Patents by Inventor Flemming Andreasen
Flemming Andreasen has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11785041Abstract: In one embodiment, a device in a network captures domain name system (DNS) response data from a DNS response sent by a DNS service to a client in the network. The device captures session data for an encrypted session of the client. The device makes a determination that the encrypted session is malicious by using the captured DNS response data and the captured session data as input to a machine learning-based or rule-based classifier. The device performs a mediation action in response to the determination that the encrypted session is malicious.Type: GrantFiled: March 16, 2022Date of Patent: October 10, 2023Assignee: Cisco Technology, Inc.Inventors: David McGrew, Blake Harrell Anderson, Daniel G. Wing, Flemming Andreasen
-
Patent number: 11611579Abstract: In one embodiment, a device in a network captures domain name system (DNS) response data from a DNS response sent by a DNS service to a client in the network. The device captures session data for an encrypted session of the client. The device makes a determination that the encrypted session is malicious by using the captured DNS response data and the captured session data as input to a machine learning-based or rule-based classifier. The device performs a mediation action in response to the determination that the encrypted session is malicious.Type: GrantFiled: April 7, 2022Date of Patent: March 21, 2023Assignee: Cisco Technology, Inc.Inventors: David Mcgrew, Blake Harrell Anderson, Daniel G. Wing, Flemming Andreasen
-
Patent number: 11540202Abstract: Techniques are provided to use a trusted identity and location to select the most appropriate point of interconnect to edge application execution environments as well as a specific edge application execution environment. The techniques may involve obtaining, on behalf of a wireless mobile device, an access identifier that indicates an access location of the wireless mobile device that is wirelessly connected to wireless network infrastructure equipment operated by an access network provider that is associated with, and a member of, a federation of access network providers. The access location for the wireless mobile device is derived based on the access identifier, and the access location is used to select an edge resource to be used by the wireless mobile device.Type: GrantFiled: November 6, 2020Date of Patent: December 27, 2022Assignee: CISCO TECHNOLOGY, INC.Inventors: Timothy Peter Stammers, Flemming Andreasen
-
Patent number: 11483292Abstract: Techniques are presented herein for engagement and disengagement of Transport Layer Security proxy services with encrypted handshaking. In one embodiment, a first initial message of a first encrypted handshaking procedure for a first secure communication session between a first device and a second device is intercepted at a proxy device. The first initial message includes first key exchange information for encrypting the first encrypted handshaking procedure. A copy of the first initial message is stored at the proxy device. A second initial message of a second encrypted handshaking procedure for a second secure communication session between the proxy device and the second device is sent from the proxy device to the second device. The second initial message includes second key exchange information for encrypting the second encrypted handshaking procedure. The proxy device determines, based on the second encrypted handshaking procedure, whether to remain engaged or to disengage.Type: GrantFiled: December 9, 2020Date of Patent: October 25, 2022Assignee: CISCO TECHNOLOGY, INC.Inventors: Jianxin Wang, Prashanth Patil, Flemming Andreasen, Nancy Cam-Winget, Hari Shankar
-
Publication number: 20220210183Abstract: In one embodiment, a device in a network captures domain name system (DNS) response data from a DNS response sent by a DNS service to a client in the network. The device captures session data for an encrypted session of the client. The device makes a determination that the encrypted session is malicious by using the captured DNS response data and the captured session data as input to a machine learning-based or rule-based classifier. The device performs a mediation action in response to the determination that the encrypted session is malicious.Type: ApplicationFiled: March 16, 2022Publication date: June 30, 2022Inventors: David McGrew, Blake Harrell Anderson, Daniel G. Wing, Flemming Andreasen
-
Publication number: 20220150798Abstract: Techniques are provided to use a trusted identity and location to select the most appropriate point of interconnect to edge application execution environments as well as a specific edge application execution environment. The techniques may involve obtaining, on behalf of a wireless mobile device, an access identifier that indicates an access location of the wireless mobile device that is wirelessly connected to wireless network infrastructure equipment operated by an access network provider that is associated with, and a member of, a federation of access network providers. The access location for the wireless mobile device is derived based on the access identifier, and the access location is used to select an edge resource to be used by the wireless mobile device.Type: ApplicationFiled: November 6, 2020Publication date: May 12, 2022Inventors: Timothy Peter Stammers, Flemming Andreasen
-
Patent number: 11303664Abstract: In one embodiment, a device in a network captures domain name system (DNS) response data from a DNS response sent by a DNS service to a client in the network. The device captures session data for an encrypted session of the client. The device makes a determination that the encrypted session is malicious by using the captured DNS response data and the captured session data as input to a machine learning-based or rule-based classifier. The device performs a mediation action in response to the determination that the encrypted session is malicious.Type: GrantFiled: October 31, 2019Date of Patent: April 12, 2022Assignee: Cisco Technology, Inc.Inventors: David McGrew, Blake Harrell Anderson, Daniel G. Wing, Flemming Andreasen
-
Publication number: 20210119974Abstract: Techniques are presented herein for engagement and disengagement of Transport Layer Security proxy services with encrypted handshaking. In one embodiment, a first initial message of a first encrypted handshaking procedure for a first secure communication session between a first device and a second device is intercepted at a proxy device. The first initial message includes first key exchange information for encrypting the first encrypted handshaking procedure. A copy of the first initial message is stored at the proxy device. A second initial message of a second encrypted handshaking procedure for a second secure communication session between the proxy device and the second device is sent from the proxy device to the second device. The second initial message includes second key exchange information for encrypting the second encrypted handshaking procedure. The proxy device determines, based on the second encrypted handshaking procedure, whether to remain engaged or to disengage.Type: ApplicationFiled: December 9, 2020Publication date: April 22, 2021Inventors: Jianxin Wang, Prashanth Patil, Flemming Andreasen, Nancy Cam-Winget, Hari Shankar
-
Patent number: 10911409Abstract: Techniques are presented herein for engagement and disengagement of Transport Layer Security proxy services with encrypted handshaking. In one embodiment, a first initial message of a first encrypted handshaking procedure for a first secure communication session between a first device and a second device is intercepted at a proxy device. The first initial message includes first key exchange information for encrypting the first encrypted handshaking procedure. A copy of the first initial message is stored at the proxy device. A second initial message of a second encrypted handshaking procedure for a second secure communication session between the proxy device and the second device is sent from the proxy device to the second device. The second initial message includes second key exchange information for encrypting the second encrypted handshaking procedure. The proxy device determines, based on the second encrypted handshaking procedure, whether to remain engaged or to disengage.Type: GrantFiled: May 21, 2018Date of Patent: February 2, 2021Assignee: Cisco Technology, Inc.Inventors: Jianxin Wang, Prashanth Patil, Flemming Andreasen, Nancy Cam-Winget, Hari Shankar
-
Publication number: 20200067972Abstract: In one embodiment, a device in a network captures domain name system (DNS) response data from a DNS response sent by a DNS service to a client in the network. The device captures session data for an encrypted session of the client. The device makes a determination that the encrypted session is malicious by using the captured DNS response data and the captured session data as input to a machine learning-based or rule-based classifier. The device performs a mediation action in response to the determination that the encrypted session is malicious.Type: ApplicationFiled: October 31, 2019Publication date: February 27, 2020Inventors: David McGrew, Blake Harrell Anderson, Daniel G. Wing, Flemming Andreasen
-
Patent number: 10505970Abstract: In one embodiment, a device in a network captures domain name system (DNS) response data from a DNS response sent by a DNS service to a client in the network. The device captures session data for an encrypted session of the client. The device makes a determination that the encrypted session is malicious by using the captured DNS response data and the captured session data as input to a machine learning-based or rule-based classifier. The device performs a mediation action in response to the determination that the encrypted session is malicious.Type: GrantFiled: October 5, 2016Date of Patent: December 10, 2019Assignee: Cisco Technology, Inc.Inventors: David McGrew, Blake Harrell Anderson, Daniel G. Wing, Flemming Andreasen
-
Publication number: 20190356694Abstract: Techniques are presented herein for engagement and disengagement of Transport Layer Security proxy services with encrypted handshaking. In one embodiment, a first initial message of a first encrypted handshaking procedure for a first secure communication session between a first device and a second device is intercepted at a proxy device. The first initial message includes first key exchange information for encrypting the first encrypted handshaking procedure. A copy of the first initial message is stored at the proxy device. A second initial message of a second encrypted handshaking procedure for a second secure communication session between the proxy device and the second device is sent from the proxy device to the second device. The second initial message includes second key exchange information for encrypting the second encrypted handshaking procedure. The proxy device determines, based on the second encrypted handshaking procedure, whether to remain engaged or to disengage.Type: ApplicationFiled: May 21, 2018Publication date: November 21, 2019Inventors: Jianxin Wang, Prashanth Patil, Flemming Andreasen, Nancy Cam-Winget, Hari Shankar
-
Publication number: 20180097835Abstract: In one embodiment, a device in a network captures domain name system (DNS) response data from a DNS response sent by a DNS service to a client in the network. The device captures session data for an encrypted session of the client. The device makes a determination that the encrypted session is malicious by using the captured DNS response data and the captured session data as input to a machine learning-based or rule-based classifier. The device performs a mediation action in response to the determination that the encrypted session is malicious.Type: ApplicationFiled: October 5, 2016Publication date: April 5, 2018Inventors: David McGrew, Blake Harrell Anderson, Daniel G. Wing, Flemming Andreasen
-
Patent number: 8787303Abstract: This disclosure relates to a system and method for offloading selected data traffic in logical tunnels to the Internet. The offloading provides another data path for selected data traffic that can relieve the burden on a mobile operator's network, such as the backhaul and core networks. As the proliferation of data rich content and increasingly more capable mobile devices has continued, the amount of data communicated over mobile operator's networks has increased. Upgrading the existing network that was designed for voice calls is not desirable or practical for many mobile operators. This disclosure provides systems and methods for offloading data to the Internet at a router to relieve congestion on the mobile operator's network.Type: GrantFiled: May 20, 2011Date of Patent: July 22, 2014Assignee: Cisco Technology, Inc.Inventors: Kent K. Leung, Jayaraman Iyer, Flemming Andreasen, Timothy Stammers, Michel Khouderchah
-
Patent number: 8320329Abstract: In one embodiment, a method includes receiving, at a visited network node, policy for a roaming terminal from a home network of the roaming terminal. The policy is associated with a home Internet Protocol (IP) address of the roaming terminal. The visited network node applies the policy in the visited network to data packets that include the home IP address. Applying the policy to a data packet encompasses either enforcing the policy at the node that applies the policy or sending data that indicates the policy to a different node that applies the policy based on the data sent, or both.Type: GrantFiled: March 24, 2008Date of Patent: November 27, 2012Assignee: Cisco Technology, Inc.Inventors: Flemming Andreasen, Kent Leung
-
Patent number: 8233401Abstract: In one embodiment, a network device receives an Internet protocol (IP) registration request, such as a mobile IP registration request, from an access terminal. The network device may be a home agent that is configured to register the access terminal for IP services at the network layer. In addition to registering the access terminal at the network layer, the network device may facilitate registration at another layer, such as the application layer. In one example, registration information for the access terminal for an application layer registration, such as information needed to register for a session initiation protocol (SIP) services, is determined. The network device then facilitates registration at the application layer automatically using the registration information.Type: GrantFiled: August 13, 2007Date of Patent: July 31, 2012Assignee: Cisco Technology, Inc.Inventors: Jonathan D. Rosenberg, Flemming Andreasen, Jayaraman Iyer, Timothy Stammers
-
Publication number: 20120082161Abstract: This disclosure relates to a system and method for offloading selected data traffic in logical tunnels to the Internet. The offloading provides another data path for selected data traffic that can relieve the burden on a mobile operator's network, such as the backhaul and core networks. As the proliferation of data rich content and increasingly more capable mobile devices has continued, the amount of data communicated over mobile operator's networks has increased. Upgrading the existing network that was designed for voice calls is not desirable or practical for many mobile operators. This disclosure provides systems and methods for offloading data to the Internet at a router to relieve congestion on the mobile operator's network.Type: ApplicationFiled: May 20, 2011Publication date: April 5, 2012Applicant: CISCO TECHNOLOGY, INC.Inventors: Kent LEUNG, Jayaraman IYER, Flemming ANDREASEN, Timothy STAMMERS, Michel KHOUDERCHAH
-
Patent number: 8059533Abstract: In one embodiment, a method includes receiving packet flow optimization (PFO) configuration data that associates each rule name of multiple PFO rule names with a corresponding method for processing a data packet in a communications network based on data in a payload of a layer 3 protocol of the data packet. A first policy message is received from a policy management process in the communications network. The first policy message includes rule data that indicates a signaled rule name associated with a particular network address in the communications network. In response to receiving the first policy message, a data packet of the particular network address is processed according to a particular method associated with a particular rule name selected based on the signaled rule name. As a result, a PFO policy is controlled from the policy management process.Type: GrantFiled: October 24, 2007Date of Patent: November 15, 2011Assignee: Cisco Technology, Inc.Inventors: Flemming Andreasen, Eric Hamel, Yaacov Arbel, Meir Morgenstern
-
Patent number: 7907514Abstract: A mechanism provides for communication of “keep-alive” messages from clients to servers in a packet telephony network environment. The servers may be call agents and the clients may be gateways or MGCP-controlled IP phones. A client (e.g., gateway) registers a virtual endpoint. Upon a period of inactivity in which the client does not receive any commands or acknowledgments from an assigned server (e.g., call agent), the client starts to send keep-alive messages periodically to the server. The keep-alive message may include an endpoint identifier that identifies the registered virtual endpoint. If the server fails to respond to the keep-alive messages after a period of time, the client initiates a fallback mechanism from a first call control protocol (e.g., MGCP) to a second call control protocol (e.g., H.323 or SIP), to provide call control handling using a default application.Type: GrantFiled: September 29, 2005Date of Patent: March 15, 2011Assignee: Cisco Technology, Inc.Inventors: Andrew S. Foltan, Alex Urquizo, Flemming Andreasen
-
Patent number: 7899040Abstract: A method and apparatus of communication processing at a client (e.g., media gateway) connected to a server (e.g., media gateway controller) includes collecting events in a quarantine buffer. The contents of the buffer are examined to determine whether the collected events include one or more synchronizing events. An instruction signal sent to the client from the server includes information defining one or more events as a synchronizing event. If one or more synchronizing events is present, the collected events are processed from the buffer relative to the one or more synchronizing events. The processing may include processing the collected events beginning after the most recent or second most recent synchronizing event. The collected events that occurred up to the most recent or second most recent synchronizing event may be moved to a synchronized event list. The synchronized event list may be reported to the server or discarded.Type: GrantFiled: March 15, 2006Date of Patent: March 1, 2011Assignee: Cisco Technology, Inc.Inventor: Flemming Andreasen