Data mining to identify malicious activity
US9894088B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Aug 30, 2013 |
| Grant date | Feb 13, 2018 |
| Priority date | — |
| Expiry date | Nov 12, 2033 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/1425
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Systems and methods may determine suspicious network traffic. A monitoring system comprising a processor in communication with a network may monitor network traffic to or from an asset associated with the network. The monitoring system may assess the network traffic to determine a source and/or destination for the network traffic anchor content of the network traffic. The monitoring system may determine whether the network traffic is suspicious network traffic based on the assessed source and/or destination and/or content. When the network traffic is determined to be suspicious network traffic, the monitoring system may capture metadata associated with the suspicious network traffic and store the metadata in a database in communication with the processor. When the network traffic is not determined to be suspicious network traffic, the monitoring system may disregard metadata associated with the network traffic.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.