Cisco Systems, Inc.
Analyzing encrypted traffic behavior using contextual traffic data

Last updated:

Abstract:

In one embodiment, a device in a network detects an encrypted traffic flow associated with a client in the network. The device captures contextual traffic data regarding the encrypted traffic flow from one or more unencrypted packets associated with the client. The device performs a classification of the encrypted traffic flow by using the contextual traffic data as input to a machine learning-based classifier. The device generates an alert based on the classification of the encrypted traffic flow.

Status:
Grant
Type:

Utility

Filling date:

23 Sep 2020

Issue date:

20 Sep 2022