Heuristic based capture with replay to virtual machine

Invention Grant

US08171553B2 Heuristic based capture with replay to virtual machine 有权

Title translation: 基于启发式捕获，重放到虚拟机

Please log in to see more content

Patent Title: Heuristic based capture with replay to virtual machine
Patent Title (中): 基于启发式捕获，重放到虚拟机
Application No.: US11409355

Application Date: 2006-04-20
Publication No.: US08171553B2

Publication Date: 2012-05-01
Inventor: Ashar Aziz , Adrian Drzewiecki , Ramesh Radhakrishnan , Jayaraman Manni , Muhammad Amin
Applicant: Ashar Aziz , Adrian Drzewiecki , Ramesh Radhakrishnan , Jayaraman Manni , Muhammad Amin
Applicant Address: US CA Milpitas
Assignee: FireEye, Inc.
Current Assignee: FireEye, Inc.
Current Assignee Address: US CA Milpitas
Agency: Carr & Ferrell, LLP
Main IPC: G06F11/30
IPC: G06F11/30 ; G06F12/14

Heuristic based capture with replay to virtual machine

Abstract:

A suspicious activity capture system can comprise a tap configured to copy network data from a communication network, and a controller. The controller is coupled to the tap and is configured to receive the copy of the network data from the tap, analyze the copy of the network data with a heuristic to flag the network data as suspicious, and simulate transmission of the network data to a destination device.

Abstract(Chinese):

可疑活动捕获系统可以包括被配置为从通信网络复制网络数据的分接头和控制器。控制器耦合到抽头，并被配置为从抽头接收网络数据的副本，用启发式分析网络数据的副本以将网络数据标记为可疑，并且模拟网络数据到目的地的传输设备。

Public/Granted literature

US20080005782A1 Heuristic based capture with replay to virtual machine Public/Granted day:2008-01-03

Information query

Espacenet

IPC分类:

G	物理
G06	计算；推算或计数
G06F	电数字数据处理（基于特定计算模型的计算机系统入G06N）
G06F11/00	错误检测；错误校正；监控（在记录载体上作出核对其正确性的方法或装置入G06K5/00；基于记录载体和传感器之间的相对运动而实现的信息存储中所用的方法或装置入G11B，例如G11B20/18；静态存储中所用的方法或装置入G11C29/00）
G06F11/30	.监控