- 专利标题: Device discovery and classification from encrypted network traffic
-
申请号: US16243129申请日: 2019-01-09
-
公开(公告)号: US11455569B2公开(公告)日: 2022-09-27
- 发明人: Enriquillo Valdez , Pau-Chen Cheng , Ian Michael Molloy , Dimitrios Pendarakis
- 申请人: International Business Machines Corporation
- 申请人地址: US NY Armonk
- 专利权人: International Business Machines Corporation
- 当前专利权人: International Business Machines Corporation
- 当前专利权人地址: US NY Armonk
- 代理机构: Garg Law Firm, PLLC
- 代理商 Rakesh Garg; Joseph Petrokaitis
- 主分类号: G06N20/00
- IPC分类号: G06N20/00 ; G06N5/02
摘要:
Handshake protocol layer features are extracted from training data associated with encrypted network traffic of a plurality of classified devices. Record protocol layer features are extracted from the training data. One or more models are trained based on the extracted handshake protocol layer features and the extracted record protocol layer features. The one or more models are applied to an observed encrypted network traffic stream associated with a device to determine a predicted device classification of the device.
公开/授权文献
信息查询
