Patent · US Active

Vulnerability detection based on aggregated primitives

US9231964B2 · kind B2 · utility

26Cited by

9References

20Claims

0Family size

Assignee

Microsoft Corporation · US

Inventors

David B. Cross · Redmond, US
Nir Nice · Kfar Vradim, IL

Key dates

Filing date	Apr 14, 2009
Grant date	Jan 5, 2016
Priority date	—
Expiry date	Apr 9, 2032

Classification

Technology area (CPC G)Physics
CPC primaryG06F21/577
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Methods, systems, and computer-readable media are disclosed for detecting vulnerabilities based on aggregated primitives. A particular method includes receiving a plurality of data transmissions. At least one of the data transmissions includes a protocol anomaly that is not indicative of a security threat. The method includes identifying a plurality of primitives associated with the data transmissions. The primitives are aggregated, and an attack condition is identified based on the aggregated primitives. A security alert is generated based on the identified attack condition.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.