METHOD AND SYSTEM FOR PROTECTION AGAINST INFORMATION STEALING SOFTWARE
First Claim
1. A computer-implemented method of controlling dissemination of sensitive information over an electronic network, the method comprising:
- analyzing traffic of the network;
detecting sensitive information;
assessing a sensitivity level;
assessing a risk level for the sensitive information leaving the electronic network; and
determining the required action based on the sensitivity level and the risk level.
16 Assignments
0 Petitions
Accused Products
Abstract
A system and method for identifying infection of unwanted software on an electronic device is disclosed. A software agent configured to generate a bait and is installed on the electronic device. The bait can simulate a situation in which the user performs a login session and submits personal information or it may just contain artificial sensitive information. Parameters may be inserted into the bait such as the identity of the electronic device that the bait is installed upon. The output of the electronic device is monitored and analyzed for attempts of transmitting the bait. The output is analyzed by correlating the output with the bait and can be done by comparing information about the bait with the traffic over a computer network in order to decide about the existence and the location of unwanted software. Furthermore, it is possible to store information about the bait in a database and then compare information about a user with the information in the database in order to determine if the electronic device that transmitted the bait contains unwanted software.
-
Citations
19 Claims
-
1. A computer-implemented method of controlling dissemination of sensitive information over an electronic network, the method comprising:
-
analyzing traffic of the network; detecting sensitive information; assessing a sensitivity level; assessing a risk level for the sensitive information leaving the electronic network; and determining the required action based on the sensitivity level and the risk level. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system for controlling the dissemination of sensitive information over an electronic network, the system comprising:
a traffic analyzer in communication with the electronic network and configured to detect sensitive information and assess a sensitivity level of the information, the traffic analyzer configured to assess a risk level for the sensitive information leaving the electronic network and to determine a required action to take on the sensitive information in response to the sensitivity level and the risk level. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
14. A system for controlling the dissemination of sensitive information over an electronic network, the system comprising:
traffic analyzer means in communication with the electronic network, the traffic analyzer means being configured to detect sensitive information, assess the sensitivity level of the sensitive information and assess a risk level of the sensitive information leaving the electronic network, the traffic analyzer means operative to determine a required action in response to the sensitivity level and the risk level. - View Dependent Claims (15, 16, 17, 18, 19)
Specification