Patent application number | Description | Published |
20090119740 | ADJUSTING FILTER OR CLASSIFICATION CONTROL SETTINGS - Methods and systems for adjusting control settings associated with filtering or classifying communications to a computer or a network. The adjustment of the control settings can include adjustment of policy and/or security settings associated with the computer or network. Ranges associated with the control settings can also be provided in some implementations. | 05-07-2009 |
20090122699 | PRIORITIZING NETWORK TRAFFIC - Methods and systems for operation upon one or more data processors for prioritizing transmission among a plurality of data streams based upon a classification associated with the data packets associated with each of the plurality of data streams, respectively. Systems and methods can operate to allocate bandwidth to priority data streams first and recursively allocate remaining bandwidth to lesser priority data streams based upon the priority associated with those respective lesser priority data streams. | 05-14-2009 |
20090125980 | NETWORK RATING - Methods and systems for operation upon one or more data processors for assigning a reputation to a messaging entity by analyzing the attributes of the entity, correlating the attributes with known attributes to define relationships between entities sharing attributes, and attributing a portion of the reputation of one related entity to the reputation of the other related entity. | 05-14-2009 |
20090254663 | Prioritizing Network Traffic - Methods and systems for operation upon one or more data processors for prioritizing transmission of communications associated with an entity based upon reputation information associated with the entity. | 10-08-2009 |
20100306846 | REPUTATION BASED LOAD BALANCING - Methods and systems for operation upon one or more data processors for efficiently processing communications based upon reputation of an entity associated with the communication. | 12-02-2010 |
20110162070 | MALWARE DETECTION VIA REPUTATION SYSTEM - A computer network device receives a digital file and extracts a plurality of high level features from the file. The plurality of high level features are evaluated using a classifier to determine whether the file is benign or malicious. The file is forwarded to a requesting computer if the file is determined to be benign, and blocked if the file is determined to be malicious. | 06-30-2011 |
20110191423 | REPUTATION MANAGEMENT FOR NETWORK CONTENT CLASSIFICATION - A system derives a reputation for a plurality of network addresses, the reputation of each network address determined by analyzing a plurality of high-level email features related to one or more emails originating from the network address. The plurality of high-level email features include domain registration analysis, hashed term frequency indexing, persistent communication, address age, correlation analysis, zombie detection, and hash vault matching. | 08-04-2011 |
20110296519 | REPUTATION BASED CONNECTION CONTROL - Methods and systems for operation upon one or more data processors for reputation based firewall processing of communications. The reputation based firewall processing includes receiving a communication identifying an entity, retrieving the reputation of the entity identified by the communication, and handling the communication based upon the retrieved reputation. | 12-01-2011 |
20120011252 | PRIORITIZING NETWORK TRAFFIC - Methods and systems for operation upon one or more data processors for prioritizing transmission among a plurality of data streams based upon a classification associated with the data packets associated with each of the plurality of data streams, respectively. Systems and methods can operate to allocate bandwidth to priority data streams first and recursively allocate remaining bandwidth to lesser priority data streams based upon the priority associated with those respective lesser priority data streams. | 01-12-2012 |
20120047259 | WEB HOSTED SECURITY SYSTEM COMMUNICATION - A distributed proxy server system is operable to receive a request for Internet data from a user, obtain the user's identity, store at least one cookie on the user's web browser identifying the user, and filter undesired content before forwarding requested Internet data to the user. A master cookie is associated with the proxy server including user identity information, and an injected domain cookie is associated with the domain of the requested Internet data including user identity information. | 02-23-2012 |
20120084441 | PRIORITIZING NETWORK TRAFFIC - Methods, systems and apparatus, including computer programs encoded on a computer storage medium, for receiving, at a global server system, from each of a plurality of local network devices, network data specifying network communication activity at the local network device, wherein the plurality of local network devices collectively provide backbone communications facilities for multiple networks; aggregating, at the global server system, the network data from each of the local network devices; analyzing, at the global server system, the aggregated network data to identify network activities; generating, at the global server system, update data based on the analysis of the aggregated network data, the update data including instructions for the local network devices for processing network communications to or from the local network devices; and transmitting from the global server system the update data to the local network devices. | 04-05-2012 |
20120174219 | IDENTIFYING MOBILE DEVICE REPUTATIONS - Methods and systems for operation upon one or more data processors for assigning a reputation to a messaging entity by analyzing the attributes of the entity, correlating the attributes with known attributes to define relationships between entities sharing attributes, and attributing a portion of the reputation of one related entity to the reputation of the other related entity. | 07-05-2012 |
20120239751 | MULTI-DIMENSIONAL REPUTATION SCORING - Methods and systems for assigning reputation to communications entities include collecting communications data from distributed agents, aggregating the communications data, analyzing the communications data and identifying relationships between communications entities based upon the communications data. | 09-20-2012 |
20120240228 | MULTI-DIMENSIONAL REPUTATION SCORING - Methods and systems for assigning reputation to communications entities include collecting communications data from distributed agents, aggregating the communications data, analyzing the communications data and identifying relationships between communications entities based upon the communications data. | 09-20-2012 |
20120271890 | Systems And Methods For Classification Of Messaging Entities - Methods and systems for operation upon one or more data processors for assigning a reputation to a messaging entity. A method can include receiving data that identifies one or more characteristics related to a messaging entity's communication. A reputation score is determined based upon the received identification data. The determined reputation score is indicative of reputation of the messaging entity. The determined reputation score is used in deciding what action is to be taken with respect to a communication associated with the messaging entity. | 10-25-2012 |
20120331556 | SYSTEM AND METHOD FOR PROTOCOL FINGERPRINTING AND REPUTATION CORRELATION - A method is provided in one example embodiment that includes generating a fingerprint based on properties extracted from data packets received over a network connection and requesting a reputation value based on the fingerprint. A policy action may be taken on the network connection if the reputation value received indicates the fingerprint is associated with malicious activity. The method may additionally include displaying information about protocols based on protocol fingerprints, and more particularly, based on fingerprints of unrecognized protocols. In yet other embodiments, the reputation value may also be based on network addresses associated with the network connection. | 12-27-2012 |
20130031111 | SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT FOR SEGMENTING A DATABASE BASED, AT LEAST IN PART, ON A PREVALENCE ASSOCIATED WITH KNOWN OBJECTS INCLUDED IN THE DATABASE - A system, method, and computer program product are provided for segmenting a database based, at least in part, on a prevalence associated with known objects included in the database. In operation, a database including a plurality of known objects is identified. Additionally, the database is segmented into a plurality of segments. Furthermore, each of the plurality of known objects are assigned to one of the plurality of segments, based at least in part on a prevalence associated with each of the plurality of known objects. | 01-31-2013 |
20130247192 | SYSTEM AND METHOD FOR BOTNET DETECTION BY COMPREHENSIVE EMAIL BEHAVIORAL ANALYSIS - A method is provided in one example embodiment that includes receiving message sender traits associated with email senders, and receiving a dataset of known malware identifiers and network addresses from a spamtrap. The message sender traits may include behavior features and/or content resemblance factors in various embodiments. The method further includes classifying the email senders as malicious or benign based on the behavior features, and further classifying the malicious senders by malware identifiers based on similarity of content resemblance factors and the dataset of known malware identifiers and network addresses. In certain specific embodiments, a supervised classifier, such as a support vector machine, may be used to classify the malicious senders by malware identifiers. | 09-19-2013 |
20130247201 | SYSTEM AND METHOD FOR MALWARE AND NETWORK REPUTATION CORRELATION - A method is provided in one example embodiment and includes receiving a reputation value based on a hash of a file making a network connection and on a network address of a remote end of the network connection. The network connection may be blocked if the reputation value indicates the hash or the network address is associated with malicious activity. In more specific embodiments, the method may also include sending a query to a threat analysis host to request the reputation value. Additionally or alternatively the reputation value may be based on query patterns in particular embodiments. In yet more specific embodiments, the network connection may be an inbound connection and/or an outbound connection, and the reputation value may be based on a file reputation associated with the hash and a connection reputation associated with the network address of the remote end of the network connection. | 09-19-2013 |
20140366144 | MULTI-DIMENSIONAL REPUTATION SCORING - Methods and systems for assigning reputation to communications entities include collecting communications data from distributed agents, aggregating the communications data, analyzing the communications data and identifying relationships between communications entities based upon the communications data. | 12-11-2014 |
20150040218 | DETECTING IMAGE SPAM - Methods and systems for operation upon one or more data processors for detecting image spam by detecting an image and analyzing the content of the image to determine whether the incoming communication comprises an unwanted communication. | 02-05-2015 |