US Patent 10104120 Command and control cyber vaccine

Provided are systems, methods, and computer program products for a cyber-antibody technique. In various implementations, the technique includes monitoring, by a network device infected with an unknown malware program, packets set by the network device onto a network. The technique further includes identifying a packet that is associated with the unknown malware program. The packet can be identified from among the monitored packets. Identifying the packet can include determining a characteristic of the packet. The technique further includes identifying packets that have a characteristic similar to the characteristic of the packet. The technique can further include inserting data associated with a known malware program into the identified packets. The technique can further include distributing the characteristic to other network devices, to similarly taint packets that may be issued from those other network devices.