Patent · US Active

Detection of malware and malicious applications

US11057420B2 · kind B2 · utility

19Cited by

5References

16Claims

0Family size

Assignee

Cisco Technology, Inc. · US

Inventors

David McGrew · Poolesville, US
Andrew Zawadowskiy · Nashua, US
Donovan O'Hara · Acton, US
Saravanan Radhakrishnan · Survanagiri, IN
Tomas Pevny · Teplice, CZ
Daniel G. Wing · San Jose, US

Key dates

Filing date	Mar 29, 2019
Grant date	Jul 6, 2021
Priority date	—
Expiry date	Apr 2, 2039

Classification

Technology area (CPC H)Electricity
CPC primaryH04L2463/121
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A method comprises receiving, at a network infrastructure device, a flow of packets, determining, using the network infrastructure device and for a first subset of the packets, that the first subset corresponds to a first datagram and determining a first length of the first datagram, determining, using the network infrastructure device and for a second subset of the packets, that the second subset corresponds to a second datagram that was received after the first datagram, and determining a second length of the second datagram, determining, using the network infrastructure device, a duration value between a first arrival time of the first datagram and a second arrival time of the second datagram, sending, to a collector device that is separate from the network infrastructure device, the first length, the second length, and the duration value for analysis.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.