Invention Grant
US08549642B2 Method and system for using spam e-mail honeypots to identify potential malware containing e-mails
有权
使用垃圾邮件蜜罐识别包含电子邮件的潜在恶意软件的方法和系统
- Patent Title: Method and system for using spam e-mail honeypots to identify potential malware containing e-mails
- Patent Title (中): 使用垃圾邮件蜜罐识别包含电子邮件的潜在恶意软件的方法和系统
-
Application No.: US12690638Application Date: 2010-01-20
-
Publication No.: US08549642B2Publication Date: 2013-10-01
- Inventor: Martin Lee
- Applicant: Martin Lee
- Applicant Address: US CA Mountain View
- Assignee: Symantec Corporation
- Current Assignee: Symantec Corporation
- Current Assignee Address: US CA Mountain View
- Agency: McKay and Hodgson, LLP
- Agent Serge J. Hodgson; Sean P. Lewis
- Main IPC: G06F11/00
- IPC: G06F11/00 ; G06F15/16 ; G06F15/173 ; H04L29/06
Abstract:
A method and apparatus for employing honeypot systems to identify potential malware containing messages whereby a decoy system to receive illegitimate e-mails is established. E-mails sent to the spam e-mail honeypot decoy are initially scanned/filtered and e-mails that are not considered possible malware containing e-mails are filtered out while the remaining e-mails sent to the spam e-mail honeypot decoy are identified as potential malware containing e-mails. One or more features, and/or feature values, of the identified e-mails are then identified, extracted and ranked. Once a given feature, and/or feature value, occurs more than a burst threshold number of times, the status of the given feature, and/or feature value, is transformed to that of suspicious e-mail parameter.
Public/Granted literature
- US20110179487A1 METHOD AND SYSTEM FOR USING SPAM E-MAIL HONEYPOTS TO IDENTIFY POTENTIAL MALWARE CONTAINING E-MAILS Public/Granted day:2011-07-21
Information query
