CN101730904A - 实体属性的关联和分析 - Google Patents
实体属性的关联和分析 Download PDFInfo
- Publication number
- CN101730904A CN101730904A CN200880009772A CN200880009772A CN101730904A CN 101730904 A CN101730904 A CN 101730904A CN 200880009772 A CN200880009772 A CN 200880009772A CN 200880009772 A CN200880009772 A CN 200880009772A CN 101730904 A CN101730904 A CN 101730904A
- Authority
- CN
- China
- Prior art keywords
- entity
- reputation
- communication
- attribute
- image
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L51/00—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
- H04L51/21—Monitoring or handling of messages
- H04L51/212—Monitoring or handling of messages using filtering or selective blocking
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
Abstract
对一个或更多个数据处理器进行操作的方法和系统,其用于通过分析实体的属性将声誉分配给发送消息的实体,将所述属性与已知属性关联起来以确定共享属性的实体之间的关系,并将一个相关实体的声誉的一部分归于另一相关实体的声誉。
Description
技术领域
本文件通常涉及用于处理通信(communication)的系统和方法,尤其是涉及用于给与通信相关的实体进行分类的系统和方法。
背景
在反垃圾邮件行业中,垃圾邮件发送者使用各种创造性的装置来躲避垃圾邮件过滤器进行的检测。这样,通信从其起源的实体可提供是否应允许给定通信进入企业网络环境的另一指示。
然而,用于消息发送者进行分析的当前工具包括互联网协议(IP)黑名单(有时称为实时黑名单(RBL))和IP白名单(实时白名单(RWL))。白名单和黑名单当然对垃圾邮件分类过程增加了益处;然而,白名单和黑名单内在地限于响应于每个查询而提供一个二进制类型(YES/NO)。而且,黑名单和白名单独立地处理实体,并忽略与实体相关的各种属性所提供的证据。
概述
提供了用于关联和分析实体属性的系统和方法。方法可包括:从第一实体接收通信;根据所接收的通信得出第一实体的一个或更多个属性;分析与第一实体相关联的并基于所接收的通信的属性;取回用于多个已知实体的已知属性信息;将所接收的通信的属性与已知属性信息关联起来;根据第一实体和共享至少一个共同属性或共同的属性模式的一个或更多个其它实体,来定义第一实体和一个或更多个其它实体之间的关系,所述一个或更多个其它实体从多个已知实体中选择;以及根据定义的关系和所述至少一个共同属性或共同的属性模式,来将与第一实体或者一个或多个其它实体中的一个相关联的第一声誉的一部分归于与第一实体或者一个或多个其它实体中的另一个相关联的第二声誉。
用于关联和分析实体属性的系统可包括通信接口、通信分析器、关联模块和声誉分配模块。通信接口从第一实体接收进入网络的通信。通信分析器得出与所接收的通信相关联的一个或更多个属性,所接收的通信包括与消息的发源相关联的第一实体。关联模块从系统数据存储器取回已知属性信息,并比较从所接收的通信得出的属性与已知属性信息,以识别第一实体和一个或更多个其它实体之间的关系。关联模块进一步操作来识别新的属性信息并将新的属性信息合并到系统数据存储器和通信分析器中。声誉分配模块使用所识别的关系来将与第一实体或者一个或更多个其它实体中的一个相关联的第一声誉的至少一部分归于与第一实体或者一个或更多个其它实体中的另一个相关联的第二声誉。
附图说明
图1是描述示例性网络的结构图,本公开的系统和方法可在该网络中进行操作。
图2是描述本公开的示例性网络体系结构的结构图。
图3是描述通信和实体的例子的结构图,其包括用于检测实体之间的关系的标识符和属性。
图4是描述用于检测关系并给实体分配风险的操作方案的流程图。
图5是示出示例性网络体系结构的结构图,其包括局部安全代理所储存的局部声誉和一个或多个服务器所储存的全局声誉。
图6是示出基于局部声誉反馈的全局声誉的确定的结构图。
图7是示出全局声誉和局部声誉之间的示例性转化(resolution)的流程图。
图8是用于调节与声誉服务器相关联的过滤器的设置的示例性图形用户界面。
图9是示出用于互联网协议语音电话(VoIP)或短消息服务(SMS)通信的基于声誉的连接抑制(connection throttling)的结构图。
图10是示出基于声誉的负载均衡器的结构图。
图11A是示出用于基于地理位置的身份验证的示例性操作方案的流程图。
图11B是示出用于基于地理位置的身份验证的另一示例性操作方案的流程图。
图11C是示出用于基于地理位置的身份验证的另一示例性操作方案的流程图。
图12是示出用于基于声誉的动态隔离的示例性操作方案的流程图。
图13是图像垃圾邮件通信的示例性图形用户界面显示。
图14是示出用于检测图像垃圾邮件的示例性操作方案的流程图。
图15A是示出用于分析通信的结构的操作方案的流程图。
图15B是示出用于分析图像的特征的操作方案的流程图。
图15C是示出用于标准化图像以用于垃圾邮件处理的操作方案的流程图。
图15D是示出用于分析图像的指纹以在多个图像中找到共同片段的操作方案的流程图。
详细说明
图1是描述示例性网络环境的结构图,本公开的系统和方法可在该网络中进行操作。安全代理(security agent)100一般可存在于在网络110(例如,企业网)内部的防火墙系统(未示出)和服务器(未示出)之间。如应被理解的,网络110可包括很多服务器,包括例如可由与网络110相关的企业使用的电子邮件服务器、网络服务器和各种应用服务器。
安全代理100监控进入和离开网络110的通信。一般通过互联网120从连接到互联网120的很多实体130a-f接收这些通信。实体130a-f中的一个或更多个可为通信业务量的合法发起者。然而,实体130a-f中的一个或更多个也可为发起不需要的通信的声誉差的实体。因此,安全代理100包括声誉引擎。声誉引擎可检查通信并确定与发起通信的实体相关联的声誉。安全代理100接着根据发端实体的声誉对通信执行动作。如果声誉指示通信的发起者声誉好,那么例如,安全代理可将通信转发到通信的接收者。然而,如果声誉指示通信的发起者声誉差,那么其中例如,安全代理可隔离通信,对消息执行更多的测试,或要求来自消息发起者的身份验证。在美国专利公布号2006/0015942中详细描述了声誉引擎,该申请由此通过引用被并入。
图2是描述本公开的示例性网络体系结构的结构图。安全代理100a-n被示为在逻辑上分别存在于网络110a-n与互联网120之间。虽然没有在图2中示出,但应理解,防火墙可安装在安全代理100a-n和互联网120之间,以提供防止未授权的通信进入相应的网络110a-n的保护。而且,结合防火墙系统可配置侵入检测系统(IDS)(未示出),以识别活动的可疑模式并在这样的活动被识别出时用信号通知警报。
虽然这样的系统对网络提供了某种保护,但它们一般不处理应用层安全威胁。例如,黑客常常试图使用各种网络类型的应用(例如,电子邮件、网络、即时消息(IM),等等)来产生与网络110a-n的前文本连接,以便利用由使用实体130a-e的这些不同的应用所产生的安全漏洞。然而,不是所有的实体130a-e都暗示对网络100a-n的威胁。一些实体130a-e发起合法的业务量,允许公司的雇员与商业伙伴更有效地进行通信。虽然对可能的威胁来说检查通信是有用的,但是维持当前的威胁信息可能很难,因为攻击被不断地改进以解决最近的过滤技术。因此,安全代理100a-n可对通信运行多次测试,以确定通信是否是合法的。
此外,包括在通信中的发送者信息可用于帮助确定通信是否是合法的。因此,复杂的安全代理100a-n可跟踪实体并分析实体的特征,以帮助确定是否允许通信进入网络110a-n。可接着给实体110a-n分配声誉。对通信的决定可考虑发起通信的实体130a-e的声誉。而且,一个或更多个中央系统200可收集关于实体130a-e的信息,并将所收集的数据分发到其它中央系统200和/或安全代理100a-n。
声誉引擎可帮助识别大量恶意通信,而没有通信的内容的广泛和可能昂贵的局部分析(local analysis)。声誉引擎也可帮助识别合法通信,并优先考虑其传输,且减小了对合法通信进行错误分类的风险。而且,声誉引擎可在物理世界或虚拟世界中对识别恶意以及合法事务的问题提供动态和预言性的方法。例子包括在电子邮件、即时消息、VoIP、SMS或利用发送者声誉和内容的分析的其它通信协议系统中过滤恶意通信的过程。安全代理100a-n可接着应用全局或局部策略,以确定关于通信对声誉结果执行什么动作(例如拒绝、隔离、负载均衡、以所分配的优先级传输、以额外的细查局部地进行分析)。
然而,实体130a-e可用各种方法连接到互联网。如应理解的,实体130a-e可同时或在一段时间内具有多个标识符(例如,电子邮件地址、IP地址、标识符文件,等等)。例如,具有变化的IP地址的邮件服务器可随着时间的过去具有多个身份。而且,一个标识符可与多个实体相关,例如,当IP地址被很多用户支持的组织共享时。而且,用于连接到互联网的特定方法可能使实体130a-e的识别模糊不清。例如,实体130b可利用互联网服务提供商(ISP)200连接到互联网。很多ISP 200使用动态主机配置协议(DHCP)来将IP地址动态地分配给请求连接的实体130b。实体130a-e也可通过欺骗合法实体来伪装其身份。因此,收集关于每个实体130a-e的特征的数据可帮助对实体130a-e加以分类,并确定如何处理通信。
在虚拟世界和物理世界中创建和欺骗身份的容易性可能产生用户恶意动作的动机,而不承担该动作的后果。例如,在互联网上被罪犯盗取的合法实体的IP地址(或在物理世界中的被盗的护照)可能使该罪犯能够通过假装被盗的身份而相对容易地参与恶意行动。然而,通过给物理实体和虚拟实体分配声誉并识别它们可能使用的多个身份,声誉系统可能影响声誉好的实体和声誉差的实体来负责任地操作,以免变得声誉差且不能与其它网络实体交流或交互。
图3是描述通信和实体的例子的结构图,其包括利用用于检测实体之间的关系的标识符和属性。安全代理100a-b可通过检查被送往相关网络的通信来收集数据。安全代理100a-b也可通过检查由相关网络分程传递的通信来收集数据。通信的检查和分析可允许安全代理100a-b收集关于发送和接收消息的实体300a-c的信息,其中包括传输模式、数量(volume)、或实体是否有发送某些类型的消息(例如,合法消息、垃圾邮件、病毒、群发邮件,等等)的倾向。
如图3所示,每个实体300a-c分别与一个或更多个标识符310a-c相关联。标识符310a-c可例如包括IP地址、统一资源定位器(URL)、电话号码、IM用户名、消息内容、域,或可描述实体的任何其它标识符。而且,标识符310a-c与一个或更多个属性320a-c相关联。如应理解的,属性320a-c符合所描述的特定标识符310a-c。例如,消息内容标识符可包括属性,例如恶意软件(malware)、数量、内容类型、运行状态,等等。类似地,与标识符例如IP地址相关联的属性320a-c可包括与实体300a-c相关联的一个或更多个IP地址。
此外,应理解,可从通信330a-c(例如,电子邮件)收集的该数据一般包括发起通信的实体的一些标识符和属性。因此,通信330a-c提供用于将关于实体的信息传递到安全代理100a、100b的传送。通过检查包括在消息中的标题信息、分析消息的内容,以及通过汇聚安全代理100a、100b以前收集的信息(例如,合计从实体接收的通信的数量),安全代理100a、100b可检测这些属性。
可汇聚并利用来自多个安全代理100a、100b的数据。例如,数据可由中央系统汇聚和利用,中央系统接收与所有实体300a-c相关联的标识符和属性,安全代理100a、100b为实体300a-c接收了通信。可选地,彼此传递关于实体300a-c的标识符和属性信息的安全代理100a、100b可作为分布式系统进行操作。利用数据的过程可使实体300a-c的属性彼此关联,从而确定实体300a-c之间的关系(例如,事件出现、数量,和/或其它确定因素之间的关联)。
这些关系可接着用于根据与每个标识符相关的属性的关联为所有标识符建立多维声誉“矢量”。例如,如果具有声誉差的已知声誉的声誉差的实体300a发送具有第一组属性350a的消息330a,且接着未知实体300b发送具有第二组属性350b的消息330b,则安全代理100a可确定第一组属性350a的全部或一部分是否匹配第二组属性350b的全部或一部分。当第一组属性350a的某个部分匹配第二组属性350b的某个部分时,可根据包括匹配的属性330a、33b的特定标识符320a、320b来建立关系。被发现具有匹配的属性的特定标识符340a、340b可用于确定与实体300a、300b之间的关系相关联的强度。关系的强度可帮助确定声誉差的实体300a的声誉差的性质中有多少被归于未知实体300b的声誉。
然而,还应认识到,未知实体300b可发起包括属性350c的通信330c,属性350c与发源于已知的声誉好的实体300c的通信330d的一些属性350d匹配。被发现具有匹配的属性的特定标识符340c、340d可用于确定与实体300b、300c之间的关系相关联的强度。关系的强度可帮助确定声誉好的实体300c的声誉好的性质中有多少被归于未知实体300b的声誉。
分布式声誉引擎还允许关于最近的威胁前景的全球情报的实时协作共享,对可由过滤或风险分析系统执行的局部分析提供即时保护的益处,以及甚至在可能的新威胁出现之前就识别这种新威胁的恶意来源。使用位于很多不同地理位置处的传感器,可与中央系统200或与分布式安全代理100a、100b一起快速共享关于新威胁的信息。如应理解的,这样的分布式传感器可包括局部安全代理100a、100b,以及局部声誉好的客户机、业务量监控器,或适合于收集通信数据的任何其它设备(例如,开关、路由器、服务器,等等)。
例如,安全代理100a、100b可与中央系统200进行通信,以提供威胁和声誉信息的共享。可选地,安全代理100a、100b可在彼此之间传递威胁和声誉信息,以提供最新的和准确的威胁信息。在图3的例子中,第一安全代理300a拥有关于未知实体300b和声誉差的实体300a之间的关系的信息,而第二安全代理300b拥有关于未知实体300b和声誉好的实体300c之间的关系的信息。在没有共享信息的情况下,第一安全代理300a可根据所检测的关系对通信采取特定的动作。然而,知道未知实体300b和声誉好的实体300c之间的关系,第一安全代理300a可利用来自未知实体300b的收到的通信来采取不同的动作。安全代理之间的关系信息的共享因而提供更完整的一组关系信息,将针对该关系信息作出确定。
系统试图将声誉(反映一般倾向和/或分类)分配给物理实体,例如执行事务的个人或自动化系统。在虚拟世界中,实体由在实体正执行的特定事务(例如,发送消息或从银行帐号转移资金)中联系到这些实体的标识符(例如IP、URL、内容)表示。因此根据那些标识符的总体行为和历史模式以及那些标识符与其它标识符的关系,例如发送消息的IP与包括在那些消息中的URL的关系,声誉可被分配到那些标识符。如果在标识符之间存在强关联,则单个标识符的“差”声誉可能使其它邻近的标识符的声誉恶化。例如,发送具有差声誉的URL的IP将由于URL的声誉而使其自己的声誉恶化。最后,单独的标识符声誉可被汇聚成与那些标识符相关联的实体的单个声誉(风险评分)。
应注意,属性可分成很多类别。例如,证据属性可表示关于实体的物理、数字或数字化的物理数据。该数据可归于单个已知或未知的实体,或在多个实体之间共享(形成实体关系)。与消息安全有关的证据属性的例子包括IP(互联网协议)地址、已知的域名、URL、实体所使用的数字指纹或签名、TCP签名,等等。
作为另一例子,行为属性可表示关于实体或证据属性的人或机器分配的观测结果。这样的属性可包括来自一个或多个行为参数文件(behavioralprofile)的一个、很多或所有属性。例如,通常与垃圾邮件发送者相关联的行为属性可依据从该实体发送的大量通信。
用于特定类型的行为的很多行为属性可被合并以得出行为参数文件。行为参数文件可包括一组预定义的行为属性。分配给这些参数文件的属性特征包括与限定匹配参数文件的实体的倾向有关的行为事件。与消息安全有关的行为参数文件的例子可包括“垃圾邮件发送者”、“诈骗者”和“合法发送者”。与每个参数文件相关的事件和/或证据属性限定参数文件应被分配到的适当实体。这可包括特定的一组发送模式、黑名单事件或证据数据的特定属性。一些例子包括:发送者/接收者身份识别;时间间隔和发送模式;有效载荷的严重度(severity)和配置;消息结构;消息质量;协议和相关的签名;通信介质。
应理解,共享相同的证据属性中的一些或全部的实体具有证据关系。类似地,共享行为属性的实体具有行为关系。这些关系帮助形成相关参数文件的逻辑组,该关系接着被适应性地应用,以增强参数文件或略微差不多符合所分配的参数文件地来识别实体。
图4是描述用于检测关系并给实体分配风险的操作方案400的流程图。操作方案在步骤410通过收集网络数据开始。数据收集可例如由安全代理100、客户设备、交换机、路由器或任何其它设备完成,所述其它设备可操作来从网络实体(例如,电子邮件服务器、网络服务器、IM服务器、ISP、文件传输协议(FTP)服务器、gopher服务器、VoIP设备等)接收通信。
在步骤420,标识符与所收集的数据(例如通信数据)相关联。步骤420可由可操作来从很多传感器设备汇聚数据的安全代理100或中央系统200执行,包括例如一个或更多个安全代理100。可选地,步骤420可由安全代理100本身执行。标识符可基于所接收的通信的类型。例如,电子邮件可包括一组信息(例如,发起者和收信方的IP地址、文本内容、附件等),而VoIP通信可包括一组不同的信息(例如,主叫电话号码(或如果从VoIP客户发起则为IP地址)、接收的电话号码(或如果指定VoIP电话则为IP地址)、语音内容,等等)。步骤420也可包括分配具有相关标识符的通信的属性。
在步骤430,分析与实体相关联的属性,以确定在实体之间是否存在任何关系,为这些实体收集通信信息。步骤430可例如由中央系统200或一个或更多个分布式安全代理100执行。分析可包括比较与不同实体有关的属性以找到实体之间的关系。而且,根据作为关系的基础的特定属性,强度可与关系相关联。
在步骤440,风险矢量被分配给实体。作为例子,风险矢量可由中央系统200或一个或更多个安全代理100分配。分配给实体130(图1-2)、300(图3)的风险矢量可基于在实体之间存在的关系,并基于形成关系的基础的标识符。
在步骤450,可根据风险矢量执行动作。该动作可例如由安全代理100执行。可对与实体相关联的收到的通信执行动作,风险矢量被分配给该实体。其中,所述动作可包括允许、拒绝、隔离、负载均衡、以所分配的优先级传输、以额外的细查局部地进行分析。然而,应理解,可单独地得到声誉矢量。
图5是示出示例性网络体系结构的结构图,其包括由局部声誉引擎510a-e得到的局部声誉500a-e和一个或更多个服务器530所储存的全局声誉520。局部声誉引擎510a-e例如可与局部安全代理,例如安全代理100相关联。可选地,局部声誉引擎510a-e可例如与本地客户机相关联。声誉引擎510a-e中的每个包括一个或更多个实体的列表,声誉引擎510a-e为这些实体储存所得到的声誉500a-e。
然而,这些储存的得到的声誉在声誉引擎之间可能是不一致的,因为每个声誉引擎可观察到不同类型的业务量。例如,声誉引擎1510a可包括指示特定实体是声誉好的声誉,而声誉引擎2510b可包括指示同一实体是声誉差的声誉。这些局部的声誉不一致性可基于从实体接收的不同业务量。可选地,不一致性可基于来自局部声誉引擎1510a的用户的、指示通信是合法的反馈,而局部声誉引擎2510b提供指示同一通信是不合法的反馈。
服务器530从局部声誉引擎510a-e接收声誉信息。然而,如上所述,一些局部声誉信息可能与其它局部声誉信息不一致。服务器530可在局部声誉500a-e之间进行仲裁,以根据局部声誉信息500a-e确定全局声誉520。在一些例子中,全局声誉信息520可接着被提供回局部声誉引擎510a-e,以给这些引擎510a-e提供最新的声誉信息。可选地,局部声誉引擎510a-e可操作来查询服务器530以得到声誉信息。在一些例子中,服务器530使用全局声誉信息520响应于查询。
在其它例子中,服务器530将局部声誉偏置(bias)应用到全局声誉520。局部声誉偏置可对全局声誉执行变换,以给局部声誉引擎510a-e提供全局声誉矢量,其根据发起查询的特定局部声誉引擎510a-e的偏好而进行偏置。因此,管理员或用户对垃圾邮件消息指示高容忍度(tolerance)的局部声誉引擎510a可接收解释所指示的容忍度的全局声誉矢量。返回到声誉引擎510a的声誉矢量的特定分量可能包括由于与声誉矢量的其余部分的关系而降低重要性的声誉矢量的部分。同样,局部声誉引擎510b可接收放大与病毒声誉有关的声誉矢量的分量的声誉矢量,局部声誉引擎510b指示例如来自具有发起病毒的声誉的实体的低容忍度通信。
图6是示出基于局部声誉反馈的全局声誉的确定的结构图。局部声誉引擎600可操作来通过网络610向服务器620发送查询。在一些例子中,局部声誉引擎600响应于从未知实体接收通信而发起查询。可选地,局部声誉引擎600可响应于接收任何通信而发起查询,从而促进更加新的声誉信息的使用。
服务器620可操作来使用全局声誉确定响应于查询。中央服务器620可使用全局声誉汇聚引擎630得到全局声誉。全局声誉汇聚引擎630可操作来从相应的多个局部声誉引擎接收多个局部声誉640。在一些例子中,多个局部声誉640可由声誉引擎周期性地发送到服务器620。可选地,多个局部声誉640可由服务器在从局部声誉引擎600中之一接收到查询时取回。
使用与每个局部声誉引擎有关的置信值(confidence value)并接着积累结果,可合并局部声誉。置信值可指示与相关声誉引擎所产生的局部声誉相关联的置信度。与个人相关联的声誉引擎例如可接收在全局声誉确定中较低的权重。相反,与在大型网络上操作的声誉引擎相关联的局部声誉可根据与该声誉引擎相关联的置信值接收全局声誉确定中较大的权重。
在一些例子中,置信值650可基于从用户接收的反馈。例如,可给接收很多反馈的声誉引擎分配与该声誉引擎相关的局部声誉640的低置信值650,这些反馈指示通信未被正确地处理,因为与通信相关的局部声誉信息640指示错误的动作。类似地,可给接收反馈的声誉引擎分配与该声誉引擎相关的局部声誉640的高置信值650,该反馈根据局部声誉信息640指示通信被正确地处理,局部声誉信息640与指示正确的动作的通信相关联。与不同声誉引擎相关联的置信值的调整可使用调节器660来完成,调节器660可操作来接收输入信息并根据所接收的输入调节置信值。在一些例子中,根据被储存的用于被错误地分类的实体的统计资料,置信值650可由声誉引擎本身提供到服务器620。在其它例子中,用于对局部声誉信息加权的信息可被传递到服务器620。
在一些例子中,偏置670可应用于最终形成的全局声誉矢量。偏置670可标准化声誉矢量,以向声誉引擎600提供标准化的全局声誉矢量。可选地,可应用偏置670以解释与发起声誉查询的声誉引擎600相关的局部偏好。因此,声誉引擎600可接收与查询的声誉引擎600的确定的偏好匹配的全局声誉矢量。声誉引擎600可根据从服务器620接收的全局声誉矢量对通信采取动作。
图7是示出全局声誉和局部声誉之间的示例性转化的结构图。局部安全代理700与服务器720进行通信,以从服务器720取回全局声誉信息。局部安全代理700可在702接收通信。局部安全代理可在704关联通信以识别消息的属性。消息的属性可包括例如发端实体、消息内容的指纹、消息大小,等等。局部安全代理700在对服务器720的查询中包括该信息。在其它例子中,局部安全代理700可将整个消息转发到服务器720,且服务器可执行消息的关联和分析。
服务器720使用从查询接收的信息,来根据服务器720的配置725确定全局声誉。配置725可包括多个声誉信息,包括指示被查询的实体是声誉差的信息(730)和指示被查询的实体是声誉好的信息(735)。配置725也可将权重740应用于每个汇聚的声誉730、735。声誉得分确定器745可提供用于给汇聚的声誉信息730、735加权(740)并产生全局声誉矢量的引擎。
局部安全代理700接着在706向局部声誉引擎发送查询。局部声誉引擎708执行局部声誉的确定并在710返回局部声誉矢量。局部安全代理700也接收以全局声誉矢量形式的、对发送到服务器720的声誉查询的响应。局部安全代理700接着在712将局部声誉矢量和全局声誉矢量混合在一起。接着在714关于所接收的消息采取动作。
图8是用于调整与声誉服务器相关联的过滤器的设置的示例性图形用户界面800。图形用户界面800可允许局部安全代理的用户在一些不同的类别810,例如“病毒”、“蠕虫”、“特洛伊木马”、“网络钓鱼”、“间谍软件”、“垃圾邮件”、“内容”和“群发”中调整局部过滤器的配置。然而,应理解,所述类别810只是例子,且本公开不限于在这里被选为例子的类别810。
在一些例子中,类别810可分成两种或更多类型的类别。例如,图8的类别810分成类别810的“安全设置”类型820以及类别的“策略设置”类型830。在每个类别810和类型820、830中,混合器条形表示840可允许用户调整与通信或实体声誉的相应类别810相关联的特定过滤器设置。
而且,虽然“策略设置”类型830的类别810可根据用户自己的判断被自由调节,但是“安全设置”类型820的类别可被限制到在一范围内调整。可产生该差别,以便阻止用户更改安全代理的安全设置超过可接受的范围。例如,不满意的雇员可能试图降低安全设置,从而允许企业网易受攻击。因此,在“安全设置”类型820中置于类别810上的范围850可操作来在将安全保持在最低水平,以防止网络被危害。然而,如应注意的,“策略设置”类型830的类别810是不危害网络安全的那些类型的类别810,而是如果设置降低可能只是使用户或企业不方便。
此外,应认识到,在各种例子中,范围限制850可置于全部类别810上。因此,局部安全代理将阻止用户将混合器条形表示840设置在所提供的范围850之外。还应注意,在一些例子中,范围可不显示在图形用户界面800上。替代地,范围850将被从图形用户界面800提取出来,且所有设置将为相关的设置。因此,类别800可显示并看起来似乎允许设置的满范围,同时将设置变换成在所提供的范围内的设置。例如,“病毒”类别810的范围850在本例中被设置在水平标记8和13之间。如果图形用户界面800设置成从图形用户界面800提取出可允许的范围850,则“病毒”类别810将允许混合器条形表示840设置在0和14之间的任何位置。然而,图形用户界面800可将0-14设置变换成在8到13的范围850内的设置。因此,如果用户请求在0和14之间中间的设置,则图形用户界面可将该设置变换成在8和13中间的设置。
图9是示出用于互联网协议语音电话(VoIP)或短消息服务(SMS)通信的基于声誉的连接抑制的结构图。如应理解的,主叫IP电话900可向接收的IP电话910安排VoIP呼叫。这些IP电话900、910可以是例如计算机执行的软电话软件、网络支持的电话,等等。主叫IP电话900可通过网络920(例如互联网)安排VoIP呼叫。接收的IP电话910可通过局域网930(例如企业网)接收VoIP呼叫。
当建立VoIP呼叫时,主叫IP电话已建立与局域网930的连接。该连接可与电子邮件、网络、即时消息或其它互联网应用可被用于提供与网络的未调节(unregulated)的连接的方式类似被使用。因此,可使用与接收的IP电话的连接,从而根据所建立的连接使在局域网930上操作的计算机940、950处于入侵、病毒、特洛伊木马、蠕虫和各种其它类型的攻击的危险中。而且,由于VoIP通信的时间敏感性质,一般不检查这些通信,以确保没有误用连接。例如,语音会话实时地发生。如果语音会话的一些分组被延迟,则会话变得不自然且难以理解。因此,一旦建立了连接,就一般不能检查分组的内容。
然而,局部安全代理960可使用从声誉引擎或服务器970接收的声誉信息来确定与主叫IP电话相关的声誉。局部安全代理960可使用发端实体的声誉来确定是否允许与发端实体的连接。因此,安全代理960可防止与声誉差的实体的连接,如不遵守局部安全代理960的策略的声誉所指示的。
在一些例子中,局部安全代理960可包括连接抑制引擎,其可操作来使用在主叫IP电话900和接收的IP电话910之间建立的连接来控制正被传输的分组的流动速率。因此,可允许具有差声誉的发端实体900产生与接收的IP电话910的连接。然而,分组通过量将被定上限,从而防止发端实体900使用连接来攻击局域网930。可选地,连接抑制可通过执行从声誉差的实体发起的任何分组的详细检查来完成。如上所述,所有VoIP分组的详细检查不是有效的。因此,可为与声誉好的实体相关联的连接最大化服务质量(QoS),同时减少与声誉差的实体的连接相关联的QoS。可对与声誉差的实体相关联的连接执行标准通信询问技术,以便发行从发端实体接收的任何被传输的分组是否包括对网络930的威胁。在美国专利号6,941,467、7,089,590、7,096,498和7,124,438中以及在美国专利申请号2006/0015942、2006/0015563、2003/0172302、2003/0172294、2003/0172291和2003/0173166中描述了各种询问技术和系统,由此以上这些通过引用被并入。
图10是示出基于声誉的负载均衡器1000的操作的结构图。负载均衡器1000可操作来通过网络1030(例如互联网)(分别地)从声誉好的实体1010和声誉差的实体1020接收通信。负载均衡器1000与声誉引擎1040进行通信,以确定与进入或传出的通信相关联的实体1010、1020的声誉。
声誉引擎1030可操作来给负载均衡器提供声誉矢量。声誉矢量可以各种不同的类别指示与通信相关联的实体1010、1020的声誉。例如,就发起垃圾邮件的实体1010、1020而言,声誉矢量可指示实体1010、1020的良好声誉,同时就发起病毒的实体1010、1020而言,也指示相同实体1010、1020的差声誉。
负载均衡器1000可使用声誉矢量来确定关于与实体1010、1020相关联的通信执行什么动作。在声誉好的实体1010与通信相关联的情况下,消息被发送到消息传输代理(MTA)1050并被传输给接收者1060。
在声誉差的实体1020拥有病毒的声誉但没有其它类型的声誉差的活动的声誉的情况下,通信被转发到多个病毒检测器1070中之一。负载均衡器1000可操作来根据病毒检测器的当前容量和发端实体的声誉来确定使用多个病毒检测器1070中的哪一个。例如,负载均衡器1000可将通信发送到被最少利用的病毒检测器。在其它例子中,负载均衡器1000可确定与发端实体相关联的差声誉度,并将声誉稍微差的通信发送到被最少利用的病毒检测器,同时将声誉非常差的通信发送到被高度利用的病毒检测器,从而抑制与声誉非常差的实体相关联的连接的QoS。
类似地,在声誉差的实体1020有发起垃圾邮件通信的声誉但没有其它类型的声誉差的活动的声誉的情况下,负载均衡器可将通信发送到专门的垃圾邮件检测器1080以排除其它类型的测试。应理解,在通信与发起多种类型的声誉差的活动的声誉差的实体1020相关联的情况下,可发送通信以测试已知实体1020要显示的每种类型的声誉差的活动,同时避免与不知道实体1020要显示的声誉差的活动相关联的测试。
在一些例子中,每个通信可接收用于多种类型的不合法内容的例行测试。然而,当与通信相关联的实体1020显示某些类型的活动的声誉时,通信也可被隔离以用于内容的详细测试隔离,实体显示对于发起该内容的声誉。
在又一些例子中,每个通信可接收相同类型的测试。然而,与声誉好的实体1010相关联的通信被发送到有最短队列的测试模块或具有空闲的处理容量的测试模块。另一方面,与声誉差的实体1020相关联的通信被发送到有最长队列的测试模块1070、1080。因此,与声誉好的实体1010相关联的通信可接受超过与声誉差的实体相关联的通信的传输优先权。因此对于声誉好的实体1010,服务质量被最大化,同时对于声誉差的实体1020,服务质量被降低。因此,基于声誉的负载平衡可通过降低声誉差的实体连接到网络930的能力来保护网络免于攻击。
图11A是示出用于收集基于地理位置的数据以进行身份验证分析的示例性操作方案的流程图。在步骤1100,操作方案从各种登录尝试收集数据。步骤1100可例如由局部安全代理,例如图1的安全代理100执行。其中,所收集的数据可包括与登录尝试相关联的IP地址、登录尝试的时间、在成功之前的登陆尝试的次数,或所尝试的任何不成功的口令的详细资料。所收集的数据接着在步骤1105被分析,以得出统计信息,例如登录尝试的地理位置。步骤1105可例如由声誉引擎执行。接着在步骤1110与登录尝试相关联的统计信息被储存。该储存可例如由系统数据存储器执行。
图11B是示出用于基于地理位置的身份验证的另一示例性操作方案的流程图。在步骤1115接收登录尝试。登录尝试可例如由可操作来通过网络提供安全财务数据的安全网络服务器接收。接着在步骤1120确定登录尝试是否匹配所储存的用户名和口令组合。步骤1120可例如由可操作来验证登录尝试的安全服务器执行。如果用户名和口令不匹配所存储的用户名/口令组合,则在步骤1125宣布登录尝试失败。
然而,如果用户名和口令确实匹配合法用户名/口令组合,则在步骤1130确定登录尝试的起源。登录尝试的起源可由如图1所示的局部安全代理100确定。可选地,登录尝试的起源可由声誉引擎确定。登录尝试的起源可接着与在图11A中得出的统计信息比较,如在步骤1135中示出的。步骤1135可例如由局部安全代理100或声誉引擎执行。在步骤1140确定起源是否与统计期望匹配。如果实际起源匹配统计期望,则在步骤1145验证用户。
可选地,如果实际起源不匹配对于起源的统计期望,则在步骤1150执行进一步的处理。应理解,进一步的处理可包括从用户请求进一步的信息,以验证他或她的真实性。这样的信息可包括例如家庭地址、母亲的婚前姓、出生地点,或关于用户已知的任何其它部分的信息(例如秘密问题)。额外处理的其它例子可包括搜索以前的登录尝试,以确定当前登录尝试的地点是否确实是异常的或仅仅是巧合的。此外,与发起登录尝试的实体相关联的声誉可被得出并用于确定是否允许登录。
图11C是示出用于使用发端实体的声誉进行基于地理位置的验证以确认身份验证的另一示例性操作方案的流程图。在步骤1115接收登录尝试。登录尝试可例如由可操作来通过网络提供安全财务数据的安全网络服务器接收。接着在步骤1160确定登录尝试是否匹配所储存的用户名和口令组合。步骤1160可例如由可操作来验证登录尝试的安全服务器执行。如果用户名和口令不匹配所存储的用户名/口令组合,则在步骤1165宣布登录尝试失败。
然而,如果用户名和口令确实匹配合法的用户名/口令组合,则在步骤1170确定登录尝试的起源。登录尝试的起源可由如图1所示的局部安全代理100确定。可选地,登录尝试的起源可由声誉引擎确定。接着可取回与发起登录尝试的实体相关联的声誉,如在步骤1175中示出的。步骤1175可例如由声誉引擎执行。在步骤1180确定发端实体的声誉是否是声誉好的。如果发端实体是声誉好的,则在步骤1185验证用户身份。
可选地,如果发端实体是声誉差的,则在步骤1190执行进一步的处理。应理解,进一步的处理可包括从用户请求进一步的信息,以验证他或她的真实性。这样的信息可包括例如家庭地址、母亲的婚前姓、出生地点,或关于用户已知的任何其它部分的信息(例如秘密问题)。额外处理的其它例子可包括搜索以前的登录尝试,以确定当前登录尝试的地点是否确实是异常的或仅仅是巧合的。
因此,应理解,可应用声誉系统来识别金融交易中的欺诈行为。声誉系统可根据交易发起者的声誉或实际交易中的数据(来源、目的地、金额,等等)来提高交易的风险评分。在这样的情况下,金融机构可根据发端实体的声誉更好地确定特定交易是欺骗性的概率。
图12是示出用于基于声誉的动态隔离的示例性操作方案的流程图。在步骤1200接收通信。接着在步骤1205分析通信,以确定它们是否与未知实体相关联。然而应注意,该操作方案可应用于所接收的任何通信,而不仅仅是从以前的未知实体接收的通信。例如,从声誉差的实体接收的通信可被动态地隔离,直到确定了所接收的通信不对网络造成威胁为止。在通信不与新实体相关联的场合,通信经历对进入的通信的正常处理,如在步骤1210中示出的。
如果通信与新实体相关联,则在步骤1215初始化动态隔离计数器。接着在步骤1220,从新实体接收的通信被发送到动态隔离。接着在步骤1225检查计数器以确定计数器的时间是否已经过去了。如果计数器的时间没有过去,则在步骤1230递减计数器。在步骤1235可分析实体的行为以及被隔离的通信。在步骤1240确定实体的行为或被隔离的通信是否是异常的。如果没有发现异常情况,则操作方案返回到步骤1220,在这里隔离新的通信。
然而,如果在步骤1240发现实体的行为或通信是异常的,则在步骤1245给实体分配声誉差的声誉。通过将通知发送到管理员或发端实体所发送的通信的接收者来结束过程。
返回到步骤1220,隔离和检查通信和实体行为的过程继续进行,直到发现异常行为为止,或直到在步骤1225动态的隔离计数器的时间过去为止。如果动态的隔离计数器的时间过去了,则在步骤1255给实体分配声誉。可选地,在实体不是未知实体的情况下,在步骤1245或1255可更新声誉。在步骤1260通过释放动态隔离来结束该操作方案,其中动态的隔离计数器的时间已经过去,而在通信中或在发端实体的行为中没有发现异常情况。
图13是可被分类为不想要的图像或消息的图像垃圾邮件通信的示例性图形用户界面1300的显示。如应理解的,图像垃圾邮件对传统垃圾邮件过滤器造成问题。图像垃圾邮件通过将垃圾邮件的文本消息转换成图像格式来绕过垃圾邮件的传统文本分析。图13示出图像垃圾邮件的例子。消息显示图像1310。虽然图像1300看起来是文本,但它仅仅是文本消息的图形编码。一般地,图像垃圾邮件也包括文本消息1320,文本消息1320包括被正确地构造的但在消息背景下没有意义的句子。消息1320设计成躲避接通通信的垃圾邮件过滤器,在该通信内只包括图像1310。而且,消息1320设计成欺骗滤波器,这些滤波器对包括图像1310的通信的文本应用粗略的测试。进一步地,当这些消息确实在头部1330中包括关于消息的起源的信息时,用于发出图像垃圾邮件的实体的声誉可能是未知的,直到该实体被发觉发送图像垃圾邮件为止。
图14是示出用于检测不想要的图像(例如,图像垃圾邮件)的示例性操作方案的流程图。应理解,附图14中所示的很多步骤可单独地或结合附图14中所示的其它步骤中的任何一个或全部来执行,以提供图像垃圾邮件的某种检测。然而,附图14中的每个步骤的使用提供了用于检测图像垃圾邮件的全面的过程。
过程在步骤1400以通信的分析开始。步骤1400一般包括分析通信,以确定通信是否包括受到图像垃圾邮件处理的图像。在步骤1410,操作方案执行通信的结构分析,以确定图像是否包括垃圾邮件。接着在步骤1420分析图像的头部。图像头部的分析允许系统确定关于图像格式本身是否存在异常情况(例如,协议错误、讹误,等等)。在步骤1430分析图像的特征。特征分析旨在确定图像的任何特征是否是异常的。
可在步骤1440标准化图像。图像的标准化一般包括移除可能被垃圾邮件发送者添加以避免图像指纹识别技术的随机噪声。图像标准化旨在将图像转换成在图像中可容易比较的格式。可对被标准化的图像执行指纹分析,以确定图像是否匹配来自以前接收的已知图像垃圾邮件的图像。
图15A是示出用于分析通信的结构的操作方案的流程图。操作方案在步骤1500以消息结构的分析开始。在步骤1505,分析通信的超文本标记语言(HTML)结构,以引入n-元文法(n-gram)标记作为贝叶斯分析的额外符号(token)。这样的处理可为异常情况分析包括在图像垃圾邮件通信中的文本1320。可分析消息的HTML结构,以定义元令牌(meta-token)。元令牌是消息的HTML内容,其被处理以丢弃任何不相关的HTML标记,并通过移除白空区而被压缩以生成用于贝叶斯分析的“符号”。上述符号中的每个可用作对贝叶斯分析的输入,以与以前接收的通信比较。
操作方案接着在步骤1515包括图像检测。图像检测可包括将图像分割成多个部分,以及对这些部分执行指纹识别来确定指纹是否匹配以前接收的图像的部分。
图15B是示出用于下述过程的操作方案的流程图,即分析图像的特征,以提取用于输入到聚类引擎(clustering engine)中的消息的特征,以便识别符合已知图像垃圾邮件的图像的组成部分。操作方案在步骤1520开始,在这里图像的多个高水平特征被检测,以用在机器学习算法中。这样的特征可包括数值,例如独特的颜色的数量、噪声黑色像素(noise black pixel)的数量、水平方向中边缘(形状之间的锐转变)的数量,等等。
操作方案所提取的特征之一可包括图像的柱状图模式的数量,如在步骤1525示出的。通过检查图像的光谱密度来产生模式的数量。如应理解的,人工图像一般包括比自然图像少的模式,这是因为自然图像颜色一般扩散到广谱(broad spectrum)。
如上所述,从图像提取的特征可用于识别异常情况。在一些例子中,异常情况可包括分析消息的特征以确定多个特征与所储存的不想要的图像的特征的相似性的程度。可选地,在一些例子中,也可分析图像特征,以与已知的声誉好的图像比较,以确定与声誉好的图像的相似性。应理解,单独的所提取的特征都不能决定分类。例如,特定的特征可与60%的不想要的消息相关联,同时也与40%的想要的消息相关联。而且,当与特征相关联的数值变化时,消息是想要的或是不想要的概率可能变化。有很多可指示轻微倾向的特征。如果合并这些特征中的每个,则图像垃圾邮件检测系统可进行分类决定。
接着在步骤1530检查高宽比,以确定关于图像尺寸或高宽比的是否存在任何异常情况。图像尺寸或高宽比与已知图像垃圾邮件所共有的已知尺寸或高宽比的相似性可指示这种在高宽比中的异常情况。例如,图像垃圾邮件能够以特定的尺寸出现,以使图像垃圾邮件看起来更像普通电子邮件。包括下述图像的消息更可能是垃圾邮件本身,即这些图像与已知垃圾邮件图像享有共同的尺寸。可选地,存在不有利于垃圾邮件的图像尺寸(例如,如果垃圾邮件发送者将消息插入图像中,则1英寸x1英寸的正方形图像可能是难以读取的)。已知不利于垃圾邮件的插入的包括图像的消息较不可能是图像垃圾邮件。因此,消息的高宽比可与在图像垃圾邮件中使用的共同的高宽比进行比较,以确定图像是不想要的图像或图像是声誉好的图像的概率。
在步骤1535,检查图像的频率分布。一般地,自然图像有具有相对少的明显的频率梯度(gradation)的均匀频率分布。另一方面,图像垃圾邮件一般包括常变的频率分布,这是因为黑色字母被放置在黑暗背景上。因此,这样的不均匀的频率分布可指示图像垃圾邮件。
在步骤1540,可分析信噪比。高信噪比可指示垃圾邮件发送者可能试图通过将噪声引入图像中来躲避指纹识别技术。由此增加噪声水平可指示图像是不想要的图像的概率增加。
应理解,可在整个图像的规模上提取一些特征,而可从图像的子部分提取其它特征。例如,图像可被细分成多个子部分。每个矩形可使用快速付立叶变换(FFT)变换到频域中。在被变换的图像中,在多个方向上的频率的优势(predominance)可作为特征被提取。也可检查所变换的图像的这些子部分,以确定高频和低频的数量。在被变换的图像中,离原点较远的点表现出较高的频率。类似于其它被提取的特征,这些特征可接着与已知的合法和不想要的图像比较,以确定未知图像与每个类型的已知图像共享哪些特性。而且,被变换的(例如频域)图像也可分成子部分(例如,片段(slice)、矩形、同心圆,等等),并与来自已知图像(例如,已知的不想要的图像和已知的合法的图像)的数据比较。
图15C是示出用于标准化图像以用于垃圾邮件处理的的操作方案的流程图。在步骤1545,从图像除去模糊和噪声。如前所述,这些可能由垃圾邮件发送者引入来躲避指纹识别技术,例如通过改变无用信息的总数的散列法,使得它不与任何以前接收的已知图像垃圾邮件的无用信息的指纹匹配。模糊和噪声的移除可描述用于除去垃圾邮件发送者所引入的人为噪声的几种技术。应理解,人为噪声可包括垃圾邮件发送者所使用的技术,例如条带效应(其中包括在图像中的字体变化,以改变图像的无用信息)。
在步骤1550,边缘检测算法可在标准化的图像上执行。在一些例子中,被进行边缘检测的图像被使用并提供到光学字符识别引擎,以将被进行边缘检测的图像转换成文本。边缘检测可用于从图片除去不必要的细节,该细节可能在相对于其他图像处理该图像中造成低效率。
在步骤1555,可应用中值滤波。应用中值滤波来除去随机的像素噪声。这样的随机像素可对图像的内容分析造成问题。中值滤波可帮助除去垃圾邮件发送者所引入的单像素类型的噪声。应理解,单像素噪声由垃圾邮件发送者使用图像编辑器引入,以改变图像中的一个或多个像素,这可使图像在一些区域中看起来呈颗粒状的,从而使图像更难以检测。
在步骤1560,量化图像。图像的量化除去不必要的颜色信息。这种颜色信息一般需要更多的处理,并与垃圾邮件的试图传播无关。而且,垃圾邮件发送者可稍微改变图像中的颜色方案,并再次改变杂乱信息,以便已知图像垃圾邮件的杂乱信息不匹配从颜色变化的图像垃圾邮件得出的杂乱信息。
在步骤1565,执行对比度扩展。使用对比度扩展,图像中的颜色标度从黑到白被最大化,即使颜色只在灰度阴影中变化也是如此。给图像的最亮的阴影分配白值,而给图像中最暗的阴影分配黑值。与原始图像中最亮和最暗的阴影相比,给所有其它阴影分配他们在光谱(spectrum)中的相对位置。对比度扩展帮助限定图像中可能没有充分利用可用光谱的细节,因而可帮助阻止垃圾邮件发送者使用不同部分的光谱来避免指纹识别技术。垃圾邮件发送者有时故意改变图像的密度范围,以使一些类型的特征识别引擎无效。对比度扩展也可帮助标准化图像,以便它可与其它图像比较,以识别包含在图像中的共同特征。
图15D是示出用于分析图像的指纹以在多个图像中找到共同片段的操作方案的流程图。在步骤1570,操作方案通过界定图像内的区域开始。接着对所界定的区域执行风选算法(winnowing algorithm),以识别图像的相关部分,在步骤1575应在该图像上提取指纹。在步骤1580,操作方案对从风选操作得到的片段进行指纹识别,并确定在所接收的图像和已知垃圾邮件图像的指纹之间是否存在匹配。在每个专利申请公布号2006/0251068中描述了类似的风选指纹识别方法,该专利由此通过引用被并入。
如这里在说明书中使用的且在接下来的全部权利要求中,“一(a)”、“一个(an)”和“所述(the)”的意思包括复数涵义,除非上下文另外清楚地指出。此外,如这里在说明书中使用的且在接下来的全部权利要求中,“在...中”的意思包括、“在...中”和“在...上”,除非上下文另外清楚地指出。最后,如这里在说明书中使用的且在接下来的全部权利要求中,“和”和“或”的意思包括联合的和分离的涵义,并可互换地使用,除非上下文另外清楚地指出。
范围可在这里表示为从“大约”一个特定的值和/或到“大约”另一特定的值。当表示这样的范围时,另一实施方式包括从一个特定的值和/或到另一特定的值。类似地,当值被表示为近似值时,通过使用前面的“大约”,应理解,特定的值形成另一实施方式。应进一步理解,每个范围的端点相对于另一端点来说是重要的,并独立于另一端点。
描述了本发明的很多实施方式。然而,应理解,可进行各种更改,而不偏离本发明的实质和范围。因此,其它实施方式处于下面的权利要求的范围内。
Claims (30)
1.一种计算机实现方法,其可操作来将声誉分配给与所接收的通信相关联的发送消息的实体,所述方法包括以下步骤:
从第一实体接收通信;
根据所接收的所述通信得出所述第一实体的一个或更多个属性;
分析与所述第一实体相关联的并基于所接收的所述通信的所述属性;
取回用于多个已知实体的已知属性信息;
将所接收的所述通信的所述属性与所述已知属性信息关联起来;
根据所述第一实体和共享至少一个共同属性或共同的属性模式的一个或更多个其它实体,来定义所述第一实体和所述一个或更多个其它实体之间的关系,所述一个或更多个其它实体从所述多个已知实体选择;以及
根据所定义的所述关系和所述至少一个共同属性或共同的属性模式,来将与所述第一实体或者所述一个或更多个其它实体中的一个相关联的第一声誉的一部分归于与所述第一实体或者所述一个或更多个其它实体中的另一个相关联的第二声誉。
2.如权利要求1所述的方法,其中所述属性包括用于识别实体之间的关联的证据属性。
3.如权利要求2所述的方法,进一步包括确定与实体相关联的所述证据属性是否相应于包括由一组行为属性定义的行为参数文件的已知属性,所述确定步骤通过比较所述证据属性与所述一组行为属性来进行。
4.如权利要求3所述的方法,其中用于垃圾邮件发送者的行为参数文件定义具有发送不想要的通信的声誉的实体。
5.如权利要求3所述的方法,其中所述行为参数文件定义具有发送欺骗性通信的声誉的实体。
6.如权利要求3所述的方法,其中所述行为参数文件定义具有发送合法消息的声誉的实体。
7.如权利要求3所述的方法,其中所述行为参数文件定义具有黑客侵入网络的声誉的实体。
8.如权利要求3所述的方法,其中所述行为参数文件定义具有侵入私有网络的声誉的实体。
9.如权利要求3所述的方法,其中所述行为参数文件定义具有发送群发邮件的声誉的实体。
10.如权利要求3所述的方法,其中所述行为参数文件定义具有发送包括病毒的恶意通信的声誉的实体。
11.如权利要求3所述的方法,其中所述行为参数文件定义具有伪造合法网站的声誉的实体。
12.如权利要求3所述的方法,其中一组属性对于已经使用声誉定义的一种类型的实体是共同的,且其中所述声誉能够在新实体的声誉的建立中被给出或考虑。
13.如权利要求1所述的方法,进一步包括以下步骤:确定所述第一实体和所述一个或更多个其它实体之间的任何关系如何影响与所述第一实体和所述一个或更多个其它实体中的一个或更多个相关联的声誉。
14.如权利要求1所述的方法,其中分析与所述第一实体相关联的所述属性的所述步骤包括根据参数得出趋势,所述参数包括下述项中的一个或更多个:地理政治事件、日期、公司类型、重要的基础设施部门、所述第一实体的位置、时刻,或假期。
15.一种声誉系统,其可操作来接收被送往网络的通信并给所述通信分配声誉,所述系统包括:
通信接口,其可操作来从第一实体接收进入网络的通信;
通信分析器,其可操作来得出与所接收的所述通信相关联的一个或更多个属性,所接收的所述通信包括与消息的发源相关联的所述第一实体;
关联模块,其可操作来从系统数据存储器取回已知属性信息,并比较从所接收的所述通信得出的所述属性与所述已知属性信息,以识别所述第一实体和一个或更多个其它实体之间的关系,所述关联模块进一步可操作来识别新的属性信息并将新的属性信息合并到所述系统数据存储器和通信分析器中;
其中所述系统数据存储器可操作来存储与多个实体相关联的已知属性信息,所述多个实体包括声誉系统以前从其接收消息的一个或更多个实体;以及
声誉分配模块可操作来使用所识别的所述关系来将与所述第一实体或者所述一个或多个其它实体中的一个相关联的第一声誉的至少一部分归于与所述第一实体或者所述一个或更多个其它实体中的另一个相关联的第二声誉。
16.如权利要求15所述的系统,其中所述属性包括用于识别实体之间的关系的证据属性。
17.如权利要求16所述的系统,其中所述声誉模块进一步可操作来比较所述第一实体的所述证据属性与一组行为属性,所述一组行为属性与多个行为参数文件中的任何一个相关联,在所述多个行为参数文件中选择的行为参数文件定义至少一种类型的实体,所述第一实体与所述至少一种类型的实体共享一些特征。
18.如权利要求17所述的系统,其中所述行为参数文件定义一组行为参数文件中的一个或更多个,包括垃圾邮件发送者、诈骗者、合法发送者、群发邮件发送者、黑客、病毒源、入侵者、恶意源,或无害源。
19.如权利要求15所述的系统,其中所述声誉分配模块可操作来根据所识别的所述关系确定第一实体或者一个或更多个其它实体的声誉的什么部分被分配给所述第一实体或者一个或多个其它实体中的另一个的声誉。
20.如权利要求15所述的系统,其中所述声誉分配模块可操作来根据所述第一实体与所述一个或更多个其它实体共享的属性确定第一实体或者一个或更多个其它实体的声誉的什么部分被分配给所述第一实体或者一个或更多个其它实体中的另一个的声誉。
21.如权利要求15所述的系统,其中所述已知属性信息在多个边缘保护设备从通信的集合得到,所述边缘保护设备保护多个不同的网络。
22.如权利要求15所述的系统,其中所接收的所述通信是下述项中的任何一个:电子邮件消息、超文本传输协议通信、即时消息、文件传输协议通信、短消息服务通信、全球资源定位符请求,或互联网协议语音电话通信。
23.如权利要求15所述的系统,进一步包括通信询问模块,所述通信询问模块可操作来通过对所述通信运行多个测试来确定所述通信是否是合法通信。
24.如权利要求23所述的系统,其中与所述多个测试相关联的结果被以矢量体现,所述矢量与关联于不想要的消息的非法矢量比较以确定所述通信是否是合法的。
25.如权利要求24所述的系统,其中所述矢量也与关联于已知合法消息的合法矢量比较以确定所述通信是否是合法的。
26.如权利要求25所述的系统,其中非法矢量和合法矢量合并以确定单个结果,所述单个结果识别与实体相关联的一个或更多个行为参数文件。
27.如权利要求15所述的系统,进一步包括转发模块,所述转发模块可操作来将所述通信转发到与所述通信相关联的接收者。
28.如权利要求27所述的系统,其中所述转发模块配置成如果与所述第一实体相关联的声誉是声誉差的,就隔离所述通信。
29.如权利要求15所述的系统,其中根据来自发端实体的通信是声誉好的概率以及来自所述发端实体的通信是声誉差的概率得出不同实体的声誉。
30.具有软件程序代码的一个或更多个计算机可读介质,所述软件程序代码可操作来将声誉分配给与所接收的通信相关联的发送消息的实体,所述软件程序代码包括:
分析通信以得到与所述通信相关联的第一实体的一个或更多个属性;
取回用于多个实体的已知属性信息;
比较所接收的所述通信的所述属性与所述已知属性信息;
根据共享一个或更多个共同属性的所述第一实体和第二实体来识别所述第一实体和第二实体之间的关系,所述第二实体从所述多个已知实体中选择;以及
根据所识别的所述关系和所述共同属性,来将与所述第一实体或所述第二实体中的一个相关联的第一声誉的至少一部分归于与所述第一实体或所述第二实体中的另一个相关联的第二声誉。
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/626,462 US7949716B2 (en) | 2007-01-24 | 2007-01-24 | Correlation and analysis of entity attributes |
US11/626,462 | 2007-01-24 | ||
PCT/US2008/051867 WO2008091982A1 (en) | 2007-01-24 | 2008-01-24 | Correlation and analysis of entity attributes |
Publications (2)
Publication Number | Publication Date |
---|---|
CN101730904A true CN101730904A (zh) | 2010-06-09 |
CN101730904B CN101730904B (zh) | 2017-05-24 |
Family
ID=39642230
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN200880009772.4A Active CN101730904B (zh) | 2007-01-24 | 2008-01-24 | 实体属性的关联和分析 |
Country Status (5)
Country | Link |
---|---|
US (1) | US7949716B2 (zh) |
EP (1) | EP2115688B1 (zh) |
CN (1) | CN101730904B (zh) |
AU (1) | AU2008207926B2 (zh) |
WO (1) | WO2008091982A1 (zh) |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8549611B2 (en) | 2002-03-08 | 2013-10-01 | Mcafee, Inc. | Systems and methods for classification of messaging entities |
US8561167B2 (en) | 2002-03-08 | 2013-10-15 | Mcafee, Inc. | Web reputation scoring |
US8578480B2 (en) | 2002-03-08 | 2013-11-05 | Mcafee, Inc. | Systems and methods for identifying potentially malicious messages |
US8589503B2 (en) | 2008-04-04 | 2013-11-19 | Mcafee, Inc. | Prioritizing network traffic |
US8621559B2 (en) | 2007-11-06 | 2013-12-31 | Mcafee, Inc. | Adjusting filter or classification control settings |
US8621638B2 (en) | 2010-05-14 | 2013-12-31 | Mcafee, Inc. | Systems and methods for classification of messaging entities |
US8635690B2 (en) | 2004-11-05 | 2014-01-21 | Mcafee, Inc. | Reputation based message processing |
US8762537B2 (en) | 2007-01-24 | 2014-06-24 | Mcafee, Inc. | Multi-dimensional reputation scoring |
US8763114B2 (en) | 2007-01-24 | 2014-06-24 | Mcafee, Inc. | Detecting image spam |
Families Citing this family (50)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7991827B1 (en) * | 2002-11-13 | 2011-08-02 | Mcafee, Inc. | Network analysis system and method utilizing collected metadata |
US8996993B2 (en) * | 2006-09-15 | 2015-03-31 | Battelle Memorial Institute | Text analysis devices, articles of manufacture, and text analysis methods |
US8452767B2 (en) * | 2006-09-15 | 2013-05-28 | Battelle Memorial Institute | Text analysis devices, articles of manufacture, and text analysis methods |
US8290203B1 (en) * | 2007-01-11 | 2012-10-16 | Proofpoint, Inc. | Apparatus and method for detecting images within spam |
US8179798B2 (en) | 2007-01-24 | 2012-05-15 | Mcafee, Inc. | Reputation based connection throttling |
US7779156B2 (en) | 2007-01-24 | 2010-08-17 | Mcafee, Inc. | Reputation based load balancing |
US8689334B2 (en) * | 2007-02-28 | 2014-04-01 | Alcatel Lucent | Security protection for a customer programmable platform |
US20090125980A1 (en) * | 2007-11-09 | 2009-05-14 | Secure Computing Corporation | Network rating |
US9336385B1 (en) * | 2008-02-11 | 2016-05-10 | Adaptive Cyber Security Instruments, Inc. | System for real-time threat detection and management |
US8589343B2 (en) * | 2009-03-03 | 2013-11-19 | Bladelogic, Inc. | Systems and methods for digital file change monitoring |
US8572740B2 (en) | 2009-10-01 | 2013-10-29 | Kaspersky Lab, Zao | Method and system for detection of previously unknown malware |
US8458774B2 (en) * | 2009-11-02 | 2013-06-04 | Authentify Inc. | Method for secure site and user authentication |
US20110307487A1 (en) * | 2010-06-15 | 2011-12-15 | Honeywell International Inc. | System for multi-modal data mining and organization via elements clustering and refinement |
US8620927B2 (en) | 2010-06-28 | 2013-12-31 | International Business Machines Corporation | Unguided curiosity in support of entity resolution techniques |
US8683591B2 (en) * | 2010-11-18 | 2014-03-25 | Nant Holdings Ip, Llc | Vector-based anomaly detection |
US8874579B2 (en) * | 2011-08-18 | 2014-10-28 | Verisign, Inc. | Systems and methods for identifying associations between malware samples |
US8565396B1 (en) * | 2011-10-14 | 2013-10-22 | Symantec Corporation | Systems and methods to detect a scam on a communications device |
US9317670B2 (en) * | 2012-05-22 | 2016-04-19 | Verizon Patent And Licensing Inc | Security based on usage activity associated with user device |
US20130347004A1 (en) * | 2012-06-25 | 2013-12-26 | Sap Ag | Correlating messages |
US8769677B2 (en) | 2012-07-12 | 2014-07-01 | Telcordia Technologies, Inc. | System and method for spammer host detection from network flow data profiles |
US9256593B2 (en) | 2012-11-28 | 2016-02-09 | Wal-Mart Stores, Inc. | Identifying product references in user-generated content |
US9277378B2 (en) * | 2012-12-21 | 2016-03-01 | Verizon Patent And Licensing Inc. | Short message service validation engine |
US9319419B2 (en) * | 2013-09-26 | 2016-04-19 | Wave Systems Corp. | Device identification scoring |
US9246935B2 (en) | 2013-10-14 | 2016-01-26 | Intuit Inc. | Method and system for dynamic and comprehensive vulnerability management |
US9438565B2 (en) * | 2013-11-11 | 2016-09-06 | Adallom Technologies, Ltd. | Cloud service security broker and proxy |
US9501345B1 (en) | 2013-12-23 | 2016-11-22 | Intuit Inc. | Method and system for creating enriched log data |
US9325726B2 (en) | 2014-02-03 | 2016-04-26 | Intuit Inc. | Method and system for virtual asset assisted extrusion and intrusion detection in a cloud computing environment |
US20150304343A1 (en) | 2014-04-18 | 2015-10-22 | Intuit Inc. | Method and system for providing self-monitoring, self-reporting, and self-repairing virtual assets in a cloud computing environment |
US9866581B2 (en) | 2014-06-30 | 2018-01-09 | Intuit Inc. | Method and system for secure delivery of information to computing environments |
US10757133B2 (en) | 2014-02-21 | 2020-08-25 | Intuit Inc. | Method and system for creating and deploying virtual assets |
US9276945B2 (en) | 2014-04-07 | 2016-03-01 | Intuit Inc. | Method and system for providing security aware applications |
US9245117B2 (en) | 2014-03-31 | 2016-01-26 | Intuit Inc. | Method and system for comparing different versions of a cloud based application in a production environment using segregated backend systems |
US11294700B2 (en) | 2014-04-18 | 2022-04-05 | Intuit Inc. | Method and system for enabling self-monitoring virtual assets to correlate external events with characteristic patterns associated with the virtual assets |
US9900322B2 (en) | 2014-04-30 | 2018-02-20 | Intuit Inc. | Method and system for providing permissions management |
US9330263B2 (en) | 2014-05-27 | 2016-05-03 | Intuit Inc. | Method and apparatus for automating the building of threat models for the public cloud |
US20150381641A1 (en) * | 2014-06-30 | 2015-12-31 | Intuit Inc. | Method and system for efficient management of security threats in a distributed computing environment |
US10102082B2 (en) | 2014-07-31 | 2018-10-16 | Intuit Inc. | Method and system for providing automated self-healing virtual assets |
US9473481B2 (en) | 2014-07-31 | 2016-10-18 | Intuit Inc. | Method and system for providing a virtual asset perimeter |
US10324702B2 (en) | 2014-09-12 | 2019-06-18 | Microsoft Israel Research And Development (2002) Ltd. | Cloud suffix proxy and a method thereof |
US10083295B2 (en) * | 2014-12-23 | 2018-09-25 | Mcafee, Llc | System and method to combine multiple reputations |
USD811428S1 (en) * | 2015-09-24 | 2018-02-27 | 4Thought Sa | Display screen or portion thereof with transitional graphical user interface |
WO2017138958A1 (en) | 2016-02-12 | 2017-08-17 | Entit Software Llc | Strength of associations among data records in a security information sharing platform |
WO2019010245A1 (en) * | 2017-07-03 | 2019-01-10 | Leadcrunch, Inc. | METHOD AND SYSTEM FOR CREATING AND UPDATING ENTITY VECTORS |
US11238386B2 (en) | 2018-12-20 | 2022-02-01 | Sap Se | Task derivation for workflows |
US10944785B2 (en) * | 2019-04-23 | 2021-03-09 | Forcepoint Llc | Systems and methods for detecting the injection of malicious elements into benign content |
US20200387802A1 (en) * | 2019-06-08 | 2020-12-10 | Trustarc Inc | Dynamically adaptable rules and communication system for managing process controls |
USD958166S1 (en) * | 2019-11-19 | 2022-07-19 | Johnson Systems Inc. | Display screen with graphical user interface |
USD926789S1 (en) * | 2019-11-19 | 2021-08-03 | Johnson Systems Inc. | Display screen with graphical user interface |
US11743245B2 (en) * | 2020-10-22 | 2023-08-29 | Acuant, Inc. | Identity access management using access attempts and profile updates |
CN112613569B (zh) * | 2020-12-29 | 2024-04-09 | 北京百度网讯科技有限公司 | 图像识别方法、图像分类模型的训练方法及装置 |
Family Cites Families (413)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4289930A (en) | 1978-11-30 | 1981-09-15 | The General Electric Company Limited | Electronic apparatus for the display of information received over a line |
US4386416A (en) | 1980-06-02 | 1983-05-31 | Mostek Corporation | Data compression, encryption, and in-line transmission system |
US4384325A (en) | 1980-06-23 | 1983-05-17 | Sperry Corporation | Apparatus and method for searching a data base using variable search criteria |
US4532588A (en) | 1982-11-09 | 1985-07-30 | International Business Machines Corporation | Electronic document distribution network with uniform data stream |
US4754428A (en) | 1985-04-15 | 1988-06-28 | Express Communications, Inc. | Apparatus and method of distributing documents to remote terminals with different formats |
US4713780A (en) | 1985-04-15 | 1987-12-15 | Express Communications, Inc. | Electronic mail |
US4837798A (en) | 1986-06-02 | 1989-06-06 | American Telephone And Telegraph Company | Communication system having unified messaging |
NL8602418A (nl) | 1986-09-25 | 1988-04-18 | Philips Nv | Inrichting voor het weergeven van een pcm-gemoduleerd signaal, voorzien van een muteschakeling. |
JP2702927B2 (ja) | 1987-06-15 | 1998-01-26 | 株式会社日立製作所 | 文字列検索装置 |
DE3851724T2 (de) | 1987-07-08 | 1995-05-04 | Matsushita Electric Ind Co Ltd | Verfahren und Gerät zum Schutz von Kopiersignalen. |
US4853961A (en) | 1987-12-18 | 1989-08-01 | Pitney Bowes Inc. | Reliable document authentication system |
US4951196A (en) | 1988-05-04 | 1990-08-21 | Supply Tech, Inc. | Method and apparatus for electronic data interchange |
US5008814A (en) | 1988-08-15 | 1991-04-16 | Network Equipment Technologies, Inc. | Method and apparatus for updating system software for a plurality of data processing units in a communication network |
US5144660A (en) | 1988-08-31 | 1992-09-01 | Rose Anthony M | Securing a computer against undesired write operations to or read operations from a mass storage device |
US5054096A (en) | 1988-10-24 | 1991-10-01 | Empire Blue Cross/Blue Shield | Method and apparatus for converting documents into electronic data for transaction processing |
US4975950A (en) | 1988-11-03 | 1990-12-04 | Lentz Stephen A | System and method of protecting integrity of computer data and software |
CA1321656C (en) | 1988-12-22 | 1993-08-24 | Chander Kasiraj | Method for restricting delivery and receipt of electronic message |
US5167011A (en) | 1989-02-15 | 1992-11-24 | W. H. Morris | Method for coodinating information storage and retrieval |
US5210824A (en) | 1989-03-03 | 1993-05-11 | Xerox Corporation | Encoding-format-desensitized methods and means for interchanging electronic document as appearances |
US5020059A (en) | 1989-03-31 | 1991-05-28 | At&T Bell Laboratories | Reconfigurable signal processor |
US5144659A (en) | 1989-04-19 | 1992-09-01 | Richard P. Jones | Computer file protection system |
US5119465A (en) | 1989-06-19 | 1992-06-02 | Digital Equipment Corporation | System for selectively converting plurality of source data structures through corresponding source intermediate structures, and target intermediate structures into selected target structure |
GB8918553D0 (en) | 1989-08-15 | 1989-09-27 | Digital Equipment Int | Message control system |
JPH03117940A (ja) | 1989-09-25 | 1991-05-20 | Internatl Business Mach Corp <Ibm> | 電子メールの管理方法 |
US5105184B1 (en) | 1989-11-09 | 1997-06-17 | Noorali Pirani | Methods for displaying and integrating commercial advertisements with computer software |
US5495610A (en) | 1989-11-30 | 1996-02-27 | Seer Technologies, Inc. | Software distribution system to build and distribute a software release |
DE69031491T2 (de) | 1990-04-10 | 1998-03-26 | Ibm | Hypertextdatenverarbeitungssystem und Verfahren |
US5319776A (en) | 1990-04-19 | 1994-06-07 | Hilgraeve Corporation | In transit detection of computer virus with safeguard |
US5210825A (en) | 1990-04-26 | 1993-05-11 | Teknekron Communications Systems, Inc. | Method and an apparatus for displaying graphical data received from a remote computer by a local computer |
US5822527A (en) | 1990-05-04 | 1998-10-13 | Digital Equipment Corporation | Method and apparatus for information stream filtration using tagged information access and action registration |
US5144557A (en) | 1990-08-13 | 1992-09-01 | International Business Machines Corporation | Method and system for document distribution by reference to a first group and particular document to a second group of user in a data processing system |
US5276869A (en) | 1990-09-10 | 1994-01-04 | International Business Machines Corporation | System for selecting document recipients as determined by technical content of document and for electronically corroborating receipt of document |
US5247661A (en) | 1990-09-10 | 1993-09-21 | International Business Machines Corporation | Method and apparatus for automated document distribution in a data processing system |
US5239466A (en) | 1990-10-04 | 1993-08-24 | Motorola, Inc. | System for selectively routing and merging independent annotations to a document at remote locations |
JP3161725B2 (ja) | 1990-11-21 | 2001-04-25 | 株式会社日立製作所 | ワークステーションおよび共同情報処理システム |
US5283887A (en) | 1990-12-19 | 1994-02-01 | Bull Hn Information Systems Inc. | Automatic document format conversion in an electronic mail system based upon user preference |
JP3177684B2 (ja) | 1991-03-14 | 2001-06-18 | 株式会社日立製作所 | 電子メールシステム |
US5424724A (en) | 1991-03-27 | 1995-06-13 | International Business Machines Corporation | Method and apparatus for enhanced electronic mail distribution |
US5513323A (en) | 1991-06-14 | 1996-04-30 | International Business Machines Corporation | Method and apparatus for multistage document format transformation in a data processing system |
US5577209A (en) | 1991-07-11 | 1996-11-19 | Itt Corporation | Apparatus and method for providing multi-level security for communication among computers and terminals on a network |
US5379340A (en) | 1991-08-02 | 1995-01-03 | Betterprize Limited | Text communication system |
US5367621A (en) | 1991-09-06 | 1994-11-22 | International Business Machines Corporation | Data processing method to provide a generalized link from a reference point in an on-line book to an arbitrary multimedia object which can be dynamically updated |
US5313521A (en) | 1992-04-15 | 1994-05-17 | Fujitsu Limited | Key distribution protocol for file transfer in the local area network |
US5485409A (en) | 1992-04-30 | 1996-01-16 | International Business Machines Corporation | Automated penetration analysis system and method |
US5278901A (en) | 1992-04-30 | 1994-01-11 | International Business Machines Corporation | Pattern-oriented intrusion-detection system and method |
US5235642A (en) | 1992-07-21 | 1993-08-10 | Digital Equipment Corporation | Access control subsystem and method for distributed computer system using locally cached authentication credentials |
GB2271002B (en) | 1992-09-26 | 1995-12-06 | Digital Equipment Int | Data processing system |
US5418908A (en) | 1992-10-15 | 1995-05-23 | International Business Machines Corporation | System for automatically establishing a link between an electronic mail item and a remotely stored reference through a place mark inserted into the item |
JP3553987B2 (ja) | 1992-11-13 | 2004-08-11 | 株式会社日立製作所 | クライアント・サーバシステム |
US5675733A (en) | 1992-11-30 | 1997-10-07 | International Business Machines Corporation | Statistical analysis and display of reception status of electronic messages |
US5544320A (en) | 1993-01-08 | 1996-08-06 | Konrad; Allan M. | Remote information service access system based on a client-server-service model |
US5406557A (en) | 1993-02-01 | 1995-04-11 | National Semiconductor Corporation | Interenterprise electronic mail hub |
US5479411A (en) | 1993-03-10 | 1995-12-26 | At&T Corp. | Multi-media integrated message arrangement |
US5404231A (en) | 1993-05-24 | 1995-04-04 | Audiofax, Inc. | Sender-based facsimile store and forward facility |
JPH0764788A (ja) | 1993-06-14 | 1995-03-10 | Mitsubishi Electric Corp | マイクロコンピュータ |
JPH0737087A (ja) | 1993-07-19 | 1995-02-07 | Matsushita Electric Ind Co Ltd | 画像処理装置 |
JPH0779298A (ja) | 1993-09-08 | 1995-03-20 | Hitachi Ltd | ファクシミリサーバシステム |
US5657461A (en) | 1993-10-04 | 1997-08-12 | Xerox Corporation | User interface for defining and automatically transmitting data according to preferred communication channels |
US5513126A (en) | 1993-10-04 | 1996-04-30 | Xerox Corporation | Network having selectively accessible recipient prioritized communication channel profiles |
US5414833A (en) | 1993-10-27 | 1995-05-09 | International Business Machines Corporation | Network security system and method using a parallel finite state machine adaptive active monitor and responder |
US5771354A (en) | 1993-11-04 | 1998-06-23 | Crawford; Christopher M. | Internet online backup system provides remote storage for customers using IDs and passwords which were interactively established when signing up for backup services |
US5606668A (en) | 1993-12-15 | 1997-02-25 | Checkpoint Software Technologies Ltd. | System for securing inbound and outbound data packet flow in a computer network |
US5509074A (en) | 1994-01-27 | 1996-04-16 | At&T Corp. | Method of protecting electronically published materials using cryptographic protocols |
US5557742A (en) | 1994-03-07 | 1996-09-17 | Haystack Labs, Inc. | Method and system for detecting intrusion into and misuse of a data processing system |
US5541993A (en) | 1994-05-10 | 1996-07-30 | Fan; Eric | Structure and method for secure image transmission |
US5675507A (en) | 1995-04-28 | 1997-10-07 | Bobo, Ii; Charles R. | Message storage and delivery system |
US5511122A (en) | 1994-06-03 | 1996-04-23 | The United States Of America As Represented By The Secretary Of The Navy | Intermediate network authentication |
US5416842A (en) | 1994-06-10 | 1995-05-16 | Sun Microsystems, Inc. | Method and apparatus for key-management scheme for use with internet protocols at site firewalls |
US5535276A (en) | 1994-11-09 | 1996-07-09 | Bell Atlantic Network Services, Inc. | Yaksha, an improved system and method for securing communications using split private key asymmetric cryptography |
US5481312A (en) | 1994-09-12 | 1996-01-02 | At&T Corp. | Method of and apparatus for the transmission of high and low priority segments of a video bitstream over packet networks |
US5740231A (en) | 1994-09-16 | 1998-04-14 | Octel Communications Corporation | Network-based multimedia communications and directory system and method of operation |
US5933478A (en) | 1994-09-28 | 1999-08-03 | Hitachi, Ltd. | Data transfer system and handheld terminal device used therefor |
US5805719A (en) | 1994-11-28 | 1998-09-08 | Smarttouch | Tokenless identification of individuals |
US5758257A (en) | 1994-11-29 | 1998-05-26 | Herz; Frederick | System and method for scheduling broadcast of and access to video programs and other data using customer profiles |
US5619648A (en) | 1994-11-30 | 1997-04-08 | Lucent Technologies Inc. | Message filtering techniques |
US5608874A (en) | 1994-12-02 | 1997-03-04 | Autoentry Online, Inc. | System and method for automatic data file format translation and transmission having advanced features |
US5550984A (en) | 1994-12-07 | 1996-08-27 | Matsushita Electric Corporation Of America | Security system for preventing unauthorized communications between networks by translating communications received in ip protocol to non-ip protocol to remove address and routing services information |
US5530852A (en) | 1994-12-20 | 1996-06-25 | Sun Microsystems, Inc. | Method for extracting profiles and topics from a first file written in a first markup language and generating files in different markup languages containing the profiles and topics for use in accessing data described by the profiles and topics |
US5694616A (en) | 1994-12-30 | 1997-12-02 | International Business Machines Corporation | Method and system for prioritization of email items by selectively associating priority attribute with at least one and fewer than all of the recipients |
US5638487A (en) | 1994-12-30 | 1997-06-10 | Purespeech, Inc. | Automatic speech recognition |
US5878230A (en) | 1995-01-05 | 1999-03-02 | International Business Machines Corporation | System for email messages wherein the sender designates whether the recipient replies or forwards to addresses also designated by the sender |
US5710883A (en) | 1995-03-10 | 1998-01-20 | Stanford University | Hypertext document transport mechanism for firewall-compatible distributed world-wide web publishing |
US5790793A (en) | 1995-04-04 | 1998-08-04 | Higley; Thomas | Method and system to create, transmit, receive and process information, including an address to further information |
US5677955A (en) | 1995-04-07 | 1997-10-14 | Financial Services Technology Consortium | Electronic funds transfer instruments |
EP0740455B1 (en) | 1995-04-25 | 2003-07-02 | Canon Kabushiki Kaisha | Data communication apparatus and method |
JP3338585B2 (ja) | 1995-05-16 | 2002-10-28 | 富士通株式会社 | プレゼンテーションデータの変換装置及び方法 |
US5632011A (en) | 1995-05-22 | 1997-05-20 | Sterling Commerce, Inc. | Electronic mail management system for operation on a host computer system |
US5708780A (en) | 1995-06-07 | 1998-01-13 | Open Market, Inc. | Internet server access control and monitoring systems |
US5812776A (en) | 1995-06-07 | 1998-09-22 | Open Market, Inc. | Method of providing internet pages by mapping telephone number provided by client to URL and returning the same in a redirect command by server |
US5742759A (en) | 1995-08-18 | 1998-04-21 | Sun Microsystems, Inc. | Method and system for facilitating access control to system resources in a distributed computer system |
EP0762337A3 (de) | 1995-09-08 | 2000-01-19 | Francotyp-Postalia Aktiengesellschaft & Co. | Verfahren und Anordnung zur Erhöhung der Manipulationssicherheit von kritischen Daten |
US5696822A (en) | 1995-09-28 | 1997-12-09 | Symantec Corporation | Polymorphic virus detection module |
US5826013A (en) | 1995-09-28 | 1998-10-20 | Symantec Corporation | Polymorphic virus detection module |
US5572643A (en) | 1995-10-19 | 1996-11-05 | Judson; David H. | Web browser with dynamic display of information objects during linking |
US5948062A (en) | 1995-10-27 | 1999-09-07 | Emc Corporation | Network file server using a cached disk array storing a network file directory including file locking information and data mover computers each having file system software for shared read-write file access |
US5826029A (en) | 1995-10-31 | 1998-10-20 | International Business Machines Corporation | Secured gateway interface |
US5793763A (en) | 1995-11-03 | 1998-08-11 | Cisco Technology, Inc. | Security system for network address translation systems |
US5923846A (en) | 1995-11-06 | 1999-07-13 | Microsoft Corporation | Method of uploading a message containing a file reference to a server and downloading a file from the server using the file reference |
US5764906A (en) | 1995-11-07 | 1998-06-09 | Netword Llc | Universal electronic resource denotation, request and delivery system |
JPH09153050A (ja) | 1995-11-29 | 1997-06-10 | Hitachi Ltd | 文書情報収集方法および文書情報収集装置 |
US5892825A (en) | 1996-05-15 | 1999-04-06 | Hyperlock Technologies Inc | Method of secure server control of local media via a trigger through a network for instant local access of encrypted data on local media |
US5937164A (en) | 1995-12-07 | 1999-08-10 | Hyperlock Technologies, Inc. | Method and apparatus of secure server control of local media via a trigger through a network for instant local access of encrypted data on local media within a platform independent networking system |
US5758343A (en) | 1995-12-08 | 1998-05-26 | Ncr Corporation | Apparatus and method for integrating multiple delegate directory service agents |
US5745574A (en) | 1995-12-15 | 1998-04-28 | Entegrity Solutions Corporation | Security infrastructure for electronic transactions |
US5706442A (en) | 1995-12-20 | 1998-01-06 | Block Financial Corporation | System for on-line financial services using distributed objects |
US5903723A (en) | 1995-12-21 | 1999-05-11 | Intel Corporation | Method and apparatus for transmitting electronic mail attachments with attachment references |
US5781901A (en) | 1995-12-21 | 1998-07-14 | Intel Corporation | Transmitting electronic mail attachment over a network using a e-mail page |
US5602918A (en) | 1995-12-22 | 1997-02-11 | Virtual Open Network Environment Corp. | Application level security system and method |
US5796951A (en) | 1995-12-22 | 1998-08-18 | Intel Corporation | System for displaying information relating to a computer network including association devices with tasks performable on those devices |
JP2000503154A (ja) | 1996-01-11 | 2000-03-14 | エムアールジェイ インコーポレイテッド | デジタル所有権のアクセスと分配を制御するためのシステム |
US5801700A (en) | 1996-01-19 | 1998-09-01 | Silicon Graphics Incorporated | System and method for an iconic drag and drop interface for electronic file transfer |
US5826014A (en) | 1996-02-06 | 1998-10-20 | Network Engineering Software | Firewall system for protecting network elements connected to a public network |
US5751956A (en) | 1996-02-21 | 1998-05-12 | Infoseek Corporation | Method and apparatus for redirection of server external hyper-link references |
US5963915A (en) | 1996-02-21 | 1999-10-05 | Infoseek Corporation | Secure, convenient and efficient system and method of performing trans-internet purchase transactions |
US5855020A (en) | 1996-02-21 | 1998-12-29 | Infoseek Corporation | Web scan process |
US5862325A (en) | 1996-02-29 | 1999-01-19 | Intermind Corporation | Computer-based communication system and method using metadata defining a control structure |
US5673322A (en) | 1996-03-22 | 1997-09-30 | Bell Communications Research, Inc. | System and method for providing protocol translation and filtering to access the world wide web from wireless or low-bandwidth networks |
US5850442A (en) | 1996-03-26 | 1998-12-15 | Entegrity Solutions Corporation | Secure world wide electronic commerce over an open network |
US5826022A (en) | 1996-04-05 | 1998-10-20 | Sun Microsystems, Inc. | Method and apparatus for receiving electronic mail |
US5727156A (en) | 1996-04-10 | 1998-03-10 | Hotoffice Technologies, Inc. | Internet-based automatic publishing system |
US5845084A (en) | 1996-04-18 | 1998-12-01 | Microsoft Corporation | Automatic data display formatting with a networking application |
US5778372A (en) | 1996-04-18 | 1998-07-07 | Microsoft Corporation | Remote retrieval and display management of electronic document with incorporated images |
US5864852A (en) | 1996-04-26 | 1999-01-26 | Netscape Communications Corporation | Proxy server caching mechanism that provides a file directory structure and a mapping mechanism within the file directory structure |
US5793972A (en) | 1996-05-03 | 1998-08-11 | Westminster International Computers Inc. | System and method providing an interactive response to direct mail by creating personalized web page based on URL provided on mail piece |
US5742769A (en) | 1996-05-06 | 1998-04-21 | Banyan Systems, Inc. | Directory with options for access to and display of email addresses |
US5884033A (en) | 1996-05-15 | 1999-03-16 | Spyglass, Inc. | Internet filtering system for filtering data transferred over the internet utilizing immediate and deferred filtering actions |
US5768528A (en) | 1996-05-24 | 1998-06-16 | V-Cast, Inc. | Client-server system for delivery of online information |
US5918013A (en) | 1996-06-03 | 1999-06-29 | Webtv Networks, Inc. | Method of transcoding documents in a network environment using a proxy server |
US5822526A (en) | 1996-06-03 | 1998-10-13 | Microsoft Corporation | System and method for maintaining and administering email address names in a network |
US5812398A (en) | 1996-06-10 | 1998-09-22 | Sun Microsystems, Inc. | Method and system for escrowed backup of hotelled world wide web sites |
US6108688A (en) | 1996-06-12 | 2000-08-22 | Sun Microsystems, Inc. | System for reminding a sender of an email if recipient of the email does not respond by a selected time set by the sender |
US6373950B1 (en) | 1996-06-17 | 2002-04-16 | Hewlett-Packard Company | System, method and article of manufacture for transmitting messages within messages utilizing an extensible, flexible architecture |
US5781857A (en) | 1996-06-28 | 1998-07-14 | Motorola, Inc. | Method of establishing an email monitor responsive to a wireless communications system user |
US5790789A (en) | 1996-08-02 | 1998-08-04 | Suarez; Larry | Method and architecture for the creation, control and deployment of services within a distributed computer environment |
US6072942A (en) | 1996-09-18 | 2000-06-06 | Secure Computing Corporation | System and method of electronic mail filtering using interconnected nodes |
JPH10111727A (ja) | 1996-10-03 | 1998-04-28 | Toshiba Corp | 電話機能を有する情報機器及び同情報機器のセキリュリティ実現方法 |
US6119236A (en) | 1996-10-07 | 2000-09-12 | Shipley; Peter M. | Intelligent network security device and method |
US6012144A (en) | 1996-10-08 | 2000-01-04 | Pickett; Thomas E. | Transaction security method and apparatus |
US5930479A (en) | 1996-10-21 | 1999-07-27 | At&T Corp | Communications addressing system |
TW400487B (en) | 1996-10-24 | 2000-08-01 | Tumbleweed Software Corp | Electronic document delivery system |
US5790790A (en) | 1996-10-24 | 1998-08-04 | Tumbleweed Software Corporation | Electronic document delivery system in which notification of said electronic document is sent to a recipient thereof |
US6119137A (en) | 1997-01-30 | 2000-09-12 | Tumbleweed Communications Corp. | Distributed dynamic document conversion server |
US6502191B1 (en) | 1997-02-14 | 2002-12-31 | Tumbleweed Communications Corp. | Method and system for binary data firewall delivery |
US6192407B1 (en) | 1996-10-24 | 2001-02-20 | Tumbleweed Communications Corp. | Private, trackable URLs for directed document delivery |
US6385655B1 (en) | 1996-10-24 | 2002-05-07 | Tumbleweed Communications Corp. | Method and apparatus for delivering documents over an electronic network |
AU5094398A (en) | 1996-10-30 | 1998-05-22 | Theodor Holm Nelson | Many-to-many payment system for network content materials |
US6453345B2 (en) | 1996-11-06 | 2002-09-17 | Datadirect Networks, Inc. | Network security and surveillance system |
US5991881A (en) | 1996-11-08 | 1999-11-23 | Harris Corporation | Network surveillance system |
US6167520A (en) | 1996-11-08 | 2000-12-26 | Finjan Software, Inc. | System and method for protecting a client during runtime from hostile downloadables |
US5796948A (en) | 1996-11-12 | 1998-08-18 | Cohen; Elliot D. | Offensive message interceptor for computers |
US5796942A (en) | 1996-11-21 | 1998-08-18 | Computer Associates International, Inc. | Method and apparatus for automated network-wide surveillance and security breach intervention |
JPH10164124A (ja) | 1996-12-04 | 1998-06-19 | Canon Inc | 通信装置 |
US5968119A (en) | 1996-12-09 | 1999-10-19 | Wall Data Incorporated | Method of accessing information of an SNA host computer from a client computer using a specific terminal emulation |
US6285991B1 (en) | 1996-12-13 | 2001-09-04 | Visa International Service Association | Secure interactive electronic account statement delivery system |
WO1998027690A1 (fr) | 1996-12-16 | 1998-06-25 | Samsung Electronics Co. Ltd. | Procede de transmission de messages par courrier electronique dans un reseau local et dispositif prevu a cet effet |
US5911776A (en) | 1996-12-18 | 1999-06-15 | Unisys Corporation | Automatic format conversion system and publishing methodology for multi-user network |
US6061722A (en) | 1996-12-23 | 2000-05-09 | T E Network, Inc. | Assessing network performance without interference with normal network operations |
US5898836A (en) | 1997-01-14 | 1999-04-27 | Netmind Services, Inc. | Change-detection tool indicating degree and location of change of internet documents by comparison of cyclic-redundancy-check(CRC) signatures |
US5978799A (en) | 1997-01-30 | 1999-11-02 | Hirsch; G. Scott | Search engine including query database, user profile database, information templates and email facility |
US5896499A (en) | 1997-02-21 | 1999-04-20 | International Business Machines Corporation | Embedded security processor |
US6539430B1 (en) | 1997-03-25 | 2003-03-25 | Symantec Corporation | System and method for filtering data received by a computer system |
TW396308B (en) | 1997-04-01 | 2000-07-01 | Tumbleweed Software Corp | Document delivery system |
US6061448A (en) | 1997-04-01 | 2000-05-09 | Tumbleweed Communications Corp. | Method and system for dynamic server document encryption |
US6108786A (en) | 1997-04-25 | 2000-08-22 | Intel Corporation | Monitor network bindings for computer security |
US5958005A (en) | 1997-07-17 | 1999-09-28 | Bell Atlantic Network Services, Inc. | Electronic mail security |
US7117358B2 (en) | 1997-07-24 | 2006-10-03 | Tumbleweed Communications Corp. | Method and system for filtering communication |
US7162738B2 (en) | 1998-11-03 | 2007-01-09 | Tumbleweed Communications Corp. | E-mail firewall with stored key encryption/decryption |
ATE444614T1 (de) | 1997-07-24 | 2009-10-15 | Axway Inc | E-mail firewall |
US6006329A (en) | 1997-08-11 | 1999-12-21 | Symantec Corporation | Detection of computer viruses spanning multiple data streams |
US6199102B1 (en) | 1997-08-26 | 2001-03-06 | Christopher Alan Cobb | Method and system for filtering electronic messages |
US6119230A (en) | 1997-10-01 | 2000-09-12 | Novell, Inc. | Distributed dynamic security capabilities |
EP0907120A3 (en) | 1997-10-02 | 2004-03-24 | Tumbleweed Software Corporation | Method amd apparatus for delivering documents over an electronic network |
US6393568B1 (en) | 1997-10-23 | 2002-05-21 | Entrust Technologies Limited | Encryption and decryption system and method with content analysis provision |
US6003027A (en) | 1997-11-21 | 1999-12-14 | International Business Machines Corporation | System and method for determining confidence levels for the results of a categorization system |
US6094731A (en) | 1997-11-24 | 2000-07-25 | Symantec Corporation | Antivirus accelerator for computer networks |
US6393465B2 (en) | 1997-11-25 | 2002-05-21 | Nixmail Corporation | Junk electronic mail detector and eliminator |
US5860068A (en) | 1997-12-04 | 1999-01-12 | Petabyte Corporation | Method and system for custom manufacture and delivery of a data product |
US6202157B1 (en) | 1997-12-08 | 2001-03-13 | Entrust Technologies Limited | Computer network security system and method having unilateral enforceable security policy provision |
US6023723A (en) | 1997-12-22 | 2000-02-08 | Accepted Marketing, Inc. | Method and system for filtering unwanted junk e-mail utilizing a plurality of filtering mechanisms |
US6052709A (en) | 1997-12-23 | 2000-04-18 | Bright Light Technologies, Inc. | Apparatus and method for controlling delivery of unsolicited electronic mail |
US6029256A (en) | 1997-12-31 | 2000-02-22 | Network Associates, Inc. | Method and system for allowing computer programs easy access to features of a virus scanning engine |
US6035423A (en) | 1997-12-31 | 2000-03-07 | Network Associates, Inc. | Method and system for providing automated updating and upgrading of antivirus applications using a computer network |
US6279133B1 (en) | 1997-12-31 | 2001-08-21 | Kawasaki Steel Corporation | Method and apparatus for significantly improving the reliability of multilevel memory architecture |
US5999932A (en) | 1998-01-13 | 1999-12-07 | Bright Light Technologies, Inc. | System and method for filtering unsolicited electronic mail messages using data matching and heuristic processing |
CA2228687A1 (en) | 1998-02-04 | 1999-08-04 | Brett Howard | Secured virtual private networks |
US6279113B1 (en) | 1998-03-16 | 2001-08-21 | Internet Tools, Inc. | Dynamic signature inspection-based network intrusion detection |
US6092114A (en) | 1998-04-17 | 2000-07-18 | Siemens Information And Communication Networks, Inc. | Method and system for determining the location for performing file-format conversions of electronics message attachments |
US6145083A (en) | 1998-04-23 | 2000-11-07 | Siemens Information And Communication Networks, Inc. | Methods and system for providing data and telephony security |
US6104500A (en) | 1998-04-29 | 2000-08-15 | Bcl, Computer Inc. | Networked fax routing via email |
US6298445B1 (en) | 1998-04-30 | 2001-10-02 | Netect, Ltd. | Computer security |
JP3017712B2 (ja) | 1998-05-15 | 2000-03-13 | 松下電送システム株式会社 | インターネット・ファクシミリ |
US6275942B1 (en) | 1998-05-20 | 2001-08-14 | Network Associates, Inc. | System, method and computer program product for automatic response to computer system misuse using active response modules |
US6058482A (en) | 1998-05-22 | 2000-05-02 | Sun Microsystems, Inc. | Apparatus, method and system for providing network security for executable code in computer and communications networks |
US6330589B1 (en) | 1998-05-26 | 2001-12-11 | Microsoft Corporation | System and method for using a client database to manage conversation threads generated from email or news messages |
US6289214B1 (en) | 1998-05-29 | 2001-09-11 | Ericsson Inc. | Systems and methods for deactivating a cellular radiotelephone system using an ANSI-41 short message service email |
US6347374B1 (en) | 1998-06-05 | 2002-02-12 | Intrusion.Com, Inc. | Event detection |
WO1999066383A2 (en) | 1998-06-15 | 1999-12-23 | Dmw Worldwide, Inc. | Method and apparatus for assessing the security of a computer system |
US6317829B1 (en) | 1998-06-19 | 2001-11-13 | Entrust Technologies Limited | Public key cryptography based security system to facilitate secure roaming of users |
US6161130A (en) | 1998-06-23 | 2000-12-12 | Microsoft Corporation | Technique which utilizes a probabilistic classifier to detect "junk" e-mail by automatically updating a training and re-training the classifier based on the updated training set |
US6185689B1 (en) | 1998-06-24 | 2001-02-06 | Richard S. Carson & Assoc., Inc. | Method for network self security assessment |
US6141778A (en) | 1998-06-29 | 2000-10-31 | Mci Communications Corporation | Method and apparatus for automating security functions in a computer system |
US6324656B1 (en) | 1998-06-30 | 2001-11-27 | Cisco Technology, Inc. | System and method for rules-driven multi-phase network vulnerability assessment |
US6442686B1 (en) | 1998-07-02 | 2002-08-27 | Networks Associates Technology, Inc. | System and methodology for messaging server-based management and enforcement of crypto policies |
US6269447B1 (en) | 1998-07-21 | 2001-07-31 | Raytheon Company | Information security analysis system |
US6151675A (en) | 1998-07-23 | 2000-11-21 | Tumbleweed Software Corporation | Method and apparatus for effecting secure document format conversion |
US6223213B1 (en) | 1998-07-31 | 2001-04-24 | Webtv Networks, Inc. | Browser-based email system with user interface for audio/video capture |
US6711127B1 (en) | 1998-07-31 | 2004-03-23 | General Dynamics Government Systems Corporation | System for intrusion detection and vulnerability analysis in a telecommunications signaling network |
US6304973B1 (en) | 1998-08-06 | 2001-10-16 | Cryptek Secure Communications, Llc | Multi-level security network system |
US6442588B1 (en) | 1998-08-20 | 2002-08-27 | At&T Corp. | Method of administering a dynamic filtering firewall |
US6324569B1 (en) | 1998-09-23 | 2001-11-27 | John W. L. Ogilvie | Self-removing email verified or designated as such by a message distributor for the convenience of a recipient |
US6460141B1 (en) | 1998-10-28 | 2002-10-01 | Rsa Security Inc. | Security and access management system for web-enabled and non-web-enabled applications and content on a computer network |
US6260043B1 (en) | 1998-11-06 | 2001-07-10 | Microsoft Corporation | Automatic file format converter |
US6321338B1 (en) | 1998-11-09 | 2001-11-20 | Sri International | Network surveillance |
US6249807B1 (en) | 1998-11-17 | 2001-06-19 | Kana Communications, Inc. | Method and apparatus for performing enterprise email management |
US6282565B1 (en) | 1998-11-17 | 2001-08-28 | Kana Communications, Inc. | Method and apparatus for performing enterprise email management |
US6272532B1 (en) | 1998-12-02 | 2001-08-07 | Harold F. Feinleib | Electronic reminder system with universal email input |
US6370648B1 (en) | 1998-12-08 | 2002-04-09 | Visa International Service Association | Computer network intrusion detection |
US6546416B1 (en) | 1998-12-09 | 2003-04-08 | Infoseek Corporation | Method and system for selectively blocking delivery of bulk electronic mail |
US6249575B1 (en) | 1998-12-11 | 2001-06-19 | Securelogix Corporation | Telephony security system |
US6550012B1 (en) | 1998-12-11 | 2003-04-15 | Network Associates, Inc. | Active firewall system and methodology |
US6574737B1 (en) | 1998-12-23 | 2003-06-03 | Symantec Corporation | System for penetrating computer or computer network |
US6118856A (en) | 1998-12-28 | 2000-09-12 | Nortel Networks Corporation | Method and apparatus for automatically forwarding an email message or portion thereof to a remote device |
US6301668B1 (en) | 1998-12-29 | 2001-10-09 | Cisco Technology, Inc. | Method and system for adaptive network security using network vulnerability assessment |
US6654787B1 (en) | 1998-12-31 | 2003-11-25 | Brightmail, Incorporated | Method and apparatus for filtering e-mail |
US6487666B1 (en) | 1999-01-15 | 2002-11-26 | Cisco Technology, Inc. | Intrusion detection signature analysis using regular expressions and logical operators |
US20030023695A1 (en) | 1999-02-26 | 2003-01-30 | Atabok Japan, Inc. | Modifying an electronic mail system to produce a secure delivery system |
US6725377B1 (en) | 1999-03-12 | 2004-04-20 | Networks Associates Technology, Inc. | Method and system for updating anti-intrusion software |
US6405318B1 (en) | 1999-03-12 | 2002-06-11 | Psionic Software, Inc. | Intrusion detection system |
US6681331B1 (en) | 1999-05-11 | 2004-01-20 | Cylant, Inc. | Dynamic software system intrusion detection |
US6988199B2 (en) | 2000-07-07 | 2006-01-17 | Message Secure | Secure and reliable document delivery |
US6578025B1 (en) | 1999-06-11 | 2003-06-10 | Abuzz Technologies, Inc. | Method and apparatus for distributing information to users |
US6247045B1 (en) | 1999-06-24 | 2001-06-12 | International Business Machines Corporation | Method and apparatus for sending private messages within a single electronic message |
US6675153B1 (en) | 1999-07-06 | 2004-01-06 | Zix Corporation | Transaction authorization system |
US6910135B1 (en) | 1999-07-07 | 2005-06-21 | Verizon Corporate Services Group Inc. | Method and apparatus for an intruder detection reporting and response system |
US6324647B1 (en) | 1999-08-31 | 2001-11-27 | Michel K. Bowman-Amuah | System, method and article of manufacture for security management in a development architecture framework |
US6304898B1 (en) | 1999-10-13 | 2001-10-16 | Datahouse, Inc. | Method and system for creating and sending graphical email |
US7363361B2 (en) | 2000-08-18 | 2008-04-22 | Akamai Technologies, Inc. | Secure content delivery system |
US6321267B1 (en) | 1999-11-23 | 2001-11-20 | Escom Corporation | Method and apparatus for filtering junk email |
US6363489B1 (en) | 1999-11-29 | 2002-03-26 | Forescout Technologies Inc. | Method for automatic intrusion detection and deflection in a network |
US6697950B1 (en) | 1999-12-22 | 2004-02-24 | Networks Associates Technology, Inc. | Method and apparatus for detecting a macro computer virus using static analysis |
US6775657B1 (en) | 1999-12-22 | 2004-08-10 | Cisco Technology, Inc. | Multilayered intrusion detection system and method |
US6343290B1 (en) | 1999-12-22 | 2002-01-29 | Celeritas Technologies, L.L.C. | Geographic network management system |
US6701440B1 (en) | 2000-01-06 | 2004-03-02 | Networks Associates Technology, Inc. | Method and system for protecting a computer using a remote e-mail scanning device |
IL134066A (en) | 2000-01-16 | 2004-07-25 | Eluv Holdings Ltd | Key encrypted e-mail system |
US20020016910A1 (en) | 2000-02-11 | 2002-02-07 | Wright Robert P. | Method for secure distribution of documents over electronic networks |
US7039641B2 (en) | 2000-02-24 | 2006-05-02 | Lucent Technologies Inc. | Modular packet classification |
US7159237B2 (en) | 2000-03-16 | 2007-01-02 | Counterpane Internet Security, Inc. | Method and system for dynamic network intrusion monitoring, detection and response |
US6892237B1 (en) | 2000-03-28 | 2005-05-10 | Cisco Technology, Inc. | Method and apparatus for high-speed parsing of network messages |
US6519703B1 (en) | 2000-04-14 | 2003-02-11 | James B. Joyce | Methods and apparatus for heuristic firewall |
US6742124B1 (en) | 2000-05-08 | 2004-05-25 | Networks Associates Technology, Inc. | Sequence-based anomaly detection using a distance matrix |
US6735703B1 (en) | 2000-05-08 | 2004-05-11 | Networks Associates Technology, Inc. | Multi-platform sequence-based anomaly detection wrapper |
US20030159070A1 (en) | 2001-05-28 | 2003-08-21 | Yaron Mayer | System and method for comprehensive general generic protection for computers against malicious programs that may steal information and/or cause damages |
JP2002056176A (ja) | 2000-06-01 | 2002-02-20 | Asgent Inc | セキュリティポリシー構築方法及び装置並びにセキュリティポリシー構築を支援する方法及び装置 |
US6892178B1 (en) | 2000-06-02 | 2005-05-10 | Open Ratings Inc. | Method and system for ascribing a reputation to an entity from the perspective of another entity |
US6892179B1 (en) | 2000-06-02 | 2005-05-10 | Open Ratings Inc. | System and method for ascribing a reputation to an entity |
US6895385B1 (en) | 2000-06-02 | 2005-05-17 | Open Ratings | Method and system for ascribing a reputation to an entity as a rater of other entities |
US20020023140A1 (en) | 2000-06-08 | 2002-02-21 | Hile John K. | Electronic document delivery system |
US6732101B1 (en) | 2000-06-15 | 2004-05-04 | Zix Corporation | Secure message forwarding system detecting user's preferences including security preferences |
US20030061506A1 (en) | 2001-04-05 | 2003-03-27 | Geoffrey Cooper | System and method for security policy |
US7328349B2 (en) | 2001-12-14 | 2008-02-05 | Bbn Technologies Corp. | Hash-based systems and methods for detecting, preventing, and tracing network worms and viruses |
US20020046041A1 (en) | 2000-06-23 | 2002-04-18 | Ken Lang | Automated reputation/trust service |
AU2001266174A1 (en) | 2000-06-30 | 2002-01-14 | British Telecommunications Public Limited Company | Packet data communications |
US8661539B2 (en) | 2000-07-10 | 2014-02-25 | Oracle International Corporation | Intrusion threat detection |
US20020013692A1 (en) | 2000-07-17 | 2002-01-31 | Ravinder Chandhok | Method of and system for screening electronic mail items |
US6738462B1 (en) | 2000-07-19 | 2004-05-18 | Avaya Technology Corp. | Unified communications automated personal name addressing |
US6687687B1 (en) | 2000-07-26 | 2004-02-03 | Zix Scm, Inc. | Dynamic indexing information retrieval or filtering system |
WO2002015518A2 (en) | 2000-08-16 | 2002-02-21 | Filestream, Inc. | End-to-end secure file transfer method and system |
US7043759B2 (en) | 2000-09-07 | 2006-05-09 | Mazu Networks, Inc. | Architecture to thwart denial of service attacks |
US7278159B2 (en) | 2000-09-07 | 2007-10-02 | Mazu Networks, Inc. | Coordinated thwarting of denial of service attacks |
US20020032871A1 (en) | 2000-09-08 | 2002-03-14 | The Regents Of The University Of Michigan | Method and system for detecting, tracking and blocking denial of service attacks over a computer network |
US6650890B1 (en) | 2000-09-29 | 2003-11-18 | Postini, Inc. | Value-added electronic messaging services and transparent implementation thereof using intermediate server |
US6757830B1 (en) | 2000-10-03 | 2004-06-29 | Networks Associates Technology, Inc. | Detecting unwanted properties in received email messages |
US6968461B1 (en) | 2000-10-03 | 2005-11-22 | Networks Associates Technology, Inc. | Providing break points in a malware scanning operation |
US20020062368A1 (en) | 2000-10-11 | 2002-05-23 | David Holtzman | System and method for establishing and evaluating cross community identities in electronic forums |
US20030097439A1 (en) | 2000-10-23 | 2003-05-22 | Strayer William Timothy | Systems and methods for identifying anomalies in network data streams |
US20020078382A1 (en) | 2000-11-29 | 2002-06-20 | Ali Sheikh | Scalable system for monitoring network system and components and methodology therefore |
WO2002045380A2 (en) | 2000-11-30 | 2002-06-06 | Lancope, Inc. | Flow-based detection of network intrusions |
CA2327211A1 (en) | 2000-12-01 | 2002-06-01 | Nortel Networks Limited | Management of log archival and reporting for data network security systems |
US7818249B2 (en) | 2001-01-02 | 2010-10-19 | Verizon Patent And Licensing Inc. | Object-oriented method, system and medium for risk management by creating inter-dependency between objects, criteria and metrics |
GB2371125A (en) | 2001-01-13 | 2002-07-17 | Secr Defence | Computer protection system |
US20030051026A1 (en) | 2001-01-19 | 2003-03-13 | Carter Ernst B. | Network surveillance and security system |
US7168093B2 (en) | 2001-01-25 | 2007-01-23 | Solutionary, Inc. | Method and apparatus for verifying the integrity and security of computer networks and implementation of counter measures |
US6983380B2 (en) | 2001-02-06 | 2006-01-03 | Networks Associates Technology, Inc. | Automatically generating valid behavior specifications for intrusion detection |
US7281267B2 (en) | 2001-02-20 | 2007-10-09 | Mcafee, Inc. | Software audit system |
US20020120853A1 (en) | 2001-02-27 | 2002-08-29 | Networks Associates Technology, Inc. | Scripted distributed denial-of-service (DDoS) attack discrimination using turing tests |
US20020143963A1 (en) | 2001-03-15 | 2002-10-03 | International Business Machines Corporation | Web server intrusion detection method and apparatus |
US7313822B2 (en) | 2001-03-16 | 2007-12-25 | Protegrity Corporation | Application-layer security method and system |
US20020133365A1 (en) | 2001-03-19 | 2002-09-19 | William Grey | System and method for aggregating reputational information |
US7287280B2 (en) | 2002-02-12 | 2007-10-23 | Goldman Sachs & Co. | Automated security management |
US20020138759A1 (en) | 2001-03-26 | 2002-09-26 | International Business Machines Corporation | System and method for secure delivery of a parcel or document |
US20020147734A1 (en) | 2001-04-06 | 2002-10-10 | Shoup Randall Scott | Archiving method and system |
WO2002084495A1 (en) | 2001-04-13 | 2002-10-24 | Nokia, Inc. | System and method for providing exploit protection for networks |
US6941478B2 (en) | 2001-04-13 | 2005-09-06 | Nokia, Inc. | System and method for providing exploit protection with message tracking |
US7603709B2 (en) | 2001-05-03 | 2009-10-13 | Computer Associates Think, Inc. | Method and apparatus for predicting and preventing attacks in communications networks |
US7769845B2 (en) | 2001-05-04 | 2010-08-03 | Whale Communications Ltd | Method and system for terminating an authentication session upon user sign-off |
US20030055931A1 (en) | 2001-09-18 | 2003-03-20 | Cravo De Almeida Marcio | Managing a remote device |
US6768991B2 (en) | 2001-05-15 | 2004-07-27 | Networks Associates Technology, Inc. | Searching for sequences of character data |
WO2002093849A2 (en) | 2001-05-16 | 2002-11-21 | Kasten Chase Applied Research Limited | System for secure electronic information transmission |
US20030028803A1 (en) | 2001-05-18 | 2003-02-06 | Bunker Nelson Waldo | Network vulnerability assessment system and method |
US7325252B2 (en) | 2001-05-18 | 2008-01-29 | Achilles Guard Inc. | Network security testing |
US20020178227A1 (en) | 2001-05-25 | 2002-11-28 | International Business Machines Corporation | Routing instant messages using configurable, pluggable delivery managers |
US7458094B2 (en) | 2001-06-06 | 2008-11-25 | Science Applications International Corporation | Intrusion prevention system |
US7350234B2 (en) | 2001-06-11 | 2008-03-25 | Research Triangle Institute | Intrusion tolerant communication networks and associated methods |
US7234168B2 (en) | 2001-06-13 | 2007-06-19 | Mcafee, Inc. | Hierarchy-based method and apparatus for detecting attacks on a computer system |
DE60135449D1 (de) | 2001-06-14 | 2008-10-02 | Ibm | Eindringsdetektion in Datenverarbeitungssystemen |
DE60220214T2 (de) | 2001-06-29 | 2008-01-24 | Stonesoft Corp. | Methode und System zum Entdecken von Eindringlingen |
US20030005326A1 (en) | 2001-06-29 | 2003-01-02 | Todd Flemming | Method and system for implementing a security application services provider |
US7356689B2 (en) | 2001-07-09 | 2008-04-08 | Lucent Technologies Inc. | Method and apparatus for tracing packets in a communications network |
US6928549B2 (en) | 2001-07-09 | 2005-08-09 | International Business Machines Corporation | Dynamic intrusion detection for computer systems |
US7380279B2 (en) | 2001-07-16 | 2008-05-27 | Lenel Systems International, Inc. | System for integrating security and access for facilities and information systems |
US7673342B2 (en) | 2001-07-26 | 2010-03-02 | Mcafee, Inc. | Detecting e-mail propagated malware |
US6769016B2 (en) | 2001-07-26 | 2004-07-27 | Networks Associates Technology, Inc. | Intelligent SPAM detection system using an updateable neural analysis engine |
JP2003046576A (ja) | 2001-07-27 | 2003-02-14 | Fujitsu Ltd | メッセージ配送システム並びにメッセージ配送管理サーバ,メッセージ配送管理プログラムおよび同プログラムを記録したコンピュータ読取可能な記録媒体 |
US7243374B2 (en) | 2001-08-08 | 2007-07-10 | Microsoft Corporation | Rapid application security threat analysis |
US20030033463A1 (en) | 2001-08-10 | 2003-02-13 | Garnett Paul J. | Computer system storage |
US7278160B2 (en) | 2001-08-16 | 2007-10-02 | International Business Machines Corporation | Presentation of correlated events as situation classes |
US7657935B2 (en) | 2001-08-16 | 2010-02-02 | The Trustees Of Columbia University In The City Of New York | System and methods for detecting malicious email transmission |
US6928556B2 (en) | 2001-08-30 | 2005-08-09 | International Business Machines Corporation | Method and apparatus in a data processing system for managing situations from correlated events |
US20030051163A1 (en) | 2001-09-13 | 2003-03-13 | Olivier Bidaud | Distributed network architecture security system |
US20030065943A1 (en) | 2001-09-28 | 2003-04-03 | Christoph Geis | Method and apparatus for recognizing and reacting to denial of service attacks on a computerized network |
US6907430B2 (en) | 2001-10-04 | 2005-06-14 | Booz-Allen Hamilton, Inc. | Method and system for assessing attacks on computer networks using Bayesian networks |
US8261059B2 (en) | 2001-10-25 | 2012-09-04 | Verizon Business Global Llc | Secure file transfer and secure file transfer protocol |
US7444679B2 (en) | 2001-10-31 | 2008-10-28 | Hewlett-Packard Development Company, L.P. | Network, method and computer readable medium for distributing security updates to select nodes on a network |
US20030135749A1 (en) | 2001-10-31 | 2003-07-17 | Gales George S. | System and method of defining the security vulnerabilities of a computer system |
US20030084323A1 (en) | 2001-10-31 | 2003-05-01 | Gales George S. | Network intrusion detection system and method |
JP2003150748A (ja) | 2001-11-09 | 2003-05-23 | Asgent Inc | リスク評価方法 |
US7315944B2 (en) | 2001-11-13 | 2008-01-01 | Ericsson Inc. | Secure handling of stored-value data objects |
US20030093695A1 (en) | 2001-11-13 | 2003-05-15 | Santanu Dutta | Secure handling of stored-value data objects |
US7487262B2 (en) | 2001-11-16 | 2009-02-03 | At & T Mobility Ii, Llc | Methods and systems for routing messages through a communications network based on message content |
US20030095555A1 (en) | 2001-11-16 | 2003-05-22 | Mcnamara Justin | System for the validation and routing of messages |
US6546493B1 (en) | 2001-11-30 | 2003-04-08 | Networks Associates Technology, Inc. | System, method and computer program product for risk assessment scanning based on detected anomalous events |
US20030126464A1 (en) | 2001-12-04 | 2003-07-03 | Mcdaniel Patrick D. | Method and system for determining and enforcing security policy in a communication session |
US20030110392A1 (en) | 2001-12-06 | 2003-06-12 | Aucsmith David W. | Detecting intrusions |
KR100427449B1 (ko) | 2001-12-14 | 2004-04-14 | 한국전자통신연구원 | 네트워크 기반 침입탐지시스템의 적응적 규칙 추정에 의한침입탐지방법 |
US6754705B2 (en) | 2001-12-21 | 2004-06-22 | Networks Associates Technology, Inc. | Enterprise network analyzer architecture framework |
US7096500B2 (en) | 2001-12-21 | 2006-08-22 | Mcafee, Inc. | Predictive malware scanning of internet data |
US7400729B2 (en) | 2001-12-28 | 2008-07-15 | Intel Corporation | Secure delivery of encrypted digital content |
KR20040069324A (ko) | 2001-12-31 | 2004-08-05 | 시타델 시큐리티 소프트웨어, 인크. | 컴퓨터 취약성 자동 해결 시스템 |
JP4152108B2 (ja) | 2002-01-18 | 2008-09-17 | 株式会社コムスクエア | 脆弱点監視方法及びシステム |
US7222366B2 (en) | 2002-01-28 | 2007-05-22 | International Business Machines Corporation | Intrusion event filtering |
US7076803B2 (en) | 2002-01-28 | 2006-07-11 | International Business Machines Corporation | Integrated intrusion detection services |
US7268899B2 (en) | 2002-01-31 | 2007-09-11 | Hewlett-Packard Development Company, L.P. | Secure system for delivery of a fax to a remote user |
US20030149887A1 (en) | 2002-02-01 | 2003-08-07 | Satyendra Yadav | Application-specific network intrusion detection |
US7174566B2 (en) | 2002-02-01 | 2007-02-06 | Intel Corporation | Integrated network intrusion detection |
US8370936B2 (en) | 2002-02-08 | 2013-02-05 | Juniper Networks, Inc. | Multi-method gateway-based network security systems and methods |
US7073074B2 (en) | 2002-02-13 | 2006-07-04 | Microsoft Corporation | System and method for storing events to enhance intrusion detection |
KR100468232B1 (ko) | 2002-02-19 | 2005-01-26 | 한국전자통신연구원 | 분산된 침입탐지 에이전트와 관리자 시스템을 이용한네트워크 기반 침입자 역추적 시스템 및 그 방법 |
ATE427608T1 (de) | 2002-02-19 | 2009-04-15 | Postini Inc | E-mail-verwaltungsdienste |
US7546338B2 (en) | 2002-02-25 | 2009-06-09 | Ascentive Llc | Method and system for screening remote site connections and filtering data based on a community trust assessment |
US6941467B2 (en) | 2002-03-08 | 2005-09-06 | Ciphertrust, Inc. | Systems and methods for adaptive message interrogation through multiple queues |
US20030172291A1 (en) | 2002-03-08 | 2003-09-11 | Paul Judge | Systems and methods for automated whitelisting in monitored communications |
US20060015942A1 (en) * | 2002-03-08 | 2006-01-19 | Ciphertrust, Inc. | Systems and methods for classification of messaging entities |
US7458098B2 (en) | 2002-03-08 | 2008-11-25 | Secure Computing Corporation | Systems and methods for enhancing electronic communication security |
US7694128B2 (en) | 2002-03-08 | 2010-04-06 | Mcafee, Inc. | Systems and methods for secure communication delivery |
US7124438B2 (en) | 2002-03-08 | 2006-10-17 | Ciphertrust, Inc. | Systems and methods for anomaly detection in patterns of monitored communications |
US7792905B2 (en) | 2002-03-21 | 2010-09-07 | International Business Machines Corporation | Tan language for displaying digital objects in email |
US7512649B2 (en) | 2002-03-22 | 2009-03-31 | Sun Microsytems, Inc. | Distributed identities |
WO2003092217A1 (en) | 2002-04-23 | 2003-11-06 | Patentek, Inc. | Method and system for securely communicating data in a communications network |
AUPS193202A0 (en) | 2002-04-23 | 2002-05-30 | Pickup, Robert Barkley Mr | A method and system for authorising electronic mail |
US20040203589A1 (en) | 2002-07-11 | 2004-10-14 | Wang Jiwei R. | Method and system for controlling messages in a communication network |
US8924484B2 (en) | 2002-07-16 | 2014-12-30 | Sonicwall, Inc. | Active e-mail filter with challenge-response |
US7017186B2 (en) | 2002-07-30 | 2006-03-21 | Steelcloud, Inc. | Intrusion detection system using self-organizing clusters |
US6742128B1 (en) | 2002-08-28 | 2004-05-25 | Networks Associates Technology | Threat assessment orchestrator system and method |
JP3831696B2 (ja) | 2002-09-20 | 2006-10-11 | 株式会社日立製作所 | ネットワーク管理装置およびネットワーク管理方法 |
US7200658B2 (en) | 2002-11-12 | 2007-04-03 | Movielink, Llc | Network geo-location system |
US20040111531A1 (en) | 2002-12-06 | 2004-06-10 | Stuart Staniford | Method and system for reducing the rate of infection of a communications network by a software worm |
US6732157B1 (en) | 2002-12-13 | 2004-05-04 | Networks Associates Technology, Inc. | Comprehensive anti-spam system, method, and computer program product for filtering unwanted e-mail messages |
US7467206B2 (en) | 2002-12-23 | 2008-12-16 | Microsoft Corporation | Reputation system for web services |
US7171450B2 (en) | 2003-01-09 | 2007-01-30 | Microsoft Corporation | Framework to enable integration of anti-spam technologies |
US7617160B1 (en) | 2003-02-05 | 2009-11-10 | Michael I. Grove | Choice-based relationship system (CRS) |
US20050091320A1 (en) | 2003-10-09 | 2005-04-28 | Kirsch Steven T. | Method and system for categorizing and processing e-mails |
US20050091319A1 (en) | 2003-10-09 | 2005-04-28 | Kirsch Steven T. | Database for receiving, storing and compiling information about email messages |
US7206814B2 (en) | 2003-10-09 | 2007-04-17 | Propel Software Corporation | Method and system for categorizing and processing e-mails |
US20040177120A1 (en) | 2003-03-07 | 2004-09-09 | Kirsch Steven T. | Method for filtering e-mail messages |
US7676546B2 (en) | 2003-03-25 | 2010-03-09 | Verisign, Inc. | Control and management of electronic messaging |
GB0307913D0 (en) | 2003-04-05 | 2003-05-14 | Hewlett Packard Development Co | Management of peer-to-peer network using reputation services |
US7263607B2 (en) | 2003-06-12 | 2007-08-28 | Microsoft Corporation | Categorizing electronic messages based on trust between electronic messaging entities |
US7051077B2 (en) | 2003-06-30 | 2006-05-23 | Mx Logic, Inc. | Fuzzy logic voting method and system for classifying e-mail using inputs from multiple spam classifiers |
US7769594B2 (en) | 2003-09-05 | 2010-08-03 | France Telecom | Evaluation of reputation of an entity by a primary evaluation centre |
US20050102366A1 (en) | 2003-11-07 | 2005-05-12 | Kirsch Steven T. | E-mail filter employing adaptive ruleset |
US7621162B2 (en) | 2003-12-30 | 2009-11-24 | Alcatel Lucent | Hierarchical flow-characterizing multiplexor |
US8010459B2 (en) | 2004-01-21 | 2011-08-30 | Google Inc. | Methods and systems for rating associated members in a social network |
US7774350B2 (en) | 2004-02-26 | 2010-08-10 | Ebay Inc. | System and method to provide and display enhanced feedback in an online transaction processing environment |
US8918466B2 (en) | 2004-03-09 | 2014-12-23 | Tonny Yu | System for email processing and analysis |
US7644127B2 (en) | 2004-03-09 | 2010-01-05 | Gozoom.Com, Inc. | Email analysis using fuzzy matching of text |
US8788492B2 (en) | 2004-03-15 | 2014-07-22 | Yahoo!, Inc. | Search system and methods with integration of user annotations from a trust network |
US7580350B1 (en) | 2004-03-30 | 2009-08-25 | Extreme Networks, Inc. | System for deriving packet quality of service indicator |
WO2005116851A2 (en) | 2004-05-25 | 2005-12-08 | Postini, Inc. | Electronic message source information reputation system |
US7756930B2 (en) | 2004-05-28 | 2010-07-13 | Ironport Systems, Inc. | Techniques for determining the reputation of a message sender |
US20060009994A1 (en) | 2004-07-07 | 2006-01-12 | Tad Hogg | System and method for reputation rating |
US7660865B2 (en) | 2004-08-12 | 2010-02-09 | Microsoft Corporation | Spam filtering with probabilistic secure hashes |
US7933985B2 (en) | 2004-08-13 | 2011-04-26 | Sipera Systems, Inc. | System and method for detecting and preventing denial of service attacks in a communications system |
US8914309B2 (en) * | 2004-08-20 | 2014-12-16 | Ebay Inc. | Method and system for tracking fraudulent activity |
US8010460B2 (en) | 2004-09-02 | 2011-08-30 | Linkedin Corporation | Method and system for reputation evaluation of online users in a social networking scheme |
US7545748B1 (en) | 2004-09-10 | 2009-06-09 | Packeteer, Inc. | Classification and management of network traffic based on attributes orthogonal to explicit packet attributes |
US7460476B1 (en) | 2004-10-18 | 2008-12-02 | Ubicom, Inc. | Automatic adaptive network traffic prioritization and shaping |
US20060095404A1 (en) | 2004-10-29 | 2006-05-04 | The Go Daddy Group, Inc | Presenting search engine results based on domain name related reputation |
US8117339B2 (en) | 2004-10-29 | 2012-02-14 | Go Daddy Operating Company, LLC | Tracking domain name related reputation |
US20060123083A1 (en) | 2004-12-03 | 2006-06-08 | Xerox Corporation | Adaptive spam message detector |
US7610344B2 (en) | 2004-12-13 | 2009-10-27 | Microsoft Corporation | Sender reputations for spam prevention |
US20060155553A1 (en) | 2004-12-30 | 2006-07-13 | Brohman Carole G | Risk management methods and systems |
US20060230039A1 (en) | 2005-01-25 | 2006-10-12 | Markmonitor, Inc. | Online identity tracking |
EP1856640A2 (en) | 2005-03-02 | 2007-11-21 | Markmonitor, Inc. | Trust evaluation systems and methods |
US7603718B2 (en) | 2005-03-31 | 2009-10-13 | Microsoft Corporation | Systems and methods for protecting personally identifiable information |
US7822620B2 (en) | 2005-05-03 | 2010-10-26 | Mcafee, Inc. | Determining website reputations using automatic testing |
US20060253582A1 (en) | 2005-05-03 | 2006-11-09 | Dixon Christopher J | Indicating website reputations within search results |
US20060277259A1 (en) | 2005-06-07 | 2006-12-07 | Microsoft Corporation | Distributed sender reputations |
JP2006350870A (ja) * | 2005-06-17 | 2006-12-28 | Nippon Telegr & Teleph Corp <Ntt> | 評判情報作成方法、評判情報管理装置、受信装置、通信システム、評判情報管理プログラム |
US20070028301A1 (en) * | 2005-07-01 | 2007-02-01 | Markmonitor Inc. | Enhanced fraud monitoring systems |
US8468244B2 (en) | 2007-01-05 | 2013-06-18 | Digital Doors, Inc. | Digital information infrastructure and method for security designated data and with granular data stores |
US7813277B2 (en) | 2007-06-29 | 2010-10-12 | Packeteer, Inc. | Lockless bandwidth management for multiprocessor networking devices |
US20090113016A1 (en) | 2007-10-24 | 2009-04-30 | Subhabrata Sen | Managing email servers by prioritizing emails |
US8200587B2 (en) | 2008-04-07 | 2012-06-12 | Microsoft Corporation | Techniques to filter media content based on entity reputation |
-
2007
- 2007-01-24 US US11/626,462 patent/US7949716B2/en active Active
-
2008
- 2008-01-24 AU AU2008207926A patent/AU2008207926B2/en active Active
- 2008-01-24 WO PCT/US2008/051867 patent/WO2008091982A1/en active Application Filing
- 2008-01-24 EP EP08728169.7A patent/EP2115688B1/en active Active
- 2008-01-24 CN CN200880009772.4A patent/CN101730904B/zh active Active
Cited By (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8561167B2 (en) | 2002-03-08 | 2013-10-15 | Mcafee, Inc. | Web reputation scoring |
US8578480B2 (en) | 2002-03-08 | 2013-11-05 | Mcafee, Inc. | Systems and methods for identifying potentially malicious messages |
US8549611B2 (en) | 2002-03-08 | 2013-10-01 | Mcafee, Inc. | Systems and methods for classification of messaging entities |
US8635690B2 (en) | 2004-11-05 | 2014-01-21 | Mcafee, Inc. | Reputation based message processing |
US9009321B2 (en) | 2007-01-24 | 2015-04-14 | Mcafee, Inc. | Multi-dimensional reputation scoring |
US10050917B2 (en) | 2007-01-24 | 2018-08-14 | Mcafee, Llc | Multi-dimensional reputation scoring |
US9544272B2 (en) | 2007-01-24 | 2017-01-10 | Intel Corporation | Detecting image spam |
US8762537B2 (en) | 2007-01-24 | 2014-06-24 | Mcafee, Inc. | Multi-dimensional reputation scoring |
US8763114B2 (en) | 2007-01-24 | 2014-06-24 | Mcafee, Inc. | Detecting image spam |
US8621559B2 (en) | 2007-11-06 | 2013-12-31 | Mcafee, Inc. | Adjusting filter or classification control settings |
US8589503B2 (en) | 2008-04-04 | 2013-11-19 | Mcafee, Inc. | Prioritizing network traffic |
US8606910B2 (en) | 2008-04-04 | 2013-12-10 | Mcafee, Inc. | Prioritizing network traffic |
US8621638B2 (en) | 2010-05-14 | 2013-12-31 | Mcafee, Inc. | Systems and methods for classification of messaging entities |
Also Published As
Publication number | Publication date |
---|---|
US7949716B2 (en) | 2011-05-24 |
CN101730904B (zh) | 2017-05-24 |
WO2008091982A1 (en) | 2008-07-31 |
US20080177691A1 (en) | 2008-07-24 |
EP2115688A4 (en) | 2013-02-13 |
AU2008207926A1 (en) | 2008-07-31 |
EP2115688A1 (en) | 2009-11-11 |
EP2115688B1 (en) | 2019-03-13 |
AU2008207926B2 (en) | 2012-09-27 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN101730903B (zh) | 多维声誉评分 | |
CN101730904A (zh) | 实体属性的关联和分析 | |
CN101730892A (zh) | 网络声誉评分 | |
US9544272B2 (en) | Detecting image spam | |
US7937480B2 (en) | Aggregation of reputation data | |
US7779156B2 (en) | Reputation based load balancing | |
US8561167B2 (en) | Web reputation scoring | |
US8179798B2 (en) | Reputation based connection throttling | |
CN103444130A (zh) | 调整过滤器或者分类控制设置 | |
US10341382B2 (en) | System and method for filtering electronic messages | |
Aravindhan et al. | Certain investigation on web application security: Phishing detection and phishing target discovery | |
CN110061981A (zh) | 一种攻击检测方法及装置 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CP01 | Change in the name or title of a patent holder | ||
CP01 | Change in the name or title of a patent holder |
Address after: American California Patentee after: McAfee limited liability company Address before: American California Patentee before: Mai Kefei company |