Using domain name service resolution queries to combat spyware
US7752664B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Dec 19, 2005 |
| Grant date | Jul 6, 2010 |
| Priority date | — |
| Expiry date | May 2, 2029 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/55
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
An anti-spyware manager uses domain name service resolution queries to combat spyware. The anti-spyware manager maintains a list of domain names associated with spyware, monitors domain name service queries, and detects queries on domain names on the list. Responsive to detecting a domain name service query on a domain name associated with spyware, the anti-spyware manager forces the domain name service query to resolve to an address not associated with the domain name. Because attempts by spyware to communicate with its home server are now routed to the forced address, the spyware is unable to communicate with its homer server, and thus can neither steal information nor download updates of itself. Additionally, the anti-spyware manager can identify computers that are infected with spyware and clean or quarantine them.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.