Methods and apparatus for detecting unwanted traffic in one or more packet networks utilizing string analysis
US8776217B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Nov 3, 2006 |
| Grant date | Jul 8, 2014 |
| Priority date | — |
| Expiry date | Oct 30, 2029 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L2463/141
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Methods and apparatus are provided for detecting unwanted traffic in one or more packet networks utilizing string analysis. Unwanted traffic received by a target victim, such as a malicious attack, is detected by maintaining a rule base identifying one or more string expressions; analyzing one or more error entries in a log file, the log file comprising one or more requests received by the target victim; determining if the one or more requests include a string that matches one or more of the string expressions in the rule base; and sending a denunciation message to a central filter if the one or more requests include a string that matches one or more of the string expressions in the rule base. The string expressions may comprise, for example, a string or a regular expression and can represent one or more resources that an attacker may attempt to access.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.