Identifying malicious devices within a computer network
US9258328B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Apr 17, 2015 |
| Grant date | Feb 9, 2016 |
| Priority date | — |
| Expiry date | Apr 17, 2035 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L67/10
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
This disclosure describes techniques for proactively identifying possible attackers based on a profile of a device. For example, a device includes one or more processors and network interface cards to receive, from a remote device, network traffic directed to one or more computing devices protected by the device, determine, based on content of the network traffic, a first set of data points for the device, send a response to the remote device to ascertain a second set of data points for the device, and receive, from the remote device, at least a portion of the second set of data points. The device also includes a security module operable by the processors to determine a maliciousness rating, and selectively manage, based on the maliciousness rating, additional network traffic directed to the one or more computing devices protected by the security device and received from the remote device.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.