Patents by Inventor Jean Philippe Vasseur

Jean Philippe Vasseur has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20190114245
    Abstract: In one embodiment, a node in a network reports, to a supervisory service, histograms of application-specific throughput metrics measured from the network. The node receives, from the supervisory service, a merged histogram of application-specific throughput metrics. The supervisory service generated the merged histogram based on a plurality of histograms reported to the supervisory service by a plurality of nodes. The node performs, using the merged histogram, application throughput anomaly detection on traffic in the network. The node causes performance of a mitigation action in the network when an application throughput anomaly is detected. The node adjusts, based on a control command sent by the supervisory service, a histogram reporting strategy used by the node to report the histograms of application-specific throughput metrics to the supervisory service.
    Type: Application
    Filed: October 12, 2017
    Publication date: April 18, 2019
    Inventors: Grégory Mermoud, Jean-Philippe Vasseur, Pierre-André Savalle
  • Publication number: 20190110185
    Abstract: In one embodiment, a service maintains a mobility path graph that represents roaming transitions between wireless access points in a network by client devices in the network. The service associates metrics regarding roaming delays to mobility paths in the mobility path graph. The service identifies a roaming boundary change that is predicted to reduce roaming delays between two or more wireless access points in the network, in part by assessing the metrics regarding roaming delays associated with the mobility paths in the mobility path graph. The service provides an indication of the identified roaming boundary change to a user interface.
    Type: Application
    Filed: October 6, 2017
    Publication date: April 11, 2019
    Inventors: Vinay Kumar Kolar, Jean-Philippe Vasseur, Santosh Pandey
  • Patent number: 10243980
    Abstract: In one embodiment, a device in a network receives an indication that a network anomaly detected by an anomaly detector of a first node in the network is associated with scanning activity in the network. The device receives labeled traffic data associated with the detected anomaly that identifies whether the traffic data is associated with legitimate or illegitimate scanning activity. The device trains a machine learning-based classifier using the labeled traffic data to distinguish between legitimate and illegitimate scanning activity in the network. The device deploys the trained classifier to the first node, to distinguish between legitimate and illegitimate scanning activity in the network.
    Type: Grant
    Filed: July 8, 2016
    Date of Patent: March 26, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Jean-Philippe Vasseur, Grégory Mermoud, Pierre-André Savalle, Alexandre Honoré
  • Patent number: 10244525
    Abstract: In one embodiment, a method comprises: promiscuously detecting, by a parent network device in a tree-based network topology, a data packet transmitted to a child network device attached to the parent network device, the data packet transmitted by a grandchild network device attached to the child network device; determining, by the parent network device, whether the data packet transmitted to the child network device is to be forwarded toward a destination via the parent network device; and the parent network device selectively initiating intercepted forwarding of the data packet toward the destination, on behalf of the child network device, based on determining that the data packet is to be forwarded toward the destination via the parent network device.
    Type: Grant
    Filed: January 29, 2016
    Date of Patent: March 26, 2019
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Pascal Thubert, Patrick Wetterwald, Eric Michel Levy-Abegnoli, Jean-Philippe Vasseur
  • Publication number: 20190089599
    Abstract: In one embodiment, a service identifies a performance issue exhibited by a first device in a first network. The service forms a set of one or more time series of one or more characteristics of the first device associated with the identified performance issue. The service generates a mapping between the set of one or more time series of one or more characteristics of the first device to one or more time series of one or more characteristics of a second device in a second network. The mapping comprises a relevancy score that quantifies a degree of similarity between the characteristics of the first and second devices. The service determines a likelihood of the second device exhibiting the performance issue based on the generated mapping and on the relevancy score. The service provides an indication of the determined likelihood to a user interface associated with the second network.
    Type: Application
    Filed: September 15, 2017
    Publication date: March 21, 2019
    Inventors: Pierre-André Savalle, Grégory Mermoud, Jean-Philippe Vasseur
  • Publication number: 20190081973
    Abstract: In one embodiment, a device in a network maintains a plurality of anomaly detection models for different sets of aggregated traffic data regarding traffic in the network. The device determines a measure of confidence in a particular one of the anomaly detection models that evaluates a particular set of aggregated traffic data. The device dynamically replaces the particular anomaly detection model with a second anomaly detection model configured to evaluate the particular set of aggregated traffic data and has a different model capacity than that of the particular anomaly detection model. The device provides an anomaly event notification to a supervisory controller based on a combined output of the second anomaly detection model and of one or more of the anomaly detection models in the plurality of anomaly detection models.
    Type: Application
    Filed: November 14, 2018
    Publication date: March 14, 2019
    Inventors: Pierre-André Savalle, Grégory Mermoud, Laurent Sartran, Jean-Philippe Vasseur
  • Patent number: 10220167
    Abstract: In one embodiment, a device in a network detects an anomaly in the network by analyzing a set of sample data regarding one or more conditions of the network using a behavioral analytics model. The device receives feedback regarding the detected anomaly. The device determines that the anomaly was a true positive based on the received feedback. The device excludes the set of sample data from a training set for the behavioral analytics model, in response to determining that the anomaly was a true positive.
    Type: Grant
    Filed: June 13, 2016
    Date of Patent: March 5, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Grégory Mermoud, Jean-Philippe Vasseur, Pierre-André Savalle
  • Patent number: 10225789
    Abstract: In one embodiment, a supervisory device in a network receives from a plurality of access points (APs) in the network data regarding a network availability request broadcast by a node seeking to access the network and received by the APs in the plurality. The supervisory device uniquely associates the node with a virtual access point (VAP) for the node and forms a VAP mapping between the VAP for the node and a set of the APs in the plurality selected based on the received data regarding the network availability request. One of the APs in the mapping is designated as a primary access point for the node. The supervisory device instructs the primary AP to send a network availability response to the node that includes information for the VAP. The node uses the information for the VAP to access the network via the set of APs in the VAP mapping.
    Type: Grant
    Filed: April 19, 2017
    Date of Patent: March 5, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Pascal Thubert, Jean-Philippe Vasseur, Patrick Wetterwald, Eric Levy-Abegnoli
  • Publication number: 20190068474
    Abstract: In one embodiment, a service in a network samples application traffic throughputs for a set of applications present in a network. The service generates a throughput model based on the sampled application throughputs for the set of applications. The service performs anomaly detection on wireless throughput measurements from the network by comparing the wireless throughput measurements to the generated throughput model. The service sends an anomaly detection notification based on a determination that the wireless throughput measurements from the network are anomalous.
    Type: Application
    Filed: August 22, 2017
    Publication date: February 28, 2019
    Inventors: Jean-Philippe Vasseur, Grégory Mermoud, Abhishek Kumar
  • Patent number: 10218619
    Abstract: In one embodiment, a device in a network identifies an upcoming network formation event. The device instructs one or more nodes in the network to use a network formation broadcast schedule during the event. The device determines that a degree of functionality in the network during the event exceeds a threshold amount. The device instructs the one or more nodes to use a normal broadcast schedule, in response to determining that the degree of functionality in the network during the event exceeds the threshold amount. Channels of the network formation broadcast schedule are active more frequently than channels of the normal broadcast schedule when in use.
    Type: Grant
    Filed: December 19, 2014
    Date of Patent: February 26, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Jonathan W. Hui, Jean-Philippe Vasseur, Wei Hong
  • Patent number: 10218726
    Abstract: In one embodiment, a networking device in a network causes formation of device clusters of devices in the network. The devices in a particular cluster exhibit similar characteristics. The networking device receives feedback from a device identity service regarding the device clusters. The feedback is based in part on the device identity service probing the devices. The networking device adjusts the device clusters based on the feedback from the device identity service. The networking device performs anomaly detection in the network using the adjusted device clusters.
    Type: Grant
    Filed: June 13, 2016
    Date of Patent: February 26, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Jean-Philippe Vasseur, Grégory Mermoud, Pierre-André Savalle, Andrea Di Pietro, Sukrit Dasgupta
  • Patent number: 10218727
    Abstract: In one embodiment, a device in a network receives, from a supervisory device, trace information for one or more traffic flows associated with a particular anomaly. The device remaps network addresses in the trace information to addresses of one or more nodes in the network based on roles of the one or more nodes. The device mixes, using the remapped network addresses, the trace information with traffic information regarding one or more observed traffic flows in the network, to form a set of mixed traffic information. The device analyzes the mixed traffic information using an anomaly detection model. The device provides an indication of a result of the analysis of the mixed traffic information to the supervisory device.
    Type: Grant
    Filed: June 16, 2016
    Date of Patent: February 26, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Andrea Di Pietro, Jean-Philippe Vasseur
  • Patent number: 10218729
    Abstract: In one embodiment, a device in a network receives sets of traffic flow features from an unsupervised machine learning-based anomaly detector. The sets of traffic flow features are associated with anomaly scores determined by the anomaly detector. The device ranks the sets of traffic flow features based in part on their anomaly scores. The device applies a genetic programming approach to the ranked sets of traffic flow features to generate new sets of traffic flow features. The genetic programming approach uses a fitness function that is based in part on the rankings of the sets of traffic flow features. The device specializes the anomaly detector to emphasize a particular type of anomaly using the new sets of traffic flow features.
    Type: Grant
    Filed: July 8, 2016
    Date of Patent: February 26, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Sébastien Gay, Laurent Sartran, Jean-Philippe Vasseur
  • Patent number: 10212182
    Abstract: In one embodiment, a server instructs one or more networking devices in a local area network (LAN) to form virtual network overlay in the LAN that redirects traffic associated with a particular node in the LAN to the server. The server receives the redirected traffic associated with the particular node. The server determines a node profile for the particular node based in part on an analysis of the redirected traffic. The server configures the particular node based on the determined node profile for the particular node.
    Type: Grant
    Filed: April 12, 2017
    Date of Patent: February 19, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Patrick Wetterwald, Pascal Thubert, Jean-Philippe Vasseur, Eric Levy-Abegnoli
  • Patent number: 10212044
    Abstract: In one embodiment, a device in a network maintains a machine learning-based recursive model that models a time series of observations regarding a monitored entity in the network. The device applies sparse dictionary learning to the recursive model, to find a decomposition of a particular state vector of the recursive model. The decomposition of the particular state vector comprises a plurality of basis vectors. The device determines a mapping between at least one of the plurality of basis vectors for the particular state vector and one or more human-readable interpretations of the basis vectors. The device provides a label for the particular state vector to a user interface. The label is based on the mapping between the at least one of the plurality of basis vectors for the particular state vector and the one or more human-readable interpretations of the basis vectors.
    Type: Grant
    Filed: March 23, 2017
    Date of Patent: February 19, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Grégory Mermoud, Pierre-André Savalle, Jean-Philippe Vasseur, Javier Cruz Mota
  • Patent number: 10200404
    Abstract: In one embodiment, a traffic model manager node receives data flows in a network and determines a degree to which the received data flows conform to one or more traffic models classifying particular types of data flows as non-malicious. If the degree to which the received data flows conform to the one or more traffic models is sufficient, the traffic model manager node characterizes the received data flows as non-malicious. Otherwise, the traffic model manager node provides the received data flows to a denial of service (DoS) attack detector in the network to allow the received data flows to be scanned for potential attacks.
    Type: Grant
    Filed: January 5, 2018
    Date of Patent: February 5, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Javier Cruz Mota, Jean-Philippe Vasseur, Andrea Di Pietro
  • Patent number: 10193912
    Abstract: In one embodiment, a device in a network loads an anomaly detection model for warm-start. The device filters input data for the model during a warm-start grace period after warm-start of the anomaly detection model. The model is not updated during the warm-start grace period based on the filtering. The device determines an end to the warm-start grace period. The device updates the anomaly detection model using unfiltered input data for the anomaly detection model after the determined end to the warm-start grace period.
    Type: Grant
    Filed: February 24, 2016
    Date of Patent: January 29, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Grégory Mermoud, Jean-Philippe Vasseur, Pierre-André Savalle
  • Publication number: 20190028575
    Abstract: In one embodiment, a method comprises: a first network device in a deterministic network identifying at least one of first and second deterministic transmit opportunities for transmission of a data packet toward a destination device along a deterministic path of the deterministic network, the first deterministic transmit opportunity reserved for the first network device deterministically receiving the data packet from a second network device and the second deterministic transmit opportunity reserved for deterministic transmission by the first network device of the data packet toward the destination device along the deterministic path; the first network device detecting an absence of receiving the data packet from the second network device according to the first deterministic transmit opportunity; and the first network device selectively generating and deterministically transmitting according to the second deterministic transmit opportunity, in response to the absence of receiving the data packet, a management
    Type: Application
    Filed: July 24, 2017
    Publication date: January 24, 2019
    Inventors: PATRICK WETTERWALD, PASCAL THUBERT, ERIC MICHEL LEVY-ABEGNOLI, JEAN-PHILIPPE VASSEUR
  • Publication number: 20190028909
    Abstract: In one embodiment, a device receives network metrics regarding networking equipment of a network in a physical location. The device predicts a health status score for the networking equipment in the physical location using the received network metrics as input to a machine learning-based predictive scoring model. The device provides an indication of the predicted health status score in conjunction with a visualization of the physical location for display by an electronic display. The device adjusts the predictive scoring model based on feedback regarding the predicted health status score.
    Type: Application
    Filed: July 20, 2017
    Publication date: January 24, 2019
    Inventors: Grégory Mermoud, Jean-Philippe Vasseur
  • Patent number: 10187413
    Abstract: In one embodiment, a supervisory device in a network receives traffic data from a security device that uses traffic signatures to assess traffic in the network. The supervisory device receives traffic data from one or more distributed learning agents that use machine learning-based anomaly detection to assess traffic in the network. The supervisory device trains a traffic classifier using the received traffic data from the security device and from the one or more distributed learning agents. The supervisory device deploys the traffic classifier to a selected one of the one or more distributed learning agents.
    Type: Grant
    Filed: July 18, 2016
    Date of Patent: January 22, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Jean-Philippe Vasseur, Andrea Di Pietro, Grégory Mermoud, Fabien Flacher