SYSTEM AND METHOD FOR PROTOCOL FINGERPRINTING AND REPUTATION CORRELATION

A method is provided in one example embodiment that includes generating a fingerprint based on properties extracted from data packets received over a network connection and requesting a reputation value based on the fingerprint. A policy action may be taken on the network connection if the reputatio...

Full description

Saved in:
Bibliographic Details
Main Authors DIEHL, David Frederick, ALPEROVITCH, Dmitri, BU, Zheng, KRASSER, Sven
Format Patent
LanguageEnglish
French
German
Published 13.01.2021
Subjects
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online AccessGet full text

Cover

More Information
Summary:A method is provided in one example embodiment that includes generating a fingerprint based on properties extracted from data packets received over a network connection and requesting a reputation value based on the fingerprint. A policy action may be taken on the network connection if the reputation value received indicates the fingerprint is associated with malicious activity. The method may additionally include displaying information about protocols based on protocol fingerprints, and more particularly, based on fingerprints of unrecognized protocols. In yet other embodiments, the reputation value may also be based on network addresses associated with the network connection.
Bibliography:Application Number: EP20120804840