专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US10313372B2 Identifying malware-infected network devices through traffic monitoring 有权
公开(公告)号：US10313372B2
公开(公告)日：2019-06-04
申请号：US14635761
申请日：2015-03-02
申请人： David Paul Heilig
发明人： David Paul Heilig
IPC分类号： H04L29/06
摘要： The present invention generally relates to detecting malicious network activity coming from network devices such as routers and firewalls. Specifically, embodiments of the present invention provide for detecting stealth malware on a network device by comparing inbound and outbound network traffic to discover packets originating from the network device and packets that violate configuration rules. When combined with a network traffic monitor server configured to monitor actual network traffic reports and to receive known network traffic reports from host computers, the system can detect stealth network traffic originating from both network devices and host computer systems.

2. 发明申请

US20160021131A1 IDENTIFYING STEALTH PACKETS IN NETWORK COMMUNICATIONS THROUGH USE OF PACKET HEADERS 审中-公开
标题翻译：通过使用分组头来识别网络通信中的硬件分组
公开(公告)号：US20160021131A1
公开(公告)日：2016-01-21
申请号：US14336004
申请日：2014-07-21
申请人： David Paul Heilig
发明人： David Paul Heilig
IPC分类号： H04L29/06
CPC分类号： H04L63/1425 , H04L63/1408
摘要： A host computer system contains a software module that monitors and records network communications that flow through the legitimate network channels provided by the operating system and reports this information to a central processing server. A computer system acting as a central processing server compares network communications data received from the host computer system with the overall network traffic. Network traffic that is not reported from the host computer system is likely the result of stealth network traffic produced by advanced malware that has hidden its communications by circumventing the legitimate network channels provided by the OS. Detection of this stealth network traffic can be accomplished by using just the packet header information so the data payload does not need to be recorded, thereby reducing the memory requirements and reducing the need to save any potentially sensitive information.
摘要翻译：主计算机系统包含一个软件模块，用于监视和记录流经操作系统提供的合法网络通道的网络通信，并将该信息报告给中央处理服务器。充当中央处理服务器的计算机系统将从主计算机系统接收的网络通信数据与整体网络流量进行比较。未从主机系统报告的网络流量很可能是由高级恶意软件产生的隐藏网络流量的结果，该恶意软件通过绕过操作系统提供的合法网络通道隐藏其通信。可以通过仅使用分组报头信息来实现对这种隐形网络流量的检测，从而不需要记录数据有效负载，从而减少存储器需求并减少保存任何潜在敏感信息的需要。

3. 发明授权

US10659478B2 Identifying stealth packets in network communications through use of packet headers 有权
公开(公告)号：US10659478B2
公开(公告)日：2020-05-19
申请号：US14336004
申请日：2014-07-21
申请人： David Paul Heilig
发明人： David Paul Heilig
IPC分类号： H04L29/06
摘要： A host computer system contains a software module that monitors and records network communications that flow through the legitimate network channels provided by the operating system and reports this information to a central processing server. A computer system acting as a central processing server compares network communications data received from the host computer system with the overall network traffic. Network traffic that is not reported from the host computer system is likely the result of stealth network traffic produced by advanced malware that has hidden its communications by circumventing the legitimate network channels provided by the OS. Detection of this stealth network traffic can be accomplished by using just the packet header information so the data payload does not need to be recorded, thereby reducing the memory requirements and reducing the need to save any potentially sensitive information.

4. 发明授权

US11277428B2 Identifying malware-infected network devices through traffic monitoring 有权
公开(公告)号：US11277428B2
公开(公告)日：2022-03-15
申请号：US16872302
申请日：2020-05-11
申请人： David Paul Heilig
发明人： David Paul Heilig
IPC分类号： H04L45/00 , H04L29/06
摘要： The present invention generally relates to detecting malicious network activity coming from network devices such as routers and firewalls. Specifically, embodiments of the present invention provide for detecting stealth malware on a network device by comparing inbound and outbound network traffic to discover packets originating from the network device and packets that violate configuration rules. When combined with a network traffic monitor server configured to monitor actual network traffic reports and to receive known network traffic reports from host computers, the system can detect stealth network traffic originating from both network devices and host computer systems.

5. 发明申请

US20200274893A1 IDENTIFYING MALWARE-INFECTED NETWORK DEVICES THROUGH TRAFFIC MONITORING 审中-公开
公开(公告)号：US20200274893A1
公开(公告)日：2020-08-27
申请号：US16872302
申请日：2020-05-11
申请人： David Paul Heilig
发明人： David Paul Heilig
IPC分类号： H04L29/06 , H04L12/721
摘要： The present invention generally relates to detecting malicious network activity coming from network devices such as routers and firewalls. Specifically, embodiments of the present invention provide for detecting stealth malware on a network device by comparing inbound and outbound network traffic to discover packets originating from the network device and packets that violate configuration rules. When combined with a network traffic monitor server configured to monitor actual network traffic reports and to receive known network traffic reports from host computers, the system can detect stealth network traffic originating from both network devices and host computer systems.

6. 发明申请

US20190141071A1 IDENTIFYING MALWARE-INFECTED NETWORK DEVICES THROUGH TRAFFIC MONITORING 审中-公开
公开(公告)号：US20190141071A1
公开(公告)日：2019-05-09
申请号：US16240756
申请日：2019-01-06
申请人： David Paul Heilig
发明人： David Paul Heilig
IPC分类号： H04L29/06 , H04L12/721
摘要： The present invention generally relates to detecting malicious network activity coming from network devices such as routers and firewalls. Specifically, embodiments of the present invention provide for detecting stealth malware on a network device by comparing inbound and outbound network traffic to discover packets originating from the network device and packets that violate configuration rules. When combined with a network traffic monitor server configured to monitor actual network traffic reports and to receive known network traffic reports from host computers, the system can detect stealth network traffic originating from both network devices and host computer systems.

7. 发明申请

US20160261611A1 IDENTIFYING MALWARE-INFECTED NETWORK DEVICES THROUGH TRAFFIC MONITORING 审中-公开
标题翻译：通过交通监控识别出恶意网络的网络设备
公开(公告)号：US20160261611A1
公开(公告)日：2016-09-08
申请号：US14635761
申请日：2015-03-02
申请人： David Paul Heilig
发明人： David Paul Heilig
IPC分类号： H04L29/06
CPC分类号： H04L63/1425
摘要： The present invention generally relates to detecting malicious network activity coming from network devices such as routers and firewalls. Specifically, embodiments of the present invention provide for detecting stealth malware on a network device by comparing inbound and outbound network traffic to discover packets originating from the network device and packets that violate configuration rules. When combined with a network traffic monitor server configured to monitor actual network traffic reports and to receive known network traffic reports from host computers, the system can detect stealth network traffic originating from both network devices and host computer systems.
摘要翻译：本发明一般涉及检测来自诸如路由器和防火墙的网络设备的恶意网络活动。具体地，本发明的实施例提供了通过比较入站和出站网络流量来发现来自网络设备的分组和违反配置规则的分组来检测网络设备上的隐身恶意软件。当与配置为监视实际网络流量报告并从主机接收已知网络流量报告的网络流量监控服务器组合时，系统可以检测源自网络设备和主机系统的隐身网络流量。

8. 发明授权

US10652263B2 Identifying malware-infected network devices through traffic monitoring 有权
公开(公告)号：US10652263B2
公开(公告)日：2020-05-12
申请号：US16240756
申请日：2019-01-06
申请人： David Paul Heilig
发明人： David Paul Heilig
IPC分类号： H04L29/06 , H04L12/721
摘要： The present invention generally relates to detecting malicious network activity coming from network devices such as routers and firewalls. Specifically, embodiments of the present invention provide for detecting stealth malware on a network device by comparing inbound and outbound network traffic to discover packets originating from the network device and packets that violate configuration rules. When combined with a network traffic monitor server configured to monitor actual network traffic reports and to receive known network traffic reports from host computers, the system can detect stealth network traffic originating from both network devices and host computer systems.

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式