ANALYSIS OF HISTORICAL NETWORK TRAFFIC TO IDENTIFY NETWORK VULNERABILITIES

Methods and apparatus consistent with the present disclosure may be used after a computer network has been successfully attacked by new malicious program code. Such methods may include collecting data from computers that have been affected by the new malicious program code and this data may be used...

Full description

Saved in:
Bibliographic Details
Main Authors Duo, Zhuangzhi, Dhablania, Atul
Format Patent
LanguageEnglish
Published 03.06.2021
Subjects
Online AccessGet full text

Cover

Loading…
More Information
Summary:Methods and apparatus consistent with the present disclosure may be used after a computer network has been successfully attacked by new malicious program code. Such methods may include collecting data from computers that have been affected by the new malicious program code and this data may be used to identify a type of damage performed by the new malicious code. The collected data may also include a copy of the new malicious program code. Methods consistent with the present disclosure may also include allowing the new malicious program code to execute at an isolated computer while actions and instructions that cause the damage are identified. Signatures may be generated from the identified instructions after which the signatures or data that describes the damaging actions are provided to computing resources such that those resources can detect the new malware program code.
Bibliography:Application Number: US202017111414