System and method for securing a network from zero-day vulnerability exploits
First Claim
Patent Images
1. A method of securing a network from vulnerability exploits, comprising the steps of:
- a traffic analysis engine receiving a plurality of packets destined for an internal operating system;
said traffic analysis engine selectively forwarding said packets to at least one virtual machine emulating said internal operating system;
said virtual machine processing each forwarded packet;
a rapid analysis engine identifying a malicious packet from said processed packets; and
said rapid analysis engine creating a new signature to identify said malicious packet.
3 Assignments
0 Petitions
Accused Products
Abstract
A method of securing a network from vulnerability exploits, including the steps of a traffic analysis engine receiving a plurality of packets destined for an internal operating system; the traffic analysis engine selectively forwarding the packets to at least one virtual machine emulating the internal operating system; the virtual machine processing each forwarded packet; a rapid analysis engine identifying a malicious packet from the processed packets; and the rapid analysis engine creating a new signature to identify the malicious packet.
393 Citations
20 Claims
-
1. A method of securing a network from vulnerability exploits, comprising the steps of:
-
a traffic analysis engine receiving a plurality of packets destined for an internal operating system; said traffic analysis engine selectively forwarding said packets to at least one virtual machine emulating said internal operating system; said virtual machine processing each forwarded packet; a rapid analysis engine identifying a malicious packet from said processed packets; and said rapid analysis engine creating a new signature to identify said malicious packet. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A computer program product comprising:
-
a computer-readable medium comprising; codes for causing a traffic analysis engine to receive a plurality of packets destined for an internal operating system; codes for causing said traffic analysis to selectively forward said packets to at least one virtual machine emulating said internal operating system; codes for causing said virtual machine to process each said packet; codes for causing said rapid analysis engine to identify a malicious packet from said packets being processed; and codes for causing said rapid analysis engine to create a new signature to identify said malicious packet. - View Dependent Claims (16, 17)
-
-
18. A system for securing a network from vulnerability exploits, comprising:
-
at least one virtual machine emulating an internal operating system; a traffic analysis engine, wherein said traffic analysis engine receives a plurality of packets and selectively forwards said packets to said virtual machine; and a rapid analysis engine, wherein said rapid analysis engine monitors said virtual machine and upon said virtual machine failing, said rapid analysis engine identifies a malicious packet being processed on said virtual machine and creates a signature based on said malicious packet. - View Dependent Claims (19, 20)
-
Specification