The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Jan. 10, 2017
Filed:
May. 02, 2013
The Mitre Corporation, McLean, VA (US);
Darrow Paine Leibner, Arlington, VA (US);
Alessandro Paolo Cerruti, Winchester, MA (US);
The Mitre Corporation, McLean, VA (US);
Abstract
Disclosed herein are system, method, and computer program product embodiments for adapting to malware activity on a compromised computer system. An embodiment operates by detecting an active adversary operating malware on a compromised system. A stream of data traffic associated with active adversary is intercepted. The stream of data traffic includes a command and control channel of the active adversary. The stream of data traffic is accessed. An emulation of the command and control channel is provided. An analysis of the accessed stream of traffic is executed. A plurality of response mechanisms is provided. The plurality of response mechanisms is based in part on the analysis of the stream of data traffic and a custom policy language tailored for the malware.