The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Aug. 20, 2024
Filed:
Jun. 01, 2022
At&t Intellectual Property I, L.p., Atlanta, GA (US);
Srivathsan Srinivasagopalan, Bee Cave, TX (US);
Ganesh Subramaniam, Bridgewater, NJ (US);
AT&T Intellectual Property I, L.P., Atlanta, GA (US);
Abstract
A method includes acquiring a plurality of hypertext transfer protocol (HTTP) session packets associated with activities of a plurality of known Trojans, wherein all of the Trojans are identified by a common signature identifier, extracting a plurality of request packets from the session packets, identifying a plurality of suspicious request packets within the plurality of request packets, grouping the plurality of suspicious request packets into a plurality of subsets, computing a centroid of one subset of the plurality of subsets, identifying a representative packet for the subset, wherein the representative packet is identified based on the centroid, and generating a signature for the one subset, based on the representative packet, wherein the signature is deployable by an intrusion detection system to detect an instance of a Trojan of the plurality of known Trojans.