Search International and National Patent Collections
Some content of this application is unavailable at the moment.
If this situation persists, please contact us atFeedback&Contact
1. (WO2007007960) A MALIGNANT BOT CONFRONTATION METHOD AND ITS SYSTEM
Latest bibliographic data on file with the International Bureau

Pub. No.: WO/2007/007960 International Application No.: PCT/KR2006/002512
Publication Date: 18.01.2007 International Filing Date: 28.06.2006
IPC:
G06F 15/00 (2006.01)
G PHYSICS
06
COMPUTING; CALCULATING; COUNTING
F
ELECTRIC DIGITAL DATA PROCESSING
15
Digital computers in general; Data processing equipment in general
Applicants:
KT CORPORATION [KR/KR]; 206, Jeongja-dong, Bundang-gu, Sungnam-si Gyeonggi-do 463-010, KR (AllExceptUS)
KWON, Young Kwan [KR/KR]; KR (UsOnly)
OH, Se Man [KR/KR]; KR (UsOnly)
LEE, Sang Youb [KR/KR]; KR (UsOnly)
HAN, Gyu Kweon [KR/KR]; KR (UsOnly)
JEONG, Ju Hwan [KR/KR]; KR (UsOnly)
OH, Seung Tak [KR/KR]; KR (UsOnly)
Inventors:
KWON, Young Kwan; KR
OH, Se Man; KR
LEE, Sang Youb; KR
HAN, Gyu Kweon; KR
JEONG, Ju Hwan; KR
OH, Seung Tak; KR
Agent:
BAE, KIM & LEE IP GROUP; Hankook Tire Bldg. 647-15 Yoksam-dong, Gangnam-gu Seoul 135-723, KR
Priority Data:
10-2005-006155908.07.2005KR
Title (EN) A MALIGNANT BOT CONFRONTATION METHOD AND ITS SYSTEM
(FR) PROCEDE DE CONFRONTATION DE DEBUT DE BANDE BOT MALVEILLANTE ET SYSTEME CORRESPONDANT
Abstract:
(EN) A method for dealing with attacks of malicious BOTs in a network security system includes detecting and analyzing a domain name receiving excessive DNS queries to judge the infection of a malicious BOT, registering the corresponding domain name as normal or abnormal management target, and redirecting an abnormal DNS query for the abnormal management target to a redirection processing & response system. Thereby, the automatic detection of malicious BOT attacks and the mechanism which performs the measures and the analysis simultaneously can protect the DNS servers and prevent the security accidents by malicious BOT attacks previously.
(FR) L'invention concerne un procédé destiné à traiter des attaques de BOT malveillant dans un système de sécurité de réseau qui consiste à détecter et à analyser un nom de domaine recevant des demandes de système de noms de domaines (DNS) excessives afin d'évaluer l'infection d'un BOT malveillant, à enregistrer le nom de domaine correspondant en temps que cible de gestion normale ou anormale et à rediriger une demande DNS anormale pour la cible de gestion anormale vers un système de réponse et de traitement de redirection. Ainsi, la détection automatique d'attaques de BOT malveillant et le mécanisme mettant en oeuvre les mesures et l'analyse permettent simultanément de protéger les serveurs DNS et d'éviter à l'avance les accidents de sécurité par des attaques de BOT malveillant.
front page image
Designated States: AE, AG, AL, AM, AT, AU, AZ, BA, BB, BG, BR, BW, BY, BZ, CA, CH, CN, CO, CR, CU, CZ, DE, DK, DM, DZ, EC, EE, EG, ES, FI, GB, GD, GE, GH, GM, HN, HR, HU, ID, IL, IN, IS, JP, KE, KG, KM, KN, KP, KZ, LA, LC, LK, LR, LS, LT, LU, LV, LY, MA, MD, MG, MK, MN, MW, MX, MZ, NA, NG, NI, NO, NZ, OM, PG, PH, PL, PT, RO, RS, RU, SC, SD, SE, SG, SK, SL, SM, SY, TJ, TM, TN, TR, TT, TZ, UA, UG, US, UZ, VC, VN, ZA, ZM, ZW
African Regional Intellectual Property Organization (ARIPO) (BW, GH, GM, KE, LS, MW, MZ, NA, SD, SL, SZ, TZ, UG, ZM, ZW)
Eurasian Patent Organization (AM, AZ, BY, KG, KZ, MD, RU, TJ, TM)
European Patent Office (AT, BE, BG, CH, CY, CZ, DE, DK, EE, ES, FI, FR, GB, GR, HU, IE, IS, IT, LT, LU, LV, MC, NL, PL, PT, RO, SE, SI, SK, TR)
African Intellectual Property Organization (BF, BJ, CF, CG, CI, CM, GA, GN, GQ, GW, ML, MR, NE, SN, TD, TG)
Publication Language: English (EN)
Filing Language: English (EN)
Also published as:
EP1902375