发明授权
- 专利标题: Identification and classification of web traffic inside encrypted network tunnels
- 专利标题(中): 加密网络隧道内网络流量的识别和分类
-
申请号: US14025098申请日: 2013-09-12
-
公开(公告)号: US09100309B2公开(公告)日: 2015-08-04
- 发明人: Mihai Christodorescu , Xin Hu , Douglas L. Schales , Reiner Sailer , Marc Ph. Stoecklin , Ting Wang , Andrew M. White
- 申请人: INTERNATIONAL BUSINESS MACHINES CORPORATION
- 申请人地址: US NY Armonk
- 专利权人: International Business Machines Corporation
- 当前专利权人: International Business Machines Corporation
- 当前专利权人地址: US NY Armonk
- 代理机构: Tuntunjian & Bitetto, P.C.
- 代理商 Anne V. Dougherty
- 主分类号: H04L29/06
- IPC分类号: H04L29/06 ; H04L12/26 ; G06N5/02 ; G06N5/00 ; G06N99/00
摘要:
The present principles are directed to identifying and classifying web traffic inside encrypted network tunnels. A method includes analyzing network traffic of unencrypted data packets to detect packet traffic, timing, and size patterns. The detected packet, timing, and size traffic patterns are correlated to at least a packet destination and a packet source of the unencrypted data packets to create at least one of a training corpus and a model built from the training corpus. The at least one of the corpus and model is stored in a memory device. Packet traffic, timing, and size patterns of encrypted data packets are observed. The observed packet traffic, timing, and size patterns of the encrypted data packets are compared to at least one of the training corpus and the model to classify the encrypted data packets with respect to at least one of a predicted network host and predicted path information.
公开/授权文献
信息查询
