Patent · US Active

System, device and method for detecting a malicious attack based on direct communications between remotely hosted virtual machines and malicious web servers

US9838408B1 · kind B1 · utility

170Cited by

229References

55Claims

0Family size

Assignee

FireEye, Inc. · US

Inventors

Shrikrishna Karandikar · Fremont, US
Muhammad Amin · Fremont, US
Shivani Deshpande · Fremont, US
Yasir Khalid · Fremont, US

Key dates

Filing date	May 19, 2017
Grant date	Dec 5, 2017
Priority date	—
Expiry date	May 19, 2037

Classification

Technology area (CPC G)Physics
CPC primaryG06F2009/45595
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

In an embodiment, a system, device and method for detecting a malicious attack is described. Herein, the system includes a security network device that conducts an analysis on received network traffic to detect a suspicious object associated with the network traffic and determine an identifier associated with a source of the suspicious object. Information associated with the suspicious object and/or ancillary data, including information that identifies a return path for analysis results to a customer, are uploaded to a detection cloud. The detection cloud includes provisioning logic and one or more virtual machines that are provisioned by the provisioning logic in accordance with at least a portion of the ancillary data. The provisioning logic to customize functionality of the detection cloud for a specific customer.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.