Patent · US Active

Detecting injection attacks using passive network monitoring

US10965702B2 · kind B2 · utility

5Cited by

126References

17Claims

0Family size

Assignee

ExtraHop Networks, Inc. · US

Inventors

Benjamin Thomas Higgins · Shoreline, US
Jesse Abraham Rothstein · Seattle, US
Xue Jun Wu · Seattle, US
Michael Kerber Krause Montague · Lake Forest Park, US
Kevin Michael Seguin · Seattle, US

Key dates

Filing date	May 28, 2019
Grant date	Mar 30, 2021
Priority date	—
Expiry date	May 28, 2039

Classification

Technology area (CPC H)Electricity
CPC primaryH04L43/026
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Embodiments are directed to monitoring network traffic using network monitoring computers (NMCs). NMCs may determine requests provided to a server based on a first portion of network traffic. NMCs may determine suspicious requests based on characteristics of the provided requests. NMCs may employ the characteristics of the suspicious requests to provide correlation information that is associated with the suspicious requests. NMCs may determine dependent actions associated with the server based on a second portion of the network traffic and the correlation information. And, in response to determining anomalous activity associated with the evaluation of the dependent actions, NMCs may provide reports associated with the anomalous activity.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.