METHOD AND SYSTEM FOR PROTECTING AN INTERNET USER FROM FRAUDULENT IP ADDRESSES ON A DNS SERVER

US 20070083670A1
Filed: 10/11/2005
Published: 04/12/2007
Est. Priority Date: 10/11/2005
Status: Abandoned Application

First Claim

Patent Images

1. A method for authenticating internet protocol (IP) addresses received from a domain name system (DNS) server, comprising the steps of:

a) storing in an IP address database located on an Internet user'"'"'s computer the IP addresses and corresponding domain names of a plurality of websites;

b) after step (a), receiving from the DNS server a newly received IP address corresponding to a domain name of a desired website;

c) comparing the newly-received IP address with the IP address for the desired website stored in the IP address database.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Domain name system (DNS) servers provide Internet protocol (IP) addresses that computers must have for finding websites on the Internet. A recent problem with navigating the Internet is that hackers have discovered ways to change the IP addresses stored on the DNS servers. An altered IP address will cause an Internet user to be directed to an incorrect or fraudulent website. In the present invention, an Internet user'"'"'s computer stores domain names and corresponding IP addresses of all websites visited with the computer. Each time a website is accessed, the IP address received from the DNS server is compared to the IP address stored in the database. If the IP addresses are identical, then the newly received IP address is likely legitimate. If the IP addresses are different, then the newly received IP address is likely fraudulent, and the user can be warned before loading the website.

Citations

21 Claims

1. A method for authenticating internet protocol (IP) addresses received from a domain name system (DNS) server, comprising the steps of:
- a) storing in an IP address database located on an Internet user'"'"'s computer the IP addresses and corresponding domain names of a plurality of websites;
  
  b) after step (a), receiving from the DNS server a newly received IP address corresponding to a domain name of a desired website;
  
  c) comparing the newly-received IP address with the IP address for the desired website stored in the IP address database.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1 wherein step (a) is performed when Internet browsing software is installed on the Internet user'"'"'s computer.
  - 3. The method of claim 1 wherein a new domain name and corresponding IP address are stored in the IP address database when the Internet user'"'"'s computer visits a new domain name not present in the IP address database.
  - 4. The method of claim 1 further comprising the step of indicating that the newly-received IP address may be fraudulent if the stored IP address and newly-received IP address are not identical.
  - 5. The method of claim 1 further comprising the step of indicating that the newly-received IP address may be legitimate if the stored IP address and newly-received IP address are identical.
  - 6. The method of claim 1 wherein the IP address database also stores a time of the most recent access of the domain name.
  - 7. The method of claim 1 further comprising the steps of:
    - 1) scanning an incoming email message for universal resource locators (URLs);
      
      2) if a URL is detected, then pinging the URL and performing steps (b) and (c).
  - 8. The method of claim 1 wherein the IP address database is preloaded on the user'"'"'s computer before the computer is connected to the Internet.

9. A computer system for protecting a computer user from a fraudulent internet protocol (IP) address stored on a domain name system (DNS) server, comprising:
- a) a computer having a memory;
  
  b) an internet protocol (IP) address database stored in the memory, wherein the IP address database stores a list of domain names and corresponding IP addresses;
  
  c) software instructions stored in the memory, operable for comparing an IP address stored in the IP address database with a newly received IP address received from the DNS server.
- View Dependent Claims (10, 11, 12)
- - 10. The computer system of claim 9 further comprising instructions operable for alerting a computer user that the newly received IP address may be fraudulent if it is not identical to an IP address in the database corresponding to the same domain name.
  - 11. The computer system of claim 9 further comprising instructions operable for alerting a computer user that the newly received IP address may be legitimate if it is identical to an IP address in the database corresponding to the same domain name.
  - 12. The computer system of claim 9 wherein the software instructions are operable for reading from and writing to the IP address database.

13. A method for authenticating universal resource locators (URLs) received in an email message, comprising the steps of:
- a) storing in an IP address database located on an Internet user'"'"'s computer the IP addresses and corresponding domain names of a plurality of websites;
  
  b) scanning an incoming email message for URLs;
  
  c) if a URL is detected, then pinging the URL and identifying the domain name of the URL;
  
  d) receiving from a DNS server a newly received IP address in response to the ping; and
  
  e) comparing the IP address of the domain name corresponding to the URL with the newly-received IP address from the DNS server.
- View Dependent Claims (14, 15, 16, 17)
- - 14. The method of claim 13 wherein step (a) is performed when internet browsing software is installed on the Internet user'"'"'s computer.
  - 15. The method of claim 13 wherein a new domain name and corresponding IP address are stored in the IP address database when the Internet user'"'"'s computer visits a new domain name not present in the IP address database.
  - 16. The method of claim 13 further comprising the step of indicating that the newly-received IP address may be legitimate if the stored IP address and newly-received IP address are identical.
  - 17. The method of claim 13 further comprising the step of indicating that the newly-received IP address may be fraudulent if the stored IP address and newly-received IP address are not identical.

18. A computer system for protecting a computer user from a fraudulent universal resource locators (URLs) received in an email message, comprising:
- a) a computer having a memory;
  
  b) an internet protocol (IP) address database stored in the memory, wherein the IP address database stores a list of domain names and corresponding IP addresses;
  
  c) software instructions stored in the memory, operable for performing the following steps;
  
  1) scanning an incoming email message for URLs and, if a URL is detected, then pinging the URL and identifying the domain name of the URL;
  
  2) receiving from a DNS server a newly received IP address in response to the ping; and
  
  3) comparing the IP address of the domain name corresponding to the URL with the newly-received IP address from the DNS server.
- View Dependent Claims (19, 20, 21)
- - 19. The computer system of claim 18 further comprising instructions operable for alerting a computer user that the newly received IP address may be fraudulent if it is not identical to an IP address in the database corresponding to the same domain name.
  - 20. The computer system of claim 18 further comprising instructions operable for alerting a computer user that the newly received IP address may be legitimate if it is identical to an IP address in the database corresponding to the same domain name.
  - 21. The computer system of claim 18 wherein the software instructions are operable for reading from and writing to the IP address database.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Kelley, Edward, Delia, Wayne, Wilbrink, Tijs

Application Number

US11/163,225
Publication Number

US 20070083670A1
Time in Patent Office

Days
Field of Search
US Class Current

709/245
CPC Class Codes

H04L 61/4511   using domain name system [DNS]

H04L 61/5076   Update or notification mech...

H04L 63/126   the source of the received ...

METHOD AND SYSTEM FOR PROTECTING AN INTERNET USER FROM FRAUDULENT IP ADDRESSES ON A DNS SERVER

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND SYSTEM FOR PROTECTING AN INTERNET USER FROM FRAUDULENT IP ADDRESSES ON A DNS SERVER

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links