Patent · US Active

Inline detection of encrypted malicious network sessions

US11997130B2 · kind B2 · utility

0Cited by

0References

20Claims

0Family size

Assignee

Palo Alto Networks, Inc. · US

Inventors

Lei Xu · Beijing, CN
Stefan Achleitner · San Jose, US
Yu Fu · Campbell, US
Shengming Xu · San Jose, US

Key dates

Filing date	Sep 7, 2021
Grant date	May 28, 2024
Priority date	—
Expiry date	Apr 2, 2042

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/0428
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

An inline malicious traffic detector captures handshake messages in a session with a security protocol. The inline malicious traffic detector comprises a classifier that generates a verdict for the session indicating malicious or benign. The classifier is trained on labelled sessions using custom features generated from handshake messages. Based on determining that the session is malicious using features of the handshake messages, the inline malicious traffic detector blocks the session.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.