Patent · US Active

Using trust profiles for network breach detection

US9306964B2 · kind B2 · utility

4Cited by

3References

21Claims

0Family size

Assignee

NetScout Systems, Inc. · US

Inventors

Anil K. Singhal · Seattle, US
Shu Nakamoto · East Wakefield, US
Deborah A. Briggs · San Ramon, US

Key dates

Filing date	Mar 10, 2015
Grant date	Apr 5, 2016
Priority date	—
Expiry date	Mar 10, 2035

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/1441
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Actions of servers and other network devices within a network are monitored to detect whether the servers and network devices are performing tasks, using protocols, and communicating through ports that are consistent with legitimate (or “permissible”) purposes. That is, rather than attempting to belatedly identify malware signatures and screen all traffic into and out of a network for these signatures, embodiments of the present invention scrutinize devices (such as servers and other network infrastructure elements) for malware behavior that is inconsistent with an identified set of actions known to be consistent with legitimate tasks performed by the network device.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.