Patent · US Active

Method and apparatus for high-speed detection and blocking of zero day worm attacks

US7752662B2 · kind B2 · utility

31Cited by

3References

45Claims

0Family size

Assignee

Imperva, Inc. · US

Inventors

Amichai Shulman · Givatayim, IL
Michael Boodaei · Givatayim, IL
Shlomo Kremer · Nes Ziona, IL

Key dates

Filing date	Sep 30, 2004
Grant date	Jul 6, 2010
Priority date	—
Expiry date	Jul 10, 2027

Classification

Technology area (CPC H)Electricity
CPC primaryH04L69/22
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A method for detection and blocking of zero day worm attacks is disclosed. A zero day worm attack is the initial appearance of a new or revised Web worm. The method compares a hypertext transfer protocol (HTTP) request sent from an attacking computer (or server) to a predefined behavior profile of a protected Web application in order to detect a worm attack. A zero day worm attack based on the first data packet of an HTTP request can be detected.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.