Patent · US Active

Extracting encryption metadata and terminating malicious connections using machine learning

US10454961B2 · kind B2 · utility

5Cited by

1References

21Claims

0Family size

Assignee

Cujo LLC · US

Inventors

Yuri Frayman · Miami, US
Robert Beatty · Calabasas, US
Leonid Kuperman · Toronto, CA
Gabor Takacs · Győr, HU

Key dates

Filing date	Oct 31, 2017
Grant date	Oct 22, 2019
Priority date	—
Expiry date	Jun 26, 2038

Classification

Technology area (CPC G)Physics
CPC primaryG06N20/10
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A network traffic hub extracts encryption metadata from messages establishing an encrypted connection between a smart appliance and a remote server and determines whether malicious behavior is present in the messages. For example, the network traffic hub can extract an encryption cipher suite, identified encryption algorithms, or a public certificate. The network traffic hub detects malicious behavior or security threats based on the encryption metadata. These security threats may include a man-in-the-middle attacker or a Padding Oracle On Downgraded Legacy Encryption attack. Upon detecting malicious behavior or security threats, the network traffic hub blocks the encrypted traffic or notifies a user.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.