1
Ashar Aziz, Adrian Drzewiecki, Ramesh Radhakrishnan, Jayaraman Manni, Muhammad Amin: Heuristic based capture with replay to virtual machine. FireEye, Carr & Ferrell, May 1, 2012: US08171553 (134 worldwide citation)

A suspicious activity capture system can comprise a tap configured to copy network data from a communication network, and a controller. The controller is coupled to the tap and is configured to receive the copy of the network data from the tap, analyze the copy of the network data with a heuristic t ...


2
Ashar Aziz, Wei Lung Lai, Jayaraman Manni: Malware containment on connection. FireEye, Blakely Sokoloff Taylor & Zafman, October 22, 2013: US08566946 (126 worldwide citation)

Systems and methods for malware containment on connection are provided. Digital devices are quarantined for a predetermined period of time upon connection to the communication network. When a digital device is quarantined, all network data transmitted by the digital device is temporarily directed to ...


3
Ashar Aziz: Computer worm defense system and method. FireEye, Carr & Ferrell, August 23, 2011: US08006305 (126 worldwide citation)

A computer worm defense system comprises multiple containment systems tied together by a management system. Each containment system is deployed on a separate communication network and contains a worm sensor and a blocking system. Computer worm identifiers generated by a worm sensor of one containmen ...


4
Ashar Aziz: System and method of detecting computer worms. FireEye, Blakely Sokoloff Taylor & Zafman, September 3, 2013: US08528086 (123 worldwide citation)

A computer worm detection system orchestrates a sequence of network activities in a computer network and monitors the computer network to identify an anomalous behavior of the computer network. The computer worm detection system then determines whether the anomalous behavior is caused by the compute ...


5
Ashar Aziz, Wei Lung Lai, Jayaraman Manni: Malware containment and security analysis on connection. FireEye, Blakely Sokoloff Taylor & Zafman, September 17, 2013: US08539582 (120 worldwide citation)

Systems and methods for malware containment and security analysis on connection are provided. Digital devices are quarantined for a predetermined period of time upon connection to the communication network. When a digital device is quarantined, all network data transmitted by the digital device is d ...


6
Ashar Aziz, Ramesh Radhakrishnan, Osman Ismael: Virtual machine with dynamic data flow analysis. FireEye, Blakely Sokoloff Taylor & Zafman, November 12, 2013: US08584239 (119 worldwide citation)

A suspicious activity capture system can comprise a tap configured to copy network data from a communication network, and a controller coupled to the tap. The controller is configured to receive the copy of the network data from the tap, analyze the copy of the network data with a heuristic to deter ...


7
Ashar Aziz, Ramesh Radhakrishnan, Wei Lung Lai, Jayaraman Manni: Dynamic signature creation and enforcement. FireEye, Blakely Sokoloff Taylor & Zafman, February 12, 2013: US08375444 (116 worldwide citation)

A dynamic signature creation and enforcement system can comprise a tap configured to copy network data from a communication network, and a controller coupled to the tap. The controller is configured to receive the copy of the network data from the tap, analyze the copy of the network data with a heu ...


8
Ashar Aziz, Wei Lung Lai, Jayaraman Manni: Systems and methods for detecting encrypted bot command and control communication channels. FireEye, Carr & Ferrell, June 19, 2012: US08204984 (115 worldwide citation)

Methods and systems for detecting encrypted bot command and control communication channels are provided. In the exemplary method, the presence of a communication channel between a first network device and a second network device is monitored. Active and inactive periods of the network device are det ...


9
Ashar Aziz, Adrian Drzewiecki, Ramesh Radhakrishnan, Jayaraman Manni, Muhammad Amin: Policy based capture with replay to virtual machine. FireEye, Carr & Ferrell, October 16, 2012: US08291499 (114 worldwide citation)

A suspicious activity capture system can comprise a tap configured to copy network data from a communication network, and a controller. The controller is coupled to the tap and is configured to receive the copy of the network data from the tap, analyze the copy of the network data to flag the networ ...


10
Ashar Aziz, Wei Lung Lai, Jayaraman Manni: Systems and methods for detecting communication channels of bots. FireEye, Blakely Sokoloff Taylor & Zafman, October 15, 2013: US08561177 (110 worldwide citation)

Exemplary systems and methods for detecting a communication channel of a bot. In exemplary embodiments, presence of a communication channel between a first network device and a second network device is detected. Data from the communication channel is scanned and used to determine if a suspected bot ...