×

Managing infectious forwarded messages

  • US 10,069,851 B2
  • Filed: 01/11/2016
  • Issued: 09/04/2018
  • Est. Priority Date: 07/13/2004
  • Status: Expired due to Fees
First Claim
Patent Images

1. A method for evaluating a file attached to an electronic message for the presence of a virus, the method comprising:

  • receiving an electronic message at a computing device, the electronic message including an attachment having a file name, the computing device including at least a first virus detection routine stored in memory; and

    executing instructions stored in memory of the computing device, wherein execution of the instructions by a processor of the computing device;

    applies at least a signature matching test that outputs a probability that the attachment includes a virus,quarantines the electronic message when the outputted probability that the attachment includes a virus exceeds a predetermined threshold,searches for another virus detection test stored in memory when the outputted probability that the attachment includes a virus does not exceed the predetermined threshold, wherein the other virus detection test found is a probabilistic finite state automata test,applies the probabilistic finite state automata test, wherein the probability that the attachment includes the virus is updated based on the other virus detection test,quarantines the electronic message when the updated probability that the attachment includes a virus exceeds the predetermined threshold,identifies that the message is similar to other messages associated with a computer network, wherein the identification that the message is similar to one or more the other message is based on a model built from known messages;

    identifies that an amount of similar message traffic associated with the computer network, wherein the similar message traffic is identified based on the model;

    updates the probability that the attachment includes the virus based on the amount of similar message traffic; and

    identifies the electronic message is free of viruses when the updated probability that the attachment includes the virus does not exceed the predetermined threshold.

View all claims
  • 30 Assignments
Timeline View
Assignment View
    ×
    ×