首页>
外国专利>
METHOD AND SYSTEM FOR USING SPAM E-MAIL HONEYPOTS TO IDENTIFY POTENTIAL MALWARE CONTAINING E-MAILS
METHOD AND SYSTEM FOR USING SPAM E-MAIL HONEYPOTS TO IDENTIFY POTENTIAL MALWARE CONTAINING E-MAILS
展开▼
机译:使用垃圾邮件电子邮件大蜜罐识别包含电子邮件的潜在恶意软件的方法和系统
展开▼
页面导航
摘要
著录项
相似文献
摘要
A method and apparatus for employing honeypot systems to identify potential malware containing messages whereby a decoy system to receive illegitimate e-mails is established. E-mails sent to the spam e-mail honeypot decoy are initially scanned/filtered and e-mails that are not considered possible malware containing e-mails are filtered out while the remaining e-mails sent to the spam e-mail honeypot decoy are identified as potential malware containing e-mails. One or more features, and/or feature values, of the identified e-mails are then identified, extracted and ranked. Once a given feature, and/or feature value, occurs more than a burst threshold number of times, the status of the given feature, and/or feature value, is transformed to that of suspicious e-mail parameter.
展开▼