Detection of stealthy malware activities with traffic causality and scalable triggering relation discovery

dc.contributor.assigneeVirginia Tech Intellectual Properties, Inc.en
dc.contributor.departmentComputer Scienceen
dc.contributor.inventorZhang, Haoen
dc.contributor.inventorYao, Danfeng (Daphne)en
dc.date.accessed2019-02-15en
dc.date.accessioned2019-02-26T22:24:00Zen
dc.date.available2019-02-26T22:24:00Zen
dc.date.filed2014-05-01en
dc.date.issued2018-02-06en
dc.description.abstractA computer system for distinguishing user-initiated network traffic from malware-initiated network traffic comprising at least one central processing unit (CPU) and a memory communicatively coupled to the CPU. The memory includes a program code executable by the CPU to monitor individual network events to determine for an individual network event whether the event has a legitimate root-trigger. Malware-initiated traffic is identified as an individual network event that does not have a legitimate root-trigger.en
dc.format.mimetypeapplication/pdfen
dc.identifier.applicationnumber14267422en
dc.identifier.patentnumber9888030en
dc.identifier.urihttp://hdl.handle.net/10919/87831en
dc.identifier.urlhttp://pimg-fpiw.uspto.gov/fdd/30/880/098/0.pdfen
dc.language.isoen_USen
dc.publisherUnited States Patent and Trademark Officeen
dc.subject.cpcG06F21/316en
dc.subject.cpcG06F21/32en
dc.subject.cpcG06F21/566en
dc.subject.cpcG06F21/57en
dc.subject.cpcG06F2221/2133en
dc.subject.cpcH04L63/145en
dc.titleDetection of stealthy malware activities with traffic causality and scalable triggering relation discoveryen
dc.typePatenten
dc.type.dcmitypeTexten
dc.type.patenttypeutilityen
Files
Original bundle
Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
9888030.pdf
Size:
1.31 MB
Format:
Adobe Portable Document Format