Patent · US Active

System and method for offloading packet processing and static analysis operations

US9591015B1 · kind B1 · utility

197Cited by

205References

35Claims

0Family size

Assignee

FireEye, Inc. · US

Inventors

Muhammad Amin · Fremont, US
Masood Mehmood · Fremont, US
Ramaswamy Ramaswamy · Amherst, US
Madhusudan Challa · San Jose, US
Shrikrishna Karandikar · Fremont, US

Key dates

Filing date	Mar 28, 2014
Grant date	Mar 7, 2017
Priority date	—
Expiry date	Jan 12, 2035

Classification

Technology area (CPC H)Electricity
CPC primaryH04L61/4511
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

According to one embodiment, a network security device configured to detect malicious content within received network traffic comprises a traffic analysis controller (TAC) is provided. The traffic analysis controller comprises a network processing unit (NPU) and is configured to perform at least packet processing on the NPU with a set of pre-filters. In addition, the network security device further comprises a central processing unit (CPU) and is configured to perform at least virtual machine (VM)-based processing. The set of pre-filters is configured to distribute objects of received network traffic such that either static analysis or dynamic analysis may be performed on an object to determine whether the object contains malicious content. The static analysis may be performed on either the NPU or the CPU while the dynamic analysis is performed on the CPU.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.