Dynamic combatting of SPAM and phishing attacks

US 8,209,381 B2
Filed: 01/19/2007
Issued: 06/26/2012
Est. Priority Date: 01/19/2007
Status: Active Grant

First Claim

Patent Images

1. A system for detecting an abusive activity over a network, comprising:

a first computer robot (bot) that is configured to perform actions, including;

proactively sending a first message in a chat room;

receiving a response to the first message; and

if the response indicates an abusive activity in the chat room, determining a source of the response, and transmitting the response and the determined source of the response over the network;

a second computer robot that is configured to perform actions, including;

changing a status for the second computer robot to offline within the chat room without advertising an account identifier that uniquely identifies the second computer robot to the first computer robot such that a presence of the second computer robot is unacknowledged in the chat room;

listening by the second computer robot for a second message; and

if the second message is received by the second computer robot at the unadvertised account identifier, identifying the second message as an abusive message; and

a network device that is configured to perform actions, including;

receiving the response and the determined source of the response;

dynamically revising a filter to block another message based on the response or the determined source; and

dynamically retraining the first computer robot based, in part, on the response, the determined source, and information from the blocking filter, and the second computer robot, such that the first computer robot learns and adapts based on shared collective information.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A self training set of robots are configured to proactively search for selective communication abuses over a network. Robots may enter a chat room to proactively send messages. The robots then analyze patterns and/or content of a received message for potential abuse. Robots may also passively reside on/off line without publishing their network address. If a message is received, the message may be interpreted to be SPAM/SPIM. Robots may also perform a variety of other actions, such as access websites, and analyze received messages to determine if the messages indicate abuse. If abuse is detected, information may also be obtained to enable blocking or filtering of future messages from the sender, or access to/from an abusive website. The information also may be used to retrain robots, so that the robots may learn from and share their collective knowledge of abusive actions.

74 Citations

View as Search Results

20 Claims

1. A system for detecting an abusive activity over a network, comprising:
- a first computer robot (bot) that is configured to perform actions, including;
  
  proactively sending a first message in a chat room;
  
  receiving a response to the first message; and
  
  if the response indicates an abusive activity in the chat room, determining a source of the response, and transmitting the response and the determined source of the response over the network;
  
  a second computer robot that is configured to perform actions, including;
  
  changing a status for the second computer robot to offline within the chat room without advertising an account identifier that uniquely identifies the second computer robot to the first computer robot such that a presence of the second computer robot is unacknowledged in the chat room;
  
  listening by the second computer robot for a second message; and
  
  if the second message is received by the second computer robot at the unadvertised account identifier, identifying the second message as an abusive message; and
  
  a network device that is configured to perform actions, including;
  
  receiving the response and the determined source of the response;
  
  dynamically revising a filter to block another message based on the response or the determined source; and
  
  dynamically retraining the first computer robot based, in part, on the response, the determined source, and information from the blocking filter, and the second computer robot, such that the first computer robot learns and adapts based on shared collective information.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The system of claim 1, wherein the first computer robot is further configured to send another message in a different online messaging application, comprising at least one of an instant messaging, Short Messaging Service, or email.
  - 3. The system of claim 2, wherein the first computer robot is further configured to perform actions, including:
    - if the response to the other message indicates an abusive activity in the different messaging application, determining a source of the response to the other message, and transmitting the response and the determined source to the network device.
  - 4. The system of claim 1, wherein the second computer robot employs a previously deactivated identifier.
  - 5. The system of claim 4, the second computer robot being configured to perform actions, further comprising:
    - sending the determined source of the second message to the network device, wherein the network device is further configured to dynamically revise the filter to block messages from the determined source of the second message, and to dynamically retrain at least one robot based on information associated with the second message.
  - 6. The system of claim 1, wherein the network device further comprises an integration service for use in deactivating an account, or revising a filter to block messages.
  - 7. The system of claim 1, wherein the first computer robot further comprises at least one of a chat process, an offline messaging process, or an online messaging process.

8. A non-transitory, processor readable storage medium having computer-executable instructions, wherein the execution of the computer-executable instructions provides for detecting an abusive activity by enabling actions, including:
- generating at least one first robot that is configured to proactively send a first message within a chat room, to receive and to analyze a response to the first message, and if the response indicates an abusive activity, determining a source of the response;
  
  receiving the response, and the determined source of the response, from the at least one first robot;
  
  generating at least one second robot that is configured to perform actions, including;
  
  changing a status for the at least one second robot within the chat room such that the at least one second robot does not advertise an account identifier that uniquely identifies the at least one second robot to the at least one first robot such that a presence of the at least one second robot within the chat room is unacknowledged;
  
  listening for a message sent to the unadvertised account identifier, absent sending a message by the at least one second robot; and
  
  when a message is detected that is sent to the unadvertised account identifier, identifying the message sent to the unadvertised account identifier as an abusive message;
  
  dynamically revising a filter to block another message based on the determined source or the response; and
  
  dynamically training the at least one first robot and the at least one second robot based on the response and the determined source, and information about the revised filter, such that the at least one first robot and the at least one second robot learn and adapt based on shared collective information.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The non-transitory, processor readable storage medium of claim 8, wherein dynamically training the at least one first robot, further comprises, configuring the at least one first robot to monitor for abusive activity in a different messaging application, based on the response or the determined source.
  - 10. The non-transitory, processor readable storage medium of claim 8, wherein the at least one first robot is further configured to move from the chat room to another chat room and to further proactively send another message within the other chat room to detect abusive activity in the other chat room.
  - 11. The non-transitory, processor readable storage medium of claim 8, wherein the at least one first robot is further configured to move to another messaging application, and without advertising an account identifier, listening for another message sent to the at least one first robot.
  - 12. The non-transitory, processor readable storage medium of claim 11, wherein the at least one first robot, if further configured such that if the other message is received in the other messaging application, identifying the other message as an abusive activity.
  - 13. The non-transitory, processor readable storage medium of claim 8, wherein at least one robot is configured to be deactivated based on at least one of a time period being exceeded, or a condition being satisfied.

14. A method in a first computer robot for detecting abusive activity within a messaging application over a network, operating within at least one computer network device and that performs actions comprising:
- deploying passively within a first messaging application, without advertising an account identifier that uniquely identifies the first computer robot to at least a second computer robot such that a presence of the first computer robot within the message application is unacknowledged in the first messaging application;
  
  listening for a message directed to the first computer robot, absent sending of a message within the message application;
  
  if a message is received within the first messaging application, directed to the unadvertised first computer robot'"'"'s account identifier;
  
  identifying the message as abusive activity;
  
  determining a source of the message; and
  
  providing the message, and the determined source of the message to a network device for use in filtering another message from the determined source, and to further train the first computer robot based on shared collective information from a plurality of computer robots, such that the first computer robot is enabled to monitor for another message from the determined source in a second messaging application.
- View Dependent Claims (15, 16, 17)
- - 15. The method in the first computer robot of claim 14, further comprising:
    - logging into a chat room;
      
      proactively sending a chat message within the chat room;
      
      receiving a response to the chat message; and
      
      if the response to the chat message indicates abusive activity;
      
      determining a source of the response to the chat message, andproviding the response to the chat message, and the determined source to the network device for use in filtering another message from the determined source of the response to the chat message.
  - 16. The method in the first computer robot of claim 15, wherein the first computer robot is configured to log into a different chat room and to proactively send another chat message.
  - 17. The method in the first computer robot of claim 14, wherein the first computer robot is further configured to become deactivated based in part on satisfaction of a time period or an event.

18. A method, operating within at least one computer network device, of detecting an abusive activity over a network within a messaging application, comprising:
- generating a first computer robot that is configured to proactively send a first message within a first messaging application, to receive and to analyze a response to the first message, and if the response indicates an abusive activity, determining a source of the response;
  
  generating a second computer robot that is configured to perform actions, including;
  
  logging the second computer robot into an account for the first messaging application without advertising an account identifier that uniquely identifies the second computer robot to the first computer robot such that a presence of the second computer robot is unacknowledged on the network within the first messaging application;
  
  listening by the second computer robot for a second message; and
  
  if the second message is received by the second computer robot at the unadvertised account identifier, identifying the second message as an abusive message, and further determining a second source for the second message;
  
  dynamically revising a filter to block another message from the determined source or based on the response and further revising the filter to block another message from the second source; and
  
  dynamically training the first computer robot based on the response, the determined source, and second source such that the first computer robot learns and adapts based on shared collective information, such that the first computer robot is enabled to detect another abusive activity based, in part, on the response or the determined source in another messaging application.
- View Dependent Claims (19, 20)
- - 19. The method of claim 18, wherein the first messaging application is at least one of a chat room, a website, instant messaging, short messaging service, or email.
  - 20. The method of claim 18, wherein the method is embodied in computer executable instructions stored within a portable computer-readable storage device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Verizon Patent and Licensing Incorporated (Verizon Communications Inc.)
Original Assignee
Yahoo! Inc. (Apollo Global Management, Inc.)
Inventors
Sinn, Richard, Libbey, Miles
Primary Examiner(s)
Moore, Ian N
Assistant Examiner(s)
Alexander, Jenee

Application Number

US11/625,193
Publication Number

US 20080177841A1
Time in Patent Office

1,985 Days
Field of Search

709204-207, 709/224, 706 15- 16
US Class Current

709/204
CPC Class Codes

H04L 51/212   using filtering or selectiv...

H04L 63/0263   Rule management

H04L 63/1416   Event detection, e.g. attac...

Dynamic combatting of SPAM and phishing attacks

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

74 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Dynamic combatting of SPAM and phishing attacks

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

74 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others