-
公开(公告)号:US10749894B2
公开(公告)日:2020-08-18
申请号:US15433294
申请日:2017-02-15
Applicant: Cisco Technology, Inc.
Inventor: Meixing Le , Jin Teng , Soumya Kumar Kalahasti , Jianxin Wang
Abstract: In one embodiment, a device in a network generates a machine learning-based traffic model using data indicative of a particular node in the network attempting to retrieve content from a particular resource in the network. The device predicts, using the traffic model, a time at which the particular node is expected to attempt retrieving future content from the particular resource. The device causes the future content from the particular resource to be prefetched in the network prior to the predicted time. The device makes a security assessment of the prefetched content. The device causes performance of a mitigation action in the network based on the security assessment of the prefetched content and in response to the particular node attempting to retrieve the future content from the particular resource.
-
2.发明申请公开(公告)号:US20170374017A1
公开(公告)日:2017-12-28
申请号:US15193863
申请日:2016-06-27
Applicant: Cisco Technology, Inc.
Inventor: Venkatesh N. Gautam , Meixing Le
CPC classification number: H04L61/1511 , H04L61/6068 , H04L67/02 , H04L67/2804 , H04L67/2842
Abstract: Techniques are presented herein for a proxy device to verify that the server name listed in a connection request message is the name of the server at the IP address listed in the connection request message. The proxy device obtains a domain name server query sent by a client to a domain name server and then obtains a domain name server result that is sent by the domain name server. The proxy device may cache the data of the domain name server result. The proxy device may obtain a connection request message sent by the client seeking a connection with a server, and then compare the connection request message to the cached domain name server result. Finally, the proxy device may apply one or more policies to the connection request message based on the comparison between the connection request message and the domain name server result.
-
3.发明授权公开(公告)号:US10326730B2
公开(公告)日:2019-06-18
申请号:US15193863
申请日:2016-06-27
Applicant: Cisco Technology, Inc.
Inventor: Venkatesh N. Gautam , Meixing Le
Abstract: Techniques are presented herein for a proxy device to verify that the server name listed in a connection request message is the name of the server at the IP address listed in the connection request message. The proxy device obtains a domain name server query sent by a client to a domain name server and then obtains a domain name server result that is sent by the domain name server. The proxy device may cache the data of the domain name server result. The proxy device may obtain a connection request message sent by the client seeking a connection with a server, and then compare the connection request message to the cached domain name server result. Finally, the proxy device may apply one or more policies to the connection request message based on the comparison between the connection request message and the domain name server result.
-
公开(公告)号:US20180234453A1
公开(公告)日:2018-08-16
申请号:US15433294
申请日:2017-02-15
Applicant: Cisco Technology, Inc.
Inventor: Meixing Le , Jin Teng , Soumya Kumar Kalahasti , Jianxin Wang
CPC classification number: H04L63/1441 , G06N20/00 , H04L63/10 , H04L69/22
Abstract: In one embodiment, a device in a network generates a machine learning-based traffic model using data indicative of a particular node in the network attempting to retrieve content from a particular resource in the network. The device predicts, using the traffic model, a time at which the particular node is expected to attempt retrieving future content from the particular resource. The device causes the future content from the particular resource to be prefetched in the network prior to the predicted time. The device makes a security assessment of the prefetched content. The device causes performance of a mitigation action in the network based on the security assessment of the prefetched content and in response to the particular node attempting to retrieve the future content from the particular resource.
-
-
-
Search Results
4
records
(took 0.014 seconds)
