Method And System For Preventing Exploitation Of Email Messages

US 20070277238A1
Filed: 04/26/2007
Published: 11/29/2007
Est. Priority Date: 10/10/2003
Status: Abandoned Application

First Claim

Patent Images

1. A method for preventing the exploitation of an original email message having a destination, the method comprising:

decomposing the original email message into the components thereof;

for each component of said components thereof;

formatting said component according to at least one published standards for formatting email into a correctly-formatted email component;

inspecting said correctly-formatted email component for undesirable content;

if said correctly-formatted email component contains undesirable content, then sanitizing said correctly-formatted email component;

reassembling said correctly-formatted email component into a replacement email message; and

substituting said replacement email message for the original email message, and sending said replacement email message to the destination of the original email message in place thereof.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for preventing the exploitation of email messages in attacks on computer systems. Invalid formatting is often used by attackers to introduce undesirable content into email, because email handling applications and utilities are often insensitive to deviations from the standards, and invalid formatting can allow undesirable content to go undetected. According to the present invention, an original email message is decomposed into component parts, which are formatted according to email message standards. Format-compliant components are inspected for undesirable content and reassembled into a replacement email message that is sent to the destination of the original email message. Components with undesirable content are sanitized.

Citations

7 Claims

1. A method for preventing the exploitation of an original email message having a destination, the method comprising:
- decomposing the original email message into the components thereof;
  
  for each component of said components thereof;
  
  formatting said component according to at least one published standards for formatting email into a correctly-formatted email component;
  
  inspecting said correctly-formatted email component for undesirable content;
  
  if said correctly-formatted email component contains undesirable content, then sanitizing said correctly-formatted email component;
  
  reassembling said correctly-formatted email component into a replacement email message; and
  
  substituting said replacement email message for the original email message, and sending said replacement email message to the destination of the original email message in place thereof.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, further comprising:
    - if said replacement email message has sufficient components according to said at least one published standard, then performing said substituting; and
      
      otherwise discarding the original email message.
  - 3. A computer program product operative to perform the method of claim 1.
  - 4. A computer program product operative to perform the method of claim 2.

5. A method for preventing the exploitation of an original email message having a destination, the method comprising:
- decomposing the original email message into the components thereof;
  
  for each component of said components thereof;
  
  formatting said component according to at least one published standards for formatting email into a correctly-formatted email component;
  
  a reassembling said correctly-formatted email component into a replacement email message;
  
  substituting said replacement email message for the original email message;
  
  inspecting said replacement email message for undesirable content;
  
  if said replacement email message contains undesirable content, then sanitizing said replacement email message; and
  
  sending said replacement email message to the destination of the original email message in place thereof.
- View Dependent Claims (6)
- - 6. A computer program product operative to perform the method of claim 5.

7. A system for preventing the exploitation of an original email message having a destination, the system comprising:
- an email component extractor, for extracting a component of the original email message;
  
  an email component standards-compliant formatter, for formatting said component according to at least one published standard;
  
  an undesirable content handler operative to inspect for undesirable content and to sanitize at least one of;
  
  an email message component;
  
  an email message; and
  
  an email assembler, for assembling said component into a replacement email message for sending to the destination of original email message in place thereof.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Aladdin Knowledge Systems Limited (Thales SA)
Original Assignee
Aladdin Knowledge Systems Limited (Thales SA)
Inventors
Margalit, Yanki, Margalit, Dany

Application Number

US11/740,297
Publication Number

US 20070277238A1
Time in Patent Office

Days
Field of Search
US Class Current

726/22
CPC Class Codes

G06F 21/562   Static detection

H04L 51/00   User-to-user messaging in p...

H04L 63/145   the attack involving the pr...

Method And System For Preventing Exploitation Of Email Messages

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

7 Claims

Specification

Solutions

Use Cases

Quick Links

Method And System For Preventing Exploitation Of Email Messages

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

7 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links