GB2579260B - Detecting targeted data exfiltration in encrypted traffic - Google Patents
Detecting targeted data exfiltration in encrypted traffic Download PDFInfo
- Publication number
- GB2579260B GB2579260B GB1908422.7A GB201908422A GB2579260B GB 2579260 B GB2579260 B GB 2579260B GB 201908422 A GB201908422 A GB 201908422A GB 2579260 B GB2579260 B GB 2579260B
- Authority
- GB
- United Kingdom
- Prior art keywords
- targeted data
- encrypted traffic
- data exfiltration
- detecting targeted
- detecting
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/566—Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0894—Policy-based network configuration management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0895—Configuration of virtualised networks or elements, e.g. virtualised network function or OpenFlow elements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/16—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks using machine learning or artificial intelligence
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/30—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/14—Network analysis or design
- H04L41/142—Network analysis or design using statistical or mathematical methods
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/166—Implementing security features at a particular protocol layer at the transport layer
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US16/017,482 US10868834B2 (en) | 2018-05-11 | 2018-06-25 | Detecting targeted data exfiltration in encrypted traffic |
Publications (3)
Publication Number | Publication Date |
---|---|
GB201908422D0 GB201908422D0 (en) | 2019-07-24 |
GB2579260A GB2579260A (en) | 2020-06-17 |
GB2579260B true GB2579260B (en) | 2022-08-10 |
Family
ID=67386135
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
GB1908422.7A Active GB2579260B (en) | 2018-06-25 | 2019-06-12 | Detecting targeted data exfiltration in encrypted traffic |
Country Status (1)
Country | Link |
---|---|
GB (1) | GB2579260B (en) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114124921A (en) * | 2021-12-15 | 2022-03-01 | 食品安全与营养(贵州)信息科技有限公司 | Acquisition method based on data acquisition system of Internet of things and working system |
CN114465823B (en) * | 2022-04-08 | 2022-08-19 | 杭州海康威视数字技术股份有限公司 | Industrial Internet terminal encrypted flow data security detection method, device and equipment |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2713570A1 (en) * | 2012-09-28 | 2014-04-02 | British Telecommunications public limited company | Operation of a data network |
US20170353501A1 (en) * | 2016-06-01 | 2017-12-07 | At&T Mobility Ii Llc | Network caching of outbound content from endpoint device to prevent unauthorized extraction |
EP3306890A1 (en) * | 2016-10-06 | 2018-04-11 | Cisco Technology, Inc. | Analyzing encrypted traffic behavior using contextual traffic data |
US20180139141A1 (en) * | 2016-11-17 | 2018-05-17 | Cisco Technology, Inc. | On-box behavior-based traffic classification |
-
2019
- 2019-06-12 GB GB1908422.7A patent/GB2579260B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2713570A1 (en) * | 2012-09-28 | 2014-04-02 | British Telecommunications public limited company | Operation of a data network |
US20170353501A1 (en) * | 2016-06-01 | 2017-12-07 | At&T Mobility Ii Llc | Network caching of outbound content from endpoint device to prevent unauthorized extraction |
EP3306890A1 (en) * | 2016-10-06 | 2018-04-11 | Cisco Technology, Inc. | Analyzing encrypted traffic behavior using contextual traffic data |
US20180139141A1 (en) * | 2016-11-17 | 2018-05-17 | Cisco Technology, Inc. | On-box behavior-based traffic classification |
Non-Patent Citations (2)
Title |
---|
INTERNATIONAL JOURNAL OF NETWORK MANAGEMENT, 2014, PETR VELAN ET AL, "A survey of methods for encrypted traffic classification and analysis" pages 1-24 * |
PROCEEDINGS OF THE 13TH INTERNATIONAL CONFERENCE ON FUTURE INTERNET TECHNOLOGIES, 2018, YING HU GUANG CHENG, "Encrypted traffic identification based on N-gram entropy and cumulative sum test", pages 1-6 * |
Also Published As
Publication number | Publication date |
---|---|
GB201908422D0 (en) | 2019-07-24 |
GB2579260A (en) | 2020-06-17 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
HK1244921A1 (en) | Encryption and decryption system and method | |
SG11201912230SA (en) | Methods and Systems For Blockchain-Implemented Event-Lock Encryption | |
SG11202100850RA (en) | Blockchain-based service data encryption methods and apparatuses | |
EP3349200A4 (en) | Method and device for processing traffic road information | |
EP3367084A4 (en) | Road surface state determination device, imaging device, imaging system, and road surface state determination method | |
EP3226463A4 (en) | Data encryption and decryption method and encryption and decryption device | |
SG11201704361XA (en) | Block cryptographic method for encrypting/decrypting messages and cryptographic devices for implementing this method | |
EP3300294A4 (en) | Data encryption apparatus and method, and data decryption apparatus and method | |
SG11201606916SA (en) | Road surface degradation detection method, information processing device, and program | |
EP2879327A4 (en) | Encryption and decryption processing method, apparatus and device | |
GB2520778B8 (en) | Block encryption/decryption apparatus and method | |
EP3531614A4 (en) | Encryption and decryption method and device | |
EP3337088A4 (en) | Data encryption method, decryption method, apparatus, and system | |
EP3208967A4 (en) | Entity authentication method and device based on pre-shared key | |
EP3467808A4 (en) | Encryption device, encryption method, decryption device, and decryption method | |
EP3667647A4 (en) | Encryption device, encryption method, decryption device, and decryption method | |
EP3550266A4 (en) | Road determination method and device | |
SG2013093059A (en) | Method and system for encryption and/or decryption | |
GB201811807D0 (en) | Encryption system | |
EP3761544C0 (en) | Information sending method, information receiving method, and device | |
EP3777066C0 (en) | Pdu session for encrypted traffic detection | |
GB2579260B (en) | Detecting targeted data exfiltration in encrypted traffic | |
GB2553913B (en) | Media key block based broadcast encryption | |
GB2569228B (en) | Contact lenses having an ion-impermeable portion and related methods | |
EP3651142A4 (en) | Encryption device, encryption method, decryption device, and decryption method |