US 11,895,132 B2
Command and control steganographic communications detection engine
Steven Sinks, Scottsdale, AZ (US); and Jonathan Sheedy, Poynton (GB)
Assigned to Bank of America Corporation, Charlotte, NC (US)
Filed by Bank of America Corporation, Charlotte, NC (US)
Filed on Nov. 23, 2022, as Appl. No. 18/058,390.
Application 18/058,390 is a continuation of application No. 17/153,605, filed on Jan. 20, 2021, granted, now 11,575,694.
Prior Publication US 2023/0087924 A1, Mar. 23, 2023
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01)
CPC H04L 63/1416 (2013.01) [H04L 63/0236 (2013.01); H04L 63/123 (2013.01); H04L 63/1433 (2013.01); H04L 63/1441 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A system comprising:
a first computing device communicatively coupled to a network; and
a second computing device comprising:
a processor; and
non-transitory memory storing instructions that, when executed by the processor, causes the second computing device to:
identify a pattern of file transfers comprising pushing and retrieving a same file multiple times between the first computing device on a secure network and a common group of image hosting websites, wherein the pattern is identified via simulations of a simulated command and control server environment;
quarantine, based on an identification of the pattern of file transfers associated with the first computing device, the first computing device from the secure network;
identify, in at least one file transferred between the first computing device and the simulated command and control server environment, an indication of steganography; and
trigger, based on an identified indication of steganography, an alert identifying that the first computing device had been compromised by command and control malware.