Abstract
A machine learning model for classifying encrypted traffic as benign or malicious without having to decrypt the traffic is provided that used traffic patterns from network logs to classify the traffic based on learned patterns for malware, and is capable of identifying zero-day malware is provided via: extracting encrypted traffic from communication logs for a network; identifying, from the encrypted traffic, while still encrypted, traffic patterns for users of the network; and classifying, via a machine learning model, the encrypted traffic as benign traffic or malicious traffic without decrypting the encrypted traffic according to the traffic patterns identified.
| Original language | English |
|---|---|
| Patent number | US2024154997 |
| IPC | H04L 9/ 40 A I |
| Priority date | 8/11/23 |
| Publication status | Published - 9 May 2024 |