Systems and methods for multi-layered packet filtering and remote management of network devices

US 7,778,999 B1
Filed: 01/26/2004
Issued: 08/17/2010
Est. Priority Date: 01/24/2003
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

for each electronic device of a plurality of electronic devices, in real time;

receiving, in a backend system, information related to digital data captured by the electronic device at a transport layer before the digital data is provided to an application layer for presentation to a user of the electronic device, the backend system comprising at least one server;

on the at least one server, determining a digital-data rating via the information related to the captured digital data, the determining comprising;

checking a ratings database for a pre-existing rating for the captured digital data using a network address included in the information related to the captured digital data;

responsive to the network address being found in the ratings database, using the pre-existing rating as the digital-data rating;

responsive to the captured digital data not being found in the ratings database;

crawling the captured digital data via the network address;

accessing the captured digital data over a network;

performing a word-by-word analysis of the captured digital data to determine the digital-data rating; and

updating the ratings database with the network address and the digital-data rating responsive to the performance of the word-by-word analysis;

designating the captured digital data as illicit digital data or non-illicit digital data, the designating comprising designating the captured digital data as illicit digital data if the digital-data rating exceeds a predetermined threshold; and

transmitting a result of the designating from the at least one server to the electronic device to block the illicit digital data from delivery to the application layer.

View all claims

19 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for allowing individuals and groups of individuals to establish accountability relationships which are useful for generating shared commitments to avoid undesirable digital materials is disclosed. A application is loaded on a client which accesses a blacklist database of inappropriate words. The blacklist database associates a rating for each inappropriate word in the database. As a monitored user accesses digital content, a capture module captures the digital content in real time. All textual components of the digital content is examined and an overall appropriateness rating for each individual piece of digital content is developed. Via an access server, the data is recorded and reported and a monitoring user may a report on the data accessed by the monitored user.

Citations

23 Claims

1. A method comprising:
- for each electronic device of a plurality of electronic devices, in real time;
  
  receiving, in a backend system, information related to digital data captured by the electronic device at a transport layer before the digital data is provided to an application layer for presentation to a user of the electronic device, the backend system comprising at least one server;
  
  on the at least one server, determining a digital-data rating via the information related to the captured digital data, the determining comprising;
  
  checking a ratings database for a pre-existing rating for the captured digital data using a network address included in the information related to the captured digital data;
  
  responsive to the network address being found in the ratings database, using the pre-existing rating as the digital-data rating;
  
  responsive to the captured digital data not being found in the ratings database;
  
  crawling the captured digital data via the network address;
  
  accessing the captured digital data over a network;
  
  performing a word-by-word analysis of the captured digital data to determine the digital-data rating; and
  
  updating the ratings database with the network address and the digital-data rating responsive to the performance of the word-by-word analysis;
  
  designating the captured digital data as illicit digital data or non-illicit digital data, the designating comprising designating the captured digital data as illicit digital data if the digital-data rating exceeds a predetermined threshold; and
  
  transmitting a result of the designating from the at least one server to the electronic device to block the illicit digital data from delivery to the application layer.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 2. The method of claim 1, comprising, for each of the plurality of electronic devices, in real time, allowing delivery of the non-illicit digital data to the application layer for presentation to the user of the electronic device.
  - 3. The method of claim 1, comprising, for each of the plurality of electronic devices, in real time, capturing all requests for digital data over the network by the electronic device.
  - 4. The method of claim 3, comprising:
    - for each of the plurality of electronic devices, concurrently routing;
      
      information relating to at least some of the captured requests for digital data to the at least one server providing the content-rating service; and
      
      the at least some captured requests to intended destinations on the network.
  - 5. The method of claim 4, wherein at least some of the captured digital data is digital data received at the electronic device as a result of the step of routing the information relating to at least some of the captured requests for digital data to the intended destinations.
  - 6. The method of claim 4, wherein at least some of the captured digital data is digital data received at the electronic device independent of the routing step.
  - 7. The method of claim 4, comprising, on the at least one server:
    - crawling requested digital data on the network using the at least some of the captured requests; and
      
      rating the requested digital data for illicitness using a word-by-word analysis of the requested digital data.
  - 8. The method of claim 7, further comprising, responsive to the rating step, storing a rating and identification information for the rated digital data together in a content database in communication with the at least one server.
  - 9. The method of claim 7, further comprising transmitting configuration settings to the electronic device corresponding to the valid user account.
  - 10. The method of claim 3, comprising, for at least one of the plurality of electronic devices:
    - transmitting an indication from the backend system that at least one of the captured requests for digital data represents an unauthorized intrusion on the electronic device; and
      
      denying the at least one of the captured requests for digital data.
  - 11. The method of claim 1, comprising, for each of the plurality of electronic devices, sending an authentication signal to the backend system, the authentication signal providing validation information indicating whether the electronic device corresponds to a valid user account.
  - 12. The method of claim 1, further comprising, for each of the plurality of electronic devices, filtering communication between the electronic device and the network for personal information.
  - 13. The method of claim 1, further comprising, for each of the plurality of electronic devices, filtering communication between the electronic device and the network for explicit requests for illicit content.
  - 14. The method of claim 1, wherein the electronic device comprises at least one of:
    - a personal computer;
      
      a set-top box;
      
      a router; and
      
      a gateway.
  - 15. The method of claim 1, wherein at least some of the captured digital data comprises an instant message en route to an instant messaging application on the electronic device.
  - 16. The method of claim 1, wherein at least some of the captured digital data comprises an email message en route to an email application on the electronic device.
  - 17. The method of claim 1, further comprising, for at least one of the electronic devices, rating the captured digital data for illicitness utilizing a content-rating module on the electronic device.
  - 18. The method of claim 1, comprising, for at least one of the plurality of electronic devices:
    - transmitting information related to the captured digital data to a reporting server; and
      
      on the reporting server, logging network activities of the user of the electronic device via the information related to the captured digital data.
  - 19. The method of claim 18, comprising:
    - on the reporting server, for the at least one of the plurality of electronic devices;
      
      generating a report summarizing illicitness of network activities of the user of the electronic device for a predetermined time period; and
      
      transmitting the report over the network to a third party.
  - 20. The method of claim 18, comprising:
    - wherein the at least one of the plurality of electronic devices comprises more than one electronic device;
      
      generating a multi-user report summarizing illicitness of network activities of each user of the more than one electronic device for a predetermined time period; and
      
      transmitting the multi-user report over the network to a third party.
  - 21. The method of claim 1, comprising, for at least one of the plurality of electronic devices:
    - transmitting an indication from the backend system to the at least one of the plurality of electronic devices on whether the captured digital data is malicious or non-malicious; and
      
      blocking the captured digital data deemed to be malicious.

22. A method comprising:
- for each electronic device of a plurality of electronic devices, in real time;
  
  on the electronic device, at a transport layer, capturing all digital data received by the electronic device over a network before the digital data is provided to an application layer for presentation to a user of the electronic device;
  
  routing information related to the digital data to a backend system on the network, the backend system comprising at least one server, the at least one server providing a content-rating service for rating digital-data illicitness;
  
  delaying delivery of the digital data to the application layer on the electronic device at least until the digital data is designated non-illicit by the at least one server;
  
  on the at least one server, determining a digital-data rating via the information related to the digital data, the determining comprising;
  
  checking a ratings database for a pre-existing rating for the digital data using a network address included in the information related to the digital data;
  
  responsive to the network address being found in the ratings database, using the pre-existing rating as the digital-data rating;
  
  responsive to the digital data not being found in the ratings database;
  
  crawling the digital data via the network address;
  
  accessing the digital data over the network;
  
  performing a word-by-word analysis of the digital data to determine the digital-data rating; and
  
  updating the ratings database with the network address and the digital-data rating responsive to the performance of the word-by-word analysis;
  
  designating the digital data as illicit digital data or non-illicit digital data, the designating comprising designating the digital data as illicit digital data if the digital-data rating exceeds a predetermined threshold;
  
  on the electronic device, receiving a result of the designating from the at least one server; and
  
  on the electronic device, blocking the illicit digital data from delivery to the application layer.

23. An article of manufacture, the article of manufacture comprising:
- at least one computer-readable medium;
  
  processor instructions contained on the at least one computer readable medium, the processor instructions configured to be readable from the at least one computer-readable medium by at least one processor and thereby cause the at least one processor to operate as to, for each of a plurality of electronic devices, in real time;
  
  receive, in a backend system, information related to digital data captured by the electronic device at a transport layer before the digital data is provided to an application layer for presentation to a user of the electronic device, the backend system comprising at least one server;
  
  on the at least one server, determine a digital-data rating via the information related to the digital data, the determining comprising;
  
  check a ratings database for a pre-existing rating for the digital data using a network address included in the information related to the digital data;
  
  responsive to the network address being found in the ratings database, use the pre-existing rating as the digital-data rating;
  
  responsive to the digital data not being found in the ratings database;
  
  crawl the digital data via the network address;
  
  access the digital data over a network;
  
  perform a word-by-word analysis of the digital data to determine the digital-data rating; and
  
  update the ratings database with the network address and the digital-data rating responsive to the performance of the word-by-word analysis;
  
  designate the digital data as illicit digital data or non-illicit digital data, the designating comprising designating the digital data as illicit digital data if the digital-data rating exceeds a predetermined threshold; and
  
  transmit the designation from the at least one server to the electronic device so that the electronic device may block the illicit digital data from delivery to the application layer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Avast Software SRO (Gen Digital Inc.)
Original Assignee
Bsecure Technologies, Inc. (Gen Digital Inc.)
Inventors
Cotter, Amy L., Haadsma, David Kent, Berkemeyer, Van A. Jr., Cotter, Robert B., Covington, Gary S., Majoran, Raymond, Boisjolie, Darren Ronald, Balasubramaniam, Gandhi
Primary Examiner(s)
Wong; Don
Assistant Examiner(s)
DANG, THANH HA T

Application Number

US10/766,563
Time in Patent Office

2,395 Days
Field of Search

705/14, 707/7, 707/10, 707/722, 707/723, 707/726, 707/748, 707/999.003, 707/999.005, 707/999.1
US Class Current

707/722
CPC Class Codes

G06F 16/9535 Search customisation based ...

Systems and methods for multi-layered packet filtering and remote management of network devices

First Claim

19 Assignments

0 Petitions

Accused Products

Abstract

Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for multi-layered packet filtering and remote management of network devices

First Claim

19 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links