- 专利标题: System and method for extracting signatures from controlled execution of applications and application codes retrieved from an application source
-
申请号: US13857092申请日: 2013-04-04
-
公开(公告)号: US10419351B1公开(公告)日: 2019-09-17
- 发明人: Mario Baldi , Yong Liao , Stanislav Miskovic , Antonio Nucci
- 申请人: Narus, Inc.
- 申请人地址: US CA Sunnyvale
- 专利权人: Narus, Inc.
- 当前专利权人: Narus, Inc.
- 当前专利权人地址: US CA Sunnyvale
- 代理机构: Kwan & Olynick LLP
- 主分类号: G06F15/173
- IPC分类号: G06F15/173 ; H04L12/851
摘要:
A method for classifying network traffic in a network. The method includes obtaining, from an application distribution source, an application distribution data set of comprising information associated with distributing an application from the pre-determined application distribution source, extracting, based on a pre-determined extraction criterion, a token from the application distribution data set of the application, obtaining, from the network traffic, a plurality of flows generated by the application, extracting, in response to detecting the token in a flow of the plurality of flows, context information associated with the token in the flow, and generating an identification rule of the application based on the token and the context information, wherein the identification rule describes one or more rule steps to locate the token in the flow, wherein the network traffic is classified using at least the identification rule.