Propagation of viruses through an information technology network
First Claim
Patent Images
1. A method of restricting propagation of viruses in a network having a plurality of hosts, said method comprising the steps of:
- monitoring network traffic from a first host of the plurality of hosts and establishing a record which is at least indicative of identities of hosts to whom data has been sent by the first host; and
limiting, at the first host, sending of data from the first host to other hosts within the network over the course of a first time interval, so that during the first time interval the first host is able to send data to no more than a predetermined, greater than zero, number of hosts not in the record.
8 Assignments
0 Petitions
Accused Products
Abstract
Requests to send data from a first host within a network of hosts are monitored against a record of destination hosts that have been sent data in accordance with a predetermined policy. Destination host identities (not the record) are stored in a buffer. The buffer size is monitored to determine whether requests from the first host are pursuant to viral activity therein.
22 Citations
35 Claims
-
1. A method of restricting propagation of viruses in a network having a plurality of hosts, said method comprising the steps of:
-
monitoring network traffic from a first host of the plurality of hosts and establishing a record which is at least indicative of identities of hosts to whom data has been sent by the first host; and limiting, at the first host, sending of data from the first host to other hosts within the network over the course of a first time interval, so that during the first time interval the first host is able to send data to no more than a predetermined, greater than zero, number of hosts not in the record. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
-
-
32. A host having a gateway for outbound data intended for destination hosts, the gateway being adapted to:
-
monitor internal requests to send data from said host to the destination hosts; maintain a record of identities of destination hosts in a network to which data has been sent from said host; and prevent dispatch of data from said host, over the course of a first time interval, to more than a predetermined, non-zero number of destination hosts whose identities are not in the record. - View Dependent Claims (33, 34)
-
-
35. A method of restricting propagation of viruses from a first host in a network having a plurality of hosts, said method comprising the steps of:
-
providing, at the first host, a gateway for limiting sending of data from the first host to other hosts of said plurality; monitoring network traffic from the first host and establishing a record which is at least indicative of identities of hosts to which the gateway has allowed the first host to send data; and controlling the gateway to limit the sending of data from the first host to other hosts within the network over the course of a first time interval, so that during the first time interval the first host is allowed to send data to no more than a predetermined number, greater than zero, of hosts not in the record.
-
Specification