Abstract: In one embodiment, a device determines a criticality of each of a plurality of endpoints in a network, based on network telemetry data regarding the network. The device translates a plurality of anomaly detection models available for deployment to the network and their metadata into a set of adjustable resources. The device generates an anomaly detection deployment strategy for the network by selecting a set of one or more of the plurality of anomaly detection models for deployment to one or more execution points in the network, based on the criticality of each of the plurality of endpoints and on the set of adjustable resources. The device causes the set to be deployed to the one or more execution points in the network, in accordance with the anomaly detection deployment strategy.

Abstract: A system monitors a network or web application provided by one or more distributed applications and provides data for each and every method instance in an efficient low-cost manner. Agents may monitor the performance of the distributed application by the web services and report monitoring data as runtime data to the remote server, for example a controller. The controller may analyze the data to identify one or more performance issues or “hot spot” methods based on current or past performance, functionality, content, or business relevancy. Instructions and/or configuration information may be transmitted by the controller to the agents that correspond to a particular business transaction portion associated with a hot spot. The portions are then monitored to collect data associated with the hot spot and the hot spot data is reported back to the controller.

Abstract: In Wi-Fi 8, backscatter devices (BKDs) may be viewed as part of the 802.11 wireless local area network (WLAN). BKDs in a WLAN have limited transmission interactions with a Wi-Fi access point (AP). Onboarding BKDs to the WLAN is described, which allows for the AP and BKD to participate as elements of the same local network, with security controls. The onboarding of the BKD to a WLAN may occur after discovery of the BKD at an AP and includes replacing an Initial Device Identifier (IDevID) on the BKD with a Local Device Identifier (LDevID) in order to provide for secure communications between the BKD and the WLAN.

Abstract: In one embodiment, a discrepancy detection application automatically detects and addresses unauthorized activities associated with one or more authorization keys based on a request log and a provider log. The request log specifies activities that a client initiated, where the activities are associated with the authorization keys. The provider log specifies activities that a cloud provider performed, where the activities are associated with the authorization keys. In operation, the discrepancy detection application determines that one or more unauthorized activities have occurred based on comparing the request log to the provider log. The discrepancy detection application then performs an action that addresses the unauthorized activities.

Abstract: In one embodiment, a device obtains telemetry data associated with an online application accessible via a network. The device trains, based on the telemetry data, a machine learning model to determine whether a given address in the network is associated with the online application. The device uses the machine learning model to generate a listing of network addresses associated with the online application. The device provides the listing of network addresses for use by an application detection service in the network to determine that an initial packet of a traffic flow is associated with the online application based on a match between a destination address of that packet and a network address in the listing of network addresses.

Abstract: Embodiments are directed towards a system and method for a cloud-based front end that may abstract and enable access to the underlying cloud-hosted elements and objects that may be part of a multi-tenant application, such as a search application. Search objects may be employed to access indexed objects. An amount of indexed data accessible to a user may be based on an index storage limit selected by the user, such that data that exceeds the index storage limit may continue to be indexed. Also, one or more projects can be elastically scaled for a user to provide resources that may meet the specific needs of each project.

Abstract: Techniques that provide link establishment between a radio equipment controller (REC) and a radio equipment (RE) in a fronthaul network are described herein. In one embodiment, a method includes performing, Common Public Radio Interface (CPRI) Layer 1 (L1) link auto-negotiation operations to establish a CPRI link between the REC and RE. A proxy slave may achieve a hyper frame number (HFN) synchronization with the REC at a link bit rate for a first CPRI bit stream and communicate the first CPRI bit stream and the link bit rate to a proxy master. The proxy master may communicate a second CPRI bit stream to the proxy slave to transmit to the REC. The L1 link auto-negotiation operations are completed and CPRI link is established between the REC and the RE when the REC achieves a HFN synchronization for the second CPRI bit stream.

Abstract: A first virtual machine executing on a centralized management node provides a first image file to a first computing entity arranged within a first point of delivery. The first image file includes a first boot configuration file or a first ramdisk file. A second virtual machine provides a second image file to a second computing entity arranged within a second point of delivery different from the first point of delivery. The second image file includes a second boot configuration file or a second ramdisk file. The first virtual machine provides a third image file to the first computing entity. The third image file comprises a first operating system installation file. The second virtual machine provides a fourth image file to the second computing entity. The fourth image file comprises a second operating system installation file.

Abstract: A method of continuous multi-factor authentication may include executing wireless sensing based at least in part on execution of a continuous multi-factor authentication (CMFA) application at a computing device, collecting channel state information (CSI) data from a network device communicatively coupled to the computing device, transmitting the CSI data to a CMFA device, and receiving a trust score from the CMFA device based on the CSI data.

Abstract: In some aspects, the techniques described herein relate to a method including: obtaining data to be compressed; determining a distance between the data to be compressed and each codeword of a plurality of codewords; selecting a predetermined number of codewords of the plurality of codewords based on the distance between the data to be compressed and each of the predetermined number of codewords; and generating compressed data, where the compressed data includes an indication of the predetermined number of codewords of the plurality of codewords.

Abstract: Techniques for managing migrations of QUIC connection session(s) across proxy nodes, data centers, and/or private application nodes are described herein. A global key-value datastore, accessible by proxy nodes and/or application nodes, may store mappings between a first QUIC connection, associated with a proxy node and a client device, on the frontend of the proxy node and a second QUIC connection, associated with the proxy node and an application node, on the backend of the proxy node. With the global key-value datastore being accessible by the proxy nodes, when a proxy node receives a QUIC packet on the front end or the back end, the proxy node may determine where to map this connection to on the opposite end. Additionally, with the global key-value datastore being accessible to the application nodes, when an application node receives a QUIC packet, the application node may determine the client device associated with the connection.

Abstract: The present disclosure provides a hierarchical method of identifying unauthorized network traffic in a network by applying, at one of a first plurality of nodes of a network, a first level of network traffic analysis to identify received network traffic as one of authorized or suspicious network traffic, the one of the first plurality of nodes having a first path for traffic routing and a second path to one of a second plurality of nodes of the network, the second path being used for forwarding the suspicious network traffic to the one of the second plurality of nodes; tagging the received network traffic as the suspicious network traffic; and sending the suspicious network traffic to the one of the second plurality of nodes over the second path, the second network node applying a second level of network analysis to determine if the received network traffic is authorized, unauthorized or remains suspicious.

Abstract: In one embodiment, a method includes configuring a router to act as a BNG and establishing, by the router, a connection between CPE and the BNG. The method also includes receiving, by the router, end-user and access parameters and communicating, by the router, the end-user and access parameters to one or more 5G NFs by interacting with one or more SBIs. The method further includes allowing, by the router, the CPE access to the one or more 5G NFs in response to communicating the end-user and access parameters to the one or more 5G NFs.

Abstract: A system and associated methods provide a scalable solution for managing multiple multicast flows within a multicast group of a multicast network. The system groups redundant sources of the multicast group according to their associated multicast flows, assigns flow identifiers to each redundant source indicative of their associated multicast flows, and facilitates Single Forwarder election to select a Single Forwarder that belongs to the appropriate multicast flow. The system provides control plane extensions that enable signaling of which redundant source belongs to which multicast flow.

Abstract: Technologies for testing resiliency of a data network with real-world accuracy without affecting the flow of production data through the network. A method according to the technologies may include receiving a production data packet and determining a preferred data route toward a destination node for the production data packet based on a first routing information base, wherein the first routing information base includes a database where routes and route metadata are stored according to a routing protocol. The method may also include, receiving a test data packet, and determining an alternate data route toward the destination node for the test data packet based on a second routing information base, wherein the second routing information base simulates an error in the preferred data route. The method may include sending the production data packet to the preferred data route and sending the test data packet to the alternate data route.

Abstract: A method, computer system, and computer program product are provided for automatically generating polls. A message of a plurality of messages is received corresponding to a conversation between a plurality of users. One or more candidate polls are generated using a natural language processing model and determining a poll type for each of the one or more candidate polls based on the message and a context of the conversation. It is determined that at least one candidate poll of the one or more candidate polls is relevant according to the context of the conversation. In response to determining that the at least one candidate poll is relevant, the poll of the poll type is generated based on the message for presentation to the plurality of users.

Abstract: In one embodiment, a device may obtain an identifier of a proof of location process (PLP) and an identifier of a node where the PLP is executed. The device may receive a query from a compliance engine for a proof of location of the node where the PLP is executed. The device may identify, based on the identifier of the PLP and the identifier of the node, a physical location of the node. The device may provide, to the compliance engine, a response to the query that is indicative of the physical location of the node, wherein the compliance engine enforces one or more data compliance policies with respect to a workload executed by the node and based on the physical location of the node.

Abstract: Techniques are described for providing a method and apparatus for determining source address validation of a data packet in a network in the presence of asymmetric routing. When a data packet is received by a node such as a router, a reverse path forwarding lookup is performed to determine if the data packet was received on a next-hop interface and if the reverse path forwarding fails, a Shortest Path First (SPF) computation at the router advertising the source route will be performed using the link state database to determine whether the data packet arrived from a valid path of the network.

Abstract: The present technology pertains to a system, method, and non-transitory computer-readable medium for evaluating the impact of network changes. The technology can detect a temporal event, wherein the temporal event is associated with a change in a network configuration, implementation, or utilization; define a first period prior to the temporal event and a second period posterior to the temporal event; and compare network data collected in the first period and network data collected in the second period.

Abstract: A multi-segment digital-to-time converter is provided. The digital-to-time converter includes a plurality of delay stages arranged in series, and a plurality of local synchronization logic circuits each configured to control an associated delay stage of the plurality of delay stages. Each local synchronization logic circuit provides a digital-to-time converter code and a reset signal to the associated delay stage synchronized to a local input clock and a local output clock of the associated delay stage.