The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Nov. 20, 2012
Filed:
Oct. 30, 2007
Sheng-chi Hsieh, Xindian, TW;
Chao-yu Chen, Taipei, TW;
Chih-chia Chen, Taichung, TW;
Trend Micro, Inc., Tokyo, JP;
Abstract
Detection for pharming attacks and specifically for changes in name-to-IP resolutions on a computer system using rules is described. The DNS settings and the Hosts file on a computer system are monitored and their modification information is saved as a part of the historical data over time. When an IP address is determined for a host name, various rules are applied to the IP address in connection with the saved historical data, such that each rule produces a score based on various criteria. Different rules may have different weights assigned to their scores. The scores of all the rules are summed up to produce a final score. If the final score is above a predefined value, then there is a suspicious change in the IP address, and an alert is sent. Otherwise, the host name and the IP address are saved as a part of the historical data.