Invention Application
US20160308892A1 DISTRIBUTED TRAFFIC PATTERN ANALYSIS AND ENTROPY PREDICTION FOR DETECTING MALWARE IN A NETWORK ENVIRONMENT
审中-公开
分布式交通图案分析和熵预测,用于检测网络环境中的恶意软件
- Patent Title: DISTRIBUTED TRAFFIC PATTERN ANALYSIS AND ENTROPY PREDICTION FOR DETECTING MALWARE IN A NETWORK ENVIRONMENT
- Patent Title (中): 分布式交通图案分析和熵预测,用于检测网络环境中的恶意软件
-
Application No.: US15193188Application Date: 2016-06-27
-
Publication No.: US20160308892A1Publication Date: 2016-10-20
- Inventor: Dirk Hohndel , Adriaan van de Ven
- Applicant: Intel Corporation
- Applicant Address: US CA Santa Clara
- Assignee: Intel Corporation
- Current Assignee: Intel Corporation
- Current Assignee Address: US CA Santa Clara
- Main IPC: H04L29/06
- IPC: H04L29/06
Abstract:
Technologies are provided in embodiments to detect malware. Embodiments are to receive context information related to a potentially affected system, create a prediction of normal traffic based, at least in part, on the received context information, compare network traffic associated with the potentially affected system to the prediction of normal traffic, and take an action based, at least in part, on the comparison. The action may be taken if the network traffic is not within an acceptable deviation range of the prediction of normal traffic or the action may be taken based on a degree of deviation of the network traffic from the prediction of normal traffic. The acceptable deviation range and the degree of deviation are based, at least in part, on a type of network traffic. The acceptable deviation range and the degree of deviation are based, at least in part, on a volume of network traffic.
Public/Granted literature
- US10027695B2 Distributed traffic pattern analysis and entropy prediction for detecting malware in a network environment Public/Granted day:2018-07-17
Information query
