Patent · US Active

Measuring, categorizing, and/or mitigating malware distribution paths

US9930065B2 · kind B2 · utility

18Cited by

84References

25Claims

0Family size

Assignees

University of Georgia Research Foundation, Inc. · US
Dambala, Inc. · US

Inventors

Terry Nelms, II · Dallas, US
Roberto Perdisci · Lawrenceville, US

Key dates

Filing date	Mar 25, 2015
Grant date	Mar 27, 2018
Priority date	—
Expiry date	Mar 25, 2035

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/1425
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Systems and methods for event path traceback may utilize a processor and a path traceback and categorization (ATC) module in communication with the processor. The processor may be configured to perform processing associated with receiving network traffic from a network. The ATC module may be configured to perform processing associated with identifying an event within the network traffic, tracing a sequence of network transactions related to the event, and outputting an annotated event path (AMP) including data about the event and the sequence of network transactions related to the event. Performing processing associated with tracing the sequence of network transactions may comprise reconstructing a sequence of transactions within the network traffic that led to the event while filtering out unrelated traffic within the network traffic.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.