Information security – Monitoring or scanning of software or data including attack... – Intrusion detection
Reexamination Certificate
2005-07-01
2009-10-06
Lanier, Benjamin E (Department: 2432)
Information security
Monitoring or scanning of software or data including attack...
Intrusion detection
Reexamination Certificate
active
07600258
ABSTRACT:
Methods and systems for reducing the spread of malware in communication between an instant message (IM) client and an IM server are described. An IM filter module (IM FM) is configured to intercept a buddy list sent from an IM server to an IM client, add one or more fictitious buddies to the intercepted buddy list, and forward the buddy list with the one or more fictitious buddies to the IM client. The IM FM is further configured to identify a computer that hosts the IM client as a source of malware based on messages sent by the IM client to at least one of the fictitious buddies and to determine that the host computer of the IM client is a source of malware if a content of the messages sent to the at least one of the fictitious buddies contains malware.
REFERENCES:
patent: 6052709 (2000-04-01), Paul
patent: 6112227 (2000-08-01), Heiner
patent: 6769016 (2004-07-01), Rothwell et al.
patent: 6842773 (2005-01-01), Ralston et al.
patent: 6965919 (2005-11-01), Woods et al.
patent: 7016939 (2006-03-01), Rothwell et al.
patent: 7069316 (2006-06-01), Gryaznov
patent: 7200638 (2007-04-01), Lake
patent: 7287060 (2007-10-01), McCown et al.
patent: 7290033 (2007-10-01), Goldman et al.
patent: 7321922 (2008-01-01), Zheng et al.
patent: 7321969 (2008-01-01), Schoen et al.
patent: 2003/0101353 (2003-05-01), Tarquini et al.
patent: 2004/0148281 (2004-07-01), Bates et al.
patent: 2004/0177110 (2004-09-01), Rounthwaite et al.
patent: 2004/0250124 (2004-12-01), Chesla et al.
patent: 2005/0044160 (2005-02-01), McElligott
patent: 2005/0050222 (2005-03-01), Packer
patent: 2005/0076084 (2005-04-01), Loughmiller et al.
patent: 2005/0138132 (2005-06-01), Zhou et al.
patent: 2005/0262210 (2005-11-01), Yu
patent: 2006/0036693 (2006-02-01), Hulten et al.
patent: 2006/0101021 (2006-05-01), Davis et al.
patent: 2006/0112430 (2006-05-01), Deisenroth et al.
patent: 2006/0179113 (2006-08-01), Buckingham et al.
Archive of “Bayesian filter”, Webopedia Computer Dictionary [online], Jul. 20, 2004, 2 pages, [Retrieved on Jan. 5, 2009] Retrieved from the Internet: <URL: http://web.archive.org/web/20040725075627/http://www.webopedia.com/TERM/B/Bayesian—filter.html>.
Hindocha et al., “Malicious Threats and Vulnerabilities in Instant Messaging”, Virus Bulletin International Conference, Sep. 2003, 24 pages, Virus Bulletin, Ltd.
Hindocha, N., “Instant Insecurity: Security Issues of Instant Messaging”, SecurityFocus.com Website [online], Jan. 13, 2003, 9 pages, [Retrieved on Mar. 17, 2009] Retrieved from the Internet: <URL:http://www.securityfocus.com/infocus/1657>.
Oikarinen et al., “Internet Relay Chat Protocol”, RFC1459 [online], May 1993, pp. 1-3, 13-15, 32, 65, [Retrieved on Jul. 31, 2008] Retrieved from the Internet: <URL: http://www.faqs.org/ftp/rfc/pdf/rfc1459.txt.pdf>.
Williamson et al., “Virus Throttling for Instant Messaging”, Apr. 28, 2004, 9 pages, HP Labs Bristol, Hewlett-Packard Company, Bristol, UK.
Desouza Francis Aurelio
Gilliland Arthur William
Lorenzo Eric Lyle
Roychowdhary Anandamoy
Sakoda Jon
Almeida Devin
Fenwick & West LLP
Lanier Benjamin E
Symantec Corporation
LandOfFree
Methods and systems for detecting and preventing the spread... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Methods and systems for detecting and preventing the spread..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Methods and systems for detecting and preventing the spread... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4064160