WO2006136605A1 - Method and system for filtering electronic messages - Google Patents
Method and system for filtering electronic messages Download PDFInfo
- Publication number
- WO2006136605A1 WO2006136605A1 PCT/EP2006/063474 EP2006063474W WO2006136605A1 WO 2006136605 A1 WO2006136605 A1 WO 2006136605A1 EP 2006063474 W EP2006063474 W EP 2006063474W WO 2006136605 A1 WO2006136605 A1 WO 2006136605A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- electronic message
- message
- network location
- data
- url
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L51/00—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
- H04L51/21—Monitoring or handling of messages
- H04L51/212—Monitoring or handling of messages using filtering or selective blocking
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L51/00—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
- H04L51/06—Message adaptation to terminal or network requirements
- H04L51/063—Content adaptation, e.g. replacement of unsuitable content
Definitions
- the present invention relates to a method and system for filtering electronic messages, and is particularly, but not exclusively, suitable for filtering emails having data therein identifying a link to a remote processing system, which, when activated, causes the recipient to retrieve data from the remote processing system.
- SMSTP Internet email
- a considerable amount of effort has been focused on developing methods for filtering such unsolicited emails, many of which are based on searching for and identifying patterns within various fields of an email. In an attempt to bypass these filters, new methods are constantly being developed, some of which rely on the recipient of an email performing additional actions beyond reading the incoming email.
- a Uniform Resource Locator is specified within the body of the email, which, at first sight appears to originate from a legitimate source, but which is in fact disguised; when the recipient clicks on the URL, a file is downloaded onto the recipient's machine and can cause unexpected behaviour.
- URLs may direct the recipient to visit a site which is similarly-named to a popular site but which is not operated by the organisation owning the well known site, and which attempts to capture user identification and financial details.
- a URL may be crafted to exploit vulnerability in the recipient's web browsing software or result in downloading of an executable process that runs autonomously on the recipient's machine without the knowledge of the recipient.
- a method of modifying an electronic message during transmission through a communications network said electronic message having a source address and a recipient address, the method comprising: interrupting transmission of the electronic message; identifying a link specified within the electronic message; analyzing the electronic message on the basis of at least an attribute intrinsic to the received electronic message so as to classify the received message as either a first type of message or a second, different, type of message; if the received message is classified as the first type of message, modifying the received electronic message so as to replace the link with an alternative network location, said alternative network location corresponding to a remote processing system different to that corresponding to the link; and transmitting the modified electronic message.
- embodiments of the invention selectively modify the link on the basis of various tests relating to attributes intrinsic to the email. This means that only those emails that present some sort of risk to the recipient are modified, and, because the criteria for performing the modification relate to attributes intrinsic to the emails instead of the content associated with the link, the delivery of emails is not significantly delayed by processes involved in retrieval and analysis of data from third party sites.
- the analysis is performed on the basis of attributes of the email such as sender, recipient, subject and content of the email etc., and can also be performed on the basis the content and format of the original link itself.
- the link can be of an external or an internal type, and which is contained within the body or subject field of an email.
- Links of the external type specify network locations, and are commonly described as web links (or URLs), while links of the internal type specify locations or objects etc. within the email.
- Embodiments of the invention are most suitable for cases where the link is of the external type and specifies a network location; in this aspect of the invention, embodiments provide a means for replacing an unknown URL with a URL that is secure.
- the secure network location subsequently accesses the unknown network location contained within the original email.
- This method is particularly useful for emails formatted in accordance with a mark-up language such as the Hyper Text Mark-up Language (HTML), in respect of which forgery and creation of "special" URLs is becoming increasingly prevalent.
- HTML Hyper Text Mark-up Language
- the original URL is replaced by the modified URL
- modification can involve encoding the original URL and wrapping the original URL within a URL indicative of the secure network location
- the modification of the URL involves generating a key corresponding to the original URL and wrapping the key within a URL indicative of the secure network location.
- a second aspect of the invention relates to the processing steps that are performed in response to a request for data from the replacement network location, and provide a method of identifying an electronic message as an unsolicited electronic message on the basis of a network location specified therein, wherein data indicative of the electronic message are stored in association with the network location, the method comprising: responsive to a request for access to the network location from a recipient of the electronic message, accessing data indicative of a classification of said electronic message; retrieving data associated with said network location and analysing said retrieved data so as to validate said classification of said electronic message as unsolicited or solicited.
- embodiments of the invention essentially provide a two-stage fine-tuned analysis of emails, comprising a first- pass analysis for use in deciding whether or not a given URL can be accessed directly, which can be based on attributes of the email other than the URL (but which can additionally take account of the URL), and a second-pass analysis that operates in response to the behaviour of the email recipient and performs the analysis based, specifically, on details of a URL that has been wrapped during the first -pass analysis.
- Embodiments of the invention therefore have several distinct advantages over the methods described in the prior art: firstly the first-pass analysis is relatively unintensive, processing-wise, which means that there is a minimal delay to the transmission of emails; secondly emails are selectively modified in an informed manner, based on the first-pass analysis, which means that the recipient is not always directed to the secure processing system when clicking on a URL; and thirdly the second-pass analysis of the data stored at the original URL is only performed in respect of data currently available from the network location, rather than data that were current at the time of analyzing the email during transmission.
- a data processing system is also described, which is configured to intercept electronic messages prior to delivery to the intended recipient and perform analysis and selective modification of the intercepted messages in the manner described above.
- Figure 1 is a schematic diagram showing an environment within which a URL processing system according to an embodiment of the invention operate;
- Figure 2 is a schematic diagram showing an example of components of the URL processing system shown in Figure 1;
- Figure 3 is a schematic flow diagram showing steps performed by a part of the URL processing system of Figure 2;
- Figure 4 is a schematic flow diagram showing further steps performed by part of the URL processing system of Figure 2; and Figure 5 is a schematic flow diagram showing steps performed by a web server shown in Figure 2 configured in accordance with embodiments of the invention.
- embodiments of the invention are concerned with protecting email recipients from maliciously-crafted web links, which, most commonly, are embodied in the form of URLs.
- a system according to an embodiment of the invention is implemented within the normal email delivery path; referring to Figure 1 , such a delivery path is shown in the context of sender A creating and sending an email to recipient B: the email is sent from terminal Tl, at which the sender A has composed the email, and is delivered to a terminal T2 corresponding to the email address of the email.
- the email is sent from terminal Tl to a local mail server Sl cooperating with terminal Tl, which may reside on a local area network or at an ISP; when the local mail server Sl receives the email, the mail server Sl queries a Domain Name Server (DNS) 101 to obtain the Internet Protocol (IP) address for the recipient's email address.
- DNS Domain Name Server
- the DNS record corresponding to the recipient's address is preconfigured to comprise data identifying a URL processing system 103 (e.g. by modifying the associated mail exchange (MX) record), which means that all emails destined for recipient B are automatically directed to the URL processing system 103 instead of to the mail server corresponding to recipient B's email address.
- MX mail exchange
- the URL processing system 103 is a type of message transfer agent.
- the URL processing system 103 preferably comprises an application server, a web server, various conventional and bespoke processing components, and can comprise one or a plurality of machines, which collectively analyse emails in accordance with various criteria, as described in more detail below.
- the URL processing system 103 is connected to various servers and gateways, typically via a public network such as the Internet Nl, including the destination email server S2 corresponding to the recipient's email address. Accordingly, once the URL processing system 103 has processed the email, it transmits the processed email to the email server S2 corresponding to terminal T2.
- the URL processing system 103 selectively modifies the email before sending onto the email server S2.
- the modification involves adding data to the email that enables the recipient B to request information relating to the original URL that was included in the email sent by sender A, but that directs the request to a secure processing system rather than to the URL specified in the original email.
- FIG. 3 when an email is received by the URL processing system 103, it is passed to the application server 205, for processing by the URL software component 207 (step 301).
- the email is analysed for the presence of otherwise of one or more web links or hyperlinks (step 303); in the event that no such link is identified, the software component 207 passes the email - unmodified - back to the application server 205, for routing to server S2 in the normal manner (step 305).
- the presence of a URL string may be detected in an email formatted in accordance with a mark-up language (e.
- URLs can be used to link to various parts within, and images attached to, a document (in which case the URL takes the form of an ⁇ img> tag), or to data that is externally accessible (externally accessible in relation to the email or email system).
- the software component 207 can proceed to analyse the email (step 307), either on the basis of attributes of the email alone (such as subject, format of sender and recipient address, or text within the email, as will be described below), or on the basis of these attributes and the a review of the URL; methods are known in the art for performing at least some of such analysis of an email, and include those commonly referred to as "Spam detection methods".
- URLs can be used to link either to various parts within (or of) the email, or to a site that is externally accessible.
- the software component 207 is configured to identify the type of link (internal or external), and if the link is identified as being of the external type, the software component 207 can further review the URL on the basis of one or more of the following parameters, which are stored in storage 209:
- URLs may include sub-domains and redirections to target URLs, and the inclusion of different sub-domains into a URL may enable the creation of a unique URL which points to the same target URL.
- URL "http://spamtastic.test.co.uk” can be specified from URLs that include different sub-domains. Accordingly the URL string can be examined for the presence of different sub-domains (here there are two: spamtastic.test.co.uk; test.co.uk);
- a URL can comprise another URL that points to a particular target URL; • For example, the URL "http://random.com/date/03/*http://www. spamtasic.co.uk” actually points to the target URL "http:// www. spamtasic.co.uk”. Accordingly the URL string can be examined for redirection to a different URL;
- the URL processing system 103 can maintain, or have access to, a URL blacklist that includes URLs that are known to be indicative of spam and/or relating to an email virus, and the software component 207 can be arranged to compare the or each URL within the email with those listed in the black-list; when the blacklisted URLs are stored as hash values, it is convenient for the software component 207 to generate a hash value of the or each URL within the email, enabling the comparison to be performed on the basis of the generated and stored hash values. Additionally or alternatively, the software component 207 could be arranged to compare the URL with a list of known
- parameters that are intrinsic to the email, these include the following:
- the email is scored on the basis of one, some, or all of the above parameters, and the individual scores combined in dependence on prespecified weightings.
- the software component 207 could have access to a "white-list" of URLs (each list being mutually exclusive), and if the URL is listed in the "white-list", the scoring be modified accordingly. This could be a particularly useful test criterion for emails that, on the basis of the other analysis techniques, would otherwise appear borderline-suspicious.
- the software component 207 compares the score with a predetermined threshold (step 309); in the event that the score exceeds the threshold, the URL is modified (step 311) so as to generate a second URL; otherwise the email is passed to the application server 205 for routing to the recipient (305).
- the second URL is subsequently inserted into the email (step 313) in the place of the URL included in the original email, and the modified email is transmitted (step 315) to the recipient via the application server 205.
- the second URL is formulated such that when the recipient of the modified email clicks thereon, the recipient's browser navigates to a secure processing system, which, in a preferred embodiment, is web server 203 associated with the URL processing system 103 itself, but could alternatively be a processing system maintained by a third party (not shown), or a web server that is disassociated from the URL processing system 103.
- a secure processing system which, in a preferred embodiment, is web server 203 associated with the URL processing system 103 itself, but could alternatively be a processing system maintained by a third party (not shown), or a web server that is disassociated from the URL processing system 103.
- the second URL is related to the URL contained within the original email in such a way that the secure processing system 203 subsequently accesses the URL contained within the original email; this means that it is the secure processing system 203, not the recipient's terminal T2, which receives data corresponding thereto.
- the URL processing system 103 thus effectively screens the data retrieved from the original URL, and, dependent on the result of the screening, allows or otherwise the recipient access thereto.
- the software component encodes (step 401) the original URL - e.g.
- step 403 wraps (step 403) the encoded original URL within a URL that identifies the web server 203.
- a benefit of encoding the original URL is that it securely insures the second URL against tampering; preferably the encoded original email comprises printable characters in a restricted alphabet, which prevents errors being introduced during delivery by the recipient's email system.
- the software component could alternatively wrap the original URL in plain text form, which has the benefit of providing visibility of what the original URL intended.
- the software component 207 could generate a key (e.g. the hash value computed for the original URL as part of step 307), store the original URL together with the generated key in a database DBl, and wrap the generated key within the URL that identifies the web server 203.
- the software component could be arranged to encode the original URL if it is less than a specified length, or to generate, store and wrap a key corresponding to the original URL if it exceeds the specified length.
- the recipient can elect to click on the second URL in the normal way; as will be appreciated from the foregoing, this causes the browser running on terminal T2 to attempt to retrieve data from the web server 203. Accordingly, the processing steps carried out by the web server 203 in response to the recipient clicking on the second URL will now be described with reference to Figure 5.
- the second URL comprises data enabling the web server 203 to identify the format of the request (i.e. the format of the second URL): accordingly, in response to a request from the browser of terminal T2 (step 501), the web server 203 is arranged to identify the format of the request (step 503).
- the web server 203 accesses the database DBl so as to retrieve the original URL (step 505); in the case of the second URL comprising an encoded version of the original URL, the process Pl decodes the encoded data in accordance with an encoding scheme corresponding thereto (step 507).
- the web server 203 analyzes the fetched data (step 511) in accordance with evaluation criteria stored in storage 209.
- the evaluation criteria 209 causes the web server 203 to search for predetermined strings (e.g., "bet”, "loan”, "$$$", etc.), each of the predetermined string having been previously rated as indicative of the fetched information being spam.
- predetermined strings e.g., "bet”, "loan”, "$$$$", etc.
- the string "car” can be assigned a score of 5
- the string "$$$" can be a score of 200, where a higher score indicates a higher likelihood that the string is from a spam website.
- Step 511 can also involve the web server 203 identifying whether the URL is linked to an executable, which, when accessed, would result in a process (e.g. a keyboard logger) being run on the machine from which the URL is accessed. Accordingly the web server 203 reviews the format of the fetched data, and, if the site corresponding to the original email tries to download binary data, the web server 203 may quarantine the data for further analysis or alternatively analyse the binary data with an anti-virus tool and, depending on the results of this analysis, choose to quarantine the data.
- a process e.g. a keyboard logger
- evaluation criteria 209 causes the web server 203 to review the content of the original URL to identify whether it is linked to another, different site, in which case the above-mentioned analysis is performed in relation to the linked site.
- the web server 203 informs the recipient accordingly (step 515) and automatically retrieves data corresponding to the authenticated website for display on the recipient's browser.
- the retrieved data are displayed within a frame corresponding to the web server 203, and the display frame includes means for the recipient to post comments relating to the retrieved data.
- step 511 is essentially a rules-based process, and therefore only capable of detecting malicious links that conform to established detection patterns and methods; by providing recipients with a means to report a web site that the web server 203 has identified as be authentic, the repository for evaluation (209) can be updated.
- the web server 203 adds data indicative of the URL to the repository of "white-listed" URLs.
- the data in the black-listed and white- listed repositories can be reviewed by the software component 207 during the initial analysis of the original URL at step 307, as described above, as well as cascaded to other, third party, email analysis systems.
- the URL processing system 103 is described as comprising a particular number and configuration of software components, it will be appreciated that the invention could be embodied as a suite of software components, and written using a procedural or object-oriented programming language. More specifically, the above-described embodiments describe the second URL as corresponding to web server 203, which can be written and implemented in any programming language suitable for development of web-based applications, such as the JavaTM, Perl or PHP programming language. In one arrangement the URL software component 207 is written in the same programming language as that used for the web server 203, to facilitate conformance to the same format for creation, encryption and decryption of the second URL.
- the respective software components could be implemented in different programming languages, in which case the URL processing system 103 would include a library facilitating translation between the languages (for the purposes of encrypting and decrypting the second URL).
- the URL processing system 103 would include a library facilitating translation between the languages (for the purposes of encrypting and decrypting the second URL).
Abstract
Description
Claims
Priority Applications (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CA002609464A CA2609464A1 (en) | 2005-06-22 | 2006-06-22 | Method and system for filtering electronic messages |
EP06777422A EP1894369A1 (en) | 2005-06-22 | 2006-06-22 | Method and system for filtering electronic messages |
US11/579,171 US8015250B2 (en) | 2005-06-22 | 2006-06-22 | Method and system for filtering electronic messages |
AU2006260933A AU2006260933B2 (en) | 2005-06-22 | 2006-06-22 | Method and system for filtering electronic messages |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GBGB0512744.4A GB0512744D0 (en) | 2005-06-22 | 2005-06-22 | Method and system for filtering electronic messages |
GB0512744.4 | 2005-06-22 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2006136605A1 true WO2006136605A1 (en) | 2006-12-28 |
Family
ID=34855981
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/EP2006/063474 WO2006136605A1 (en) | 2005-06-22 | 2006-06-22 | Method and system for filtering electronic messages |
Country Status (6)
Country | Link |
---|---|
US (1) | US8015250B2 (en) |
EP (1) | EP1894369A1 (en) |
AU (1) | AU2006260933B2 (en) |
CA (1) | CA2609464A1 (en) |
GB (1) | GB0512744D0 (en) |
WO (1) | WO2006136605A1 (en) |
Cited By (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2008084259A1 (en) | 2007-01-09 | 2008-07-17 | Websense Hosted R&D Limited | A method and system for collecting addresses for remotely accessible information sources |
CN102801574A (en) * | 2011-05-27 | 2012-11-28 | 阿里巴巴集团控股有限公司 | Method, device and system for detecting webpage link |
US8938773B2 (en) | 2007-02-02 | 2015-01-20 | Websense, Inc. | System and method for adding context to prevent data leakage over a computer network |
US8959634B2 (en) | 2008-03-19 | 2015-02-17 | Websense, Inc. | Method and system for protection against information stealing software |
US8978140B2 (en) | 2006-07-10 | 2015-03-10 | Websense, Inc. | System and method of analyzing web content |
US9003524B2 (en) | 2006-07-10 | 2015-04-07 | Websense, Inc. | System and method for analyzing web content |
US9015842B2 (en) | 2008-03-19 | 2015-04-21 | Websense, Inc. | Method and system for protection against information stealing software |
US9117054B2 (en) | 2012-12-21 | 2015-08-25 | Websense, Inc. | Method and aparatus for presence based resource management |
US9130986B2 (en) | 2008-03-19 | 2015-09-08 | Websense, Inc. | Method and system for protection against information stealing software |
US9130972B2 (en) | 2009-05-26 | 2015-09-08 | Websense, Inc. | Systems and methods for efficient detection of fingerprinted data and information |
EP2924923A1 (en) * | 2014-03-24 | 2015-09-30 | Alcatel Lucent | Protection against suspect messages |
US9241259B2 (en) | 2012-11-30 | 2016-01-19 | Websense, Inc. | Method and apparatus for managing the transfer of sensitive information to mobile devices |
EP2859495A4 (en) * | 2012-06-07 | 2016-01-20 | Proofpoint Inc | Malicious message detection and processing |
US9378282B2 (en) | 2008-06-30 | 2016-06-28 | Raytheon Company | System and method for dynamic and real-time categorization of webpages |
US9473439B2 (en) | 2007-05-18 | 2016-10-18 | Forcepoint Uk Limited | Method and apparatus for electronic mail filtering |
US9596264B2 (en) | 2014-02-18 | 2017-03-14 | Proofpoint, Inc. | Targeted attack protection using predictive sandboxing |
US9654495B2 (en) | 2006-12-01 | 2017-05-16 | Websense, Llc | System and method of analyzing web addresses |
US9686297B2 (en) | 2012-06-07 | 2017-06-20 | Proofpoint, Inc. | Malicious message detection and processing |
Families Citing this family (44)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8205255B2 (en) * | 2007-05-14 | 2012-06-19 | Cisco Technology, Inc. | Anti-content spoofing (ACS) |
US7966553B2 (en) * | 2007-06-07 | 2011-06-21 | Microsoft Corporation | Accessible content reputation lookup |
US8359355B2 (en) * | 2007-10-16 | 2013-01-22 | International Business Machines Corporation | System and method for verifying access to content |
US8074162B1 (en) * | 2007-10-23 | 2011-12-06 | Google Inc. | Method and system for verifying the appropriateness of shared content |
US8214907B1 (en) * | 2008-02-25 | 2012-07-03 | Symantec Corporation | Collection of confidential information dissemination statistics |
US8028032B2 (en) * | 2008-09-04 | 2011-09-27 | Microsoft Corporation | Email messages |
US8935190B2 (en) * | 2008-12-12 | 2015-01-13 | At&T Intellectual Property I, L.P. | E-mail handling system and method |
US8589502B2 (en) * | 2008-12-31 | 2013-11-19 | International Business Machines Corporation | System and method for allowing access to content |
US8386573B2 (en) * | 2008-12-31 | 2013-02-26 | International Business Machines Corporation | System and method for caching linked email data for offline use |
JP2011013707A (en) * | 2009-06-30 | 2011-01-20 | Hitachi Ltd | Web page relay apparatus |
US8990083B1 (en) | 2009-09-30 | 2015-03-24 | Cisco Technology, Inc. | System and method for generating personal vocabulary from network data |
US9201965B1 (en) | 2009-09-30 | 2015-12-01 | Cisco Technology, Inc. | System and method for providing speech recognition using personal vocabulary in a network environment |
US8489390B2 (en) * | 2009-09-30 | 2013-07-16 | Cisco Technology, Inc. | System and method for generating vocabulary from network data |
US8862699B2 (en) * | 2009-12-14 | 2014-10-14 | Microsoft Corporation | Reputation based redirection service |
US8935274B1 (en) | 2010-05-12 | 2015-01-13 | Cisco Technology, Inc | System and method for deriving user expertise based on data propagating in a network environment |
US9336379B2 (en) | 2010-08-19 | 2016-05-10 | Microsoft Technology Licensing, Llc | Reputation-based safe access user experience |
US8667169B2 (en) | 2010-12-17 | 2014-03-04 | Cisco Technology, Inc. | System and method for providing argument maps based on activity in a network environment |
US9465795B2 (en) | 2010-12-17 | 2016-10-11 | Cisco Technology, Inc. | System and method for providing feeds based on activity in a network environment |
US8726387B2 (en) * | 2011-02-11 | 2014-05-13 | F-Secure Corporation | Detecting a trojan horse |
US8553065B2 (en) | 2011-04-18 | 2013-10-08 | Cisco Technology, Inc. | System and method for providing augmented data in a network environment |
US8528018B2 (en) | 2011-04-29 | 2013-09-03 | Cisco Technology, Inc. | System and method for evaluating visual worthiness of video data in a network environment |
US8620136B1 (en) | 2011-04-30 | 2013-12-31 | Cisco Technology, Inc. | System and method for media intelligent recording in a network environment |
US8909624B2 (en) | 2011-05-31 | 2014-12-09 | Cisco Technology, Inc. | System and method for evaluating results of a search query in a network environment |
US8886797B2 (en) * | 2011-07-14 | 2014-11-11 | Cisco Technology, Inc. | System and method for deriving user expertise based on data propagating in a network environment |
US10616272B2 (en) * | 2011-11-09 | 2020-04-07 | Proofpoint, Inc. | Dynamically detecting abnormalities in otherwise legitimate emails containing uniform resource locators (URLs) |
US10104029B1 (en) * | 2011-11-09 | 2018-10-16 | Proofpoint, Inc. | Email security architecture |
US8831403B2 (en) | 2012-02-01 | 2014-09-09 | Cisco Technology, Inc. | System and method for creating customized on-demand video reports in a network environment |
US8898796B2 (en) * | 2012-02-14 | 2014-11-25 | International Business Machines Corporation | Managing network data |
US9059870B1 (en) * | 2012-10-05 | 2015-06-16 | Symantec Corporation | Techniques for managing electronic message distribution |
US10171548B2 (en) * | 2014-08-26 | 2019-01-01 | Mavenir Systems, Inc. | Method and system for efficient enrichment of upper layer protocol content in transmission control program (TCP) based sessions |
EP3195140B1 (en) * | 2014-09-15 | 2020-11-04 | Proofpoint, Inc. | Malicious message detection and processing |
US20160205124A1 (en) * | 2015-01-14 | 2016-07-14 | Korea Internet & Security Agency | System and method for detecting mobile cyber incident |
US10623352B2 (en) | 2015-03-30 | 2020-04-14 | International Business Machines Corporation | Modification of electronic messages |
US20160344669A1 (en) * | 2015-05-20 | 2016-11-24 | Ryan Bonham | Managing government messages |
US9954877B2 (en) | 2015-12-21 | 2018-04-24 | Ebay Inc. | Automatic detection of hidden link mismatches with spoofed metadata |
US9559997B1 (en) | 2016-01-11 | 2017-01-31 | Paul Everton | Client agnostic email processing |
US9824332B1 (en) | 2017-04-12 | 2017-11-21 | eTorch Inc. | Email data collection compliance enforcement |
US9674129B1 (en) | 2016-10-05 | 2017-06-06 | eTorch Inc. | Email privacy enforcement |
US9473440B1 (en) * | 2016-01-19 | 2016-10-18 | International Business Machines Corporation | Hyperlink validation |
JP6758536B2 (en) * | 2018-05-22 | 2020-09-23 | 三菱電機株式会社 | Fraudulent email judgment device, fraudulent email judgment method and fraudulent email judgment program |
US11025651B2 (en) | 2018-12-06 | 2021-06-01 | Saudi Arabian Oil Company | System and method for enhanced security analysis for quarantined email messages |
US10686826B1 (en) * | 2019-03-28 | 2020-06-16 | Vade Secure Inc. | Optical scanning parameters computation methods, devices and systems for malicious URL detection |
US20230171212A1 (en) * | 2021-11-29 | 2023-06-01 | Virtual Connect Technologies, Inc. | Computerized System For Analysis Of Vertices And Edges Of An Electronic Messaging System |
US11943257B2 (en) * | 2021-12-22 | 2024-03-26 | Abnormal Security Corporation | URL rewriting |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020199095A1 (en) | 1997-07-24 | 2002-12-26 | Jean-Christophe Bandini | Method and system for filtering communication |
US6615242B1 (en) | 1998-12-28 | 2003-09-02 | At&T Corp. | Automatic uniform resource locator-based message filter |
WO2004097676A1 (en) | 2003-04-25 | 2004-11-11 | Messagelabs Limited | A method of, and system for, replacing external links in electronic documents |
WO2004114614A1 (en) | 2003-06-18 | 2004-12-29 | Brightmail, Inc. | System and method for filtering spam messages utilizing url filtering module |
Family Cites Families (167)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH04127370A (en) | 1990-09-19 | 1992-04-28 | Toshiba Corp | Information collecting system |
US5758152A (en) * | 1990-12-06 | 1998-05-26 | Prime Arithmetics, Inc. | Method and apparatus for the generation and manipulation of data structures |
US5333266A (en) * | 1992-03-27 | 1994-07-26 | International Business Machines Corporation | Method and apparatus for message handling in computer systems |
US5596330A (en) * | 1992-10-15 | 1997-01-21 | Nexus Telecommunication Systems Ltd. | Differential ranging for a frequency-hopped remote position determination system |
US5590403A (en) | 1992-11-12 | 1996-12-31 | Destineer Corporation | Method and system for efficiently providing two way communication between a central network and mobile unit |
US5414833A (en) * | 1993-10-27 | 1995-05-09 | International Business Machines Corporation | Network security system and method using a parallel finite state machine adaptive active monitor and responder |
US5720033A (en) * | 1994-06-30 | 1998-02-17 | Lucent Technologies Inc. | Security platform and method using object oriented rules for computer-based systems using UNIX-line operating systems |
AU3099295A (en) | 1994-08-09 | 1996-03-07 | Shiva Corporation | Apparatus and method for restricting access to a local computer network |
US5619648A (en) * | 1994-11-30 | 1997-04-08 | Lucent Technologies Inc. | Message filtering techniques |
EP1643340B1 (en) | 1995-02-13 | 2013-08-14 | Intertrust Technologies Corp. | Secure transaction management |
AU706649B2 (en) * | 1995-05-08 | 1999-06-17 | Cranberry Properties, Llc | Rules based electronic message management system |
US5802278A (en) | 1995-05-10 | 1998-09-01 | 3Com Corporation | Bridge/router architecture for high performance scalable networking |
US5774668A (en) * | 1995-06-07 | 1998-06-30 | Microsoft Corporation | System for on-line service in which gateway computer uses service map which includes loading condition of servers broadcasted by application servers for load balancing |
US5712979A (en) * | 1995-09-20 | 1998-01-27 | Infonautics Corporation | Method and apparatus for attaching navigational history information to universal resource locator links on a world wide web page |
US6338088B1 (en) * | 1995-11-02 | 2002-01-08 | British Telecommunications Public Limited Company | Service creation apparatus for a communications network |
US5855020A (en) | 1996-02-21 | 1998-12-29 | Infoseek Corporation | Web scan process |
US5742769A (en) * | 1996-05-06 | 1998-04-21 | Banyan Systems, Inc. | Directory with options for access to and display of email addresses |
US5835722A (en) * | 1996-06-27 | 1998-11-10 | Logon Data Corporation | System to control content and prohibit certain interactive attempts by a person using a personal computer |
US5832228A (en) | 1996-07-30 | 1998-11-03 | Itt Industries, Inc. | System and method for providing multi-level security in computer devices utilized with non-secure networks |
US5911043A (en) * | 1996-10-01 | 1999-06-08 | Baker & Botts, L.L.P. | System and method for computer-based rating of information retrieved from a computer network |
US7058822B2 (en) * | 2000-03-30 | 2006-06-06 | Finjan Software, Ltd. | Malicious mobile code runtime monitoring system and methods |
US6167520A (en) * | 1996-11-08 | 2000-12-26 | Finjan Software, Inc. | System and method for protecting a client during runtime from hostile downloadables |
US5801747A (en) | 1996-11-15 | 1998-09-01 | Hyundai Electronics America | Method and apparatus for creating a television viewer profile |
US6065059A (en) * | 1996-12-10 | 2000-05-16 | International Business Machines Corporation | Filtered utilization of internet data transfers to reduce delay and increase user control |
US5896502A (en) * | 1996-12-10 | 1999-04-20 | International Business Machines Corporation | Internet data transfer control via a client system to reduce delay |
US5987611A (en) | 1996-12-31 | 1999-11-16 | Zone Labs, Inc. | System and methodology for managing internet access on a per application basis for client computers connected to the internet |
US6052730A (en) * | 1997-01-10 | 2000-04-18 | The Board Of Trustees Of The Leland Stanford Junior University | Method for monitoring and/or modifying web browsing sessions |
AUPO525497A0 (en) | 1997-02-21 | 1997-03-20 | Mills, Dudley John | Network-based classified information systems |
US6076051A (en) * | 1997-03-07 | 2000-06-13 | Microsoft Corporation | Information retrieval utilizing semantic representation of text |
US5996011A (en) | 1997-03-25 | 1999-11-30 | Unified Research Laboratories, Inc. | System and method for filtering data received by a computer system |
US6539430B1 (en) * | 1997-03-25 | 2003-03-25 | Symantec Corporation | System and method for filtering data received by a computer system |
US5937404A (en) | 1997-04-23 | 1999-08-10 | Appaloosa Interactive Corporation | Apparatus for bleaching a de-activated link in a web page of any distinguishing color or feature representing an active link |
US5899991A (en) * | 1997-05-12 | 1999-05-04 | Teleran Technologies, L.P. | Modeling technique for system access control and management |
US7778877B2 (en) * | 2001-07-09 | 2010-08-17 | Linkshare Corporation | Enhanced network based promotional tracking system |
US6012832A (en) * | 1997-06-24 | 2000-01-11 | Saunders; Michael | Cashless peripheral device for a gaming system |
US5899995A (en) * | 1997-06-30 | 1999-05-04 | Intel Corporation | Method and apparatus for automatically organizing information |
US6356864B1 (en) * | 1997-07-25 | 2002-03-12 | University Technology Corporation | Methods for analysis and evaluation of the semantic content of a writing based on vector length |
US5919257A (en) * | 1997-08-08 | 1999-07-06 | Novell, Inc. | Networked workstation intrusion detection system |
US6266664B1 (en) * | 1997-10-01 | 2001-07-24 | Rulespace, Inc. | Method for scanning, analyzing and rating digital information content |
US6357010B1 (en) * | 1998-02-17 | 2002-03-12 | Secure Computing Corporation | System and method for controlling access to documents stored on an internal network |
US6073135A (en) * | 1998-03-10 | 2000-06-06 | Alta Vista Company | Connectivity server for locating linkage information between Web pages |
US6233618B1 (en) * | 1998-03-31 | 2001-05-15 | Content Advisor, Inc. | Access control of networked data |
US6065055A (en) * | 1998-04-20 | 2000-05-16 | Hughes; Patrick Alan | Inappropriate site management software |
US6185681B1 (en) * | 1998-05-07 | 2001-02-06 | Stephen Zizzi | Method of transparent encryption and decryption for an electronic document management system |
US6742003B2 (en) * | 2001-04-30 | 2004-05-25 | Microsoft Corporation | Apparatus and accompanying methods for visualizing clusters of data and hierarchical cluster classifications |
US6493758B1 (en) | 1998-09-08 | 2002-12-10 | Microsoft Corporation | Offline viewing of internet content with a mobile device |
US6301658B1 (en) | 1998-09-09 | 2001-10-09 | Secure Computing Corporation | Method and system for authenticating digital certificates issued by an authentication hierarchy |
US6460141B1 (en) | 1998-10-28 | 2002-10-01 | Rsa Security Inc. | Security and access management system for web-enabled and non-web-enabled applications and content on a computer network |
US6266774B1 (en) * | 1998-12-08 | 2001-07-24 | Mcafee.Com Corporation | Method and system for securing, managing or optimizing a personal computer |
US6295529B1 (en) | 1998-12-24 | 2001-09-25 | Microsoft Corporation | Method and apparatus for indentifying clauses having predetermined characteristics indicative of usefulness in determining relationships between different texts |
US6418433B1 (en) * | 1999-01-28 | 2002-07-09 | International Business Machines Corporation | System and method for focussed web crawling |
JP3220104B2 (en) | 1999-02-16 | 2001-10-22 | ケイディーディーアイ株式会社 | Automatic information filtering method and apparatus using URL hierarchical structure |
US6904609B1 (en) | 1999-03-18 | 2005-06-07 | Microsoft Corporation | Systems and methods for electronic program guide data services |
AU5301700A (en) * | 1999-05-28 | 2000-12-18 | Coca-Cola Company, The | Method and apparatus for surrogate control of network-based electronic transactions |
TW504619B (en) | 1999-06-04 | 2002-10-01 | Ibm | Internet mail delivery agent with automatic caching of file attachments |
US6493744B1 (en) | 1999-08-16 | 2002-12-10 | International Business Machines Corporation | Automatic rating and filtering of data files for objectionable content |
US6295559B1 (en) | 1999-08-26 | 2001-09-25 | International Business Machines Corporation | Rating hypermedia for objectionable content |
US6675169B1 (en) * | 1999-09-07 | 2004-01-06 | Microsoft Corporation | Method and system for attaching information to words of a trie |
US6954783B1 (en) * | 1999-11-12 | 2005-10-11 | Bmc Software, Inc. | System and method of mediating a web page |
JP4279427B2 (en) | 1999-11-22 | 2009-06-17 | 富士通株式会社 | Communication support method and system |
US6832230B1 (en) | 1999-12-22 | 2004-12-14 | Nokia Corporation | Apparatus and associated method for downloading an application with a variable lifetime to a mobile terminal |
US7185361B1 (en) * | 2000-01-31 | 2007-02-27 | Secure Computing Corporation | System, method and computer program product for authenticating users using a lightweight directory access protocol (LDAP) directory server |
US7565403B2 (en) | 2000-03-16 | 2009-07-21 | Microsoft Corporation | Use of a bulk-email filter within a system for classifying messages for urgency or importance |
US7159237B2 (en) * | 2000-03-16 | 2007-01-02 | Counterpane Internet Security, Inc. | Method and system for dynamic network intrusion monitoring, detection and response |
GB0006721D0 (en) | 2000-03-20 | 2000-05-10 | Mitchell Thomas A | Assessment methods and systems |
US7418440B2 (en) | 2000-04-13 | 2008-08-26 | Ql2 Software, Inc. | Method and system for extraction and organizing selected data from sources on a network |
JP3730480B2 (en) | 2000-05-23 | 2006-01-05 | 株式会社東芝 | Gateway device |
US20040034794A1 (en) * | 2000-05-28 | 2004-02-19 | Yaron Mayer | System and method for comprehensive general generic protection for computers against malicious programs that may steal information and/or cause damages |
US7051200B1 (en) * | 2000-06-27 | 2006-05-23 | Microsoft Corporation | System and method for interfacing a software process to secure repositories |
GB0016835D0 (en) * | 2000-07-07 | 2000-08-30 | Messagelabs Limited | Method of, and system for, processing email |
US7350204B2 (en) * | 2000-07-24 | 2008-03-25 | Microsoft Corporation | Policies for secure software execution |
US6779021B1 (en) * | 2000-07-28 | 2004-08-17 | International Business Machines Corporation | Method and system for predicting and managing undesirable electronic mail |
US6618717B1 (en) * | 2000-07-31 | 2003-09-09 | Eliyon Technologies Corporation | Computer method and apparatus for determining content owner of a website |
US6785732B1 (en) | 2000-09-11 | 2004-08-31 | International Business Machines Corporation | Web server apparatus and method for virus checking |
US6701317B1 (en) | 2000-09-19 | 2004-03-02 | Overture Services, Inc. | Web page connectivity server construction |
US6571249B1 (en) * | 2000-09-27 | 2003-05-27 | Siemens Aktiengesellschaft | Management of query result complexity in hierarchical query result data structure using balanced space cubes |
US6650890B1 (en) | 2000-09-29 | 2003-11-18 | Postini, Inc. | Value-added electronic messaging services and transparent implementation thereof using intermediate server |
JP2002175010A (en) | 2000-09-29 | 2002-06-21 | Shinu Ko | Home page falsification preventing system |
CA2323883C (en) * | 2000-10-19 | 2016-02-16 | Patrick Ryan Morin | Method and device for classifying internet objects and objects stored oncomputer-readable media |
US7209893B2 (en) * | 2000-11-30 | 2007-04-24 | Nokia Corporation | Method of and a system for distributing electronic content |
US20020078045A1 (en) * | 2000-12-14 | 2002-06-20 | Rabindranath Dutta | System, method, and program for ranking search results using user category weighting |
US20030028564A1 (en) * | 2000-12-19 | 2003-02-06 | Lingomotors, Inc. | Natural language method and system for matching and ranking documents in terms of semantic relatedness |
JP4329264B2 (en) * | 2000-12-27 | 2009-09-09 | セイコーエプソン株式会社 | Access authority level control apparatus and method |
US7062649B2 (en) * | 2001-01-12 | 2006-06-13 | Hewlett-Packard Development Company, L.P. | System and method for categorizing security profile rules within a computer system |
WO2002065285A1 (en) | 2001-02-14 | 2002-08-22 | Invicta Networks, Inc. | Systems and methods for creating a code inspection system |
WO2002069108A2 (en) | 2001-02-26 | 2002-09-06 | Eprivacy Group, Inc. | System and method for controlling distribution of network communications |
US7213069B2 (en) * | 2001-02-28 | 2007-05-01 | Microsoft Corporation | Category name service able to override the category name based on requestor privilege information |
US7363657B2 (en) | 2001-03-12 | 2008-04-22 | Emc Corporation | Using a virus checker in one file server to check for viruses in another file server |
US7681032B2 (en) | 2001-03-12 | 2010-03-16 | Portauthority Technologies Inc. | System and method for monitoring unauthorized transport of digital content |
US20030018903A1 (en) * | 2001-03-19 | 2003-01-23 | Greca Damon G. Della | Method of containing spread of computer viruses |
JPWO2002080448A1 (en) | 2001-03-29 | 2004-07-22 | ソニー株式会社 | Information processing equipment |
US7080000B1 (en) | 2001-03-30 | 2006-07-18 | Mcafee, Inc. | Method and system for bi-directional updating of antivirus database |
US7228565B2 (en) | 2001-05-15 | 2007-06-05 | Mcafee, Inc. | Event reporting between a reporting computer and a receiving computer |
US20030182420A1 (en) | 2001-05-21 | 2003-09-25 | Kent Jones | Method, system and apparatus for monitoring and controlling internet site content access |
US7310817B2 (en) | 2001-07-26 | 2007-12-18 | Mcafee, Inc. | Centrally managed malware scanning |
US20060036874A1 (en) * | 2001-08-08 | 2006-02-16 | Igt | Data pattern verification in a gaming machine environment |
US7310821B2 (en) | 2001-08-27 | 2007-12-18 | Dphi Acquisitions, Inc. | Host certification method and system |
US20030061511A1 (en) * | 2001-09-27 | 2003-03-27 | Todd Fischer | Secure communication of information via a communication network |
US7526654B2 (en) * | 2001-10-16 | 2009-04-28 | Marc Charbonneau | Method and system for detecting a secure state of a computer system |
US7680892B2 (en) * | 2001-11-06 | 2010-03-16 | Ihance, Inc. | Method and system for monitoring email and website behavior of an email recipient |
US7243366B2 (en) * | 2001-11-15 | 2007-07-10 | General Instrument Corporation | Key management protocol and authentication system for secure internet protocol rights management architecture |
US7447215B2 (en) | 2001-12-03 | 2008-11-04 | Hatteras Networks | Methods, systems, and computer program products for classifying a packet based on a destination address |
US6947985B2 (en) * | 2001-12-05 | 2005-09-20 | Websense, Inc. | Filtering techniques for managing access to internet sites or other software applications |
US7194464B2 (en) * | 2001-12-07 | 2007-03-20 | Websense, Inc. | System and method for adapting an internet filter |
US7096500B2 (en) * | 2001-12-21 | 2006-08-22 | Mcafee, Inc. | Predictive malware scanning of internet data |
US7140042B2 (en) * | 2002-01-14 | 2006-11-21 | Mcafee, Inc. | System and method for preventing software piracy |
GB2384659B (en) * | 2002-01-25 | 2004-01-14 | F Secure Oyj | Anti-virus protection at a network gateway |
WO2003069364A2 (en) * | 2002-02-14 | 2003-08-21 | Avaya Technology Corp. | Presence tracking and name space interconnection techniques |
US7089246B1 (en) | 2002-02-28 | 2006-08-08 | America Online, Inc. | Overriding content ratings and restricting access to requested resources |
US7136867B1 (en) | 2002-04-08 | 2006-11-14 | Oracle International Corporation | Metadata format for hierarchical data storage on a raw storage device |
US7631318B2 (en) * | 2002-06-28 | 2009-12-08 | Microsoft Corporation | Secure server plug-in architecture for digital rights management systems |
US7373666B2 (en) * | 2002-07-01 | 2008-05-13 | Microsoft Corporation | Distributed threat management |
US7568002B1 (en) * | 2002-07-03 | 2009-07-28 | Sprint Spectrum L.P. | Method and system for embellishing web content during transmission between a content server and a client station |
US7526809B2 (en) * | 2002-08-08 | 2009-04-28 | Trend Micro Incorporated | System and method for computer protection against malicious electronic mails by analyzing, profiling and trapping the same |
FI113499B (en) | 2002-09-12 | 2004-04-30 | Jarmo Talvitie | A protection system, method and device for using computer viruses and isolating information |
JP4038717B2 (en) * | 2002-09-13 | 2008-01-30 | 富士ゼロックス株式会社 | Text sentence comparison device |
US7437760B2 (en) | 2002-10-10 | 2008-10-14 | International Business Machines Corporation | Antiviral network system |
JP4217455B2 (en) * | 2002-10-15 | 2009-02-04 | キヤノン株式会社 | Peripheral device, information processing method, and control program |
US8909926B2 (en) * | 2002-10-21 | 2014-12-09 | Rockwell Automation Technologies, Inc. | System and methodology providing automation security analysis, validation, and learning in an industrial controller environment |
US7376969B1 (en) * | 2002-12-02 | 2008-05-20 | Arcsight, Inc. | Real time monitoring and analysis of events from multiple network security devices |
US20040153305A1 (en) | 2003-02-03 | 2004-08-05 | Enescu Mircea Gabriel | Method and system for automated matching of text based electronic messages |
US20040153644A1 (en) | 2003-02-05 | 2004-08-05 | Mccorkendale Bruce | Preventing execution of potentially malicious software |
US7185015B2 (en) * | 2003-03-14 | 2007-02-27 | Websense, Inc. | System and method of monitoring and controlling application files |
US7529754B2 (en) | 2003-03-14 | 2009-05-05 | Websense, Inc. | System and method of monitoring and controlling application files |
US20060168006A1 (en) | 2003-03-24 | 2006-07-27 | Mr. Marvin Shannon | System and method for the classification of electronic communication |
US7272853B2 (en) | 2003-06-04 | 2007-09-18 | Microsoft Corporation | Origination/destination features and lists for spam prevention |
DE10330282B4 (en) | 2003-07-04 | 2006-06-01 | Siemens Ag | Device and method for user-side processing of electronic messages with file attachments |
US20050015626A1 (en) * | 2003-07-15 | 2005-01-20 | Chasin C. Scott | System and method for identifying and filtering junk e-mail messages or spam based on URL content |
JP4218451B2 (en) * | 2003-08-05 | 2009-02-04 | 株式会社日立製作所 | License management system, server device and terminal device |
US7444515B2 (en) * | 2003-08-14 | 2008-10-28 | Washington University | Method and apparatus for detecting predefined signatures in packet payload using Bloom filters |
US7421498B2 (en) | 2003-08-25 | 2008-09-02 | Microsoft Corporation | Method and system for URL based filtering of electronic communications and web pages |
US20050060140A1 (en) * | 2003-09-15 | 2005-03-17 | Maddox Paul Christopher | Using semantic feature structures for document comparisons |
US7631181B2 (en) * | 2003-09-22 | 2009-12-08 | Canon Kabushiki Kaisha | Communication apparatus and method, and program for applying security policy |
US20050108557A1 (en) * | 2003-10-11 | 2005-05-19 | Kayo David G. | Systems and methods for detecting and preventing unauthorized access to networked devices |
US20050091535A1 (en) * | 2003-10-24 | 2005-04-28 | Microsoft Corporation | Application identity for software products |
US7219299B2 (en) * | 2003-11-19 | 2007-05-15 | Microsoft Corporation | Method for blocking dereferencing elements in messages |
US7082429B2 (en) * | 2003-12-10 | 2006-07-25 | National Chiao Tung University | Method for web content filtering |
US7523314B2 (en) * | 2003-12-22 | 2009-04-21 | Voltage Security, Inc. | Identity-based-encryption message management system |
US8301702B2 (en) | 2004-01-20 | 2012-10-30 | Cloudmark, Inc. | Method and an apparatus to screen electronic communications |
US7725937B1 (en) * | 2004-02-09 | 2010-05-25 | Symantec Corporation | Capturing a security breach |
US20070299915A1 (en) * | 2004-05-02 | 2007-12-27 | Markmonitor, Inc. | Customer-based detection of online fraud |
US7870608B2 (en) * | 2004-05-02 | 2011-01-11 | Markmonitor, Inc. | Early detection and monitoring of online fraud |
US20050273858A1 (en) | 2004-06-07 | 2005-12-08 | Erez Zadok | Stackable file systems and methods thereof |
US7971245B2 (en) | 2004-06-21 | 2011-06-28 | Ebay Inc. | Method and system to detect externally-referenced malicious data for access and/or publication via a computer system |
US7490356B2 (en) * | 2004-07-20 | 2009-02-10 | Reflectent Software, Inc. | End user risk management |
US20060026680A1 (en) * | 2004-07-29 | 2006-02-02 | Zakas Phillip H | System and method of characterizing and managing electronic traffic |
GB2418037B (en) * | 2004-09-09 | 2007-02-28 | Surfcontrol Plc | System, method and apparatus for use in monitoring or controlling internet access |
WO2006036170A1 (en) | 2004-09-15 | 2006-04-06 | Pcsafe, Inc. | Methods and systems for filtering urls, webpages, and content |
GB2418330B (en) | 2004-09-17 | 2006-11-08 | Jeroen Oostendorp | Platform for intelligent Email distribution |
US8037527B2 (en) * | 2004-11-08 | 2011-10-11 | Bt Web Solutions, Llc | Method and apparatus for look-ahead security scanning |
US20060080735A1 (en) * | 2004-09-30 | 2006-04-13 | Usa Revco, Llc | Methods and systems for phishing detection and notification |
US7454778B2 (en) | 2004-09-30 | 2008-11-18 | Microsoft Corporation | Enforcing rights management through edge email servers |
US7716727B2 (en) * | 2004-10-29 | 2010-05-11 | Microsoft Corporation | Network security device and method for protecting a computing device in a networked environment |
US20060095459A1 (en) * | 2004-10-29 | 2006-05-04 | Warren Adelman | Publishing domain name related reputation in whois records |
US8010685B2 (en) * | 2004-11-09 | 2011-08-30 | Cisco Technology, Inc. | Method and apparatus for content classification |
US20060174343A1 (en) | 2004-11-30 | 2006-08-03 | Sensory Networks, Inc. | Apparatus and method for acceleration of security applications through pre-filtering |
US7580982B2 (en) * | 2004-12-14 | 2009-08-25 | The Go Daddy Group, Inc. | Email filtering system and method |
US20060253537A1 (en) * | 2005-05-04 | 2006-11-09 | Ragy Thomas | Method and system for providing automated email optimization |
US20060259948A1 (en) | 2005-05-12 | 2006-11-16 | International Business Machines Corporation | Integrated document handling in distributed collaborative applications |
US7788723B2 (en) | 2005-05-17 | 2010-08-31 | Computer Associates Think, Inc. | Method and apparatus for identifying computer vulnerabilities using exploit probes and remote scanning |
US7937480B2 (en) * | 2005-06-02 | 2011-05-03 | Mcafee, Inc. | Aggregation of reputation data |
US8010609B2 (en) | 2005-06-20 | 2011-08-30 | Symantec Corporation | Method and apparatus for maintaining reputation lists of IP addresses to detect email spam |
US20070011739A1 (en) * | 2005-06-28 | 2007-01-11 | Shay Zamir | Method for increasing the security level of a user machine browsing web pages |
US20070028302A1 (en) * | 2005-07-29 | 2007-02-01 | Bit 9, Inc. | Distributed meta-information query in a network |
US8938515B2 (en) | 2005-12-29 | 2015-01-20 | Sap Se | Master queue for messaging service |
US7668920B2 (en) * | 2006-03-01 | 2010-02-23 | Fortinet, Inc. | Electronic message and data tracking system |
US20080267144A1 (en) | 2007-04-26 | 2008-10-30 | Motorola, Inc. | System and method for managing broadcast and/or multicast based communication sessions for mobile nodes |
-
2005
- 2005-06-22 GB GBGB0512744.4A patent/GB0512744D0/en not_active Ceased
-
2006
- 2006-06-22 WO PCT/EP2006/063474 patent/WO2006136605A1/en active Application Filing
- 2006-06-22 CA CA002609464A patent/CA2609464A1/en not_active Abandoned
- 2006-06-22 AU AU2006260933A patent/AU2006260933B2/en not_active Ceased
- 2006-06-22 US US11/579,171 patent/US8015250B2/en active Active
- 2006-06-22 EP EP06777422A patent/EP1894369A1/en not_active Withdrawn
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020199095A1 (en) | 1997-07-24 | 2002-12-26 | Jean-Christophe Bandini | Method and system for filtering communication |
US6615242B1 (en) | 1998-12-28 | 2003-09-02 | At&T Corp. | Automatic uniform resource locator-based message filter |
WO2004097676A1 (en) | 2003-04-25 | 2004-11-11 | Messagelabs Limited | A method of, and system for, replacing external links in electronic documents |
US20050071748A1 (en) * | 2003-04-25 | 2005-03-31 | Alexander Shipp | Method of, and system for, replacing external links in electronic documents |
WO2004114614A1 (en) | 2003-06-18 | 2004-12-29 | Brightmail, Inc. | System and method for filtering spam messages utilizing url filtering module |
Cited By (39)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9723018B2 (en) | 2006-07-10 | 2017-08-01 | Websense, Llc | System and method of analyzing web content |
US8978140B2 (en) | 2006-07-10 | 2015-03-10 | Websense, Inc. | System and method of analyzing web content |
US9680866B2 (en) | 2006-07-10 | 2017-06-13 | Websense, Llc | System and method for analyzing web content |
US9003524B2 (en) | 2006-07-10 | 2015-04-07 | Websense, Inc. | System and method for analyzing web content |
US9654495B2 (en) | 2006-12-01 | 2017-05-16 | Websense, Llc | System and method of analyzing web addresses |
AU2008204378B2 (en) * | 2007-01-09 | 2012-06-14 | Websense Hosted R&D Limited | A method and system for collecting addresses for remotely accessible information sources |
US8881277B2 (en) | 2007-01-09 | 2014-11-04 | Websense Hosted R&D Limited | Method and systems for collecting addresses for remotely accessible information sources |
WO2008084259A1 (en) | 2007-01-09 | 2008-07-17 | Websense Hosted R&D Limited | A method and system for collecting addresses for remotely accessible information sources |
US8938773B2 (en) | 2007-02-02 | 2015-01-20 | Websense, Inc. | System and method for adding context to prevent data leakage over a computer network |
US9609001B2 (en) | 2007-02-02 | 2017-03-28 | Websense, Llc | System and method for adding context to prevent data leakage over a computer network |
US9473439B2 (en) | 2007-05-18 | 2016-10-18 | Forcepoint Uk Limited | Method and apparatus for electronic mail filtering |
US9015842B2 (en) | 2008-03-19 | 2015-04-21 | Websense, Inc. | Method and system for protection against information stealing software |
US9495539B2 (en) | 2008-03-19 | 2016-11-15 | Websense, Llc | Method and system for protection against information stealing software |
US9130986B2 (en) | 2008-03-19 | 2015-09-08 | Websense, Inc. | Method and system for protection against information stealing software |
US9455981B2 (en) | 2008-03-19 | 2016-09-27 | Forcepoint, LLC | Method and system for protection against information stealing software |
US8959634B2 (en) | 2008-03-19 | 2015-02-17 | Websense, Inc. | Method and system for protection against information stealing software |
US9378282B2 (en) | 2008-06-30 | 2016-06-28 | Raytheon Company | System and method for dynamic and real-time categorization of webpages |
US9130972B2 (en) | 2009-05-26 | 2015-09-08 | Websense, Inc. | Systems and methods for efficient detection of fingerprinted data and information |
US10164988B2 (en) | 2011-05-27 | 2018-12-25 | Alibaba Group Holding Limited | External link processing |
WO2012166440A3 (en) * | 2011-05-27 | 2013-10-17 | Alibaba Group Holding Limited | External link processing |
US8695093B2 (en) | 2011-05-27 | 2014-04-08 | Alibaba Group Holding Limited | External link processing |
US9426119B2 (en) | 2011-05-27 | 2016-08-23 | Alibaba Group Holding Limited | External link processing |
CN102801574A (en) * | 2011-05-27 | 2012-11-28 | 阿里巴巴集团控股有限公司 | Method, device and system for detecting webpage link |
US10326791B2 (en) | 2012-06-07 | 2019-06-18 | Proofpoint, Inc. | Malicious message detection and processing |
US11019094B2 (en) | 2012-06-07 | 2021-05-25 | Proofpoint, Inc. | Methods and systems for malicious message detection and processing |
US9686297B2 (en) | 2012-06-07 | 2017-06-20 | Proofpoint, Inc. | Malicious message detection and processing |
EP2859495A4 (en) * | 2012-06-07 | 2016-01-20 | Proofpoint Inc | Malicious message detection and processing |
US10530806B2 (en) | 2012-06-07 | 2020-01-07 | Proofpoint, Inc. | Methods and systems for malicious message detection and processing |
US10135783B2 (en) | 2012-11-30 | 2018-11-20 | Forcepoint Llc | Method and apparatus for maintaining network communication during email data transfer |
US9241259B2 (en) | 2012-11-30 | 2016-01-19 | Websense, Inc. | Method and apparatus for managing the transfer of sensitive information to mobile devices |
US10044715B2 (en) | 2012-12-21 | 2018-08-07 | Forcepoint Llc | Method and apparatus for presence based resource management |
US9117054B2 (en) | 2012-12-21 | 2015-08-25 | Websense, Inc. | Method and aparatus for presence based resource management |
US9596264B2 (en) | 2014-02-18 | 2017-03-14 | Proofpoint, Inc. | Targeted attack protection using predictive sandboxing |
US10009362B2 (en) | 2014-02-18 | 2018-06-26 | Proofpoint, Inc. | Systems and methods for targeted attack protection using predictive sandboxing |
US10419464B2 (en) | 2014-02-18 | 2019-09-17 | Proofpoint, Inc. | Systems and methods for targeted attack protection using predictive sandboxing |
US9762609B2 (en) | 2014-02-18 | 2017-09-12 | Proofpoint, Inc. | Targeted attack protection using predictive sandboxing |
US10911467B2 (en) | 2014-02-18 | 2021-02-02 | Proofpoint, Inc. | Targeted attack protection from malicious links in messages using predictive sandboxing |
US11811793B2 (en) | 2014-02-18 | 2023-11-07 | Proofpoint, Inc. | Targeted attack protection from malicious links in messages using predictive sandboxing |
EP2924923A1 (en) * | 2014-03-24 | 2015-09-30 | Alcatel Lucent | Protection against suspect messages |
Also Published As
Publication number | Publication date |
---|---|
US8015250B2 (en) | 2011-09-06 |
EP1894369A1 (en) | 2008-03-05 |
CA2609464A1 (en) | 2006-12-28 |
GB0512744D0 (en) | 2005-07-27 |
US20080256187A1 (en) | 2008-10-16 |
AU2006260933A1 (en) | 2006-12-28 |
AU2006260933B2 (en) | 2011-06-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8015250B2 (en) | Method and system for filtering electronic messages | |
US11689559B2 (en) | Anti-phishing | |
US8881277B2 (en) | Method and systems for collecting addresses for remotely accessible information sources | |
US8145710B2 (en) | System and method for filtering spam messages utilizing URL filtering module | |
CA2840992C (en) | Syntactical fingerprinting | |
US8776224B2 (en) | Method and apparatus for identifying phishing websites in network traffic using generated regular expressions | |
US7640215B2 (en) | System and method for evaluating and enhancing source anonymity for encrypted web traffic | |
US11349795B2 (en) | Messaging system with dynamic content delivery | |
US20090300012A1 (en) | Multilevel intent analysis method for email filtration | |
JP7381341B2 (en) | Optimal scanning parameter calculation method, device, and system for malicious URL detection | |
US11503072B2 (en) | Identifying, reporting and mitigating unauthorized use of web code | |
JP4445243B2 (en) | Spam blocking method | |
Brozycki | 9, Author retains full rights. |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WWE | Wipo information: entry into national phase |
Ref document number: 11579171 Country of ref document: US |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWE | Wipo information: entry into national phase |
Ref document number: 2609464 Country of ref document: CA |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2006777422 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2006260933 Country of ref document: AU |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
WWW | Wipo information: withdrawn in national office |
Country of ref document: DE |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2006260933 Country of ref document: AU |
|
WWP | Wipo information: published in national office |
Ref document number: 2006260933 Country of ref document: AU |
|
WWP | Wipo information: published in national office |
Ref document number: 2006777422 Country of ref document: EP |