公开(公告)号：US20180260705A1

公开(公告)日：2018-09-13

申请号：US15911223

申请日：2018-03-05

Applicant: Verint Systems Ltd.

Inventor： Rami Puzis ,  Asaf Shabtai ,  Gershon Celniker ,  Liron Rosenfeld ,  Ziv Katzir ,  Edita Grolman

IPC: G06N3/08 ,  G06N3/04

CPC classification number: G06N3/08 ,  G06N3/0454 ,  G06Q30/02 ,  H04L67/22 ,  H04W4/21

Abstract: Methods and systems for analyzing encrypted traffic, such as to identify, or “classify,” the user actions that generated the traffic. Such classification is performed, even without decrypting the traffic, based on features of the traffic. Such features may include statistical properties of (i) the times at which the packets in the traffic were received, (ii) the sizes of the packets, and/or (iii) the directionality of the packets. To classify the user actions, a processor receives the encrypted traffic and ascertains the types (or “classes”) of user actions that generated the traffic. Unsupervised or semi-supervised transfer-learning techniques may be used to perform the classification process. Using transfer-learning techniques facilitates adapting to different runtime environments, and to changes in the patterns of traffic generated in these runtime environments, without requiring the large amount of time and resources involved in conventional supervised-learning techniques.