Patent · US Active

Detection of periodic transmissions for identifying malicious computers

US11063969B1 · kind B1 · utility

1Cited by

2References

8Claims

0Family size

Assignee

Trend Micro Incorporated · JP

Inventors

Shoufu Luo · San Jose, US
Jonathan Edward Andersson · Round Rock, US
Josiah Dede Hagen · Austin, US

Key dates

Filing date	Jun 25, 2019
Grant date	Jul 13, 2021
Priority date	—
Expiry date	Feb 18, 2040

Classification

Technology area (CPC H)Electricity
CPC primaryH04L2463/121
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

In one embodiment, a network security device monitors network communications between a computer and another computer. A periodicity of transmissions made by one computer to the other computer is determined, with the periodicity being used to identify candidate time point pairs having intervals that match the periodicity. A graph is constructed with time points of the candidate time point pairs as nodes and with intervals of time point pairs as edges. A longest path that continuously links one time point to another time point on the graph is compared to a threshold length to verify that the transmissions are periodic, and are thus potentially indicative of malicious network communications.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.