The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Jul. 08, 2014
Filed:
Jun. 30, 2006
John Feaver, Oakhurst, NJ (US);
Tony Hansen, South Amboy, NJ (US);
John Feaver, Oakhurst, NJ (US);
Tony Hansen, South Amboy, NJ (US);
AT&T Intellectual Property II, L.P., Atlanta, GA (US);
Abstract
Disclosed is a method and system for detecting a zombie attack in a network having a plurality of computers. The method and system include a network analysis module for determining, for each computer, a working set of email addresses associated with emails sent by each computer. A zombie attack is detected by determining at least one of: 1) at least one computer in the plurality is transmitting more than a threshold rate of emails, 2) that at least one of the computers is transmitting more than a first threshold number of emails to email addresses outside of its associated working set, 3) that a first threshold number of computers in the plurality are transmitting email messages to email addresses outside of their associated working set, and 4) that more than a second threshold number of computers are transmitting more than a second threshold number of emails to a recipient computer.