×

Methods for identifying self-replicating threats using historical data

  • US 20070089172A1
  • Filed: 10/14/2005
  • Published: 04/19/2007
  • Est. Priority Date: 10/14/2005
  • Status: Abandoned Application
First Claim
Patent Images

1. A computer-implemented method of ascertaining an infected node in a network of nodes, comprising:

  • providing a repository for storing network flow data among at least a plurality of said nodes, said repository being operatively coupled to said network to permit said repository to acquire said network flow data;

    storing at said repository first network flow data among said at least a plurality of nodes, said first network flow data including a plurality of source addresses and corresponding destination addresses for a plurality of data flows; and

    analyzing said first network flow data at said repository to ascertain communication abnormalities that indicate whether any of said plurality of nodes is infected.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×