Simplified communication of a reputation score for an entity
First Claim
1. A computer implemented method for communicating an entity'"'"'s reputation to a user, the method comprising:
- determining hygiene scores associated with a plurality of clients, the hygiene scores representing assessments of trustworthiness of the clients and determined based on frequencies of malware detections on the clients;
receiving a notification that one of the plurality of clients encountered an entity, wherein the entity comprises a file, a program, or a website;
identifying a set of trustworthy clients based on the hygiene scores of the clients, a trustworthy client having a hygiene score indicating at least a threshold level of trustworthiness;
calculating a reputation score for the entity, the reputation score comprising a measure of a ratio of trustworthy clients that have used the entity to all clients that have used the entity, wherein the reputation score represents an assessment of whether the entity is malicious; and
presenting the reputation score on the client that encountered the entity, the reputation score accompanied by a message indicating that the reputation score is based on other clients deemed trustworthy.
2 Assignments
0 Petitions
Accused Products
Abstract
A reputation server is coupled to multiple clients via a network. A security module in each client monitors client encounters with entities such as files, programs, and websites, and then computes a hygiene score based on the monitoring. The hygiene scores are then provided to the reputation server, which computes reputation scores for the entities based on the clients'"'"' hygiene scores and the interactions between the clients and the entity. When a particular client encounters an entity, the security module obtains a reputation score for the entity from the reputation server. The reputation score may comprises a statistical measure based on a number of other trustworthy or “good hygiene” clients that have a hygiene score above a threshold. The client communicates this reputation score to a user with a message indicating that the reputation score is based on other clients deemed trustworthy.
83 Citations
22 Claims
-
1. A computer implemented method for communicating an entity'"'"'s reputation to a user, the method comprising:
-
determining hygiene scores associated with a plurality of clients, the hygiene scores representing assessments of trustworthiness of the clients and determined based on frequencies of malware detections on the clients; receiving a notification that one of the plurality of clients encountered an entity, wherein the entity comprises a file, a program, or a website; identifying a set of trustworthy clients based on the hygiene scores of the clients, a trustworthy client having a hygiene score indicating at least a threshold level of trustworthiness; calculating a reputation score for the entity, the reputation score comprising a measure of a ratio of trustworthy clients that have used the entity to all clients that have used the entity, wherein the reputation score represents an assessment of whether the entity is malicious; and presenting the reputation score on the client that encountered the entity, the reputation score accompanied by a message indicating that the reputation score is based on other clients deemed trustworthy. - View Dependent Claims (2, 3, 4, 5, 21)
-
-
6. A computer implemented method for communicating a reputation of an entity to a user, the method comprising:
-
encountering an entity at a client, wherein the entity comprises a file, a program, or a website; receiving a reputation score that represents an assessment of whether the entity is malicious, the reputation score comprising a measure of a ratio of trustworthy clients that have used the entity to all clients that have used the entity, wherein a trustworthy client is a client that has a hygiene score above a threshold, a hygiene score representing an assessment of trustworthiness of the client and determined based on a frequency of malware detections on the client; communicating the reputation score via an output device of the client; and communicating a message indicating that the reputation score is based on other clients deemed trustworthy. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A computer program product for communicating an entity'"'"'s reputation to a user, the computer program product comprising a non-transitory computer-readable storage medium containing computer program code for:
-
determining hygiene scores associated with a plurality of clients, the hygiene scores representing assessments of trustworthiness of the clients and determined based on frequencies of malware detections on the clients; receiving a notification that one of the plurality of clients encountered an entity, wherein the entity comprises a file, a program, or a website; determining a set of trustworthy clients based on the hygiene scores of the clients, a trustworthy client having a hygiene score indicating at least a threshold level of trustworthiness; calculating a reputation score for the entity, the calculated reputation score comprising a measure of a ratio of trustworthy clients that have used the entity to all clients that have used the entity, wherein the reputation score represents an assessment of whether the entity is malicious; and presenting the reputation score on the client that encountered the entity, the reputation score accompanied by a message indicating that the reputation score is based on other clients deemed trustworthy. - View Dependent Claims (12, 13, 14, 15, 22)
-
-
16. A computer program product for communicating a reputation of an entity to a user, the computer program product comprising a non-transitory computer-readable storage medium containing computer program code for:
-
encountering an entity at a client, wherein the entity comprises a file, a program, or a website; receiving a reputation score that represents an assessment of whether the entity is malicious, the reputation score comprising a measure of a ratio of trustworthy clients that have used the entity to all clients that have used the entity, wherein a trustworthy client is a client that has a hygiene score above a threshold, a hygiene score representing an assessment of trustworthiness of the client and determined based on a frequency of malware detections on the client; communicating the reputation score via an output device of the client; and communicating a message indicating that the reputation score is based on other clients deemed trustworthy. - View Dependent Claims (17, 18, 19, 20)
-
Specification