首页>
外国专利>
METHODS AND SYSTEMS FOR RECIPROCAL GENERATION OF WATCH-LISTS AND MALWARE SIGNATURES
METHODS AND SYSTEMS FOR RECIPROCAL GENERATION OF WATCH-LISTS AND MALWARE SIGNATURES
展开▼
机译:周期性生成监视列表和恶意软件签名的方法和系统
展开▼
页面导航
摘要
著录项
相似文献
摘要
The present disclosure is directed to methods and systems for reciprocal generation of watch-lists and traffic models characteristic of malicious network activity. In some aspects, the described methods and systems relate to maintaining data for recognition of malicious network activity. In general, the methods include monitoring network traffic; comparing endpoint data from monitored data packets to endpoints in a watch-list of network endpoints and comparing packet data from monitored data packets to traffic models in a catalog of traffic models characterizing malicious network activity; and determining, based on the comparisons, that a set of data packets comprise suspect network activity. The methods include adding a network endpoint to the watch-list when the determination is based on comparing packet data to a traffic model or adding a traffic model to the catalog when the determination is based on comparing endpoint data.
展开▼