point. The device sends, based on the determination, the additional data traffic to the gateway of the backhaul mesh network via the second wireless access point.

Abstract: Devices, systems, methods, and processes for determining enforcement readiness in a workload protection solution are described herein. Often, a user may desire to initiate enforcement on a network, but may not know if the various workloads, agents, or other components of the workload protection solution are in a condition to begin enforcement. As a result, embodiments described herein can generate an enforcement validation status or overall enforcement readiness determination by evaluating a plurality of different configurations, attributes, or other settings associated with any desired workloads subject to the policy to be enforced. Upon evaluation, a notification can be generated to the user in the form of a graphical user interface or other similar output device that is configured to show any determined error or issue preventing enforcement readiness. As a result, these can be addressed by a user until enforcement can be activated, easing the overall enforcement process.

Abstract: In one embodiment, a device may obtain sensor measurements from an environmental sensor of an access point. The device may obtain traffic telemetry data regarding network traffic handled by the access point. The device may generate, based on the sensor measurements and the traffic telemetry data, a sampling configuration of the environmental sensor of the access point. The device may cause the access point to collect additional sensor measurements from its environmental sensor according to the sampling configuration.

Abstract: Systems, methods, and computer-readable media for discovering silent hosts in a software-defined network and directing traffic to the silent hosts in a scalable and targeted manner include determining interfaces of a fabric device that are connected to respective one or more endpoints, where the fabric device is configured to connect the endpoints to a network fabric of the software-defined network. At least a first interface is identified, where an address of a first endpoint connected to the first interface is not available at the fabric device. A first notification is transmitted to a control plane of the software-defined network based on identifying the first interface, where the control plane may create a flood list which includes the fabric device. Traffic intended for the first endpoint from the network fabric is received by the fabric device can be based on the flood list.

Abstract: In an aspect, an embodiment of the present disclosure is directed to network control topology that implements a centralized network controller to deterministically assign, and reassign, underlay multicast groups according to one or more policies and/or parameterized intent of the network administrator. The centralized network controller, in some embodiments, comprises a map server-map resolver controller configured to provide deterministic and centralized allocation of LISP underlay multicast groups, e.g., to provide security, traffic engineering, network and resource management.

Abstract: Embodiments provide for assuring policy based alerting, via clustering, via a first neural network, operational data reported from a network into a plurality of anomalies organized into several clusters; correlating, via the first neural network, alerts received from devices in the network according to the several clusters; determining, via the second neural network, anomaly impacts in the several clusters from the filtered alerts; in response to determining that the anomaly impacts for a first cluster exceed an alerting threshold: identifying a first shared node in the first cluster; identifying a second cluster including a second shared node matching the first shared node that has not been determined to exceed the alerting threshold; and transmitting an alert for the first cluster and the second cluster; and in response to receiving a response to the alert, updating, via the second neural network, the first neural network.