Avatar

Blake Anderson

Software Engineer

Advanced Security Research Group

Blake is a software engineer in Cisco’s Advanced Security Research Group where he uses machine learning to analyze network data.

He received his PhD from the University of New Mexico. In his dissertation, he developed novel machine learning techniques and applied these techniques to classify, cluster, and find phylogenetic relationships on malware data. He has numerous peer-reviewed publications and several patents.

His current interests include finding ways to intelligently leverage machine learning solutions in real-world security deployments.

Articles

June 26, 2023

1

SECURITY

How EVE Detects Malicious Uses of Trustworthy Cloud Services

Learn how the Encrypted Visibility Engine (EVE) uses ML/AI to identify encrypted malware communication even when it is destined to trustworthy cloud services.

April 29, 2019

SECURITY

TLS Fingerprinting in the Real World

To protect your data, you must understand the traffic on your network. 

June 23, 2017

1

SECURITY

Detecting Encrypted Malware Traffic (Without Decryption)

Identifying threats within encrypted network traffic poses a unique set of challenges, i.e. monitoring traffic for threats and malware, but how to do so while maintaining the privacy of the user.

January 25, 2016

4

SECURITY

Hiding in Plain Sight: Malware’s Use of TLS and Encryption

Introduction TLS (Transport Layer Security) is a cryptographic protocol that provides privacy for applications. TLS is usually implemented on top of common protocols such as HTTP for web browsing or SMTP for email. HTTPS is the usage of TLS over HTTP, which is the most popular way of securing communication between a web server and […]