Methods for automatic categorization of internal and external communication for preventing data loss
First Claim
1. A method, executing on hardware, for automatic categorization of internal and external communication, the method comprising the steps of:
- (a) defining groups of entities that use hardware to transmit data;
(b) monitoring data flow of said groups;
(c) extracting said data, from said data flow, for learning traffic-flow characteristics of said groups;
(d) classifying said data into group flows;
(e) upon said data being transmitted, checking said data to determine whether said data is designated as group-internal; and
(f) if said data is designated as group-internal;
blocking said transmission of said data beyond said group to which said data is group-internal.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed are methods for automatic categorization of internal and external communication, the method including the steps of: defining groups of entities that transmit data; monitoring data flow of the groups; extracting the data, from the data flow, for learning traffic-flow characteristics of the groups; classifying the data into group flows; upon the data being transmitted, checking the data to determine whether the data is designated as group-internal; and blocking data traffic for data that is group-internal. Preferably, the step of monitoring includes assigning data weights to the data using Bayesian methods. Most preferably, the step of classifying includes classifying the data using Bayesian methods for evaluating the data weights. Preferably, the step of blocking includes blocking data traffic between members of two or more groups. Preferably, the method further includes the step of: enabling an authorized entity to unblock the data traffic.
41 Citations
16 Claims
-
1. A method, executing on hardware, for automatic categorization of internal and external communication, the method comprising the steps of:
-
(a) defining groups of entities that use hardware to transmit data; (b) monitoring data flow of said groups; (c) extracting said data, from said data flow, for learning traffic-flow characteristics of said groups; (d) classifying said data into group flows; (e) upon said data being transmitted, checking said data to determine whether said data is designated as group-internal; and (f) if said data is designated as group-internal;
blocking said transmission of said data beyond said group to which said data is group-internal. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A non-transitory computer-readable storage medium having computer-readable code embodied on the computer-readable storage medium, the computer-readable code comprising:
-
(a) program code for defining groups of entities that use hardware to transmit data; (b) program code for monitoring data flow of said groups; (c) program code for extracting said data, from said data flow, for learning traffic-flow characteristics of said groups; (d) program code for classifying said data into group flows; (e) program code for, upon said data being transmitted, checking said data to determine whether said data is designated as group-internal; and (f) program code for;
if said data is designated as group-internal;
blocking said transmission of said data beyond said group to which said data is group-internal. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
Specification