Evaluating a questionable network communication

US 20070156900A1
Filed: 02/28/2007
Published: 07/05/2007
Est. Priority Date: 09/06/2005
Status: Active Grant

First Claim

Patent Images

1. A method for controlling communication, comprising:

receiving a network address from a network resource, wherein the network address comprises an internet protocol (IP) address and a port number;

determining whether the network address is included in a predefined list of trusted network addresses; and

setting an indicator that a communication operation is allowed with the network resource, if the network address is included in the predefined list.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Identifying a questionable network address from a network communication. In an embodiment, a network device receives an incoming or outgoing connection request, a web page, an email, or other network communication. An evaluation module evaluates the network communication for a corresponding network address, which may be for the source or destination of the network communication. The network address generally includes an IP address and a port number. The evaluation module checks a predefined white list for the network address to determine whether the network address is valid. Depending on the result, the evaluation module sets an indicator for preventing, allowing, or warning about the network communication. A category code, security code, organization code, or function code, may also be checked against the white list to ensure a valid network node is not compromised. A domain name may also be determined from the network address to further validate the network communication.

Citations

20 Claims

1. A method for controlling communication, comprising:
- receiving a network address from a network resource, wherein the network address comprises an internet protocol (IP) address and a port number;
  
  determining whether the network address is included in a predefined list of trusted network addresses; and
  
  setting an indicator that a communication operation is allowed with the network resource, if the network address is included in the predefined list.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, wherein the network resource comprises a network node of one of the following;
    - a network node that has requested a connection, a network node to which a connection request is to be sent, a website, a message sender, and a message destination.
  - 3. The method of claim 1, further comprising receiving at lease one of the following:
    - a category code indicating a type of information;
      
      a security rating indicating a level of user interaction needed to allow the communication operation;
      
      a sub-organization code indicating a subset of an organization, wherein the subset is associated with the network address; and
      
      a function code indicating a purpose for a communication.
  - 4. The method of claim 1, wherein the network address is provided in one of the following:
    - a connection request, a web page, a message, and a message header.
  - 5. The method of claim 1, further comprising accessing the network resource to obtain the network address, wherein accessing the network resource comprises:
    - receiving a domain name;
      
      accessing a domain name service that associates the domain name with the network address;
      
      requesting access to the network resource with the network address.
  - 6. The method of claim 1, wherein the list comprises trusted network addresses of network nodes, wherein each node is associated with one of the following;
    - a commercial institution, a website, an anti-virus source, a network service provider, and an internet service provider.
  - 7. The method of claim 1, further comprising:
    - receiving a questionable domain name;
      
      determining an assigned domain name that is assigned to the network address; and
      
      setting the indicator to indicate one of the following;
      
      that the communication operation is not allowed;
      
      that a warning is to be provided prior to allowing the communication operation; and
      
      that instruction is needed from a user to determine whether the communication operation is allowed.
  - 8. The method of claim 1, further comprising determining an owner of the network resource, by:
    - querying a database with the network address, wherein the database stores an association between the network address and the owner; and
      
      receiving an identifier of the owner.
  - 9. The method of claim 8, wherein the database comprises one of the following:
    - an international assignment registry, a regional registry, a local registry, and the list.
  - 10. The method of claim 1, further comprising:
    - receiving a function code;
      
      determining the communication operation based on the function code; and
      
      providing to a user an indication of the communication operation.
  - 11. The method of claim 1, further comprising:
    - receiving an intermediary network address of an intermediary network node that relays the network address;
      
      determining whether the intermediary network address is included in the predefined list of trusted network addresses; and
      
      setting the indicator that the communication operation is not allowed with the network resource, if the intermediary network address is not included in the predefined list.
  - 12. A computer readable medium, comprising executable instructions for causing a computing device to perform the actions of claim 1.

13. A system for controlling communication, comprising:
- a communication interface in communication with a network resource;
  
  a memory for storing instructions; and
  
  a processor in communication with the communication interface and with the memory, wherein the processor performs actions based at least in part on the stored instructions, including;
  
  receiving a network address from a network resource, wherein the network address comprises an internet protocol (IP) address and a port number;
  
  determining whether the network address is included in a predefined list of trusted network addresses; and
  
  setting an indicator that a communication operation is allowed with the network resource, if the network address is included in the predefined list.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- - 14. The system of claim 13, wherein the resource identifier comprises one of the following:
    - a uniform resource locator and a domain name, and wherein the resource identifier is received through the communication interface in one of the following;
      
      a web page and a message.
  - 15. The system of claim 13, wherein the processor further performs the action of receiving at lease one of the following:
    - a category code indicating a type of information;
      
      a security rating indicating a level of user interaction needed to allow the communication operation;
      
      a sub-organization code indicating a subset of an organization, wherein the subset is associated with the network address; and
      
      a function code indicating a purpose for a communication.
  - 16. The system of claim 13, wherein the network address further comprises an internal address behind one of the following:
    - a firewall and a proxy server.
  - 17. The system of claim 13, wherein the processor further performs actions including:
    - receiving a domain name;
      
      accessing a domain name service that associates the domain name with the network address;
      
      requesting access to the network resource with the network address.
  - 18. The system of claim 13, wherein the processor further performs actions including:
    - receiving a questionable domain name;
      
      determining an assigned domain name that is assigned to the network address; and
      
      setting the indicator to indicate one of the following;
      
      that the communication operation is not allowed;
      
      that a warning is to be provided prior to allowing the communication operation; and
      
      that instruction is needed from a user to determine whether the communication operation is allowed.
  - 19. The system of claim 13, further comprising an output device, and wherein the processor further performs at least one of the following actions:
    - receiving a function code;
      
      determining the communication operation based on the function code; and
      
      providing to a user an indication of the communication operation.
  - 20. The system of claim 13, wherein the system comprises one of the following:
    - a general purpose computing device and a mobile device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Daniel Chien
Original Assignee
Daniel Chien
Inventors
Chien, Daniel

Granted Patent

US 8,621,604 B2
Time in Patent Office

Days
Field of Search
US Class Current

709/225
CPC Class Codes

G06F 21/645   using a third party

G06F 2221/2119   Authenticating web pages, e...

H04L 63/1441   Countermeasures against mal...

H04L 63/1491   using deception as counterm...

Evaluating a questionable network communication

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Evaluating a questionable network communication

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links