-
公开(公告)号:US20200280536A1
公开(公告)日:2020-09-03
申请号:US16288628
申请日:2019-02-28
Applicant: Cisco Technology, Inc.
IPC: H04L29/06 , H04L12/851 , H04L12/859 , H04L12/24 , G06N20/00
Abstract: In one embodiment, a traffic analysis service identifies a client in a network having an associated traffic flow that was blocked by a firewall. The traffic analysis service obtains traffic telemetry data regarding one or more subsequent traffic flows associated with the identified client that are subsequent to the blocked flow. The traffic analysis service uses a machine learning-based classifier to determine that the identified client is exhibiting evasive network behavior, based on the obtained traffic telemetry data. The traffic analysis service initiates a mitigation action in the network, based on the determination that the identified client is exhibiting evasive network behavior.
-
公开(公告)号:US11310205B2
公开(公告)日:2022-04-19
申请号:US16288628
申请日:2019-02-28
Applicant: Cisco Technology, Inc.
IPC: H04L29/06 , H04L12/851 , G06N20/00 , H04L12/24 , H04L12/859 , H04L47/2441 , H04L47/2483 , H04L41/16 , H04L47/2475
Abstract: In one embodiment, a traffic analysis service identifies a client in a network having an associated traffic flow that was blocked by a firewall. The traffic analysis service obtains traffic telemetry data regarding one or more subsequent traffic flows associated with the identified client that are subsequent to the blocked flow. The traffic analysis service uses a machine learning-based classifier to determine that the identified client is exhibiting evasive network behavior, based on the obtained traffic telemetry data. The traffic analysis service initiates a mitigation action in the network, based on the determination that the identified client is exhibiting evasive network behavior.
-
Search Results
2
records
(took 0.016 seconds)
