-
公开(公告)号:US11316878B2
公开(公告)日:2022-04-26
申请号:US16057143
申请日:2018-08-07
Applicant: Verint Systems Ltd.
Inventor: Yuval Altman , Assaf Yosef Kere , Ido Krupkin , Pinhas Rozenblum
Abstract: Systems and methods for malware detection techniques, which detect malware by identifying the C&C communication between the malware and the remote host. In particular, the disclosed techniques distinguish between request-response transactions that carry C&C communication and request-response transactions of innocent traffic. Individual request-response transactions may be analyzed rather than entire flows, and fine-granularity features examined within the transactions. As such, these methods and systems are highly effective in distinguishing between malware C&C communication and innocent traffic, i.e., in detecting malware with high detection probability and few false alarms.
-
公开(公告)号:US20130347114A1
公开(公告)日:2013-12-26
申请号:US13874339
申请日:2013-04-30
Applicant: Verint Systems Ltd.
Inventor: Yuval Altman , Assaf Yosef Kere , Ido Krupkin , Pinhas Rozenblum
IPC: G06F21/56
CPC classification number: G06F21/56 , G06F21/52 , G06F21/566 , H04L63/1425
Abstract: Systems and methods for malware detection techniques, which detect malware by identifying the C&C communication between the malware and the remote host. In particular, the disclosed techniques distinguish between request-response transactions that carry C&C communication and request-response transactions of innocent traffic. Individual request-response transactions may be analyzed rather than entire flows, and fine-granularity features examined within the transactions. As such, these methods and systems are highly effective in distinguishing between malware C&C communication and innocent traffic, i.e., in detecting malware with high detection probability and few false alarms.
Abstract translation: 用于恶意软件检测技术的系统和方法,通过识别恶意软件和远程主机之间的C&C通信来检测恶意软件。 特别地,所公开的技术区分携带C&C通信和无辜流量的请求 - 响应交易的请求 - 响应事务。 可以分析单独的请求 - 响应事务,而不是整个流程,以及在事务中检查的细粒度特征。 因此,这些方法和系统在区分恶意软件C&C通信和无害流量(即,以高检测概率和少量虚假警报)检测恶意软件方面是非常有效的。
-
公开(公告)号:US20190034631A1
公开(公告)日:2019-01-31
申请号:US16057143
申请日:2018-08-07
Applicant: Verint Systems Ltd.
Inventor: Yuval Altman , Assaf Yosef Kere , Ido Krupkin , Pinhas Rozenblum
Abstract: Systems and methods for malware detection techniques, which detect malware by identifying the C&C communication between the malware and the remote host. In particular, the disclosed techniques distinguish between request-response transactions that carry C&C communication and request-response transactions of innocent traffic. Individual request-response transactions may be analyzed rather than entire flows, and fine-granularity features examined within the transactions. As such, these methods and systems are highly effective in distinguishing between malware C&C communication and innocent traffic, i.e., in detecting malware with high detection probability and few false alarms.
-
公开(公告)号:US10061922B2
公开(公告)日:2018-08-28
申请号:US13874339
申请日:2013-04-30
Applicant: Verint Systems Ltd.
Inventor: Yuval Altman , Assaf Yosef Kere , Ido Krupkin , Pinhas Rozenblum
CPC classification number: G06F21/56 , G06F21/52 , G06F21/566 , H04L63/1425
Abstract: Systems and methods for malware detection techniques, which detect malware by identifying the C&C communication between the malware and the remote host. In particular, the disclosed techniques distinguish between request-response transactions that carry C&C communication and request-response transactions of innocent traffic. Individual request-response transactions may be analyzed rather than entire flows, and fine-granularity features examined within the transactions. As such, these methods and systems are highly effective in distinguishing between malware C&C communication and innocent traffic, i.e., in detecting malware with high detection probability and few false alarms.
-
-
-
Search Results
4
records
(took 0.022 seconds)
