| US 7,600,258 B2 | ||
| Methods and systems for detecting and preventing the spread of malware on instant messaging (IM) networks by using fictitious buddies | ||
| Francis Aurelio Desouza, Somerville, Mass. (US); Jon Sakoda, Boston, Mass. (US); Arthur William Gilliland, Jamaica Plain, Mass. (US); Anandamoy Roychowdhary, Cambridge, Mass. (US); Eric Lyle Lorenzo, Somerville, Mass. (US); and Milan Shah, Hopkinton, Mass. (US) | ||
| Assigned to Symantec Corporation, Cupertino, Calif. (US) | ||
| Filed on Jul. 01, 2005, as Appl. No. 11/171,248. | ||
| Prior Publication US 2007/0006308 A1, Jan. 04, 2007 | ||
| Int. Cl. G06F 12/14 (2006.01); H04L 9/32 (2006.01) | ||
| U.S. Cl. 726—24 | 37 Claims |
| 1. A computer-assisted method of reducing spread of malware in an instant message (IM) system, comprising:
intercepting a buddy list sent from an IM server to an IM client;
adding one or more fictitious buddies to the intercepted buddy list;
forwarding the buddy list with the one or more fictitious buddies to the IM client;
identifying that a computer that hosts the IM client sent a message to at least one of the fictitious buddies;
interactively confirming with a user of the IM client whether the user intended to send the message; and
responsive to the user denying sending the message to the at least one of the fictitious buddies, identifying the host computer
of the IM client as a source of malware.
|