The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Feb. 05, 2019
Filed:
Sep. 21, 2016
Symantec Corporation, Mountain View, CA (US);
Michael Sylvester Pukish, Santa Clara, CA (US);
Zhipeng Zhao, Sunnyvale, CA (US);
Ernest Mugambi, Dublin, CA (US);
Symantec Corporation, Mountain View, CA (US);
Abstract
The disclosed computer-implemented method for detecting obscure cyclic application-layer message sequences in transport-layer message sequences may include (i) collecting a composite sequence of transport-layer messages that are exchanged between a first computing device and a second computing device over a single long-standing transport-layer connection, (ii) constructing a sequence graph from the composite sequence, (iii) traversing the sequence graph to discover a first obscure cyclic sequence of application-layer messages in the composite sequence, and (iv) performing a security action using a representation of the first obscure cyclic sequence. In some examples, the composite sequence may include the first obscure cyclic sequence and a second obscure cyclic sequence of application-layer messages that were exchanged by the first computing device and the second computing device, and each message in the composite sequence may include a distinguishing feature. Various other methods, systems, and computer-readable media are also disclosed.