Wireless communications and/or systems (e.g., 100) and/or methods (e.g., 200, 300, 400) may be provided for predicting of potential undetected flows in a DPI system using a machine learning (ML) model. The system may include an input packet module which may be configured for verifying packet parameters from a network traffic flow, and a processor which can be configured for processing the extracted parameters to identify whether the network traffic flow is potentially detectable or undetectable using a trained machine learning (ML) model based on at least the extracted parameters and perform DPI processing for the detectable flows. Thus, the system may provide an optimized DPI flow processing for high rate traffic networks with decreasing processing time.

The present disclosure provides an in-situ flow detection method and an electronic device. In the present disclosure, a BFIR in the G-BIER domain and an intermediate BFR between the BFIR and a BFER may transmit in situ flow detection information used for detecting network quality currently along with a G-BIER service packet, which realizes in-situ flow detection based on G-BIER service packet; at the same time, the BFIR in the G-BIER domain, the intermediate BFR and the BFER in the G-BIER domain may also report detection data used for detecting network quality currently to an analyzer which finally may detect network quality based on the detection data reported by the BFIR and the BFER in the G-BIER domain and the intermediate BFR between the BFIR and the BFER.

The present disclosure provides an in-situ flow detection method and an electronic device. In the present disclosure, a BFIR in the G-BIER domain and an intermediate BFR between the BFIR and a BFER may transmit in situ flow detection information used for detecting network quality currently along with a G-BIER service packet, which realizes in-situ flow detection based on G-BIER service packet; at the same time, the BFIR in the G-BIER domain, the intermediate BFR and the BFER in the G-BIER domain may also report detection data used for detecting network quality currently to an analyzer which finally may detect network quality based on the detection data reported by the BFIR and the BFER in the G-BIER domain and the intermediate BFR between the BFIR and the BFER.

Techniques for tenant-driven dynamic resource allocation in network functions virtualization infrastructure (NFVI). In one example, an orchestration system is operated by a data center provider for a data center and that orchestration system comprises processing circuitry coupled to a memory; logic stored in the memory and configured for execution by the processing circuitry, wherein the logic is operative to: compute an aggregate bandwidth for a plurality of flows associated with a tenant of the data center provider and processed by a virtual network function, assigned to the tenant, executing on a server of the data center; and modify, based on the aggregate bandwidth, an allocation of compute resources of the server executing the virtual network function.

A computer-implemented method for protecting a processing environment from malicious incoming network traffic may be provided. The method comprises: in response to receiving incoming network traffic comprising a data packet, performing a packet and traffic analysis of the data packet to determine whether said data packet is non-malicious and malicious, and processing of the data packet in a sandbox environment. Furthermore, the method comprises: in response to detecting that the data packet is non-malicious based on the packet and traffic analysis, releasing the processed data packet from the sandbox environment for further processing in the processing environment, and in response to detecting that the data packet is malicious based on the packet and traffic analysis discarding the data packet.

Disclosed is a computing apparatus implemented with a network hypervisor implementing software defined network (SDN)-based network virtualization. The computing apparatus include a statistics virtualization module configured to provide individual statistics to each of created virtual networks, a transmission disaggregation module configured to include a physical statistics cache that performs periodic monitoring of a plurality of physical switches and store statistics of the physical switches collected, and a physical statistics aggregation module configured to respond with statistics of the plurality of physical switches when a single monitoring request.

Disclosed is a computing apparatus implemented with a network hypervisor implementing software defined network (SDN)-based network virtualization. The computing apparatus include a statistics virtualization module configured to provide individual statistics to each of created virtual networks, a transmission disaggregation module configured to include a physical statistics cache that performs periodic monitoring of a plurality of physical switches and store statistics of the physical switches collected, and a physical statistics aggregation module configured to respond with statistics of the plurality of physical switches when a single monitoring request.

A method includes parsing a handshake message of an encrypted data stream according to a secure encrypted transmission protocol corresponding to the encrypted data stream, to obtain a plurality of fields included in the handshake message, determining, from a plurality of rule sets and based on the plurality of fields, a rule set that matches the handshake message, and determining, based on a mapping relationship between the matched rule set and an application, an application corresponding to the encrypted data stream.

A method includes parsing a handshake message of an encrypted data stream according to a secure encrypted transmission protocol corresponding to the encrypted data stream, to obtain a plurality of fields included in the handshake message, determining, from a plurality of rule sets and based on the plurality of fields, a rule set that matches the handshake message, and determining, based on a mapping relationship between the matched rule set and an application, an application corresponding to the encrypted data stream.

A network flow measurement method is applicable to a system including a network measurement device and a control plane device. The network flow measurement method includes measuring, by the network measurement device, first data, where the first data includes a first-type data structure, the first-type data structure includes first measurement information of a flow, and the first measurement information corresponds to a bit of a keyword of the flow, and sending, by the network measurement device, the first data to the control plane device.