Patents by Inventor Grégory Mermoud

Grégory Mermoud has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • PROTECTING DEVICE CLASSIFICATION SYSTEMS FROM ADVERSARIAL ENDPOINTS
    Publication number: 20210297442
    Abstract: In various embodiments, a device classification service clusters devices in a network into a device type cluster based on attributes associated with the devices. The device classification service tracks changes to the device type cluster over time. The device classification service detects an attack on the device classification service by one or more of the devices based on the tracked changes to the device type cluster. The device classification service initiates a mitigation action for the detected attack on the device classification service.
    Type: Application
    Filed: March 19, 2020
    Publication date: September 23, 2021
    Inventors: Jean-Philippe Vasseur, Grégory Mermoud, Pierre-André Savalle, David Tedaldi
  • Refinement of device classification and clustering based on policy coloring
    Patent number: 11128534
    Abstract: In one embodiment, a device classification service receives data indicative of network traffic policies assigned to a plurality of device types. The device classification service associates measures of policy restrictiveness with the device types, based on the received data indicative of the network traffic policies assigned to the plurality of device types. The device classification service determines misclassification costs associated with a machine learning-based device type classifier of the service misclassifying an endpoint device of one of the plurality device types with another of the plurality of device types, based on their associated measures of policy restrictiveness. The device classification service adjusts the machine learning-based device type classifier to account for the determined misclassification costs.
    Type: Grant
    Filed: November 19, 2018
    Date of Patent: September 21, 2021
    Assignee: Cisco Technology, Inc.
    Inventors: Grégory Mermoud, Pierre-André Savalle, Jean-Philippe Vasseur
  • CASCADE-BASED CLASSIFICATION OF NETWORK DEVICES USING MULTI-SCALE BAGS OF NETWORK WORDS
    Publication number: 20210288876
    Abstract: In one embodiment, a device classification service uses feature vectors that represent how frequently one or more traffic features were observed in a network during different time windows to train a cascade of machine learning classifiers to label one or more devices in the network with a device type. The service receives traffic features of traffic associated with a particular device in the network, and then uses the cascade of machine learning classifiers to assign a device type label to the particular device based on the traffic features of the traffic associated with the particular device. The service initiates enforcement of a network policy regarding the device based on its device type based on the device type label assigned to the particular device.
    Type: Application
    Filed: May 21, 2021
    Publication date: September 16, 2021
    Inventors: Pierre-André Savalle, Jean-Philippe Vasseur, Grégory Mermoud
  • MACHINE LEARNING APPROACH FOR DYNAMIC ADJUSTMENT OF BFD TIMERS IN SD-WAN NETWORKS
    Publication number: 20210281504
    Abstract: In one embodiment, a device obtains performance data regarding failures of a tunnel in a network. The device generates a failure profile for the tunnel by applying machine learning to the performance data regarding the failures of the tunnel. The device determines, based on the failure profile for the tunnel, whether the tunnel exhibits failure flapping behavior. The device adjusts one or more Bidirectional Forwarding Detection (BFD) probing timers used to detect failures of the tunnel, based on the determination as to whether the tunnel exhibits failure flapping behavior.
    Type: Application
    Filed: May 26, 2021
    Publication date: September 9, 2021
    Inventors: Jean-Philippe Vasseur, Vinay Kumar Kolar, Grégory Mermoud
  • Adaptive oscillation control for network paths using machine learning
    Patent number: 11108651
    Abstract: In one embodiment, a device generates a model of oscillations between a particular path in a network satisfying a service level agreement template of traffic conveyed via the particular path and the particular path in the network not satisfying the service level agreement template. The device causes the traffic to be rerouted onto the particular path, based on a prediction by the model that the particular path will not oscillate for a period of time. The device determines, using the model, an adjustment to the service level agreement template that would reduce the oscillations. The device provides, to a user interface, an indication of the adjustment to the service level agreement template.
    Type: Grant
    Filed: October 28, 2020
    Date of Patent: August 31, 2021
    Assignee: Cisco Technology, Inc.
    Inventors: Grégory Mermoud, Jean-Philippe Vasseur, Vinay Kumar Kolar
  • Active learning for interactive labeling of new device types based on limited feedback
    Patent number: 11100364
    Abstract: In one embodiment, a device clusters traffic feature vectors for a plurality of endpoints in a network into a set of clusters. Each traffic feature vector comprises traffic telemetry data captured for one of the endpoints. The device selects one of the clusters for labeling, based in part on contextual data associated with the clusters that was not used to form the clusters. The device obtains a device type label for the selected cluster by providing data regarding the selected cluster and the contextual data associated with that cluster to a user interface. The device provides the device type label and the traffic feature vectors associated with the selected cluster for training a machine learning-based device type classifier.
    Type: Grant
    Filed: November 19, 2018
    Date of Patent: August 24, 2021
    Assignee: Cisco Technology, Inc.
    Inventors: Grégory Mermoud, Pierre-André Savalle, Jean-Philippe Vasseur, David Tedaldi
  • FORECASTING NETWORK KPIs
    Publication number: 20210218641
    Abstract: In one embodiment, a service receives input data from networking entities in a network. The input data comprises synchronous time series data, asynchronous event data, and an entity graph that that indicates relationships between the networking entities in the network. The service clusters the networking entities by type in a plurality of networking entity clusters. The service selects, based on a combination of the received input data, machine learning model data features. The service trains, using the selected machine learning model data features, a machine learning model to forecast a key performance indicator (KPI) for a particular one of the networking entity clusters.
    Type: Application
    Filed: January 10, 2020
    Publication date: July 15, 2021
    Inventors: Jean-Philippe Vasseur, Grégory Mermoud, Vinay Kumar Kolar, Pierre-Andre Savalle
  • Forecasting network KPIs
    Patent number: 11063842
    Abstract: In one embodiment, a service receives input data from networking entities in a network. The input data comprises synchronous time series data, asynchronous event data, and an entity graph that that indicates relationships between the networking entities in the network. The service clusters the networking entities by type in a plurality of networking entity clusters. The service selects, based on a combination of the received input data, machine learning model data features. The service trains, using the selected machine learning model data features, a machine learning model to forecast a key performance indicator (KPI) for a particular one of the networking entity clusters.
    Type: Grant
    Filed: January 10, 2020
    Date of Patent: July 13, 2021
    Assignee: Cisco Technology, Inc.
    Inventors: Jean-Philippe Vasseur, Grégory Mermoud, Vinay Kumar Kolar, Pierre-Andre Savalle
  • Ensuring backup path performance for predictive routing in SD-WANs
    Patent number: 11063861
    Abstract: In one embodiment, a device predicts a failure of a first tunnel in a software-defined wide area network (SD-WAN). The device makes a prediction as to whether a second tunnel in the SD-WAN will satisfy a service level agreement (SLA) associated with traffic on the first tunnel. The device proactively reroutes the traffic from the first tunnel onto the second tunnel, based on the prediction as to whether that the second tunnel will satisfy the SLA of the traffic. The device monitors one or more quality of service (QoS) metrics for the rerouted traffic, to ensure that the second tunnel satisfies the SLA of the traffic.
    Type: Grant
    Filed: June 3, 2019
    Date of Patent: July 13, 2021
    Assignee: Cisco Technology, Inc.
    Inventors: Jean-Philippe Vasseur, Grégory Mermoud, Vinay Kumar Kolar, Sharon Shoshana Wulff
  • Mixing rule-based and machine learning-based indicators in network assurance systems
    Patent number: 11063836
    Abstract: In one embodiment, a device in a network receives data regarding a plurality of predefined health status rules that evaluate one or more observed conditions of the network. The device, using the data regarding the plurality of health status rules for the network, trains a machine learning-based classifier to generate predictions regarding outputs of the health status rules. The device adjusts the machine learning-based classifier based on feedback associated with the generated predictions. The device provides an indication of one or more of the predictions regarding the outputs of the health status rules to a user interface.
    Type: Grant
    Filed: March 21, 2017
    Date of Patent: July 13, 2021
    Assignee: Cisco Technology, Inc.
    Inventors: Grégory Mermoud, Jean-Philippe Vasseur
  • Deriving highly interpretable cognitive patterns for network assurance
    Patent number: 11049033
    Abstract: In one embodiment, a network assurance system that monitors a network labels time periods with positive labels, based on the network assurance system detecting problems in the network during the time periods. The network assurance system assigns tags to discrete portions of a feature space of measurements from the monitored network, based on whether a particular range of values in the feature space has a threshold probability of occurring during a positively-labeled time period. The network assurance system determines a set of the assigned tags that frequently co-occur with the positively-labeled time periods in which problems are detected in the network. The network assurance system causes performance of a mitigation action in the network based on the set of assigned tags that frequently co-occur with the positively-labeled time periods.
    Type: Grant
    Filed: January 12, 2018
    Date of Patent: June 29, 2021
    Assignee: Cisco Technology, Inc.
    Inventors: Vinay Kumar Kolar, Vikram Kumaran, Abhishek Kumar, Santosh Ghanshyam Pandey, Jean-Philippe Vasseur, Grégory Mermoud
  • ANOMALY DETECTION OF MODEL PERFORMANCE IN AN MLOPS PLATFORM
    Publication number: 20210184958
    Abstract: In one embodiment, a service tracks performance of a machine learning model over time. The machine learning model is used to monitor one or more computer networks based on data collected from the one or more computer networks. The service also tracks performance metrics associated with training of the machine learning model. The service determines that a degradation of the performance of the machine learning model is anomalous, based on the tracked performance of the machine learning model and performance metrics associated with training of the model. The service initiates a corrective measure for the degradation of the performance, in response to determining that the degradation of the performance is anomalous.
    Type: Application
    Filed: December 11, 2019
    Publication date: June 17, 2021
    Inventors: Vinay Kumar Kolar, Jean-Philippe Vasseur, Grégory Mermoud, Pierre-Andre Savalle
  • PREDICTING THE IMPACT OF NETWORK SOFTWARE UPGRADES ON MACHINE LEARNING MODEL PERFORMANCE
    Publication number: 20210173636
    Abstract: In one embodiment, a service receives software version data regarding versions of software executed by devices in a network. The service detects a version change in the version of software executed by one or more of the devices, based on the received software version data. The service makes a determination that a drop in data quality of input data for a machine learning model used to monitor the network is associated with the detected version change. The service reverts the one or more devices to a prior version of software, based on the determination that the drop in quality of the input data for the machine learning model used to monitor the network is associated with the detected version change.
    Type: Application
    Filed: December 10, 2019
    Publication date: June 10, 2021
    Inventors: Vinay Kumar Kolar, Jean-Philippe Vasseur, Gregory Mermoud, Pierre-Andre Savalle
  • Machine learning approach for dynamic adjustment of BFD timers in SD-WAN networks
    Patent number: 11032181
    Abstract: In one embodiment, a device obtains performance data regarding failures of a tunnel in a network. The device generates a failure profile for the tunnel by applying machine learning to the performance data regarding the failures of the tunnel. The device determines, based on the failure profile for the tunnel, whether the tunnel exhibits failure flapping behavior. The device adjusts one or more Bidirectional Forwarding Detection (BFD) probing timers used to detect failures of the tunnel, based on the determination as to whether the tunnel exhibits failure flapping behavior.
    Type: Grant
    Filed: June 7, 2019
    Date of Patent: June 8, 2021
    Assignee: Cisco Technology, Inc.
    Inventors: Jean-Philippe Vasseur, Vinay Kumar Kolar, Grégory Mermoud
  • Cascade-based classification of network devices using multi-scale bags of network words
    Patent number: 11025486
    Abstract: In one embodiment, a device classification service extracts, for each of a plurality of time windows, one or more sets of traffic features of network traffic in a network from traffic telemetry data captured by the network. The service represents, for the time windows, the extracted one or more sets of traffic features as feature vectors. A feature vector for a time window indicates whether each of the traffic features was present in the network traffic during that window. The service trains, using a training dataset based on the feature vectors, a cascade of machine learning classifiers to label devices with device types. The service uses the classifiers to label a particular device in the network with a device type based on the traffic features of network traffic associated with that device. The service initiates enforcement of a network policy regarding the device based on its device type.
    Type: Grant
    Filed: October 19, 2018
    Date of Patent: June 1, 2021
    Assignee: Cisco Technology, Inc.
    Inventors: Pierre-André Savalle, Jean-Philippe Vasseur, Grégory Mermoud
  • ASSESSING DATA FIDELITY IN A MACHINE LEARNING-BASED NETWORK ASSURANCE SYSTEM
    Publication number: 20210158106
    Abstract: In one embodiment, a service computes a data fidelity metric for network telemetry data used by a machine learning model to monitor a computer network. The service detects unacceptable performance of the machine learning model. The service determines a correlation between the data fidelity metric and the unacceptable performance of the machine learning model. The service adjusts generation of the network telemetry data for input to the machine learning model, based on the determined correlation between the data fidelity metric and the unacceptable performance of the machine learning model.
    Type: Application
    Filed: November 22, 2019
    Publication date: May 27, 2021
    Inventors: Jean-Philippe Vasseur, Vinay Kumar Kolar, Andrea Di Pietro, Grégory Mermoud, Pierre-Andre Savalle
  • EVENT-TRIGGERED MACHINE LEARNING FOR RARE EVENT FORECASTING IN A SOFTWARE DEFINED WIDE AREA NETWORK (SD-WAN)
    Publication number: 20210160148
    Abstract: In one embodiment, a service detects that an event of a particular event type has occurred in a software-defined wide area network (SD-WAN). The service activates, in response to detecting the occurrence of the event, a machine learning model to assess telemetry data regarding a first tunnel in the SD-WAN. The service predicts a failure of the first tunnel, based on the assessment of the telemetry data regarding the first tunnel by the machine learning model. The service proactively reroutes at least a subset of traffic on the first tunnel onto a second tunnel in the SD-WAN, in advance of the predicted failure of the first tunnel.
    Type: Application
    Filed: November 25, 2019
    Publication date: May 27, 2021
    Inventors: Vinay Kumar Kolar, Jean-Philippe Vasseur, Grégory Mermoud, Pierre-Andre Savalle
  • INTERPRETABLE PEER GROUPING FOR COMPARING KPIs ACROSS NETWORK ENTITIES
    Publication number: 20210158260
    Abstract: In one embodiment, a network assurance service that monitors a network receives key performance indicators (KPIs) for a plurality of network entities in the network. The service applies clustering to the KPIs, to form KPI clusters. The service designates the network entities associated with the particular KPI cluster as belonging to a peer group, based in part on an assessment that the network entities associated with the particular KPI cluster share one or more attributes. The service uses a machine learning model to identify one of the network entities in the peer group as anomalous among the network entities in the peer group.
    Type: Application
    Filed: November 25, 2019
    Publication date: May 27, 2021
    Inventors: Vinay Kumar Kolar, Jean-Philippe Vasseur, Vikram Kumaran, Grégory Mermoud, Pierre-Andre Savalle
  • Learning packet capture policies to enrich context for device classification systems
    Patent number: 11018943
    Abstract: In various embodiments, a device classification service receives, from a networking device in a network, an indication that deep packet inspection (DPI) trace data is not available for an endpoint device in the network because the endpoint device does not match any DPI policies of the networking device. The service configures a first DPI policy on the networking device that causes it to capture a DPI trace of traffic associated with the endpoint device. The service receives, via a user interface, an indication that a subset of attributes of the endpoint device in the DPI trace is relevant to labeling the endpoint device with a device type. The service replaces the first DPI policy on the networking device with a second DPI policy that causes it to report only the subset of attributes of endpoint devices to the device classification service for endpoint devices that match the second DPI policy.
    Type: Grant
    Filed: May 20, 2020
    Date of Patent: May 25, 2021
    Assignee: Cisco Technology, Inc.
    Inventors: Jean-Philippe Vasseur, David Tedaldi, Grégory Mermoud, Pierre-André Savalle
  • AUTOMATIC CHARACTERIZATION OF AP BEHAVIORS
    Publication number: 20210144572
    Abstract: In one embodiment, a device receives observed access point (AP) features of one or more APs in a monitored network. The device clusters the observed AP features within a latent space to form AP feature clusters. The device applies labels to the AP feature clusters within the latent space. The device uses the applied labels to the AP feature clusters to describe future behaviors of the one or more APs in the monitored network.
    Type: Application
    Filed: January 20, 2021
    Publication date: May 13, 2021
    Inventors: Javier Cruz Mota, Jean-Philippe Vasseur, Pierre-André Savalle, Grégory Mermoud