Method and System for Processing a Stream of Information From a Computer Network Using Node Based Reputation Characteristics
First Claim
1. A method for processing information from a variety of submitters, the method comprising:
- receiving information about one or more nodes from a submitter from a plurality of submitters numbered from 1 through N, the one or more nodes being associated respectively with one or more IP addresses on a world wide network of computers;
identifying a submitter reputation of the submitter from a knowledge base;
associating a node reputation of the node based upon at least the reputation of the submitter and submitted information from the submitter; and
transferring the node reputation.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for processing information from a variety of submitters, e.g., forensic sources. The method includes receiving information about one or more nodes from a submitter from a plurality of submitters numbered from 1 through N. In a specific embodiment, the one or more nodes are associated respectively with one or more IP addresses on a world wide network of computers. The method includes identifying a submitter reputation of the submitter from a knowledge base and associating a node reputation of the node based upon at least the reputation of the submitter and submitted information from the submitter. The method also transfers the node reputation.
170 Citations
35 Claims
-
1. A method for processing information from a variety of submitters, the method comprising:
-
receiving information about one or more nodes from a submitter from a plurality of submitters numbered from 1 through N, the one or more nodes being associated respectively with one or more IP addresses on a world wide network of computers; identifying a submitter reputation of the submitter from a knowledge base; associating a node reputation of the node based upon at least the reputation of the submitter and submitted information from the submitter; and transferring the node reputation. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A system for processing information from a variety of submitters, the system comprising one or more computer readable memories, the one or more computer readable memories including:
-
one or more codes directed to receiving information about one or more nodes from a submitter from a plurality of submitters numbered from 1 through N, the one or more nodes being associated respectively with one or more IP addresses on a world wide network of computers; one or more codes directed to identifying a submitter reputation of the submitter from a knowledge base; one or more codes directed to associating a node reputation of the node based upon at least the reputation of the submitter and submitted information from the submitter; and one or more codes directed to transferring the node reputation.
-
-
7. A method for processing a stream of information to determine a security level, the method comprising:
-
providing a knowledge base, the knowledge base having information about a plurality of nodes, each of the nodes numbered from 1 through N, each of the nodes being assigned a reputation characteristic numbered respectively from 1 through N, each of the reputation characteristics comprising one or more of a plurality of properties; identifying a selected node from the plurality of nodes, the selected node being coupled to a network of computers; requesting reputation information associated with the selected node through the network of computers; deriving at least one of the reputation characteristics numbered from 1 through N of the selected node from the knowledge base; transferring the reputation characteristic through the network of computers; and processing information from a stream of data associated with the selected node within the plurality of nodes using a selection of at least one of a plurality of processes, the selected process being associated with the reputation characteristic of the selected node. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15)
-
- 16. A system for characterizing reputations of one or more nodes in a computer network environment, the system comprising a knowledge base, the knowledge base having information about a plurality of nodes, each of the nodes numbered from 1 through N, each of the nodes being assigned a reputation characteristic numbered respectively from 1 through N, each of the reputation characteristics comprising one or more of a plurality of properties, one or more of the properties being associated with a submitter, the submitter having a submitter reputation characteristic.
-
25. A method for creating a real time knowledge base of a plurality of nodes from a variety of submitters, the method comprising:
-
receiving first information about one or more nodes from a first submitter from a plurality of submitters numbered from 1 through N, the one or more nodes being associated respectively with one or more IP addresses on a world wide network of computers; identifying a submitter reputation of the first submitter from a knowledge base, the submitter being one of the plurality of submitters numbered from 1 through N; associating a node reputation of the node based upon at least the reputation of the first submitter and first submitted information from the first submitter; storing the first submitted information in a first portion of the knowledge base; and repeating the receiving, identifying, associating, and storing for second information from a second submitter. - View Dependent Claims (26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
-
Specification