Apparatus and method to identify SPAM emails

US 7,500,265 B2
Filed: 08/27/2004
Issued: 03/03/2009
Est. Priority Date: 08/27/2004
Status: Expired due to Fees

First Claim

Patent Images

1. A method to identity SPAM emails, comprising:

providing a pseudo user device capable of communicating with a user device;

setting a misspelling rejection ratio;

receiving an email comprising (X) words by said pseudo user device;

determining a number (Y) of misspelled words comprising said email;

calculating a misspelling ratio by dividing (Y) by (X);

determining if said misspelling ratio is greater than or equal to said misspelling rejection ratio;

operative if said misspelling ratio is greater than or equal to said misspelling rejection ratio, reporting said email as SPAM,operative if said misspelling ratio is not greater than or equal to said misspelling rejection ratio;

providing said email by said pseudo user device to said user device;

performing a fuzzy word screen of said email;

wherein said performing a fuzzy word screen step comprises;

providing a library of prohibited words, an identity count, and a non-identity count, wherein said identity count and said non-identity count are initially set to 0;

setting a rejection identity count/non-identity count ratio;

selecting a (k)th word from said email, wherein (k) is greater than or equal to 1 and less than or equal to (X);

determining that the (k)th word comprises (A) characters;

retrieving from said library (M) prohibited words comprising (A) characters;

selecting the (j)th prohibited word, wherein (j) is greater than or equal to 1 and less than or equal to (M);

comparing, for each value of (i), the (i)th character of the (k)th email word with the (i)th character of the (j)th prohibited word, wherein (i) is greater than or equal to 1 and less than or equal to (A);

operative if the (i)th character of the (k)th email word is the same as the (i)th character of the (j)th prohibited word, incrementing said identity count;

operative if the (i)th character of the (k)th email word is not the same as the (i)th character of the (j)th prohibited word, incrementing said non-identity count;

calculating an actual identity count/non-identity count ratio;

determining if said actual identity count/non-identity count ratio is greater than or equal to said rejection identity count/non-identity count ratio;

operative if said actual identity count/non-identity count ratio is greater than or equal to said rejection identity count/non-identity count ratio, reporting said email as SPAM.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus to identity SPAM emails is disclosed. The method sets a misspelling rejection ratio. Upon receipt of an email comprising (X) words, the method determines the number (Y) of misspelled words comprising that email. The method then calculates a misspelling ratio by dividing (Y) by (X), and then determines if the misspelling ratio is greater than or equal to the misspelling rejection ratio. If the method determines that the misspelling ratio is greater than or equal to the misspelling rejection ratio, then the method reports the email as SPAM. In certain embodiments, the detection of words used to trigger the rejection of SPAM is based on a fuzzy search of alternate spellings. These alternate spellings may come from a spell checker.

Citations

8 Claims

1. A method to identity SPAM emails, comprising:
- providing a pseudo user device capable of communicating with a user device;
  
  setting a misspelling rejection ratio;
  
  receiving an email comprising (X) words by said pseudo user device;
  
  determining a number (Y) of misspelled words comprising said email;
  
  calculating a misspelling ratio by dividing (Y) by (X);
  
  determining if said misspelling ratio is greater than or equal to said misspelling rejection ratio;
  
  operative if said misspelling ratio is greater than or equal to said misspelling rejection ratio, reporting said email as SPAM,operative if said misspelling ratio is not greater than or equal to said misspelling rejection ratio;
  
  providing said email by said pseudo user device to said user device;
  
  performing a fuzzy word screen of said email;
  
  wherein said performing a fuzzy word screen step comprises;
  
  providing a library of prohibited words, an identity count, and a non-identity count, wherein said identity count and said non-identity count are initially set to 0;
  
  setting a rejection identity count/non-identity count ratio;
  
  selecting a (k)th word from said email, wherein (k) is greater than or equal to 1 and less than or equal to (X);
  
  determining that the (k)th word comprises (A) characters;
  
  retrieving from said library (M) prohibited words comprising (A) characters;
  
  selecting the (j)th prohibited word, wherein (j) is greater than or equal to 1 and less than or equal to (M);
  
  comparing, for each value of (i), the (i)th character of the (k)th email word with the (i)th character of the (j)th prohibited word, wherein (i) is greater than or equal to 1 and less than or equal to (A);
  
  operative if the (i)th character of the (k)th email word is the same as the (i)th character of the (j)th prohibited word, incrementing said identity count;
  
  operative if the (i)th character of the (k)th email word is not the same as the (i)th character of the (j)th prohibited word, incrementing said non-identity count;
  
  calculating an actual identity count/non-identity count ratio;
  
  determining if said actual identity count/non-identity count ratio is greater than or equal to said rejection identity count/non-identity count ratio;
  
  operative if said actual identity count/non-identity count ratio is greater than or equal to said rejection identity count/non-identity count ratio, reporting said email as SPAM.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, further comprising if said actual identity count/non-identity count ratio is greater than or equal to said rejection identity count/non-identity count ratio, resetting said identity count and said non-identity count to 0.
  - 3. The method of claim 1, further comprising:
    - operative if said actual identity count/non-identity count ratio is less than said rejection identity count/non-identity count ratio;
      
      providing said email to said user device; and
      
      resetting said identity count and said non-identity count to 0.
  - 4. The method of claim 1, further comprising:
    - providing a library of prohibited words wherein one or more of those prohibited words are designated highly prohibited words;
      
      providing a database which includes characters comprising variants of one or more letters;
      
      operative if the (i)th character of the (k)th email word is not the same as the (i)th character of the (j)th prohibited word, determining if the (j)th prohibited word comprises a highly prohibited word;
      
      operative if the (j)th prohibited word comprises a highly prohibited word, determining if the (i)th character of the (k)th email word is a variant of the (i)th character of the (j)th prohibited word;
      
      operative if the (i)th character of the (k)th email word is a variant of the (i)th character of the (j)th prohibited word, incrementing said identity count;
      
      operative if the (i)th character of the (k)th email word is not a variant of the (i)th character of the (j)th prohibited word, incrementing said non-identity count.

5. A computer program encoded in an information storage medium and usable with a programmable computer processor to identity SPAM emails, comprising:
- a library of prohibited words;
  
  computer readable program code which causes said programmable computer processor to retrieve a pre-determined misspelling rejection ratio;
  
  computer readable program code which causes said programmable computer processor to receive an email comprising (X) words;
  
  computer readable program code which causes said programmable computer processor to determine a number (Y) of misspelled words comprising said email;
  
  computer readable program code which causes said programmable computer processor to calculate a misspelling ratio by dividing (Y) by (X);
  
  computer readable program code which causes said programmable computer processor to determine if said misspelling ratio is greater than or equal to said misspelling rejection ratio;
  
  computer readable program code which, if said misspelling ratio is greater than or equal to said misspelling rejection ratio, causes said programmable computer processor to report said email as SPAM;
  
  computer readable program code which, if said misspelling ratio is not greater than or equal to said misspelling rejection ratio, causes said programmable computer processor to provide said email to a user device;
  
  computer readable program code which causes said programmable computer processor to maintain an identity count, and a non-identity count, wherein said identity count and said non-identity count are initially set to 0;
  
  computer readable program code which causes said programmable computer processor to retrieve a pre-determined rejection identity count/non-identity count ratio;
  
  computer readable program code which causes said programmable computer processor to select the (k)th word from said email, wherein said (k)th word comprises (A) characters, and wherein (k) is greater than or equal to 1 and less than or equal to (X);
  
  computer readable program code which causes said programmable computer processor to retrieve from said library (M) prohibited words comprising (A) characters;
  
  computer readable program code which causes said programmable computer processor to select the (j)th prohibited word, wherein (j) is greater than or equal to 1 and less than or equal to (M);
  
  computer readable program code which causes said programmable computer processor to compare, for each value of (i), the (i)th character of the (k)th email word with the (i)th character of the (j)th prohibited word, wherein (i) is greater than or equal to 1 and less than or equal to (A);
  
  computer readable program code which, if the (i)th character of the (k)th email word is the same as the (i)th character of the (j)th prohibited word, causes said programmable computer processor to increment said identity count;
  
  computer readable program code which, if the (i)th character of the (k)th email word is not the same as the (i)th character of the (j)th prohibited word, causes said programmable computer processor to increment said non-identity count;
  
  computer readable program code which causes said programmable computer processor to calculate an actual identity count/non-identity count ratio;
  
  computer readable program code which causes said programmable computer processor to determine if said actual identity count/non-identity count ratio is greater than or equal to said rejection identity count/non-identity count ratio;
  
  computer readable program code which, if said actual identity count/non-identity count ratio is greater than or equal to said rejection identity count/non-identity count ratio, causes said programmable computer processor to report said email as SPAM.
- View Dependent Claims (6, 7, 8)
- - 6. The computer program of claim 5, further comprising computer readable program code which, if said actual identity count/non-identity count ratio is greater than or equal to said rejection identity count/non-identity count ratio, causes said programmable computer processor to reset said identity count and said non-identity count to 0.
  - 7. The computer program of claim 5, further comprising computer readable program code which, if said actual identity count/non-identity count ratio is less than said rejection identity count/non-identity count ratio, causes said programmable computer processor to:
    - providing said email to said user device; and
      
      resetting said identity count and said non-identity count to 0.
  - 8. The computer program of claim 5, further comprising:
    - a library of prohibited words wherein one or more of those prohibited words are designated highly prohibited words and a database which includes characters comprising variants of one or more letters;
      
      comprising computer readable program code which, if the (i)th character of the (k)th email word is not the same as the (i)th character of the (j)th prohibited word, causes said programmable computer processor to determine if the (j)th prohibited word comprises a highly prohibited word;
      
      comprising computer readable program code which, if the (j)th prohibited word comprises a highly prohibited word, causes said programmable computer processor to determine if the (i)th character of the (k)th email word is a variant of the (i)th character of the (j)th prohibited word;
      
      comprising computer readable program code which, if the (i)th character of the (k)th email word is a variant of the (i)th character of the (j)th prohibited word, causes said programmable computer processor to increment said identity count;
      
      comprising computer readable program code which, if the (i)th character of the (k)th email word is not a variant of the (i)th character of the (j)th prohibited word, causes said programmable computer processor to increment said non-identity count.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Trend Micro Inc.
Original Assignee
International Business Machines Corporation
Inventors
Encinas, Susan, Winarski, Daniel J.
Primary Examiner(s)
Vu, Kimyen
Assistant Examiner(s)
SHAN, APRIL YING

Application Number

US10/929,082
Publication Number

US 20060047760A1
Time in Patent Office

1,649 Days
Field of Search

709/206, 726/22, 726/23, 726/24, 726/25, 379/93.01
US Class Current

726/22
CPC Class Codes

G06Q 10/107 Computer-aided management o...

H04L 51/212 using filtering or selectiv...

Apparatus and method to identify SPAM emails

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

8 Claims

Specification

Solutions

Use Cases

Quick Links

Apparatus and method to identify SPAM emails

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

8 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links