Protecting against and learning attack vectors on web artifacts
US10944770B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Oct 25, 2018 |
| Grant date | Mar 9, 2021 |
| Priority date | — |
| Expiry date | Sep 19, 2039 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/034
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A server includes a service processor hosted by a baseboard management controller (BMC) and independent of a CPU of the server. The server hosts web files. The service processor performs a set of monitoring tasks including receiving packets forming access requests made to the web files. A learning block is updated with information about suspicious packets. A counter is updated indicating a number of times a packet with a signature of a suspicious packet was received. When the counter reaches a threshold, a suspicious packet is analyzed in conjunction with other previously received suspicious packets. The analysis includes rearranging an arrival order of the suspicious packets into a new arrival sequence. The new arrival sequence of suspicious packets is matched to attack patterns in an attack pattern database. When the new arrival sequence matches an attack pattern, source IP addresses associated with the suspicious packets are added to a blacklist.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.