Patent · US Active

System, apparatus and method for detecting a malicious attack based on static analysis of a multi-flow object

US9432389B1 · kind B1 · utility

179Cited by

203References

29Claims

0Family size

Assignee

FireEye, Inc. · US

Inventors

Yasir Khalid · Fremont, US
Shivani Deshpande · Fremont, US
Muhammad Amin · Fremont, US

Key dates

Filing date	Mar 31, 2014
Grant date	Aug 30, 2016
Priority date	—
Expiry date	Mar 31, 2034

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/1425
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

In an embodiment, a threat detection and prevention system comprises a network-traffic static analysis logic and a classification engine. The network-traffic static analysis logic is configured to conduct an analysis of a multi-flow object by analyzing characteristics of the multi-flow object and determining if the characteristics of the multi-flow object is associated with a malicious attack such as being indicative of an exploit for example. The classification engine is configured to receive results of the analysis of the multi-flow object and, based on the results of the analysis of the multi-flow object, determine whether the multi-flow object is associated with a malicious attack.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.