Patent · US Active

Extracting encryption metadata and terminating malicious connections using machine learning

US11176459B2 · kind B2 · utility

2Cited by

9References

9Claims

0Family size

Assignee

Cujo LLC · US

Inventors

Yuri Frayman · Miami, US
Robert Beatty · Calabasas, US
Leonid Kuperman · Toronto, CA
Gabor Takacs · Győr, HU

Key dates

Filing date	Sep 12, 2019
Grant date	Nov 16, 2021
Priority date	—
Expiry date	Sep 25, 2039

Classification

Technology area (CPC G)Physics
CPC primaryG06N20/10
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A network traffic hub extracts encryption metadata from messages establishing an encrypted connection between a smart appliance and a remote server and determines whether malicious behavior is present in the messages. For example, the network traffic hub can extract an encryption cipher suite, identified encryption algorithms, or a public certificate. The network traffic hub detects malicious behavior or security threats based on the encryption metadata. These security threats may include a man-in-the-middle attacker or a Padding Oracle On Downgraded Legacy Encryption attack. Upon detecting malicious behavior or security threats, the network traffic hub blocks the encrypted traffic or notifies a user.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.