|DAMBALLA, INC. Patent applications|
|Patent application number||Title||Published|
|20140059216||METHODS AND SYSTEMS FOR NETWORK FLOW ANALYSIS - A system and method comprising: receiving network flow data; identifying a peer to peer network flow within the network flow data comparing the peer to peer network flow to a known peer to peer application flow; labeling the peer to peer network flow as the known peer to peer application flow when the peer to peer network flow matches the known peer to peer application flow; and creating a data set to be associated with the labeled peer to flow.||02-27-2014|
|20130191915||METHOD AND SYSTEM FOR DETECTING DGA-BASED MALWARE - System and method for detecting a domain generation algorithm (DGA), comprising: performing processing associated with clustering, utilizing a name-based features clustering module accessing information from an electronic database of NX domain information, the randomly generated domain names based on the similarity in the make-up of the randomly generated domain names; performing processing associated with clustering, utilizing a graph clustering module, the randomly generated domain names based on the groups of assets that queried the randomly generated domain names; performing processing associated with determining, utilizing a daily clustering correlation module and a temporal clustering correlation module, which clustered randomly generated domain names are highly con-elated in daily use and in time; and performing processing associated with determining the DGA that generated the clustered randomly generated domain names.||07-25-2013|
|20110283361||METHOD AND SYSTEM FOR NETWORK-BASED DETECTING OF MALWARE FROM BEHAVIORAL CLUSTERING - A computerized system and method for performing behavioral clustering of malware samples, comprising: executing malware samples in a controlled computer environment fbr a predetermined time to obtain HTTP traffic; clustering the malware samples into at least one cluster based on network behavioral information from the HTTP traffic; and extracting, using the at least one processor, network signatures from the HTTP traffic information for each cluster, the network signatures being indicative of malware infection.||11-17-2011|
Patent applications by DAMBALLA, INC.