Invention Grant
US08635697B2 Method and system for operating system identification in a network based security monitoring solution
有权
在基于网络的安全监控解决方案中操作系统识别的方法和系统
- Patent Title: Method and system for operating system identification in a network based security monitoring solution
- Patent Title (中): 在基于网络的安全监控解决方案中操作系统识别的方法和系统
-
Application No.: US13083501Application Date: 2011-04-08
-
Publication No.: US08635697B2Publication Date: 2014-01-21
- Inventor: Kevin McNamee , Mike Pelley , Darren Deridder , Paul Edwards
- Applicant: Kevin McNamee , Mike Pelley , Darren Deridder , Paul Edwards
- Applicant Address: FR Paris
- Assignee: Alcatel Lucent
- Current Assignee: Alcatel Lucent
- Current Assignee Address: FR Paris
- Agency: Osha Liang, L.L.P.
- Main IPC: G06F11/00
- IPC: G06F11/00 ; G06F12/14 ; G06F12/16
Abstract:
A method and system for providing network based malware detection in a service provider network is disclosed. Transmission control protocol (TCP) packets defining originating from an access device coupled to the service provider network defining a TCP session between a computing device coupled to the access device, and a destination coupled to the service provider network are received. An operating system identifier (OS ID) associated with the TCP session and the computing device is determined. If malware is present in the TCP session and an associated malware ID is determined by comparing a malware signature to the one or more TCP packets. An alert identifying a network address associated with the access device, the malware ID and the OS ID associated with TCP session that generated the alert can then be generated.
Public/Granted literature
- US20120255019A1 METHOD AND SYSTEM FOR OPERATING SYSTEM IDENTIFICATION IN A NETWORK BASED SECURITY MONITORING SOLUTION Public/Granted day:2012-10-04
Information query
