INSTANT MESSAGING MALWARE PROTECTION

US 20090064335A1
Filed: 09/05/2007
Published: 03/05/2009
Est. Priority Date: 09/05/2007
Status: Active Grant

First Claim

Patent Images

1. On a client device, a method for providing security from instant messaging malware, comprising:

receiving, from a server, malware configuration information stored on the server;

receiving an instant message from an instant message system; and

selectively employing a malware scanner to scan the instant message for malware, at least partly based on the malware configuration information.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system including a content server and a plurality of instant messaging clients is configured to enable each client device to scan for malware on incoming or outgoing instant messages. The content server may receive malware configuration information and distribute the malware configuration information to each client device. Each client device may employ the malware configuration information to perform a number of actions, including determining one or more malware scanners to use, selectively scanning incoming or outgoing instant messages, reporting instances of malware that are detected, or selectively restricting one or more instant messaging functions. The system may include a malware information repository that receives and reports of detected malware, analyzes the reports, and determines sources of malware.

94 Citations

View as Search Results

20 Claims

1. On a client device, a method for providing security from instant messaging malware, comprising:
- receiving, from a server, malware configuration information stored on the server;
  
  receiving an instant message from an instant message system; and
  
  selectively employing a malware scanner to scan the instant message for malware, at least partly based on the malware configuration information.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, further comprising determining the malware scanner from a plurality of malware scanning components installed on the client device, at least partly based on at least one of the malware configuration information or information associated with the instant message.
  - 3. The method of claim 1, further comprising selectively employing another malware scanner to scan the instant message for malware, at least partly based on the malware configuration information.
  - 4. The method of claim 1, further comprising:
    - selectively employing another malware scanner to scan the instant message for malware, at least partly based on the malware configuration information; and
      
      determining an ordering to employ the malware scanner and the other malware scanner, at least partly based on information associated with the instant message.
  - 5. The method of claim 1, wherein selectively employing the malware scanner is at least partly based on at least one of a geographic location associated with a sender of the instant message, a group membership associated with the sender of the instant message, or a type of the instant message.
  - 6. The method of claim 1, further comprising if malware associated with the instant message is detected, sending information associated with the detected malware to a malware information repository.
  - 7. The method of claim 1, further comprising if malware associated with the instant message is detected, disabling a function associated with a type of the instant message.
  - 8. The method of claim 1, further comprisingselectively scanning another instant message for malware, at least partly based on the malware configuration information;
    - andselectively sending the other message to another client device, at least partly based on the selective scanning of the other instant message.
  - 9. The method of claim 1, wherein the malware configuration information received from the server is at least partly based on at least one of geographic information, group membership, subscription information, preferences, or capacities associated with the client device.
  - 10. A processor readable storage medium having computer-executable instructions, wherein the execution of the computer-executable instructions provides for enabling actions, including performing the method of claim 1.
  - 11. A system for providing security to a plurality of client devices communicating by sending and receiving instant messages, the system comprising:
    - at least one content component that receives and stores malware configuration information, and sends the malware configuration information to each client device, the malware configuration information enabling each of the plurality of client devices to selectively scan instant messages for malware; and
      
      a malware client provider that sends, to each of the plurality of client devices, computer-executable instructions that enable actions to perform at the receiving client device, including performing the method of claim 1.

12. A system for providing security to a plurality of client devices communicating by sending and receiving instant messages, the system comprising:
- at least one content component that receives and stores malware configuration information, and sends the malware configuration information to each client device, the malware configuration information enabling each of the plurality of client devices to selectively scan instant messages for malware; and
  
  a repository component enabled to receive malware reports from the plurality of clients, the reports descriptive of malware detected by a client of the plurality of clients.
- View Dependent Claims (13, 14, 15, 16)
- - 13. The system of claim 12, further comprising a malware searching component that performs actions, including:
    - based on the malware reports, determines a source of at least one malware instance; and
      
      generates additional malware configuration information that enables each of the plurality of clients to restrict instant messaging communication with the source of the at least one malware instance.
  - 14. The system of claim 12, further comprising an interface to another system that enables the other system to restrict communication with a source of at least one malware instance, based on the malware reports, wherein the communication is at least one of an email communication or a communication with a web site.
  - 15. The system of claim 12, wherein the malware configuration information enables each of the plurality of clients to determine an instant messaging function to be disabled and to at least partially disable the determined instant messaging function.
  - 16. The system of claim 12, wherein the malware configuration information enables each of the plurality of clients to, in response to receiving an instant message, determine a malware scanner to invoke at least partially based on at least one of a source of the instant message, a type of the message, or a location of the receiving client.

17. A system for providing security to a plurality of client devices communicating by sending and receiving instant messages, the system comprising:
- means for receiving and storing malware configuration information at a server, the malware configuration information enabling each of the plurality of client devices to selectively scan instant messages for malware;
  
  means for distributing the malware configuration information to each client device; and
  
  means for enabling each client device of the plurality of client devices to selectively determine a malware scanner to invoke for scanning a received instant message, to selectively scan the received instant message, and to selectively restrict instant messaging communication, at least partly based on information associated with the received instant message.
- View Dependent Claims (18, 19, 20)
- - 18. The system of claim 17, further comprising an instant messaging system, and wherein the means for distributing sends at least a portion of the malware configuration information to each client device of the plurality of client devices in response to each client device logging on to the instant messaging system.
  - 19. The system of claim 17, further comprising a malware information repository that receives reports of a plurality of malware instances from client devices of the plurality of client devices, processes the reports, and determines sources of the plurality of malware instances.
  - 20. The system of claim 17, wherein the means for enabling comprises a processor readable storage medium having computer-executable instructions, wherein the execution of the computer-executable instructions provides for enabling actions including registering at least one malware scanner and selectively scanning the received instant message at least partly based on information associated with the received instant message, and wherein the means for distributing transmits the computer-executable instructions to each client device of the plurality of client devices.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
R2 Solutions LLC (Acacia Research Corporation)
Original Assignee
Yahoo! Inc. (Apollo Global Management, Inc.)
Inventors
Jiang, Hongyan, Sinn, Richard, Wong, Dudley

Granted Patent

US 8,689,330 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/24
CPC Class Codes

G06F 21/561   Virus type analysis

G06F 21/562   Static detection

G06F 21/566   Dynamic detection, i.e. det...

G06F 21/568   eliminating virus, restorin...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2147   Locking files

H04L 51/04   Real-time or near real-time...

H04L 51/212   using filtering or selectiv...

H04L 63/1441   Countermeasures against mal...

H04L 63/145   the attack involving the pr...

INSTANT MESSAGING MALWARE PROTECTION

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

94 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

INSTANT MESSAGING MALWARE PROTECTION

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

94 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links