METHODS FOR AUTOMATIC CATEGORIZATION OF INTERNAL AND EXTERNAL COMMUNICATION FOR PREVENTING DATA LOSS
First Claim
1. A method for automatic categorization of internal and external communication, the method comprising the steps of:
- (a) defining groups of entities that transmit data;
(b) monitoring data flow of said groups;
(c) extracting said data, from said data flow, for learning traffic-flow characteristics of said groups;
(d) classifying said data into group flows;
(e) upon said data being transmitted, checking said data to determine whether said data is designated as group-internal; and
(f) blocking data traffic for data that is group-internal.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed are methods for automatic categorization of internal and external communication, the method including the steps of: defining groups of entities that transmit data; monitoring data flow of the groups; extracting the data, from the data flow, for learning traffic-flow characteristics of the groups; classifying the data into group flows; upon the data being transmitted, checking the data to determine whether the data is designated as group-internal; and blocking data traffic for data that is group-internal. Preferably, the step of monitoring includes assigning data weights to the data using Bayesian methods. Most preferably, the step of classifying includes classifying the data using Bayesian methods for evaluating the data weights. Preferably, the step of blocking includes blocking data traffic between members of two or more groups. Preferably, the method further includes the step of: enabling an authorized entity to unblock the data traffic.
39 Citations
16 Claims
-
1. A method for automatic categorization of internal and external communication, the method comprising the steps of:
-
(a) defining groups of entities that transmit data; (b) monitoring data flow of said groups; (c) extracting said data, from said data flow, for learning traffic-flow characteristics of said groups; (d) classifying said data into group flows; (e) upon said data being transmitted, checking said data to determine whether said data is designated as group-internal; and (f) blocking data traffic for data that is group-internal. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer-readable storage medium having computer-readable code embodied on the computer-readable storage medium, the computer-readable code comprising:
-
(a) program code for defining groups of entities that transmit data; (b) program code for monitoring data flow of said groups; (c) program code for extracting said data, from said data flow, for learning traffic-flow characteristics of said groups; (d) program code for classifying said data into group flows; (e) program code for, upon said data being transmitted, checking said data to determine whether said data is designated as group-internal; and (f) program code for blocking data traffic for data that is group-internal. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
Specification