The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Mar. 20, 2018
Filed:
Jun. 17, 2015
International Business Machines Corporation, Armonk, NY (US);
Mihai Christodorescu, Briarcliff Manor, NY (US);
Xin Hu, White Plains, NY (US);
Douglas L. Schales, Ardsley, NY (US);
Reiner Sailer, Scarsdale, NY (US);
Marc PH. Stoecklin, Bern, CH;
Ting Wang, Elmsford, NY (US);
Andrew M. White, Chapel Hill, NC (US);
International Business Machines Corporation, Armonk, NY (US);
Abstract
The present principles are directed to identifying and classifying web traffic inside encrypted network tunnels. A method includes analyzing network traffic of unencrypted data packets to detect packet traffic, timing, and size patterns. The detected packet, timing, and size traffic patterns are correlated to at least a packet destination and a packet source of the unencrypted data packets to create at least one of a training corpus and a model built from the training corpus. The at least one of the corpus and model is stored in a memory device. Packet traffic, timing, and size patterns of encrypted data packets are observed. The observed packet traffic, timing, and size patterns of the encrypted data packets are compared to at least one of the training corpus and the model to classify the encrypted data packets with respect to at least one of a predicted network host and predicted path information.