Filtering onion routing traffic from malicious domain generation algorithm (DGA)-based traffic classification
US10375096B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Dec 8, 2016 |
| Grant date | Aug 6, 2019 |
| Priority date | — |
| Expiry date | Apr 25, 2037 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L2463/144
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
In one embodiment, a device in a network receives domain information from a plurality of traffic flows in the network. The device identifies a particular address from the plurality of traffic flows as part of an onion routing system based on the received domain information. The device distinguishes the particular address during analysis of the traffic flows by a traffic flow analyzer that includes a domain generation algorithm (DGA)-based traffic classifier. The device detects a malicious traffic flow from among the plurality of traffic flows using the traffic flow analyzer. The device causes performance of a mitigation action based on the detected malicious traffic flow.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.