首页> 外国专利> METHOD AND SYSTEM FOR USING SPAM E-MAIL HONEYPOTS TO IDENTIFY POTENTIAL MALWARE CONTAINING E-MAILS

METHOD AND SYSTEM FOR USING SPAM E-MAIL HONEYPOTS TO IDENTIFY POTENTIAL MALWARE CONTAINING E-MAILS

机译：使用垃圾邮件电子邮件大蜜罐识别包含电子邮件的潜在恶意软件的方法和系统

页面导航

摘要
著录项
相似文献

摘要

A method and apparatus for employing honeypot systems to identify potential malware containing messages whereby a decoy system to receive illegitimate e-mails is established. E-mails sent to the spam e-mail honeypot decoy are initially scanned/filtered and e-mails that are not considered possible malware containing e-mails are filtered out while the remaining e-mails sent to the spam e-mail honeypot decoy are identified as potential malware containing e-mails. One or more features, and/or feature values, of the identified e-mails are then identified, extracted and ranked. Once a given feature, and/or feature value, occurs more than a burst threshold number of times, the status of the given feature, and/or feature value, is transformed to that of suspicious e-mail parameter.

机译：一种使用蜜罐系统来识别包含消息的潜在恶意软件的方法和装置，从而建立了接收非法电子邮件的诱饵系统。最初将扫描/过滤发送到垃圾邮件蜜罐诱饵的电子邮件，并过滤掉不视为可能包含邮件的恶意软件的电子邮件，同时将发送给垃圾邮件蜜罐诱饵的其余电子邮件过滤掉。被识别为包含电子邮件的潜在恶意软件。然后，识别，提取和排序所标识的电子邮件的一个或多个特征和/或特征值。一旦给定功能和/或功能值的出现次数超过突发阈值次数，就将给定功能和/或功能值的状态转换为可疑电子邮件参数的状态。

著录项

公开/公告号WO2011090466A1

专利类型
公开/公告日2011-07-28

原文格式PDF
申请/专利权人 SYMANTEC CORPORATION;
展开▼

申请/专利号WO2010US03230
发明设计人 LEE MARTIN;
展开▼

申请日2010-12-22
分类号H04L29/06;H04L12/58;
国家 WO
入库时间 2022-08-21 17:56:30

相似文献

专利
外文文献
中文文献