| 发明名称 |
SYSTEM FOR ANONYMOUSLY DETECTING AND BLOCKING THREATS WITHIN A TELECOMMUNICATIONS NETWORK |
| 摘要 |
A system is provided for anonymously detecting and blocking threats within a telecommunications network. A network analyzer of the system may intercept traffic, or receive log files, related to traffic that passes over the network, collect metadata that includes values of data attributes associated with the traffic, interpret the metadata and therefrom generate and transmit a request for an associated threat score for the value of a data attribute, and receive the associated threat score and based thereon initiate a block or redirection of the traffic. A score requestor of the system may receive and serve the request by either returning the score from local storage or otherwise, generating and transmitting a secondary request to a scoring engine configured to calculate the associated threat score and the associated threat score to the score requestor to return to the network analyzer. |
| 申请公布号 |
US2016359900(A1) |
申请公布日期 |
2016.12.08 |
| 申请号 |
US201615174775 |
申请日期 |
2016.06.06 |
| 申请人 |
Dark3, LLC |
发明人 |
Crisler Vincent Owen;Payton Theresa Marie |
| 分类号 |
H04L29/06;H04L12/26 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A network analyzer of a system for anonymously detecting and blocking threats within a telecommunications network, the system including the network analyzer, a score requestor and a scoring engine distributed within the telecommunications network, the network analyzer comprising a processor and a memory storing executable instructions that, in response to execution by the processor, cause the network analyzer to at least:
intercept traffic, or receive a log file related to traffic, that passes over the telecommunications network; collect metadata including values of data attributes associated with the traffic based on the traffic so intercepted or log files so received; interpret the metadata and therefrom generate a request for an associated threat score for the value of a data attribute of the data attributes, the request including at least the value of the data attribute; transmit the request to a score requestor configured to serve the request from a local storage in an instance in which the associated threat score is locally stored after having been previously requested by another network analyzer, or otherwise serve the request from the scoring engine based on a secondary request without the value and instead including a transformation of the value to remove any portion from which the network analyzer is identifiable; and receive the associated threat score from the score requestor and based thereon initiate a block or redirection of the traffic. |
| 地址 |
Alexandria VA US |
