-
公开(公告)号:US20050283837A1
公开(公告)日:2005-12-22
申请号:US11006209
申请日:2004-12-06
申请人: Michael Olivier , Craig Sprosts , Scot Kennedy , Daniel Quinlan , Larry Rosenstein , Craig Taylor
发明人: Michael Olivier , Craig Sprosts , Scot Kennedy , Daniel Quinlan , Larry Rosenstein , Craig Taylor
CPC分类号: H04L63/145 , G06F21/56
摘要: Early detection of computer viruses is provided by collecting information about suspicious messages and generating virus outbreak information. In one embodiment, a method comprises receiving the virus outbreak information that has been determined by receiving message information for messages that have characteristics associated with computer viruses, wherein the messages were determined by a virus-check component as not comprising a virus, and mapping the message information received in a specified time period to the virus outbreak information; and when the virus outbreak information indicates initiation of a virus attack, performing a message flow control action for additional messages that have the same characteristics associated with computer viruses as the first messages. As a result, a messaging gateway can suspend delivery of messages early in a virus outbreak, providing sufficient time for updating an anti-virus checker that can strip virus code from the messages.
摘要翻译: 通过收集有关可疑消息的信息并生成病毒爆发信息来提供计算机病毒的早期检测。 在一个实施例中,一种方法包括接收已经通过接收具有与计算机病毒相关联的特征的消息的消息信息确定的病毒爆发信息,其中消息由病毒检查组件确定为不包括病毒,并映射 在指定时间内收到的病毒信息信息; 并且当病毒爆发信息指示启动病毒攻击时,对具有与计算机病毒相关联的与第一消息相关联的特征的附加消息执行消息流控制动作。 因此,消息传递网关可以在病毒爆发的早期暂停发送消息,提供足够的时间来更新可以从消息中剥离病毒代码的反病毒检查器。
-
公开(公告)号:US07748038B2
公开(公告)日:2010-06-29
申请号:US11006209
申请日:2004-12-06
申请人: Michael Olivier , Craig Sprosts , Scot Kennedy , Daniel Quinlan , Larry Rosenstein , Craig Taylor
发明人: Michael Olivier , Craig Sprosts , Scot Kennedy , Daniel Quinlan , Larry Rosenstein , Craig Taylor
CPC分类号: H04L63/145 , G06F21/56
摘要: Early detection of computer viruses is provided by collecting information about suspicious messages and generating virus outbreak information. In one embodiment, a method comprises receiving the virus outbreak information that has been determined by receiving message information for messages that have characteristics associated with computer viruses, wherein the messages were determined by a virus-check component as not comprising a virus, and mapping the message information received in a specified time period to the virus outbreak information; and when the virus outbreak information indicates initiation of a virus attack, performing a message flow control action for additional messages that have the same characteristics associated with computer viruses as the first messages. As a result, a messaging gateway can suspend delivery of messages early in a virus outbreak, providing sufficient time for updating an anti-virus checker that can strip virus code from the messages.
摘要翻译: 通过收集有关可疑消息的信息并生成病毒爆发信息来提供计算机病毒的早期检测。 在一个实施例中,一种方法包括接收已经通过接收具有与计算机病毒相关联的特征的消息的消息信息来确定的病毒爆发信息,其中消息由病毒检查组件确定为不包括病毒,并映射 在指定时间内收到的病毒信息信息; 并且当病毒爆发信息指示启动病毒攻击时,对具有与计算机病毒相关联的与第一消息相关联的特征的附加消息执行消息流控制动作。 因此,消息传递网关可以在病毒爆发的早期暂停发送消息,提供足够的时间来更新可以从消息中剥离病毒代码的反病毒检查器。
-
公开(公告)号:US07712136B2
公开(公告)日:2010-05-04
申请号:US11636150
申请日:2006-12-07
IPC分类号: G06F11/00
CPC分类号: H04L51/12 , G06Q10/107 , H04L29/12066 , H04L51/34 , H04L61/1511 , H04L63/123 , H04L63/126 , H04L63/145
摘要: Controlling a message quarantine is disclosed. A message scanning method is described in which early exit from parsing and scanning can occur by matching threat rules only to selected message elements and stopping rule matching as soon as a match on one message element exceeds a threat threshold.
摘要翻译: 披露了控制信息隔离。 描述了一种消息扫描方法,其中通过将威胁规则仅匹配于所选择的消息元素并且一旦一个消息元素上的匹配超过威胁阈值就停止规则匹配,就可以早期退出解析和扫描。
-
公开(公告)号:US20070079379A1
公开(公告)日:2007-04-05
申请号:US11418812
申请日:2006-05-05
IPC分类号: G06F12/14
CPC分类号: H04L51/12 , G06Q10/107 , H04L29/12066 , H04L51/34 , H04L61/1511 , H04L63/123 , H04L63/126 , H04L63/145
摘要: Early detection of computer viruses and other message-borne threats is provided by applying heuristic tests to message content and examining sender reputation information when no virus signature information is available. As a result, a messaging gateway can suspend delivery of messages early in a virus outbreak, providing sufficient time for updating an anti-virus checker that can strip virus code from the messages. A dynamic and flexible threat quarantine queue is provided with a variety of exit criteria and exit actions that permits early release of messages in other than first in, first-out order. A message scanning method is described in which early exit from parsing and scanning can occur by matching threat rules only to selected message elements and stopping rule matching as soon as a match on one message element exceeds a threat threshold.
摘要翻译: 通过将启发式测试应用于消息内容,并在没有病毒签名信息可用的情况下检查发件人信誉信息,可以及早发现计算机病毒和其他消息传播的威胁。 因此,消息传递网关可以在病毒爆发的早期暂停发送消息,提供足够的时间来更新可以从消息中剥离病毒代码的反病毒检查器。 提供了一个动态和灵活的威胁隔离队列,其具有各种退出标准和退出操作,允许早期释放消息,而不是先入先出。 描述了一种消息扫描方法,其中通过将威胁规则仅匹配于所选择的消息元素并且一旦一个消息元素上的匹配超过威胁阈值就停止规则匹配,就可以早期退出解析和扫描。
-
公开(公告)号:US20070220607A1
公开(公告)日:2007-09-20
申请号:US11635921
申请日:2006-12-07
IPC分类号: G06F12/14
CPC分类号: H04L51/12 , G06Q10/107 , H04L29/12066 , H04L51/34 , H04L61/1511 , H04L63/123 , H04L63/126 , H04L63/145
摘要: Determining whether to quarantine a message is disclosed. A dynamic and flexible threat quarantine queue is provided with a variety of exit criteria and exit actions that permits early release of messages in other than first in, first-out order.
摘要翻译: 确定是否隔离信息被披露。 提供了一个动态和灵活的威胁隔离队列,其具有各种退出标准和退出操作,允许早期释放消息,而不是先入先出。
-
公开(公告)号:US20070083929A1
公开(公告)日:2007-04-12
申请号:US11636150
申请日:2006-12-07
IPC分类号: G06F15/16 , G06F12/14 , G06F11/00 , H04L9/32 , G06F17/00 , G06F11/30 , G06F9/00 , G06F12/16 , G06F15/18 , G08B23/00
CPC分类号: H04L51/12 , G06Q10/107 , H04L29/12066 , H04L51/34 , H04L61/1511 , H04L63/123 , H04L63/126 , H04L63/145
摘要: Controlling a message quarantine is disclosed. A message scanning method is described in which early exit from parsing and scanning can occur by matching threat rules only to selected message elements and stopping rule matching as soon as a match on one message element exceeds a threat threshold.
摘要翻译: 披露了控制信息隔离。 描述了一种消息扫描方法,其中通过将威胁规则仅匹配于所选择的消息元素并且一旦一个消息元素上的匹配超过威胁阈值就停止规则匹配,就可以早期退出解析和扫描。
-
公开(公告)号:US07854007B2
公开(公告)日:2010-12-14
申请号:US11418812
申请日:2006-05-05
CPC分类号: H04L51/12 , G06Q10/107 , H04L29/12066 , H04L51/34 , H04L61/1511 , H04L63/123 , H04L63/126 , H04L63/145
摘要: Early detection of computer viruses and other message-borne threats is provided by applying heuristic tests to message content and examining sender reputation information when no virus signature information is available. As a result, a messaging gateway can suspend delivery of messages early in a virus outbreak, providing sufficient time for updating an anti-virus checker that can strip virus code from the messages. A dynamic and flexible threat quarantine queue is provided with a variety of exit criteria and exit actions that permits early release of messages in other than first in, first-out order. A message scanning method is described in which early exit from parsing and scanning can occur by matching threat rules only to selected message elements and stopping rule matching as soon as a match on one message element exceeds a threat threshold.
摘要翻译: 通过将启发式测试应用于消息内容,并在没有病毒签名信息可用的情况下检查发件人信誉信息,可以及早发现计算机病毒和其他消息传播的威胁。 因此,消息传递网关可以在病毒爆发的早期暂停发送消息,提供足够的时间来更新可以从消息中剥离病毒代码的反病毒检查器。 提供了一个动态和灵活的威胁隔离队列,其具有各种退出标准和退出操作,允许早期释放消息,而不是先入先出。 描述了一种消息扫描方法,其中通过将威胁规则仅匹配于所选择的消息元素并且一旦一个消息元素上的匹配超过威胁阈值就停止规则匹配,就可以早期退出解析和扫描。
-
8.发明申请Managing connections and messages at a server by associating different actions for both different senders and different recipients 有权通过为不同的发件人和不同的收件人关联不同的操作来管理服务器上的连接和消息公开(公告)号:US20060010215A1
公开(公告)日:2006-01-12
申请号:US11140314
申请日:2005-05-27
申请人: Paul Clegg , Eric Huss , Craig Sprosts , Shun Chen , Robert Brahms , Daniel Quinlan
发明人: Paul Clegg , Eric Huss , Craig Sprosts , Shun Chen , Robert Brahms , Daniel Quinlan
IPC分类号: G06F15/16
CPC分类号: H04L51/12 , G06Q10/107
摘要: A method and apparatus for managing connections and messages at a server by associating different actions for both different senders and different recipients is disclosed. The server manages connections from different senders by receiving incoming connections from the different senders and determining sender identifiers for the incoming connections. The server inspects a mapping of sender identifiers to actions to identify which action should be applied to each incoming connection. The server applies the actions, such as accepting the connection, rejecting the connection, relaying the connection, or refusing the connection. Also, the server manages electronic messages for different recipients by determining recipient identifiers for the electronic messages. The server inspects a mapping of recipient identifiers to actions to identify which action should be applied for the recipients of the email messages. The server applies the actions, such as accepting or rejecting the email message for delivery to a recipient.
摘要翻译: 公开了一种用于通过将不同的发送者和不同的接收者的不同动作相关联来在服务器处管理连接和消息的方法和装置。 服务器通过接收来自不同发件人的传入连接并确定传入连接的发送者标识符来管理不同发件人的连接。 服务器检查发送方标识符到动作的映射,以确定应将哪个操作应用于每个传入连接。 服务器应用操作,例如接受连接,拒绝连接,中继连接或拒绝连接。 此外,服务器通过确定电子消息的接收者标识符来管理不同接收者的电子消息。 服务器检查收件人标识符到操作的映射,以确定应该为电子邮件的收件人应用哪个操作。 服务器应用操作,例如接受或拒绝发送给收件人的电子邮件。
-
公开(公告)号:US07756930B2
公开(公告)日:2010-07-13
申请号:US10857641
申请日:2004-05-28
申请人: Robert Brahms , Daniel Quinlan , Craig Sprosts
发明人: Robert Brahms , Daniel Quinlan , Craig Sprosts
IPC分类号: G06F15/16
CPC分类号: H04L67/306 , H04L51/12
摘要: Techniques are provided for determining a reputation of a message sender by obtaining two or more lists from two or more list providers; determining which lists of the two or more lists indicate the message sender; and determining a reputation score for the message sender based on which lists of the two or more lists indicate the message sender. Techniques are also provided for indicating that a message is unsolicited based on a reputation score.
摘要翻译: 提供了通过从两个或多个列表提供者获得两个或多个列表来确定消息发送者的信誉的技术; 确定两个或多个列表的哪些列表指示消息发送者; 以及基于所述两个或多个列表的哪些列表指示所述消息发送者来确定所述消息发送者的信誉评分。 还提供了用于指示消息是基于信誉分数来主动提供的技术。
-
10.发明授权Managing connections and messages at a server by associating different actions for both different senders and different recipients 有权通过为不同的发件人和不同的收件人关联不同的操作来管理服务器上的连接和消息公开(公告)号:US07873695B2
公开(公告)日:2011-01-18
申请号:US11140314
申请日:2005-05-27
申请人: Paul J. Clegg , Eric C. Huss , Craig Sprosts , Shun Chen , Robert Brahms , Daniel Quinlan
发明人: Paul J. Clegg , Eric C. Huss , Craig Sprosts , Shun Chen , Robert Brahms , Daniel Quinlan
IPC分类号: G06F15/16
CPC分类号: H04L51/12 , G06Q10/107
摘要: A method and apparatus for managing connections and messages at a server by associating different actions for both different senders and different recipients is disclosed. The server manages connections from different senders by receiving incoming connections from the different senders and determining sender identifiers for the incoming connections. The server inspects a mapping of sender identifiers to actions to identify which action should be applied to each incoming connection. The server applies the actions, such as accepting the connection, rejecting the connection, relaying the connection, or refusing the connection. Also, the server manages electronic messages for different recipients by determining recipient identifiers for the electronic messages. The server inspects a mapping of recipient identifiers to actions to identify which action should be applied for the recipients of the email messages. The server applies the actions, such as accepting or rejecting the email message for delivery to a recipient.
摘要翻译: 公开了一种用于通过将不同的发送者和不同的接收者的不同动作相关联来在服务器处管理连接和消息的方法和装置。 服务器通过接收来自不同发件人的传入连接并确定传入连接的发送者标识符来管理不同发件人的连接。 服务器检查发送方标识符到动作的映射,以确定应将哪个操作应用于每个传入连接。 服务器应用操作,例如接受连接,拒绝连接,中继连接或拒绝连接。 此外,服务器通过确定电子消息的接收者标识符来管理不同接收者的电子消息。 服务器检查收件人标识符到操作的映射,以确定应该为电子邮件的收件人应用哪个操作。 服务器应用操作,例如接受或拒绝发送给收件人的电子邮件。
-
-
-
-
-
-
-
-
-
搜索结果
15 条记录 (耗时 0.05 秒)
