Patent · US Active

Systems and methods for detecting encrypted bot command and control communication channels

US8204984B1 · kind B1 · utility

373Cited by

62References

20Claims

0Family size

Assignee

FireEye, Inc. · US

Inventors

Ashar Aziz · Kendall, US
Wei-Lung Lai · Taoyuan, TW
Jayaraman Manni · San Jose, US

Key dates

Filing date	Nov 30, 2007
Grant date	Jun 19, 2012
Priority date	—
Expiry date	Nov 27, 2028

Classification

Technology area (CPC H)Electricity
CPC primaryH04L2463/144
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Methods and systems for detecting encrypted bot command and control communication channels are provided. In the exemplary method, the presence of a communication channel between a first network device and a second network device is monitored. Active and inactive periods of the network device are detected and a reverse channel is determined based on the detection. The first network device may then be flagged as potentially infected or suspected based on the reverse channel determination.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.