Search Patents
  • SAMPLING TRAFFIC TELEMETRY FOR DEVICE CLASSIFICATION WITH DISTRIBUTED PROBABILISTIC DATA STRUCTURES
    Publication number: 20200136937
    Abstract: In one embodiment, a network element in a network maintains a probabilistic data structure indicative of devices in the network for which telemetry data is not to be sent to a device classification service. The network element detects a traffic flow sent from a source device to a destination device. The network element determines whether the probabilistic data structure includes entries for both the source and destination devices of the traffic flow. The network element sends flow telemetry data regarding the traffic flow to the device classification service, based on a determination that the probabilistic data structure does not include entries for both the source and destination of the traffic flow.
    Type: Application
    Filed: October 25, 2018
    Publication date: April 30, 2020
    Inventors: Pierre-André Savalle, Jean-Philippe Vasseur, Grégory Mermoud
  • Per-flow call admission control using a predictive model to estimate tunnel QoS in SD-WAN networks
    Patent number: 10924393
    Abstract: In one embodiment, a device identifies a new traffic flow in a network. The device determines a service level agreement (SLA) associated with the new traffic flow. The device uses a machine learning model to predict whether a particular tunnel in the network can satisfy the determined SLA of the traffic were the traffic flow routed onto the tunnel. The device performs call admission control to route the new traffic flow onto the particular tunnel, based on a prediction that the tunnel can satisfy the determined SLA of the traffic.
    Type: Grant
    Filed: June 5, 2019
    Date of Patent: February 16, 2021
    Assignee: Cisco Technology, Inc.
    Inventors: Jean-Philippe Vasseur, Vinay Kumar Kolar, Grégory Mermoud, Pierre-Andre Savalle
  • PREDICTING THE IMPACT OF NETWORK SOFTWARE UPGRADES ON MACHINE LEARNING MODEL PERFORMANCE
    Publication number: 20210173636
    Abstract: In one embodiment, a service receives software version data regarding versions of software executed by devices in a network. The service detects a version change in the version of software executed by one or more of the devices, based on the received software version data. The service makes a determination that a drop in data quality of input data for a machine learning model used to monitor the network is associated with the detected version change. The service reverts the one or more devices to a prior version of software, based on the determination that the drop in quality of the input data for the machine learning model used to monitor the network is associated with the detected version change.
    Type: Application
    Filed: December 10, 2019
    Publication date: June 10, 2021
    Inventors: Vinay Kumar Kolar, Jean-Philippe Vasseur, Gregory Mermoud, Pierre-Andre Savalle
  • UNSUPERVISED LEARNING OF LOCAL-AWARE ATTRIBUTE RELEVANCE FOR DEVICE CLASSIFICATION AND CLUSTERING
    Publication number: 20210303598
    Abstract: In various embodiments, a device classification service obtains data indicative of device attributes of a plurality of devices. The device classification service forms, based on the obtained data indicative of the device attributes, a concept graph that comprises nodes that represent different sets of the device attributes. The device classification service determines, by analyzing the concept graph, a relevance score for each of the device attributes that quantifies how relevant that attribute is to classifying a device by its device type. The device classification service uses the relevance scores for the device attributes to cluster the plurality of devices into device type clusters by their device attributes.
    Type: Application
    Filed: March 26, 2020
    Publication date: September 30, 2021
    Inventors: Grégory Mermoud, David Tedaldi, Pierre-André Savalle, Jean-Philippe Vasseur, Jürg Nicolaus Diemand
  • REMOVAL OF ENVIRONMENT AND LOCAL CONTEXT FROM NETWORK TRAFFIC FOR DEVICE CLASSIFICATION
    Publication number: 20200153694
    Abstract: In one embodiment, a device classification service assigns a set of endpoint devices to a context group. The device classification service forms a context summary feature vector for the context group that summarizes telemetry feature vectors for the endpoint devices assigned to the context group. Each telemetry feature vector is indicative of a plurality of traffic features observed for the endpoint devices. The device classification service normalizes a telemetry feature vector for a particular endpoint device using the context summary feature vector. The device classification service classifies, using the normalized telemetry feature vector for the particular endpoint device as input to a device type classifier, the particular endpoint device as being of a particular device type.
    Type: Application
    Filed: November 13, 2018
    Publication date: May 14, 2020
    Inventors: Pierre-André Savalle, Jean-Philippe Vasseur, Grégory Mermoud
  • Forecasting network KPIs
    Patent number: 11063842
    Abstract: In one embodiment, a service receives input data from networking entities in a network. The input data comprises synchronous time series data, asynchronous event data, and an entity graph that that indicates relationships between the networking entities in the network. The service clusters the networking entities by type in a plurality of networking entity clusters. The service selects, based on a combination of the received input data, machine learning model data features. The service trains, using the selected machine learning model data features, a machine learning model to forecast a key performance indicator (KPI) for a particular one of the networking entity clusters.
    Type: Grant
    Filed: January 10, 2020
    Date of Patent: July 13, 2021
    Assignee: Cisco Technology, Inc.
    Inventors: Jean-Philippe Vasseur, Grégory Mermoud, Vinay Kumar Kolar, Pierre-Andre Savalle
  • DETECTION OF ISOLATED CHANGES IN NETWORK METRICS USING SMART-PEERING
    Publication number: 20210360059
    Abstract: In one embodiment, a network assurance service that monitors one or more networks identifies changes in a key performance indicator for each of a plurality of network entities in the one or more networks. The service forms a peer group of network entities from the plurality of network entities whose changes in the key performance indicator are correlated. The service monitors the key performance indicator for network entities in the peer group of network entities. The service, based on the monitoring, detects an anomalous change in the key performance indicator for a particular network entity in the peer group of network entities relative to other network entities in the peer group of network entities.
    Type: Application
    Filed: May 15, 2020
    Publication date: November 18, 2021
    Inventors: Pierre-André Savalle, Jean-Philippe Vasseur, Grégory Mermoud, Vinay Kumar Kolar
  • PREDICTING THE IMPACT OF NETWORK SOFTWARE UPGRADES ON MACHINE LEARNING MODEL PERFORMANCE
    Publication number: 20220357943
    Abstract: In one embodiment, a service receives software version data regarding versions of software executed by devices in a network. The service detects a version change in the version of software executed by one or more of the devices, based on the received software version data. The service makes a determination that a drop in data quality of input data for a machine learning model used to monitor the network is associated with the detected version change. The service reverts the one or more devices to a prior version of software, based on the determination that the drop in quality of the input data for the machine learning model used to monitor the network is associated with the detected version change.
    Type: Application
    Filed: July 27, 2022
    Publication date: November 10, 2022
    Inventors: Vinay Kumar Kolar, Jean-Philippe Vasseur, Grégory Mermoud, Pierre-André Savalle
  • LEARNING STABLE REPRESENTATIONS OF DEVICES FOR CLUSTERING-BASED DEVICE CLASSIFICATION SYSTEMS
    Publication number: 20200336397
    Abstract: In one embodiment, a device classification service obtains telemetry data for a plurality of devices in a network. The device classification service repeatedly assigns the devices to device clusters by applying clustering to the obtained telemetry data. The device classification service determines a measure of stability loss associated with the cluster assignments. The measure of stability loss is based in part on whether a device is repeatedly assigned to the same device cluster. The device classification service determines, based on the measure of stability loss, that the cluster assignments have stabilized. The device classification service obtains device type labels for the device clusters, after determining that the cluster assignments have stabilized.
    Type: Application
    Filed: April 19, 2019
    Publication date: October 22, 2020
    Inventors: David Tedaldi, Grégory Mermoud, Pierre-Andre Savalle, Jean-Philippe Vasseur
  • ANOMALY SELECTION USING DISTANCE METRIC-BASED DIVERSITY AND RELEVANCE
    Publication number: 20180241762
    Abstract: In one embodiment, a device in a network receives a notification of a particular anomaly detected by a distributed learning agent in the network that executes a machine learning-based anomaly detector to analyze traffic in the network. The device computes one or more distance scores between the particular anomaly and one or more previously detected anomalies. The device also computes one or more relevance scores for the one or more previously detected anomalies. The device determines a reporting score for the particular anomaly based on the one or more distance scores and on the one or more relevance scores. The device reports the particular anomaly to a user interface based on the determined reporting score.
    Type: Application
    Filed: February 23, 2017
    Publication date: August 23, 2018
    Inventors: Pierre-André Savalle, Grégory Mermoud, Laurent Sartran, Jean-Philippe Vasseur
  • QOS configuration update based on behavioral application correlation
    Patent number: 11729097
    Abstract: In one embodiment, a device obtains behavioral metrics for application traffic in a network for a plurality of applications. The device identifies a first application and a second application from among the plurality of applications as fate sharing applications, based on a correlation between the behavioral metrics for their application traffic. The device generates a configuration change for the network that would prevent the first application and the second application from being fate sharing applications, when application traffic for the first application negatively affects the behavioral metrics for the application traffic of the second application. The device causes the configuration change to be implemented in the network.
    Type: Grant
    Filed: April 28, 2021
    Date of Patent: August 15, 2023
    Assignee: Cisco Technology, Inc.
    Inventors: Jean-Philippe Vasseur, Grégory Mermoud, Vinay Kumar Kolar, Pierre-André Savalle
  • LEARNING SLA VIOLATION PROBABILITY FROM INTELLIGENT FINE GRAINED PROBING
    Publication number: 20230008106
    Abstract: In one embodiment, a device obtains a first set of measurements of a path metric for a path in a network that are measured using periodic probing of the path. The device obtains a second set of measurements of the path metric for the path that are measured using fine-grained probing of the path at a higher frequency than that of the periodic probing. The device generates a predictive model that predicts values of the path metric, based on the first set of measurements and on the second set of measurements. The device causes, based on a value of the path metric predicted by the predictive model, traffic to be rerouted from the path to another path in the network.
    Type: Application
    Filed: July 6, 2021
    Publication date: January 12, 2023
    Inventors: Jean-Philippe Vasseur, Grégory MERMOUD, Vinay Kumar KOLAR, David TEDALDI, Pierre-André SAVALLE
  • DYNAMIC APPLICATION DEGROUPING TO OPTIMIZE MACHINE LEARNING MODEL ACCURACY
    Publication number: 20170279696
    Abstract: In one embodiment, a device in a network identifies a plurality of applications from observed traffic in the network. The device forms two or more application clusters from the plurality of applications. Each of the application clusters includes one or more of the applications, and wherein a particular application in the plurality of applications is included in each of the application clusters. The device generates anomaly detection models for each of the application clusters. The device tests the anomaly detection models, to determine a measure of efficacy for each of the models with respect to traffic associated with the particular application. The device selects a particular anomaly detection model to analyze the traffic associated with the particular application based on the measures of efficacy for each of the models.
    Type: Application
    Filed: June 21, 2016
    Publication date: September 28, 2017
    Inventors: Jean-Philippe Vasseur, Pierre-André Savalle, Alexandre Honoré
  • HIERARCHICAL MODELS USING SELF ORGANIZING LEARNING TOPOLOGIES
    Publication number: 20220353285
    Abstract: In one embodiment, a device obtains characteristics of a first anomaly detection model executed by a first distributed learning agent in a network. The device receives a query from a second distributed learning agent in the network that requests identification of a similar anomaly detection to that of a second anomaly detection model executed by the second distributed learning agent. The device identifies, after receiving the query from the second distributed learning agent, the first anomaly detection model as being similar to that of the second anomaly detection model, based on the characteristics of the first anomaly detection model. The device causes the first anomaly detection model to be sent to the second distributed learning agent for execution.
    Type: Application
    Filed: February 22, 2022
    Publication date: November 3, 2022
    Inventors: Pierre-André Savalle, Grégory Mermoud, Laurent Sartran, Jean-Philippe Vasseur
  • Anomaly selection using distance metric-based diversity and relevance
    Patent number: 10616251
    Abstract: In one embodiment, a device in a network receives a notification of a particular anomaly detected by a distributed learning agent in the network that executes a machine learning-based anomaly detector to analyze traffic in the network. The device computes one or more distance scores between the particular anomaly and one or more previously detected anomalies. The device also computes one or more relevance scores for the one or more previously detected anomalies. The device determines a reporting score for the particular anomaly based on the one or more distance scores and on the one or more relevance scores. The device reports the particular anomaly to a user interface based on the determined reporting score.
    Type: Grant
    Filed: February 23, 2017
    Date of Patent: April 7, 2020
    Assignee: Cisco Technology, Inc.
    Inventors: Pierre-André Savalle, Grégory Mermoud, Laurent Sartran, Jean-Philippe Vasseur
  • Sampling traffic telemetry for device classification with distributed probabilistic data structures
    Patent number: 10965556
    Abstract: In one embodiment, a network element in a network maintains a probabilistic data structure indicative of devices in the network for which telemetry data is not to be sent to a device classification service. The network element detects a traffic flow sent from a source device to a destination device. The network element determines whether the probabilistic data structure includes entries for both the source and destination devices of the traffic flow. The network element sends flow telemetry data regarding the traffic flow to the device classification service, based on a determination that the probabilistic data structure does not include entries for both the source and destination of the traffic flow.
    Type: Grant
    Filed: October 25, 2018
    Date of Patent: March 30, 2021
    Assignee: Cisco Technology, Inc.
    Inventors: Pierre-André Savalle, Jean-Philippe Vasseur, Grégory Mermoud
  • Anomaly detection of model performance in an MLOps platform
    Patent number: 11310141
    Abstract: In one embodiment, a service tracks performance of a machine learning model over time. The machine learning model is used to monitor one or more computer networks based on data collected from the one or more computer networks. The service also tracks performance metrics associated with training of the machine learning model. The service determines that a degradation of the performance of the machine learning model is anomalous, based on the tracked performance of the machine learning model and performance metrics associated with training of the model. The service initiates a corrective measure for the degradation of the performance, in response to determining that the degradation of the performance is anomalous.
    Type: Grant
    Filed: December 11, 2019
    Date of Patent: April 19, 2022
    Assignee: Cisco Technology, Inc.
    Inventors: Vinay Kumar Kolar, Jean-Philippe Vasseur, Grégory Mermoud, Pierre-Andre Savalle
  • PROGRESSIVE REFINEMENT OF DEVICE CLASSIFICATIONS USING COLORED DEVICE AND POLICY TREES
    Publication number: 20200382376
    Abstract: In one embodiment, a device classification service classifies a device in a network as being of a first device type. The service applies a first network policy that has an associated expiration timer to the device, based on its classification as being of the first device type. The service determines whether the device was reclassified as being of a different device type than that of the first device type before expiration of the expiration timer associated with the first network policy. The service applies a second network policy to the device, when the service determines that the device has not been reclassified as being of a different device type before expiration of the expiration timer associated with the first network policy.
    Type: Application
    Filed: May 29, 2019
    Publication date: December 3, 2020
    Inventors: Pierre-Andre Savalle, Jean-Philippe Vasseur, Grégory Mermoud
  • ADAPTIVE TRAINING OF MACHINE LEARNING MODELS BASED ON LIVE PERFORMANCE METRICS
    Publication number: 20210344745
    Abstract: In one embodiment, a device deploys a first machine learning model to an inference location in a network. The first machine learning model is used at the inference location to make inferences about the network. The device receives, from the inference location, an indication that the first machine learning model is exhibiting poor performance. The device identifies a corrective measure for the poor performance that minimizes resource consumption by a model training pipeline of the device. The device deploys, based on the corrective measure, a second machine learning model to the inference location. The second machine learning model is used in lieu of the first machine learning model to make the inferences about the network.
    Type: Application
    Filed: May 4, 2020
    Publication date: November 4, 2021
    Inventors: Grégory Mermoud, Jean-Philippe Vasseur, Pierre-André Savalle, Vinay Kumar Kolar, David Tedaldi
  • PRESERVING PRIVACY IN EXPORTING DEVICE CLASSIFICATION RULES FROM ON-PREMISE SYSTEMS
    Publication number: 20200382553
    Abstract: In one embodiment, a device in a network obtains data indicative of a device classification rule, a device type label associated with the rule, and a set of positive and negative feature vectors used to create the rule. The device replaces similar feature vectors in the set of positive and negative feature vectors with a single feature vector, to form a reduced set of feature vectors. The device applies differential privacy to the reduced set of feature vectors. The device sends a digest to a cloud service. The digest comprises the device classification rule, the device type label, and the reduced set of feature vectors to which differential privacy was applied. The service uses the digest to train a machine learning-based device classifier.
    Type: Application
    Filed: May 29, 2019
    Publication date: December 3, 2020
    Inventors: Pierre-Andre Savalle, Jean-Philippe Vasseur, Gregory Mermoud
Narrow Results

Filter by US Classification