Detection and removal of undesirable items in a data processing environment
First Claim
Patent Images
1. A method for addressing a threat to the security of a user device that utilizes a network-accessible service, comprising:
- assessing a likelihood that the user device is infected by an undesirable item, the assessing comprising;
detecting a potential presence of the undesirable item within a particular time frame, the presence being associated with activities for an identified network address; and
determining whether the user device utilized the identified network address within the particular time frame;
receiving a request by the user device to access the network-accessible service; and
in response to the request, interacting with the user device in a manner that is governed by the assessed likelihood that the user device is infected by the undesirable item, wherein the user device is operated by at least one user, wherein the interacting with the user device comprises sending a notification message to another device operated by the at least one user to notify the at least one user of the assessed likelihood of the user device being infected by the undesirable item.
2 Assignments
0 Petitions
Accused Products
Abstract
Functionality is described for addressing a threat to the security of a user device that utilizes a network-accessible service. The functionality operates by assessing the likelihood that the user device is infected by the undesirable item. When the user device makes a request to access the network-accessible service, the functionality can interact with the user device in a manner that is governed by the assessed likelihood that the user device is infected by the undesirable item.
30 Citations
19 Claims
-
1. A method for addressing a threat to the security of a user device that utilizes a network-accessible service, comprising:
-
assessing a likelihood that the user device is infected by an undesirable item, the assessing comprising; detecting a potential presence of the undesirable item within a particular time frame, the presence being associated with activities for an identified network address; and determining whether the user device utilized the identified network address within the particular time frame; receiving a request by the user device to access the network-accessible service; and in response to the request, interacting with the user device in a manner that is governed by the assessed likelihood that the user device is infected by the undesirable item, wherein the user device is operated by at least one user, wherein the interacting with the user device comprises sending a notification message to another device operated by the at least one user to notify the at least one user of the assessed likelihood of the user device being infected by the undesirable item. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. An item management module for addressing a threat to the security of a user device that utilizes network-accessible service, comprising:
-
an item detection module configured to make an assessment of a likelihood that the user device is infected by an undesirable item, the assessment comprising; examining an interaction of the user device with at least one network accessible entity; determining if a plurality of user devices that use the network-accessible service are sending a large number of Email messages in unison; determining if the user device is rapidly making click selections; determining if the user device is making a large number of requests to ports that are associated with well known exploits; and a remedy module configured to; receive a request by the user device to access the network-accessible service; and in response to the request, interact with the user device in a manner that is governed by the assessed likelihood that the user device is infected by the undesirable item. - View Dependent Claims (17, 18)
-
-
19. An intermediary appliance module for interfacing between a user device and a network-accessible service, comprising:
-
a cooperative detection module configured to cooperate with an item management module to make an assessment of a likelihood that the user device is infected by an undesirable item, the assessment comprising; detecting a potential presence of the undesirable item within a particular time frame, the presence being associated with activities for an identified network address; and determining whether the user device utilized the identified network address within the particular time frame; and a remedy module configured to cooperate with the item management module to interact with the user device in a manner that is governed by the assessed likelihood that the user device is infected by the undesirable item.
-
Specification