David McGrew (Cisco Systems, Inc.)
Cisco Systems, Inc.
Publications by David McGrew (Cisco Systems, Inc.)
-
Bayes at 10+ Gbps: Identifying Malicious and Vulnerable Processes from Passive Traffic Fingerprinting
August 18, 2020 • Presentation
David McGrew (Cisco Systems, Inc.)
This presentation describes an inferencing system and its implementation, results in applying it to real-world traffic, and open issues in this technology area.
read -
The Generation and Use of TLS Fingerprints
January 08, 2019 • Presentation
Blake Anderson (Cisco Systems, Inc.)David McGrew (Cisco Systems, Inc.)Keith Schomburg (Cisco Systems, Inc.)
In this presentation, the authors describe a TLS fingerprinting system and discusses the common pitfalls when using this type of information and analyzes techniques that make effective use of our newly open-sourced TLS fingerprint database.
read -
Detecting Threats, Not Sandboxes
May 18, 2017 • Presentation
Blake Anderson (Cisco Systems, Inc.)David McGrew (Cisco Systems, Inc.)
In this presentation, the authors discuss detecting threats and characterizing network environment to improve Malware Classification.
read -
Classifying Encrypted Traffic with TLS-Aware Telemetry
January 14, 2016 • Presentation
Blake Anderson (Cisco Systems, Inc.)David McGrew (Cisco Systems, Inc.)Alison Kendler (Cisco Systems, Inc.)
In this presentation, the authors propose augmenting the typical 5-tuple with TLS-aware telemetry elements.
read -
Understanding Network Traffic Through Intraflow Data
January 11, 2016 • Presentation
David McGrew (Cisco Systems, Inc.)Blake Anderson (Cisco Systems, Inc.)
In this presentation, the authors describe experiments to collect intraflow data from network taps, endpoints, and malware sandbox runs.
read