Accessible content reputation lookup

US 7,966,553 B2
Filed: 06/07/2007
Issued: 06/21/2011
Est. Priority Date: 06/07/2007
Status: Expired due to Fees

First Claim

Patent Images

1. A computer implemented method operable on a processor, the method comprising:

recognizing links to accessible content in text of a document;

presenting in the document a link to the accessible content, the presenting including indicating whether the link has reputation information associated to it, wherein the reputation information includes a history of an application associated with the link to the accessible content and a history of a device storing the accessible content, the history of the device indicating a reputation for the device based on a likelihood of the device to disseminate malware and a length of an access time for retrieving content from the device;

facilitating designation, by a user, of the link to request reputation information associated with the link, the requesting including querying a plurality of caches for the reputation information in a predetermined order, the plurality of caches comprising a local cache and a remote cache, wherein the local cache comprises a subset of the remote cache, the subset including reputation information that changes less often than reputation information of the remote cache not included in the subset; and

providing the reputation information associated with the link to the user in a categorized pull down menu, the pull down menu displaying the reputation information and at least one category of the reputation information, the at least one category being based on content, an application, and/or a device with which the link is associated.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Implementations of accessible content reputation lookup are described. In one implementation, before a user activates a link in a document, such as a hyperlink on a webpage, the user can designate the link. For example, the user can float a cursor over the link or interact with an icon placed proximate to the link. By designating the link, the user can request reputation information associated with the link, including information as to whether or not content associated with the link, an application used to access the content, and/or source(s) on which the content resides, are known to be dangerous or risky. If the reputation information indicates that the link is safe to activate, the user can activate the link and access the content. Alternately, if the reputation information indicates that the link is unsafe to access, the user can choose to forego activation of the link.

Citations

20 Claims

1. A computer implemented method operable on a processor, the method comprising:
- recognizing links to accessible content in text of a document;
  
  presenting in the document a link to the accessible content, the presenting including indicating whether the link has reputation information associated to it, wherein the reputation information includes a history of an application associated with the link to the accessible content and a history of a device storing the accessible content, the history of the device indicating a reputation for the device based on a likelihood of the device to disseminate malware and a length of an access time for retrieving content from the device;
  
  facilitating designation, by a user, of the link to request reputation information associated with the link, the requesting including querying a plurality of caches for the reputation information in a predetermined order, the plurality of caches comprising a local cache and a remote cache, wherein the local cache comprises a subset of the remote cache, the subset including reputation information that changes less often than reputation information of the remote cache not included in the subset; and
  
  providing the reputation information associated with the link to the user in a categorized pull down menu, the pull down menu displaying the reputation information and at least one category of the reputation information, the at least one category being based on content, an application, and/or a device with which the link is associated.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. A method as recited in claim 1, wherein the presenting includes:
    - determining whether the reputation information is accessible for the link; and
      
      indicating to the user that the link is one for which reputation information can be accessed by one or more of;
      
      underlining the link;
      
      shading the link;
      
      presenting the link in a different color than that of surrounding text and other links for which no reputation information is available;
      
      presenting an icon proximate the link.
  - 3. A method as recited in claim 1, wherein the facilitating includes enabling the user to designate the link by floating a cursor over the link.
  - 4. A method as recited in claim 1, wherein the providing includes querying the local cache for the reputation information prior to querying the remote cache.
  - 5. A method as recited in claim 1, further comprising querying a cache on a remote device when the reputation information is not available in the local cache.
  - 6. A method as recited in claim 1, wherein the providing includes reporting to the user that no reputation information can be returned when the reputation information cannot be accessed.
  - 7. A method as recited in claim 1, wherein the providing includes blocking activation of the link when the reputation information indicates a risk to the user in accessing one or more of:
    - the accessible content associated with the link;
      
      one or more sources associated with the link;
      
      one or more applications associated with the link.
  - 8. A method as recited in claim 7, further comprising enabling the user to override the blocking.
  - 9. A method as recited in claim 1, further comprising enabling the user to provide comments regarding a quality of the reputation information.

10. A computer-readable medium having computer-readable instructions residing thereon that, when executed, perform acts comprising:
- recognizing links to accessible content in text of a document;
  
  presenting in the document a link to the accessible content, the presenting including indicating whether the link has reputation information associated to it,wherein the reputation information includes a history of an application associated with the link to the accessible content and a history of a device storing the accessible content, the history of the device indicating a reputation for the device based on a likelihood of the device to disseminate malware and a length of an access time for retrieving content from the device;
  
  allowing a user to designate the link without activating the link;
  
  requesting reputation information associated with the link from a plurality of caches when the user designates the link, wherein the requesting includes a first query to a local reputation cache and a subsequent query to a remote cache, when the first query fails to produce a desired reputation information,wherein the local cache comprises a subset of the remote cache, the subset including reputation information that changes less often than reputation information of the remote cache not included in the subset; and
  
  displaying the reputation information associated with the link to the user in a categorized pull down menu, the pull down menu displaying the reputation information and at least one category of the reputation information, the at least one category being based on content, an application, and/or a device with which the link is associated.
- View Dependent Claims (11, 12, 13)
- - 11. A computer-readable medium as recited in claim 10 having a set of computer-readable instructions that, when executed, perform acts further comprising placing an icon proximate to the link, wherein the user can designate the link by selecting the icon.
  - 12. A computer-readable medium as recited in claim 10 having a set of computer-readable instructions that, when executed, perform acts further comprising enabling prepopulation of the cache with reputation information for the link.
  - 13. A computer-readable medium as recited in claim 10 having a set of computer-readable instructions that, when executed, perform acts further comprising recommending that the user forego activation of the link if too little reputation information exists in the cache to indicate that a risk of activating the link is below an acceptable threshold.

14. A computing-based device comprising:
- a processor;
  
  a memory including a content reputation module comprising;
  
  a content recognition module configured to identify links to accessible content in a document and to present in the document a link to the accessible content such that the presentation indicates whether the link has reputation information associated to it; and
  
  a customer action module configured to react to a designation of a link to accessible content in the document by retrieving reputation information associated with the link, the reputation information including a history of an application associated with the link to the accessible content and a history of a device storing the accessible content, the history of the device indicating a reputation for the device based on a likelihood of the device to disseminate malware and a length of an access time for retrieving content from the device,wherein the reputation information can be used to assess a risk of activating the link, wherein the customer action module is configured to first query a local reputation cache for the reputation information, and the customer action module is configured to next query a remote cache for the reputation information when the first query fails to produce a desired reputation information,wherein the local reputation cache comprises a subset of the remote cache, the subset including reputation information that changes less often than reputation information of the remote cache not included in the subset,the customer action module further configured to display the reputation information associated with the link to a user in a categorized pull down menu, the pull down menu displaying the reputation information and at least one category of the reputation information, the at least one category being based on content, an application, and/or a device with which the link is associated.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
- - 15. A computing-based device as recited in claim 14, wherein the document includes one or more of:
    - a webpage;
      
      an instant messaging window;
      
      an email message;
      
      a page presented in a word processing application;
      
      content presented in an application.
  - 16. A computing-based device as recited in claim 14, wherein the customer action module is configured to block activation of the link when the reputation information indicates a risk to the user in accessing one or more of:
    - the accessible content;
      
      an application configured to access the accessible content upon activation of the link to accessible content;
      
      one or more sources on which the accessible content resides.
  - 17. A computing-based device as recited in claim 14, wherein the customer action module is further configured to allow a user of the computing-based device to comment on a quality of the reputation information.
  - 18. A computing-based device as recited in claim 14, further comprising the local cache.
  - 19. A computing-based device as recited in claim 14, wherein the document includes a word processing document presented in a word processing application.
  - 20. A computing-based device as recited in claim 14, wherein the content recognition module is configured to present one or more links for which reputation information exists by one or more of:
    - underlining the one or more links;
      
      shading the one or more links;
      
      presenting the one or more links in a different color than that of surrounding text;
      
      including one or more icons proximate the one or more links.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Iverson, Kristofer N.
Primary Examiner(s)
Hong, Stephen S
Assistant Examiner(s)
YANG, I CHAN

Application Number

US11/759,401
Publication Number

US 20080303689A1
Time in Patent Office

1,475 Days
Field of Search

715205-208, 715/738, 715/741, 709/225, 713/164, 713/166, 713/167
US Class Current

715/205
CPC Class Codes

H04L 63/1441 Countermeasures against mal...

Accessible content reputation lookup

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Accessible content reputation lookup

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links