Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

David McGrew (Cisco Systems, Inc.)
January 2019 - Presentation The Generation and Use of TLS Fingerprints

In this presentation, the authors describe a TLS fingerprinting system and discusses the common pitfalls when using this type of information and analyzes techniques that make effective use of our newly open-sourced TLS fingerprint database.

May 2017 - Presentation Detecting Threats, Not Sandboxes

In this presentation, the authors discuss detecting threats and characterizing network environment to improve Malware Classification.

January 2016 - Presentation Classifying Encrypted Traffic with TLS-Aware Telemetry

Topics: Network Situational Awareness

In this presentation, the authors propose augmenting the typical 5-tuple with TLS-aware telemetry elements.

January 2016 - Presentation Understanding Network Traffic Through Intraflow Data

Topics: Network Situational Awareness

In this presentation, the authors describe experiments to collect intraflow data from network taps, endpoints, and malware sandbox runs.