METHOD AND SYSTEM FOR PROTECTION AGAINST INFORMATION STEALING SOFTWARE
First Claim
1. A system for controlling dissemination of sensitive information over an electronic network to an electronic device on the Internet, the system comprising:
- an electronic hardware processor configured to execute computer instructions, wherein the computer instructions implement a traffic analyzer, the traffic analyzer in communication with the electronic network and configured to;
detect an electronic message on the electronic network, the electronic message including a password and destined for the electronic device on the Internet,determine a strength of the password based on one or more of a length of the password and an entropy score of the password,determine a sensitivity of information protected by the password based on the strength, wherein the sensitivity is positively correlated with the strength of the password such that a stronger password results in a determination of higher sensitivity and a weaker password results in a determination of lower sensitivity,determine a risk level based at least in part on a category of content at the electronic device and the sensitivity of the information protected by the password,determine a required action in response to the risk level, wherein the required action includes one or more of blocking, quarantining, or alerting, andblock the electronic message destined for the electronic device and including the password in response to the required action including blocking.
9 Assignments
0 Petitions
Accused Products
Abstract
A system and method for identifying infection of unwanted software on an electronic device is disclosed. A software agent configured to generate a bait and is installed on the electronic device. The bait can simulate a situation in which the user performs a login session and submits personal information or it may just contain artificial sensitive information. Parameters may be inserted into the bait such as the identity of the electronic device that the bait is installed upon. The output of the electronic device is monitored and analyzed for attempts of transmitting the bait. The output is analyzed by correlating the output with the bait and can be done by comparing information about the bait with the traffic over a computer network in order to decide about the existence and the location of unwanted software. Furthermore, it is possible to store information about the bait in a database and then compare information about a user with the information in the database in order to determine if the electronic device that transmitted the bait contains unwanted software.
-
Citations
20 Claims
-
1. A system for controlling dissemination of sensitive information over an electronic network to an electronic device on the Internet, the system comprising:
an electronic hardware processor configured to execute computer instructions, wherein the computer instructions implement a traffic analyzer, the traffic analyzer in communication with the electronic network and configured to; detect an electronic message on the electronic network, the electronic message including a password and destined for the electronic device on the Internet, determine a strength of the password based on one or more of a length of the password and an entropy score of the password, determine a sensitivity of information protected by the password based on the strength, wherein the sensitivity is positively correlated with the strength of the password such that a stronger password results in a determination of higher sensitivity and a weaker password results in a determination of lower sensitivity, determine a risk level based at least in part on a category of content at the electronic device and the sensitivity of the information protected by the password, determine a required action in response to the risk level, wherein the required action includes one or more of blocking, quarantining, or alerting, and block the electronic message destined for the electronic device and including the password in response to the required action including blocking. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
11. A computer-implemented method of controlling dissemination of sensitive information over an electronic network to an electronic device on the Internet, the method comprising
analyzing, via an electronic hardware processor, traffic on the electronic network to detect an electronic message including a password and destined for the electronic device on the Internet; -
determining, via the electronic hardware processor a strength of the password based on one or more of a length of the password, and an entropy score of the password; determining, via the electronic hardware processor, a sensitivity of information protected by the password based on the strength of the password, wherein the determined sensitivity is positively correlated with the strength of the password such that a stronger password results in a determination of higher sensitivity and a weaker password results in a determination of lower sensitivity; determining, via the electronic hardware processor, a risk level incurred if the password leaves the electronic network and is passed to the electronic device based at least in part on a category of content at the electronic device and the sensitivity of information protected by the password; determining, via the electronic hardware processor, a required action based on the determined risk level, wherein the required action includes one or more of blocking, quarantining, or alerting; and blocking, via the electronic hardware processor, the electronic message destined for the electronic device and including the password in response to the determined required action including blocking. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification