The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Oct. 03, 2023
Filed:
Nov. 25, 2019
Cisco Technology, Inc., San Jose, CA (US);
Yu Jiang, Shanghai, CN;
Saravanan Radhakrishnan, Bangalore, IN;
Jeffrey Cai, Shanghai, CN;
Yuefeng Jiang, Shanghai, CN;
Cisco Technology, Inc., San Jose, CA (US);
Abstract
Systems and methods for causation analysis of network anomalies in a network include detecting an alarm condition at a network device, the alarm condition pertaining to an anomaly or increase in a traffic condition such as packet loss. A dominant key is identified in each of one or more key types which contributed to the alarm condition, the key types including dimensions of traffic flow. Two or more dominant keys of two or more key types are aggregated and clustered to determine a combination of dominant keys which contributed to the alarm condition. A dominant traffic flow comprising the combination of dominant keys which contributed to the alarm condition is identified based on the aggregation and clustering. Malware or security threats can be identified from detecting a dominant source IP address or host which contributed to a predominant number of packet drops or retransmissions at ports of the network.