	US 11,811,641 B1
	Secure network topology
Shraddha Hegde, Bangalore (IN); Antoni B Przygienda, Sunnyvale, CA (US); Salih K A, Bangalore (IN); and Harsha Lakshmikanth, Bangalore (IN)
Assigned to Juniper Networks, Inc., Sunnyvale, CA (US)
Filed by Juniper Networks, Inc., Sunnyvale, CA (US)
Filed on Mar. 20, 2020, as Appl. No. 16/826,002.
Int. Cl. G06F 15/173 (2006.01); H04L 45/02 (2022.01); H04L 41/12 (2022.01); H04L 45/00 (2022.01); H04L 45/28 (2022.01); H04L 9/40 (2022.01)

CPC H04L 45/02 (2013.01) [H04L 41/12 (2013.01); H04L 45/04 (2013.01); H04L 45/22 (2013.01); H04L 45/28 (2013.01); H04L 45/32 (2013.01); H04L 63/1408 (2013.01)]

20 Claims

1. A method comprising:

determining, by a computing device comprising one or more processors, safe state data indicative of a physical state of a topology of a computer network comprising a plurality of routing nodes;

detecting, by the computing device, an indicator of a potential network attack; and

in response to detecting the indicator of the potential network attack:

comparing, by the computing device, the safe state data indicative of the physical state of the topology of the computer network with current state data indicative of a running state of the topology of the computer network;

identifying, by the computing device and based on the comparison, a routing node of the plurality of routing nodes as a compromised node; and

reporting, by the computing device, an indication of the compromised node.