In this presentation, the authors describe a TLS fingerprinting system and discusses the common pitfalls when using this type of information and analyzes techniques that make effective use of our newly open-sourced TLS fingerprint database.
In this presentation, the authors discuss detecting threats and characterizing network environment to improve Malware Classification.
Topics: Network Situational Awareness
In this presentation, the authors propose augmenting the typical 5-tuple with TLS-aware telemetry elements.
Topics: Network Situational Awareness
In this presentation, the authors describe experiments to collect intraflow data from network taps, endpoints, and malware sandbox runs.