- Patent Title: Analyzing encrypted traffic behavior using contextual traffic data
-
Application No.: US17029156Application Date: 2020-09-23
-
Publication No.: US11451578B2Publication Date: 2022-09-20
- Inventor: Jan Kohout , Blake Harrell Anderson , Martin Grill , David McGrew , Martin Kopp , Tomas Pevny
- Applicant: Cisco Technology, Inc.
- Applicant Address: US CA San Jose
- Assignee: Cisco Technology, Inc.
- Current Assignee: Cisco Technology, Inc.
- Current Assignee Address: US CA San Jose
- Agency: Behmke Innovation Group LLC
- Agent James M. Behmke; Jonathon P. Western
- Main IPC: H04L9/40
- IPC: H04L9/40 ; G06N20/00 ; H04L41/0686 ; H04L47/2441 ; G06N20/20
Abstract:
In one embodiment, a device in a network detects an encrypted traffic flow associated with a client in the network. The device captures contextual traffic data regarding the encrypted traffic flow from one or more unencrypted packets associated with the client. The device performs a classification of the encrypted traffic flow by using the contextual traffic data as input to a machine learning-based classifier. The device generates an alert based on the classification of the encrypted traffic flow.
Public/Granted literature
- US20210006589A1 ANALYZING ENCRYPTED TRAFFIC BEHAVIOR USING CONTEXTUAL TRAFFIC DATA Public/Granted day:2021-01-07
Information query
