Detecting malicious network software agents
US8914878B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Apr 29, 2009 |
| Grant date | Dec 16, 2014 |
| Priority date | — |
| Expiry date | Dec 29, 2030 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L2463/144
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
This disclosure describes techniques for determining whether a network session originates from an automated software agent. In one example, a network device, such as a router, includes a network interface to receive packets of a network session, a bot detection module to calculate a plurality of scores for network session data based on a plurality of metrics, wherein each of the metrics corresponds to a characteristic of a network session originated by an automated software agent, to produce an aggregate score from an aggregate of the plurality of scores, and to determine that the network session is originated by an automated software agent when the aggregate score exceeds a threshold, and an attack detection module to perform a programmed response when the network session is determined to be originated by an automated software agent. Each score represents a likelihood that the network session is originated by an automated software agent.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.