Abstract: Techniques are disclosed for identifying faulty links in a virtualized computing environment. Network path latency information is received for one or more network paths in the networked computing environment. Based on the network path latency information, a probable presence of a faulty component is determined. In response to the determination, physical links for a network path associated with the probable faulty component are identified. Information indicative of likely sources of the probable faulty component is received from multiple hosts of the networked computing environment. Based on the identified physical links and information, a faulty component is determined.

Abstract: A computing device is provided, including a processor that receives a network graph. The processor further receives a specification of a network traffic control heuristic for a network traffic routing problem over the network graph. The processor further constructs a gap maximization problem that has, as a maximization target, a difference between an exact solution to the network traffic routing problem and a heuristic solution generated using the network traffic control heuristic. The processor further generates a Lagrange multiplier formulation of the gap maximization problem. At a convex solver, the processor further computes an estimated maximum gap as an estimated solution to the Lagrange multiplier formulation of the gap maximization problem. The processor further performs a network traffic control action based at least in part on the estimated maximum gap.

Abstract: A computing device including a processor configured to receive satellite status data from satellites included in a satellite constellation. The processor is further configured to determine a link topology of the satellites. Based at least in part on the satellite status data and the link topology, the processor is further configured to identify a first satellite constellation subset including one or more selected satellite pairs. Identifying the one or more selected satellite pairs includes computing respective link utility values associated with a plurality of candidate pairs of satellites included in the satellite constellation based at least in part on the satellite status data and the link topology. The one or more selected satellite pairs are selected based at least in part on the link utility values. The processor is further configured to transmit, to the satellites included in the first satellite constellation subset, instructions to perform intersatellite imaging data transfer.

Abstract: A satellite is provided, including an onboard computing device. The onboard computing device may include a processor configured to receive training data while the satellite is in orbit. The processor may be further configured to perform training at a machine learning model based at least in part on the training data. The processor may be further configured to generate model update data that specifies a modification made to the machine learning model during the training. The processor may be further configured to transmit the model update data from the satellite to an additional computing device.

Abstract: A method for allocating a plurality of network resources to a plurality of network-access demands of a plurality of network guests comprises (a) receiving the plurality of network-access demands; (b) for each of the plurality of network-access demands (i) dynamically computing, from among the plurality of network resources, a resorted order of resources associated with the network-access demand, and (ii) for each network resource associated with the network-access demand, increasing, in the re-sorted order, an allocation of the network resource to the network-access demand until the network-access demand is saturated, and freezing the allocation of each of the plurality of network resources to the saturated demand; and (c) outputting the frozen allocation of each of the plurality of network resources for each of the plurality of network-access demands.

Abstract: A method for scheduling a coordinated transfer of data among a plurality of processor nodes on a network comprises operating a multi-commodity flow model subject to a plurality of predetermined constraints. The model is configured to (a) receive as input a set of demands defining, for each of the plurality of processor nodes, an amount of data to be transferred to that processor node, (b) assign a plurality of paths linking the plurality of processor nodes, and (c) emit a schedule for transfer of the data along the plurality of paths so as to minimize a predetermined cost function, wherein the schedule comprises at least one store-and-forward operation and at least one copy operation.

Abstract: A computing system identifies mitigation actions in response to failures within a computer network. A service level objective is obtained by the computing system for client-resource data flows traversing the computer network between client-side and resource-side nodes. Indication of a failure event at a network location of the computer network is obtained. For each mitigation action of a set of candidate mitigation actions, an estimated impact to a distribution of the service level objective is determined for the mitigation action by applying simulated client-resource data flows to a network topology model of the computer network in combination with the mitigation action and the failure event. One or more target mitigation actions are identified by the computing system from the set of candidate mitigation actions based on a comparison of the estimated impacts of the set of candidate mitigation actions.

Abstract: A computing device is provided, including a processor that receives a network graph. The processor further receives a specification of a network traffic control heuristic for a network traffic routing problem over the network graph. The processor further constructs a gap maximization problem that has, as a maximization target, a difference between an exact solution to the network traffic routing problem and a heuristic solution generated using the network traffic control heuristic. The processor further generates a Lagrange multiplier formulation of the gap maximization problem. At a convex solver, the processor further computes an estimated maximum gap as an estimated solution to the Lagrange multiplier formulation of the gap maximization problem. The processor further performs a network traffic control action based at least in part on the estimated maximum gap.

Abstract: A computing system identifies mitigation actions in response to failures within a computer network. A service level objective is obtained by the computing system for client-resource data flows traversing the computer network between client-side and resource-side nodes. Indication of a failure event at a network location of the computer network is obtained. For each mitigation action of a set of candidate mitigation actions, an estimated impact to a distribution of the service level objective is determined for the mitigation action by applying simulated client-resource data flows to a network topology model of the computer network in combination with the mitigation action and the failure event. One or more target mitigation actions are identified by the computing system from the set of candidate mitigation actions based on a comparison of the estimated impacts of the set of candidate mitigation actions.

Abstract: Techniques are disclosed for identifying faulty links in a virtualized computing environment. Network path latency information is received for one or more network paths in the networked computing environment. Based on the network path latency information, a probable presence of a faulty component is determined. In response to the determination, physical links for a network path associated with the probable faulty component are identified. Information indicative of likely sources of the probable faulty component is received from multiple hosts of the networked computing environment. Based on the identified physical links and information, a faulty component is determined.

Abstract: A satellite is provided, including an onboard computing device. The onboard computing device may include a processor configured to receive training data while the satellite is in orbit. The processor may be further configured to perform training at a machine learning model based at least in part on the training data. The processor may be further configured to generate model update data that specifies a modification made to the machine learning model during the training. The processor may be further configured to transmit the model update data from the satellite to an additional computing device.

Abstract: Techniques are disclosed for identifying faulty links in a virtualized computing environment. Network path latency information is received for one or more network paths in the networked computing environment. Based on the network path latency information, a probable presence of a faulty component is determined. In response to the determination, physical links for a network path associated with the probable faulty component are identified. Information indicative of likely sources of the probable faulty component is received from multiple hosts of the networked computing environment. Based on the identified physical links and information, a faulty component is determined.

Abstract: A computing system identifies mitigation actions in response to failures within a computer network. A service level objective is obtained by the computing system for client-resource data flows traversing the computer network between client-side and resource-side nodes. Indication of a failure event at a network location of the computer network is obtained. For each mitigation action of a set of candidate mitigation actions, an estimated impact to a distribution of the service level objective is determined for the mitigation action by applying simulated client-resource data flows to a network topology model of the computer network in combination with the mitigation action and the failure event. One or more target mitigation actions are identified by the computing system from the set of candidate mitigation actions based on a comparison of the estimated impacts of the set of candidate mitigation actions.

Abstract: The systems and methods may use a data reduction engine to reduce a volume of input data for machine learning exploration for computer networking related problems. The systems and methods may receive input data related to a network and obtain a network topology. The systems and methods may perform a structured search of a plurality of reduction functions based on a grammar to identify a subset of reduction functions. The systems and methods may generate transformed data by applying the subset of reduction functions to the input data and may determine whether the transformed data meets or exceeds a threshold. The systems and methods may output the transformed data in response to the transformed data meeting or exceeding the threshold.

Abstract: A cloud-based service uses an offline training pipeline to categorize training data for machine learning (ML) models into various clusters. Incoming test data that is received by a data center or in a cloud environment is compared against the categorized training data to identify the appropriate ML model to assign the test data. The comparison of the test data is done in real-time using a similarity metric that takes into account spatial and temporal factors of the test data relative to the categorized training data.

Abstract: A compromise detection system protects data centers (DCs) or other providers in the cloud. The compromise detection system can detect compromised virtual machines (VMs) through changes in network traffic characteristics while avoiding expensive data collection and preserving privacy. The compromise detection system obtains and uses periodically-obtained flow pattern summaries to detect compromised VMs. Agent-based detection on predetermined and compromised VMs can expose (using supervised learning) the network behavior of compromised VMs and then apply the learned model to all VMs in the DC. The compromise detection system can run continuously, protect the privacy of cloud customers, comply with Europe's General Data Protection Regulation (GDPR), and avoid various techniques that both erode privacy and degrade VM performance.

Abstract: Techniques are disclosed for identifying faulty links in a virtualized computing environment. Network path latency information is received for one or more network paths in the networked computing environment. Based on the network path latency information, a probable presence of a faulty component is determined. In response to the determination, physical links for a network path associated with the probable faulty component are identified. Information indicative of likely sources of the probable faulty component is received from multiple hosts of the networked computing environment. Based on the identified physical links and information, a faulty component is determined.

Abstract: Aspects of the present disclosure relate to incident routing in a cloud environment. In an example, cloud provider teams utilize a scout framework to build a team-specific scout based on that team's expertise. In examples, an incident is detected and a description is sent to each team-specific scout. Each team-specific scout uses the incident description and the scout specifications provided by the team to identify, access, and process monitoring data from cloud components relevant to the incident. Each team-specific scout utilizes one or more machine learning models to evaluate the monitoring data and generate an incident-classification prediction about whether the team is responsible for resolving the incident. In examples, a scout master receives predictions from each of the team-specific scouts and compares the predictions to determine to which team an incident should be routed.

Abstract: Techniques are disclosed for identifying faulty links in a virtualized computing environment. Network path latency information is received for one or more network paths in the networked computing environment. Based on the network path latency information, a probable presence of a faulty component is determined. In response to the determination, physical links for a network path associated with the probable faulty component are identified. Information indicative of likely sources of the probable faulty component is received from multiple hosts of the networked computing environment. Based on the identified physical links and information, a faulty component is determined.

Abstract: This document relates to automating the generation of machine learning models for evaluation of computer networks. Generally, the disclosed techniques can obtain network context data reflecting characteristics of a network, identify a type of evaluation to be performed on the network, and select a particular machine learning model for evaluating the network based at least on the type of evaluation. The disclosed techniques can also select one or features to train the particular machine learning model.