Apparatus, system and method for identifying and mitigating malicious network threats
First Claim
Patent Images
1. A system for identifying malicious threats on a network comprising:
- a computing device including a processor coupled to a system memory, the system memory storing instructions for execution on the processor, the instructions configured to cause the processor to;
retrieve a network data associated with at least one of an IP address or a domain, wherein the network data comprises information indicating an amount of data transceived by at least one element of the network;
analyze the network data and identify a malicious network threat, including identifying at least one bot command computer by tracing at least some of the data transceived by the at least one element of the network to a bot, and then tracing communications between the bot and the bot command computer;
push a notification including a mitigating action for the malicious network threat to a third party device; and
cause the mitigating action to be performed to neutralize the malicious network threat.
1 Assignment
0 Petitions
Accused Products
Abstract
Implementations of the present disclosure involve a system and/or method for identifying and mitigating malicious network threats. Network data associated is retrieved from various sources across a network and analyzed to identify a malicious network threat. When a threat is found, the system performs a mitigating action to neutralize the malicious network threat.
-
Citations
16 Claims
-
1. A system for identifying malicious threats on a network comprising:
a computing device including a processor coupled to a system memory, the system memory storing instructions for execution on the processor, the instructions configured to cause the processor to; retrieve a network data associated with at least one of an IP address or a domain, wherein the network data comprises information indicating an amount of data transceived by at least one element of the network; analyze the network data and identify a malicious network threat, including identifying at least one bot command computer by tracing at least some of the data transceived by the at least one element of the network to a bot, and then tracing communications between the bot and the bot command computer; push a notification including a mitigating action for the malicious network threat to a third party device; and cause the mitigating action to be performed to neutralize the malicious network threat. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
9. A method for identifying malicious threats on a network comprising:
-
retrieving a network data associated with at least one of an IP address or a domain, wherein the network data comprises information indicating an amount of data transceived by at least one element of the network; analyzing the network data to identify a malicious network threat, including identifying at least one bot command computer by tracing at least some of the data transceived by the at least one element of the network to a bot, and then tracing communications between the bot and the bot command computer; pushing a notification including a mitigating action for the malicious network threat to a third party device; and causing the mitigating action to be performed to neutralize the malicious network threat. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
Specification