METHOD AND APPARATUS FOR AUTHENTICATING ELECTRONIC COMMUNICATION

US 20110010426A1
Filed: 09/17/2010
Published: 01/13/2011
Est. Priority Date: 10/07/2002
Status: Active Grant

First Claim

Patent Images

1. A method of authenticating an electronic communication, the method including:

parsing a header of the electronic communication to identify actual domain name data included in the header at a server receiving the electronic communication from a communication client;

parsing the header to obtain purported sender data included in the header of the electronic communication;

comparing the actual domain name data and purported sender data; and

generating in response to the comparison an authenticity indicator, to provide a recipient of the electronic communication with an indication of the likelihood that the electronic communication was sent from a purported sender of the electronic communication.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

One embodiment provides a method for authenticating an electronic communication. The method includes parsing a header of the electronic communication to identify actual domain name data included in the header at a server receiving the electronic communication from a communication client; parsing the header to obtain purported sender data included in the header of the electronic communication; comparing the actual domain name data and purported sender data; and generating in response to the comparison an authenticity indicator, to provide a recipient of the electronic communication with an indication of the likelihood that the electronic communication was sent from a purported sender of the electronic communication.

44 Citations

View as Search Results

20 Claims

1. A method of authenticating an electronic communication, the method including:
- parsing a header of the electronic communication to identify actual domain name data included in the header at a server receiving the electronic communication from a communication client;
  
  parsing the header to obtain purported sender data included in the header of the electronic communication;
  
  comparing the actual domain name data and purported sender data; and
  
  generating in response to the comparison an authenticity indicator, to provide a recipient of the electronic communication with an indication of the likelihood that the electronic communication was sent from a purported sender of the electronic communication.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, in which parsing the header to obtain purported sender data includes:
    - parsing the header to obtain purported sender domain name data in a “
      
      FROM;
      
      . . . ”
      
      field populated at the communication client, the purported sender domain name data being visible to a recipient of the electronic communication.
  - 3. The method of claim 1, in which parsing the header to obtain purported sender data includes:
    - parsing the header to obtain a purported IP Address of an originator of the electronic communication;
      
      interrogating a Domain Name Server (DNS) with the actual domain name data to obtain an associated IP address of an actual domain name;
      
      comparing the associated IP address with the purported IP address; and
      
      generating the authenticity indicator in response to the comparison.
  - 4. The method of claim 1, which is executed in conjunction with virus protection software.
  - 5. The method of claim 1, wherein the header of the electronic communication includes a visible communication header which is visible to the recipient when opening the electronic communication, and a transmission data communication header including received data included by at least one server via which the electronic communication is communicated, the method including investigating data in both the visible and transmission data communication headers.
  - 6. The method of claim 1, in which parsing the header to obtain purported domain name data includes:
    - parsing the header to obtain domain name data of each server via which the electronic communication has been communicated;
      
      comparing the domain name data of each server with reference domain name data; and
      
      generating the authenticity indicator in response to the comparison.
  - 7. The method of claim 6, wherein the reference domain name data includes domain names associated with spoofed electronic communication, the method including updating the reference domain name data in an automated fashion.
  - 8. The method of claim 7, wherein the reference domain name data is stored on a client machine, the method including:
    - connecting the client machine to a remote database of reference domain name data;
      
      downloading updated reference domain name data; and
      
      storing the reference domain name data on the client machine.

9. A machine-readable medium embodying a sequence of instructions that, when executed by a machine, cause the machine execute a method of authenticating an electronic communication, the method including:
- parsing a “
  
  received”
  
  field of a header of the electronic communication to identify actual domain name data included in the header at a server receiving the electronic communication from a communication client;
  
  parsing the header to obtain purported sender data included in the header of the electronic communication;
  
  comparing the actual domain name data and purported sender data; and
  
  generating in response to the investigation an authenticity indicator, to provide a recipient of the electronic communication with an indication of the likelihood that the electronic communication was sent from a purported sender of the electronic communication.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The machine-readable medium of claim 9, wherein parsing the header to obtain purported sender data includes:
    - parsing the header to obtain purported sender domain name data in a “
      
      FROM;
      
      ”
      
      field populated at the communication client, the purported sender domain name data being visible to a recipient of the electronic communication.
  - 11. The machine-readable medium of claim 9, wherein parsing the header to obtain purported sender data includes:
    - parsing the header to obtain a purported IP Address of an originator of the electronic communication;
      
      interrogating a Domain Name Server (DNS) with the actual domain name data to obtain an associated IP address of an actual domain name;
      
      comparing the associated IP address with the purported IP address; and
      
      generating the authenticity indicator in response to the comparison.
  - 12. The machine-readable medium of claim 9, wherein the instructions are executed in conjunction with virus protection software.
  - 13. The machine-readable medium of claim 9, wherein the header of the electronic communication includes a visible communication header which is visible to the recipient when opening the electronic communication, and a transmission data communication header including received data included by at least one server via which the electronic communication is communicated, the method including investigating data in both the visible and transmission data communication headers.
  - 14. The machine-readable medium of claim 9, wherein parsing in the header to obtain purported domain name data includes:
    - parsing the header to obtain domain name data of each server via which the electronic communication has been communicated;
      
      comparing the domain name data of each server with reference domain name data; and
      
      generating the authenticity indicator in response to the comparison.
  - 15. The machine-readable medium of claim 14, wherein the reference domain name data includes domain names associated with spoofed electronic communication, the method including updating the reference domain name data in an automated fashion.
  - 16. The machine-readable medium of claim 15, wherein the reference domain name data is stored on a client machine, the method including:
    - connecting the client machine to a remote database of reference domain name data;
      
      downloading updated reference domain name data; and
      
      storing the reference domain name data on the client machine.

17. A communication server for authenticating electronic communication communicated between the communication server and at least one client device, the communication server including:
- a memory which includes a set of instructions which, when executed by a processor, cause the processor to;
  
  parse a “
  
  received”
  
  field of a header of the electronic communication to identify actual domain name data included in the header at a server receiving the electronic communication from a communication client;
  
  parse the header to obtain purported sender data included in the header of the electronic communication;
  
  compare the actual domain name data and purported sender data; and
  
  generate in response to the comparison an authenticity indicator, to provide a recipient of the electronic communication with an indication of the likelihood that the electronic communication was sent from a purported sender of the electronic communication.
- View Dependent Claims (18, 19, 20)
- - 18. The communication server of claim 17, in which the processor:
    - parses the header to obtain purported sender domain name data in a “
      
      FROM;
      
      ”
      
      field populated at a communication client, the purported sender domain name data being visible to a recipient of the electronic communication.
  - 19. The communication server of claim 17, in which the processor:
    - parses the header to obtain a purported IP Address of an originator of the electronic communication;
      
      interrogates a Domain Name Server (DNS) with the actual domain name data to obtain an associated IP address of the actual domain name;
      
      compares the associated IP address with the purported IP address; and
      
      generates the authenticity indicator in response to the comparison.
  - 20. The communication server of claim 17, in which the processor:
    - parses the header to obtain domain name data of each server via which the electronic communication has been communicated;
      
      compares the domain name data of each server with reference domain name data; and
      
      generates the authenticity indicator in response to the comparison.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
eBay Inc.
Original Assignee
eBay Inc.
Inventors
Abbott, Marty, Sanford, Kirk, Lalonde, Chris, Isaacs, Greg

Granted Patent

US 8,078,683 B2
Time in Patent Office

Days
Field of Search
US Class Current

709/206
CPC Class Codes

G06Q 10/107   Computer-aided management o...

H04L 51/212   using filtering or selectiv...

H04L 51/48   Message addressing, e.g. ad...

H04L 61/4555   Directories for electronic ...

H04L 63/126   the source of the received ...

H04L 63/1416   Event detection, e.g. attac...

H04L 63/1466   Active attacks involving in...

H04L 63/1483   service impersonation, e.g....

METHOD AND APPARATUS FOR AUTHENTICATING ELECTRONIC COMMUNICATION

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

44 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND APPARATUS FOR AUTHENTICATING ELECTRONIC COMMUNICATION

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

44 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links