Malware containment on connection
First Claim
1. A malware containment method comprising:
- detecting a digital device upon connection with a communication network;
temporarily redirecting network data from the digital device until a predetermined period of time expires by configuring a network switch of the communication network to direct the network data from the digital device to a controller coupled to the communication network;
analyzing the temporarily redirected network data during the predetermined period of time to detect malware within the digital device, including configuring a virtual machine to receive the network data and analyzing a response of the virtual machine to the network data within the virtual machine to identify a malware attack; and
transmitting the network data to an intended recipient if no malware attack has been identified within the predetermined period of time.
7 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for malware containment on connection are provided. Digital devices are quarantined for a predetermined period of time upon connection to the communication network. When a digital device is quarantined, all network data transmitted by the digital device is temporarily directed to a controller which then analyzes the network data to identify unauthorized activity and/or malware within the newly connected digital device. An exemplary method to contain malware comprises detecting a digital device upon connection with a communication network, temporarily redirecting network data from the digital device for a predetermined period of time, and analyzing the network data to identify malware within the digital device.
-
Citations
25 Claims
-
1. A malware containment method comprising:
-
detecting a digital device upon connection with a communication network; temporarily redirecting network data from the digital device until a predetermined period of time expires by configuring a network switch of the communication network to direct the network data from the digital device to a controller coupled to the communication network; analyzing the temporarily redirected network data during the predetermined period of time to detect malware within the digital device, including configuring a virtual machine to receive the network data and analyzing a response of the virtual machine to the network data within the virtual machine to identify a malware attack; and transmitting the network data to an intended recipient if no malware attack has been identified within the predetermined period of time. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 23, 25)
-
-
11. A malware containment system comprising:
-
memory to store instructions; and a controller for containing malware comprising; a quarantine module configured to execute instructions stored in memory to detect a digital device upon connection with a communication network and temporarily redirect network data from the digital device until a predetermined period of time expires, including configuring a network switch of the communication network to direct the network data from the digital device to the controller; and a policy engine configured to analyze the temporarily redirected network data during the predetermined period of time to detect malware within the digital device, including configuring a virtual machine to receive the network data and analyzing a response of the virtual machine to the network data within the virtual machine to identify a malware attack, wherein the controller is to transmit the network data to an intended recipient if no malware attack has been identified within the predetermined period of time. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 24)
-
-
20. A non-transitory machine readable medium having embodied thereon executable code, the executable code being executable by a processor for performing a malware containment method, the method comprising:
-
detecting a digital device upon connection with a communication network; temporarily redirecting network data from the digital device until a predetermined period of time expires by configuring a network switch of the communication network to direct the network data from the digital device to a controller coupled to the communication network; analyzing the temporarily redirected network data during the predetermined period of time to detect malware within the digital device, including configuring a virtual machine to receive the network data and analyzing a response of the virtual machine to the network data within the virtual machine to identify a malware attack; and transmitting the network data to an intended recipient if no malware attack has been identified within the predetermined period of time. - View Dependent Claims (21, 22)
-
Specification