Resisting the spread of unwanted code and data
First Claim
Patent Images
1. A method for resisting spread of unwanted code and data without scanning incoming electronic files for unwanted code and data, the method comprising the steps, performed by a computer system, of:
- (a) receiving an incoming electronic file containing content data in a predetermined file type corresponding to a set of rules;
(b) determining a purported predetermined file type of the incoming electronic file;
(c) parsing the content data in accordance with a predetermined data format comprising a set of rules corresponding to the determined purported predetermined file type; and
(d) if the content data does conform to the predetermined data format, regenerating the conforming parsed content data to create a substitute regenerated electronic file in the purported file type, said substitute regenerated electronic file containing the regenerated content datawherein step (c) includes determining conforming data in the content data that conform to the predetermined data format and determining nonconforming data in the content data that does not conform to the predetermined data format, andthe method further comprises;
passing the nonconforming data to a threat filter,maintaining data indicating authorized data sources and for each data source, data types acceptable from the data source;
determining, by the threat filter, that the nonconforming data is not a threat, if (i) a source of the content data is one of the authorized data sources and (ii) a data type of the nonconforming data is one of the data types acceptable from the source; and
adding the nonconforming data to said substitute regenerated electronic file, if the threat filter determines that the nonconforming data is not a threat.
2 Assignments
0 Petitions
Accused Products
Abstract
A method or system of receiving an electronic file containing content data in a predetermined data format, the method comprising the steps of: receiving the electronic file, determining the data format, parsing the content data, to determine whether it conforms to the predetermined data format, and if the content data does conform to the predetermined data format, regenerating the parsed data to create a regenerated electronic file in the data format.
89 Citations
21 Claims
-
1. A method for resisting spread of unwanted code and data without scanning incoming electronic files for unwanted code and data, the method comprising the steps, performed by a computer system, of:
-
(a) receiving an incoming electronic file containing content data in a predetermined file type corresponding to a set of rules; (b) determining a purported predetermined file type of the incoming electronic file; (c) parsing the content data in accordance with a predetermined data format comprising a set of rules corresponding to the determined purported predetermined file type; and (d) if the content data does conform to the predetermined data format, regenerating the conforming parsed content data to create a substitute regenerated electronic file in the purported file type, said substitute regenerated electronic file containing the regenerated content data wherein step (c) includes determining conforming data in the content data that conform to the predetermined data format and determining nonconforming data in the content data that does not conform to the predetermined data format, and the method further comprises; passing the nonconforming data to a threat filter, maintaining data indicating authorized data sources and for each data source, data types acceptable from the data source; determining, by the threat filter, that the nonconforming data is not a threat, if (i) a source of the content data is one of the authorized data sources and (ii) a data type of the nonconforming data is one of the data types acceptable from the source; and adding the nonconforming data to said substitute regenerated electronic file, if the threat filter determines that the nonconforming data is not a threat. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
Specification