Activity filtering based on trust ratings of network
First Claim
1. A method of filtering activities of nodes interacting with a device having a processor and having access to a border gateway protocol routing table, the nodes connected to the device through a network and respectively having a network address, the method comprising:
- executing on the processor instructions configured to;
for respective network entities represented by an autonomous system number in the border gateway protocol routing table;
for respective nodes interacting with the device;
evaluate at least one activity of the node; and
assign to the node a node trust rating based on evaluated activities of the node; and
assign to the network entity a network entity trust rating based on evaluated activities of the nodes having a network address associated, according to the border gateway protocol routing table, with the autonomous system number of the network entity; and
filter activities of a node interacting with the device by;
determining, according to the border gateway protocol routing table, the network entity having an autonomous system number associated with the network address of the node;
comparing the network entity trust rating of the network entity with the node trust rating assigned to the node;
if the node has been assigned a node trust rating that is higher than the network entity trust rating of the network entity, filtering activities of the node based on the node trust rating rather than the network entity trust rating; and
if the node has not been assigned a node trust rating that is higher than the network entity trust rating of the network entity, filtering activities of the node based on the network entity trust rating of the network entity.
2 Assignments
0 Petitions
Accused Products
Abstract
The filtering of activities generated by nodes of a network while interacting with a device may be performed by evaluating the desirability of the activities (e.g., a spam or not-spam determination of email messages sent by the node) and assigning a trust rating to the node. However, nodes are often identified by network address, and an operator of a node sending undesirable activities may reassign the network address of the node in order to avoid heavy filtering. Instead, nodes may be identified as being controlled by a network entity (e.g., an autonomous system identified in a border gateway protocol routing table.) The network entity is assigned a network entity trust rating based on the trust ratings of the nodes controlled thereby, and an appropriate level of activity filtering based on the network entity trust rating may be selected for subsequent activities received from all nodes controlled by the network entity.
-
Citations
20 Claims
-
1. A method of filtering activities of nodes interacting with a device having a processor and having access to a border gateway protocol routing table, the nodes connected to the device through a network and respectively having a network address, the method comprising:
executing on the processor instructions configured to; for respective network entities represented by an autonomous system number in the border gateway protocol routing table; for respective nodes interacting with the device; evaluate at least one activity of the node; and assign to the node a node trust rating based on evaluated activities of the node; and assign to the network entity a network entity trust rating based on evaluated activities of the nodes having a network address associated, according to the border gateway protocol routing table, with the autonomous system number of the network entity; and filter activities of a node interacting with the device by; determining, according to the border gateway protocol routing table, the network entity having an autonomous system number associated with the network address of the node; comparing the network entity trust rating of the network entity with the node trust rating assigned to the node; if the node has been assigned a node trust rating that is higher than the network entity trust rating of the network entity, filtering activities of the node based on the node trust rating rather than the network entity trust rating; and if the node has not been assigned a node trust rating that is higher than the network entity trust rating of the network entity, filtering activities of the node based on the network entity trust rating of the network entity. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
17. A system configured to filter activities of nodes interacting with a device having a memory device and a processor and having access to a border gateway protocol routing table, the nodes connected to the device through a network and respectively having a network address, the system comprising:
-
a node activity trust rating component comprising instructions stored in the memory device that, when executed on the processor, cause the device to, for nodes interacting with the device and having a network address associated, according to the border gateway protocol routing table, with the autonomous system number of a network entity; evaluate at least one activity of the node; and assign to the node a node trust rating based on evaluated activities of the node; a network entity trust rating component comprising instructions stored in the memory device that, when executed on the processor, cause the device to, for respective network entities, assign to the network entity a network entity trust rating based on evaluated activities of nodes having network addresses associated, according to the border gateway protocol routing table, with the autonomous system number of the network entity; and a node activity filtering component comprising instructions stored in the memory device that, when executed on the processor, cause the device to filter activities of a node interacting with the device by; determining the network entity having an autonomous system number associated, according to the border gateway protocol routing table, with the network address of the node; and comparing the network entity trust rating of the network entity with the node trust rating assigned to the node; if the node has been assigned a node trust rating that is higher than the network entity trust rating of the network entity, filtering activities of the node based on the node trust rating rather than the network entity trust rating; and if the node has not been assigned a node trust rating that is higher than the network entity trust rating of the network entity, filtering activities of the node based on the network entity trust rating of the network entity. - View Dependent Claims (18, 19)
-
-
20. A memory device storing instructions that, when executed on a processor of a device having access to a border gateway protocol routing table, cause the device to filter activities of nodes interacting with the device through a network, by:
-
for respective network entities represented by an autonomous system number in the border gateway protocol routing table; for respective nodes interacting with the device; evaluate at least one activity of the node; and assign to the node a node trust rating based on evaluated activities of the node; and assigning to the network entity a network entity trust rating based on evaluated activities of the nodes having a network address associated, according to the border gateway protocol routing table, with the autonomous system number of the network entity; and filtering activities of a node interacting with the device by; determining, according to the border gateway protocol routing table, the network entity having an autonomous system number associated with the network address of the node; comparing the network entity trust rating of the network entity with the node trust rating assigned to the node; if the node has been assigned a node trust rating that is higher than the network entity trust rating of the network entity, filtering activities of the node based on the node trust rating rather than the network entity trust rating; and if the node has not been assigned a node trust rating that is higher than the network entity trust rating of the network entity, filtering activities of the node based on the network entity trust rating of the network entity.
-
Specification