Apparatus and method for analyzing and filtering email and for providing web related services

US 7,904,518 B2
Filed: 02/08/2006
Issued: 03/08/2011
Est. Priority Date: 02/15/2005
Status: Expired due to Fees

First Claim

Patent Images

1. A method for filtering a content of an email message method comprising:

connecting an inventive network hardware appliance to an external network within a home network configuration;

including a central processing unit (CPU) on the inventive network hardware appliance;

providing a memory for storing a set of computer-readable instructions executed by the central processing unit (CPU) on the inventive network hardware appliance;

connecting the inventive network hardware appliance to one or more user computers;

installing the inventive network hardware appliance between the external network and the user'"'"'s computer;

passing all network traffic between the user'"'"'s computer and the external network through the inventive network hardware appliance;

arranging the inventive network hardware appliance to intercept an email message;

implementing a remote scanning service at a remote site using a stand-alone server or a plurality of servers configured to communicate with the inventive network hardware appliance to provide information on detected threats;

providing the inventive network hardware appliance, via the remote scanning service, with the processing power required to perform a scanning operation;

generating a request to retrieve email message(s) corresponding to an email service of a user from the user'"'"'s email client software located on the user'"'"'s computer, the user'"'"'s computer being connected to the inventive network hardware appliance;

receiving an email message at the user'"'"'s computer connected to the inventive network hardware appliance;

arranging the inventive network hardware appliance to intercept the user'"'"'s retrieved email message(s);

intercepting the email message by the inventive network hardware appliance;

performing an inspection of the received email message(s) and the received email message'"'"'s attachment(s) upon the interception of the email message(s) by the inventive network hardware appliance from the user'"'"'s computer;

checking a sender of the email message against a blacklist;

checking the sender of the email message against a whitelist;

checking a recipient of the email message against a parental control list;

checking the email message for phishing scam;

checking the email message for SPAM;

generating results based on the checks performed by the inventive network hardware appliance;

accessing the remote scanning service by the inventive network hardware appliance;

performing scanning operations by the remote scanning service in an on-demand manner;

submitting a service request to the remote scanning service from the inventive network hardware appliance;

sending the service request after interception of the email message by the inventive network hardware appliance;

determining if the email message contains an encrypted attachment before sending the service request to the remote scanning service;

sending the service request from the inventive network hardware appliance to the remote scanning service only if the email message does not contain an encrypted attachment;

allowing or denying the email message based on the results and a response from the remote scanning service;

the remote scanning service receiving, through the network interface, a service request from the inventive network hardware appliance,responding to the inventive network hardware appliance by the remote scanning service with a response containing information on any detected threats after completion of the scanning operation by the remote scanning service;

providing information on the detected threats of the email messages by the remote scanning service response to the inventive network hardware appliance; and

in response to detection of at least one threat in the email message, modifying the email message to neutralize the detected threat and forwarding the modified email message to the user.

View all claims

12 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The inventive methodology provides an integrated plug and play solution designed to protect home networks against spam, phishing emails, viruses, spyware as well as other similar threats. The described content filtering appliance can be used for processing of web and email traffic implemented and can be deployed as a stand-alone appliance. In one implementation, the content processing appliance utilizes backend content filtering provided by a remote scanning service accessed via a network. The system employs network level analysis and translation of content and executes various procedures to handle the network traffic. In an embodiment of the invention, the appliance is provided with an automatic remote updating capability, wherein the software and data used by the appliance can be updated remotely via a network. Finally, the appliance may also implement parental controls.

66 Citations

View as Search Results

13 Claims

1. A method for filtering a content of an email message method comprising:
- connecting an inventive network hardware appliance to an external network within a home network configuration;
  
  including a central processing unit (CPU) on the inventive network hardware appliance;
  
  providing a memory for storing a set of computer-readable instructions executed by the central processing unit (CPU) on the inventive network hardware appliance;
  
  connecting the inventive network hardware appliance to one or more user computers;
  
  installing the inventive network hardware appliance between the external network and the user'"'"'s computer;
  
  passing all network traffic between the user'"'"'s computer and the external network through the inventive network hardware appliance;
  
  arranging the inventive network hardware appliance to intercept an email message;
  
  implementing a remote scanning service at a remote site using a stand-alone server or a plurality of servers configured to communicate with the inventive network hardware appliance to provide information on detected threats;
  
  providing the inventive network hardware appliance, via the remote scanning service, with the processing power required to perform a scanning operation;
  
  generating a request to retrieve email message(s) corresponding to an email service of a user from the user'"'"'s email client software located on the user'"'"'s computer, the user'"'"'s computer being connected to the inventive network hardware appliance;
  
  receiving an email message at the user'"'"'s computer connected to the inventive network hardware appliance;
  
  arranging the inventive network hardware appliance to intercept the user'"'"'s retrieved email message(s);
  
  intercepting the email message by the inventive network hardware appliance;
  
  performing an inspection of the received email message(s) and the received email message'"'"'s attachment(s) upon the interception of the email message(s) by the inventive network hardware appliance from the user'"'"'s computer;
  
  checking a sender of the email message against a blacklist;
  
  checking the sender of the email message against a whitelist;
  
  checking a recipient of the email message against a parental control list;
  
  checking the email message for phishing scam;
  
  checking the email message for SPAM;
  
  generating results based on the checks performed by the inventive network hardware appliance;
  
  accessing the remote scanning service by the inventive network hardware appliance;
  
  performing scanning operations by the remote scanning service in an on-demand manner;
  
  submitting a service request to the remote scanning service from the inventive network hardware appliance;
  
  sending the service request after interception of the email message by the inventive network hardware appliance;
  
  determining if the email message contains an encrypted attachment before sending the service request to the remote scanning service;
  
  sending the service request from the inventive network hardware appliance to the remote scanning service only if the email message does not contain an encrypted attachment;
  
  allowing or denying the email message based on the results and a response from the remote scanning service;
  
  the remote scanning service receiving, through the network interface, a service request from the inventive network hardware appliance,responding to the inventive network hardware appliance by the remote scanning service with a response containing information on any detected threats after completion of the scanning operation by the remote scanning service;
  
  providing information on the detected threats of the email messages by the remote scanning service response to the inventive network hardware appliance; and
  
  in response to detection of at least one threat in the email message, modifying the email message to neutralize the detected threat and forwarding the modified email message to the user.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, further comprising reading the message from a remote email system.
  - 3. The method of claim 2, further comprising, before the reading, authenticating with the remote email system using authentication information provided by the user.
  - 4. The method of claim 1, whereinthe service request includes attachments to the email message and directs the remote scanning service to perform a threat check of the attachments, andwherein the response from the remote scanning service to the inventive network hardware appliance includes information on threats detected by the remote scanning service.
  - 5. The method of claim 1, further comprising determining if the email message is encrypted, and if the email message is not encrypted, checking the email message for SPAM content.
  - 6. The method of claim 5, wherein checking the email message for SPAM content comprises performing matching the content of the email message against a list of keywords.
  - 7. The method of claim 1, wherein the checking the email message for SPAM content comprises verification of the format of the header of the email message.
  - 8. The method of claim 1, wherein the checking the email message for SPAM content comprises checking the sender of the email message against a list of known spammer.
  - 9. The method of claim 1, wherein the email message is read from a web mail account of the user using HTTP protocol.
  - 10. The method of claim 1, wherein the email message is read using an email protocol.
  - 11. The method of claim 1, further comprising, in response to detection of at least one threat in the email message, modifying the email message to alert the user about the detected threat and forwarding the modified email message to the user.
  - 12. The method of claim 1, further comprising accumulating statistics about a threat detected in the email message.

13. An inventive network hardware appliance for filtering a content of an email message sent to a user at a personal computer of the user, the personal computer connected to a home network of the user, the inventive network hardware appliance comprising:
- a central processing unit (CPU);
  
  a remote scanning service;
  
  the remote scanning service performing scanning operations in an on-demand manner;
  
  a first network interface connected to the personal computer of the user;
  
  a second network interface connected to the external network; and
  
  a memory storing a set of computer-readable instructions, which, when executed by the CPU cause the CPU to;
  
  i. read a email message;
  
  ii. cause a sender of the email message to be checked against a blacklist;
  
  iii. cause the sender of the email message to be checked against a whitelist;
  
  iv. cause a recipient of the email message to be checked against a parental control list;
  
  v. cause the email message to be checked for phishing scam;
  
  vi. cause the email message to be checked for SPAM content;
  
  vii. performing at least one of (ii) through (vi) by the remote scanning service pursuant to a request from the inventive network hardware appliance, the request being sent after receiving of the email and confirming an attachment to the email message by the inventive network hardware appliance; and
  
  viii. allow or deny the email message based on results of the (ii) through (vii) and a response from the remote scanning service to a service request from the inventive network hardware appliance, the service request being sent to the remote scanning service after the reading of the email message by the CPU, wherein the personal computer of the user is connected to an external network,wherein the inventive network hardware appliance is connected to the home network and is positioned between the personal computer of the user and the internet, andwherein the remote scanning service performs anti-virus scanning operations on the email message after receiving the service request and before providing a response to the inventive network hardware appliance;
  
  wherein the service request includes attachments to the email message and directs the remote scanning service to perform a threat check of the attachments,wherein the response from the remote scanning service to the inventive network appliance includes information on threats detected by the remote scanning service,wherein the inventive network appliance determines whether the email message contains an encrypted attachment before sending the service request to the remote scanning service,wherein the inventive network appliance sends the service request only if the email message does not contain an encrypted attachment, andin response to detection of at least one threat in the email message, modifying the email message to neutralize the detected threat and forwarding the modified email message to the user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Joseph P. Marino
Original Assignee
Gytheion Networks LLC
Inventors
Fortin, Jonathan, Marino, Joseph P.
Primary Examiner(s)
Hamza, Faruk

Application Number

US11/350,905
Publication Number

US 20060184632A1
Time in Patent Office

1,854 Days
Field of Search

709204-207, 709/224, 726 22- 24
US Class Current

709/206
CPC Class Codes

G06F 21/56   Computer malware detection ...

G06F 21/572   Secure firmware programming...

G06F 3/0619   in relation to data integri...

G06F 3/065   Replication mechanisms

G06F 3/0655   Vertical data movement, i.e...

G06F 3/0679   Non-volatile semiconductor ...

G06F 8/654   using techniques specially ...

G06F 9/4416   Network booting; Remote ini...

G06Q 10/00   Administration; Management

G06Q 30/04   Billing or invoicing

H04L 51/063   Content adaptation, e.g. re...

H04L 51/212   using filtering or selectiv...

H04L 67/34   involving the movement of s...

H04W 12/069   using certificates or pre-s...

Apparatus and method for analyzing and filtering email and for providing web related services

First Claim

12 Assignments

0 Petitions

Accused Products

Abstract

66 Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

Apparatus and method for analyzing and filtering email and for providing web related services

First Claim

12 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

66 Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links