Electronic Message Source Reputation Information System
First Claim
1. A network traffic filtering system for filtering a flow of electronic messages across a computer network, the system comprising:
- an engine configured to generate a source reputation profile based on reputation data associated with a source IP address;
a profile database associated with the engine for storing the reputation data; and
wherein the engine is further configured to provide the source reputation profile to an external system.
3 Assignments
0 Petitions
Accused Products
Abstract
Disclosed herein are filtering systems and methods that employ an electronic message source reputation system. The source reputation system maintains a pool of source Internet Protocol (IP) address information, in the form of a Real-Time Threat Identification Network (“RTIN”) database, which can provide the reputation of source IP addresses, which can be used by customers for filtering network traffic. The source reputation system provides for multiple avenues of access to the source reputation information. Examples of such avenues can include Domain Name Server (DNS)-type queries, servicing routers with router-table data, or other avenues.
128 Citations
39 Claims
-
1. A network traffic filtering system for filtering a flow of electronic messages across a computer network, the system comprising:
-
an engine configured to generate a source reputation profile based on reputation data associated with a source IP address;
a profile database associated with the engine for storing the reputation data; and
wherein the engine is further configured to provide the source reputation profile to an external system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A method of filtering a flow of electronic messages across a computer network, the method comprising:
-
receiving reputation data associated with a source IP address;
storing the reputation data;
generating a source reputation profile based on the reputation data; and
providing the source reputation profile to an external system. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
-
-
37. A method of generating source IP address reputation information, the method comprising:
-
receiving, from a source IP address, a current electronic message that appears to be spam;
querying a database in order to retrieve a time at which a previous electronic message suspected to be spam was received from the source IP address;
calculating an amount of elapsed time between receipt of the current electronic message and the time at which the previous electronic message was received;
determining whether the amount of elapsed time is less than a predetermined threshold value; and
identifying the source IP address as a source of spam if the amount of elapsed time is less than the predetermined threshold value. - View Dependent Claims (38, 39)
-
Specification