Patent · US Active

System and method for detecting exfiltration content

US9565202B1 · kind B1 · utility

340Cited by

126References

41Claims

0Family size

Assignee

FireEye, Inc. · US

Inventors

Darien Kindlund · Victorville, US
Julia Wolf · Columbia, US
James Bennett · Azusa, US

Key dates

Filing date	Mar 13, 2013
Grant date	Feb 7, 2017
Priority date	—
Expiry date	Mar 13, 2033

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/033
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Techniques for detecting exfiltration content are described herein. According to one embodiment, a malicious content suspect is executed within a virtual machine that simulates a target operating environment associated with the malicious content suspect. A packet inspection is performed on outbound network traffic initiated by the malicious content suspect to determine whether the outbound network traffic matches a predetermined network traffic pattern. An alert is generated indicating that the malicious content suspect should be declared as malicious, in response to determining that the outbound network traffic matches the predetermined network traffic pattern.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.