Patent · US Active

Detecting injection attacks using passive network monitoring

US11706233B2 · kind B2 · utility

4Cited by

210References

17Claims

0Family size

Assignee

ExtraHop Networks, Inc. · US

Inventors

Benjamin Thomas Higgins · Shoreline, US
Jesse Abraham Rothstein · Seattle, US
Xue Jun Wu · Seattle, US
Michael Kerber Krause Montague · Lake Forest Park, US
Kevin Michael Seguin · Seattle, US

Key dates

Filing date	Mar 26, 2021
Grant date	Jul 18, 2023
Priority date	—
Expiry date	May 21, 2041

Classification

Technology area (CPC H)Electricity
CPC primaryH04L43/026
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Embodiments are directed to monitoring network traffic using network monitoring computers (NMCs). NMCs may determine requests provided to a server based on a first portion of network traffic. NMCs may determine suspicious requests based on characteristics of the provided requests. NMCs may employ the characteristics of the suspicious requests to provide correlation information that is associated with the suspicious requests. NMCs may determine dependent actions associated with the server based on a second portion of the network traffic and the correlation information. And, in response to determining anomalous activity associated with the evaluation of the dependent actions, NMCs may provide reports associated with the anomalous activity.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.