Apparatus and method for passive detection of middleboxes within computer networks
US11483393B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Aug 6, 2020 |
| Grant date | Oct 25, 2022 |
| Priority date | — |
| Expiry date | Oct 24, 2040 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L43/16
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A non-transitory computer readable storage medium has instructions executed by a processor to receive network session information from network monitoring devices distributed throughout an enterprise network. The network session information characterizes communications between a client device within the enterprise network and a server external to the enterprise network. The network session information is transformed into vectors of network communication session parameters. The vectors are combined into different time series of data. A similarity measure is computed between the different time series of data to detect unique sessions between the client device and a middlebox network device within the enterprise network or unique sessions between a middle box network device within the enterprise network and the server. The unique sessions are evaluated to infer relationships between networked devices within the enterprise network. A visualization of the relationships to characterize enterprise network topology is supplied.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.