Methods and systems for detecting and preventing the spread of malware on instant messaging (IM) networks by using automated IM users
First Claim
1. A computer-assisted method of reducing the spread of malware in communication between instant message (IM) clients and an IM server, comprising:
- registering one or more virtual IM users with the IM server, wherein each virtual IM user includes an account name by which one or more users of the IM server are able to communicate with the virtual IM user associated with the account name;
causing the account names of the virtual IM users to be illicitly acquired by a source of malware by publicizing the account names of the virtual IM users; and
identifying, the source of malware, when the source of malware sends a message to any one of the virtual IM users.
3 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems for reducing the spread of malware in communication between an instant message (IM) client and an IM server are described. A malware trapping system (MTS) creates and registers a set of virtual IM users with an IM server. The virtual IM users include account names by which other users of the IM server can communicate with the virtual IM users. The MTS publicizes the account names of the virtual IM users, which causes sources of malware to illicitly acquire the account names of the virtual IM users. The MTS identifies any IM user sending a message to one of the virtual users as a source of malware. The MTS also identifies such a message as a malware message and collects information about the sources of malware and malware messages and stores the information in a database. An IM filter module, accessing the information stored in the database, identifies and blocks malware messages based on the information.
46 Citations
33 Claims
-
1. A computer-assisted method of reducing the spread of malware in communication between instant message (IM) clients and an IM server, comprising:
-
registering one or more virtual IM users with the IM server, wherein each virtual IM user includes an account name by which one or more users of the IM server are able to communicate with the virtual IM user associated with the account name;
causing the account names of the virtual IM users to be illicitly acquired by a source of malware by publicizing the account names of the virtual IM users; and
identifying, the source of malware, when the source of malware sends a message to any one of the virtual IM users. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A computer-assisted system of reducing the spread of malware in communication between an instant message (IM) client and an IM server, comprising:
-
a malware trapping system configured to register one or more virtual IM users with the IM server, wherein each virtual user includes an account name by which one or more users of the IM server are able to communicate with the virtual IM user associated with the account name;
the malware trapping system further configured to cause the account names of the virtual IM users to be illicitly acquired by a source of malware by publicizing the account names of the virtual IM users;
the malware trapping system further configured to identify, the source of malware, when the source of malware sends a message to any one of the virtual IM users. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A computer program product, residing on a computer-readable medium, the computer program product comprising computer instructions for configuring a computer to perform the acts of:
-
registering one or more virtual IM users with the IM server, wherein each virtual IM user includes an account name by which one or more users of the IM server are able to communicate with the virtual IM user associated with the account name;
causing the account names of the virtual IM users to be illicitly acquired by a source of malware by publicizing the account names of the virtual IM users; and
identifying, the source of malware, when the source of malware sends a message to any one of the virtual IM users. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
-
Specification