Upgrade & Secure Your Future with DevOps, SRE, DevSecOps, MLOps!

We spend hours on Instagram and YouTube and waste money on coffee and fast food, but won’t spend 30 minutes a day learning skills to boost our careers.
Master in DevOps, SRE, DevSecOps & MLOps!

Learn from Guru Rajesh Kumar and double your salary in just one year.

Get Started Now!

Home Data Science How Cisco Uses Machine Learning for Encrypted Traffic Analytics

How Cisco Uses Machine Learning for Encrypted Traffic Analytics

Data Science · January 11, 2018 · 3 Comments

Source – eweek.com

Encrypted traffic doesn’t always mean secure traffic, but how can an organization understand what’s going on with encrypted traffic without decrypting the data? That’s the goal of Cisco’s Encrypted Traffic Analytics offering, which became generally available on Jan. 10.

Cisco announced ETA as a preview technology in June 2017 as part of the company’s wider intent-based networking initiative. ETA was initially only available for early field trials on a limited set of Cisco campus switches. Cisco is now making it generally available for all of its customers across multiple switch and routing platforms, including the Catalyst 9300 and 9400, ISR 4000 and 5000, and ASR 1000, as well as the Cloud Services Router 1000V.

“We’re now making a new type of threat telemetry available to a big community of users,” TK Keanini, principal engineer and product line CTO for analytics at Cisco, told eWEEK.

Keanini explained that among the capabilities that ETA provides is the ability to detect malware hidden in encrypted traffic without the need to first decrypt the data traffic. In addition to being able to detect risks, ETA can also help to enable cryptographic compliance, he added.

“Customers will be able to understand how much of their digital business is in the clear and how much is encrypted,” Keanini said.

Using encryption alone, however, is not enough for cryptographic compliance. There are multiple well-documented security issues with older encryption protocols, such as Secure Sockets Layer (SSL) version 3. To that end, Cisco ETA also provides information on what version of encryption protocols is being used, as well as cryptographic ciphers.

How It Works

Encrypted data, using SSL/TLS is just that—it’s encrypted, meaning that it can’t be read without being decrypted. Cisco ETA works to understand the risk of an encrypted data stream without violating the encrypted trust boundary by using an innovative machine learning-based approach to finds threats.

Cisco ETA starts by inspecting the initial data packet (IDP) in an encrypted data stream, which is actually unencrypted, Keanini said. “We get the first data packet of every session and we get it in its entirety,” he said. “The first packet includes all of the negotiation parameters for the actual application session, and it’s all sent in the clear.”

IDP provides a “gold mine” of metadata, according to Keanini. On top of the information that comes from the IDP, Cisco uses a technique called Sequence of Packet Lengths and Times (SPLT) to gain further visibility.

“All of this data when fed into machine learning can be used to classify connections with really high fidelity,” he said.

The machine learning classification is linked with Cisco’s Global Risk Map, which can provide further correlation into potential threats and what might be going on with a given encrypted connection. Looking forward, Keanini said Cisco will continue to develop the ETA technology to provide more machine learning insights from encrypted traffic.

“There is a lot that we’ll be exploring in the future,” he said.

aiuniverse

Related Posts

Data Science

What is Data Pipelining Tools and that are the Different Types of Data Pipelining Tools?

· May 27, 2023 · 0 Comment

Introduction to Data Pipelining Tools Data pipelining tools are an essential part of modern data management processes. As companies collect more and more data, they need to Read More

Read More
Data Science

What are Data Engineering Tools?

· May 26, 2023 · 0 Comment

Introduction to Data Engineering Tools Data engineering is a crucial component of the data lifecycle that involves collecting, transforming, storing, and managing large datasets. With the increase Read More

Read More
Data Science

What is a data science platform?

· May 26, 2023 · 0 Comment

Introduction to Data Science Platforms Data Science Platforms have revolutionized the way businesses operate by providing a comprehensive suite of tools for managing and analyzing large volumes Read More

Read More
Machine Learning

What is Machine Learning and what are the Types of Machine Learning Tools Available?

· May 25, 2023 · 0 Comment

What is Machine Learning? Machine Learning is a subfield of Artificial Intelligence that incorporates statistical models and algorithms to help computer systems learn from data and improve Read More

Read More
Machine Learning

What is an Autonomous System and what are Applications of Autonomous Systems?

· May 8, 2023 · 0 Comment

Introduction to Autonomous Systems Autonomous systems, once the stuff of science fiction, have become a reality in our world today. From self-driving cars to drones, robots, and Read More

Read More
Machine Learning

What is Predictive Analytics and what is the Types of Predictive Analytics Tools

· May 8, 2023 · 0 Comment

Introduction to Predictive Analytics Tools As businesses continue to collect vast amounts of data, it becomes increasingly challenging to make informed decisions that drive growth and improve Read More

Read More
Subscribe
Notify of
guest
3 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
3
0
Would love your thoughts, please comment.x
()
x