Patent · US Active

Detecting web exploit kits by tree-based structural similarity search

US10560471B2 · kind B2 · utility

1Cited by

13References

14Claims

0Family size

Assignee

HCL Technologies Limited · IN

Inventors

Xin Hu · White Plains, US
Jiyong Jang · Ossining, US
Fabian Monrose · Chapel Hill, US
Marc Philippe Stoecklin · Bern, CH
Teryl Paul Taylor · Danbury, US
Ting Wang · White Plains, US

Key dates

Filing date	Nov 7, 2016
Grant date	Feb 11, 2020
Priority date	—
Expiry date	Nov 9, 2037

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/168
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A method includes receiving, at an input port of a computer, indication of HTTP (Hypertext Transfer Protocol) traffic and clustering, using a processor on the computer, the HTTP traffic according to a client IP (Internet Protocol) into a web session tree. A client tree structure of the web session tree is generated and the client tree structure is compared with tree structures of exploit kit samples.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.