Reputation based load balancing
First Claim
Patent Images
1. Non-transitory computer readable media encoded with a computer program comprising instructions executable by data processing apparatus that cause the data processing apparatus to perform operations comprising:
- receive incoming and outgoing communications for a computer network;
determine an external entity associated with a communication;
derive a reputation vector for the external entity, the reputation vector comprising an aggregation of reputation information indicating the reputation of the external entity for sending malicious communications, the information including data related to reputable and non-reputable criteria in a plurality of categories comprising a plurality of different types of communications; and
select, based on the reputation vector, a subset of tests to perform on the communication, each of the tests in the subset of tests being selected from a plurality of tests, each of the plurality of tests being a respective test that is selected for a communication when a reputation vector for the external entity associated with the communication indicates a non-reputable activity displayed by the external entity.
11 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems for operation upon one or more data processors for efficiently processing communications based upon reputation of an entity associated with the communication.
-
Citations
14 Claims
-
1. Non-transitory computer readable media encoded with a computer program comprising instructions executable by data processing apparatus that cause the data processing apparatus to perform operations comprising:
-
receive incoming and outgoing communications for a computer network; determine an external entity associated with a communication; derive a reputation vector for the external entity, the reputation vector comprising an aggregation of reputation information indicating the reputation of the external entity for sending malicious communications, the information including data related to reputable and non-reputable criteria in a plurality of categories comprising a plurality of different types of communications; and select, based on the reputation vector, a subset of tests to perform on the communication, each of the tests in the subset of tests being selected from a plurality of tests, each of the plurality of tests being a respective test that is selected for a communication when a reputation vector for the external entity associated with the communication indicates a non-reputable activity displayed by the external entity. - View Dependent Claims (2, 3)
-
-
4. Non-transitory computer readable media encoded with a computer program comprising instructions executable by data processing apparatus that cause the data processing apparatus to perform operations comprising:
-
receive incoming and outgoing communications for a computer network; determine external entities associated with the communications; for each communication, derive a reputation vector for the external entity associated with the communication, the reputation vector comprising an aggregation of reputation information indicating the reputation of the external entity for sending malicious communications, the information including data related to reputable and non-reputable criteria in a plurality of categories comprising a plurality of different types of communications; for each communication, prioritize the communication based on the reputation vector associated with the communication, the prioritizing assigning a high priority to communications where the external entity is a reputable entity, and assigning a low priority to communications where the external entity is a non-reputable entity; and perform a plurality of tests on the communications, each of the tests being performed for the communications according to the priorities of the communications so that an impact on a quality of service for reputable entities is minimized at the expense of a quality of service for non-reputable entities. - View Dependent Claims (5, 6)
-
-
7. A computer implemented method performed by one or more computer servers, comprising:
-
receiving incoming and outgoing communications for a computer network; determining external entities associated with the communications; for each communication, deriving a reputation vector for the external entity associated with the communication, the reputation vector comprising an aggregation of reputation information indicating the reputation of the external entity for sending malicious communications, the information including data related to reputable and non-reputable criteria in a plurality of categories comprising a plurality of different types of communications; for each communication, prioritizing the communication based on the reputation vector associated with the communication, the prioritizing assigning a high priority to communications where the external entity is a reputable entity, and assigning a low priority to communications where the external entity is a non-reputable entity; and performing a plurality of tests on the communications, each of the tests being performed for the communications according to the priorities of the communications so that an impact on a quality of service for reputable entities is minimized at the expense of a quality of service for non-reputable entities. - View Dependent Claims (8, 9)
-
-
10. A computer implemented method performed by one or more computer servers, comprising:
-
receiving incoming and outgoing communications for a computer network; determining an external entity associated with a communication; deriving a reputation vector for the external entity, the reputation vector comprising an aggregation of reputation information indicating the reputation of the external entity for sending malicious communications, the information including data related to reputable and non-reputable criteria in a plurality of categories comprising a plurality of different types of communications; and selecting, based on the reputation vector, a subset of tests to perform on the communication, each of the tests in the subset of tests being selected from a plurality of tests, each of the plurality of tests being a respective test that is selected for a communication when a reputation vector for the external entity associated with the communication indicates a non-reputable activity displayed by the external entity. - View Dependent Claims (11, 12)
-
-
13. A system, comprising:
-
at least one processor device; at least one memory element; and a network security system adapted, when executed by the at least one processor device, to perform operations comprising; receiving incoming and outgoing communications for a computer network; determining an external entity associated with a communication; deriving a reputation vector for the external entity, the reputation vector comprising an aggregation of reputation information indicating the reputation of the external entity for sending malicious communications, the information including data related to reputable and non-reputable criteria in a plurality of categories comprising a plurality of different types of communications; and selecting, based on the reputation vector, a subset of tests to perform on the communication, each of the tests in the subset of tests being selected from a plurality of tests, each of the plurality of tests being a respective test that is selected for a communication when a reputation vector for the external entity associated with the communication indicates a non-reputable activity displayed by the external entity.
-
-
14. A system, comprising
at least one processor device; -
at least one memory element; and a network security system adapted, when executed by the at least one processor device, to perform operations comprising; receiving incoming and outgoing communications for a computer network; determining external entities associated with the communications; for each communication, deriving a reputation vector for the external entity associated with the communication, the reputation vector comprising an aggregation of reputation information indicating the reputation of the external entity for sending malicious communications, the information including data related to reputable and non-reputable criteria in a plurality of categories comprising a plurality of different types of communications; for each communication, prioritizing the communication based on the reputation vector associated with the communication, the prioritizing assigning a high priority to communications where the external entity is a reputable entity, and assigning a low priority to communications where the external entity is a non-reputable entity; and performing a plurality of tests on the communications, each of the tests being performed for the communications according to the priorities of the communications so that an impact on a quality of service for reputable entities is minimized at the expense of a quality of service for non-reputable entities.
-
Specification