Systems, methods, and computer-readable media for managing compromised sensors in multi-tiered virtualized environments. In some embodiments, a system can receive, from a first capturing agent deployed in a virtualization layer of a first device, data reports generated based on traffic captured by the first capturing agent. The system can also receive, from a second capturing agent deployed in a hardware layer of a second device, data reports generated based on traffic captured by the second capturing agent. Based on the data reports, the system can determine characteristics of the traffic captured by the first capturing agent and the second capturing agent. The system can then compare the characteristics to determine a multi-layer difference in traffic characteristics. Based on the multi-layer difference in traffic characteristics, the system can determine that the first capturing agent or the second capturing agent is in a faulty state.

Systems, methods, and computer-readable media for hierarchichal sharding of flows from sensors to collectors. A first collector can receive a first portion of a network flow from a first capturing agent and determine that a second portion of the network flow was not received from the first capturing agent. The first collector can then send the first portion of the network flow to a second collector. A third collector can receive the second portion of the network flow from a second capturing agent and determine that the third collector did not receive the first portion of the network flow. The third collector can then send the second portion of the network flow to the second collector. The second collector can then aggregate the first portion and second portion of the network flow to yield the entire portion of the network flow.

A media client is configured to stream live media received from a communication network. The media client includes a playback buffer configured to temporarily store the live media. The media client is configured to adapt a size of the playback buffer when the media client streams the live media.

A method includes capturing first data associated with a first packet flow originating from a first host using a first capture agent deployed at the first host to yield first flow data, capturing second data associated with a second packet flow originating from the first host from a second capture agent deployed on a second host to yield second flow data and comparing the first flow data and the second flow data to yield a difference. When the difference is above a threshold value, the method includes determining that the second packet flow was transmitted by a component that bypassed an operating stack of the first host or a packet capture agent at the device to yield a determination, detecting that hidden network traffic exists, and predicting a malware issue with the first host based on the determination.

A method for enabling a round-trip packet loss measurement in a packet-switched communication network wherein a first node and a second node exchange packets comprising a packet loss field settable to an idle value or one or more measurement values. The first node performs a generation step whereby first packets having their set to a measurement value are transmitted to the second node. For each received first packet, the second node transmits back a second packet having its set to a measurement value. The first node then performs a reflection step whereby, for each received second packet, it transmits to the second node a respective third packet having its set to a measurement value. The time lapsing between start of the generation step and start of the reflection step has a predefined and substantially constant duration.

This disclosure generally relates to a method and system for generating a communication graph of a network using an application dependency mapping (ADM) pipeline. In one aspect of the disclosure, the method comprises receiving network data (e.g., flow data and process information at each node) from a plurality of sensors associated with a plurality of nodes of the network, determining a plurality of vectors and an initial graph of the plurality of nodes based upon the network data, determining similarities between the plurality of vectors, clustering the plurality of vectors into a plurality of clustered vectors based upon the similarities between the plurality of vectors, and generating a communication graph of the network system based upon the plurality of clustered vectors.

Disclosed herein are systems and methods for detection of a path break in a communication network by one network appliance of a plurality of network appliance. A communication path that is transitioning from active to idle state can be quickly determined by evaluating network data traffic within a predetermined time interval after the end of a data transmission. By strategically utilizing health probes at only a set predetermined time interval after a data transmission, a path break condition can be quickly determined without significant use of network bandwidth. Further, the path break condition can be determined unilaterally by one network appliance.

Optimal determination of wireless network pathway configurations may be provided. A computing device may establish Multi-Access Point (AP) coordination between at least a first AP and a second AP. The first AP can determine an uplink operation is scheduled. When an uplink is scheduled, the first AP can switch its antenna to a narrow beamwidth. The first AP can then receive uplink transmissions from at least a client in the coverage area of the narrow beamwidth. After the uplink transmission, the first AP can then switch the antenna to a larger beamwidth for a next Multi-AP coordination operation.

Embodiments described herein provide an optimal communication channel recommendation engine by assessing whether the environment the customer is situated in is conducive to the channel selected by the customer. Specifically, the optimal channel recommendation engine obtains data artifacts indicative of ambient noise, motion, customer sentiment, network quality, customer focus, and/or the like to assess quality of the environment and recommend an optimal channel for the communication between the customer and the call agent. With the recommendation to switch to a different channel, the client component resumes communication with the new channel and retains the context of the interaction.

A network communication system may include intelligent electronic devices (IEDs) in a ring communication network. A software-defined networking device may be programmed by a removable or disconnectable software-defined network (SDN) controller to control the flow path of data packets to the IEDs in the ring network. The software-defined networking device may inspect a data packet intended for a first IED to determine that the inspected data packet requests a responsive data packet from the first IED. A flow path failure may be identified based on a failure to detect a responsive data packet from the first IED within an expected response time.