09143522 is referenced by 4 patents and cites 107 patents.

In some embodiments, heuristic botnet detection is provided. In some embodiments, heuristic botnet detection includes monitoring network traffic to identify suspicious network traffic; and detecting a bot based on a heuristic analysis of the suspicious network traffic behavior using a processor, in which the suspicious network traffic behavior includes command and control traffic associated with a bot master. In some embodiments, heuristic botnet detection further includes assigning a score to the monitored network traffic, in which the score corresponds to a botnet risk characterization of the monitored network traffic (e.g., based on one or more heuristic botnet detection techniques); increasing the score based on a correlation of additional suspicious behaviors associated with the monitored network traffic (e.g., based on one or more heuristic botnet detection techniques); and determining the suspicious behavior is associated with a botnet based on the score.

Title
Heuristic botnet detection
Application Number
14/18323
Publication Number
9143522 (B2)
Application Date
September 4, 2013
Publication Date
September 22, 2015
Inventor
Huagang Xie
Pleasanton
CA, US
Xinran Wang
San Ramon
CA, US
Agent
Van Pelt Yi & James
Assignee
Palo Alto Networks
CA, US
IPC
H04L 29/08
G06F 21/55
H04L 29/06
G06F 11/00
View Original Source