1
Ashar Aziz, Ramesh Radhakrishnan, Osman Ismael: Virtual machine with dynamic data flow analysis. FireEye, Blakely Sokoloff Taylor & Zafman, November 12, 2013: US08584239 (135 worldwide citation)

A suspicious activity capture system can comprise a tap configured to copy network data from a communication network, and a controller coupled to the tap. The controller is configured to receive the copy of the network data from the tap, analyze the copy of the network data with a heuristic to deter ...


2
Ashar Aziz, Wei Lung Lai, Jayaraman Manni: System and method for bot detection. FireEye, Rutan & Tucker, April 18, 2017: US09628498 (13 worldwide citation)

Exemplary systems and methods for detecting a communication channel of a bot. In exemplary embodiments, presence of a communication channel between a first network device and a second network device is detected. Data from the communication channel is scanned and used to determine if a suspected bot ...


3
Ashar Aziz, Ramesh Radhakrishnan, Osman Ismael: System and method for virtual analysis of network data. FireEye, Rutan & Tucker, March 6, 2018: US09912684 (2 worldwide citation)

A system is provided with one or more virtual machines and a replayer. The virtual machine(s) are configured to mimic operations of a first device. The replayer is configured to mimic operations of a second device. Herein, the replayer receives a portion of network data under analysis, dynamically m ...


4
Ashar Aziz, Ramesh Radhakrishnan, Osman Ismael: Virtual machine with dynamic data flow analysis. Carr & Ferrell, October 25, 2007: US20070250930-A1

A suspicious activity capture system can comprise a tap configured to copy network data from a communication network, and a controller coupled to the tap. The controller is configured to receive the copy of the network data from the tap, analyze the copy of the network data with a heuristic to deter ...