Detection of stealthy malware activities with traffic causality and scalable triggering relation discovery

Invention Grant

US09888030B2 Detection of stealthy malware activities with traffic causality and scalable triggering relation discovery 有权

Please log in to see more content

Patent Title: Detection of stealthy malware activities with traffic causality and scalable triggering relation discovery
Application No.: US14267422

Application Date: 2014-05-01
Publication No.: US09888030B2

Publication Date: 2018-02-06
Inventor: Danfeng Yao , Hao Zhang
Applicant: Danfeng Yao , Hao Zhang
Applicant Address: US VA Blacksburg
Assignee: Virginia Tech Intellectual Properties, Inc.
Current Assignee: Virginia Tech Intellectual Properties, Inc.
Current Assignee Address: US VA Blacksburg
Agency: Vogt IP
Agent Keith A. Vogt
Main IPC: H04L29/06
IPC: H04L29/06 ; G06F21/31 ; G06F21/32 ; G06F21/56

Detection of stealthy malware activities with traffic causality and scalable triggering relation discovery

Abstract:

A computer system for distinguishing user-initiated network traffic from malware-initiated network traffic comprising at least one central processing unit (CPU) and a memory communicatively coupled to the CPU. The memory includes a program code executable by the CPU to monitor individual network events to determine for an individual network event whether the event has a legitimate root-trigger. Malware-initiated traffic is identified as an individual network event that does not have a legitimate root-trigger.

Public/Granted literature

US20140310808A1 Detection of Stealthy Malware Activities with Traffic Causality and Scalable Triggering Relation Discovery Public/Granted day:2014-10-16

Information query

Espacenet