Dynamic depth inspection
First Claim
Patent Images
1. A method for detecting network threats comprising:
- performing, using at least one processor, a mandatory threat detection procedure on data received via a network;
determining whether to perform at least one of a plurality of optional threat detection procedures on at least a portion of the data, the determination based at least in part on;
resources required for the mandatory threat detection procedure, wherein remaining resources are allocated to the plurality of optional threat detection procedures;
a frequency at which each of the plurality of optional threat detection procedures should be performed; and
a selection criterion that is established to determine probabilistically whether at least one of the plurality of optional threat detection procedures will be performed with respect to a particular set of data; and
performing one or more of the at least one of the plurality of optional threat detection procedures if determined that the one or more of the at least one of the plurality of optional threat detection procedures should be performed.
3 Assignments
0 Petitions
Accused Products
Abstract
Detecting network threats through dynamic depth inspection is disclosed. A mandatory threat detection procedure is performed on data received via a network. It is determined probabilistically whether to perform an optional threat detection procedure on at least a portion of the data. The optional threat detection procedure is then performed if it is determined that it should be performed.
-
Citations
17 Claims
-
1. A method for detecting network threats comprising:
-
performing, using at least one processor, a mandatory threat detection procedure on data received via a network; determining whether to perform at least one of a plurality of optional threat detection procedures on at least a portion of the data, the determination based at least in part on; resources required for the mandatory threat detection procedure, wherein remaining resources are allocated to the plurality of optional threat detection procedures; a frequency at which each of the plurality of optional threat detection procedures should be performed; and a selection criterion that is established to determine probabilistically whether at least one of the plurality of optional threat detection procedures will be performed with respect to a particular set of data; and performing one or more of the at least one of the plurality of optional threat detection procedures if determined that the one or more of the at least one of the plurality of optional threat detection procedures should be performed. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A system for detecting network threats comprising:
-
a communication interface configured to receive data received via a network; and a processor configured to; perform a mandatory threat detection procedure on the data; determining whether to perform at least one of a plurality of optional threat detection procedures on at least a portion of the data, the determination based at least in part on; resources required for the mandatory threat detection procedure, wherein remaining resources are allocated to the plurality of optional threat detection procedures; a frequency at which each of the plurality of optional threat detection procedures should be performed; and a selection criterion that is established to determine probabilistically whether at least one of the plurality of optional threat detection procedures will be performed with respect to a particular set of data; and performing one or more of the at least one of the plurality of optional threat detection procedures if determined that the one or more of the at least one of the plurality of optional threat detection procedures should be performed.
-
-
17. A computer program product for detecting network threats, the computer program product being embodied in a computer readable storage medium and comprising computer instructions for:
-
performing a mandatory threat detection procedure on data received via a network; determining whether to perform at least one of a plurality of optional threat detection procedures on at least a portion of the data, the determination based at least in part on; resources required for the mandatory threat detection procedure, wherein remaining resources are allocated to the plurality of optional threat detection procedures; a frequency at which each of the plurality of optional threat detection procedures should be performed; and a selection criterion that is established to determine probabilistically whether at least one of the plurality of optional threat detection procedures will be performed with respect to a particular set of data; and performing one or more of the at least one of the plurality of optional threat detection procedures if determined that the one or more of the at least one of the plurality of optional threat detection procedures should be performed.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeCA, Inc. (d/b/a CA Technologies) (Broadcom, Inc.)
-
Original AssigneeSymantec Corporation (NortonLifeLock Inc.)
-
InventorsBennett, Jeremy, Hernacki, Brian
-
Primary Examiner(s)Vu; Kimyen
-
Assistant Examiner(s)To; Baotran N
-
Application NumberUS10/994,171Time in Patent Office2,189 DaysField of Search726 22- 25, 713/188, 709/224, 709/226US Class Current726/22CPC Class CodesH04L 63/0227 Filtering policies mail mes...H04L 63/1408 by monitoring network traff...
