Invention Grant
- Patent Title: Filtering onion routing traffic from malicious domain generation algorithm (DGA)-based traffic classification
-
Application No.: US15372580Application Date: 2016-12-08
-
Publication No.: US10375096B2Publication Date: 2019-08-06
- Inventor: Lukas Machlica , Martin Vejman
- Applicant: Cisco Technology, Inc.
- Applicant Address: US CA San Jose
- Assignee: Cisco Technology, Inc.
- Current Assignee: Cisco Technology, Inc.
- Current Assignee Address: US CA San Jose
- Agency: Behmke Innovation Group LLC
- Agent James Behmke; Stephen D. LeBarron
- Main IPC: H04L29/06
- IPC: H04L29/06 ; H04L12/26

Abstract:
In one embodiment, a device in a network receives domain information from a plurality of traffic flows in the network. The device identifies a particular address from the plurality of traffic flows as part of an onion routing system based on the received domain information. The device distinguishes the particular address during analysis of the traffic flows by a traffic flow analyzer that includes a domain generation algorithm (DGA)-based traffic classifier. The device detects a malicious traffic flow from among the plurality of traffic flows using the traffic flow analyzer. The device causes performance of a mitigation action based on the detected malicious traffic flow.
Public/Granted literature
Information query