SAFE FILE TRANSMISSION AND REPUTATION LOOKUP

US 20120167213A1
Filed: 03/05/2012
Published: 06/28/2012
Est. Priority Date: 02/27/2008
Status: Active Grant

First Claim

Patent Images

1. A computer readable medium comprising instructions that when executed perform a method comprising:

wrapping a data file in a protective file based at least in part upon at least one of;

whether the data file was sent by an unknown sender with an internet protocol address;

whether malware has previously been received from the internet protocol address;

a likelihood that the data file comprises malware; and

whether malware has previously been received from a user associated with the data file.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of safe file transmission and reputation lookup is provided. As a part of the safe file transmission and reputation lookup methodology, a data file that is to be made available to a data file receiver is accessed and it is determined whether the data file needs to be provided a protective file. The data file is wrapped in a protective file to create a non-executing package file. Access is provided to the non-executing package file where the associated data file is prevented from being executed until data file reputation information is received.

Citations

20 Claims

1. A computer readable medium comprising instructions that when executed perform a method comprising:
- wrapping a data file in a protective file based at least in part upon at least one of;
  
  whether the data file was sent by an unknown sender with an internet protocol address;
  
  whether malware has previously been received from the internet protocol address;
  
  a likelihood that the data file comprises malware; and
  
  whether malware has previously been received from a user associated with the data file.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The computer readable medium of claim 1, the wrapping performed upon determining that the data file needs to be protected.
  - 3. The computer readable medium of claim 1, the wrapping creating a package file that inhibits at least one of access to and execution of the data file until data file reputation information is accessed.
  - 4. The computer readable medium of claim 3, the method comprising:
    - accessing the data file reputation information from a reputation lookup service.
  - 5. The computer readable medium of claim 1, the method comprising:
    - overriding a block on access to the data file after a warning indicating a level of suspiciousness associated with the data file is accessed, the level of suspiciousness based at least in part upon at least one of;
      
      a number of users that executed the data file;
      
      a number of times the data file has travelled through a network;
      
      a first time and date the data file was observed;
      
      whether the data file was reviewed by an analyst;
      
      a certificate used to sign the data file;
      
      a link to a company that controls the certificate; and
      
      a link to at least one of a search page and a discussion group comprising information about the data file.
  - 6. The computer readable medium of claim 1, at least some of the wrapping performed by a sender upon selection of the data file for transmission from the sender to a receiver.
  - 7. The computer readable medium of claim 1, at least some of the wrapping performed by a receiver upon receiving the data file from a sender.
  - 8. The computer readable medium of claim 6, the data file transmitted from the sender to the receiver via at least one of an email message and an instant message.
  - 9. The computer readable medium of claim 7, the data file transmitted from the sender to the receiver via at least one of an email message and an instant message.

10. A method, comprising:
- overriding a block on access to a data file after a warning indicating a level of suspiciousness associated with the data file is accessed, the level of suspiciousness based at least in part upon at least one of;
  
  a number of users that executed the data file;
  
  a number of times the data file has travelled through a network;
  
  a first time and date the data file was observed;
  
  whether the data file was reviewed by an analyst;
  
  a certificate used to sign the data file;
  
  a link to a company that controls the certificate; and
  
  a link to at least one of a search page and a discussion group comprising information about the data file.
- View Dependent Claims (11, 12, 13, 14, 15, 16)
- - 11. The method of claim 10, implemented at least in part via a microprocessor.
  - 12. The method of claim 10, the data file wrapped in a protective file to create a package file that inhibits at least one of access to and execution of the data file until data file reputation information is accessed.
  - 13. The method of claim 12, the wrapping performed upon determining that the data file needs to be protected.
  - 14. The method of claim 13, the determining based at least in part upon:
    - whether the data file was sent by an unknown sender with an internet protocol address;
      
      whether malware has previously been received from the internet protocol address;
      
      a likelihood that the data file comprises malware; and
      
      whether malware has previously been received from a user associated with the data file.
  - 15. The method of claim 12, the package file accessed by a receiver via an application comprised in the package file.
  - 16. The method of claim 12, the package file accessed by a receiver via an application selected based on at least one of:
    - a file extension; and
      
      information received from a predetermined web-site.

17. A system comprising:
- one or more processors; and
  
  memory comprising instructions that when executed by at least one of the one or more processors, perform a method comprising;
  
  overriding a block on access to a data file after a warning indicating a level of suspiciousness associated with the data file is accessed, the level of suspiciousness based at least in part upon at least one of;
  
  a number of users that executed the data file;
  
  a number of times the data file has travelled through a network;
  
  a first time and date the data file was observed;
  
  whether the data file was reviewed by an analyst;
  
  a certificate used to sign the data file;
  
  a link to a company that controls the certificate; and
  
  a link to at least one of a search page and a discussion group comprising information about the data file.
- View Dependent Claims (18, 19, 20)
- - 18. The system of claim 17, the data file wrapped in a protective file to create a package file that inhibits at least one of access to and execution of the data file until data file reputation information is accessed, the wrapping performed upon determining that the data file needs to be protected.
  - 19. The system of claim 18, at least some of at least one of the determining and the wrapping implemented by an intermediate server upon receiving the data file from a sender, the data file comprised in a message addressed to a receiver, the receiver not comprising the intermediate server.
  - 20. The system of claim 17, at least one of access to and execution of the data file based at least in part upon whether a computer comprises a specific version of software.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Hulten, Geoff, Scarrow, John, Osipkov, Ivan, Iverson, Kristofer N.

Granted Patent

US 8,931,090 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/22
CPC Class Codes

G06F 21/51   at application loading time...

G06F 21/566   Dynamic detection, i.e. det...

G06F 21/6209   to a single file or object,...

SAFE FILE TRANSMISSION AND REPUTATION LOOKUP

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SAFE FILE TRANSMISSION AND REPUTATION LOOKUP

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links