×

Traffic anomaly analysis for the detection of aberrant network code

  • US 20070064617A1
  • Filed: 09/16/2005
  • Published: 03/22/2007
  • Est. Priority Date: 09/15/2005
  • Status: Active Grant
First Claim
Patent Images

1. A method for detecting nodes of an enterprise network infected with aberrant code, the method comprising the steps of:

  • obtaining traffic conversation information representative of traffic conversation in the enterprise network over an analysis period;

    determining normal behavior associated with one or more traffic conversation factors from the traffic conversation information; and

    analyzing the traffic conversation information to identify nodes of the enterprise network that exhibit behavior outside of the normal behavior associated with the one or more traffic conversation factors as suspected infected nodes.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×