| CPC H04L 63/1416 (2013.01) | 22 Claims |
|
1. A computer-implemented method comprising:
intercepting, by a customer-premises equipment (CPE), data communication between a user apparatus via the CPE and one or more destination apparatuses, wherein the CPE implements a local area network for the data communication of the user apparatus;
detecting a download of remote access software to the user apparatus;
detecting, in the data communication, first network traffic related to the remote access software in the user apparatus, the first network traffic comprising content that is indicative of network traffic associated with the remote access software;
detecting, in the data communication, second network traffic related to an online banking software in the user apparatus;
determining that the first network traffic and the second network traffic coincide;
in response to determining that the first network traffic and the second network traffic coincide, blocking the first network traffic related to the remote access software in the user apparatus via the CPE;
setting a first timestamp to a point in time when the download was detected;
setting a second timestamp to a point in time when the first network traffic related to the remote access software was detected;
determining that a time difference between the first timestamp and the second timestamp fulfills a predetermined time difference condition; and
determining that the first network traffic and the second network traffic coincide in response to determining that the time difference between the first timestamp and the second timestamp fulfills the predetermined time difference condition.
|