发明授权
- 专利标题: Method for tracking machines on a network using multivariable fingerprinting of passively available information
- 专利标题(中): 使用被动信息的多变量指纹识别网络上的机器的方法
-
申请号: US12022022申请日: 2008-01-29
-
公开(公告)号: US08176178B2公开(公告)日: 2012-05-08
- 发明人: Scott Thomas , David G. Jones , Alisdair Faulkner
- 申请人: Scott Thomas , David G. Jones , Alisdair Faulkner
- 申请人地址: AU Chatswood NSW
- 专利权人: ThreatMETRIX Pty Ltd
- 当前专利权人: ThreatMETRIX Pty Ltd
- 当前专利权人地址: AU Chatswood NSW
- 代理机构: Kilpatrick Townsend and Stockton LLP
- 主分类号: G06F15/173
- IPC分类号: G06F15/173
摘要:
A method for tracking machines on a network of computers. The method includes determining one or more assertions to be monitored by a first web site which is coupled to a network of computers. The method monitors traffic flowing to the web site through the network of computers and identifies the one or more assertions from the traffic coupled to the network of computers to determine a malicious host coupled to the network of computers. The method includes associating a first IP address and first hardware finger print to the assertions of the malicious host and storing information associated with the malicious host in one or more memories of a database. The method also includes identifying an unknown host from a second web site, determining a second IP address and second hardware finger print with the unknown host, and determining if the unknown host is the malicious host.