Human activity detection in computing device transmissions

Assignee

• PALO ALTO NETWORKS (ISRAEL ANALYTICS) LTD. · IL

Inventors

• Asaf Dahan · Nes Ziona, IL
• Rony Brailovsky · Nes Ziona, IL
• Yaron Neuman · Zoran, IL
• Idan Amit · Ramat Gan, IL
• Yinnon Meshi · Yeroham, IL

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L2463/144
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Methods, apparatus and computer software products implement embodiments of the present invention that include protecting a computing system by defining a list of network access messages that are indicative of human use of computing devices, and extracting, from data traffic transmitted over a data network connecting a plurality of the computing devices to multiple Internet sites, respective transmissions from the computing devices to the Internet sites. A given transmission including one of the network access messages in the list is detected in the transmissions from a given computing device, and the given computing device is classified as being operated by a human in response to detecting the given transmission. Upon identifying suspicious content in the transmissions from a subset of the computing devices that includes the given computing device, any suspicious transmissions from the given computing device are ignored in response to the classification.