satyamkapoor

I work at ValueFirst Digital Media Private Ltd. I am a Product Marketer in the Surbo Team. Surbo is Chatbot Generator Platform owned by Value First. ...

I work at ValueFirst Digital Media Private Ltd. I am a Product Marketer in the Surbo Team. Surbo is Chatbot Generator Platform owned by Value First.

Success story of Haptik
100 days ago

Who is afraid of automation?
100 days ago

What's happening in AI, Blockchain & IoT
101 days ago

3 million at risk from the rise of robots
101 days ago

5 ways Machine Learning can save your company from a security breach
101 days ago

Google Course for IT beginners, certificate in 8 months: Enrollment starts on Coursera today, check details
28620 views

IIT Madras launches Winter Course on Machine Intelligence and Brain Research
12948 views

7 of the best chatbot building plaftorms out there
11346 views

Could your job be taken over by Artificial Intelligence?
11292 views

You can now train custom machine learning models without coding using Google's AutoML
11247 views

Cisco is using Machine Learning for Encrypted Traffic Analytics

Jan 11, 2018 | 3897 Views

Encrypted traffic does not always mean that it is secure, but is there any way for organizations to understand the encrypted data without decrypting it? That is what Cisco's Encrypted Traffic Analytics (ETA) plans to offer and it became available on Jan 10.
Cisco announced ETA as a preview technology back in June 2017. This was done as part of their wider intent-based networking initiative. ETA was earlier available for early trials at select Cisco campus switches. Cisco is now making it generally available for all of its customers.
"We're now making a new type of threat telemetry available to a big community of users," TK Keanini, principal engineer and product line CTO for analytics at Cisco.
Keanini explained that among the capabilities that ETA provides is the ability to detect malware hidden in encrypted traffic without the need to first decrypt the data traffic. In addition to being able to detect risks, ETA can also help to enable cryptographic compliance, he added.

"Customers will be able to understand how much of their digital business is in the clear and how much is encrypted," Keanini said.

Using encryption alone, however, is not enough for cryptographic compliance. There are multiple well-documented security issues with older encryption protocols, such as Secure Sockets Layer (SSL) version 3. To that end, Cisco ETA also provides information on what version of encryption protocols is being used, as well as cryptographic ciphers.

How It Works

Encrypted data, using SSL/TLS is just that it's encrypted, meaning that it can't be read without being decrypted. Cisco ETA works to understand the risk of an encrypted data stream without violating the encrypted trust boundary by using an innovative machine learning-based approach to finds threats.

Cisco ETA starts by inspecting the initial data packet (IDP) in an encrypted data stream, which is actually unencrypted, Keanini said. "We get the first data packet of every session and we get it in its entirety," he said. "The first packet includes all of the negotiation parameters for the actual application session, and it's all sent in the clear."

IDP is capable of providing a gold mine of metadata, as per Keanini. On top of the information received from IDP, Cisco plan to use a technique called Sequence of Packet Lengths (SPLT) to get further visibility.

"All of this data when fed into machine learning can be used to classify connections with really high fidelity," he said.

This Machine Learning classification is linked with Global Risk Map of Cisco, which can provide further co-relation into potential threats & also point out what might be going on with the given encrypted connection. Keanini & Cisco plan to continue to develop the ETA technology in order to provide more insights from encrypted traffic

Source: HOB
satyamkapoor

I work at ValueFirst Digital Media Private Ltd. I am a Product Marketer in the Surbo Team. Surbo is Chatbot Generator Platform owned by Value First. ...

Full Bio 

I work at ValueFirst Digital Media Private Ltd. I am a Product Marketer in the Surbo Team. Surbo is Chatbot Generator Platform owned by Value First.

Success story of Haptik
100 days ago

Who is afraid of automation?
100 days ago

What's happening in AI, Blockchain & IoT
101 days ago

3 million at risk from the rise of robots
101 days ago

5 ways Machine Learning can save your company from a security breach
101 days ago

Google Course for IT beginners, certificate in 8 months: Enrollment starts on Coursera today, check details
28620 views

IIT Madras launches Winter Course on Machine Intelligence and Brain Research
12948 views

7 of the best chatbot building plaftorms out there
11346 views

Could your job be taken over by Artificial Intelligence?
11292 views

You can now train custom machine learning models without coding using Google's AutoML
11247 views