Method and system for preventing virus infection
First Claim
1. A method of preventing virus infection by detecting the virus infection in a network, comprising steps of:
- providing a decoy accessible through the network to a computer that monitors intrusion of a virus;
receiving access to said decoy through the network, to obtain communication information and to detect intrusion of the virus;
detecting a virus source computer based on the communication information obtained with respect to the virus intrusion when the virus intrudes into the decoy; and
making an antivirus attack on the virus source computer through the network for suppressing operation of the virus.
1 Assignment
0 Petitions
Accused Products
Abstract
There is disclosed a system for detecting virus infection in a network and preventing the virus infection. Decoy means (13, 14, 15) accessible through the network (1) are arranged on a storage unit (12). The system comprises a communication information analysis means (16) that detects virus intrusion into the decoy means (13, 14, 15), and upon detection of the virus intrusion, detecting a computer as a source of the virus based on the communication information acquired upon the virus intrusion; and a computer attack means (17) that performs antivirus attack processing on the virus source computer through the network for suppressing action of the virus. Attack by the computer attack means (17) of a monitoring computer (10) is continued until the infected computer (5) is identified and the virus is removed by the administrator.
-
Citations
19 Claims
-
1. A method of preventing virus infection by detecting the virus infection in a network, comprising steps of:
-
providing a decoy accessible through the network to a computer that monitors intrusion of a virus;
receiving access to said decoy through the network, to obtain communication information and to detect intrusion of the virus;
detecting a virus source computer based on the communication information obtained with respect to the virus intrusion when the virus intrudes into the decoy; and
making an antivirus attack on the virus source computer through the network for suppressing operation of the virus. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A system for preventing virus infection by detecting the virus infection in a network, comprising:
-
a decoy means that can be accessed through the network;
a communication information analysis means that detects intrusion of a virus into said decoy means, and then on detecting virus intrusion, detects a virus source computer based on communication information obtained when the virus intrudes; and
a computer attack means that makes an antivirus attack on the virus source computer through the network, for suppressing operation of the virus. - View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A system for preventing virus infection by detecting the virus infection in a network, comprising:
-
a request receiving means that receives a request for making an antivirus attack on a virus source computer; and
a computer attack means that makes an antivirus attack on said virus source computer through the network for suppressing operation of a virus, based on said request received.
-
-
18. A program for making a computer prevent virus infection by detecting the virus infection in a network, wherein:
-
said program makes said computer realize;
a communication information analysis means that detects intrusion of a virus into a decoy means accessible through the network, and then on detecting virus intrusion, detects a virus source computer based on communication information obtained when the virus intrudes; and
a computer attack means that makes an antivirus attack on the virus source computer through the network, for suppressing operation of the virus.
-
-
19. A program for making a computer prevent virus infection by detecting the virus infection in a network, wherein:
said program makes said computer perform processing of rejecting communication from a virus source computer when a network address of the virus source computer is notified.
Specification