Method and apparatus for controlling access to network resources based on reputation
First Claim
1. An apparatus, comprising:
- one or more processors;
a first network interface that is coupled to a first network that includes a plurality of clients;
a second network interface that is coupled to a second network that includes a plurality of resources;
a computer-readable storage medium that comprises one or more stored sequences of instructions which, when executed by the processor, cause the processor to perform;
receiving a client request that includes a particular network resource identifier;
retrieving, from a database that associates a plurality of network resource indicators with attributes of the network resource identifiers, values of particular attributes that are associated with the particular network resource identifier;
determining a reputation score value for the particular network resource identifier based on the particular attributes;
performing a responsive action for the client request based on the reputation score value.
1 Assignment
0 Petitions
Accused Products
Abstract
Access to network resources is controlled based on reputation of the network resources. In an embodiment, a data processing apparatus is coupled to a first protected network and to a second network, and comprises logic configured to cause receiving a client request that includes a particular network resource identifier; retrieving, from a database that associates a plurality of network resource indicators with attributes of the network resource identifiers, values of particular attributes that are associated with the particular network resource identifier; determining a reputation score value for the particular network resource identifier based on the particular attributes; and performing a responsive action for the client request based on the reputation score value.
786 Citations
20 Claims
-
1. An apparatus, comprising:
-
one or more processors;
a first network interface that is coupled to a first network that includes a plurality of clients;
a second network interface that is coupled to a second network that includes a plurality of resources;
a computer-readable storage medium that comprises one or more stored sequences of instructions which, when executed by the processor, cause the processor to perform;
receiving a client request that includes a particular network resource identifier;
retrieving, from a database that associates a plurality of network resource indicators with attributes of the network resource identifiers, values of particular attributes that are associated with the particular network resource identifier;
determining a reputation score value for the particular network resource identifier based on the particular attributes;
performing a responsive action for the client request based on the reputation score value. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. An apparatus, comprising:
-
one or more processors;
a first network interface that is coupled to a first network that includes a plurality of clients;
a second network interface that is coupled to a second network that includes a plurality of resources;
means for receiving a client request that includes a particular network resource identifier;
means for retrieving, from a database that associates a plurality of network resource indicators with attributes of the network resource identifiers, values of particular attributes that are associated with the particular network resource identifier;
means for determining a reputation score value for the particular network resource identifier based on the particular attributes;
means for performing a responsive action for the client request based on the reputation score value. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. An apparatus, comprising:
-
one or more processors;
a network interface that is coupled to a network that includes a plurality of resources;
a computer-readable storage medium that comprises one or more stored sequences of instructions which, when executed by the processor, cause the processor to perform;
receiving information about a plurality of network resource identifiers from one or more reputation data sources;
processing the network resource identifiers to determine a web reputation score value representing an overall probability that the network resource identifiers are associated with malware;
storing the web reputation score value in a database that associates a plurality of network resource indicators with attributes of the network resource identifiers;
repeating the receiving, processing, transforming and storing as new information becomes available for the same network resource identifiers. - View Dependent Claims (14, 15, 16, 17, 18, 19)
-
-
20-37. -37. (canceled)
Specification