Systems, methods, and computer-readable media may facilitate data-driven playbook generation. Resources may be sent to facilitate presentation of a graphical user interface (GUI) that allows configuring of function blocks with a playbook editor to build a playbook. The playbook editor may include an interface and a playbook canvas that allows addition and interrelation of function blocks to define an ordered set of operations to be performed in response to identification of an incident in an information technology (IT) environment. A selection of an interface option to add a first function block to the playbook canvas may be received. The first function block may be added to the playbook canvas of the interface. Outputs of the first function block with sample data for the outputs in a data panel of the interface may be presented in conjunction with the playbook canvas.
A method of manufacturing a printed circuit board (PCB) includes arranging a first trace segment of a trace on a substrate of the PCB, the substrate being composed of fiber glass strands that define a fiber glass weave pattern, and arranging a second trace segment of the trace on the substrate at a position that is fractionally offset from the first trace segment along an axis by a distance that is less than a ball grid array (BGA) pitch of a BGA based on the fiber glass weave pattern. The BGA pitch is a separation distance along the axis between a center of a first via of the BGA of the PCB and a center of a second via of the BGA.
H05K 1/03 - Emploi de matériaux pour réaliser le substrat
H05K 3/10 - Appareils ou procédés pour la fabrication de circuits imprimés dans lesquels le matériau conducteur est appliqué au support isolant de manière à former le parcours conducteur recherché
In one aspect, a method includes setting, at a source node of an SRv6 network, one or more bits of a packet to indicate an ingress service identifier associated with an ingress service, where the ingress service is behind a source node; transmitting, by the source node, the packet towards a destination device of the SRv6 network; accessing, at the source node and from a network device in communication with the source node, an Internet Control Message Protocol error message that includes a portion of the packet indicating the ingress service identifier; and identifying, based on the ingress service identifier indicated by the Internet Control Message Protocol error message for the packet, the ingress service associated with the packet.
H04L 45/00 - Routage ou recherche de routes de paquets dans les réseaux de commutation de données
H04L 41/0686 - Présence d’informations supplémentaires dans la notification, p. ex. pour l’amélioration de métadonnées spécifiques
H04L 43/0823 - Erreurs, p. ex. erreurs de transmission
H04L 69/325 - Protocoles de communication intra-couche entre entités paires ou définitions d'unité de données de protocole [PDU] dans la couche réseau [couche OSI 3], p. ex. X.25
4.
ANOMALY DETECTION IN AN EDGE DEVICE INTEGRATED WITH A DATA INTAKE SYSTEM
Techniques for detecting anomalies at an edge device integrated with a data intake system are disclosed. Sensor data captured by a set of edge devices is received at a system. The system is remote from the set of edge devices. A subset of the sensor data is selected based on a query. The machine learning model is trained to detect anomalies using the subset of the sensor data. After training the machine learning model, the machine learning model is deployed on the edge device. The machine learning model is executed at the edge device to detect one or more anomalies based on runtime sensor data captured at the edge device.
A method is provided in which an AP of a MLD AP device may decide to include all out-of-link BSS parameters updates in a beacon frame (beacon). A flag is included in the beacon frame to indicate that all updates are included in the beacon frame and thus the client device that receives the beacon frame should not send probe request frames (probe requests) to obtain these updates. Thus, a non-AP MLD that receives a beacon frame with the above indication and that has all critical BSS parameters corresponding to the Change Sequence Number (CSN) that preceded the updates indicated by the AP, should not send probe requests to obtain the updated parameters. The number of bits to assign to the complete BSS Update Report Indication flag may vary depending on the number of updates to be reported.
H04W 76/15 - Établissement de connexions à liens multiples sans fil
H04W 24/02 - Dispositions pour optimiser l'état de fonctionnement
H04W 48/12 - Distribution d'informations relatives aux restrictions d'accès ou aux accès, p. ex. distribution de données d'exploration utilisant un canal de commande descendant
H04W 84/12 - Réseaux locaux sans fil [WLAN Wireless Local Area Network]
H04W 88/10 - Dispositifs formant point d'accès adapté au fonctionnement dans des réseaux multiples, p. ex. points d'accès multi-mode
6.
ON-DEMAND AND SECURE HARDWARE LICENSE-BASED SKU CREATION FOR ASICS
A method of operating a system-on-chip (SOC) including decrypting, by isolated Root of Trust (RoT) code, a Stock Keeping Unit (SKU) license code from a host during bootup of a device. Then validating, by the isolated RoT code, the SKU license code with firmware and at least one built-in key of a plurality of built-in keys from secure storage. Finally, enabling or disabling, by the isolated RoT code, at least one feature set of a plurality of feature sets comprising resources configured at the SOC based on at least one SKU license code which has been decrypted by isolated RoT code using at least one built-in key and authenticated by firmware.
G06F 21/57 - Certification ou préservation de plates-formes informatiques fiables, p. ex. démarrages ou arrêts sécurisés, suivis de version, contrôles de logiciel système, mises à jour sécurisées ou évaluation de vulnérabilité
In one implementation, a device obtains network characteristic data associated with degraded performance in a computer network. The device also obtains configuration change data associated with a Border Gateway Protocol configuration change implemented in the computer network. The device determines a correlation between the network characteristic data and the configuration change data. The device provides, based on the correlation, an indication that the Border Gateway Protocol configuration change is a cause of the degraded performance in the computer network.
H04L 41/0823 - Réglages de configuration caractérisés par les objectifs d’un changement de paramètres, p. ex. l’optimisation de la configuration pour améliorer la fiabilité
H04L 41/08 - Gestion de la configuration des réseaux ou des éléments de réseau
H04L 41/16 - Dispositions pour la maintenance, l’administration ou la gestion des réseaux de commutation de données, p. ex. des réseaux de commutation de paquets en utilisant l'apprentissage automatique ou l'intelligence artificielle
In one embodiment, a method includes: receiving a request from a powered device to schedule one or more power slots for delivery of additional power from power sourcing equipment to the powered device, the request including a requested amount of additional power, a requested time, and a requested duration, the additional power being an amount of power above a base level of power being supplied to the powered device; determining an availability of the amount of additional power at the requested time and for the requested duration; transmitting, in response to determining that the amount of additional power at the requested time and for the requested duration is available, a response indicating the availability; receiving at the requested time a confirmation request for the additional power from the powered device; and enabling the additional power to be supplied to the powered device in response to the confirmation request.
Systems, methods, and computer-readable media are provided for lattice routing across a plurality of routers. An example method can include receiving, by a first router of a lattice including a plurality of routers, an Internet Protocol packet including a source Internet Protocol prefix and an index number, where the plurality of routers of the lattice is indexed in a lattice index, and where the plurality of routers is configured to forward the Internet Protocol packet to routers of the plurality of routers based on the index number, shuffling, by the first router, the source Internet Protocol prefix, determining, by the first router and based on the index number, whether the first router is the egress router, and sending, by the first router, the Internet Protocol packet with a shuffled source Internet Protocol prefix to a next node.
Described herein are systems and methods for creating and executing playbooks to automate security and Information Technology (IT) workflows. In one embodiment, an IT and security operations application initiates execution of a playbook. The playbook includes multiple function blocks, where the function blocks collectively define a series of operations to be performed responsive to identification of an incident in an IT environment. Each function block includes computer program source code that is executed upon encountering the function block during execution of the playbook. A first function block of the multiple function block causes the IT and security operations application to send a message seeking a user input via a prompt from one or more recipients. The IT and security operations application receives the user input via the prompt and continues the execution of the playbook. The continued execution of the playbook is affected based on the user input.
A device transmits, from an overlay service controller associated with an overlay network to an underlay service controller associated with an underlay network and via a semantic structure defined for a service usage API, a request for a service offered by the underlay network. A device may receive, at the overlay service controller, from the underlay service controller and via the service usage API, attachment metadata. A device may map, based on the attachment metadata and via the overlay service controller, an overlay network tunnel to the service in the underlay network to generate an overlay tunnel mapping, wherein the overlay service controller does not have knowledge of details about implementing the service in order to enable the overlay network to consume the service offered by the underlay network. A device may communicate tunneled packets from the overlay network to the underlay network via the overlay tunnel mapping.
Devices and methods provide Media Access Control (MAC) address randomization support for multi-link devices. A multi-link client device transmits an Identifiable Random Media Access Control (IRM) address of the multi-link client device to a network device. The multi-link client device generates one or more wireless frames indicating the IRM address as a physical address. The IRM address in each wireless frame identifies at least one station of the multi-link client device. The multi-link client device transmits the wireless frame(s) to the network device. The network device receives and stores a first IRM address of the multi-link client device. The network device receives at least one wireless frame indicating a second IRM address as a physical address. The network device recognizes at least one station of the multi-link client device based on a match of the second IRM address with the first IRM address.
In one embodiment, a device obtains one or more packets of a traffic session in a network. The device determines, for a particular packet of the one or more packets that match a filter, a fingerprint for the particular packet. The device identifies a plurality of traffic sessions whose packets match the fingerprint, wherein each of the plurality of traffic sessions is associated with at least one process. The device updates a process with the traffic session by applying a classifier to the plurality of traffic sessions.
The present technology provides intercloud connectivity as a service by discovering components of the organization's deployment in various sites, irrespective of the cloud provider, such that two sites can merely be selected along with a few standard options, and the controller can handle the complexity of instantiating a tunnel between the cloud sites automatically. Further, the controller can monitor the health of one or more tunnels between the cloud sites to automatically scale bandwidth up or down.
In one embodiment, a remote access manager receives an access request from a client to remotely access a device on a local network. The remote access manager generates a universally unique identifier for the access request. The remote access manager sends a response to the client having a one-time use domain name system name that is based on the universally unique identifier. The remote access manager communicates with a web proxy to authorize the client to remotely access the device.
A method for exposing a location associated with an emergency call may include receiving, at a first network, a request to initiate an emergency session from a user device associated with a second network. The request may trigger the first network to determine location information of the user device. Data associated with the location information of the user device is maintained by the second network in one or more databases. The method may further include querying, by the first network, the DNS for the location information associated with the user device. The one or more databases may be updated by the second network. The method may further include receiving, at the first network and from the DNS via the one or more databases, the location information associated with the user device. The method may further include updating the emergency session based on the location information.
H04W 76/50 - Gestion de la connexion pour les connexions d'urgence
H04L 61/4511 - Répertoires de réseauCorrespondance nom-adresse en utilisant des répertoires normalisésRépertoires de réseauCorrespondance nom-adresse en utilisant des protocoles normalisés d'accès aux répertoires en utilisant le système de noms de domaine [DNS]
H04W 64/00 - Localisation d'utilisateurs ou de terminaux pour la gestion du réseau, p. ex. gestion de la mobilité
17.
Systems And Methods For Reducing False Positives In Cybersecurity Analytics Results
In a computer-implemented method for managing analytic results in a cybersecurity system, data representing a plurality of events are accessed, where the plurality of events include machine data generated by entities that are part of or that interact with a computer network. A cybersecurity analytic of a cybersecurity application is applied to the data to produce analytic results, wherein the cybersecurity analytic is to detect a cybersecurity-related anomaly or threat. A performance of the cybersecurity analytic is then evaluated by applying the analytic results to a specified performance criterion. A corrective action for the cybersecurity analytic is then determined, based on a result of evaluating the performance of the cybersecurity analytic. Zero or more anomaly or threat detections by the cybersecurity analytic are then incorporated into an output of the cybersecurity application, based on the determined corrective action.
Presented herein are a variety of palette mode encoding and decoding techniques that can achieve further compression benefits. The techniques can be generalized to use arbitrary block partitions instead of rows, for instance columns of identical indices, or quadrants of identical indices.
H04N 19/13 - Codage entropique adaptatif, p. ex. codage adaptatif à longueur variable [CALV] ou codage arithmétique binaire adaptatif en fonction du contexte [CABAC]
H04N 19/136 - Caractéristiques ou propriétés du signal vidéo entrant
H04N 19/167 - Position dans une image vidéo, p. ex. région d'intérêt [ROI]
H04N 19/176 - Procédés ou dispositions pour le codage, le décodage, la compression ou la décompression de signaux vidéo numériques utilisant le codage adaptatif caractérisés par l’unité de codage, c.-à-d. la partie structurelle ou sémantique du signal vidéo étant l’objet ou le sujet du codage adaptatif l’unité étant une zone de l'image, p. ex. un objet la zone étant un bloc, p. ex. un macrobloc
H04N 19/46 - Inclusion d’information supplémentaire dans le signal vidéo pendant le processus de compression
19.
UPLINK AND DOWNLINK DATA AND CONTEXT TRANSFER FOR SEAMLESS ROAMING
The present disclosure provides techniques for seamless roaming with uplink/downlink context transfer. A serving AP transmits a sequence of downlink data units for a TID to a client device, the sequence of downlink data units having sequence numbers falling within a transmit window for the TID. The serving AP receives, from the client device, a roaming request identifying a target AP. In response, the serving AP sends a roaming context message to the target AP, comprising at least one of a SSN of the transmit window corresponding to the TID, or a NSN for the TID, where the NSN is a first sequence number to be assigned for downlink data units of the TID transmitted by the target AP to the client device.
Devices, systems, methods, and processes for energy scoring of network paths are described herein. Various network paths, each including one or more hops, may be identified in a network. Presence of additional hops in each network path may be determined. From the identified and determined hops, a set of hops may be determined for energy score determination. For each selected hop, a set of energy parameters may be determined and one or more weights may be assigned to the determined set of energy parameters. A weight may correspond to a level of confidence in or an accuracy of the energy parameter determination. An energy score of each network path may be determined based on the determined set of energy parameters and the assigned one or more weights. One network path may be selected based on the energy scores and traffic may be routed along the selected network path.
H04L 41/00 - Dispositions pour la maintenance, l’administration ou la gestion des réseaux de commutation de données, p. ex. des réseaux de commutation de paquets
21.
ROOT-CAUSE DETECTION BASED ON AUTOMATED RESOLUTION OF DEPENDENCIES BETWEEN HETEROGENEOUS ISSUES
In one implementation, a device may obtain natural language descriptions of issues detected in a computing system. The device may prompt one or more language models to generate sets of possible causal dependencies between the issues based on their natural language descriptions. The device may form, using the one or more language models, an issue dependency graph that reaches consensus among the sets of possible causal dependencies between the issues. The device may use the issue dependency graph to determine a particular one of the issues as a root cause of an indicated problem in the computing system.
In one implementation, a device may generate cleaned log messages by removing irrelevant data from log messages. The device may construct a directed root tree graph for the cleaned log messages. The device may refine the cleaned log messages in the directed root tree graph based on predefined relationships established in the directed root tree graph. The device may select representative messages from the cleaned log messages in the directed root tree graph to generate a relevancy-filtered file configured for inclusion in a language model prompt.
An optical receiver and a linear receiver pluggable optics (LRO) module are disclosed. The optical receiver includes a photodiode, a transimpedance amplifier (TIA), and a variable gain stage with multiple amplifiers. The optical receiver features dual output buffers for signal distribution to a HOST serializer/deserializer and a re-timer or digital signal processor (DSP). A switch controls the second output buffer without causing bit errors. The LRO module connects to a remote transmitter and includes a photodiode, TIA, and DSP for signal processing. The optical receiver supports advanced monitoring and testing through multiple test points. The module's design ensures efficient signal conversion and transmission, with the ability to toggle re-timers without introducing errors. The system is designed for high-performance optical communication, offering flexibility and reliability in signal handling and processing.
H04B 10/69 - Dispositions électriques dans le récepteur
H03G 3/30 - Commande automatique dans des amplificateurs comportant des dispositifs semi-conducteurs
H04B 10/079 - Dispositions pour la surveillance ou le test de systèmes de transmissionDispositions pour la mesure des défauts de systèmes de transmission utilisant un signal en service utilisant des mesures du signal de données
24.
Systems And Methods For Automated Generation Of Programming Code Through Deployment Of An Orchestration Agent
Some implementations of the disclosure provide a computer-implemented method including operations of receiving a user question by an orchestration agent, where generating a response to a user question includes generation of programming code, executing, by a sub-large language model (LLM), an instruction to generate the programming code and performing, by the sub-LLM, a validation process including determining whether the programming code generated by the sub-LLM includes a syntax error. When the validation process indicates the programming code does not include the syntax error, the method includes operations of invoking a logic module configured to execute the programming code, wherein the logic module is provided the programming code generated by the sub-LLM and executes the programming code and generating, by the orchestration agent, a graphical user interface that displays the response to the user question that includes or is based on results of execution of the programming code.
In one aspect, a method for enhancing cybersecurity using Large Language Model (LLM)-generated honeypot schemes, the method includes generating a plurality of deceptive information using an LLM, configured to attract and engage potential attackers, where the plurality of deceptive information includes one or more characteristics referencing vulnerabilities of a network, continuously monitoring for interactions initiated by an interacting party with one or more components of the generated deceptive information, where the interaction is identified as a potential threat to the network, in response to detection of an interaction identified as a potential threat, extracting interaction data associated with the interacting party retrieved during the interaction, and retraining the LLM with the interaction data to create more effective honeypots.
G06F 21/57 - Certification ou préservation de plates-formes informatiques fiables, p. ex. démarrages ou arrêts sécurisés, suivis de version, contrôles de logiciel système, mises à jour sécurisées ou évaluation de vulnérabilité
G06F 21/56 - Détection ou gestion de programmes malveillants, p. ex. dispositions anti-virus
This disclosure describes techniques for improving routing policy awareness in a network. The method includes detecting, by a controller, an application initiated for use at an edge node of a network. Then, generating, by an analytics engine coupled to the controller, analytical data of traffic flow at the edge node of the network wherein the traffic flow is in accordance with a routing policy for routing traffic associated with the application. Further, routing of the traffic through a path from one or more paths configured at the edge node that is in accordance with at least a Service Level Agreement (SLA) for traffic flow. Also, in response to an SLA violation during routing of the traffic, causing an action, by the controller, of routing traffic flow through another path that is in accordance with at least the SLA for traffic flow based on analytical data received of the traffic flow.
Devices, systems and methods to provide a more effective way of allocating power across a plurality of drops in a multi-drop power delivery arrangement. A power transmitter transmits a power waveform together with a multi-drop signaling waveform. Thus, the power waveform and the multi-drop signaling waveform are directed to each of a plurality of drops. The multi-drop signaling waveform has a plurality of divisions, and each of a plurality of power receivers at respective drops of the plurality of drops are assigned to one or more divisions of the plurality of divisions of the multi-drop signaling waveform to draw an associated portion of power from the power waveform.
Devices, systems, methods, and processes for fabric congestion management are described herein. At each ingress switch, virtual output (“VO”) queues are created for egress ports based on identifiers, state indicators, and encapsulation values of the egress ports received via an Ethernet Virtual Private Network (“EVPN”) control plane. When a data packet is received at the ingress switch, an egress port for the data packet is determined, an identifier and an encapsulation value of the egress port are added to the data packet, and the data packet is stored in a corresponding VO queue. The data packet remains at the ingress switch until an egress switch is available. At the egress switch, one or more tags are added in the data packet based on the encapsulation value, whereas the destination egress port is identified based on the identifier. Thus, a quick egress through the egress switch is achieved.
Devices, systems, methods, and processes for recommendation and update of network policies. Existing network policy update solutions rely on human intervention in monitoring and analyzing traffic patterns in a network, checking for policy compliance, detecting any policy violations, and even updating new policies in the network. However, manual processes are prone to human error, introduce significant delays, and lack scalability and objectivity. To address these issues, an automated system is provided that monitors traffic across a network (in real-time or near real-time) and detects violations in a set of network policies associated with the network. The system utilizes one or more recommendation models to process network flow data and network inventory data, and generate one or more policy update recommendations to resolve the detected policy violations. The system further enforces the one or more policy update recommendations on various network devices within the network to resolve the detected policy violations.
H04L 41/22 - Dispositions pour la maintenance, l’administration ou la gestion des réseaux de commutation de données, p. ex. des réseaux de commutation de paquets comprenant des interfaces utilisateur graphiques spécialement adaptées [GUI]
H04L 41/0894 - Gestion de la configuration du réseau basée sur des règles
H04L 47/20 - Commande de fluxCommande de la congestion en assurant le maintien du trafic
30.
PATH TRACING PROXY BEHAVIOR FOR INTEGRATION WITH EXTERNAL PROBING APPLIANCE
Systems, methods, and computer-readable media are provided for path tracing proxy behavior using an external probing appliance. An example method can include generating, at an external probing appliance of a network, a probe packet, the probe packet including a source address, a destination address, and a packet tracing indication in a next header field of the probe packet, the packet tracing indication triggering a proxy source behavior at a source node having the source address and a proxy sink behavior at a sink node having the destination address; sending the probe packet to the source node to trigger a packet tracing mechanism; and receive an updated probe packet from the sink node, the updated probe packet including probe data associated with one or more data flows in the network as the one or more data flows traverse the network from the source node to the sink node.
Techniques for providing a language model to detect and remedy a security incident are described. A language model is deployed to respond to prompts from network operators. The language model receives a prompt from the network operator indicating actions to take based on trigger events. When a trigger event occurs, the language model receives a description of a potential security incident and identifies indicators of compromise in the description. The language model calls one or more other models to analyze the indicators and receives from the one or more other models, information indicating that the potential security incident is a real security incident, and outputs a prompt to the network operator to approve confirmation of the security incident.
G06F 21/55 - Détection d’intrusion locale ou mise en œuvre de contre-mesures
G06F 21/57 - Certification ou préservation de plates-formes informatiques fiables, p. ex. démarrages ou arrêts sécurisés, suivis de version, contrôles de logiciel système, mises à jour sécurisées ou évaluation de vulnérabilité
A system monitors a network or web application provided by one or more distributed applications and provides data for each and every method instance in an efficient low-cost manner. Agents may monitor the performance of the distributed application by the web services and report monitoring data as runtime data to the remote server, for example a controller. The controller may analyze the data to identify one or more performance issues or “hot spot” methods based on current or past performance, functionality, content, or business relevancy. Instructions and/or configuration information may be transmitted by the controller to the agents that correspond to a particular business transaction portion associated with a hot spot. The portions are then monitored to collect data associated with the hot spot and the hot spot data is reported back to the controller.
H04L 43/04 - Traitement des données de surveillance capturées, p. ex. pour la génération de fichiers journaux
G06N 5/00 - Agencements informatiques utilisant des modèles fondés sur la connaissance
H04L 41/5074 - Traitement des plaintes des utilisateurs ou des tickets d’incident
H04L 61/10 - Correspondance entre adresses de types différents
H04L 67/025 - Protocoles basés sur la technologie du Web, p. ex. protocole de transfert hypertexte [HTTP] pour la commande à distance ou la surveillance à distance des applications
The present disclosure provides techniques for seamless roaming with uplink/downlink context transfer. A serving AP transmits a sequence of downlink data units for a TID to a client device, the sequence of downlink data units having sequence numbers falling within a transmit window for the TID. The serving AP receives, from the client device, a roaming request identifying a target AP. In response, the serving AP sends a roaming context message to the target AP, comprising at least one of a SSN of the transmit window corresponding to the TID, or a NSN for the TID, where the NSN is a first sequence number to be assigned for downlink data units of the TID transmitted by the target AP to the client device.
Some implementations of the disclosure provide a computer-implemented method including operations of receiving, by an orchestration agent, user input corresponding to a user question, wherein generating a response to the user question includes one of generating, editing, or refining programming code, and generating, by the orchestration agent, a prompt instructing a first sub-large language model (LLM) to perform a first task. In response to the prompt, generating, by the first sub-LLM, instructions for a second sub-LLM to perform a second task, wherein results of performing the second task by the second sub-LLM are provided to the first sub-LLM and performing, by the first sub-LLM, the first task utilizing the results of the second task generated by the second sub-LLM. An additional operation includes generating, by the orchestration agent, a GUI that displays the response to the user question, wherein the response includes or is based on the programming code.
This disclosure describes techniques for enforcing conditional access to network services. In an example method, a first computing device detects a second device operating in a per-flow authorization mode. The first device receives a first request from a second computing device to communicate with a third computing device using a first network flow and determines that the first flow is authorized (e.g., because of an active past authentication and/or the third device's authentication exemption). Data associated with the first request is transmitted to the third device. The first device then receives a second request to communicate with a fourth computing device using a second network flow and determines that the second flow is not authorized (e.g., because it is not associated with an active past authentication and/or the fourth device is not exempt from authentication). Data associated with the second request is not transmitted to the fourth device.
Described herein are techniques are provided for enabling a security orchestration, automation, and response (SOAR) service to automatically manage apps used to interface with an integrated security operations service and other related devices and services. Further described herein is a SOAR app generator service or application used to automate the creation of apps for a SOAR service based on application programming interfaces (API) specifications for related devices or services, as well as visual playbook editor interfaces for a SOAR service that enable the configuration of complex action input parameters including arrays and objects.
Techniques are described for managing QUIC connections. The techniques include identifying a first QUIC connection between a first and second device. Determining, from the connection, a first IP address and port number of the first device, a second IP address and port number of the second device, and a first CID. Storing an association between the first and second IP addresses, port numbers and first CID. Identifying a second QUIC connection between the first device and another device. Identifying, from the second connection, the first IP address and port number, a second CID, and a third IP address and port number. Determining if two of the following are met: the second IP address corresponds to the third IP address, the second port number corresponds to the third port number, the second CID corresponds to the first CID, if two are met, the first and second QUIC connections are the same.
H04L 69/16 - Implémentation ou adaptation du protocole Internet [IP], du protocole de contrôle de transmission [TCP] ou du protocole datagramme utilisateur [UDP]
Techniques are described for providing a threat analysis platform capable of automating actions performed to analyze security-related threats affecting IT environments. Users or applications can submit objects (e.g., URLs, files, etc.) for analysis by the threat analysis platform. Once submitted, the threat analysis platform routes the objects to dedicated engines that can perform static and dynamic analysis processes to determine a likelihood that an object is associated with malicious activity such as phishing attacks, malware, or other types of security threats. The automated actions performed by the threat analysis platform can include, for example, navigating to submitted URLs and recording activity related to accessing the corresponding resource, analyzing files and documents by extracting text and metadata, extracting and emulating execution of embedded macro source code, performing optical character recognition (OCR) and other types of image analysis, submitting objects to third-party security services for analysis, among many other possible actions.
G06F 21/56 - Détection ou gestion de programmes malveillants, p. ex. dispositions anti-virus
G06F 21/53 - Contrôle des utilisateurs, des programmes ou des dispositifs de préservation de l’intégrité des plates-formes, p. ex. des processeurs, des micrologiciels ou des systèmes d’exploitation au stade de l’exécution du programme, p. ex. intégrité de la pile, débordement de tampon ou prévention d'effacement involontaire de données par exécution dans un environnement restreint, p. ex. "boîte à sable" ou machine virtuelle sécurisée
39.
PERISCOPE OPTICAL ASSEMBLY WITH INSERTED COMPONENTS
Periscope assemblies are provided which have a light path that travels in a first plane along the first waveguide, a second plane along the second waveguide that is parallel to the first plane, and along a third plane along the third waveguide that intersects the first plane and the second plane. In some examples the periscope assembly includes first and second carriers comprising respective first and second waveguides and defining respective first and second cavities in which a third carrier comprising a third waveguide is disposed and optionally includes an optical component. In some examples, the cavities are defined in one or more carriers on a mating surface, on a side opposite to the mating surface, or on a side perpendicular to a mating surface.
G02B 6/12 - Guides de lumièreDétails de structure de dispositions comprenant des guides de lumière et d'autres éléments optiques, p. ex. des moyens de couplage du type guide d'ondes optiques du genre à circuit intégré
G02B 6/125 - Courbures, branchements ou intersections
G02B 6/28 - Moyens de couplage optique ayant des bus de données, c.-à-d. plusieurs guides d'ondes interconnectés et assurant un système bidirectionnel par nature en mélangeant et divisant les signaux
G02B 6/30 - Moyens de couplage optique pour usage entre fibre et dispositif à couche mince
G02B 6/35 - Moyens de couplage optique comportant des moyens de commutation
G02B 7/00 - Montures, moyens de réglage ou raccords étanches à la lumière pour éléments optiques
Seamless client roaming for Multi-Link Device (MLD) clients may be provided. First, a Traffic Identifier (TID)-to-link map may be established by an Upper Service Access Point (U-SAP) of a multi-AP MLD entity that assigns subsets of TIDs to at least two links of the entity. For example, a client device logically associates with the U-SAP, while the client device physically connects to a first and second AP of the entity on a respective first and second link, where the first and second AP include first and second Lower Service Access Points (L-SAPs) and are non-collocated. Next, using the map, data received at the U-SAP is directed over one of the two links for transmission to the client device. Further, frame aggregation and block acknowledgment functions may be performed by one of the first or second L-SAP based on whether data transmission is over the first or second link.
Techniques for providing a language model to detect and remedy a security incident are described. A language model is deployed to respond to prompts from network operators. The language model receives a prompt from the network operator indicating actions to take based on trigger events. When a trigger event occurs, the language model receives a description of a potential security incident and identifies indicators of compromise in the description. The language model calls one or more other models to analyze the indicators and receives from the one or more other models, information indicating that the potential security incident is a real security incident, and outputs a prompt to the network operator to approve confirmation of the security incident.
In one embodiment, a device receives, via a user interface, definition of a first sequence of transactional milestones performed by users of an online application and identified using a first type of identifier. The device also receives, via the user interface, definition of a second sequence of transactional milestones performed by users of the online application and identified using a second type of identifier. The device further receives, via the user interface, definition of a key transition associated with at least one transactional milestone in the first sequence of transactional milestones or second sequence of transactional milestones that links the first type of identifier with the second type of identifier. The device represents, using the key transition, performance of the first sequence of transactional milestones and the second sequence of transactional milestones by a particular user of the online application as a unified sequence.
One embodiment of the disclosure is an electro-optical modulator system. The system may include a ferroelectric material having one or more crystal orientation axes and a Mach-Zehnder interferometer (MZI) modulator comprising an MZI input, an MZI output, a first arm and a second arm, wherein the first arm and the second arm are in optical communication with the MZI input and the MZI output. The ferroelectric material may define or be in communication with a portion of the first arm and the second arm. The first arm may have a first phase parameter and the second arm may have a second phase parameter. The arms may have domain orientations that differ. A portion of the first arm may include a portion of one or more loading layers and a portion of the second arm may include a portion of one or more loading layers.
G02F 1/05 - Dispositifs ou dispositions pour la commande de l'intensité, de la couleur, de la phase, de la polarisation ou de la direction de la lumière arrivant d'une source lumineuse indépendante, p. ex. commutation, ouverture de porte ou modulationOptique non linéaire pour la commande de l'intensité, de la phase, de la polarisation ou de la couleur basés sur des céramiques ou des cristaux électro-optiques, p. ex. produisant un effet Pockels ou un effet Kerr avec des propriétés ferro-électriques
G02F 1/00 - Dispositifs ou dispositions pour la commande de l'intensité, de la couleur, de la phase, de la polarisation ou de la direction de la lumière arrivant d'une source lumineuse indépendante, p. ex. commutation, ouverture de porte ou modulationOptique non linéaire
G02F 1/21 - Dispositifs ou dispositions pour la commande de l'intensité, de la couleur, de la phase, de la polarisation ou de la direction de la lumière arrivant d'une source lumineuse indépendante, p. ex. commutation, ouverture de porte ou modulationOptique non linéaire pour la commande de l'intensité, de la phase, de la polarisation ou de la couleur par interférence
G02F 1/225 - Dispositifs ou dispositions pour la commande de l'intensité, de la couleur, de la phase, de la polarisation ou de la direction de la lumière arrivant d'une source lumineuse indépendante, p. ex. commutation, ouverture de porte ou modulationOptique non linéaire pour la commande de l'intensité, de la phase, de la polarisation ou de la couleur par interférence dans une structure de guide d'ondes optique
Devices, systems, methods, and processes for energy scoring of network paths are described herein. Various network paths, each including one or more hops, may be identified in a network. Presence of additional hops in each network path may be determined. From the identified and determined hops, a set of hops may be determined for energy score determination. For each selected hop, a set of energy parameters may be determined and one or more weights may be assigned to the determined set of energy parameters. A weight may correspond to a level of confidence in or an accuracy of the energy parameter determination. An energy score of each network path may be determined based on the determined set of energy parameters and the assigned one or more weights. One network path may be selected based on the energy scores and traffic may be routed along the selected network path.
In one embodiment, a device instruments an application to generate OpenTelemetry trace data during execution of the application. The device identifies, based on where the application was instrumented, a particular method of the application. The device determines that a circuit breaker should be inserted for the particular method of the application. The device inserts a circuit breaker for the particular method.
Supporting Multi-Access Point (AP) Coordination (MAPC) across multiple bands may be provided. Supporting multi-band MAPC can include receiving one or more multi-band MAPC capabilities elements from one or more APs. One or more MAPC modes can be determined for a plurality of bands based on the one or more multi-band MAPC capabilities elements. A multi-band MAPC Coordination Group (CG) can be formed including the one or more APs, wherein the multi-band MAPC CG uses the one or more MAPC modes for the plurality of bands.
H04W 84/12 - Réseaux locaux sans fil [WLAN Wireless Local Area Network]
H04B 7/024 - Utilisation coopérative d’antennes sur plusieurs sites, p. ex. dans les systèmes à plusieurs points coordonnés ou dans les systèmes coopératifs à "plusieurs entrées plusieurs sorties" [MIMO]
47.
Hybrid query system for searching unstructured data
Technologies are described herein for executing queries expressed with reference to a structured query language against unstructured data. A user issues a structured query through a traditional structured data management (“SDM”) application. Upon receiving the structured query, an SDM driver analyzes the structured query and extracts a data structure from the unstructured data, if necessary. The structured query is then converted to an unstructured query based on the extracted data structure. The converted unstructured query may then be executed against the unstructured data. Results from the query are reorganized into structured data utilizing the extracted data structure and are then presented to the user through the SDM application.
G06F 16/338 - Présentation des résultats des requêtes
G06F 16/80 - Recherche d’informationsStructures de bases de données à cet effetStructures de systèmes de fichiers à cet effet de données semi-structurées, p. ex. données structurées par un langage de balisage tels SGML, XML ou HTML
Implementations of the disclosure pertain to detecting mislabeling of a source type assigned to machine data through utilization of machine learning techniques. Operations of a computerized method for detecting the mislabeling include receiving machine data that has been assigned an initial source type upon receipt by a data intake and query system and parsing the data block into a plurality of events based on a source type definition of the initial source type. Further operations include generating a data representation of a first event being a portion of the machine data and is associated with a point in time, determining a predicted source type of the first event by at least analyzing the data representation through machine learning techniques, and performing a comparison between the predicted source type and the initial source type thereby determining whether the source type of the event was initially mislabeled.
G06F 16/907 - Recherche caractérisée par l’utilisation de métadonnées, p. ex. de métadonnées ne provenant pas du contenu ou de métadonnées générées manuellement
G06F 17/18 - Opérations mathématiques complexes pour l'évaluation de données statistiques
G06F 18/214 - Génération de motifs d'entraînementProcédés de Bootstrapping, p. ex. ”bagging” ou ”boosting”
Various implementations set forth a computer-implemented method for scanning a three-dimensional (3D) environment. The method includes generating, in a first time interval, a first extended reality (XR) stream based on a first set of meshes representing a 3D environment, transmitting, to a remote device, the first XR stream for rendering a 3D representation of a first portion of the 3D environment in a remote XR environment, determining that the 3D environment has changed based on a second set of meshes representing the 3D environment and generated subsequent to the first time interval, generating a second XR stream based on the second set of meshes, and transmitting, to the remote device, the second XR stream for rendering a 3D representation of at least a portion of the changed 3D environment in the remote XR environment.
A receiver configured to receive a plurality of symbols is disclosed. The receiver includes a hard decision decoder, a look-up table (LUT) coupled to the hard decision decoder, and a soft metric generator coupled to the LUT. The hard decision decoder is to receive a first set of symbols from the plurality of symbols and provide a set of hard coded neighboring symbols to the LUT. The first set of symbols comprises a center symbol with neighboring symbols. The LUT is to store a value representative of the center symbol that is addressable by the set of hard coded neighboring symbols. The soft metric generator is to calculate bit log likelihood ratio (LLR) values based on the center symbol and the value representative of the center symbol stored in the LUT.
H03M 13/11 - Détection d'erreurs ou correction d'erreurs transmises par redondance dans la représentation des données, c.-à-d. mots de code contenant plus de chiffres que les mots source utilisant un codage par blocs, c.-à-d. un nombre prédéterminé de bits de contrôle ajouté à un nombre prédéterminé de bits d'information utilisant plusieurs bits de parité
H03M 13/39 - Estimation de séquence, c.-à-d. utilisant des méthodes statistiques pour la reconstitution des codes originaux
51.
LLM TECHNOLOGY FOR POLYMORPHIC GENERATION OF SAMPLES OF MALWARE FOR FUTURE MALWARE DETECTION
Systems, methods, and computer-readable media are disclosed for detecting a malware sample by creating polymorphic variants of a malware sample using a large language model. The technology can obtain a known malware sample and decompose the known malware sample into behavioral characterizations of the known malware sample that correspond to respective processes taken by the known malware sample. The technology can then train a large language model with data corresponding to the behavioral characterizations and generate polymorphic variants of the known malware sample with a large language model based on the behavioral characterizations. When the technology later receives a potential malware sample, it can analyze the potential malware sample by comparing the potential malware sample to the polymorphic variants of the known malware sample generated by the large language model.
In one embodiment, a method includes receiving a request from a powered device for power to be supplied from power sourcing equipment to the powered device; granting, in response to the request, provisional power to the powered device; receiving, an authentication request from the powered device to authenticate the powered device and reserve power; analyzing user data and device data to determine an authentication status for the powered device; denying power within a power budget for the powered device in response to the analyzing determining that the authentication status for the powered device corresponds to a failed authentication; and using an authenticated-power-profile to determine one or more actions to be performed with respect to the powered device having the failed authentication, in response to a defined number of failed authentications or an expiration of a timeout period defining an amount of time allowed to authenticate the powered device.
Devices, systems, methods, and processes for flow entropy management using network address translation (NAT) scheme are described herein. Typically, due to fewer flows and high bandwidth demands in backend data center networks, hash distribution algorithms may exhibit bias, leading to congestion on certain network paths while others remain underutilized, a phenomenon known as low flow entropy. To address the low flow entropy problem, a network interface controller (NIC) decomposes a traffic flow into multiple flowlets and applies a NAT operation on each flowlet. In the NAT operation, an actual source port value of a flowlet is replaced with a unique unused source port value to make the flowlet look like a different traffic flow to a switch. Thus, the switch processes each flowlet as a different traffic flow and uses load balancing schemes to distribute the flowlets across various network paths. Thus, improving the flow entropy of the network.
An optical apparatus is described that includes an input port configured to receive an optical signal comprising a plurality of wavelengths, a plurality of output ports, and one or more grating filters arranged between the input port and the plurality of output ports. Each grating filter is configured to receive one or more wavelengths of the plurality of wavelengths at a multimode waveguide, to propagate the one or more wavelengths through a first transition section extending between the multimode waveguide and a slot waveguide, and to reflect, using a respective antisymmetric Bragg grating formed in the slot waveguide, a first mode of a respective wavelength of the one or more wavelengths through the first transition section toward a respective output port of the plurality of output ports.
G02B 6/293 - Moyens de couplage optique ayant des bus de données, c.-à-d. plusieurs guides d'ondes interconnectés et assurant un système bidirectionnel par nature en mélangeant et divisant les signaux avec des moyens de sélection de la longueur d'onde
G02B 6/42 - Couplage de guides de lumière avec des éléments opto-électroniques
55.
DYNAMIC TRANSACTION-AWARE WEB APPLICATION AUTHENTICATION USING CALL INTERCEPTS
According to one or more embodiments of the disclosure, the techniques herein are directed toward a dynamic transaction-aware web application authentication using call intercepts. In one embodiment, a method comprises: intercepting, by a monitoring process, calls made for transactions within an executing application; determining, by the monitoring process, whether a particular intercepted call triggers an enhanced user authentication requirement for a particular transaction; initiating, by the monitoring process in response to the particular intercepted call triggering the enhanced user authentication requirement, a corresponding challenge to adequately authenticate a user for the particular transaction; and allowing, by the monitoring process, the particular intercepted call to proceed for the particular transaction in response to an adequately authenticated user for the particular transaction.
G06F 21/52 - Contrôle des utilisateurs, des programmes ou des dispositifs de préservation de l’intégrité des plates-formes, p. ex. des processeurs, des micrologiciels ou des systèmes d’exploitation au stade de l’exécution du programme, p. ex. intégrité de la pile, débordement de tampon ou prévention d'effacement involontaire de données
G06F 21/55 - Détection d’intrusion locale ou mise en œuvre de contre-mesures
In one embodiment, an illustrative method herein may comprise: obtaining, by a device, a plurality of indications of errors experienced by a bot performing tasks, wherein each of the plurality of indications includes contextual information of a corresponding error; determining, by the device, correlated errors among the errors experienced by the bot; aggregating, by the device, contextual information of each of the correlated errors into aggregated contextual data; and providing, by the device, the aggregated contextual data with an error notification for a particular correlated error.
In one embodiment, a method includes receiving at a thermal modeling module, data from a Power Sourcing Equipment device (PSE) for cables extending from the PSE to Powered Devices (PDs), the cables configured to transmit power and data from the PSE to the PDs, calculating at the thermal modeling module, thermal characteristics for the cables based on the data, and identifying a thermal rise above a specified threshold at one of the cables. The data comprises real-time electrical data for the cables. An apparatus and logic are also disclosed herein.
Techniques for determining an optimal connection path by a NHNaaS are described. The techniques may include receiving, by an end-to-end neutral host NaaS and from a user device, a request for a connection to a remote service, the request including user parameters required for the connection. multiple paths between the user device and the remote service offered by service providers that provide connections having service parameters compatible with the user parameters are determined by the end-to-end neutral host NaaS. The neutral host NaaS identifies an optimal path for establishing the connection between the user device and the remote service based on network performance of the multiple paths. Finally, the neutral host NaaS enables an instantiation of a tunnel along the optimal path between the user device and the remote service.
H04L 47/10 - Commande de fluxCommande de la congestion
H04L 45/12 - Évaluation de la route la plus courte
H04L 47/2425 - Trafic caractérisé par des attributs spécifiques, p. ex. la priorité ou QoS pour la prise en charge de spécifications de services, p. ex. SLA
59.
Suspicious Filename Detection Based On Character-Level Recurrent Neural Network Class Predictions
Disclosed herein is a machine learning-based approach to detect suspiciously named processes. When malware executes on a networking device, such as a laptop or desktop computer, the malware may create a copy of itself, assign the copy a process name consisting of random characters, and store the copy in a directory of the networking device. As characters of words in a given language follow patterns and rules, the presence of each character is not equally likely. In contrast, characters in random sequences have an equal likelihood of being present. In some implementations disclosed herein, a character-level recurrent neural network (RNN) is trained to distinguish between randomly generated filenames from those created by an user and thus, identify malware attacks. In some implementations, a character-level RNN is configured to classify filenames as malicious or benign.
In one embodiment, a method herein comprises: registering, by an orchestration service agent, with a central management device to receive a corresponding configuration for the orchestration service agent, wherein the central management device receives a registration from each of a plurality of orchestration service agents; self-configuring, by the orchestration service agent, based on the corresponding configuration; obtaining, by the orchestration service agent and from the central management device, an agent-specific configuration package; and configuring, by the orchestration service agent and based on the agent-specific configuration package, a corresponding agent associated with the orchestration service agent and executing on a corresponding entity.
Devices, systems, and methods to enable a user to control initiation and execution of a maintenance mode in a power distribution system that includes a power transmitter subsystem that transmits power over a cable to a power receiver subsystem. A maintenance mode associated with the power transmitter subsystem and the power receiver subsystem is initiated. The maintenance mode causes the power transmitter subsystem and power receiver subsystem to enter a power mode to allow for maintenance activity to be performed at the power transmitter subsystem and power receiver subsystem. An authorization server is configured to authorize initiation of the maintenance mode on the power transmitter subsystem and power receiver subsystem.
H02J 3/00 - Circuits pour réseaux principaux ou de distribution, à courant alternatif
H02J 13/00 - Circuits pour pourvoir à l'indication à distance des conditions d'un réseau, p. ex. un enregistrement instantané des conditions d'ouverture ou de fermeture de chaque sectionneur du réseauCircuits pour pourvoir à la commande à distance des moyens de commutation dans un réseau de distribution d'énergie, p. ex. mise en ou hors circuit de consommateurs de courant par l'utilisation de signaux d'impulsion codés transmis par le réseau
62.
Integration of Erbium-Doped Low Loss Silicon Nitride Waveguides on Silicon Photonics
In various embodiments, the disclosure relates to an electro-optical device that includes an optical amplifier and a photonic assembly. The optical amplifier may include a first encapsulation layer defining a first bonding surface, and an erbium-doped Si3N4 waveguide, wherein the erbium-doped Si3N4 waveguide disposed within the first encapsulation layer. The photonic assembly may include a substrate, a second encapsulation layer defining a second bonding surface, the second encapsulation layer disposed on the substrate, a modulator, one or more photodetectors, and a waveguide. In various embodiments, the modulator, the one or more photodetectors and the waveguide are disposed within the second encapsulation layer. The one or more regions of the first bonding surface are bonded to the one or more regions of the second bonding surface in various embodiments. The Si3N4 waveguide is optically coupled to the waveguide in various embodiments.
G02B 6/12 - Guides de lumièreDétails de structure de dispositions comprenant des guides de lumière et d'autres éléments optiques, p. ex. des moyens de couplage du type guide d'ondes optiques du genre à circuit intégré
G02B 6/124 - Lentilles géodésiques ou réseaux intégrés
H01S 3/10 - Commande de l'intensité, de la fréquence, de la phase, de la polarisation ou de la direction du rayonnement, p. ex. commutation, ouverture de porte, modulation ou démodulation
H01S 5/026 - Composants intégrés monolithiques, p. ex. guides d'ondes, photodétecteurs de surveillance ou dispositifs d'attaque
63.
IN-NETWORK COMPUTING USING MODULAR SWITCH ARCHITECTURE
Devices, systems, methods, and processes for in-network computing using modular switch architecture are described herein. Endpoint devices generate data chunks and forward them to a network, comprising spine and leaf switches, for data reduction. Leaf switches act as conduits and forward the data chunks to a spine switch. The spine switch includes various line cards (e.g., one for each leaf switch) and a fabric element. The line cards may execute a stage of data reduction on the received data chunks or may forward the received data chunks directly to the fabric element. The fabric element executes a data reduction operation on the data received from the line cards and obtains a reduced output which is forwarded to the endpoint devices via the line cards and the leaf switches. Thus, a single-tier in-network computing topology is implemented to execute data reduction in a cost-effective, simple, and efficient manner.
Devices, systems, methods, and processes for incast congestion management are described herein. Typically, in a Packet Sequence Number (PSN) based Remote Direct Memory Access (RDMA) network, Priority Flow Control (PFC) is asserted upstream when an incast congestion event occurs, which can victimize unrelated flows. Thus, instead of asserting PFC, a switch in the PSN based RDMA network detects an incast congestion event and directly notifies one or more Reliable Connection (RC) Queue Pairs (QPs) of various sending devices, associated with the incast congestion event using Receiver Not Ready (RNR) negative acknowledgements (NACKs). These RNR NACKs are associated with unique pause time-periods. The associated RC QPs receive the RNR NACKs and pause packet transmission. The associated RC QPs resume packet transmission upon expiration of corresponding pause time-periods. Thus, the packet transmission from the contributing RC QPs is spaced out, avoiding all packets reaching a switch output port at the same time.
H04L 47/125 - Prévention de la congestionRécupération de la congestion en équilibrant la charge, p. ex. par ingénierie de trafic
H04L 47/122 - Prévention de la congestionRécupération de la congestion en détournant le trafic des entités congestionnées
H04L 47/30 - Commande de fluxCommande de la congestion en combinaison avec des informations sur l'occupation de mémoires tampon à chaque extrémité ou aux nœuds de transit
Devices, systems, methods, and processes for switch triggered faster go-back-N recovery are described herein. Typically, Go-back-N recovery is triggered in response to: a receiver missing a packet and receiving a next packet in a data transmission sequence, or a sender timing out and identifying a missing acknowledgement for a dropped packet. Such scheme suffers potential latency issues, especially when the dropped packet is the last packet or corresponds to a single packet message. Thus, instead of relying on the sender to timeout and identify missing acknowledgements or on the receiver to receive the next packet, a switch executes a packet mirroring and trimming scheme on the dropped packet and generates a trimmed out-of-order packet of the same reliable connection flow. The trimmed out-of-order packet causes the receiver to transmit a negative acknowledgement to the sender, thus triggering faster go-back-N recovery and causing the sender to retransmit the dropped packet.
H04L 67/1095 - Réplication ou mise en miroir des données, p. ex. l’ordonnancement ou le transport pour la synchronisation des données entre les nœuds du réseau
H04L 67/1097 - Protocoles dans lesquels une application est distribuée parmi les nœuds du réseau pour le stockage distribué de données dans des réseaux, p. ex. dispositions de transport pour le système de fichiers réseau [NFS], réseaux de stockage [SAN] ou stockage en réseau [NAS]
Devices, systems, and methods to enable a user to control initiation and execution of a maintenance mode in a power distribution system that includes a power transmitter subsystem that transmits power over a cable to a power receiver subsystem. A maintenance mode associated with the power transmitter subsystem and the power receiver subsystem is initiated, The maintenance mode causes the power transmitter subsystem and power receiver subsystem to enter a power mode to allow for maintenance activity to be performed at the power transmitter subsystem and power receiver subsystem. An authorization server is configured to authorize initiation of the maintenance mode on the power transmitter subsystem and power receiver subsystem.
H02J 3/00 - Circuits pour réseaux principaux ou de distribution, à courant alternatif
H02J 11/00 - Circuits pour pourvoir au service d'alimentation des auxiliaires de stations, dans lesquels la puissance électrique est produite, distribuée ou convertie
H02J 13/00 - Circuits pour pourvoir à l'indication à distance des conditions d'un réseau, p. ex. un enregistrement instantané des conditions d'ouverture ou de fermeture de chaque sectionneur du réseauCircuits pour pourvoir à la commande à distance des moyens de commutation dans un réseau de distribution d'énergie, p. ex. mise en ou hors circuit de consommateurs de courant par l'utilisation de signaux d'impulsion codés transmis par le réseau
H04W 24/00 - Dispositions de supervision, de contrôle ou de test
Techniques are described for providing a software-based platform for context-based vulnerability management of information technology (IT) environments. In some examples, a vulnerability management application collects vulnerability scan data, from potentially many different scanning agents, as well as vulnerability information from other third-party sources. The vulnerability management application also accesses asset and activity data associated with an IT environment. The vulnerability management application can provide a user interface contextualizing vulnerabilities, based on the contextual asset or activity data, allowing for user-configured or automated vulnerability risk adjustments to impact the management and remediation of vulnerabilities for the IT environment.
Embodiments of the present invention are directed to facilitating search input recommendations. In accordance with aspects of the present disclosure, a set of events determined from raw machine data is obtained. The events are analyzed to generate a temporal map associated with the set of events. Generally, the temporal map associates candidate terms with temporally related terms that occur within a period of time corresponding with the candidate terms. A search term input into a search field is received. Based on the input search term, the temporal map is used to identify one or more temporally related term recommendations.
Described herein is a framework for identifying one or more points-of-interest that are geographically proximal to a geographical location of the mobile device. Geographical location information of a mobile device is transformed from a first format to a second format by performing a Mercator projection of the geographical location information in the first format. Using a point-of-interest search memory structure, one or more points-of-interest are identified that are geographically proximal to a geographical location of the mobile device, wherein the point-of-interest search memory structure includes location information for a plurality of points-of-interest. Information indicative of the one or more points-of-interest are transmitted to an analytical server to enable the analytical server to perform analysis related to the mobile device.
Method, system, and/or computer readable medium for roaming on a Wi-Fi network having a plurality of access points including: determining that a new AP actor provides a station (STA) actor enhanced characteristics as compared to an existing AP actor, wherein the enhanced characteristics include one or more of a stronger connection, lower congestion, and/or increased bandwidth; transferring required state from the existing AP actor to the new AP actor; and transferring at least some of data wherein the at least some data includes one or more of medium access control service data units (MSDUs), aggregated-MSDUs (A-MSDUs), medium access control protocol data units (MPDUs), and/or aggregated-MPDUs from the existing AP actors to the new AP actor.
Method, system, and/or computer readable medium for providing enhanced diversity and reliability for a continued wireless connection including: establishing an upper upper medium access controller (UMAC) and a plurality of lower UMACs; discovering the upper UMAC by each of the plurality of lower UMACs; connecting a station (STA) actor to each of the plurality of lower UMACs; connecting each of the plurality of lower UMACs to the upper UMAC; and establishing a connection through the upper UMAC and each of the plurality of lower UMACs to the STA actor.
In one embodiment, a method includes receiving, by a network component, application performance data. The application performance data is associated with one or more applications. The method also includes determining to transform, by the network component, the application performance data into application security data, generating, by the network component, a baseline for the application security data, and detecting, by the network component, an anomaly in the baseline. The method further includes determining, by the network component, a potential security threat based on the anomaly.
Techniques for dynamic TID mapping are provided. A network device creates an Internet-of-things (IoT) traffic identifier (TID) for IoT traffic. The network device determines a first operational spectrum for the IoT TID. The network device maps the IoT TID to access one or more links operating on the first operational spectrum, between the network device and the IoT device. The network device communicates the TID and the one or more links to the IoT device.
A system for managing addresses for a device includes at least one processor; and a computer-readable storage medium storing instructions which, when executed by the at least one processor, cause the at least one processor to be configured to: receive, at a network component of a network, data regarding a device; perform analysis of the device based on the data; based on the analysis, trigger a request to an address management system for the network; reprovision, based on the request, a subscription profile for the device with a selected Internet Protocol (IP) address to be used by the device; deregister the device from the network; reconnect the device to the network; and assign and transmit the selected IP address to the device.
A method is performed by an access point (AP) using coordinated time division multiple access (Co-TDMA) with multi-AP coordination (MAPC). The method comprises: upon acquiring a transmit opportunity (TXOP) having a TXOP duration for traffic of an access category among prioritized access categories, exchanging the traffic with a client during a portion of the TXOP; and transmitting, to a first AP, a first outbound control frame configured to allocate, to the first AP, a first shared portion of the TXOP duration to be used by the first AP to exchange first traffic for the access category or a higher priority access category with a first client, wherein the first outbound control frame includes a multi-user request-to-send TXOP sharing trigger frame having a first indication of the first shared portion of the TXOP duration, and a second indication of the access category.
H04W 74/0816 - Accès non planifié, p. ex. ALOHA utilisant une détection de porteuse, p. ex. accès multiple par détection de porteuse [CSMA] avec évitement de collision
H04W 72/0446 - Ressources du domaine temporel, p. ex. créneaux ou trames
In one embodiment, a device may obtain a media topology of nodes involved in a collaboration session. The device may cause each of a plurality of probes to be provisioned to a corresponding node of the nodes involved in the collaboration session to perform a test of a corresponding segment of the media topology, and each of the plurality of probes may be associated to a session identifier of the collaboration session. The device may determine observability information based on results of the plurality of probes for each segment of the media topology, and the results may include an indication of the session identifier. The device may correlate the observability information to the collaboration session based on the indication of the session identifier.
In one embodiment, a device may receive a multicast path trace request for a multicast tree, wherein the device is a mid-node in the multicast tree. The device may perform, based on the device being a mid-node in the multicast tree, an upstream trace of network topology of the multicast tree from the device to a head-node of the multicast tree and a downstream trace of network topology of the multicast tree from the device to at least one tail-node. The device may generate an end-to-end visible topology of the multicast tree based on the upstream trace and the downstream trace. The device may provide the end-to-end visible topology of the multicast tree to an observability manager.
In one embodiment, a service determines authentication credentials for a web application transaction. The service determines one or more performance metrics regarding the web application transaction. The service generates an enhanced web token comprising the one or more performance metrics regarding the web application transaction. The service sends the enhanced web token and the authentication credentials along a path of the web application transaction, the path including one or more services configured to use the one or more performance metrics sent in addition to the authentication credentials to process the web application transaction.
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
79.
MULTI-LINK OPERATION FOR WIRELESS LOCAL AREA NETWORK MULTI-LINK DEVICE
A method to operate a multi-link wireless device. The method includes establishing at least a first multi-link device interface and a second multi-link device interface, exposing, via a virtual data port, the first multi-link device interface and the second multi-link device interface at a data processing layer of the wireless device, selecting one of the first multi-link device interface and the second multi-link device interface, as a selected multi-link device interface, based on performance information associated with a first radio and a second radio associated, respectively, with the first multi-link device interface and the second multi-link device interface, and wirelessly transmitting a packet from the wireless device by routing the packet through the selected multi-link device interface.
A method, computer system, and computer program product are provided for prioritizing network traffic. An indication is received at a network controller that an alarm is activated at a physical site. A request is received from a user device to join a network at the physical site that is under control of the network controller, wherein the request includes a flag indicating an identity of a user of the user device and a priority status of the user. In response to authenticating the identity of the user via an identity provider server, the user device is authorized to join the network. Based on verifying the priority status of the user using the flag and authentication via the identity provider server, network traffic for the user device is prioritized.
H04W 72/566 - Critères d’affectation ou de planification des ressources sans fil sur la base de critères de priorité de l’information, de la source d’information ou du destinataire
H04W 4/90 - Services pour gérer les situations d’urgence ou dangereuses, p. ex. systèmes d’alerte aux séismes et aux tsunamis
A system and method are provided for implementing a network component and verifying an update of the network component. The network component can be, e.g., a software-defined wide area network, a firewall, a router, or a load balancer. The network component can be an embedded network edge device that is implemented, e.g., in software, in circuitry, or using hardware acceleration (e.g., a data processing unit (DPU), a smart network interface card (SmartNIC), etc.). The updated version of the network component is verified by implementing it on a shadow dataplane concurrently with the current version operating on a primary dataplane, and comparing the performances of these two versions. Based on this comparison satisfying various verification criteria, the updated version passes a verification test and can be promoted to the primary dataplane.
The present disclosure is directed to migrating network traffic from a licensed spectrum to an unlicensed spectrum within the same radio access technology (RAT). In one aspect, a method includes identifying a user device connected to a cellular wireless access technology, over a licensed spectrum; determining whether a condition for switching network traffic associated with the user device to an unlicensed spectrum is triggered; in response to determining that the condition is triggered, determining an unlicensed spectrum to move the network traffic to, the unlicensed spectrum being within a same cell as the licensed spectrum or in a different cell compared to a cell in which the licensed spectrum is; and migrating at least a portion of the network traffic to the unlicensed spectrum while maintaining network connectivity of the user device over the cellular wireless access technology.
Provided herein are techniques through which coordinated steering of a Reconfigurable Intelligent Surface (RIS) device can be utilized according to prioritized time-slices determined for each of multiple wireless access points (APs) for a wireless local area network (WLAN). Coordinated steering of an RIS device by multiple wireless APs according to prioritized time-slices may facilitate seamless roaming for wireless clients between the wireless APs for the WLAN.
H04W 36/00 - Dispositions pour le transfert ou la resélection
H04W 36/30 - La resélection étant déclenchée par des paramètres spécifiques par des données de mesure ou d’estimation de la qualité des liaisons
H04W 36/32 - La resélection étant déclenchée par des paramètres spécifiques par des données de localisation ou de mobilité, p. ex. des données de vitesse
84.
PRE-ASSOCIATION SECURITY NEGOTIATION (PASN) TUNNELING FOR PROTECTED UNAUTHENTICATED EXCHANGES
Presented herein are techniques to tunnel Pre-Association Security Negotiation (PASN) communications within another PASN protected exchange established with an (initial) access point (AP), thus allowing a station (STA) to establish one or more PASN sessions with one or more other access points (APs) through the initial AP, thereby enabling the STA to pre-establish PASN sessions with multiple APs without leaving its active channel with the initial AP. In at least embodiment, a method may include establishing a first PASN session between a STA and a first AP through initial PASN communications exchanged between the STA and the first AP and performing subsequent PASN communications between the STA and at least one other AP that are facilitated through the first PASN session established between the STA and the first AP to enable at least one subsequent PASN session to be established between the STA and the at least one other AP.
Devices, systems, methods, and processes for data plane redundancy management in network devices are described herein. A linecard in a network device may classify a plurality of packets into a first category or a second category based on whether a packet is a control packet or a data packet. The linecard may transmit all control packets and data packets to an active data plane. The linecard may selectively transmit the control packets and a sampled subset of the data packets to a standby data plane. Thus, the standby data plane is equipped with dynamic information of network using the control packets and Media Access Control addresses using the sampled subset of the data packets. When a failure is detected in the active data plane, the linecard starts transmitting all the data packets also to the standby data plane and starts accepting processed packets from the standby data plane for forwarding.
H04L 43/062 - Génération de rapports liés au trafic du réseau
H04L 41/0663 - Gestion des fautes, des événements, des alarmes ou des notifications en utilisant la reprise sur incident de réseau en réalisant des actions prédéfinies par la planification du basculement, p. ex. en passant à des éléments de réseau de secours
H04L 43/022 - Capture des données de surveillance par échantillonnage
In some aspects, the techniques described herein relate to a method including: obtaining, at a network device from a user device, a request for a network session, the request including an indication of a user device profile; determining a traffic identifier to associate with the user device profile; binding the traffic identifier to a network policy to be applied to traffic associated with the user device profile; and providing the traffic identifier to the user device.
The present disclosure describes an integrated circuit that uses a unit cell of capacitors as floating metal fill. An integrated circuit includes a first capacitor that includes a transistor and a second capacitor that includes a first set of metal fingers and a second set of metal fingers. The transistor is positioned in a first layer of the integrated circuit and a second layer of the integrated circuit. The transistor forms an anode and a cathode of the first capacitor. The first set of metal fingers are interdigitated with the second set of metal fingers. The first set of metal fingers and the second set of metal fingers are positioned in the second layer. The first set of metal fingers are electrically connected to the cathode of the first capacitor. The second set of metal fingers are electrically connected to the anode of the first capacitor.
Devices, systems, methods, and processes for data plane redundancy management in network devices are described herein. A linecard in a network device may classify a plurality of packets into a first category or a second category based on whether a packet is a control packet or a data packet. The linecard may transmit all control packets and data packets to an active data plane. The linecard may selectively transmit the control packets and a sampled subset of the data packets to a standby data plane. Thus, the standby data plane is equipped with dynamic information of network using the control packets and Media Access Control addresses using the sampled subset of the data packets. When a failure is detected in the active data plane, the linecard starts transmitting all the data packets also to the standby data plane and starts accepting processed packets from the standby data plane for forwarding.
H04L 47/2408 - Trafic caractérisé par des attributs spécifiques, p. ex. la priorité ou QoS pour la prise en charge de différents services, p. ex. services du type services différentiés [DiffServ]
H04L 47/2441 - Trafic caractérisé par des attributs spécifiques, p. ex. la priorité ou QoS en s'appuyant sur la classification des flux, p. ex. en utilisant des services intégrés [IntServ]
H04L 49/113 - Dispositions pour une commutation avec redondance, p. ex. en utilisant des plans parallèles
A method is performed by an access point (AP) using coordinated time division multiple access (Co-TDMA) with multi-AP coordination (MAPC). The method comprises: upon acquiring a transmit opportunity (TXOP) having a TXOP duration for traffic of an access category among prioritized access categories, exchanging the traffic with a client during a portion of the TXOP; and transmitting, to a first AP, a first outbound control frame configured to allocate, to the first AP, a first shared portion of the TXOP duration to be used by the first AP to exchange first traffic for the access category or a higher priority access category with a first client, wherein the first outbound control frame includes a multi-user request-to-send TXOP sharing trigger frame having a first indication of the first shared portion of the TXOP duration, and a second indication of the access category.
H04W 74/0816 - Accès non planifié, p. ex. ALOHA utilisant une détection de porteuse, p. ex. accès multiple par détection de porteuse [CSMA] avec évitement de collision
H04W 72/0446 - Ressources du domaine temporel, p. ex. créneaux ou trames
H04W 84/12 - Réseaux locaux sans fil [WLAN Wireless Local Area Network]
90.
Custom threshold windows for key performance indicator alerts
A computing device monitors a key performance indicator (KPI) relative to a first alert threshold, where a value of the KPI having a specified relationship to the first alert threshold causes the computing device to generate an alert. When the computing device receives an instruction to modify the first alert threshold by an adjustment amount, for a specified time window, the computing device generates a modified alert threshold by applying the adjustment amount to the first alert threshold. During the specified time window, the computing device monitors the KPI relative to the modified alert threshold instead of the first alert threshold. Monitoring is resumed relative to the first alert threshold after the specified time window.
G06F 11/34 - Enregistrement ou évaluation statistique de l'activité du calculateur, p. ex. des interruptions ou des opérations d'entrée–sortie
G06Q 10/0637 - Gestion ou analyse stratégiques, p. ex. définition d’un objectif ou d’une cible pour une organisationPlanification des actions en fonction des objectifsAnalyse ou évaluation de l’efficacité des objectifs
G06Q 10/0639 - Analyse des performances des employésAnalyse des performances des opérations d’une entreprise ou d’une organisation
91.
Optimized MVPN route exchange in SD-WAN environments
According to certain embodiments, a router comprises one or more processors and one or more computer-readable non-transitory storage media. The one or more computer-readable non-transitory storage media comprise instructions that, when executed by the one or more processors, cause one or more components of the router to perform operations comprising determining an occurrence of one or more network events associated with a multicast service, generating route exchange information associated with the multicast service locally by the router based on the one or more network events, and using the route exchange information locally to configure the router.
According to one aspect, a method includes establishing, by an access point (AP), a wireless communications link between the AP and a wireless station, wherein establishing the wireless communications link includes receiving a protected association request frame from the wireless station. The protected association request frame includes rotation pace preference information for randomized Media Access Control (MAC) address rotation management that indicates a preferred rotation pace. The method also includes selecting, by the AP, an Enhanced Data Privacy (EDP) group based on the rotation pace preference, the selected EDP group associated with epoch timing information for rotating wireless frame anonymization parameters at epoch transitions. A response frame that indicates the selected EDP group is transmitted to the wireless station. The AP maintains the wireless communications link with the wireless station based in part on the timing information for randomized M A C address rotation for the selected EDP group.
In one embodiment, a supervisory service for a network obtains quality of experience metrics for application sessions of an online application. The supervisory service maps the application sessions to paths that traverse a plurality of autonomous systems. The supervisory service identifies, based in part on the quality of experience metrics, a particular autonomous system from the plurality of autonomous systems associated with a decreased quality of experience for the online application. The supervisory service causes application traffic for the online application to avoid the particular autonomous system.
H04L 43/08 - Surveillance ou test en fonction de métriques spécifiques, p. ex. la qualité du service [QoS], la consommation d’énergie ou les paramètres environnementaux
G06F 16/901 - IndexationStructures de données à cet effetStructures de stockage
H04L 43/045 - Traitement des données de surveillance capturées, p. ex. pour la génération de fichiers journaux pour la visualisation graphique des données de surveillance
H04L 69/326 - Protocoles de communication intra-couche entre entités paires ou définitions d'unité de données de protocole [PDU] dans la couche transport [couche OSI 4]
Presented herein are a system and secure device onboarding techniques. A Connectivity Management Platform (CMP) receives a request for an access token that includes a user identifier, a customer organization identifier, and an authorization code from a Device Management Platform (DMP), verifies the authorization code, queries an enterprise server using the user identifier and the customer organization identifier to confirm the user belongs to the customer organization, generates the access token, stores the access token in an authentication datastore, and transmits the access token to DMP. The CMP receives a provisioning request including an eSIM identifier of a device and an access token from the DMP, verifies the access token, obtains a customer organization identifier based thereon, queries an enterprise server using the eSIM identifier and the customer organization identifier to confirm the device belongs to the customer organization, and facilitates secure provisioning of the device with an eSIM profile.
Techniques are described herein for dynamic service extension to provide risk mitigation upon detecting a threat. In embodiments, such techniques may be performed by a service provider platform and may comprise receiving information about a security threat, identifying one or more components susceptible to the security threat, determining, based on a software bill of materials, at least one data flow that includes a point of delivery (pod) associated with the one or more components, identifying at least one additional service determined to mitigate the security threat, and implementing the at least one additional service in relation to the at least one data flow.
G06F 21/57 - Certification ou préservation de plates-formes informatiques fiables, p. ex. démarrages ou arrêts sécurisés, suivis de version, contrôles de logiciel système, mises à jour sécurisées ou évaluation de vulnérabilité
96.
INITIALIZATION AND SYNCHRONIZATION FOR PULSE POWER IN A NETWORK SYSTEM
In one embodiment, a method includes receiving low voltage pulse power from power sourcing equipment at a powered device, synchronizing the powered device with a waveform of the low voltage pulse power received from the power sourcing equipment, and operating the powered device with high voltage pulse power received from the power sourcing equipment.
H04B 3/54 - Systèmes de transmission par lignes de réseau de distribution d'énergie
G01R 31/08 - Localisation de défauts dans les câbles, les lignes de transmission ou les réseaux
G01R 31/50 - Test d’appareils, de lignes, de câbles ou de composants électriques pour y déceler la présence de courts-circuits, de continuité, de fuites de courant ou de connexions incorrectes de lignes
G06F 1/30 - Moyens pour agir en cas de panne ou d'interruption d'alimentation
H02J 13/00 - Circuits pour pourvoir à l'indication à distance des conditions d'un réseau, p. ex. un enregistrement instantané des conditions d'ouverture ou de fermeture de chaque sectionneur du réseauCircuits pour pourvoir à la commande à distance des moyens de commutation dans un réseau de distribution d'énergie, p. ex. mise en ou hors circuit de consommateurs de courant par l'utilisation de signaux d'impulsion codés transmis par le réseau
Described herein are devices, systems, methods, and processes for managing the collection and synchronization of telemetry data in a network overseen by a cloud-based network controller. This can be achieved by representing telemetry data as doubly-indexed state blocks within a shared meta-schema. Each type within the schema may be associated with a temporal list of objects of that type, providing ordered indexing by name and by time of last change. Cursors representing data witnesses may be threaded in place within these lists, enabling synchronization of telemetry data between devices without buffering. The system can dynamically adjust telemetry collection cadence in real time across devices in the fabric as users navigate the user interface. This approach can provide an effective mechanism to manage the load created by the telemetry, particularly in the context of network switches and telemetry collection.
H04L 43/062 - Génération de rapports liés au trafic du réseau
H04L 43/0817 - Surveillance ou test en fonction de métriques spécifiques, p. ex. la qualité du service [QoS], la consommation d’énergie ou les paramètres environnementaux en vérifiant la disponibilité en vérifiant le fonctionnement
98.
ROUTER AFFINITY IN SOFTWARE DEFINED WIDE AREA NETWORK(S)
This disclosure describes techniques and mechanisms for utilizing affinity routing in SDWAN networks. The techniques may enable network administrators to assign and/or configure affinity numbers to hub(s) and/or gateway(s), tunneling interface(s), service(s), etc., as well as affinity-preference-order(s) to edge device(s) within the network. Network administrators may also configure control polic(ies). The techniques enable a scalable and simplified way to automatically load-balance traffic across different gateways within a network, while reducing network resource usage. The techniques may utilize routing affinity to achieve a variety of networking related functionalities, including automatic load-balancing of traffic, provisioning of active and backup gateways, optimal route distribution to routers from routing controllers, optimized service placement for edge routers, without the need for any policy configuration at all, let alone complex policies.
A method, computer system, and computer program product are provided for triggering a low power operating mode for a radio access network. Connectivity criteria are obtained for each of a plurality of user equipment (UEs) connected to a radio access network comprising a plurality of radio base stations. It is determined that at least one radio base station of the plurality of radio base stations can be placed in a low power operating mode based, at least in part, on the connectivity criteria of one or more user equipment connected to the at least one radio base station. The at least one radio base station is caused to enter into the low power operating mode.
H04W 60/04 - Rattachement à un réseau, p. ex. enregistrementSuppression du rattachement à un réseau, p. ex. annulation de l'enregistrement utilisant des événements déclenchés
In one embodiment, a method for detecting phishing activity by a webpage is provided. The method includes: receiving, by a processor, webpage data associated with the webpage; analyzing, by the processor, the webpage data to determine if at least one of a brand logo and credential entry box is present; in response to a determination that the brand logo is present or the credential entry box is present: extracting, by the processor, cookie feature data from the webpage data; determining, by the processor, cookie score data based on an analysis of the cookie feature data with a cookie model; predicting, by the processor, fraudulent content of the webpage based on the cookie score data and a prediction model; and generating, by the processor, notification data including an indication of the fraudulent content.
