Patent · US Active

Rootkit detection by using HW resources to detect inconsistencies in network traffic

US9197654B2 · kind B2 · utility

126Cited by

3References

24Claims

0Family size

Assignee

McAfee, LLC · US

Inventors

Omer Ben-Shalom · Ashkelon, IL
Alex Nayshtut · Gan Yavne, IL
Igor Muttik · Aylesbury, GB

Key dates

Filing date	Jun 28, 2013
Grant date	Nov 24, 2015
Priority date	—
Expiry date	Oct 15, 2033

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/16
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A technique allows detection of covert malware that attempts to hide network traffic. By monitoring network traffic both in a secure trusted environment and in an operating system environment, then comparing the monitor data, attempts to hide network traffic can be detected, allowing the possibility of performing rehabilitative actions on the computer system to locate and remove the malware hiding the network traffic.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.