×

System and method of detecting delivery of malware based on indicators of compromise from different sources

  • US 9,609,007 B1
  • Filed: 06/06/2016
  • Issued: 03/28/2017
  • Est. Priority Date: 08/22/2014
  • Status: Active Grant
First Claim
Patent Images

1. An electronic device, comprising:

  • a communication interface;

    a processor coupled to the communication interface; and

    a memory coupled to the processor, the memory includesa first logic that, when executed by the processor, organizes (i) a set of indicators of compromise (IOCs) received from a first source via the communication interface, where the set of IOCs have been caused by a known malware associated with a first message type, and (ii) one or more IOCs received from a second source via the communication interface, the second source being different from the first source where a cause of the one or more IOCs is unknown, anda second logic that, when executed by the processor, (i) conducts a predictive analysis that evaluates whether the one or more IOCs have a prescribed degree of correlation with the set of IOCs caused by the known malware associated with the first message type, and (ii) determine a threat level, which signifies a degree of confidence that the one or more IOCs received from the second source are caused by the known malware.

View all claims
  • 7 Assignments
Timeline View
Assignment View
    ×
    ×