Rule-based network-threat detection

Assignee

• Centripetal Networks, LLC · US

Inventors

• David K. Ahn · Winston-Salem, US
• Keith A. George · Peterstown, US
• Peter P. Geremia · Portsmouth, US
• Pierre Mallett, III · Herndon, US
• Sean Moore · Hollis, US
• Robert T. Perry · Ashburn, US
• Jonathan R. Rogers · Weare Corner, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L43/028
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A packet-filtering device may receive packet-filtering rules configured to cause the packet-filtering device to identify packets corresponding to network-threat indicators. The packet-filtering device may receive packets and, for each packet, may determine that the packet corresponds to criteria specified by a packet-filtering rule. The criteria may correspond to one or more of the network-threat indicators. The packet-filtering device may apply an operator specified by the packet-filtering rule. The operator may be configured to cause the packet-filtering device to either prevent the packet from continuing toward its destination or allow the packet to continue toward its destination. The packet-filtering device may generate a log entry comprising information from the packet-filtering rule that identifies the one or more network-threat indicators and indicating whether the packet-filtering device prevented the packet from continuing toward its destination or allowed the packet to continue toward its destination.