Method and system for protection against information stealing software
First Claim
1. A method for monitoring an electronic device to detect infection by unwanted software, the method comprising:
- receiving parameters and inserting the parameters into artificial sensitive information using a software agent running on the electronic device, wherein the parameters include identifying information for the electronic device;
performing, using the software agent running on the electronic device, a login session using the artificial sensitive information; and
monitoring, at a computer hardware network gateway, network transmissions of the electronic device unrelated to the login session to detect a transmission of the artificial sensitive information to another electronic device based on a comparison of information included in a network transmission to the artificial sensitive information to determine the existence of unwanted software on the electronic device based on the information identifying the electronic device being included in the transmission of the artificial sensitive information.
9 Assignments
0 Petitions
Accused Products
Abstract
A system and method for identifying infection of unwanted software on an electronic device is disclosed. A software agent configured to generate a bait and is installed on the electronic device. The bait can simulate a situation in which the user performs a login session and submits personal information or it may just contain artificial sensitive information. Parameters may be inserted into the bait such as the identity of the electronic device that the bait is installed upon. The output of the electronic device is monitored and analyzed for attempts of transmitting the bait. The output is analyzed by correlating the output with the bait and can be done by comparing information about the bait with the traffic over a computer network in order to decide about the existence and the location of unwanted software. Furthermore, it is possible to store information about the bait in a database and then compare information about a user with the information in the database in order to determine if the electronic device that transmitted the bait contains unwanted software.
-
Citations
17 Claims
-
1. A method for monitoring an electronic device to detect infection by unwanted software, the method comprising:
-
receiving parameters and inserting the parameters into artificial sensitive information using a software agent running on the electronic device, wherein the parameters include identifying information for the electronic device; performing, using the software agent running on the electronic device, a login session using the artificial sensitive information; and monitoring, at a computer hardware network gateway, network transmissions of the electronic device unrelated to the login session to detect a transmission of the artificial sensitive information to another electronic device based on a comparison of information included in a network transmission to the artificial sensitive information to determine the existence of unwanted software on the electronic device based on the information identifying the electronic device being included in the transmission of the artificial sensitive information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for monitoring an electronic device to detect infection by unwanted software, the system comprising:
-
a software agent installed on the electronic device and configured to; receive parameters and insert the parameters into artificial sensitive information, wherein the parameters include identifying information for the electronic device, and perform a login session using the artificial sensitive information; and a computer hardware network gateway configured to monitor network transmissions of the electronic device unrelated to the login session that include a transmission of the artificial sensitive information over a network to another electronic device to determine the existence of unwanted software on the electronic device based on the information identifying the electronic device being included in the transmission of the artificial sensitive information. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
Specification