Patent · US Active

Detecting a malicious file infection via sandboxing

US9680845B2 · kind B2 · utility

10Cited by

3References

20Claims

0Family size

Assignee

Juniper Networks, Inc. · US

Inventors

Jacob Asher Langton · Oakland, US
Daniel J. Quinlan · Sunnyvale, US
Kyle Adams · Brisbane, US
Declan Conlon · Sydney, AU

Key dates

Filing date	Mar 31, 2015
Grant date	Jun 13, 2017
Priority date	—
Expiry date	Aug 24, 2035

Classification

Technology area (CPC H)Electricity
CPC primaryH04L67/303
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A device may receive a trigger to determine whether a malicious file is operating on a client device. The device may determine a network activity profile associated with the malicious file based on receiving the trigger to determine whether the malicious file is operating on the client device. The network activity profile may include information regarding network activity associated with the malicious file when the malicious file is executed in a testing environment. The device may monitor network activity associated with the client device. The device may determine that the network activity associated with the client device matches the network activity profile associated with the malicious file based on monitoring the network activity associated with the client device. The device may provide information indicating that the network activity associated with the client device matches the network activity profile associated with the malicious file.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.