MULTI-DIMENSIONAL REPUTATION SCORING

US 20120240228A1
Filed: 06/04/2012
Published: 09/20/2012
Est. Priority Date: 01/24/2007
Status: Active Grant

First Claim

Patent Images

1-40. -40. (canceled)

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and systems for assigning reputation to communications entities include collecting communications data from distributed agents, aggregating the communications data, analyzing the communications data and identifying relationships between communications entities based upon the communications data.

57 Citations

View as Search Results

63 Claims

1-40. -40. (canceled)

41. A computer implemented method comprising:
- identifying a range of values for each of a plurality of filter settings, wherein filter setting values define a level of tolerance for an associated classification of potential security violations in a network;
  
  causing presentation of a security control interface on a display device, the security control interface comprising a plurality of graphical security controls, each graphical security control representing a respective one of the plurality of filter settings and the corresponding range of values for the respective filter setting;
  
  receiving a value for a particular one of the plurality of filter settings based on user interactions with a corresponding one of the plurality of graphical security controls of the security control interface;
  
  adjusting the particular filter setting based on the received value; and
  
  causing communications in the network to be filtered based on the adjusted particular filter setting.
- View Dependent Claims (42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58)
- - 42. The method of claim 41, wherein the adjusted filtered setting is an adjusted filter setting of a particular user and applies to communication streams involving the particular user.
  - 43. The method of claim 42, wherein the user interactions are associated with the particular user.
  - 44. The method of claim 41, wherein the graphical security controls include a plurality of interactive security slider controls operable to be manipulated to correspond to values within a respective range of a corresponding filter setting.
  - 45. The method of claim 41, wherein each security filter is associated with one of a plurality of potential security violation categories.
  - 46. The method of claim 45, wherein the plurality of potential security violation categories includes a virus category, a phishing category, a worms category, a trojan horse category, a spam category, a content category, a spyware category, or a bulk mail category.
  - 47. The method of claim 41, wherein each value in each range of values indicates a relative level of filtering of a corresponding classification of potential security violations.
  - 48. The method of claim 41, wherein the range of values for the particular filter setting is a defined limited range of values.
  - 49. The method of claim 48, wherein the graphical security control representing the particular filter setting and enabling adjustment of the particular filter setting indicates that the range of values for the particular filter setting is limited.
  - 50. The method of claim 48, wherein limits to the range of values for the particular filter are hidden on the presentation of the security control interface.
  - 51. The method of claim 48, wherein the range of values for the particular filter setting is limited to restrict at least one of selection of a value above a defined maximum value for the particular filter setting and selection of a value below a defined minimum value for the particular filter setting.
  - 52. The method of claim 48, wherein the plurality of filter settings includes a group of security settings and a group of policy settings, wherein ranges of values for each filter setting in the group of security settings is a respective defined limited range of values.
  - 53. The method of claim 52, wherein ranges of values for each filter setting in the group of policy settings are unconstrained.
  - 54. The method of claim 41, wherein the network is filtered using a plurality of security agents deployed in the network, and the adjusted particular filter setting governs filtering of at least one particular security agent in the plurality of security agents.
  - 55. The method of claim 54, wherein the adjustment of the particular security agent applies to a particular user and communications involving the particular user are filtered at least in part using the particular security agent.
  - 56. The method of claim 54, wherein the security agents filter communications based on a reputation of at least one entity involved in the communications.
  - 57. The method of claim 56, wherein reputation of a particular entity is based on identified attribute similarities between the particular entity and at least one other entity with a determined reputation score.
  - 58. The method of claim 56, wherein the particular filter setting defines a local bias to be applied to reputations of entities involved in the communications.

59. Logic encoded in non-transitory media that includes code for execution and when executed by a processor is operable to perform operations comprising:
- identifying a range of values for each of a plurality of filter settings, wherein filter setting values define a level of tolerance for an associated classification of potential security violations in a network;
  
  causing presentation of a security control interface on a display device, the security control interface comprising a plurality of graphical security controls, each graphical security control representing a respective one of the plurality of filter settings and the corresponding range of values for the respective filter setting;
  
  receiving a value for a particular one of the plurality of filter settings based on user interactions with a corresponding one of the plurality of graphical security controls of the security control interface;
  
  adjusting the particular filter setting based on the received value; and
  
  causing communications in the network to be filtered based on the adjusted particular filter setting.

60. A system comprising:
- at least one processor device;
  
  at least one memory element; and
  
  a security control interface adapted when executed by the at least one processor device to;
  
  present a security control interface including a plurality of interactive graphical security controls, each graphical security control representing a respective one of a plurality of filter settings and a corresponding range of values for each respective filter setting, wherein filter setting values define a level of tolerance for an associated classification of potential security violations; and
  
  accept user interactions with the graphical security controls to identify user-specified values for corresponding filter settings, wherein user specification of filter settings causes modification to values of the filter settings;
  
  a security agent adapted to filter communications in a network according to the plurality of filter settings.
- View Dependent Claims (61, 62, 63)
- - 61. The system of claim 60, further comprising a reputation engine adapted to determine reputations of a plurality of entities involved in the communications in the network, wherein the security agent is further adapted to filter communications based on identified reputations of entities involved in the communications.
  - 62. The system of claim 60, wherein adjustment of a filter setting value using the security control interface applies the adjustment of the filter setting to less than the entire network.
  - 63. The system of claim 62, wherein the adjustment of the filter setting applies to communications involving a particular user associated with the adjustment.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
McAfee, LLC
Original Assignee
McAfee, Inc. (McAfee, LLC)
Inventors
ALPEROVITCH, Dmitri, FOOTE-LENNOX, Tomo, GOULD, Jeremy, GREVE, Paula, HERNANDEZ, Alejandro Manuel, JUDGE, Paul, KRASSER, Sven, LANGE, Tim, SCHNECK, Phyllis Adele, STECHER, Martin, TANG, Yuchun, TRIVEDI, Aarjav Jyotindra Neeta, WILLIS, Lamar Lorenzo, YANG, Weilai, ZDZIARSKI, Jonathan Alexander

Granted Patent

US 9,009,321 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/22
CPC Class Codes

G06F 21/554   involving event detection a...

G06Q 10/107   Computer-aided management o...

H04L 41/0893   Assignment of logical group...

H04L 41/0894   Policy-based network config...

H04L 41/22   comprising specially adapte...

H04L 51/212   using filtering or selectiv...

H04L 63/0227   Filtering policies mail mes...

H04L 63/1408   by monitoring network traff...

H04L 63/1416   Event detection, e.g. attac...

H04L 63/1433   Vulnerability analysis

H04L 63/1441   Countermeasures against mal...

H04L 63/1483   service impersonation, e.g....

MULTI-DIMENSIONAL REPUTATION SCORING

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

57 Citations

63 Claims

Specification

Use Cases

Quick Links

Others

MULTI-DIMENSIONAL REPUTATION SCORING

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

57 Citations

63 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others