Methods and apparatus for blocking unwanted software downloads
DCFirst Claim
Patent Images
1. A method, comprising:
- intercepting at a Uniform Resource Locator (URL) filter module of a network device, an attempted download of a file from a URL;
categorizing by the URL filter module of the network device the URL into a URL category according to a URL database;
analyzing by a file type identifier module of the network device the file to determine its file type, wherein the file type of the file is determined by detecting one or more of a file type signature in the file and a file extension of the file, and identifying the file type of the file based on one or more of the file type signature detected in the file and the file extension of the file; and
blocking or not blocking the attempted download according to a decision output of a blocking decision module of the network device which receives as inputs the URL category and the file type, wherein (i) if the URL category indicates a blacklist, the decision output is to block the download, (ii) if the URL category indicates a whitelist, the decision output is to allow the download, otherwise, the URL category specifies a URL content category indicating a type of content provided by the URL, and the decision output is based on whether files of said file type are permitted for URLs in the URL content category.
12 Assignments
Litigations
1 Petition
Accused Products
Abstract
Methods and systems for blocking unwanted software downloads within a network. Such methods may thereby prevent (i) downloads of spyware from one or more identified locations, and/or (ii) certain outbound communications from the network and/or may also permit software downloads only from specified locations. In general, the policies are defined by rules specified by a network administrator or other user.
68 Citations
10 Claims
-
1. A method, comprising:
-
intercepting at a Uniform Resource Locator (URL) filter module of a network device, an attempted download of a file from a URL; categorizing by the URL filter module of the network device the URL into a URL category according to a URL database; analyzing by a file type identifier module of the network device the file to determine its file type, wherein the file type of the file is determined by detecting one or more of a file type signature in the file and a file extension of the file, and identifying the file type of the file based on one or more of the file type signature detected in the file and the file extension of the file; and blocking or not blocking the attempted download according to a decision output of a blocking decision module of the network device which receives as inputs the URL category and the file type, wherein (i) if the URL category indicates a blacklist, the decision output is to block the download, (ii) if the URL category indicates a whitelist, the decision output is to allow the download, otherwise, the URL category specifies a URL content category indicating a type of content provided by the URL, and the decision output is based on whether files of said file type are permitted for URLs in the URL content category. - View Dependent Claims (2, 3, 4)
-
-
5. A network device, comprising:
-
a processor; a storage device connected to the processor; and a set of instructions on the storage device that are executable by the processor, including; a Uniform Resource Locator (URL) filter software subroutine configured to intercept an attempted download of a file from a URL, and categorize the URL into a URL category according to a URL database; a file type identifier software subroutine configured to analyze the file to determine its file type, wherein the file type identifier software subroutine is further configured to determine the file type of the file by detecting one or more of a file type signature in the file and a file extension of the file, and identifying the file type of the file based on one or more of the file type signature detected in the file and the file extension of the file; and a blocking decision software subroutine configured to block or not block the attempted download according to a decision output of the blocking decision software subroutine which receives as inputs the URL category and the file type, wherein (i) if the URL category indicates a blacklist, the decision output is to block the download, (ii) if the URL category indicates a whitelist, the decision output is to allow the download, otherwise, the URL category specifies a URL content category indicating a type of content provided by the URL, and the decision output is based on whether files of said file type are permitted for URLs in the URL content category. - View Dependent Claims (6, 7)
-
-
8. A non-transitory machine-readable storage medium, comprising:
-
first software instructions that, when executed by a processor, cause the processor to intercept an attempted download of a file from a Uniform Resource Locator (URL);
second software instructions that, when executed by the processor, cause the processor to categorize the URL into a URL category according to a URL database;third software instructions that, when executed by the processor, cause the processor to analyze the file to determine its file type, wherein the file type of the file is determined by detecting one or more of a file type signature in the file and a file extension of the file, and identifying the file type of the file based on one or more of the file type signature detected in the file and the file extension of the file; and fourth software instructions that, when executed by the processor, cause the processor to block or not block the attempted download according to a decision output of a blocking rule based on the URL category and the file type, wherein (i) if the URL category indicates a blacklist, the decision output is to block the download, (ii) if the URL category indicates a whitelist, the decision output is to allow the download, otherwise, the URL category specifies a URL content category indicating a type of content provided by the URL, and the decision output is based on whether files of said file type are permitted for URLs in the URL content category. - View Dependent Claims (9, 10)
-
Specification