Identifying unwanted electronic messages
First Claim
1. A method of identifying unwanted messages, the method comprising:
- inspecting a payload portion of a message being communicated and identifying characteristics of the payload portion;
comparing the characteristics of the inspected payload portion of the message with stored data indicating characteristics of at least one other message that has been inspected; and
identifying a security condition based on the comparison.
10 Assignments
0 Petitions
Accused Products
Abstract
An unwanted message may be identified by inspecting the payload portion of a message being communicated, comparing the characteristics of the payload portion with stored data indicating characteristics of other messages, and identifying a security condition based on a comparison of the message inspected. The characteristics inspected may include the payload portion of a message or the whole message when the characteristics are being compared against messages being exchanged on more than one local exchanging system. Furthermore, the characteristics of messages may be tracked for comparison against the characteristics of future messages. A threshold number of those characteristics may subsequently implicate a hostile security condition, even if a current comparison of these characteristics does not reach the threshold necessary to implicate a hostile security condition.
-
Citations
29 Claims
-
1. A method of identifying unwanted messages, the method comprising:
-
inspecting a payload portion of a message being communicated and identifying characteristics of the payload portion;
comparing the characteristics of the inspected payload portion of the message with stored data indicating characteristics of at least one other message that has been inspected; and
identifying a security condition based on the comparison. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29)
-
-
16. A method of identifying unwanted messages, the method comprising:
-
inspecting a message being communicated to a first device in a message exchanging system that includes two or more devices and identifying characteristics of the message;
comparing the characteristics of the message with stored data indicating characteristics of at least one other message communicated to a second device in the message exchanging system; and
identifying a security condition based on the comparison of the message inspected and the stored data.
-
Specification