公开(公告)号：US20150128265A1

公开(公告)日：2015-05-07

申请号：US14070875

申请日：2013-11-04

Applicant: AT&T INTELLECTUAL PROPERTY I, L.P.

Inventor： Roger P. Jover ,  Ilona Murynets

IPC: H04L29/06

CPC classification number: H04L63/1425 ,  H04L63/14 ,  H04L63/1416 ,  H04L63/1441 ,  H04L63/145 ,  H04L2463/144 ,  H04W12/12

Abstract: A system for malware and anomaly detection via activity recognition based on sensor is disclosed. The system may analyze sensor data collected during a selected time period from one or more sensors that are associated with a device. Once the sensor data is analyzed, the system may determine a context of the device when the device is in a connected state. The system may determine the context of the device based on the sensor data collected during the selected time period. The system may also determine if traffic received or transmitted by the device during the connected state is in a white list. Furthermore, the system may transmit an alert if the traffic is determined to not be in the white list or if the context determined for the device indicates that the context does not correlate with the traffic.

Abstract translation: 公开了一种通过基于传感器的活动识别的恶意软件和异常检测系统。 系统可以分析在与设备相关联的一个或多个传感器的选定时间段期间收集的传感器数据。 一旦分析了传感器数据，当设备处于连接状态时，系统可以确定设备的上下文。 系统可以基于在所选择的时间段期间收集的传感器数据来确定设备的上下文。 系统还可以确定在连接状态期间由设备接收或发送的业务是白名单。 此外，如果业务被确定为不在白名单中，或者如果为设备确定的上下文指示上下文与业务不相关，则系统可以发送警报。

公开(公告)号：US10516686B2

公开(公告)日：2019-12-24

申请号：US15620495

申请日：2017-06-12

Applicant: AT&T Intellectual Property I, L.P.

Inventor： Roger P. Jover ,  Ilona Murynets

IPC: H04L29/06 ,  H04W12/12 ,  H04W12/00

Abstract: A system for malware and anomaly detection via activity recognition based on sensor is disclosed. The system may analyze sensor data collected during a selected time period from one or more sensors that are associated with a device. Once the sensor data is analyzed, the system may determine a context of the device when the device is in a connected state. The system may determine the context of the device based on the sensor data collected during the selected time period. The system may also determine if traffic received or transmitted by the device during the connected state is in a white list. Furthermore, the system may transmit an alert if the traffic is determined to not be in the white list or if the context determined for the device indicates that the context does not correlate with the traffic.

公开(公告)号：US20170279842A1

公开(公告)日：2017-09-28

申请号：US15620495

申请日：2017-06-12

Applicant: AT&T Intellectual Property I, L.P.

Inventor： Roger P. Jover ,  Ilona Murynets

IPC: H04L29/06 ,  H04W12/12

CPC classification number: H04L63/1425 ,  H04L63/14 ,  H04L63/1416 ,  H04L63/1441 ,  H04L63/145 ,  H04L2463/144 ,  H04W12/00504 ,  H04W12/00508 ,  H04W12/12 ,  H04W12/1208

Abstract: A system for malware and anomaly detection via activity recognition based on sensor is disclosed. The system may analyze sensor data collected during a selected time period from one or more sensors that are associated with a device. Once the sensor data is analyzed, the system may determine a context of the device when the device is in a connected state. The system may determine the context of the device based on the sensor data collected during the selected time period. The system may also determine if traffic received or transmitted by the device during the connected state is in a white list. Furthermore, the system may transmit an alert if the traffic is determined to not be in the white list or if the context determined for the device indicates that the context does not correlate with the traffic.

公开(公告)号：US09680854B2

公开(公告)日：2017-06-13

申请号：US15132219

申请日：2016-04-18

Applicant: AT&T Intellectual Property I, L.P.

Inventor： Roger P. Jover ,  Ilona Murynets

IPC: G06F11/00 ,  H04L29/06

CPC classification number: H04L63/1425 ,  H04L63/14 ,  H04L63/1416 ,  H04L63/1441 ,  H04L63/145 ,  H04L2463/144 ,  H04W12/12

Abstract: A system for malware and anomaly detection via activity recognition based on sensor is disclosed. The system may analyze sensor data collected during a selected time period from one or more sensors that are associated with a device. Once the sensor data is analyzed, the system may determine a context of the device when the device is in a connected state. The system may determine the context of the device based on the sensor data collected during the selected time period. The system may also determine if traffic received or transmitted by the device during the connected state is in a white list. Furthermore, the system may transmit an alert if the traffic is determined to not be in the white list or if the context determined for the device indicates that the context does not correlate with the traffic.

公开(公告)号：US09319423B2

公开(公告)日：2016-04-19

申请号：US14070875

申请日：2013-11-04

Applicant: AT&T INTELLECTUAL PROPERTY I, L.P.

Inventor： Roger P. Jover ,  Ilona Murynets

IPC: G06F11/00 ,  H04L29/06

CPC classification number: H04L63/1425 ,  H04L63/14 ,  H04L63/1416 ,  H04L63/1441 ,  H04L63/145 ,  H04L2463/144 ,  H04W12/12

Abstract: A system for malware and anomaly detection via activity recognition based on sensor is disclosed. The system may analyze sensor data collected during a selected time period from one or more sensors that are associated with a device. Once the sensor data is analyzed, the system may determine a context of the device when the device is in a connected state. The system may determine the context of the device based on the sensor data collected during the selected time period. The system may also determine if traffic received or transmitted by the device during the connected state is in a white list. Furthermore, the system may transmit an alert if the traffic is determined to not be in the white list or if the context determined for the device indicates that the context does not correlate with the traffic.

Abstract translation: 公开了一种通过基于传感器的活动识别的恶意软件和异常检测系统。 系统可以分析在与设备相关联的一个或多个传感器的选定时间段期间收集的传感器数据。 一旦分析了传感器数据，当设备处于连接状态时，系统可以确定设备的上下文。 系统可以基于在所选择的时间段期间收集的传感器数据来确定设备的上下文。 系统还可以确定在连接状态期间由设备接收或发送的业务是白名单。 此外，如果业务被确定为不在白名单中，或者如果为设备确定的上下文指示上下文与业务不相关，则系统可以发送警报。