1
Ashar Aziz, Adrian Drzewiecki, Ramesh Radhakrishnan, Jayaraman Manni, Muhammad Amin: Heuristic based capture with replay to virtual machine. FireEye, Carr & Ferrell, May 1, 2012: US08171553 (151 worldwide citation)

A suspicious activity capture system can comprise a tap configured to copy network data from a communication network, and a controller. The controller is coupled to the tap and is configured to receive the copy of the network data from the tap, analyze the copy of the network data with a heuristic t ...


2
Ashar Aziz, Wei Lung Lai, Jayaraman Manni: System and method for bot detection. FireEye, Rutan & Tucker, April 18, 2017: US09628498 (13 worldwide citation)

Exemplary systems and methods for detecting a communication channel of a bot. In exemplary embodiments, presence of a communication channel between a first network device and a second network device is detected. Data from the communication channel is scanned and used to determine if a suspected bot ...


3
Ashar Aziz, Ramesh Radhakrishnan, Osman Ismael: System and method for virtual analysis of network data. FireEye, Rutan & Tucker, March 6, 2018: US09912684 (2 worldwide citation)

A system is provided with one or more virtual machines and a replayer. The virtual machine(s) are configured to mimic operations of a first device. The replayer is configured to mimic operations of a second device. Herein, the replayer receives a portion of network data under analysis, dynamically m ...


4
Stuart Gresley Staniford, Ashar Aziz: Systems and methods for analyzing PDF documents. FireEye, Rutan & Tucker, April 24, 2018: US09954890

A system and method for detecting malicious activity within a Portable Document Format (PDF) document. The system includes a parser and one or more virtual machines. The parser that, when executed by a hardware processor, examines one or more portions of the PDF document to determine if one or more ...


5
Ashar Aziz: Heuristic based capture with replay to virtual machine. Carr & Ferrell, January 3, 2008: US20080005782-A1

A suspicious activity capture system can comprise a tap configured to copy network data from a communication network, and a controller coupled to the tap. The controller is coupled to the tap and is configured to receive the copy of the network data from the tap, analyze the copy of the network data ...


6
Aziz Ashar: Heuristic based capture with replay to virtual machine. Aziz Ashar, KLOKE Daniel, December 21, 2006: WO/2006/135903

A suspicious activity capture system can comprise a tap configured to copy network data from a communication network, and a controller coupled to the tap. The controller is coupled to the tap and is configured to receive the copy of the network data from the tap, analyze the copy of the network data ...