Invention Application
- Patent Title: DETECTION OF MALWARE AND MALICIOUS APPLICATIONS
- Patent Title (中): 检测恶意软件和恶意应用程序
-
Application No.: PCT/US2016/034145Application Date: 2016-05-25
-
Publication No.: WO2016191486A1Publication Date: 2016-12-01
- Inventor: MCCGREW, David , ZAWADOWSKIY, Andrew , O'HARA, Donovan , RADHAKRISHNAN, Saravanan , PEVNY, Tomas , WING, Daniel G.
- Applicant: CISCO SYSTEMS, INC.
- Applicant Address: 170 W. Tasman Drive San Jose, California 95134-1706 US
- Assignee: CISCO SYSTEMS, INC.
- Current Assignee: CISCO SYSTEMS, INC.
- Current Assignee Address: 170 W. Tasman Drive San Jose, California 95134-1706 US
- Agency: PARKER, Daniel W. et al.
- Priority: IN2638/CHE/2015 20150526; US14/820,265 20150806
- Main IPC: H04L29/06
- IPC: H04L29/06
Abstract:
A method comprises receiving, at a network infrastructure device, a flow of packets, determining, using the network infrastructure device and for a first subset of the packets, that the first subset corresponds to a first datagram and determining a first length of the first datagram, determining, using the network infrastructure device and for a second subset of the packets, that the second subset corresponds to a second datagram that was received after the first datagram, and determining a second length of the second datagram, determining, using the network infrastructure device, a duration value between a first arrival time of the first datagram and a second arrival time of the second datagram, sending, to a collector device that is separate from the network infrastructure device, the first length, the second length, and the duration value for analysis.
Information query
