Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Malware and exploit campaign detection system and method

a detection system and campaign technology, applied in the field of malware and exploit campaign detection system and method, can solve the problem of limiting the country of origin of the ip address

Inactive Publication Date: 2017-02-23
NSS LABS
View PDF6 Cites 21 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

The invention is a system called BaitNET which helps to identify and analyze malicious software. It uses virtual private networks to hide its presence and can identify the locations and capabilities of malicious software campaigns. The system is also able to predict which applications are being targeted by malware. BaitNET can be used as a testing platform for other products and can locate and monitor malware across the globe. Overall, BaitNET helps to improve security and prevent malicious software from causing harm.

Problems solved by technology

Two, many malware campaigns limit their targets by geo-location, which is often tracked via IP Address. E.g., Malware-infected servers often limit themselves to only infecting one (1) computer from any given masked IP address, and may limit the country of origin of the IP addresses that they will infect.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malware and exploit campaign detection system and method
  • Malware and exploit campaign detection system and method
  • Malware and exploit campaign detection system and method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0017]The system and method for malware and exploit campaign detection (known as BaitNET) is designed to seek out, detect, itemize, and retest active URLs serving drive-by exploits. BaitNET is a multi-leveled application operating within the kernel and user layers of the operating system that make it unique when compared to similar technologies utilized to detect and prevent malware.

[0018]Note that the distinction is important—malware is the payload that is delivered by an exploit. There are literally hundreds of thousands of malware samples in the wild, and it is a trivial matter to obfuscate these or morph them into something new. In contrast, there are only a few hundred active exploits in the wild at any given point in time—the exploit is the mechanism whereby the threat actor compromises the system in order to deliver and execute the malware. By identifying and blocking exploits, BaitNET moves further up the kill chain from traditional malware protection products and provides m...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A malware and exploit campaign detection system and method are provided that cannot be detected by the malware or exploit campaign. The system may provide threat feed data to the vendors that produce in-line network security and end point protection (anti virus) technologies. The system may also be used as a testing platform for 3rd party products. Due to the massive footprint of the system's cloud infrastructure and disparate network connections and geo-location obfuscation techniques, NSS can locate and monitor malware across the globe and provide detailed threat analysis for each specific region, as they often support and host different malware / cybercrime campaigns.

Description

PRIORITY CLAIMS / RELATED APPLICATIONS[0001]This application claims priority under 35 USC 120 and is a continuation in part of U.S. patent application Ser. No. 14 / 482,696, filed Sep. 10, 2014 and titled “MALWARE AND EXPLOIT CAMPAIGN DETECTION SYSTEM AND METHOD” that in turn claims priority under 35 USC 120 and the benefit under 35 USC 119(e) to U.S. Provisional Patent Application Ser. No. 61 / 876,704 filed Sep. 11, 2013 and entitled “Malware And Exploit Campaign Detection System And Method”, the entirety of both of which are incorporated herein by reference.BACKGROUND[0002]Intrinsically modern drive-by-exploitation and malware campaigns are growing in sophistication related to obfuscation, deployment, and execution in an effort to avoid detection and analysis by security researchers, and modern security systems and software. Anti-virus (AV) systems, such as endpoint protection platforms (EPPs), as well as breach detection services (BDS) employ virtual “sandboxes” or “honey nets” that o...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(United States)
IPC IPC(8): H04L29/06G06F17/30
CPCH04L63/1491H04L63/0272G06F17/30864H04L63/1416G06F21/53G06F21/566H04L63/1466G06F16/951G06F21/56
Inventor SAHER, MOHAMEDPATHAK, JAYENDRAELGARHY, AHMED
Owner NSS LABS
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com