Network traffic correlation engine
US11601457B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Aug 26, 2020 |
| Grant date | Mar 7, 2023 |
| Priority date | — |
| Expiry date | Mar 3, 2041 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/1408
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A network traffic correlation engine monitors inbound and/or outbound connection information received from on each host computer system on a network. Each host device on the network store data logs corresponding to information corresponding to communications sent by the device and received by the device. The network traffic correlation engine correlates connections between different hosts throughout the network. If the network traffic correlation engine identified unmatched outbound and inbound connections, the network traffic correlation engine generates an alert to initiate further investigation and may also provide a mapping of the communications showing a possible start device for the connection and/or a type of access that the connections may now be providing.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.