System and method for passively identifying encrypted and interactive network sessions
作者: Renaud Deraison , Matthew T. Hayton , Ron Gula
DOI:
关键词: Encryption 、 Vulnerability scanner 、 Computer network 、 Session (computer science) 、 Network packet 、 Computer science
摘要: The system and method for passively identifying encrypted interactive network sessions described herein may distribute a passive vulnerability scanner in network, wherein the observe traffic travelling across reconstruct session from observed traffic. then analyze reconstructed to determine whether was or (e.g., based on randomization, packet timing characteristics, other qualities measured session). Thus, monitor real-time detect any devices that run services otherwise participate sessions, detecting be used manage changes potential vulnerabilities network.
google.de 参考文章(110)
Scott J. Pappas, David L. Weiss, Method and apparatus for detecting correctly decrypted communications ,(1995)
Joseph Hellerstein, Sheng Ma, Systems and methods for discovering partially periodic event patterns ,(2000)
Kevin Overcash, Yoram Zahavi, Doron Kolton, Netta Gavrieli, Rami Mizrahi, Asaf Wexler, Galit Efron (Nitzan), Kate Delikat, System and method of securing networks against applications threats ,(2006)
Marcello Vitaletti, Jonathan Wagner, Fabio Benedetti, Scot MacLellan, Performing inventory scan to determine presence of prerequisite resources ,(2007)
Gary S. Miliefsky, Multiple security layers for time-based network admission control ,(2009)
Binh Truong, Matthew D. Hanes, Secure media system ,(2009)
Shawn Carnahan, An internet protocol for the delivery of complex digital media content ,(2005)
Jason Garman, Chad McMillan, System and method for determining data entropy to identify malware ,(2007)
Steven R. Snapp, Stephen B. Campos, Nathan M. Cohen, Steven D. Shanklin, Stephen A. Burke, Craig H. Rowland, Method and system for analyzing and addressing alarms from network intrusion detection systems ,(2003)