The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Aug. 30, 2016
Filed:
Mar. 14, 2013
Fireeye, Inc., Milpitas, CA (US);
Atif Mushtaq, Milpitas, CA (US);
Todd Rosenberry, Milpitas, CA (US);
Ashar Aziz, Milpitas, CA (US);
Ali Islam, Milpitas, CA (US);
FireEye, Inc., Milpitas, CA (US);
Abstract
Techniques may automatically detect bots or botnets running in a computer or other digital device by detecting command and control communications, called 'call-backs,' from malicious code that has previously gained entry into the digital device. Callbacks are detected using a distributed approach employing one or more local analyzers and a central analyzer. The local analyzers capture packets of outbound communications, generate header signatures, and analyze the captured packets using various techniques. The techniques may include packet header signature matching against verified callback signatures, deep packet inspection. The central analyzer receives the header signatures and related header information from the local analyzers, may perform further analysis (for example, on-line host reputation analysis); determines using a heuristics analysis whether the signatures correspond to callbacks; and generally coordinates among the local analyzers.