A wireless communication method and device include: a transmitting device dividing a to-be-transmitted signal into a plurality of packets by using a pre-agreed key; acquiring a preset equivocation threshold; according to the equivocation threshold, determining a power parameter adjustment factor for each of the packets; for each of the packets, performing power adjustment on a signal of the packet according to a power parameter adjustment factor of the packet; and transmitting the to-be-transmitted signal after power adjustment. After receiving the signal, the receiving device groups the signals according to the pre-agreed key, and calculates the power of each packet; determines a test statistic according to the power of each packet, and determines the test statistic whether the quantity is greater than or equal to a preset statistic threshold. If so, it determines that the signal is a tag signal, and if not, that it is a regular signal.

Systems and methods for a machine-learning based approach for classification of encrypted network traffic data are provided. According to various embodiment of the present disclosure, a network security device receives a stream of packets representing a network flow. Metadata relating to the stream of packets is determined. Application layer payload data of one or more packets of the stream of packets is matched against string patterns and regular expression patterns. Statistics relating to the application layer payload data are collected. The network flow is then classified as being associated with a particular network service of various network services by applying a machine-learning model to the metadata, results of the matching, and the collected statistics.

Systems and methods are provided for automatically discovering applications/clusters in a network and mapping dependencies between the applications/clusters. A network monitoring system can capture network flow data using sensors executing on physical and/or virtual servers of the network and sensors executing on networking devices connected to the servers. The system can determine a graph including nodes, representing at least the servers, and edges, between pairs of the nodes of the graph indicating the network flow data includes one or more observed flows between pairs of the servers represented by the pairs of the nodes. The system can determine a dependency map, including representations of clusters of the servers and representations of dependencies between the clusters, based on the graph. The system can display a first representation of a first cluster of the dependency map and information indicating a confidence level of identifying the first cluster.

Systems, methods, and computer-readable media for annotating process and user information for network flows. In some embodiments, a capturing agent, executing on a first device in a network, can monitor a network flow associated with the first device. The first device can be, for example, a virtual machine, a hypervisor, a server, or a network device. Next, the capturing agent can generate a control flow based on the network flow. The control flow may include metadata that describes the network flow. The capturing agent can then determine which process executing on the first device is associated with the network flow and label the control flow with this information. Finally, the capturing agent can transmit the labeled control flow to a second device, such as a collector, in the network.

Systems, methods, and computer-readable media for annotating process and user information for network flows. In some embodiments, a capturing agent, executing on a first device in a network, can monitor a network flow associated with the first device. The first device can be, for example, a virtual machine, a hypervisor, a server, or a network device. Next, the capturing agent can generate a control flow based on the network flow. The control flow may include metadata that describes the network flow. The capturing agent can then determine which process executing on the first device is associated with the network flow and label the control flow with this information. Finally, the capturing agent can transmit the labeled control flow to a second device, such as a collector, in the network.

An example method according to some embodiments includes receiving flow data for a packet traversing a network. The method continues by determining a source endpoint group and a destination endpoint group for the packet. The method continues by determining that a policy was utilized, the policy being applicable to the endpoint group. Finally, the method includes updating utilization data for the policy based on the flow data.

A monitoring device/module monitors a plurality of nodes in a data center network, and determines one or more latency distributions of response times for messages exchanged between pairs of nodes of the plurality of nodes. The network monitoring device determines a network topology, including one or more communication links interconnecting nodes of the plurality of nodes, consistent with the one or more latency distributions. The network monitoring device also determines a representative response time for each communication link based on the one or more latency distributions, and compares a current response time a message exchanged between one pair of nodes to the representative response time for the communication link interconnecting the one pair of nodes. The network monitoring device identifies a network anomaly when the current response time deviates from the representative response time for the communication link interconnecting the one pair of nodes by a threshold amount.

A computer-implemented method according to one embodiment includes identifying a storage environment, establishing a baseline associated with input and output requests within the storage environment, monitoring activity associated with the storage environment, comparing the activity to the baseline, and performing one or more actions, based on the comparing.

A system includes a router including a processor and a memory. The memory stores instructions executable by the processor to receive a wireless request from a first computing device to initiate a connection mode for a wireless network. The instructions are further executable to join a second computing device to the wireless network under the connection mode. wherein the connection mode allows the second device to join the wireless network without input of a password stored prior to the wireless request.

Systems and methods are provided for automatically discovering applications/clusters in a network and mapping dependencies between the applications/clusters. A network monitoring system can capture network flow data using sensors executing on physical and/or virtual servers of the network and sensors executing on networking devices connected to the servers. The system can determine a graph including nodes, representing at least the servers, and edges, between pairs of the nodes of the graph indicating the network flow data includes one or more observed flows between pairs of the servers represented by the pairs of the nodes. The system can determine a dependency map, including representations of clusters of the servers and representations of dependencies between the clusters, based on the graph. The system can display a first representation of a first cluster of the dependency map and information indicating a confidence level of identifying the first cluster.