Method and system for detecting and mitigating attacks performed using cryptographic protocols
First Claim
1. A method for detecting and mitigating attacks performed using a cryptographic protocol, comprising:
- upon receiving an indication about a potential attack, establishing an encrypted connection with the client using the cryptographic protocol;
receiving an inbound traffic from a client, wherein the inbound traffic is originally directed to a protected entity;
analyzing application layer attributes of only the inbound traffic received on the encrypted connection to detect at least one encrypted attack; and
causing to establish a new encrypted connection between the client and the protected entity, if the at least one encrypted attack at the application layer has not been detected.
0 Assignments
0 Petitions
Accused Products
Abstract
A method and system for detecting and mitigating attacks performed using a cryptographic protocol are provided. The method comprises establishing an encrypted connection with the client using the cryptographic protocol, upon receiving an indication about a potential attack; receiving an inbound traffic from a client, wherein the inbound traffic is originally directed to a protected entity; analyzing application layer attributes of only the inbound traffic received on the encrypted connection to detect at least one encrypted attack; and causing to establish a new encrypted connection between the client and the protected entity, if the at least one encrypted attack at the application layer has not been detected.
13 Citations
27 Claims
-
1. A method for detecting and mitigating attacks performed using a cryptographic protocol, comprising:
-
upon receiving an indication about a potential attack, establishing an encrypted connection with the client using the cryptographic protocol; receiving an inbound traffic from a client, wherein the inbound traffic is originally directed to a protected entity; analyzing application layer attributes of only the inbound traffic received on the encrypted connection to detect at least one encrypted attack; and causing to establish a new encrypted connection between the client and the protected entity, if the at least one encrypted attack at the application layer has not been detected. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A system for detecting and mitigating attacks performed using a cryptographic protocol, comprising:
-
a processing unit; a memory containing instructions that, when executed by the processing unit, configure the system to; upon receiving an indication about a potential attack, establishing an encrypted connection with the client using the cryptographic protocol; receiving an inbound traffic from a client, wherein the inbound traffic is originally directed to a protected entity; analyzing application layer attributes of only the inbound traffic received on the encrypted connection to detect at least one encrypted attack; and causing to establish a new encrypted connection between the client and the protected entity, if the at least one encrypted attack at the application layer has not been detected. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
-
Specification