Method and system for researching pestware spread through electronic messages
First Claim
1. A method for researching pestware, the method comprising:
- detecting automatically the presence of an electronic messaging client on a computer, the electronic messaging client having an associated contact list, each contact in the contact list having an associated address on a network;
adding automatically a pestware research contact to the contact list, the address associated with the pestware research contact pointing to a data collection system on the network; and
tracing to its source on the network a pestware threat received at the data collection system via the pestware research contact.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system for researching pestware spread through electronic messages is described. One embodiment detects automatically the presence of an electronic messaging client on a computer, the electronic messaging client having an associated contact list, each contact in the contact list having an associated address on a network; adds automatically a pestware research contact to the contact list, the address associated with the pestware research contact pointing to a data collection system on the network; and traces to its source on the network a pestware threat received at the data collection system via the pestware research contact. The principles of the invention can be applied to any electronic messaging system, including electronic mail and instant messaging.
57 Citations
26 Claims
-
1. A method for researching pestware, the method comprising:
-
detecting automatically the presence of an electronic messaging client on a computer, the electronic messaging client having an associated contact list, each contact in the contact list having an associated address on a network; adding automatically a pestware research contact to the contact list, the address associated with the pestware research contact pointing to a data collection system on the network; and tracing to its source on the network a pestware threat received at the data collection system via the pestware research contact. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method for gathering information used in detecting pestware, the method comprising:
-
receiving over a network at a data collection system an electronic message associated with a pestware threat, the electronic message having been addressed to a pestware research contact, the pestware research contact having been added automatically to a contact list associated with an electronic messaging client on a remote computer connected with the network, the pestware research contact having an associated network address that points to the data collection system; tracing the pestware threat to its source on the network using information derived from the received electronic message; obtaining from the source of the pestware threat a payload associated with the pestware threat; and deriving from the payload at least one characteristic for use in detecting the payload on an affected computer. - View Dependent Claims (8, 9, 10)
-
-
11. A system for researching pestware, the system comprising:
-
an electronic messaging client detection module configured to detect automatically the presence of an electronic messaging client on a computer, the electronic messaging client having an associated contact list, each contact in the contact list having an associated address on a network; a contact installation module configured to add automatically a pestware research contact to the contact list; and a data collection subsystem connected with the network, the address associated with the pestware research contact pointing to the data collection subsystem, the data collection subsystem being configured to; receive at the address associated with the pestware research contact an electronic message associated with a pestware threat; and trace the pestware threat to its source on the network using information derived from the received electronic message. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A data collection system for gathering information used in detecting pestware, the system comprising:
-
a communication interface connected with a network; a message detection module configured to receive through the communication interface an electronic message associated with a pestware threat, the electronic message having been addressed to a pestware research contact, the pestware research contact having been added automatically to a contact list associated with an electronic messaging client on a remote computer connected with the network, the pestware research contact having an associated network address that points to the data collection system; a source tracing module configured to trace the pestware threat to its source on the network using information derived from the received electronic message; a payload retrieval module configured to retrieve from the source of the pestware threat a payload associated with the pestware threat; and a payload analysis module configured to derive from the payload at least one characteristic for use in detecting the payload on an affected computer. - View Dependent Claims (17, 18, 19)
-
-
20. A system for researching pestware, the system comprising:
-
means for detecting automatically the presence of an electronic messaging client on a computer, the electronic messaging client having an associated contact list, each contact in the contact list having an associated address on a network; means for adding automatically a pestware research contact to the contact list, the address associated with the pestware research contact pointing to a data collection system on the network; and means for tracing to its source on the network a pestware threat received at the data collection system via the pestware research contact. - View Dependent Claims (21, 22, 23)
-
-
24. A data collection system for gathering information used in detecting pestware, the system comprising:
-
means for receiving over a network an electronic message associated with a pestware threat, the electronic message having been addressed to a pestware research contact, the pestware research contact having been added automatically to a contact list associated with an electronic messaging client on a remote computer connected with the network, the pestware research contact having an associated network address that points to the data collection system; means for tracing the pestware threat to its source on the network using information derived from the received electronic message; means for obtaining from the source of the pestware threat a payload associated with the pestware threat; and means for deriving from the payload at least one characteristic for use in detecting the payload on an affected computer. - View Dependent Claims (25, 26)
-
Specification