Patent · US Active

Method and apparatus for examining network traffic and automatically detecting anomalous activity to secure a computer

US8789174B1 · kind B1 · utility

19Cited by

0References

14Claims

0Family size

Assignee

Symantec Corporation · US

Inventor

Prashant Gupta · Gloucester, GB

Key dates

Filing date	Apr 13, 2010
Grant date	Jul 22, 2014
Priority date	—
Expiry date	Apr 22, 2031

Classification

Technology area (CPC G)Physics
CPC primaryG06F21/552
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A method and apparatus for examining network traffic and automatically detecting anomalous activity to secure a computer is described. In one embodiment, the method includes examining network traffic that is directed to at least one endpoint computer, accessing profile information associated with the at least one endpoint computer to determine confidence indicia associated with each portion of the network traffic, comparing the confidence indicia with heuristic information to identify anomalous activity for the at least one endpoint computer and communicating indicia of detection as to the anomalous activity to the at least one endpoint computer.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.