×

Methods and apparatus to detect risks using application layer protocol headers

  • US 9,135,439 B2
  • Filed: 03/15/2013
  • Issued: 09/15/2015
  • Est. Priority Date: 10/05/2012
  • Status: Active Grant
First Claim
Patent Images

1. A method to analyze network communications, the method comprising:

  • extracting characteristics from a header of a received hypertext transport protocol (HTTP) request;

    determining a length of a user agent field of the header as a first characteristic of the characteristics;

    determining, via a processor, a first score as a first value when the length of the user agent field is less than a length threshold, wherein the first value indicates that the received HTTP request is more likely to be malware;

    determining a second score corresponding to a second characteristic of the characteristics;

    adding the first score and the second score to determine a combined score; and

    indicating that the received HTTP request is malware when the combined score meets a threshold.

View all claims
  • 4 Assignments
Timeline View
Assignment View
    ×
    ×