发明名称 Method of detecting compromised computers in a network
摘要 A method of detecting a compromised machine on a network. The method receives an email message from a machine on the network and classifies it as either spam or non-spam. A probability ratio is then updated, according to whether the message was spam or non-spam, by applying a sequential probability ratio test. If the probability ratio is greater than or equal to a first threshold, then the machine is compromised. If the probability ratio is less than or equal to a second threshold, then the machine is normal. The operations of receiving a message, classifying the message, updating the probability ratio, and indicating the machine is normal or compromised until the probability ratio is greater than or equal to the first threshold are repeated for a plurality of messages. Such repeated operations are performed on each of the messages one at a time, as each of the messages is received.
申请公布号 US8601081(B1) 申请公布日期 2013.12.03
申请号 US201213632400 申请日期 2012.10.01
申请人 THE FLORIDA STATE UNIVERSITY RESEARCH FOUNDATION,INC. 发明人 DUAN ZHENHAI;CHEN PENG
分类号 G06F15/16;G06F11/30;H04L29/08 主分类号 G06F15/16
代理机构 代理人
主权项
地址