System and method for dynamic spam detection

US 8,948,795 B2
Filed: 05/08/2012
Issued: 02/03/2015
Est. Priority Date: 05/08/2012
Status: Active Grant

First Claim

Patent Images

1. Within a message processing entity a computer-implemented method for detecting spam, the computer-implemented method comprising:

receiving, at a gateway, a Short Message Service (SMS) message, the SMS message comprising an originating address and a destination address;

processing the SMS message, including at least;

updating, in a cache, an entry for the originating address, including at least incrementing by one a first counter in the cache entry when the destination address is unique for the originating address within a first time window representative of a first period of time,evaluating a value of the first counter for the cache entry;

evaluating a value of a second counter that was operative within a second time window representative of a second period of time prior to the first period of time and incremented by one when, upon receipt of another SMS message, the destination address thereof was unique for the originating address, andwhen the value of the first counter and the value of the second counter exceed respective defined thresholds setting a spam indicator; and

responsive to the spam indicator being set, performing one or more remediation activities including at least updating a blacklist.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A flexible, extensible, and dynamically configurable anti-spam facility that operates on a general quanta of data (such as for example a Short Message Service message, a Multimedia Message Service message, an Internet Protocol Multimedia Subsystem message, a Wireless Application Protocol stream, an Electronic Mail message, an Instant Messaging exchange, streaming (audio, video, etc.) data, etc.), innovatively analyzes various attributes of same (such as for example originating address and destination address), and—when an instance of spam is identified—performs one or more remediation activities (such as for example updating a blacklist, updating a greylist, dropping a message, issuing an alert, etc.). The facility may optionally leverage the capabilities of a centrally-located Messaging Inter-Carrier Vendor.

72 Citations

View as Search Results

10 Claims

1. Within a message processing entity a computer-implemented method for detecting spam, the computer-implemented method comprising:
- receiving, at a gateway, a Short Message Service (SMS) message, the SMS message comprising an originating address and a destination address;
  
  processing the SMS message, including at least;
  
  updating, in a cache, an entry for the originating address, including at least incrementing by one a first counter in the cache entry when the destination address is unique for the originating address within a first time window representative of a first period of time,evaluating a value of the first counter for the cache entry;
  
  evaluating a value of a second counter that was operative within a second time window representative of a second period of time prior to the first period of time and incremented by one when, upon receipt of another SMS message, the destination address thereof was unique for the originating address, andwhen the value of the first counter and the value of the second counter exceed respective defined thresholds setting a spam indicator; and
  
  responsive to the spam indicator being set, performing one or more remediation activities including at least updating a blacklist.
- View Dependent Claims (2, 3, 4)
- - 2. The computer-implemented method of claim 1, wherein the cache is implemented through one or more of (a) memory storage and (b) disk storage.
  - 3. The computer-implemented method of claim 2, wherein the implementation employs a Database Management System.
  - 4. The computer-implemented method of claim 1, wherein the one or more remediation activities further includes one or more of (a) updating a greylist, (b) issuing an alert, and (c) dropping the SMS message.

5. Within a message processing entity a computer-implemented method for detecting spam, the computer-implemented method comprising:
- receiving, at a gateway, a Short Message Service (SMS) message;
  
  processing the SMS message, including at least creating a message processing artifact, the message processing artifact comprising an originating address and a destination address;
  
  updating, in a cache, an entry for the originating address, including at least incrementing by one a first counter in the cache entry when the destination address is unique for the originating address within a first time window representative of a first period of time; and
  
  accessing a second counter in the cache that was operative within a second time window representative of a second period of time prior to the first period of time and incremented by one when, upon receipt of another SMS message, the destination address thereof was unique for the originating address, and when the value of the first counter and the value of the second counter exceed respective defined thresholds, performing one or more remediation activities including at least updating a blacklist.
- View Dependent Claims (6, 7, 8, 9, 10)
- - 6. The computer-implemented method of claim 5, wherein the cache is implemented through one or more of (a) memory storage and (b) disk storage.
  - 7. The computer-implemented method of claim 6, wherein the implementation employs a Database Management System.
  - 8. The computer-implemented method of claim 5, wherein the accessing is performed on one or more of (a) a scheduled basis and (b) an as-needed basis.
  - 9. The computer-implemented method of claim 5, wherein the accessing is accomplished via one or more of (a) an Application Programming Interface, (b) direct memory operations, and (c) wrapper functions.
  - 10. The computer-implemented method of claim 5, wherein the one or more remediation activities further includes one or more of (a) updating a greylist and (b) issuing an alert.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sybase 365 Incorporated (SAP SE)
Original Assignee
Sybase 365 Incorporated (SAP SE)
Inventors
Dudley, William H.
Primary Examiner(s)
Edouard, Patrick
Assistant Examiner(s)
HEIBER, SHANTELL LAKETA

Application Number

US13/466,298
Publication Number

US 20130303204A1
Time in Patent Office

1,001 Days
Field of Search

711/163, 711/167
US Class Current

455/466
CPC Class Codes

H04L 51/212   using filtering or selectiv...

H04L 51/58   Message adaptation for wire...

H04W 12/128   Anti-malware arrangements, ...

H04W 88/16   Gateway arrangements

System and method for dynamic spam detection

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

72 Citations

10 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for dynamic spam detection

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

72 Citations

10 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links