Method for detecting a threat and threat detecting apparatus

Assignee

• LEIDOS INNOVATIONS TECHNOLOGY, INC. · US

Inventors

• Richard N. Pedersen · Toms River, US
• Thomas Plummer · Cherry Hill, US
• Ben Anthony Calloni · Weatherford, US
• Peter Alan Vanemburg · Hopewell, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/1416
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

Aspects of the disclosure include a threat detecting apparatus. The threat detecting apparatus can include an interface circuit, an opcode detector, and a pattern analyzer. The interface circuit is configured to receive a data stream. The opcode detector can be configured to identify an opcode sequence embedded in the data stream based on a first model graph that includes a plurality of interconnected token nodes. Each token node is representative of an occurrence or a non-occurrence of a token. The pattern analyzer may be configured to identify an opcode signature embedded in the identified opcode sequence based on a second model graph, and to output a signal indicative of the successful identification of the opcode signature. The second model graph can include a plurality of interconnected opcode nodes, and each opcode node can be representative of an occurrence or a non-occurrence of a predetermined combination of one or more opcodes.