Patent · US Active

System and method of detecting delivery of malware based on indicators of compromise from different sources

US9609007B1 · kind B1 · utility

201Cited by

223References

35Claims

0Family size

Assignee

FireEye, Inc. · US

Inventors

Alexandr Rivlin · Los Gatos, US
Divyesh Mehra · San Jose, US
Henry Uyeno · Sunnyvale, US
Vinay Pidathala · San Jose, US

Key dates

Filing date	Jun 6, 2016
Grant date	Mar 28, 2017
Priority date	—
Expiry date	Jun 6, 2036

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/145
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

According to one embodiment, a computerized method comprises receiving a set of indicators of compromise (IOCs) associated with a known malware of a first message type from a first source and receiving one or more IOCs (IOC(s)) from a second source that is different from the first source. Thereafter, a determination is made as to whether the received IOC(s) from the second source correspond to the set of IOCs received from the first source. If so, information associated with at least the set of IOCs is used to locate a malware of the first message type that is undetected at the second source.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.