US 12,155,532 B1
Using machine learning for online application detection
Michal Wladyslaw Garcarz, Cracow (PL); Jean-Philippe Vasseur, Combloux (FR); and Guy Keinan, Kfar-Saba (IL)
Assigned to Cisco Technology, Inc., San Jose, CA (US)
Filed by Cisco Technology, Inc., San Jose, CA (US)
Filed on May 24, 2023, as Appl. No. 18/201,555.
Int. Cl. H04L 41/0894 (2022.01); H04L 41/16 (2022.01)
CPC H04L 41/0894 (2022.05) [H04L 41/16 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method comprising:
obtaining, by a device, telemetry data associated with an online application accessible via a network;
training, by the device and based on the telemetry data, a machine learning model to determine whether a given address in the network is associated with the online application, wherein the telemetry data is filtered to exclude addresses that host multiple applications;
using, by the device, the machine learning model to generate a listing of network addresses associated with the online application; and
providing, by the device, the listing of network addresses for use by an application detection service in the network to determine that an initial packet of a traffic flow, without decrypting the initial packet, is associated with the online application based on a match between a destination address of that packet and a network address in the listing of network addresses.