首页> 外国专利> Method and system for detecting malware containing E-mails based on inconsistencies in public sector “From” addresses and a sending IP address

Method and system for detecting malware containing E-mails based on inconsistencies in public sector “From” addresses and a sending IP address

机译：基于公共部门“发件人”地址和发送方IP地址不一致的检测包含电子邮件的恶意软件的方法和系统

页面导航

摘要
著录项
相似文献

摘要

A method and apparatus for detecting malware containing e-mails based on inconsistencies between a governmental agency “From” address and a sending IP address whereby an incoming e-mail is analyzed to determine if the incoming e-mail includes a “From” address having a domain suffix that is normally associated with a governmental agency, such as a .gov, .gov.uk, .go.jp, or any similar governmental domain suffix. The connecting IP address or IP addresses within the received headers associated with the incoming e-mail are then analyzed to determine the geographical locations through which the incoming e-mail passed. If the geographical locations associated with these sending IP addresses of the incoming e-mail are not consistent with the country indicated by the domain suffix in the governmental “From” address of the incoming e-mail then the protective action is taken.

机译：一种用于基于政府机构“发件人”地址与发送IP地址之间的不一致性来检测包含电子邮件的恶意软件的方法和装置，从而分析传入的电子邮件以确定传入的电子邮件是否包括具有以下内容的“发件人”地址：通常与政府机构相关联的域名后缀，例如.gov，.gov.uk，.go.jp或任何类似的政府域名后缀。然后分析与传入电子邮件相关联的已接收标头中的一个或多个连接IP地址，以确定传入电子邮件所经过的地理位置。如果与传入电子邮件的这些发送IP地址关联的地理位置与传入电子邮件的政府“发件人”地址中的域后缀指示的国家/地区不一致，则将采取保护措施。

著录项

公开/公告号US8595830B1

专利类型
公开/公告日2013-11-26

原文格式PDF
申请/专利权人 MARTIN LEE;
展开▼

申请/专利号US20100844738
发明设计人 MARTIN LEE;
展开▼

申请日2010-07-27
分类号H04L29/06;
国家 US
入库时间 2022-08-21 15:59:34

相似文献

专利
外文文献
中文文献