发明授权
- 专利标题: Detecting machines compromised with malware
- 专利标题(中): 检测机器受到恶意软件的攻击
-
申请号: US12177355申请日: 2008-07-22
-
公开(公告)号: US08464341B2公开(公告)日: 2013-06-11
- 发明人: Rami Cohen
- 申请人: Rami Cohen
- 申请人地址: US WA Redmond
- 专利权人: Microsoft Corporation
- 当前专利权人: Microsoft Corporation
- 当前专利权人地址: US WA Redmond
- 代理机构: Workman Nydegger
- 主分类号: G06F11/00
- IPC分类号: G06F11/00
摘要:
A computer system can be configured to identify when it has been infected with or otherwise compromised by malware, such as viruses, worms, etc. In one implementation, a computer system receives and installs one or more decoy contacts in a contact store and further installs one or more malware reporting modules that effectively filter outgoing messages. For example, a malware reporting module can redirect messages with a decoy contact address to an alternate inbox associated with the decoy contact. The same malware reporting module, or another module in the system, can also generate one or more reports indicating the presence of malware, either due to detection of the decoy contact address, or due to identifying messages in the decoy contact inbox. The host computer system that sent the message to the decoy contact can then be flagged as infected with malware.
公开/授权文献
- US20100024034A1 DETECTING MACHINES COMPROMISED WITH MALWARE 公开/授权日:2010-01-28
信息查询