| 发明名称 | Stealth network attack monitoring | ||
| 摘要 | A particular failed connection attempt initiated by a particular source asset in a network is identified and subsequent failed connection attempts initiated by the particular source asset in the network during a time period are tracked. A low frequency sequence of failed connection attempts involving the particular source asset is detected during the time period and the source asset is designated as a potential security risk based on the detected low frequency sequence of failed connection attempts. | ||
| 申请公布号 | US9172715(B2) | 申请公布日期 | 2015.10.27 |
| 申请号 | US201314060062 | 申请日期 | 2013.10.22 |
| 申请人 | McAfee, Inc. | 发明人 | Mahadik Vinay;Madhusudan Bharath;Buruganahalli Shivakumar;Vissamsetty Venu |
| 分类号 | G06F11/00;H04L29/06 | 主分类号 | G06F11/00 |
| 代理机构 | Patent Capital Group | 代理人 | Patent Capital Group |
| 主权项 | 1. At least one machine accessible storage medium having instructions stored thereon, the instructions when executed on a machine, cause the machine to: identify a particular failed connection attempt initiated by a particular source asset in a network; track subsequent failed connection attempts initiated by the particular source asset in the network during a time period; determine whether the subsequent failed connection attempts during the time period correspond to a low frequency failed connection attempt rate corresponding to an attempted stealth attack, wherein the stealth attack is characterized by a low frequency series of connection attempts; and designate the source asset as a potential security risk based on a determination that the subsequent failed connection attempts correspond to the low frequency failed connection attempt rate. | ||
| 地址 | Santa Clara CA US | ||