Patent · US Active

Detecting malicious endpoints using network connectivity and flow information

US8813236B1 · kind B1 · utility

215Cited by

0References

20Claims

0Family size

Assignee

Narus, Inc. · US

Inventors

Sabyasachi Saha · Sunnyvale, US
Lei Liu · Thousand Oaks, US
Ruben Torres · Sunnyvale, US
Jianpeng Xu · Markham, CA
Antonio Nucci · San Jose, US

Key dates

Filing date	Jan 7, 2013
Grant date	Aug 19, 2014
Priority date	—
Expiry date	Jan 7, 2033

Classification

Technology area (CPC H)Electricity
CPC primaryH04L2463/146
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A method for detecting hidden malicious network nodes. Starting from a pool of seed nodes that have previously been identified as malicious, a two-phase score propagation algorithm is employed to propagate threat scores from the seeded nodes to other nodes in an IP-address connectivity graph. Nodes with high threat score after propagation are declared to be malicious.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.