The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Dec. 02, 2014
Filed:
Sep. 27, 2011
Roy Hodgman, Wenham, MA (US);
Roy Hodgman, Wenham, MA (US);
EMC Corporation, Hopkinton, MA (US);
Abstract
Improved techniques of identifying a malicious communication involve a lightweight evaluator obtaining a domain name directly from a network transmission. The lightweight evaluator performs a query of the domain name on a database of known network transactions. Results of the query include IP addresses to which the domain name has resolved in prior transactions and Time To Live (TTL) values for each of those IP addresses. To such results of the query, the lightweight evaluator applies a set of heuristics which are arranged to determine whether the domain name could plausibly be a FFDN. Based on the result of the application of the heuristics to the domain name, the lightweight evaluator sends to a backend evaluator the domain name and a command to confirm whether the domain name is a FFDN.