US 12,231,446 B2
Command and control steganographic communications detection engine
Steven E. Sinks, Scottsdale, AZ (US); and Jonathan Sheedy, Poynton (GB)
Assigned to Bank of America Corporation, Charlotte, NC (US)
Filed by Bank of America Corporation, Charlotte, NC (US)
Filed on Dec. 18, 2023, as Appl. No. 18/543,380.
Application 18/543,380 is a continuation of application No. 18/058,390, filed on Nov. 23, 2022, granted, now 11,895,132.
Application 18/058,390 is a continuation of application No. 17/153,605, filed on Jan. 20, 2021, granted, now 11,575,694, issued on Feb. 7, 2023.
Prior Publication US 2024/0121251 A1, Apr. 11, 2024
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01)
CPC H04L 63/1416 (2013.01) [H04L 63/0236 (2013.01); H04L 63/123 (2013.01); H04L 63/1433 (2013.01); H04L 63/1441 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A system comprising:
a plurality of computing devices communicatively coupled to a network; and
a second computing device comprising:
a processor; and
non-transitory memory storing instructions that, when executed by the processor, causes the second computing device to:
monitor, the network, for indications of file transfers that push and retrieve a same file multiple times between a first computing device of the plurality of computing devices and an image hosting website;
quarantine, based on an identification of a pattern of file transfers and via simulations of a command and control server environment, the first computing device from the network;
identify, from a file transferred within the pattern of the file transfers to and from the first computing device, an indication of steganography; and
trigger, based on an identified indication of steganography, an alert identifying that the first computing device had been compromised by command and control malware.