Invention Grant
US08032937B2 Method, apparatus, and computer program product for detecting computer worms in a network
有权
用于检测网络中计算机蠕虫的方法,装置和计算机程序产品
- Patent Title: Method, apparatus, and computer program product for detecting computer worms in a network
- Patent Title (中): 用于检测网络中计算机蠕虫的方法,装置和计算机程序产品
-
Application No.: US10972787Application Date: 2004-10-26
-
Publication No.: US08032937B2Publication Date: 2011-10-04
- Inventor: Daniel R. Ellis
- Applicant: Daniel R. Ellis
- Applicant Address: US VA McLean
- Assignee: The Mitre Corporation
- Current Assignee: The Mitre Corporation
- Current Assignee Address: US VA McLean
- Agency: Sterne, Kessler, Goldstein & Fox P.L.L.C.
- Main IPC: G06F11/00
- IPC: G06F11/00
Abstract:
A worm is a malicious process that autonomously spreads itself from one host to another. To infect a host, a worm must somehow copy itself to the host. The method in which a worm transmits a copy of itself produces network traffic patterns that can be generalized as a traffic behavior. As a worm spreads itself across the network, the propagation of the traffic behavior can be witnessed as hosts are infected, one after another. By monitoring the network traffic for propagations of traffic behaviors, a presence of a worm can be detected.
Public/Granted literature
- US20100199349A1 Method, apparatus, and computer program product for detecting computer worms in a network Public/Granted day:2010-08-05
Information query
