Patent · US Active

Analyzing encrypted traffic behavior using contextual traffic data

US10805338B2 · kind B2 · utility

28Cited by

11References

18Claims

0Family size

Assignee

Cisco Technology, Inc. · US

Inventors

Jan Kohout · Roudnice nad Labem, CZ
Blake Harrell Anderson · Chapel Hill, US
Martin Grill · Praha, CZ
David McGrew · Poolesville, US
Martin Kopp · Munich, DE
Tomas Pevny · Teplice, CZ

Key dates

Filing date	Oct 6, 2016
Grant date	Oct 13, 2020
Priority date	—
Expiry date	Apr 1, 2037

Classification

Technology area (CPC G)Physics
CPC primaryG06N20/20
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

In one embodiment, a device in a network detects an encrypted traffic flow associated with a client in the network. The device captures contextual traffic data regarding the encrypted traffic flow from one or more unencrypted packets associated with the client. The device performs a classification of the encrypted traffic flow by using the contextual traffic data as input to a machine learning-based classifier. The device generates an alert based on the classification of the encrypted traffic flow.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.