Detecting malicious behavior in a network using security analytics by analyzing process interaction ratios
Granted: December 5, 2023
Patent Number:
11836247
Systems and methods for detecting malicious behavior in a network by analyzing process interaction ratios (PIRs) are provided. According to one embodiment, information regarding historical process activity is maintained. The historical process activity includes information regarding various processes hosted by computing devices of a private network. Information regarding process activity within the private network is received for a current observation period. For each process, for each…
Systems and methods for enhanced key security in an SD-WAN network environment
Granted: November 21, 2023
Patent Number:
11824973
Systems, devices, and methods are discussed for leveraging SD-WAN's property of redundant independent paths to enable out of band key exchange using the collection of available paths, dynamically managing link failures to keep the separation whenever possible, and/or signaling availability of quantum-safe data transfer to SD-WAN to enable quantum-safety to be used in SD-WAN policy decisions.
Systems and methods for incorporating passive wireless monitoring with video surveillance
Granted: November 21, 2023
Patent Number:
11823538
Various systems and methods for surveillance using a combination of video image capture and passive wireless detection are described. In some cases, the methods include receiving a device identification information from a first wireless access point at a first location and corresponding to a first time, and receiving the device identification from a second wireless access point at a second location and corresponding to a second time. A video from a camera is received, and a travel path…
Systems and methods for application integrated malicious behavior mitigation
Granted: November 14, 2023
Patent Number:
11816207
Various embodiments discussed generally relate to securing applications that work across networks, and more particularly to systems and methods for mitigating malicious behavior integrated within an application that directly calls a separate cloud based malicious behavior mitigation system.
Restricting control of an output resource advertising services openly over a wireless network for playing media
Granted: October 17, 2023
Patent Number:
11792033
Restrictions to control of wireless resources shared openly on a wireless network for playing media are described. At a high-level, advertisement are broadcast for an openly shared resource service are restricted with respect to who, when and where control is permitted. A resource controller app can be implemented on a Wi-Fi controller, on an SDN controller, or as a separate server to intercept advertisements (e.g., service advertisements) being sent for broadcast by an openly shared…
Systems and methods for governing VPN access using a remote device in proximity to a VPN endpoint
Granted: October 17, 2023
Patent Number:
11792043
Various embodiments provide for governing VPN access using a device remote from a VPN endpoint.
SD-WAN communication network forward error correction systems and methods
Granted: October 17, 2023
Patent Number:
11791932
Systems and methods are provided for error correction in network data transfers. In some cases, such systems and methods include selection of a ratio of error correction to user data based upon determined communication channel health.
Access point with modular internal/external antenna support
Granted: October 17, 2023
Patent Number:
11791550
An access point has a housing with at least one connector for at least one external antenna and at least one connector for at least one internal antenna. An RF controller detects whether the at least one external antenna is connected to the at least one connector for the at least one external antenna when an open circuit is closed. Responsive to detecting that the at least one external antenna is connected, a first mode in which the at least one internal antenna supports RF capabilities…
Selectively applying dynamic malware analysis to software files based on compression type in a software security system
Granted: October 17, 2023
Patent Number:
11790086
A file is received from external to the gateway device and, prior to runtime, the received file is detected as being compressed. Also before runtime, a compression type of the received file is differentiated as packed, protected, and/or archived. Identification of a specific packer, a specific protector or a specific archiver corresponding to the compression type is attempted. Responsive to successful identification, the received file is decompressed and a static type of malware analysis…
Systems and methods for network device discovery and vulnerability assessment
Granted: September 26, 2023
Patent Number:
11770402
Various embodiments are discussed that provide systems and methods for identifying possible unsecured devices on a network. In some cases, embodiments discussed relate to systems and methods for identifying possible unsecured devices; clustering the identified devices with other similar devices, and/or determining default or simplified access processes for a given cluster of the identified devices.
Determination of a security rating of a network element
Granted: September 26, 2023
Patent Number:
11770403
Systems and methods for a security rating framework that translates compliance requirements to corresponding desired technical configurations to facilitate generation of security ratings for network elements is provided. According to one embodiment, a host network element executes a collection of security checks on at least a first network element. The execution is performed by receiving configuration data of the first network element pertaining to each security check of the collection…
Leveraging operation, administration and maintenance protocols (OAM) to add ethernet level intelligence to software-defined wide area network (SD-WAN) functionality
Granted: September 19, 2023
Patent Number:
11765059
System and methods for enabling SD-WAN functionality to respond to Ethernet level OAM-related events are provided. According to an embodiment, a Software-Defined Network Wide Area Network (SD-WAN) module of a network device operating as both an SD-WAN node and a Maintenance Entity Group Endpoint (MEP) receives Operation, Administration and Maintenance (OAM) information via one of multiple OAM-enabled links of the network device. The SD-WAN module determines based on the OAM information,…
Dynamic service-based load balancing in a software-defined wide area network (SD-WAN)
Granted: September 19, 2023
Patent Number:
11765089
Systems and methods for dynamic service-based load balancing in an SD-WAN are provided. According to one embodiment, a subnet assigned to a client device by a hub network of the SD-WAN and one or more attributes of a path or a route to a group of clients within the subnet are received by a first process of an SD-WAN controller via a dynamic routing protocol. A tagged subnet is generated by the first process by tagging the subnet with a route tag corresponding to the one or more…
Joint facial feature extraction and facial image quality estimation using a deep neural network (DNN) trained with a custom-labeled training dataset and having a common DNN backbone
Granted: June 27, 2023
Patent Number:
11688200
Systems and methods for joint feature extraction and quality prediction using a shared machine learning model backbone and a customized training dataset are provided. According to an embodiment, a computer system receives a training dataset including example images each labeled with a particular category of a set of categories, and trains a deep neural network (DNN) based on the training dataset to jointly perform for an input image (i) facial feature extraction in accordance with the…
Elimination of old IPV6 addresses from WLAN stations in DHCPV6 stateful mode after transitioning between VLANs
Granted: June 20, 2023
Patent Number:
11683680
A Wi-Fi controller identifies a mismatch between a first prefix of a first IPv6 address for a data packet corresponding to a first VLAN on which the data packet was sent from the station to the access point, and a prefix of a second IPv6 address for a second VLAN from which the data packet was transmitted from the access point to the Wi-Fi controller. Responsive to the VLAN mismatch identification, the Wi-Fi controller transmits a DHCP reconfiguration packet to the station using the…
Malware identification using multiple artificial neural networks
Granted: June 20, 2023
Patent Number:
11681803
Systems and methods for malware detection using multiple neural networks are provided. According to one embodiment, for each training sample, a supervised learning process is performed, including: (i) generating multiple code blocks of assembly language instructions by disassembling machine language instructions contained within the training sample; (ii) extracting dynamic features corresponding to each of the code blocks by executing each of the code blocks within a virtual environment;…
Ethernet key
Granted: June 13, 2023
Patent Number:
11677743
A Compact computing device with peer-to-peer communication through an Ethernet interface is provided. According to one embodiment, a compact computing device includes an Ethernet interface, an Ethernet discovery agent, a memory and a micro-controller. The Ethernet interface is capable of connecting to a host though an Ethernet link. One side wall of the compact shielding case accommodates only the Ethernet interface. The Ethernet discovery agent is capable of discovering the host to…
Systems and methods for incorporating automated remediation into information technology incident solutions
Granted: June 13, 2023
Patent Number:
11677615
Various approaches for providing network maintenance and health monitoring. In some cases, some approaches include systems, methods, and/or devices that provide for receiving and cataloging network incidents and invoking automated remediation in relation to network incidents.
Intelligent selection of physical layer transmission types in 802.11AX based Wi-Fi networks
Granted: May 23, 2023
Patent Number:
11658707
A transmission type is determined for a specific station on a Wi-Fi network. A transmission type of OFDMA is selected responsive to the mobility value for the specific station meeting a mobility threshold. A transmission type of MU-MIMO is selected responsive to the similarity value for the specific station meeting a similarity threshold. A transmission type of SU-MIMO is selected responsive to the specific station not meeting the similarity threshold. The network interface transmits…
RU (resource unit)—based medium access control for suppressing airtime of quarantined stations on Wi-Fi communication networks
Granted: March 28, 2023
Patent Number:
11617123
Airtime network policies for quarantined station network policies are stored in a database for application to quarantined stations. Quarantined stations are moved from a first VLAN to a quarantine VLAN with a dedicated BSSID on the Wi-Fi communication network. An RU airtime allocation module of the access point allocates airtime RUs for suppression of some or all transmissions from the quarantined stations. The airtime RU allocation module determines an amount of RUs for access to…
