Patent · US Active

Fingerprinting application traffic in a network

US11044168B2 · kind B2 · utility

0Cited by

6References

20Claims

0Family size

Assignee

Cisco Technology, Inc. · US

Inventors

Andrey Kvasyuk · Amherst, US
Hazim Hashim Dahir · Raleigh, US
Robert Bukofser · Mason, US
Saad Hasan · Detroit, US

Key dates

Filing date	Jul 2, 2019
Grant date	Jun 22, 2021
Priority date	—
Expiry date	Aug 18, 2039

Classification

Technology area (CPC H)Electricity
CPC primaryH04L47/2483
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

In one embodiment, a device obtains telemetry data regarding a plurality of traffic flows in a network. The device forms a directed graph based on the telemetry data, wherein nodes of the graph represent devices in the network. The device simulates traffic for one or more of the devices by performing random walks starting at a particular node on the directed graph to generate a set of trails, each trail representing a sequence of one or more flows. The device clusters the set of trails to form one or more clusters. The device generates an application fingerprint for an application based on one of the one or more clusters. The device uses the application fingerprint to identify traffic in the network as associated with the application.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.