×

Hash-based systems and methods for detecting and preventing transmission of polymorphic network worms and viruses

  • US 8,272,060 B2
  • Filed: 04/18/2010
  • Issued: 09/18/2012
  • Est. Priority Date: 06/19/2000
  • Status: Expired due to Fees
First Claim
Patent Images

1. In a network carrying a plurality of packets over at least one network link, the network including a first network component having memory and a processor and configured to store information in the memory about at least one of the plurality of packets, a method for detecting a target packet comprising:

  • receiving at least one of the plurality of packets over the link to obtain a received packet;

    determining a representation of at least a portion of the received packet;

    identifying a location in the memory;

    associating a value with the location in the memory;

    receiving a query message identifying a target packet at the first network component;

    the first network component using the value associated with the location in the memory in processing the query message to determine if the target packet has been encountered;

    creating a reply if the target packet has been encountered; and

    the first network component making the reply available to the network if the target packet has been encountered;

    wherein the reply is capable of being used as part of a method for locating an intrusion point of the target packet in the network.

View all claims
  • 0 Assignments
Timeline View
Assignment View
    ×
    ×