×

Vulnerability detection based on aggregated primitives

  • US 9,231,964 B2
  • Filed: 04/14/2009
  • Issued: 01/05/2016
  • Est. Priority Date: 04/14/2009
  • Status: Active Grant
First Claim
Patent Images

1. A computer based vulnerability detection system comprising:

  • an interface of a computer configured to receive a plurality of network messages, each of the plurality of network messages including a network message payload;

    a translation module of the computer executable by the computer to translate each of the network message payloads into one or more primitives;

    an aggregation module of the computer configured to aggregate each of the network message payloads, including aggregating primitives of a first primitive data type and primitives of a second primitive data type, wherein the first primitive data type and the second primitive data type are different primitive data types, to produce aggregated primitives;

    an analysis module of the computer configured to generate an analysis outputupon identifying a match between the aggregated primitives and a policy, wherein a difference between a first value in the aggregated primitives and a second value in the aggregated primitives is identified by the policy as an indication of a threat, wherein the first value is associated with a first primitive corresponding to a first network message payload and wherein the second value is associated with a second primitive corresponding to a second network message payload; and

    an enforcement module configured to generate a security alert based on the analysis output.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×