-
公开(公告)号:US20200067972A1
公开(公告)日:2020-02-27
申请号:US16669831
申请日:2019-10-31
Applicant: Cisco Technology, Inc.
Inventor: David McGrew , Blake Harrell Anderson , Daniel G. Wing , Flemming Andreasen
Abstract: In one embodiment, a device in a network captures domain name system (DNS) response data from a DNS response sent by a DNS service to a client in the network. The device captures session data for an encrypted session of the client. The device makes a determination that the encrypted session is malicious by using the captured DNS response data and the captured session data as input to a machine learning-based or rule-based classifier. The device performs a mediation action in response to the determination that the encrypted session is malicious.
-
公开(公告)号:US20180097835A1
公开(公告)日:2018-04-05
申请号:US15285805
申请日:2016-10-05
Applicant: Cisco Technology, Inc.
Inventor: David McGrew , Blake Harrell Anderson , Daniel G. Wing , Flemming Andreasen
CPC classification number: H04L63/1441 , H04L61/1511 , H04L63/0428 , H04L63/1408 , H04L63/145 , H04L63/166
Abstract: In one embodiment, a device in a network captures domain name system (DNS) response data from a DNS response sent by a DNS service to a client in the network. The device captures session data for an encrypted session of the client. The device makes a determination that the encrypted session is malicious by using the captured DNS response data and the captured session data as input to a machine learning-based or rule-based classifier. The device performs a mediation action in response to the determination that the encrypted session is malicious.
-
Search Results
12
records
(took 0.018 seconds)
