公开(公告)号：WO2015051061A1

公开(公告)日：2015-04-09

申请号：PCT/US2014/058730

申请日：2014-10-02

Applicant: NEC LABORATORIES AMERICA, INC.

Inventor： NING, Xia ,  JIANG, Guofei ,  CHEN, Haifeng ,  YOSHIHIRA, Kenji

IPC: G06F17/00 ,  G06F17/30

CPC classification number: G01V99/005

Abstract: A method and system are provided for heterogeneous log analysis. The method includes performing hierarchical log clustering on heterogeneous logs to generate a log cluster hierarchy for the heterogeneous logs. The method further includes performing, by a log pattern recognizer device having a processor, log pattern recognition on the log cluster hierarchy to generate log pattern representations. The method also includes performing log field analysis on the log pattern representations to generate log field statistics. The method additionally includes performing log indexing on the log pattern representations to generate log indexes.

Abstract translation: 提供了一种用于异构对数分析的方法和系统。 该方法包括在异构日志上执行分层日志聚类，以生成异类日志的日志群集层次结构。 该方法还包括通过具有处理器的日志模式识别器装置执行日志簇层级上的日志模式识别以产生日志模式表示。 该方法还包括对日志模式表示执行日志字段分析以生成日志字段统计。 该方法还包括对日志模式表示执行日志索引以生成日志索引。

公开(公告)号：WO2014055400A1

公开(公告)日：2014-04-10

申请号：PCT/US2013/062587

申请日：2013-09-30

Applicant: NEC LABORATORIES AMERICA, INC.

Inventor： LUMEZANU, Cristian ,  YU, Curtis ,  SINGH, Vishal Kumar ,  ZHANG, Yueping ,  JIANG, Guofei

IPC: H04L12/813 ,  H04L12/24

CPC classification number: H04L41/12 ,  H04L43/0876 ,  H04L43/10 ,  Y02D30/30

Abstract: A method implemented in a network apparatus used in a network is disclosed. The method includes sensing network topology and network utilization, receiving a request from an application, deciding path setup requirement using network state information obtained from the network topology and the network utilization, and translating the path setup requirement into a rule to be installed. Other methods, apparatuses, and systems also are disclosed.

Abstract translation: 公开了一种在网络中使用的网络装置中实现的方法。 该方法包括感知网络拓扑和网络利用率，从应用接收请求，使用从网络拓扑获得的网络状态信息和网络利用率确定路径设置要求，以及将路径设置要求转换为要安装的规则。 还公开了其它方法，装置和系统。

公开(公告)号：WO2014035807A1

公开(公告)日：2014-03-06

申请号：PCT/US2013/056332

申请日：2013-08-23

Applicant: NEC LABORATORIES AMERICA, INC.

Inventor： LUMEZANU, Cristian ,  DAS, Anupam ,  ZHANG, Yueping ,  SINGH, Vishal, Kumar ,  YU, Curtis ,  JIANG, Guofei

IPC: G06F17/00 ,  G06F15/16

CPC classification number: H04L47/12 ,  H04L45/02 ,  H04L45/64 ,  Y02D30/30

Abstract: A method implemented in a network apparatus used in a network is disclosed. The method comprises collecting information about network topology from a network controller, collecting information about data movement, deciding routing in the network according to the information about network topology and the information about data movement, and providing information about the routing to the network controller, wherein the network controller enforces the routing in the network. Other methods, apparatuses, and systems also are disclosed.

Abstract translation: 公开了一种在网络中使用的网络装置中实现的方法。 该方法包括从网络控制器收集关于网络拓扑的信息，收集关于数据移动的信息，根据关于网络拓扑的信息和关于数据移动的信息来确定网络中的路由，以及向网络控制器提供关于路由的信息，其中 网络控制器在网络中实施路由。 还公开了其它方法，装置和系统。

公开(公告)号：WO2011084296A2

公开(公告)日：2011-07-14

申请号：PCT/US2010/059058

申请日：2010-12-06

Applicant: NEC LABORATORIES AMERICA, INC.

Inventor： CHEN, Haifeng ,  JIANG, Guofei ,  YOSHIHIRA, Kenji ,  SAXENA, Akhilesh

IPC: G06F17/00 ,  G06F17/10 ,  G06F15/16

CPC classification number: G06F9/5066 ,  Y02D10/22 ,  Y02D10/36

Abstract: A method and apparatus for consolidating a plurality of applications into one or more servers. The method and apparatus organizes consolidation constraints representing preferences about placing applications into the one or more servers, and allocates the applications into the one or more servers in a manner that maximally satisfies the consolidation constraints.

Abstract translation: 一种用于将多个应用程序合并到一个或多个服务器中的方法和装置。 方法和装置组织表示将应用放置到一个或多个服务器中的偏好的合并约束，并且以最大程度地满足合并约束的方式将应用分配给一个或多个服务器。

公开(公告)号：WO2011034649A1

公开(公告)日：2011-03-24

申请号：PCT/US2010/039932

申请日：2010-06-25

Applicant: NEC LABORATORIES AMERICA, INC.

Inventor： JIANG, Guofei ,  SHAN, Hanuai ,  YOSHIHIRA, Kenji

IPC: G06F17/00 ,  G06F17/30 ,  G06F15/16 ,  G06F17/16

CPC classification number: G06F9/5061 ,  G06F9/5027 ,  G06F11/3442 ,  G06F11/3452 ,  H04L41/0896 ,  H04L41/142 ,  H04L67/1008

Abstract: A method and system determines capacity needs of components in a distributed computer system. In the method and system, a pair-wise invariant network is determined from collected flow intensity measurements. The network includes at least two separate and unconnected pair-wise invariant subnetworks, each of the subnetworks including two of the flow intensity measurements connected by a pairwise invariant, each of the pair-wise invariants characterizing a constant relationship between their two connected flow intensity measurements. At least one overlay invariant is determined from the pair-wise invariant network and from the collected flow intensity measurements using a minimal redundancy least regression process. The capacity needs of the components are determined using the pair-wise and overlay invariants.

Abstract translation: 方法和系统确定分布式计算机系统中组件的容量需求。 在方法和系统中，从收集的流量强度测量中确定成对不变网络。 网络包括至少两个分离的和未连接的成对不变子网络，每个子网络包括通过成对不变量连接的两个流量强度测量值，每个成对不变量表示它们两个连接的流量强度测量值之间的恒定关系 。 从成对不变网络和使用最小冗余最小回归过程的收集的流量强度测量中确定至少一个覆盖不变量。 使用成对和重叠不变量确定组件的容量需求。

公开(公告)号：WO2008039964A1

公开(公告)日：2008-04-03

申请号：PCT/US2007/079820

申请日：2007-09-28

Applicant: NEC LABORATORIES AMERICA, INC.

Inventor： CHANG, Richard ,  SANKARANARAYANAN, Sriram ,  JIANG, Guofei ,  IVANCIC, Franjo

IPC: G06F11/36

CPC classification number: G06F11/3688

Abstract: A system and method for analyzing (104) a computer program includes performing a static analysis on a program to determine property correctness. Test cases are generated (108) and conducted to provide test output data. Hypotheses (113) about aspects of execution of the program are produced to classify paths for test cases to determine whether the test cases have been encountered or otherwise. In accordance with the hypothesis, new test cases are generated (120) to cause the program to exercise behavior which is outside of the encountered test cases.

Abstract translation: 用于分析（104）计算机程序的系统和方法包括对程序执行静态分析以确定属性正确性。 生成测试用例（108），并提供测试输出数据。 产生关于程序执行方面的假设（113），以便对测试用例的路径进行分类，以确定是否遇到了测试用例。 根据该假设，生成新的测试用例（120），使程序运行在遇到的测试用例之外的行为。

公开(公告)号：EP3033860A1

公开(公告)日：2016-06-22

申请号：EP14836042.3

申请日：2014-08-12

Applicant: NEC Laboratories America, Inc.

Inventor： LUMEZANU, Cristian ,  ZANFIS, Kyriakos ,  JIANG, Guofei

IPC: H04L12/26 ,  H04L12/24

CPC classification number: H04L43/04 ,  H04L41/046 ,  H04L41/147 ,  H04L43/026

Abstract: Systems and methods for network management, including adaptively installing one or more monitoring rules in one or more network devices on a network using an intelligent network middleware, detecting application traffic on the network transparently using an application demand monitor, and predicting future network demands of the network by analyzing historical and current demands. The one or more monitoring rules are updated once counters are collected; and network paths are determined and optimized to meet network demands and maximize utilization and application performance with minimal congestion on the network.

Abstract translation: 网络管理的系统和方法，包括使用智能网络中间件在网络上的一个或多个网络设备中自适应地安装一个或多个监控规则，使用应用需求监控器透明地检测网络上的应用流量，以及预测未来的网络需求 分析历史和当前需求的网络。 收集计数器后，更新一个或多个监视规则; 并确定和优化网络路径以满足网络需求，并最大限度地利用和应用性能，同时网络拥塞最小。

公开(公告)号：EP3031174A1

公开(公告)日：2016-06-15

申请号：EP14834489.8

申请日：2014-08-07

Applicant: NEC Laboratories America, Inc.

Inventor： ARORA, Nipun ,  ZHANG, Hui ,  LUMEZANU, Cristian ,  RHEE, Junghwan ,  JIANG, Guofei ,  LU, Hui

IPC: H04L12/24 ,  H04L12/64

CPC classification number: H04L41/082 ,  H04L12/4675 ,  H04L41/0226 ,  H04L41/0803 ,  H04L41/12 ,  H04L41/20

Abstract: Method and systems for controlling a hybrid network having software-defined network (SDN) switches and legacy switches include initializing a hybrid network topology by retrieving information on a physical and virtual infrastructure of the hybrid network; generating a path between two nodes on the hybrid network based on the physical and virtual infrastructure of the hybrid network; generating a virtual local area network by issuing remote procedure call instructions to legacy switches in accordance with a network configuration request; and generating an SDN network slice by issuing SDN commands to SDN switches in accordance with the network configuration request.

Abstract translation: 用于控制具有软件定义网络（SDN）交换机和传统交换机的混合网络的方法和系统包括：通过检索混合网络的物理和虚拟基础设施上的信息来初始化混合网络拓扑; 基于混合网络的物理和虚拟基础设施，在混合网络上的两个节点之间生成路径; 通过根据网络配置请求向传统交换机发出远程过程呼叫指令来产生虚拟局域网; 以及根据网络配置请求向SDN交换机发出SDN命令来生成SDN网络切片。

公开(公告)号：EP2208146A1

公开(公告)日：2010-07-21

申请号：EP08743687.9

申请日：2008-03-05

Applicant: NEC Laboratories America, Inc.

Inventor： CHEN, Haifeng ,  JIANG, Guofei ,  YOSHIHIRA, Kenji ,  ZHANG, Hui ,  MENG, Xiaoqiao

IPC: G06F17/00 ,  G06F19/00

CPC classification number: G06F9/44505 ,  G06F11/3409 ,  G06F11/3447 ,  G06F11/3452 ,  G06F2201/885

Abstract: A system and method for optimizing system performance includes applying (160) sampling based optimization to identify optimal configurations of a computing system by selecting (162) a number of configuration samples and evaluating (166) system performance based on the samples. Based on feedback of evaluated samples, a location of an optimal configuration is inferred (170). Additional samples are generated (176) towards the location of the inferred optimal configuration to further optimize a system configuration.

Abstract translation: 用于优化系统性能的系统和方法包括通过基于样本选择（162）多个配置样本并且评估（166）系统性能来应用（160）基于采样的优化以识别计算系统的最优配置。 基于评估样本的反馈，推断出最佳配置的位置（170）。 生成（176）朝向推断的最佳配置的位置的附加采样以进一步优化系统配置。

公开(公告)号：EP3175386A1

公开(公告)日：2017-06-07

申请号：EP15827986.9

申请日：2015-07-30

Applicant: NEC Laboratories America, Inc.

Inventor： RHEE, Junghwan ,  FU, Yangchun ,  WU, Zhenyu ,  ZHANG, Hui ,  LI, Zhichun ,  JIANG, Guofei

IPC: G06F21/56 ,  G06F21/50

CPC classification number: G06F21/52 ,  G06F21/554 ,  G06F21/60 ,  G06F2221/033

Abstract: Systems and methods for detection and prevention of Return-Oriented-Programming (ROP) attacks in one or more applications, including an attack detection device and a stack inspection device for performing stack inspection to detect ROP gadgets in a stack. The stack inspection includes stack walking from a stack frame at a top of the stack toward a bottom of the stack to detect one or more failure conditions, determining whether a valid stack frame and return code address is present; and determining a failure condition type if no valid stack frame and return code is present, with Type III failure conditions indicating an ROP attack. The ROP attack is contained using a containment device, and the ROP gadgets detected in the stack during the ROP attack are analyzed using an attack analysis device.

Abstract translation: 用于在一个或多个应用中检测和防止返回导向编程（ROP）攻击的系统和方法，包括用于执行堆栈检查以检测堆栈中的ROP小配件的攻击检测设备和堆栈检查设备。 堆栈检查包括堆栈从堆栈顶部的堆栈帧向堆栈底部行进以检测一个或多个故障条件，确定是否存在有效的堆栈帧和返回码地址; 如果不存在有效的堆栈帧和返回码，则确定故障条件类型，III类故障条件指示ROP攻击。 使用遏制设备来包含ROP攻击，并且使用攻击分析设备分析在ROP攻击期间在堆栈中检测到的ROP小配件。