Search Patents
  • Automatic characterization of AP behaviors
    Patent number: 10917803
    Abstract: In one embodiment, a device receives observed access point (AP) features of one or more APs in a monitored network. The device clusters the observed AP features within a latent space to form AP feature clusters. The device applies labels to the AP feature clusters within the latent space. The device uses the applied labels to the AP feature clusters to describe future behaviors of the one or more APs in the monitored network.
    Type: Grant
    Filed: June 12, 2017
    Date of Patent: February 9, 2021
    Assignee: Cisco Technology, Inc.
    Inventors: Javier Cruz Mota, Jean-Philippe Vasseur, Pierre-André Savalle, Grégory Mermoud
  • LEARNING AND ASSESSING DEVICE CLASSIFICATION RULES
    Publication number: 20210335505
    Abstract: In various embodiments, a device obtains a set of device classification rules. Each device classification rule specifies one or more attributes from a set of attributes and being configured to assign a device type to an endpoint in a network when the endpoint exhibits the one or more attributes specified by that rule. The device forms a graphical representation of the set of attributes. The device performs an analysis of the graphical representation of the set of attributes. The device provides a result of the analysis to a user interface.
    Type: Application
    Filed: April 28, 2020
    Publication date: October 28, 2021
    Inventors: David Tedaldi, Grégory Mermoud, Jürg Nicolaus Diemand, Jean-Philippe Vasseur, Pierre-André Savalle
  • Edge-based detection of new and unexpected flows
    Patent number: 10389741
    Abstract: In one embodiment, a device in a network identifies a new interaction between two or more nodes in the network. The device forms a feature vector using contextual information associated with the new interaction between the two or more nodes. The device causes generation of an anomaly detection model for new node interactions using the feature vector. The device uses the anomaly detection model to determine whether a particular node interaction in the network is anomalous.
    Type: Grant
    Filed: May 24, 2016
    Date of Patent: August 20, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Pierre-André Savalle, Laurent Sartran, Jean-Philippe Vasseur, Grégory Mermoud
  • Device type classification using metric learning in weakly supervised settings
    Patent number: 11893456
    Abstract: In one embodiment, a device classification service receives telemetry data indicative of behavioral characteristics of a plurality of devices in a network. The service obtains side information for the telemetry data. The service applies metric learning to the telemetry data and side information, to construct a distance function. The service uses the distance function to cluster the telemetry data into device clusters. The service associates a device type label with a particular device cluster.
    Type: Grant
    Filed: June 7, 2019
    Date of Patent: February 6, 2024
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: David Tedaldi, Pierre-Andre Savalle, Sharon Shoshana Wulff, Jean-Philippe Vasseur, Grégory Mermoud
  • Mechanisms to prevent anomaly detectors from learning anomalous patterns
    Patent number: 10220167
    Abstract: In one embodiment, a device in a network detects an anomaly in the network by analyzing a set of sample data regarding one or more conditions of the network using a behavioral analytics model. The device receives feedback regarding the detected anomaly. The device determines that the anomaly was a true positive based on the received feedback. The device excludes the set of sample data from a training set for the behavioral analytics model, in response to determining that the anomaly was a true positive.
    Type: Grant
    Filed: June 13, 2016
    Date of Patent: March 5, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Grégory Mermoud, Jean-Philippe Vasseur, Pierre-André Savalle
  • DYNAMIC DEVICE CLUSTERING USING DEVICE PROFILE INFORMATION
    Publication number: 20170279829
    Abstract: In one embodiment, a networking device in a network causes formation of device clusters of devices in the network. The devices in a particular cluster exhibit similar characteristics. The networking device receives feedback from a device identity service regarding the device clusters. The feedback is based in part on the device identity service probing the devices. The networking device adjusts the device clusters based on the feedback from the device identity service. The networking device performs anomaly detection in the network using the adjusted device clusters.
    Type: Application
    Filed: June 13, 2016
    Publication date: September 28, 2017
    Inventors: Jean-Philippe Vasseur, Grégory Mermoud, Pierre-André Savalle, Andrea Di Pietro, Sukrit Dasgupta
  • Extraction of prototypical trajectories for automatic classification of network KPI predictions
    Patent number: 11514084
    Abstract: In one embodiment, a service divides one or more time series for a network key performance (KPI) into a plurality of time series chunks. The service clusters the plurality of time series chunks into a plurality of clusters. The service identifies a sketch that represents a particular one of the clusters. The service associates a label with the identified sketch. The service applies the label to a new KPI time series by matching the sketch to the new KPI time series.
    Type: Grant
    Filed: March 19, 2020
    Date of Patent: November 29, 2022
    Assignee: Cisco Technology, Inc.
    Inventors: Pierre-André Savalle, Jean-Philippe Vasseur, Grégory Mermoud, Vinay Kumar Kolar
  • Automatic characterization of AP behaviors
    Patent number: 11856425
    Abstract: In one embodiment, a device receives observed access point (AP) features of one or more APs in a monitored network. The device clusters the observed AP features within a latent space to form AP feature clusters. The device applies labels to the AP feature clusters within the latent space. The device uses the applied labels to the AP feature clusters to describe future behaviors of the one or more APs in the monitored network.
    Type: Grant
    Filed: January 20, 2021
    Date of Patent: December 26, 2023
    Assignee: Cisco Technology, Inc.
    Inventors: Javier Cruz Mota, Jean-Philippe Vasseur, Pierre-André Savalle, Grégory Mermoud
  • Learning internal ranges from network traffic data to augment anomaly detection systems
    Patent number: 11140187
    Abstract: In one embodiment, a device in a network receives traffic records indicative of network traffic between different sets of host address pairs. The device identifies one or more address grouping constraints for the sets of host address pairs. The device determines address groups for the host addresses in the sets of host address pairs based on the one or more address grouping constraints. The device provides an indication of the address groups to an anomaly detector.
    Type: Grant
    Filed: July 22, 2019
    Date of Patent: October 5, 2021
    Assignee: Cisco Technology, Inc.
    Inventors: Laurent Sartran, Sébastien Gay, Pierre-André Savalle, Grégory Mermoud, Jean-Philippe Vasseur
  • Protecting device classification systems from adversarial endpoints
    Patent number: 11283830
    Abstract: In various embodiments, a device classification service clusters devices in a network into a device type cluster based on attributes associated with the devices. The device classification service tracks changes to the device type cluster over time. The device classification service detects an attack on the device classification service by one or more of the devices based on the tracked changes to the device type cluster. The device classification service initiates a mitigation action for the detected attack on the device classification service.
    Type: Grant
    Filed: March 19, 2020
    Date of Patent: March 22, 2022
    Assignee: Cisco Technology, Inc.
    Inventors: Jean-Philippe Vasseur, Grégory Mermoud, Pierre-André Savalle, David Tedaldi
  • Learning robust and accurate rules for device classification from clusters of devices
    Patent number: 10917302
    Abstract: In various embodiments, a device classification service obtains traffic telemetry data for a plurality of devices in a network. The service applies clustering to the traffic telemetry data, to form device clusters. The service generates a device classification rule based on a particular one of the device clusters. The service receives feedback from a user interface regarding the device classification rule. The service adjusts the device classification rule based on the received feedback.
    Type: Grant
    Filed: July 2, 2019
    Date of Patent: February 9, 2021
    Assignee: Cisco Technology, Inc.
    Inventors: David Tedaldi, Grégory Mermoud, Pierre-Andre Savalle, Jean-Philippe Vasseur
  • PROGRESSIVE AUTOMATION WITH PREDICTIVE APPLICATION NETWORK ANALYTICS
    Publication number: 20220345394
    Abstract: In one embodiment, a device uses a classification model to determine whether implementation of a routing change suggested by a predictive routing engine for a network will result in a violation of one or more network policies. The device computes a trust score, based on performance metrics for the classification model. The device causes, based in part on the trust score, implementation of the routing change in the network, when the classification model determines that application of the routing change will not result in a violation of the one or more network policies.
    Type: Application
    Filed: April 23, 2021
    Publication date: October 27, 2022
    Inventors: Jean-Philippe Vasseur, Grégory Mermoud, Vinay Kumar Kolar, Pierre-André Savalle
  • DETECTING SPOOFING IN DEVICE CLASSIFICATION SYSTEMS
    Publication number: 20210329029
    Abstract: In various embodiments, a device classification service obtains device telemetry data indicative of declarative attributes of a device in a network and indicative of behavioral attributes of that device. The device classification service labels the device with a device type, based on the device telemetry data. The device classification service detects device type spoofing exhibited by the device using a model that models a relationship between the declarative attributes and the behavioral attributes. The device classification service initiates, based on the device type spoofing, a mitigation action regarding the device.
    Type: Application
    Filed: April 17, 2020
    Publication date: October 21, 2021
    Inventors: Jean-Philippe Vasseur, Pierre-André Savalle, Grégory Mermoud, David Tedaldi
  • Learning robust and accurate rules for device classification from clusters of devices
    Patent number: 11483207
    Abstract: In various embodiments, a device classification service obtains traffic telemetry data for a plurality of devices in a network. The service applies clustering to the traffic telemetry data, to form device clusters. The service generates a device classification rule based on a particular one of the device clusters. The service receives feedback from a user interface regarding the device classification rule. The service adjusts the device classification rule based on the received feedback.
    Type: Grant
    Filed: October 29, 2021
    Date of Patent: October 25, 2022
    Assignee: Cisco Technology, Inc.
    Inventors: David Tedaldi, Grégory Mermoud, Pierre-André Savalle, Jean-Philippe Vasseur
  • Learning robust and accurate rules for device classification from clusters of devices
    Patent number: 11196629
    Abstract: In various embodiments, a device classification service obtains traffic telemetry data for a plurality of devices in a network. The service applies clustering to the traffic telemetry data, to form device clusters. The service generates a device classification rule based on a particular one of the device clusters. The service receives feedback from a user interface regarding the device classification rule. The service adjusts the device classification rule based on the received feedback.
    Type: Grant
    Filed: January 6, 2021
    Date of Patent: December 7, 2021
    Assignee: Cisco Technology, Inc.
    Inventors: David Tedaldi, Grégory Mermoud, Pierre-Andre Savalle, Jean-Philippe Vasseur
  • ASSESSING DATA FIDELITY IN A MACHINE LEARNING-BASED NETWORK ASSURANCE SYSTEM
    Publication number: 20210158106
    Abstract: In one embodiment, a service computes a data fidelity metric for network telemetry data used by a machine learning model to monitor a computer network. The service detects unacceptable performance of the machine learning model. The service determines a correlation between the data fidelity metric and the unacceptable performance of the machine learning model. The service adjusts generation of the network telemetry data for input to the machine learning model, based on the determined correlation between the data fidelity metric and the unacceptable performance of the machine learning model.
    Type: Application
    Filed: November 22, 2019
    Publication date: May 27, 2021
    Inventors: Jean-Philippe Vasseur, Vinay Kumar Kolar, Andrea Di Pietro, Grégory Mermoud, Pierre-Andre Savalle
  • PREDICTING A USER EXPERIENCE METRIC FOR AN ONLINE CONFERENCE USING NETWORK ANALYTICS
    Publication number: 20180204129
    Abstract: In one embodiment, a device in a network receives an indication of a connection between an endpoint node in the network and a conferencing service. The device retrieves network data associated with the indicated connection between the endpoint node and the conferencing service. The device uses a machine learning model to predict an experience metric for the endpoint node based on the network data associated with the indicated connection between the endpoint node and the conferencing service. The device causes the endpoint node to use a different connection to the conferencing service based on the predicted experience metric.
    Type: Application
    Filed: January 13, 2017
    Publication date: July 19, 2018
    Inventors: Jean-Philippe Vasseur, Grégory Mermoud, Pierre-André Savalle, Javier Cruz Mota
  • MERGING AND OPTIMIZING HETEROGENEOUS RULESETS FOR DEVICE CLASSIFICATION
    Publication number: 20200151616
    Abstract: In one embodiment, a device classification service receives a plurality of device classification rulesets, each ruleset associating a set of device characteristics with a device type label. The device classification service forms a unified ruleset by resolving a conflict between conflicting device characteristics from two or more of the device classification rulesets. The device classification service trains a machine learning-based device classifier using the unified ruleset. The device classification service classifies, using telemetry data for a device in a network as input to the trained device classifier, the device with the device type label.
    Type: Application
    Filed: November 9, 2018
    Publication date: May 14, 2020
    Inventors: Grégory Mermoud, Jean-Philippe Vasseur, Pierre-André Savalle
  • Learning internal ranges from network traffic data to augment anomaly detection systems
    Patent number: 10404728
    Abstract: In one embodiment, a device in a network receives traffic records indicative of network traffic between different sets of host address pairs. The device identifies one or more address grouping constraints for the sets of host address pairs. The device determines address groups for the host addresses in the sets of host address pairs based on the one or more address grouping constraints. The device provides an indication of the address groups to an anomaly detector.
    Type: Grant
    Filed: September 13, 2016
    Date of Patent: September 3, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Laurent Sartran, Sébastien Gay, Pierre-André Savalle, Grégory Mermoud, Jean-Philippe Vasseur
  • Service provider selection for application-driven routing
    Patent number: 11496556
    Abstract: In one embodiment, a device receives application experience metrics for a software-as-a-service application. The device generates, based on the application experience metrics, a predictive model that predicts application experience scores for a plurality of network service providers that provide connectivity to the software-as-a-service application. The device selects a particular network service provider for use by a location, based on an application experience score predicted by the predictive model. The device sends an indication of the particular network service provider to the location.
    Type: Grant
    Filed: April 26, 2021
    Date of Patent: November 8, 2022
    Assignee: Cisco Technology, Inc.
    Inventors: Vinay Kumar Kolar, Jean-Philippe Vasseur, Grégory Mermoud, Pierre-André Savalle
Narrow Results

Filter by US Classification