REAL-TIME NETWORK UPDATES FOR MALICIOUS CONTENT
First Claim
Patent Images
1. A method for establishing the reputation of message components, the method comprising:
- transmitting over a network communication interface a request for data from a first electronic computing device;
receiving the requested data over the network communication interface;
a processor executing instructions out of a memory breaking the received data into a plurality of component parts, wherein the plurality of component parts are stored in a database; and
receiving a first set of information from a second electronic computing device, wherein the received first set of information is associated with a bad reputation and includes a plurality of constituent components, and a processor at the second computing device generates the plurality of constituent components from data contained in a message by breaking the data contained in the message into the plurality of constituent components;
comparing the received plurality of constituent components with the plurality of component parts;
identifying that at least one of the constituent components of the plurality of constituent components matches at least one of the component parts; and
associating each of the plurality of component parts with a threat, wherein the database is updated with information indicating that the plurality of component parts are associated with a threat.
24 Assignments
0 Petitions
Accused Products
Abstract
A global response network collects, analyzes, and distributes “cross-vector” threat-related information between security systems to allow for an intelligent, collaborative, and comprehensive real-time response.
-
Citations
18 Claims
-
1. A method for establishing the reputation of message components, the method comprising:
-
transmitting over a network communication interface a request for data from a first electronic computing device; receiving the requested data over the network communication interface; a processor executing instructions out of a memory breaking the received data into a plurality of component parts, wherein the plurality of component parts are stored in a database; and receiving a first set of information from a second electronic computing device, wherein the received first set of information is associated with a bad reputation and includes a plurality of constituent components, and a processor at the second computing device generates the plurality of constituent components from data contained in a message by breaking the data contained in the message into the plurality of constituent components; comparing the received plurality of constituent components with the plurality of component parts; identifying that at least one of the constituent components of the plurality of constituent components matches at least one of the component parts; and associating each of the plurality of component parts with a threat, wherein the database is updated with information indicating that the plurality of component parts are associated with a threat. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A non-transitory computer-readable storage medium having embodied thereon a program executable by a processor for performing a method for establishing the reputation of message components, the method comprising:
-
transmitting over a network communication interface a request for data from a first electronic computing device; receiving the requested data over the network communication interface; a processor executing instructions out of a memory breaking the received data into a plurality of component parts, wherein the plurality of component parts are stored in a database; and receiving a first set of information from a second electronic computing device, wherein the received first set of information is associated with a bad reputation and includes a plurality of constituent components, and a processor at the second computing device generates the plurality of constituent components from data contained in a message by breaking the data contained in the message into the plurality of constituent components; comparing the received plurality of constituent components with the plurality of component parts; identifying that at least one of the constituent components of the plurality of constituent components matches at least one of the component parts; and associating each of the plurality of component parts with a threat, wherein the database is updated with information indicating that the plurality of component parts are associated with a threat. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A system for establishing the reputation of message components, the system comprising:
a data center electronic computing device including a processor, a memory, and one or more network communication interfaces, wherein the data center electronic computing device; transmits over a network communication interface of the one or more network communication interfaces a request for data from a first electronic computing device; receives the requested data over the network communication interface of the one or more network communication interfaces; breaks the received data into a plurality of component parts, wherein the plurality of component parts are stored in a database; and receives a first set of information from a second electronic computing device, wherein the received first set of information is associated with a bad reputation and includes a plurality of constituent components, and a processor at the second computing device generates the plurality of constituent components from data contained in a message by breaking the data contained in the message into the plurality of constituent components; compares the received plurality of constituent components with the plurality of component parts; identifies that at least one of the constituent components of the plurality of constituent components matches at least one of the component parts; and associates each of the component parts with a threat, wherein the database is updated with information indicating that the component parts are associated with a threat. - View Dependent Claims (14, 15, 16, 17, 18)
Specification