×

Distributed malware detection system and submission workflow thereof

  • US 10,616,266 B1
  • Filed: 09/30/2016
  • Issued: 04/07/2020
  • Est. Priority Date: 03/25/2016
  • Status: Active Grant
First Claim
Patent Images

1. A computerized method performed by a distributed malware detection system, the method comprising:

  • intercepting, by a sensor operating as a network device, traffic in a first network;

    performing, by the sensor, a preliminary analysis on each of a plurality of objects extracted from the traffic to identify one or more suspicious objects included in the traffic and store metadata associated with the one or more suspicious objects, the one or more suspicious objects include a first suspicious object;

    sending, by the sensor, over a second network, at least the first suspicious object and metadata associated with the first suspicious object to an analysis coordinator of a first computing node of a plurality of computing nodes forming a cluster, the cluster includes the plurality of computing nodes interconnected by a third network;

    performing, by an object analyzer of a second computing node of the plurality of computing nodes deployed as part of the cluster, a malware analysis on the first suspicious object of the one or more suspicious objects received by the cluster, the second computing node being different from the first computing node;

    sending, over the second network, results of the malware analysis to the sensor; and

    sending, by the sensor to a management system, security information associated with at least the first suspicious object in the event the malware analysis indicates the first suspicious object is associated with a cybersecurity attack.

View all claims
  • 7 Assignments
Timeline View
Assignment View
    ×
    ×