Darktrace Holdings Limited (20250088856). USER AGENT INFERENCE AND ACTIVE ENDPOINT FINGERPRINTING FOR ENCRYPTED CONNECTIONS
USER AGENT INFERENCE AND ACTIVE ENDPOINT FINGERPRINTING FOR ENCRYPTED CONNECTIONS
Organization Name
Inventor(s)
Carl Joseph Salji of Bedford (GB)
USER AGENT INFERENCE AND ACTIVE ENDPOINT FINGERPRINTING FOR ENCRYPTED CONNECTIONS
This abstract first appeared for US patent application 20250088856 titled 'USER AGENT INFERENCE AND ACTIVE ENDPOINT FINGERPRINTING FOR ENCRYPTED CONNECTIONS
Original Abstract Submitted
a cyber security appliance can inoculate a fleet of network devices by analyzing each endpoint of a secure connection. the appliance can receive a hostname for a malicious web server. the appliance can generate an unencrypted target fingerprint based on sending a series of unencrypted connection protocol requests to the malicious web server and an encrypted target fingerprint based on sending a series of encrypted secure connection protocol requests to the malicious web server. the appliance can build a combined web server fingerprint for the malicious web server based on both the encrypted target fingerprint derived and the unencrypted target fingerprint. the appliance can determine a set of suspicious ip addresses based on the combined web server fingerprint for the malicious web server. the appliance can inoculate a fleet of network devices against a cyberattack using the ip addresses to preemptively alert the fleet of cyber-attack.
